0
Sign Up

Start typing and press Enter to search

Privacy Policy

PRIVACY POLICY

 

Name of data processing company:

 

Brand name: Signatore Apparel

Company name: Meta-Tex International Kft.

Headquarters: 2234 Maglód, Fő út 104.

Tax number: 28955339-2-13

Company registration number: 13-09-209319

e-mail address: info@signatore-apparel.com

Website: signatore-apparel.hu and www.signatore-apparel.com

 

– hereinafter: Data Controller or Service Provider –                                                                           

The purpose of this Privacy Policy is to  inform all Users of the www.signatore-apparel.hu and www.signatore-apparel.com websites (hereinafter: Website) operated by the Service Provider, including registered Users, Customers and all other data subjects whose personal data it processes (hereinafter: data subject), about the Service Provider’s personal data processing practices and the rights of data subjects in accordance with the applicable legislation.

 

The Service Provider reserves the right to change this policy; It shall notify the data subjects thereof by publishing it on its website. This information is continuously available on the Service Provider’s website.

 

When interpreting this Privacy Policy, any person to whom the Service Provider provides services on the basis of a contractual relationship – within the scope defined below – shall be considered a User.

 

  1. Certain data processing, their purpose, scope, duration and legal basis of the processed data
 
1. Ordering, conclusion of contracts

Data controller may process the natural personal identification data  necessary for the purpose of creating, fulfilling, invoicing the contract  – Order according to the General Terms and Conditions for the use of the Website (hereinafter: Order) – as well as validating its related claims according to the 13/A § (1)-(3) Ektv. ((Act CVIII of 2001 on certain issues of electronic commercial services and services related to the information society).

 

For the purpose of providing a service, the Data Controller may process personal data that are technically indispensable for the provision of the service. The Service Provider shall keep the accounting documents for 8 years, pursuant to Section 169 (2) of the Act (Accounting. Act), Purpose of data processing: provision of services  (identification and registration of data subjects, provision and performance of ordered services, delivery of products, contact with the data subject, fulfillment of contractual obligations and exercise of rights, fulfillment of accounting obligations).

  • Purpose of data management: service provision (identification of data subjects, registration, provision and fulfillment of ordered services, product delivery, contact with the data subject, fulfillment of contractual obligations and exercise of rights, fulfillment of accounting obligations).
  • Range of processed data: e-mail address, name, phone number, delivery & billing address, data of the ordered goods.
  • Legal basis for data processing: performance of a contract, Article 6 (1) (b) of the GDPR; compliance with a legal obligation Article 6 (1) (c) GDPR, Accounting. Act. § 169 (2).
  • Duration of data processing: The data controller keeps documents for 5 years after the execution of the Order and keeps accounting documents for 8 years pursuant to Section 169 (2) of the Accounting Act.
  • Data subjects: Customers and those who may be affected by the Order.
  • Data transfer: The Data Controller may forward the data required for the delivery of the Product – address, name of Customer – to the third party performing the delivery.
  • Possible consequences of failure to provide data: the data subject is unable to use the given service.

 

2. Handling of Complaints

The Service Provider provides complaint handling for the purpose of providing information and handling complaints to the data subjects using its services. It stores incoming letters and e-mails and uses them in connection with the provision of services and complaint handling. The employees of the Service Provider’s customer service are entitled to access the data. More information on the complaint handling of the Service Provider can be found in the GTC.

 

  • Purpose of data processing: provision of services, complaint handling.
  • Range of processed data: name, address, telephone number, e-mail address, place, date, method, content, identification number of the submission.
  • Legal basis for data processing: compliance with a legal obligation, § 17/A. Article 6 (1) (c) of the GDPR Consumption
  • Duration of data processing: 5 years.
  • Data subjects: data subjects initiating complaint handling.
  • Data transfer: these data may only be transferred to an authority or court in case of proceedings.
  • Possible consequences of failure to provide data: possible failure to handle complaints and maintain contact.

 

3. Cookies

When visiting the website, in order to provide more efficient services, “cookies” may be placed on the computers of the data subjects. A cookie is an information file placed on the hard drive of the data subject through data subject’s browser, which serves to identify the data subject later. This file provides specific information about your previous use of the website. This information is used to recognize the user’s machine. With the help of the cookie information collected from the website, the Service Provider can track the number of new and repeated visitors and create internal analyses of the pages visited, so it can better understand usage habits. It has the opportunity to analyze information in order to develop and improve the services of the website. Most browsers automatically accept cookies by default, but the data subject can change the settings in the browser, have the option to reject cookies or selectively accept only certain cookies. However, if you disable cookies, you may not be able to use certain features of the website or certain pages may not be displayed correctly.

If cookies are used, the Service Provider provides further information on its website prior to the commencement of data processing.

