(hereinafter referred to as: „Policy”)
1. The purpose of the Policy
1.2 When establishing the rules set out in this Policy the Company took into account particularly the
CXII. Act of the year 2011 about freedom of self-determination and information (“Info Act”), CXIX. Act of the year 1995 about the name and address data for research and direct marketing purpose administration, VI. Act of the year 1998 of the protection of individuals with regard to automatic processing of personal data, in Strasbourg, the promulgation of the Convention dated on January 28, 1981, furthermore the provisions of the XLVIII. Act of the year 2008 about the basic conditions and some limitations of the business advertising, as well as the recommendations of the „ONLINE PRIVACY ALLIANCE”.
1.3 The Company is authorized to trade precious metals or objects made of them by permit issued by the Hungarian Trade Licensing Office. Licence number: PR7404/1/2014
1.4 This Policy is intended that the services provided by the Company for all individuals, regardless of whether the nationality or place of residence in all areas to ensure that the rights and fundamental freedoms, in particular the right to privacy with respect to automatic processing of personal data (Privacy).
1.5 The Company’s data protection registration ID: NAIH-83813/2015.
Data file: a file of all the processed data.
Data processing: technical tasks related to data processing operations, regardless of method and device, and of the application used to perform the operation site, provided that the technical tasks performed on the data.
Data management: regardless of the method used in the data out any operation or set of operations, in particular the collection, recording, organization, storage, modification, use, querying, transmission, disclosure, coordination, combination, blocking, erasure or destruction of personal data, and prevent further use of personal data.
Data manager: NUDELMAN NUMIZMATIKA Kft. (seat: 1052 Budapest, Petőfi Sándor u. 16.; registration no.: Cg. 01-09-679567; tax no.: 11848853-2-41; VAT no.: HU 118 488 53)
Data Destruction: complete physical destruction of media containing personal details.
Data transmission: the disclosure of personal data to a specific third party.
Data processor: any natural or legal person or entity without legal personality, who or which processes personal data on behalf of the data processor.
Data deletion: making data unrecognizable in such a way that the restoration is not possible.
Automated file: any set of data to be processed automatically.
Automatic processing: includes the following steps, if carried out in whole or in part by automated means: data storage, logical or arithmetic operations, alteration, deletion, retrieval and dissemination of data.
User: a natural person who registers on the Company's website (www.numismatica.hu).
Website: the www.numismatica.hu web page is available under URL.
Disclosure: Making personal information available to anyone.
Personal data: data which can be associated with the specified natural person (hereinafter referred to as relevant person), especially the names involved, identification, as well as the characteristics of one or more physical, physiological, mental, economic, cultural or social identity of knowledge deductable from the data or conclusion referring to the relevant person. The personal data preserves its quality during data management until the personal relationship with the relevant person can be restored.
3. The scope of the processed personal data
3.1. Data which can be given on the basis of the User's choice: e-mail address, phone number, name, place of residence / stay.
3.2. Technical data to be recorded in the operation of the system: the User's log-in details for the computer, which are generated in the Use of Service and which the Data Management System automatically recorded as a result of the technical processes. The data automatically recorded in the system without the User's specific statement or act on entry or exit is automatically logged by the system. These data cannot be related to other User’s Personal data - except in cases imposed by law. Only the Data Manager will have access to the Personal data.
3.3. The Company for the sake of personalized content service will place a small data packet (so-called: "Cookie") on the User’s computer. A cookie is intended to ensure the highest level of functioning of that page to enhance the user experience. The User can delete the cookie from his/her own computer or he/she can set his/her browser to disable the use of cookie. With disabling the use of cookie the User acknowledges that without the cookie the functioning of the page is not off full value.
4. The legal basis, purpose, and method of data management
4.1. The data management will take place on the basis of the voluntary statement based on appropriate information of the website Users of the Internet content, which includes the statement expressing the Users’ consent that their personal data are published for use using the site. The legal basis of the Data management is the voluntary consent of the relevant person in accordance with Section 5 (1) of the Info Act.
