06 30 410 1210
Privacy Policy
Valid from October 15, 2021
This Data Management Notice expresses the non-binary polyhistor site's firm commitment to privacy rights and data protection. The non-binary polyhistor site (Singer Edina, hereinafter: Data Controller) handles the personal data in its possession with the greatest possible care, in accordance with this Data Management Notice, the provisions of the Basic Law of Hungary, CXII of 2011 on the right to self-determination of information and freedom of information. Act (hereinafter: Info tv.) and in accordance with the provisions of General Data Protection Regulation (EU) 2016/679 (April 27, 2016) of the European Parliament and of the Council (hereinafter GDPR).
1. DATA OF THE DATA CONTROLLER
Name of the data controller: Singer Edina ev
The head office of the data controller is: 1204 Budapest, Vécsey utca 77.
The e-mail address of the data controller is: eddie@anembinarispolihisztor.space
2. CUSTOMER SERVICE OF THE DATA CONTROLLER
The Data Controller maintains contact with its customers and interested parties primarily electronically, through the contact forms on our websites, and by e-mail.
Based on Article 37 of the GDPR, the Data Controller is not obliged to appoint a data protection officer, the data controller is an individual entrepreneur, so you can inquire about data management at his contact (e-mail: eddie@anembinarispolihisztor.space ).
3. VALIDITY OF THE DATA MANAGEMENT INFORMATION
This Data Management Notice applies to all activities and work processes of the Data Controller and to all websites operated by the Data Controller, primarily, but not exclusively, to the website available at https://anembinarispolihisztor.space.
4. PHYSICAL LOCATION OF DATA STORAGE
The Data Controller stores all personal data in the high-security cloud systems of the Data Processors listed in point 5. The Data Controller does not store personal data on its own computers, mobile phones or mobile data carriers. The Data Controller does everything in its power to check the data management of the Data Processors connected to it and to request information in this regard.
5. DATA PROCESSORS
When handling personal data, the Data Controller uses the services of the following Data Processors:
Hosting provider:
Wix.Com Ltd.
Headquarters: 40 Namal Tel-Aviv st., Tel Aviv 6350671 Israel
Tax number: EU442008451
The legal basis for data management: the express consent of the data subject (actively, by ticking the relevant checkbox).
Scope of transmitted data: IP address, name, e-mail address of the person concerned.
The purpose of the data transmission is to provide a server service, among other things, for the purpose of data storage (in the case of blog notifications, requests for proposals).
Duration of data management: until the data subject unsubscribes or until he requests the deletion of his data.
Website statistical software operator:
Google Computer Services Limited Liability Company
(Google Information Technology Services Limited Liability Company)
Headquarters: 1023 Budapest, Árpád fejedelem útja 26-28.
Company registration number: 01-09-861726
Tax number: 13561677-2-41
The legal basis for data management: the legitimate interest of the Data Controller.
The range of transmitted data: the IP address of the data subject, the time and duration of the visit, the list of subpages visited, the operating system used by the data subject, the type of browser, the screen resolution.
The purpose of the data transmission is to perform statistical analyses, thereby checking and improving the quality of the Data Controller's services.
Duration of data management: 2 years.
Comment. Statistical data collection and analysis is done using a service called Google Analytics. The Data Controller and Data Processor do not identify the data obtained during the visit to the websites with specific persons, i.e. the data can only be analyzed en masse, in this sense completely anonymously.
Detailed information on the operation of Google Analytics is available on the following website:
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
Comments, blog post likes, own posts:
When submitting a comment to a blog post, in addition to what is provided in the comment form, the commenter's IP address and browser identification string are collected in order to filter out unsolicited content.
After the comment is accepted, the content of the comment and, in the case of a registered user, the profile picture corresponding to the e-mail address will also be publicly displayed.
The comments are displayed through the wix system. If the user registers, the legal basis for data management is his prior consent.
Webshop:
The legal basis for data management: the express consent of the data subject (actively by making a purchase and ticking the appropriate checkbox).
