Privacy Statement

Privacy Statement

Data Privacy

Marketing Astro Kft. Privacy Statement

Data Privacy

  • Data Controller’s Name: Marketing Astro Limited Liability Company
  • Registered office: build.. 6. floor 3/ apt. 19, Csáktornya park, Budapest, zip code: 1142
  • Registration number: 25149205-2-42

DATA PROCESSORS

By accepting this Privacy Policy, the Data subject expressly consents to the transfer of the following personal data to the recipient specified below:

Data processors

Activecampaign

  • DokDok, Inc
  • 420 rue Guy
  • Montréal, QC H3J 2L2
  • Canada

Mailchimp

  • c/o The Rocket Science
  • Group, LLC
  • 675 Ponce de Leon Ave NE
  • Suite 5000
  • Atlanta, GA 30308
  • MOSS No. EU 826 477 914

SiteGround.com hosting

  • SG Hosting Inc. – Delaware, USA, cím: 901 N. Pitt St, Suite 325, Alexandria 22314 VA, USA,
  • SiteGround Spain S.L. – Spanyolország (CIF: B87194171), cím: Calle de Prim 19, 28004 Madrid, Spain
  • SiteGround Italia Srl. – Olaszország, Adószám: 09659420963, Milan Companies Register, Olazország, cím: Via Agnello 8, Milan 20121, Italy,
  • SiteGround Hosting Ltd. – Anglia és Wales (09348602), cím: 3rd Floor, 11-12 St James’ Square, London, SW1Y 4LB
  • SiteGround Hosting EOOD, – Bulgária UIC 204181297, cím: 8 Racho Petkov Kazandziata str., Sofia, Bulgaria.

Productive.io

  • Infinum Inc
  • 340 S Lemon Ave 9714
  • Walnut, CA 91789
  • USA

WITH REGARD TO DATA PROCESSING THE FOLLOWING RIGHTS SHALL APPLY:

Right to preliminary provision of information

The data subject shall have the right to be informed about the facts and information in relation to data processing prior to the commencement of data processing.

(Regulations nr. 13.  article 14 )

RIGHTS OF ACCESS OF THE CONCERNED

The data subject shall have the right to receive feedback from the Data Controller as to whether their personal data is being processed and, if so, to have access to the personal data and related information specified in the Regulation.

(Regulations artc. 15).

RIGHT OF CORRECTION

The data subject shall have the right to rectify any personal data concerning him or her without undue delay upon his / her request. Having regard to the purpose of data processing, the data subject shall have the right to request that personal data which is incomplete, to be corrected, including by means of a supplementary declaration.

(Regulations artc. 16).

RIGHT TO DELETE

1. The data subject shall have the right to delete the personal data relating to him or her without undue delay upon his / her request and the data controller shall have the right to delete the personal data relating to the data subject without undue delay if any of the grounds specified in the Regulation exist.

(Regulations art.17)

RIGHT TO RESTRICT DATA PROCESSION

The data subject is entitled to request the restriction of the data processing  by Data Controller  if the conditions set out in the Regulations are fulfilled.

(Regulations art.18))

OBLIGATION TO NOTIFY ABOUT THE CORRECTION OR DELETION OF PERSONAL DATA AND THE RESTRICTIONS OF DATA PROCESSING

Unless it proves impossible or requires a disproportionate effort, the Data Controller shall inform all recipients of any rectification, erasure or restriction of data processing with whom or to whom the personal data have been communicated. At the request of the data subject, the Data Controller shall inform him / her about those recipients.

(Regulations art.19)

DATA RIGHTS

Subject to the terms and conditions set forth in the Regulations, the data subject shall have the right to receive the personal data relating to him or her made available to a Data Controller in a structured, widely used, machine-readable format and to transmit such data to another Data Controller without difficulty caused by the Data Controller to whom the data subject provided their personal data in the first place.

(Regulations art. 20)

RIGHT TO OBJECT

The data subject shall have the right to object at any time due to reasons in regard to his / her situation  according to the Regulations  Article 6 (paragraph 1, section e) data processing is necessary for the performance of a task due to public interest data processing or in the practice of his / herauthority as a data controller or section f) to assert the legitimate interests of the Data Controller or a third party.

