Barion Pixel
+36 20 228 3688
info@dotsdiet.com
0
0Ft 0 items

No products in the cart.

Privacy Statement

This document contains all relevant data management information regarding the operation of the webshop in accordance with the Data Protection Regulation No. 2016/679 of the European Union (hereinafter: GDPR) and CXII of 2011. TV. (hereinafter: Infotv.) based on Data controller:

Name: Swan Med Hungary Kft.
Headquarters, mailing address: 4033 Debrecen, Kádas u. 18.
Email: info@dotsdiet.hu
Phone number: +36 20 228 3688
Website: www.dotsdiet.hu
Hosting provider:
Name: RACKFOREST INFORMATICS COMMERCIAL SERVICE AND CONSULTING LTD.
Address: 1132 Budapest, Victor Hugo utca 11. 5th floor B05001.
E-mail address: info@rackforest.hu
Phone number: +36 1 211 0044

1. Description of data processing during the operation of the webshop
Information about the use of cookies

1.2. What is a cookie?
The Data Controller uses so-called cookies when visiting the website. The cookie is an information package consisting of letters and numbers that the Data Controller's website sends to the User's browser with the aim of saving certain settings, facilitating the use of the website and contributing to the collection of some relevant, statistical information about the Users.
Some of the cookies do not contain personal information and are not suitable for identifying the individual user, but some of them contain an individual identifier - a secret, randomly generated string of numbers - which is stored on the User's device, thus ensuring its identification. The operational duration of each cookie is contained in the relevant description of each cookie.


1.3. Legal background and legal basis of cookies
The legal basis for data management is Regulation (EU) 2016/679 of the European Parliament and of the Council (April 27, 2016) on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, as well as on the repeal of Directive 95/46/EC. (hereinafter: GDPR) is the legitimate interest of the data controller based on point f) of Article 6, paragraph (1). Therefore, in this case, the data subject's consent is not required for data processing either, it is only necessary to provide him/her with adequate information, and to the extent necessary and proportionate to achieve the goal, the personal data may only be processed for the minimum necessary time (which, in the case of session cookies, is the end of the browsing session , meaning closing the browser).
Furthermore, the legal basis for data management is the consent of the User based on Article 6 (1) point a) of the GDPR, with regard to § 155 (4) of Act C of 2003 on electronic communications.

2. Data processed for the purpose of concluding and fulfilling the contract

2.1. Registration on the website
By storing the data entered during registration, the Data Controller can provide a more convenient service (e.g. the data subject does not have to be entered again when making a new purchase). Registration is not a condition for concluding a contract.
Managed data: During data management, the Data Controller manages the User's name, address, telephone number, e-mail address, the characteristics of the purchased product and the date of purchase.

Duration of data management: Until you withdraw your consent.
The legal basis for data management: The voluntary consent of the User, which he gives to the Data Controller when registering [data management according to GDPR Article 6 (1) point a)]



2.2. Order processing
During the processing of orders, data management activities are necessary to fulfill the contract.
Managed data: During data management, the Data Controller manages the User's name, address, telephone number, e-mail address, the characteristics of the purchased product, the order number and the date of purchase.
If the User has placed an order in the webshop, data management and the provision of data are essential for the fulfillment of the contract.
Duration of data management: We process data for 5 years according to the civil law statute of limitations.
Legal basis for data management: Fulfillment of the contract. [Data processing according to GDPR Article 6 (1) point b)]

2.3. Issue of the invoice
The data management process takes place in order to issue an invoice in accordance with the legislation and to fulfill the obligation to preserve accounting documents. The Sztv. Pursuant to § 169, paragraphs (1)-(2), economic companies must keep the accounting documents directly and indirectly supporting the accounting.
Data processed: Name, address, e-mail address, telephone number.
Duration of data management: The issued invoices are issued by Sztv. Based on § 169, paragraph (2), it must be kept for 8 years from the date of issue of the invoice.
Legal basis for data management: CXXVII of 2007 on VAT. On the basis of Section 159 (1), the issuance of the invoice is mandatory and it must be kept for 8 years based on Section 169 (2) of Act C of 2000 on accounting [data processing according to GDPR Article 6 (1) point c)].
Data is transmitted to the service provider operating the invoicing program during invoicing.

2.4. Data management related to the delivery of goods
The data management process takes place in order to deliver the ordered product.
Data processed: Name, address, e-mail address, telephone number.
Duration of data management: The Data Controller manages the data until the delivery of the ordered goods.
Legal basis for data management: Fulfillment of contract [data management according to Article 6 (1) point b) GDPR].
For the delivery of the products, personal data will be forwarded to our contracting partner performing the delivery.


2.5. Making contact, maintaining contact
The person concerned can also contact the company by sending a message to the e-mail address of the online store or by phone.
Purpose of data processing: Identification of the data subject, contact and communication with the data subject Scope of processed data: Name, e-mail address, telephone number, other data provided by the data subject Legal basis for data processing: consent of the data subject according to Article 6 (1) point a) GDPR. Stakeholders: Persons who contact the company by email or telephone or who have a contractual legal relationship with the data controller.
Duration of data management: Until the purpose is achieved, up to 1 year from the date of request. Data processor: email server