The range of transmitted data: IP address, name, e-mail address, shipping and billing address, and possibly telephone number of the data subject.
The purpose of data management: the possibility of fulfilling an order.
Duration of data management: if the customer does not register, the duration of the purchase, in case of registration, the comments are valid, the data is stored until unsubscribe or cancellation of registration.
The webshop redirects to PayPal, bank card data is not stored.
6. DATA MANAGEMENT, DATA STORAGE, BACKUP
6.1. The provision of personal data is voluntary. Signing up for blog alerts and marketing newsletters is done using a double confirmation (so-called double opt-in) system, i.e. until the person concerned clicks on the so-called confirmation link sent to the e-mail address provided when the subscription was initiated, the data provided is only temporarily stored by the Data Controller. If the person concerned does not click on the confirmation link, the data will be automatically deleted by the software after three days.
6.2. The Data Controller manages and stores the provided personal data in accordance with the law, and will not, under any circumstances, pass it on to a third party or business company, apart from the Data Processors specified in point 5. The Data Processors regularly create and store backup copies of the data (due to technical necessity).
6.3. You can unsubscribe from blog notifications and marketing newsletters at any time by clicking on the unsubscribe link in the bottom lines of any electronic mail sent by the Data Controller. Data modification can be requested by the data subject by clicking on the data modification link or by indicating the data modification request to the e-mail address of the Data Controller.
6.4. The data controller does not check the veracity of the data provided by the data subject.
6.5. The Data Controller does not perform profiling on the basis of the behavior and interests of its interested parties, customers, visitors, subscribers or requestors of the websites it operates, or other data provided by them, and does not apply automatic offer creation, classification or decision-making.
6.6. The Data Controller does not aim to identify visitors to the websites, and does not take any steps to do so.
6.7. Those concerned can use the Data Controller's services without subscribing to a marketing newsletter.
7. RIGHTS OF THE DATA SUBJECT
The data subject may request information about the management of his personal data, and may request the correction of his personal data, or - with the exception of mandatory data processing - deletion or withdrawal, he may exercise his right to data portability and protest as indicated when the data was recorded, or at the contact details of the Data Controller specified in point 1.
7.1. Right to information
The Data Controller takes appropriate measures in order to provide the data subject with all the information referred to in Articles 13 and 14 of the GDPR regarding the processing of personal data, and Articles 15-22. and provide each piece of information according to Article 34 in a concise, transparent, comprehensible and easily accessible form, clearly and comprehensibly worded.
The Data Controller shall provide information within 14 days (but no later than 1 month) of the submission of the request.
Information is provided free of charge, unless the data subject has already submitted an information request for the same data in the current year. The Data Controller will refund the reimbursement already paid by the data subject in the event that the data was handled unlawfully or the request for information led to a correction.
The Data Controller may refuse to provide information only in cases provided for by law by indicating the legal place, as well as by providing information about the possibility of judicial redress or turning to the Authority.
The Data Controller shall notify the data subject of the correction, blocking, marking and deletion of personal data, as well as all those to whom the data was previously transmitted for the purpose of data management, unless the failure to notify does not harm the legitimate interests of the data subject.
7.2. Right to access data
The data subject has the right to receive feedback from the Data Controller as to whether his personal data is being processed, and if such data processing is in progress, he is entitled to access the personal data and the following information:
• the purposes of data management;
• categories of personal data concerned;
• the recipients or categories of recipients to whom or to whom the personal data has been or will be communicated, including in particular recipients in third countries and international organizations;
• the planned period of storage of personal data;
• the right to rectification, deletion or limitation of data processing and the right to protest;
• the right to submit a complaint to the supervisory authority;
• information about data sources;
• the fact of automated decision-making, including profiling, as well as comprehensible information about the applied logic and the significance of such data management and the expected consequences for the data subject.
The Data Controller shall provide information on the above within a maximum of one month from the date of submission of the request by the data subject.