 

II. Data processing

In order to operate the Website the Data Controller may enter into a contract with an IT service provider, in which case this service provider may also perform certain data processing tasks. In such a case, the Data Controller is obliged to enforce this service provider to comply with the rules of the (GDPR) regulation. In addition, the Data Controller does not require a data processor.

 

III. Rights of the data subject, and enforcement of rights

Data subjects have the following rights in relation to data processing:

  • Right of access by the data subject
  • Right to correction
  • Right to erasure (‘right to be forgotten’)
  • Right to restrict data processing
  • Right to data portability
  • Right to object

 

The content of these rights is governed by the provisions of the applicable data protection legislation in force referred to above.


The data subject may request information about the processing of his/her or her data, the purpose, legal basis, duration of data processing, the name and address of the data processor and its activities related to data processing; furthermore, data subject may request the correction of its data as well as the erasure or blocking of its personal data.

 

The Data Controller shall provide the information as soon as possible, but not later than within 15 days. Data protection questions related to orders can be sent to the following email address: info@signatore-apparel.com.

 

The Data Controller shall make every effort to provide the data subject with all information related to the processing of personal data in a concise, transparent, comprehensible and easily accessible form, using clear and plain language. The information shall be provided in writing or by other means, including, where appropriate, by electronic means. At the request of the data subject, oral information may also be provided, provided that the identity of the data subject has been verified by other means.

 

If the Data Controller does not take measures on the request of the data subject, it shall inform the data subject without delay but at the latest within 15 days of receipt of the request of the reasons for the failure to take action as well as that the data subject may file a complaint with a supervisory authority and exercise its right to judicial remedy.

 

If the data subject considers data processing to be infringed, he or she may object to its processing and can initiate a judicial remedy – at the General Court competent for his place of residence or stay, furthermore may turn to the National Authority for Data Protection and Freedom of Information. A party who otherwise does not have legal capacity may also be a party to a lawsuit. The Authority may intervene in the proceedings in order to ensure the success of the data subject.

 

Any person who has suffered material or non-material damage as a result of an infringement of this Regulation shall be entitled to receive compensation from the data controller or data processor for the damage suffered. All data controllers involved in data processing shall be liable for any damage caused by the unlawful data processing. Enforcement of the right to compensation must be brought before the competent court.

 

The data subject undertakes to record only his/her own data during the Order and that these data are correspond to reality. The data subject is responsible for the authenticity of the data. If the data subject records incorrect data or provides data of another person, he or she shall be liable in accordance with applicable law.

 

Any disputes related to data processing shall be governed by Hungarian and EU law and shall be subject to the jurisdiction of the Hungarian courts according to the rules of the Civil Procedure Code.

 

IV. Security of data processing

The Service Provider shall ensure the security of personal data in the manner expected from it, shall take the necessary technical and organizational measures, protect it in particular against unauthorized access, change, transmission, disclosure, deletion or destruction, as well as against accidental destruction and damage, and against becoming inaccessible due to changes in the technology used. The Service Provider shall do everything reasonable to ensure the error- and trouble-free operation of the functions on the Website and to ensure that the Website or the server accessing it is virus-free.

The Service Provider uses Viacom Informatikai Kft. providing storage space for personal data (registered office: H-2360, Gyál, Deák Ferenc utca 17, electronic mail address: info@viacomkft.hu , telephone number: +3613485000). It is stored encrypted on its servers and protected by a password.

Paper-based data storage takes place at the registered office of the Service Provider, only in a suitably lockable room, in a drawer or cabinet in such a way that it cannot be accessed or known by unauthorized persons.

 

Data protection incident

A data protection incident is a breach of security that results accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to, personal data transmitted, stored or otherwise processed.

 

The controller shall notify the data protection incident to the competent supervisory authority without undue delay and, if possible, no later than 72 hours after having become aware of it, unless the data protection incident is likely to pose no risk to the rights and freedom of natural persons. If the notification is not made within 72 hours, it shall be accompanied by reasons justifying the delay.

 

Where the data protection incident is likely to result a high risk to the rights and freedoms of natural persons, the data controller shall inform the personal data incident to the data subject without undue delay.

 

Pursuant to Article 33 (5) of the Regulation, the Service Provider shall keep a record on data protection incidents, indicating the facts related to the data protection incident, its effects and the measures taken to remedy it.

 

V. Final provisions

The Service Provider shall provide information on data processing not specified in this prospectus prior to the commencement of data processing.

 

This policy has been prepared considering in particular the following legal regulations:

  • Act CXII of 2011 on the right to Information Self-Determination and on Freedom of Information (Info Act);
  • Act CLV of 1997 on Consumer Protection (Consumer Protection Act)
  • REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR).

 

Effective September 2023.

Start typing and press Enter to search

View more
Shopping Cart

No products in the cart.