(Regulations art.21)

AUTOMATED DECISION MAKING IN INDIVIDUAL CASES INCLUDING PROFILING

The data subject shall have the right not to be subject to any decision based solely on automated data management, -including profiling, which would have legal effects or would substantial affects on him / her.

(Regulations art.22)

RESTRICTIONS

EU or Member State law applicable to the Data Controller or the Data Processor may limit the application of Articles 12 to 22 by legislative measures. Articles 34 to 34 and Articles 12 to 22 in accordance with the rights and obligations set NEM ÉRTHETŐ

(Regulations art.23 )

INFORMATION OF THE DATA SUBJECT PARTIES ON DATA PROTECTION INCIDENT

If the data protection incident is likely to present a high risk to the rights and freedom of natural subjects, the Data Controller shall inform the data subject without undue delay of the data incident.

(Regulations art.34)

NOTIFICATION OF THE DATA PROTECTION INCIDENS TO THE SUPERVISORY AUTHORITY

The Data Controller must notify the NAIH without undue delay and, if possible, no later than 72 hours after becoming aware of the Privacy Incident, unless the Privacy Incident is not likely to endanger the rights and freedom of natural subjects.

If the notification is not made within 72 hours, the reasons for the delay must be included.

The Data Processor must notify the Data Controller without undue delay of becoming aware of the incident.

You can report a privacy incident online at:

https://naih.hu/adatvedelmi-incidensbejelent–rendszer.html

INFORMING THE DATA SUBJECT ABOUT A DATA PROTECTION INCIDENT

If the data protection incident is likely to pose a high risk to the rights and freedom of natural subjects, the controller must inform the data subject without undue delay of the data protection incident.

 

The data subject need not be informed if any of the following conditions are met:

(a) the controller has implemented appropriate technical and organizational security measures and has been applied to the data affected by the data protection incident, in particular measures such as the use of encryption which make the data  incomprehensible to unauthorized persons;

(b) the controller has taken further measures following the data protection incident to ensure that the high risk regarding the data subject’s rights and freedom is no longer likely to materialize;

(c) the information would require a disproportionate effort. In such cases, the data subjects shall be informed through publicly available information sources or similar measures shall be taken to ensure that the data subjects are equally effectively informed.

RIGHT TO MAKE COMPLAINTS AT THE SUPERVISORY AUTHORITY (RIGHT TO APPEAL)

The data subject shall have the right to make a complaint at the supervisory authority, in particular in the Member State of his / her habitual residence, place of work or at the state of the alleged infringement, if the data subject considers that the processing of his / her personal data is in breach of the Regulations.

(Regulations art. 77)

RIGHT TO JURISDICTION FOR EFFECTIVE JUDGMENT BEFORE THE SUPERVISORY AUTHORITY

Any natural or legal person shall have the right to an effective judicial remedy against a decision of the supervisory authority which is legally binding on him or her, or if the supervisory authority does not deal with the complaint or informs the person concerned. You may contact the Hungarian National Authority for Data Protection and Freedom of Information with a complaint or for remedy (Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22 / c Postal address: 1530 Budapest, PO Box 5.

Telefon: +36 (1) 391-1400)

(Regulations art. 78)

RIGHTS TO EFFECTIVE REMEDIES AGAINST THE DATA PROCESSOR OR THE DATA CONTROLLER

Any person concerned shall have the right to an effective judicial remedy if he or she considers that his or her rights under this Regulation have been infringed as a result of the non-compliance with this Regulation of the processing of their personal data.

(Regulations art. 79)

If you wish to comment on  any of the above rights, please email us at elod.czako@marketingastro.com or office@marketingastro.com.

WHAT IS OUR DATA MANAGEMENT lLIKE?

We run a software on the company’s website to analyze traffic.  The software does not handle any personal information under the provisions of the IT law, however it  records information about visits. The Company automatically receives information about visitors on the Company’s website, such as the Internet Protocol (IP) address of the visitor, the date of the visit, the details of the pages visited, and the name of the browser used.