7.3. Right to rectification of data
The data subject may request the correction of inaccurate personal data managed by the Data Controller or the addition of incomplete data.
The data subject can modify or supplement the data independently by clicking on the link to the data modification form in the e-mail sent by the Data Controller, or request the Data Controller to do so by sending an electronic mail to the central e-mail address (eddie@anembinarispolihisztor.space).
7.4. The right to delete data
The data subject has the right to request that the Data Controller delete personal data relating to him without undue delay, if one of the following reasons exists:
• the personal data are no longer needed for the purpose for which they were collected or otherwise processed;
• the data subject withdraws the consent that forms the basis of the data management, and there is no other legal basis for the data management;
• the data subject objects to data processing and there is no overriding legal reason for data processing;
• personal data were handled illegally;
• personal data must be deleted in order to fulfill the legal obligation prescribed by EU or member state law applicable to the Data Controller;
• the collection of personal data took place in connection with the offering of services related to the information society.
Data deletion cannot be initiated if data management is necessary:
• for the purpose of exercising the right to freedom of expression and information;
• for the purpose of fulfilling the obligation under EU or member state law applicable to the Data Controller, which requires the processing of personal data;
• for the purpose of performing a task in the public interest or in the exercise of a public authority granted to the Data Controller;
• affecting the field of public health, or for archival, scientific and historical research purposes, or for statistical purposes, based on public interest;
• to present, enforce and defend legal claims.
The Data Controller will register the withdrawal of consent within 14 days.
In order to fulfill its legal obligations or assert its legitimate interests, the Data Controller may process certain data even after the withdrawal of consent.
Explanatory note. In practice, the following happens: if the data subject requests the deletion of their data for a blog notification or marketing newsletter and clicks on the unsubscribe link in an e-mail, the computer operation that deletes the data subject's data from the blog notification or newsletter management software is immediately performed. So the request is executed immediately, you don't have to wait 14 days. However, data cannot be deleted in the case of data that the Data Controller is legally obliged to store (purchases, payments, invoices for 8 years).
7.5. The right to limit and withdraw data processing
At the request of the data subject, the Data Controller restricts data processing if one of the following conditions is met:
• the data subject disputes the accuracy of the personal data – in this case, the restriction applies to the period that allows the accuracy of the personal data to be verified;
• the data processing is illegal, but the data subject opposes the deletion of the data and instead requests the restriction of its use;
• the Data Controller no longer needs the personal data for the purpose of data management, but the data subject requires them to submit, enforce or defend legal claims;
• the data subject has objected to data processing – in this case, the restriction applies to the period until it is determined whether the legitimate reasons of the data controller take precedence over the legitimate reasons of the data subject.
If data management is subject to restrictions, personal data may only be processed with the consent of the data subject, with the exception of storage, or to submit, enforce or defend legal claims, or to protect the rights of another natural or legal person, or in the important public interest of the Union or a member state.
7.6. Right to data portability
The data subject has the right to receive the personal data concerning him/her provided to the Data Controller in a segmented, widely used, machine-readable format, and to forward this data to another data controller.
At the request of the data subject, the Data Controller will send the data it handles to the data subject in PDF and/or CSV format. The request can be submitted by the person concerned by electronic mail sent to the central e-mail address of the Data Controller (eddie@anembinarispolihisztor.space).
7.7. The right to protest
The data subject has the right to object at any time for reasons related to his/her own situation to the processing of his/her personal data necessary for the performance of a task carried out in the public interest or within the framework of the exercise of public authority granted to the Data Controller, or the processing necessary to enforce the legitimate interests of the Data Controller or a third party, including profiling based on the aforementioned provisions too.
In the event of a protest, the Data Controller may no longer process the personal data, unless it is justified by compelling legitimate reasons that take precedence over the interests, rights and freedoms of the data subject, or that are related to the submission, enforcement or defense of legal claims.