4.2. Data management aims to ensure the provision of services available on the Site. The scope of Personal data required to be given for the use of these services can be found at the description of the relevant services.
4.3. The purpose of the data to be recorded automatically (see. Section 3.2.) is to provide services available via the Website, the display of personalized content and advertising, making statistics, the technical development of the information system, the protection of Users' rights. The information made available by the Users during the use of the service can be used by the Data manager to form group of users, and to display targeted content and/or advertising on the Company’s website for the groups of users.
4.4. The Data manager may not use the provided personal information for purposes other than the purposes set out in these points. Release of personal data to third parties or authorities – except a law provides otherwise with binding force – is possible exclusively with the User’s prior expressed consent.
4.5. The Data manager will not check the personal data given. Only the person who gave the data is responsible for the adequacy of the given data. At giving his e-mail address any User will take the responsibility as well, that he is the only person to use service from the given e-mail address. Regarding this taking of responsibility all liabilities associated with any entering on the given e-mail address would be charged only the user who registered email address.
5. Principles of Privacy
5.1. The personal data may be obtained and processed only fairly and lawfully.
5.2. Personal data should be stored for specified and lawful purposes, and they should not be used in different ways.
5.3. Personal data should be in proportion with the purpose of their storage, and shall comply with this objective, may not expand beyond.
5.4. The method of storage of personal data must be such that it allows only for the time necessary for the purpose of storage of the identification of the relevant User.
5.5. Appropriate security measures must be taken to protect personal data files stored in the automated data to prevent accidental or unlawful destruction or accidental loss, and from unauthorized access, alteration or dissemination.
6.1. The Company is using the personal data essential to use the Company’s service based on the contributions of relevant persons, and exclusively for the given purpose.
6.2. The Company as a Data Manager agrees to handle the Personal data possessed by it in accordance with the provisions of the Info Act and the provisions of the data protection principles set out in this Policy, and will not give them out to any third party.
From the provisions of this section there is an exception, in connection with the delivery of the parcel requested by the User, the transfer of certain Personal data to the delivery company.
Data management agrees that in these cases the transmission of only those Personal data which are definitely necessary for the delivery will take place.
6.3. In certain cases – official judicial and police inquiries, legal proceedings because of breach of copyright or other rights or for the reasonable suspicion of these, prejudice of the interests of the Company, jeopardizing the provisions of its services – the Company makes the relevant User’s data available for third party.
6.4. The system of the Company may collect data about the Users’ activity that cannot be linked together with the Personal data given by the Users when registering or other data resulting from the use of other websites or services.
6.5. The Company is committed that before collecting, recording, managing the User’s any Personal data it will publish a clear and unambiguous statement of awareness, informing the User about the method, purpose and principles of data collection. In addition to all these, in all cases when the data collection, management, recording is not legally mandated, the Company will call the User’s attention for the voluntariness of data supply. In case of mandatory data supply the legislation ordering the Data management must be defined too. The relevant person should be informed about the purpose of the Data management and about who will manage and process the Personal data. Information is given on Data management with the fact that there is a provision about the collecting of data from the already existing Data management with transmission or interconnection.
6.6. In all cases, when the Company wants to use the given Personal data for purposes different from that of the data collection, it shall inform the User about it and obtain prior express consent, and afford an opportunity to prohibit the use.
6.7. The Company as a Data manager during Data Management shall comply with all restrictions set for in the provisions in every case, and shall inform the relevant person about its activity in e-mail as required. The Company undertakes not to enforce any sanctions against a User who denies a non-mandatory data service.
6.8. The Company undertakes to ensure the security of Personal data, also taking all technical and organizational measures and establish the rules of procedure to ensure that the recorded, stored, and processed Personal data to be protected, or prevent the destruction or unauthorized use or unauthorized alteration of them. The Company is committed to call the attention of all third parties to whom the Personal data may be forwarded for the fulfilment of its obligations in this regard.
6.9. If the personal data does not correspond to reality, and the true personal data is available to the Data manager, the Data manager corrects the Personal data.