Because an IP address may become relative personal information based on the internationally accepted practice of the Hungarian National Authority for Data Protection and Freedom of Information, the Company therefore protects any information that comes to its knowledge in connection with the management of this website, subject to the protection of personal data under this policy.

Therefore, the Company will inform its visitors about the collection of data by publishing these rules on its website.

The legal basis for this data processing is the consent of the data subject [Infotv. Sections 5 (1) (a) and 6 (6)], according to which “at the request of the data subject, the consent of the data subject shall be presumed in respect of any personal data which he or she has submitted.”

  • Purpose of data management: investigation of website traffic habits
  • scope of data handled: visitor’s Internet Protocol (IP) address, time of visit, page views, browser name used, device used
  • legal basis for data management: Infotv. Contribution of the data subject to Section 5 (1) a).
  • data storage deadline: one year after data collection
  • data storage method: electronic

CONTACT REGISTRATION

Visitors may register their contact information on the Company’s website. By filling out the form, the visitor will enter relevant contact information. However, the data subject will only have the opportunity to submit the data if he / she accepts the Company’s Privacy Policy, by ticking the box, otherwise he / she will not be able to complete the registration.

  • Purpose of data management: initiating contact, messaging
  • scope of data managed: name, e-mail address, telephone number of the data subject
  • legal basis for data management: Infotv. data subject’s contribution to Section 5 (1) a)
  • data storage deadline: until the termination of the Company or deletion at the request of the data subject
  • data storage method: electronic

Newsletter-related data management

At the request of the data subject, the Company sends a newsletter about the Company’s promotions, so only those who have registered for this service on the Company’s website or who have personally consented to sending the newsletter will receive the newsletter. As the subscriber can sign up for the newsletter on the website, he / she must accept the privacy policy at the place of subscription. One can do this with a check box.

The Company analyzes the data and user habits of the interested parties in order to personalize the advertisements of its own and its business partners to the users at the contact information they provide

The Company must provide teh option to insubscribe at the bottom of each newsletter.

  • Purpose of data management: to inform the data subjects about the most important news of the Company
  • scope of data managed: name, email address of data subject
  • legal basis for data management: Infotv. 5 (1) (a), the Eker. TV. 13 / A. Of the Companies Act Section 6 (5)
  • data storage deadline: until the end of the newsletter service, but if the data subject requests to delete his / her data (unsubscribe from the newsletter), immediately after his / her request for deletion
  • data storage method: electronic

DATA MANAGEMENT IN THE COMPANY’S OPERATION

Place of data management:

In case of asking for contact: Activecampaign Software, Productive.io, Mailchimp

In case of downloaded content: Siteground.com hosting provider

Customer Register

The Company’s business system records the data of clients and partners.

  • Purpose of data management: keeping in touch with customers and partners to fulfill their ordering needs.
  • scope of data managed: customer’s name, e-mail address, telephone number, home address, purchasing habits
  • legal basis for data management: Infotv. 5 (1) a) of the data subject’s consent.
  • data storage deadline: until termination of the Company or deletion at the request of the data subject
  • data storage method: electronic

The data processors and recipients of any data transfers that may be related to data management are included in this Policy.

CUSTOMER CARE

In order to meet the needs of its customers to the fullest extent possible, the Company will send emails directly to the data subjects for informal bidding and informal purposes based on the prior express and explicit consent of the data subject. The Company shall ensure that the affiliate can unsubscribe from marketing emails at any time free of charge. The Company communicates such information personally or by telephone to its customers.

The Company defines customer management as the enforcement of rights related to the product sold, accounting and the realization of marketing objectives. Customer management thus includes, in particular, the consent that the personal data provided by the data subject may be used for this purpose, in particular to notify about new products, new services of the products previously purchased by the data subject (by email only).

If the data subject requests the deletion of the data , then according to the Act CXIX of 1995 on the Treatment of Name and Address for Research and Direct Business Purposes (hereinafter: Katv.), the Company maintains a prohibition list. The Company undertakes to verify that the person concerned is put on the Prohibitio List it checks if the data subject is on the Prohibition List before advertising to him / her.