If the data subject objects to the handling of his personal data, the Data Controller will examine the objection within 14 days (but no later than 1 month) of the submission of the request and inform the data subject in writing of his decision. If the Data Controller decides that the data subject's objection is well-founded, in that case the Data Controller will terminate the data processing - including further data collection and data transmission - and block the data, as well as notify all those to whom the objection was made, as well as the measures taken based on it previously transmitted personal data affected by protest, and who are obliged to take measures to enforce the right to protest.
The Data Controller refuses to comply with the request if it proves that the data processing is justified by compelling legitimate reasons that take precedence over the interests, rights and freedoms of the data subject, or that are related to the presentation, enforcement or defense of legal claims. If the data subject does not agree with the decision, or if the Data Controller misses the deadline, he or she may apply to the relevant court within 30 days from the notification of the decision or the last day of the deadline.
Comment. If you encounter any problems, please contact us by email (eddie@anembinarispolihisztor.space) or by registered mail with return receipt requested to our registered office and we will do our best to solve the problem immediately.
7.8. The right to go to court
In the event of a violation of their rights, the data subject may apply to the court against the Data Controller. The court acts out of sequence in the case.
Adjudication of data protection lawsuits falls under the jurisdiction of the court, the lawsuit can be initiated - at the choice of the data subject - before the court of the residence or place of residence of the data subject. A foreign citizen can also file a complaint with the competent supervisory authority according to his place of residence.
Comment. Before filing a complaint with a court or supervisory authority, please contact us by e-mail (eddie@anembinarispolihisztor.space) or by registered mail with return receipt requested to our headquarters, in order to negotiate and resolve the problem as quickly as possible.
7.9. Right to complain
You can use the possibility of legal redress and a complaint with the supervisory authority:
National Data Protection and Freedom of Information Authority
Headquarters: 1125 Budapest Szilágyi Erzsébet fasor 22/c.
Postal address: 1530 Budapest, Pf.: 5.
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
e-mail: ugyfelszolgalat@naih.hu
Website: https://naih.hu
More information: https://naih.hu/panaszuegyintezes-rendje.html
8. SENDING AND RECEIVING MESSAGES WITH ADVERTISING (MARKETING PURPOSES)
The data subject can give his consent to the Data Controller using his personal data for marketing purposes by making a statement when subscribing to the blog newsletter or newsletter, or later, by changing his personal data stored on the newsletter and/or direct marketing registration interface, i.e. by clearly declaring his intention.
In this case, XLVIII of 2008 on the basic conditions and certain limitations of economic advertising activity. Act (Grtv.) § 6. based on - until consent is revoked - the Data Controller also processes the data subject's data for the purpose of direct marketing and/or sending newsletters, and sends the data subject mailings containing advertising, as well as information and offers, and/or forwards a newsletter.
The data subject can give his/her consent to direct marketing and the newsletter together or separately, and withdraw it(s) free of charge and at any time.
Cancellation of subscription (so-called "unsubscribe") is considered by the Data Controller to be a withdrawal of consent in all cases. At the same time, the Data Controller does not interpret withdrawal of consent to data processing for direct marketing and/or newsletter purposes as withdrawal of consent to data processing in general.
9. USE OF COOKIES ON THE WEBSITES OF THE DATA PROCESSOR
Cookies are small data files (hereinafter: cookies) that are transferred to the visitor's computer through the use of the website in order to provide customized service, in such a way that they are saved and stored by the visitor's Internet browser, and then read back during the subsequent visit.
If the browser returns a previously saved cookie, the cookie management service provider has the opportunity to connect the user's current visit with previous ones, but only with regard to its own content.
The general tasks of cookies:
• collect information about visitors and their devices;
• they remember the individual settings of the visitors, which are (may) be used, for example, when using online transactions, so they do not have to be typed in again;
• facilitate the use of the website;
• provide a quality user experience.
The majority of the most commonly used Internet browsers (Chrome, Firefox, Internet Explorer, Safari, Edge, Opera, etc.) accept and enable the download and use of cookies as a default setting. The website visitor can refuse or block these by changing the browser settings. The user can also delete the cookies already stored on the computer.
