Data Protection and Privacy Policy

The purpose of this regulation

The purpose of this regulation is to express the data protection and privacy policies that Zelenák Adrián (”ECOIZM”) self employed entrepreneur uses, and the data protection and privacy policy  that ECOIZM is bound by.

While establishing the present rules, ECOIZM took into account in particular the Hungarian Act CXII of 2011 on Informational Self-determination and Freedom of Information, the Act CXIX of 1995 on the Use of Name and Address Information Serving the Purpose of Research and Direct Marketing, the Act VI of 1998 Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data of Strasbourg 28 January 1981, the Act XLVIII of 2008 on the Essential Conditions and Certain Limitations of Business Advertising Activity and the recommendations of "ONLINE PRIVACY ALLIANCE".


The purpose of the present document is to ensure all rights and fundamental freedoms especially the right for privacy while automatic processing of personal data for every individual regardless to their their nationality or residence, in all areas of service provided by ECOIZM.


The privacy protection registration number of ECOIZM: NAIH-65418/2013.

Definitions:

Personal data: data that can be associated with a natural person (concerned person), especially the concerned person's name, identification number, and one or more physical, mental, economic, cultural or social attribute, or conculsion that can be derived from the data. Personal data remains its quality until the connection with the concerned person can be restored;

Data records: all registered data;

Data management: any operation or set of operations on the data regardless to method, especially to collect, record, organizie, store, use, change, transfer, query, disclosure, match, interconnect, block, delete, or destruct personal data, and preventing personal data to use any further;

Data manager: ECOIZM (headquarters: 58 Budapest Street 8200 Veszprém, Hungary);

Data processing: making technical tasks related to data management operations, regardless to the applied method or means, assuming that the technical tasks are performed on the data;

Data destruction: the total physical destruction of the data carrier that stores the data;

Data transmission: making Personal data accessible for a third party;

Disclosure: making personal data accessible to anyone;

Data processor: the natural person or legal entity, or organization that isn't a legal entity, who or what processes the personal data on behalf of the data manager;

Deletion of data: making the data unrecognizable in a way that it cannot be restored anymore;

Automated data records: the data that is processed automatically;

Automatic processing: the following operations if they are performed partially or fully with automated means: data storage, logical or arithmetic operations on the data, changing the data, deletion, searching and spreading data;

User: the natural person who registers on the website of ECOIZM (www.ecoizm.com).


The scope of the handled Personal data


The data that the User can decide to provide: email address, phone number, name, address or place of residence, the product category that the User chose from, the payment method of the User, value of purchased items, the identification number of the User in the loyalty program.

Data to be recorded technically through the working of the system: the data from the computer where the User logs in, that is generated while using the service, and that the system of the Data manager stores automatically as a result of technical processes. The automated data records are logged automatically when logging in and logging out without asking for permission from the User. This data cannot be connected to personal data - except when it is legally mandatory. Only the Data manager can access this data.

ECOIZM places a small piece of data called a cookie on the User's computer for customized service. The purpose of the cookie is to provide the best User experience and improve the working of the site. The User can delete the cookie from the computer, or can set the browser to disable the application of the cookies. By disabling the application of the cookies, the User acknowledges that the working of the site isn't complete.

Legal basis, purpose and method of the Data management

The Data management is based on the voluntary and informed declaration of the Users of the internet content of ecoizm.com, that declaration contains the permission of the users that their provided Personal data will be recorded. The legal basis of  the data management is in the Hungarian Act CXII of 2011 on Informational Self-determination and Freedom of Information,  according to Section 5 subsection (1). a) the concerned person's voluntary permission.


The purpose of the Data management is to provide the services that are accessible on the ecoizm.com URL. The scope of Personal data to access these services can be found at the description of related services.

The purpose of automated data records (see at section III.2.) is to provide services through the website of ECOIZM, display customized content and ads, creating statistics, developing IT systems, protecting the rights of the users. The Data manager can use the data that has been provided by the user by using the services to create user groups, and to offer targeted content/ads for the user groups.


The Data manager cannot use the Personal data for purposes other than the above mentioned. Disclosing Personal data to third parties or authorities - unless the law legally binds otherwise - is only possible in case of the User's previous explicit permission.

The Data manager does not check the given Personal data. Only the providing person is responsible for the authenticity of the data. Every user providing an email address is responsible to use the service himself from that address. Every responsibility of the actions related to logging in with a user is on the user who registered the email address.

Principles of data management

Personal data has to be acquired and processed fairly and legally.

Personal data has to be stored for specified time and legal purpose, and cannot be used otherwise.

Personal data has to be stored in a way so it can identify the user only for a time that is necessary for the purpose of the storage.

Safety measures have to be made to protect Personal data in automated data records, to prevent accidental or illegal data destruction, and illegal access, modification or spread of the data.

The Privacy Policy of ECOIZM

The Personal data that is absolutely neccessary to access the services of ECOIZM is stored by permission of the concerned person, and only for the given purpose.

ECOIZM as a Data manager guarantees to use the acquired Personal data according to principles of present document and the regulations of the Hungarian Information Act, and does not give access to third parties.

With regards to the transfer of data, the cases mentioned below are exempt from the regulations of this section:

using the data statistically aggregated, that cannot contain the concerned person's name or any data in any other form that is making it possible to identify the concerned person.; and

ECOIZM can make the user's data available for third parties in certain cases: official judicial or police requests, and legal procedures about copyright, property, and other infringement or reasonable suspicion of any of these, the prejudice of interest of ECOIZM, endangering the service of ECOIZM etc.

ECOIZM can collect data about the activites of the users, that cannot be connected to the Personal data provided by the users when registering, or with the data generated while using other websites or services.