6.10. The Data manager lock the Personal data instead of deleting, if the relevant person requests it, or if on the basis of the available information it can be assumed that the deletion would prejudice the legitimate interests of the relevant person.
The Personal data locked in this way may be managed exclusively as long as there is a data management purpose, which ruled out the deletion of Personal data.
6.11. The relevant User and all those to whom the Personal data have been forwarded for Data management should be notified about the correction, lockup or deletion of the managed Personal data.
The notice may be omitted if having regard to the purpose of Data management it does not prejudice the legitimate interest of the relevant person.
7.1. The management of the Personal data given by the user is maintained as long as the User – with the given user name – does not sign out of the service. The date of cancellation is 10 work days from the receipt of the User’s request for cancellation. In case of use of unlawful, misleading Personal data, or in case of a crime committed by the User, or his attack against the system, the Data manager is entitled to immediately delete the Personal data simultaneously with the cease of the User’s registration, however, in case of suspicion of crime or that of civil liability is entitled to keep Personal data for the duration of the procedure as well.
7.2. The Personal data given by the User – even in case the User does not sign off the service – may be managed by the Company as Data manager, until the User requires explicitly in writing the cancellation of the Data management. The request of the User to cancel the Data management without signing out of the service does not affect his right to use the service however it may occur that because of the missing Personal data he cannot use certain services. Deletion of Personal data will be made within 10 working days after receipt of the request to do so.
7.3. The Personal data automatically recorded during the operation of the system are stored in the system from the time they are generated for a reasonable period of time to ensure the functioning of the system. The Company will ensure that these automatically recorded Personal data cannot be linked to other users’ personal data – except in cases imposed by the law. If the User has withdrawn his consent handling his Personal data, or unsubscribed from the service, after that the person cannot be identified for the technical data.
8. Personal data provision
8.1. The Data manager can be informed about change in Personal details, or the requirement to delete Personal data expressed in a written statement sent in an electronic letter (e-mail).
8.2. The sending of newsletters can be cancelled on the website by modifying the settings of the user interface.
8.3. Following the demand for the cancellation or amendment of Personal data the previous (cancelled) Personal data cannot be restored.
9. Data processing
9.1. The Company does not use a separate external data processor it processes the Personal data itself.
10. Data transfer opportunity
10.1. The Company, as Data Manager is entitled and obliged to transfer all available Personal data that has been properly stored to the competent authorities, which Data transmission he is required by law or final official decision. Due to such forwarding of data and the consequences resulting there from Data management cannot be held responsible.
10.2. For the control of legality of data transfer and to inform the relevant person the Company keeps a record of transfer, which includes the date of the transfer of the Personal data processed by it, the legal basis of Data transfer and its recipient, the definition of the scope of the transmitted Personal data, and other information defined in the provision prescribing the Data management.
12. Users' rights in relation to their personal data processed by the Data manager
12.1. The Users are entitled to require information about the processing of their Personal data from the Company as Data manager at any time in writing in a registered or certified letter sent to the address of the Data manager, or in an e-mail sent to firstname.lastname@example.org. The request for information sent in an e-mail shall be considered by the Data manager as valid only in case if it is sent from the User’s registered e-mail address. The request for information may include the Personal data of the User managed by the Data manager, their source, for the purpose of Data management, its legal basis, duration, the name and address of possible Data processors, activities related to Data management, and in case of transmission of personal data who and for what purpose receives or will receive a User's Personal information.
12.2. The Data manager is obliged to give information in writing for the question related to Data management as soon as possible after receipt, but not later than 30 days. In case of e-mail the first working day after the sending must be considered as day of receipt.
13. Enforcement options
13.1 The user may exercise his enforcement options under Info Act as well as Act V of 2013 (Civil Code) in front of a court, furthermore in any question relating to Personal data he may also ask for help from the National Data Protection and Freedom of Information Authority (1125 Budapest Szilágyi Erzsébet fasor 22 / C mailing address: 1530 Budapest, Pf. 5).
13.2 In addition with any questions, observations related to Data management you may turn to the Data management staff as well this e-mail address: email@example.com
April 10, 2015