DATA MANAGEMENT INFORMATION
Madaras Classics Kft.
Company address: Fodor utca 13/b
Tax number: 25956506-2-43
Company registration number: 01-09-298448, registered in the Budapest Metropolitan Court
Hereafter: Data Controller
Company address: 40 Namal Tel Aviv St., Tel Aviv, Israel
Information on cookie use
Some cookies do not contain personal information and do not have the ability to identify individuals, but others contain a personal identifier – a secret, randomly generated chain of numbers – that is stored on your device, which ensures your identification.
The legal background and basis of cookies: The Data Controller is subject to Regulation (EU) 2016/679, the General Data Protection Regulation (hereafter: Regulation or GDPR) on the basis of Article 6(1)(a), Your Consent.
Duration of data management
Newsletter related data management
Managed data: name, e-mail address.
Duration of data management
Until the withdrawal of the consent of the user.
The legal basis of the data management
Your voluntary consent is given to the Data Controller when subscribing to the newsletter [data processing according to Article 6 (1) (a)]
Data managed in relation to consent verification
Upon subscription to the newsletter the IT system stores the data related to the agreement for later verification.
Time of consent and the User’s IP address.
Duration of data management
Due to legal regulations, we must be able to later prove consent and so data storage exceeds the expiration of data processing and is stored for the prescribed period.
Legal basis for data management
Regulation Article 7 (1) spells out these requirements [Regulation Article 6 (1) (c) on data management]
Data processing activities connected to sending newsletters.
The company operating the newsletter sending system: Wix.com Inc.
Address of the company operating the newsletter sending system: 40 Namal Tel Aviv St., Tel Aviv, Israel
E-mail of the company operating the newsletter sending system:
The sending of the newsletter takes place according to the contract between the Data Processor and the Data Controller. The Data Processor handles user names and e-mail addresses to the extent needed to send the newsletter and deletes it immediately upon user request
Information about the Data Processor:
Your rights during data management
According to the Regulation during data management you have the right:
To withdraw from the agreement, to receive information about the processing and to obtain access to the personal data held about you, to correct any data held about you that is inaccurate, to restrict data management, to request deletion, to protest and to receive portable data.
If you wish to act upon those rights, you will have to be identified and the Data Controller must communicate with you. Your personal data will be needed for this identification (although the identification must only rely on data which the Data Controller already manages), and your complaint about data handling will also be accessible in the Data Controller’s inbox within the designated time period for complaints. Complaints about data management will be addressed within 30 days by the Data Controller.
The right to withdraw from the agreement
At any time you have the right to withdraw from the data management agreement, in which case your data will be deleted from our systems.
Access to Personal data
You have the right to request information from the Data Controller on whether your personal data is being processed, and if so, you have the right to:
Access the personal data being processed and receive information from the Data Controller concerning: the goals of the processing; the categories of your personal data; information on the addressees or categories of the addressees with whom your personal data was, is or will be shared by the Data Controller; the planned duration of the storage of the personal data, or if that is not possible, the aspects upon which the duration is determined; You have the right to request the Data Controller correct any data held about you that is inaccurate, to restrict data handling, to request deletion, and if based on legitimate interests, to protest against the use of personal data; the right to file a complaint with the supervisory authority; if the data was not collected from you, all accessible information on the source; to receive information on whether automated decision making is involved, including profiling, and if so, information on at least the applied logic and understandable information regarding the significance of the data processing and the consequences that affect you.
The goal of exercising this right is to determine the legality of the data processing, and so in the case of multiple information requests the Data Controller may report a fair fee in exchange for providing the information.
Access to the data is granted by the Data Controller in a way that after identifying you, you will receive an e-mail with the personal data and the information being processed.
When filing a request please note whether you want access to personal data or information regarding data processing.
The right to correction
You have the right to request the Data Controller immediately correct any data held about you that is inaccurate.
The rights related to data processing restrictions
You have the right to request the Data Controller to restrict the data processing, if one of the following is true: You question the accuracy of the personal data, in which case the restriction applies for the duration of time in which the Data Controller can check the accuracy of the personal data; if the accuracy can be immediately checked, the restriction does not apply;
the data processing is unlawful, but you oppose the data being deleted for any reason (for example, if this data is important to you for validating a legal claim), so you don’t ask for the data’s deletion, but instead request the restriction of the use of the data;
The Data Controller no longer needs your personal data for the designated goal, but you require them for submitting, validating or defending legal claims; or
You object to the processing of your personal data, but the Data Controller’s legitimate interest can also be a basis for data processing, in which case until it is decided whether the Data Controller’s legitimate interests have priority against your legitimate interests, the data processing must be restricted.
If the data processing is under restriction, these personal data, with the exception of storage, may only be processed with the consent of the user, when submitting, validating or defending legal claims, when defending the rights of other natural or legal people, or for important pubic interest of the EU or a member state.