2.6. Use of social media
The data controller may appear on various social media platforms.
The purpose of data management is to display an ad tailored to the interests of the data subject, to share content about the website's products and services, and to maintain contact on social media.
Scope of managed data: Name, profile picture, public shares, post likes, comments, private messages of the user registered on social media.
Scope of stakeholders: All stakeholders who have registered on the given social media site and follow the company's social media site or have contacted it.
The legal basis for data management is the consent of the data subject based on point a) of Article 6 (1) of the GDPR.
Duration of data management: until withdrawal of consent.
The data subject can find out about the details of data collection and data management in the data protection policy of the given social media site.
facebook.com also provides anonymous statistics for business pages, the company and facebook.com are joint data controllers with regard to this data. Further information on shared data management related to the Facebook page: (https://www.facebook.com/legal/terms/page_controller_addendum)

2.7. Data access and data transfer
Employees of the Data Controller can access personal data in order to perform their duties. The Data Controller transfers the personal data it handles to other state bodies only in the manner and for the purpose specified by law. So, for example, if the police or prosecutor's office contacts the Data Controller and requests the transmission of documents containing the given personal data for the investigation.
We use external service providers to fulfill orders and provide certain services. We are in contact with the following external partners to provide our services:
– Transaction letter service provider
– Website operator: Name: Maximum Business Kft., mailing address: 1156 Budapest, Nádastó Park 35. fsz. 2/A., e-mail address: info@maximumbusiness.hu
– Accounting office: JS-Cont Hungary Számviteli és Adótanácsadó Kft., registered office: 4225.Debrecen, Észáski sor 45., iroda@jsconthungary.hu
– Courier service: GLS General Logistic System Hungary Kft., 2351 Alsónémedi, GLS Európa utca 2., info@gls-hungary.com
– Billing system: billingo.hu – Billingo Technologies Zrt., registered office: 1133 Budapest, Árbóc utca 6. III. floor, e-mail address: hello@billingo.hu
– Online payment system: Barion Payment Zrt., registered office: 1117, Budapest, Infopark sétány 1., E-mail address: support@barion.com


3. Complaint handling
The data management process takes place in order to handle consumer protection complaints. If the User has contacted us with a complaint, data management and the provision of data are essential.
Managed data: User's name, phone number, email address, complaint content.
Duration of data management: Warranty complaints are kept for 5 years based on the Consumer Protection Act.
Legal basis for data management: The User's voluntary decision whether to contact us with a complaint, however, if he does contact us, the 1997 CLV on consumer protection. law 17/
Based on Section A (7), we are obliged to keep the complaint for 5 years [data management according to GDPR Article 6 (1) point c).


4. Data management for marketing purposes
During the purchase process, it is possible to subscribe to a newsletter. When subscribing to the newsletter, the User's name and email address are processed.
The legal basis for data management: according to Article 6 (1) point a) of the GDPR, the voluntary consent of the data subject.
The User can unsubscribe from advertisements at any time by clicking on the link in the message.

5. Rights of the User during data management
Within the period of data management, the User is entitled to the following rights according to the provisions of the GDPR:
• the right to withdraw consent
• access to personal data and information about data management • right to rectification
• restriction of data management,
• right to erasure
• right to protest
• right to portability.
If the User wishes to exercise his rights, it is accompanied by his identification, therefore personal data will be required for identification (but the identification can only be based on data that the Data Controller already manages about the User), as well as the User's data management will be available in the Data Controller's email account related complaint within the time period specified in this information regarding complaints. If the User was a customer of the website and would like to identify himself for the purpose of complaint management or warranty management, please enter his order ID for identification. Using this, the User can also be identified as a customer.
The Data Controller will respond to complaints related to data management within 30 days at the latest.


6. Data security measures
The Data Controller declares that it has taken appropriate security measures in order to protect personal data against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as accidental destruction and damage, as well as inaccessibility resulting from changes in the technology used.
The Data Controller will do everything within its organizational and technical capabilities to ensure that its data processors also take appropriate data security measures when working with the User's personal data.


7. Remedies
If, according to the User, the Data Controller has violated a legal provision regarding data management or has not fulfilled any of his requests, he can initiate the investigation procedure of the National Data Protection and Freedom of Information Authority (address: 1363 Budapest, Pf.: 9. e- email: ugyfelszolgalat@naih.hu).
We would also like to inform you that in the event of a violation of the legal provisions on data management, or if the Data Controller has not fulfilled any of your requests, you may file a civil lawsuit against the Data Controller in court.


8. Modification of data management information
The Data Controller reserves the right to modify this data management information in a way that does not affect the purpose and legal basis of data management. By using the website after the amendment enters into force, you accept the amended data management information.
If the Data Controller wishes to carry out further data processing for a purpose other than the purpose of their collection in relation to the collected data, the User shall be informed of the purpose of the data processing and the following information before the further data processing:
on the period of storage of personal data, or if this is not possible, on the criteria for determining the period;
about his right to request from the Data Controller access to the User's personal data, their correction, deletion or limitation of processing, and in the case of data processing based on legitimate interests, he can object to the processing of personal data,
and in the case of data management based on consent or a contractual relationship, you can request the provision of the right to data portability;
in the case of data management based on consent, that the User can withdraw the consent at any time,
on the right to submit a complaint to the supervisory authority;
about whether the provision of personal data is a legal or contractual obligation
whether it is a basis or a prerequisite for entering into a contract, as well as whether the User is obliged to provide personal data, as well as the possible consequences of failure to provide data;
about the fact of automated decision-making (if such a procedure is used), including profiling, as well as, at least in these cases, comprehensible information about the logic used and the significance of such data management and the expected consequences for the User.

The data processing can only start after this, if the legal basis of the data processing is consent, the User must also consent to the data processing in addition to the information.
usercart