ECOIZM commits to give a clear, noticable and unequivocal message before recording and handling Personal data of its users, in which ECOIZM informs them about the purpose, method and principles of the data collection. In addition, ECOIZM draws the user's attention that providing the data is voluntary every time when the data recording and handling isn't mandatory by law. When providing the data is mandatory, it has to be pointed out, which law ordained it. The concerned person must be informed about the purpose of the data management, and who will manage and process the Personal data. The information about the Data management is done, if the law regulates the existing Data management.

Every time when ECOIZM wishes to use provided Personal data in a way other than the puporse of the original recording of data, ECOIZM informs the user, and gets the user's prior permission, and makes it possible for the user to prohibit the use of data.

ECOIZM as a Data manager observes to the regulations at all time about the recording and handling of data, and provides information for the concerned person via email as required. ECOIZM commits not to make any sanctions against those users, who refuse to provide non-mandatory data.

ECOIZM commits to make sure the safety of Personal data, and to take the needed technical and organizational actions, and to establish rules that ensure the security of recorded and handled Personal data, and prevents destruction, illegal use and illegal modification. ECOIZM also commits that every third parties whom the data may be transfered will be informed about their commitments in this case.

If the Personal data isn't real, and the real data is available for the Data manager, the Data manager corrects the Personal data.

The Data manager locks the Personal data instead of deleting it upon the the concerned person's request, or if the deletion would harm the legitimate interests of the concerned person according to available information. The locked data can be handled until the Data management purpose is present which excluded the deletion.

The concerned person has to be informed about the correction, locking and deletion of the Personal data, and all those whom the data was transfered for Data management purposes. The information can be ommited if this does not harm the legitimate interests of the concerned person about the purpose of the Data management.

The duration of data management

The data management of the Personal data provided by the User remains until the User unsubscribes from the service with the given username. The time of the deletion is 10 workdays from the unsubscribing (deletion request) of the user. In case of using illicit, deceptive Personal data, if the user commits a crime or attack against the system, the Data manager is entitled to delete the data and the registration of the user, and at the same time is entitled to preserve the data in case of suspicion of crime for the duration of the legal procedures.

The Personal data provided by the User can be stored and handled by ECOIZM, the Data manager, until the User asks for it to stop in writing, even if the User does not unsubscribe from the service. If the User requests to stop the Data management without unsubscribing, it does not affect the User's rights for using the service, but it may occur, that the user cannot use some services due to the lack of Personal data. The deletion of the Personal data is 10 workdays from the arrival of the deletion request.

The automated data records are used from the time of their generation until it is justifiable for the working of the system. ECOIZM ensures that these automated data records cannot be connected to Personal data with the exception of cases when the law makes it mandatory. If the User terminated the permission for the use of the Personal data, or if the User unsubscribed from the service, then the person of the user won't be identifiable based on the technical data.

Provision of personal data

The change in Personal data, or the deletion request of the Personal data can be communicated through the email system of the service with an explicit written declaration. The newsletter can be unsubscribed in the settings of the page, or by clicking on the link at the end of the newsletters.

Some personal data can be modified on the website in the personal profile menu.

After the deletion request was proceeded, the deleted data cannot be restored.

Data processing

ECOIZM does not enlist the services of outer Data processor, it processes the Personal data itself.

Data trasfer possibility

ECOIZM as a Data manager is entitled and bound to transfer any available and legally stored Personal data for the authorities that the law enforces it to. ECOIZM cannot be held responsible for the transfer of this data and the consequences.

If ECOIZM passes the the content service or utilization of ecoizm.com to a third party, then the handled data will be transfered to the third person without permission. This data transfer can only serve the continuity of already registered Users, but cannot put the user in a more disadvantageous position than the present regulation.

ECOIZM registers every data transfer for the verifiability and for the information of the concerned person, that contains the date of the transfer, its legal basis, and the consignee, the scope of the Personal data, and other data that is prescribed in the law.

Updating the Data Protection Policy

ECOIZM reserves the right to change the Data Protection and Privacy Policy any time. Every user has to be informed about the updated Data Protection and Privacy Policy (in a newsletter or pop up window). The user notices the change by using the service further, and no other permission is needed.

The rights of the users about their personal data handled by the data manager

The Users can ask for information in writing about the handling of their Personal data from ECOIZM as a Data manager, by sending a registered letter to the Adress of the Data manager, or an email at info@ecoizm.com. The Data manager deems an inquiry in email authentic, only if it is sent from the registered email address. The inquiry can cover the data handled by the Data manager, those source, the purpose, legal basis and duration of the Data management, and the name and address of the data processors, data trasfer infromations about who and why got the data about the user.

The Data manager is obliged to answer questions about the Data managing, in  the shortest time from receival, but 30 days maximum. In case of email inquiery, the time of the receival is the first workday after sending it.

Enforcement options

The user can enforce its rights according to the Information Act, and the Act  1959. IV. Act before the court, and can ask for help about any Personal data issue from the Hungarian National Authority for Data Protection and Freedom of Information (22/c Szilágyi Erzsébet fasor Budapest 1125; PO box: 1530 Budapest, Pf. 5.). In addition the user can find the collegaue of ECOIZM with any question about Data management on info@ecoizm.com.

 

Veszprém, May 17, 2013

 

 

Information about the web hosting provider of Ecoizm.com:

NetGo.hu Kft.
Office: 13. 2. floor/203. Dózsa György Street Gödöllő, 2100 (Centrum irodaház)

Phone number: +36-28-200-010
Fax: +36-28-416-770
Email: info@netgo.hu
Web: http://www.netgo.hu/

Headquarters and address:
32. 2.. floor/6 Kossuth Street Gödöllő 2100
Tax number: 13618308-2-13
Company registration number: 13-09-105844