There are cookies that do not require the prior consent of the visitor (for example, authenticator, multimedia player, load balancer, session cookies that help customize the user interface, and user-oriented security cookies).
When the website is opened, i.e. at the start of the first visit, the websites provide brief information about both cookies that do not require consent and those that require consent (if data management already begins with the visit of the page) and ask for the user's consent to the use of cookies.
The Data Controller does not use or allow cookies that can be used by third parties or companies to collect data without the data subject's consent.
The acceptance of cookies is not mandatory, however, the Data Manager does not assume responsibility for the fact that, if cookies are not enabled, the web pages may not function as expected.
The "help" menu item of each browser provides more information about the use of cookies, but we have also collected them here:
Chrome: https://support.google.com/accounts/answer/61416?hl=en
Firefox: https://support.mozilla.org/hu/kb/sutik-informacio-amelyet-weboldalak-tarolnak-szami
Internet Explorer:
Safari: https://support.apple.com/kb/PH21411?viewlocale=en_US&locale=en_US
Edge: https://support.microsoft.com/hu-hu/help/10607/microsoft-edge-view-deletebrowser-history
Opera: http://help.opera.com/Windows/10.20/hu/cookies.html
System cookies (so-called "Absolutely Necessary Cookies")
Legal basis: does not require consent.
Description: the purpose of cookies is to enable visitors to fully and smoothly browse the Data Controller's website, use its functions and the services available there. The validity period of this type of cookie lasts until the end of the session (browsing), when the browser is closed, this type of cookie is automatically deleted from the computer or other device used for browsing.
The purpose of data management is to improve the user experience.
Duration: browser session.
Statistical (third-party) cookies
Legal basis: the express consent of the data subject (actively, by turning on the relevant switch).
Description: the Data Controller also uses Google Analytics cookies as a third party on its websites. Google Analytics collects information about how visitors use the website by using a service for statistical purposes. The data is used for the purpose of developing the website and improving the user experience. These cookies remain on the visitor's computer or other device used for browsing, in their browser until they expire or until the visitor deletes them.
The purpose of data management is to improve the user experience.
Duration: maximum 180 days.
You can read more about third-party cookies here: https://www.google.com/policies/technologies/types/
You can read more about Google Analytics data protection here: https://www.google.com/analytics/learn/privacy.html?hl=hu
10. OTHER DATA MANAGEMENT ISSUES
The Data Controller may transmit the data subject's data only within the framework defined by law, and in the case of the Data Processors, by stipulating contractual conditions, it ensures that they cannot use the data subject's personal data for purposes contrary to the consent of the data subject.
The court, the prosecutor's office, the police, the National Tax and Customs Office, the National Data Protection and Freedom of Information Authority may contact the Data Controller for the purpose of providing information, communicating data or making documents available. In these cases, the Data Controller must fulfill its obligation to provide data, but only to the extent absolutely necessary to achieve the purpose of the request.
The Data Controller's collaborators and employees involved in data management and/or data processing are entitled to access the personal data of the data subject to a predetermined extent - under the burden of confidentiality.
The Data Controller protects the data subject's personal data with appropriate technical and other measures, ensures the security and availability of the data, and protects them from unauthorized access, alteration, damage, disclosure, and any other unauthorized use.
The Data Controller does everything possible to make the processes as secure as possible, however, due to the current computing conditions, it cannot assume full responsibility for data transmission via websites. The Data Controller adheres to strict regulations in order to protect the data subject's data and prevent illegal access.
Note: We would like to draw your attention to the fact that, despite all measures, data transmission over the Internet cannot be considered completely secure data transmission. Regarding security issues, we ask for your help in carefully guarding your access and password and not sharing the password with anyone. We also ask for your cooperation in using a computer that you have ensured is free of viruses when using our web pages.
Budapest, October 15, 2021.