  • purpose of data management: customer management, direct marketing
  • scope of data managed: client’s name, address, email address, phone number, home address, gender, date of birth
  • data storage deadline: until termination of the Company or deletion at the request of the data subject
  • data storage method: electronic

Any data processors and recipients of data transfers that may be related to data management are included in this Policy.

CONTRACT AND LEGAL OBLIGATION

Keeping your billing information and invoicing is a statutory obligation. If the customer does not provide the requested information, it will be impossible to perform the service.

After ordering our services, a written or oral contract will be concluded with our customers. Our company contracts with legal entities and individuals and may include personal information, such as contact name, phone number, email address, or the name of a legal entity representative. It is a condition of the contract that we get this information, we need to know who the other party is, and where we can access them. Without the knowledge of this data, the contract will not be considered concluded and the service cannot be performed.

We will not be able to delete this data until the statutory period has expired.

VALIDITY OF DATA SECURITY RULES

To ensure the security of personal data processed on paper, the Company applies the following measures:

  • data shall be accessible only to those authorized to do so, others shall have no access to, or be made accessible to it;
  • place the documents in a well-locked, dry room with fire hazard security equipment and a security alarm system;
  • records of ongoing active management shall be accessible only to competent persons;
  • the Company’s data processing officer may only leave the premises during the day where data management is performed by locking the data media entrusted to him or by closing the office;
  • the Company’s data processing officer will close the paper medium upon termination of work;
  • if personal data processed on paper is digitalized, the Company will apply security rules to digitally stored documents.

To protect the security of personal information stored on your computer or network, the Company applies the following measures and warranties:

  • the stored data can only be accessed with a valid, personally identifiable authorization – at least with a user name and password – the Company regularly provides the change of passwords;
  • data stored on the network server machine (here in after referred to as “server”) may be accessed by authorized persons only;
  • if the purpose of data management has been achieved, the time limit for data management has expired, the file containing the data shall be irreversibly deleted and the data shall not be recoverable;
  • maintains virus protection on the personal data management network;
  • prevents unauthorized persons from gaining access to the network with the available IT tools.

CHANGING THE DECLARATION

The Company reserves the right to amend this statement. If the change concerns the use of  personal data provided by the data subject, then the Company shall inform the user  of the changesby e-mail.

Should the details of the data management change as a result of the modification of the statement, the Company shall specifically request the data subject’s consent.

In matters not specified by these Rules, Infotv. its rules shall prevail.

COOKIES AND DATA MANAGEMENT
TECHNICALLY NECESSARY WORK (SESSION) COOKIES

These cookies are required to allow visitors to browse the site, to use its features and services available through the site, including, but not limited to, commenting on the visitor’s actions on those pages during a visit. The duration of the processing of these cookies is based solely on the visitor’s current visit, and this type of cookie is automatically deleted from the computer at the end of the session or whith closing the browser.

The data set being managed is AVChatUserId, JSESSIONID, portal_referer.

The legal basis for this data management is the CVV of 2001 on certain issues of electronic commerce services and information society services. 13 / A. (3).

Purpose of data management: to ensure the proper functioning of the website.

COOKIES REQUIRING CONTRIBUTION:

These provide an opportunity for the Company to remember the user’s choices in connection with a website. The visitor may prohibit this data management at any time before and during the use of the service. Such data shall not be linked to the identity of the recipient and shall not be disclosed to a third party without the consent of the recipient.

USE COOKIES:

The legal basis for data management is the consent of the visitor.

Purpose of data management: To increase the efficiency of the service, to increase the user experience, and to make the use of the website more comfortable.

The duration of data management is 6 months.

PERFORMANCE COOKIES:

Google Analytics Cookies – Learn more here:

https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

Google AdWords Cookies – Learn more here:

https://support.google.com/adwords/answer/2407785?hl=hu

Facebook Cookies – Learn more here:

https://www.facebook.com/policies/cookies/

You can read our full cookie statement by clicking on this link.