You will be notified by the Data Controller before the expiration of the data processing restriction (at least 3 days in advance).
The right to deletion, be forgotten
You have the right to have the Data Controller delete all personal data concerning you with no unjustified delays, if one of the following is true:
the Data Controller no longer needs your personal data for the designated goal for which it was collected or handled; you withdraw your consent and the data management has no other legal basis; you object to data processing based on legitimate interests and there are no legitimate reasons (ie, legitimate interests) for data processing; the Data Controller mishandled the personal data and this was verified according to a complaint filed to fulfil a Union or member state legal requirement that must be applied to the Data Controller that personal data must be deleted.
If the Data Controller for any legitimate reason has publicised your processed personal data, and must delete it for any of the above mentioned reasons, you must take reasonable steps with the accessible technologies and the expenses of the process in mind, meaning technical advances as well, in order to inform other data managers processing your data that you have requested the links pointing towards the personal data or copies and duplicates of the said personal data that you have requested deletion.
Deletion must not be applied while the data processing is needed:
to uphold freedom of expression and the right to information; to fulfil an obligation according to the Union’s or a member state’s law regulating the handling of personal data and which can be applied to the Data Controller (a case like this is data processing during billing, because legislation requires the invoice to be kept), also when acting in the public’s interest or fulfilling the job as power of attorney given to the Data Controller; when submitting, validating or defending legal claims (e.g. when a data processing complaint in being investigated).
The right to object
You have the right to object against the use of your personal data based on legitimate interests, at any time, for personal reasons. In this case the Data Controller can not process the personal data any longer, unless it is proved that the processing of the data is justified by compelling legal reasons that take priority over your interests, rights and freedoms, or when submitting, validating or defending legal claims.
If processing your personal data is for the purpose of direct marketing, including profiling, you have the right to object to the processing of your personal data. If you object to direct marketing, your personal data can no longer be processed for this purpose.
The right to data portability
If the data process is automated, or if the data process relies on your approval, you have the right to request the processed data from the Data Controller and, if technically possible, receive it in xml, JSON, or csv format, and if requested to send it to another Data Controller in this format.
You have the right not to be subject to a decision based solely on automated means (including profiling), if the decision produces legal effects concerning you or significantly affects you in a similar way. The Data Controller needs to protect your rights and freedoms by implementing suitable safeguards, and at least inform you of your right to human intervention, make the required procedural arrangements, allow you to express your point of view and inform you that you may contest the decision.
The above can not be applied when the decision is:
Needed to enter or perform a contract between you and the Data Controller; made possible by EU or member state law applied to the Data Controller, which also contains protection for your rights, freedoms and legitimate interests; or made based on your explicit consent. Logging in to the data protection register.
Logging in to the data protection register
The Data Collector states that the necessary safety measures have been taken to protect your personal data against unauthorised access, change, forwarding, publishing, deletion or destruction, including accidental destruction and damage, as well as from becoming inaccessible due to applied technical changes.
The Data Collector will do everything within organising and technical reach that the employed data processors also take the appropriate safety measures when working with your personal data
Available legal remedies
If you believe the Data Controller has infringed on a legal regulation concerning data processing or has not complied with a request, you can turn to the local data protection authorities to terminate the presumptively unlawful data processing and file a complaint. Postal address: 1530 Budapest P.O. Box 5 e-mail: firstname.lastname@example.org). In case of infraction of legal regulations concerning data processing or if the Data Controller has not complied with a request, than the Data Collector can be sued in the Court of Law.
Modifying data management information
The Data Collector upholds the right to modify the current data management information as long as the aims and legal basis of the data processing have not been changed. After the modified website is uploaded you agree to the modified data management information upon use of this site
If the Data Collector wishes to process the collected data with a different goal than when the data was collected, before the new processing you must be notified of the new aim, along with the following information:
the planned duration of the storage of the personal data, or if that is not possible, the aspects of which the duration is determined; you have the right to request the Data Controller correct any data held about you that is inaccurate, to restrict data handling, to request deletion, and if based on a legitimate interest, to protest against the use of personal data, and if the data process relies on consent or contract you can require the insurance of data portability; if the data processing relies on consent you can withdraw at any time; the right to file a complaint with the supervisory authority; whether the personal data is provided based on legal regulations, contract obligations or a prerequisite to a contract signing, also whether you are obligated to provide personal data, furthermore in this case what are the consequences for not providing data; to receive information on whether automated decision making was involved, including profiling, and if so, information on at least the applied logic and understandable information regarding the significance of the data processing and the consequences regarding your person.
The data processing can only start after these, in case the legal basis to process the data is consent, other than informing like mentioned above, You also have to consent for the processing to start.
The current document contains all relevant information about data management concerning the operation of the website based on GDPR and the 2011 CXII tv (Hereafter: Information Law).