Privacy Policy

FEHÉRVÁRI ADRIENN

EGYÉNI VÁLLALKOZÓ 

(Entrepreneur)

Valid: 

From 01.12.2022. Until Recalled 

1. Company information:

Name: Fehérvári Adrienn egyéni vállalkozó

Adress 3388 Poroszló, Kossuth út 10.

TAX number: 57676375-1-30

International TAX number: HU57676375

Registration code:56324941

Telephone: 0670/605 5350

E-mail address: adrienn.soulpurpose@gmail.com   

2. The privacy policy:

The goal of this Privacy Policy to provide prompt information to its partners and customers about the handling of their personal data. The data manager strictly follows and keeps all regulation and law about data handling and data protection to make sure its operation is valid, clear, comprehensive, precize and respects all regulation.

The data manager makes all technical and organisational effort to make sure the safe handling of the personal data of its partners according to the the most current regulation of the European Union (EU) 2016/679.

The data manager has developed her work activities and moral, handouts, documents, contracts to comply with the above mentioned regulation. 

The data guidelines are always available on the website of the data manger. The current guideline can be updated at any time which will be communicated to its partners.

The data manager is committed to keep her partner information safe and protected and acknowledges the autonomy of her partners. 

3. Validity of the Privacy Policy:

This privacy policy is valid for the data manager and everyone else involved in data processing and partners whose interests are protected by the regulations.

The privacy policy covers all kinds of data handled by all the activities of the data manager.

This privacy policy is valid from its approval date till indefinite duration of time. 

4. Definitions:

Personal data: means any information relating to an identified or identifiable natural person. Identifiable by a natural person who, directly or indirectly, in particular by virtue of one or more factors such as name, number, position, online identification or physical, physiological, genetic, mental, economic, cultural or sisal identity of the natural person identified.

Special data: means any kind of personal information about etnical, political views, religion or any kind of special opinions articulated by the partners, and any kind of information targeting the biometric identification of natural persons such as health data, sexual life, sexual orientation.

Data management: means any operation or combination of operations, whether automatic or not, carried out on personal data or data files, such as collection, recording, filing, sorting, storing, transforming or altering, retrieving, accessing, using, communicating, distributing or otherwise making available, coordinating or linking, limiting, deleting or destroying.

Manager: means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of processing of personal data. 

Processor: means a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the Manager. 

Joint Managers: means the natural or legal persons, public authority, agency or any other body which alone or jointly with others determines the purposes and means of processing of personal data

Third party: az means a natural or legal person, public authority, agency or any other body who is not the Manager, Processor or Joint Managers and received authority for data handling. 

Consent of the User: means the the voluntary, explicit and unambiguous expression of the will of the user, by means of a statement or act of unequivocal confirmation, indicates his or her consent to the processing of personal data concerning him or her. 

Data incident: a means a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure or unauthorised access of personal data transmitted, stored or otherwise processed.

5. Principals for the management of personal data:

Data handling happens in the below cases only: 

1. if the user gave her/his consent to handle their personal data
2. the data handling is attached to a contract that involves the user
3. data handling is required by corresponding laws
4. data handling is necessary to protect the interests of the user or another natural person
5. for the lawful interests of the Data Manger or a Third Party

Az The Data Manger reviews her data handling practises at all phases of the process and handles only data that is lawful for the time being that agrees with the law. 

In case of a written consent, the user gives her/his confirmation for handling their personal data. There is no formal obligation but the main rule is paper-based or electronical consent.

Safe data handling is a mandatory requirement, the partners need to be notified before the data handling process that the data handling process is mandatory and a detailed guidance should be provided about the main facts of data handling.

6. Personal data handling at the Data Manager:

The Data Manager main activity is coaching, women yoga instructor and leads courses and workshops. Pursuing these activities she comes through personal data of the partners. She has the below data handling process:

1. Anyone can apply to the services provided by the Data Manger – coaching, yoga – through e-mail, telephone, social media or the time booking system on the website. When applying, the customer needs to provide his/her name, phone number, e-mail address. These kind of personal data is necessary to collect in case of any changes in the booked time slot and to connect the customer to a time slot. The collected personal data is handled following the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point).  If the partner backs off from the services, then the Data Manger will delete his/her personal data immediately or the latest within 3 working days. In case of a service is conducted, the handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point. The Data Manger creates an invoice for the partners for the purchased services. The invoice includes the partner name and address. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. All the personal data included in the invoice is handled in accordance with the law and are stored for 5 years. 

2. The Data Manager receives orders through her website too. The customers can be both private persons or legal persons. In case of a purchase, the customer provides his/her personal data (name, address, e-mail address). The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point. The Data Manger creates an invoice for the partners for the purchased services. The invoice includes the partner name and address, maybe the VAT number. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. All the personal data included in the invoice is handled in accordance with the law and are stored for 5 years.

3. The Data Manager leads and facilitates courses and workshops. Anyone can apply to these events through e-mail, telephone, social media, website purchase or necessary forms filled up on the website. When applying, the partner needs to provide his/her name, phone number, e-mail address. The purpose of requesting personal data is to register for the course, keeping contact with the customer and it makes possible to organise courses. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point. The Data Manger creates an invoice for the partners for the purchased services. The invoice includes the partner name and address, maybe the VAT number. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. All the personal data included in the invoice is handled in accordance with the law and are stored for 5 years.

4. Based on the law of education 2013. year LXXVII. There are special rules for those who participate on courses that fall under the definition of adult education. The handling of personal data, contract signing and forwarding data  to the central governing body is also ruled by special guidelines.  The Data Manager asks for customer`s identification: name,  date and place of birth, mother name -, besides address, e-mail address, highest education. The purpose of requesting personal data is to register for the course, keeping contact with the customer and it makes possible to organise courses. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point and Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. The Data Manger creates an invoice for the customers for the purchased services. The invoice includes the partner name and address, maybe the VAT number. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. All personal data and documents are handled in accordance with the law and are stored for 8 years.

5. While providing the services the Data Manager might get to know special information about the health conditions of the customers. By nature, these special personal information require unique protection. The Data Manger might use these information for only the purpose of her job and following the law regulations. The Data Manager stores the information till the end of a provided service. After that she cancels these special information immediately or the latest within 3 days.  Handling of special data happens based on “Általános Adatvédelmi Rendelet (GDPR)” 9. Articleének (2) Paragraphének a).  The customer gives his/her consent to handling of special personal data. These kind of health information might be necessary for the good quality of the provided services, governed by the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point).

6. The Data Manager while pursuing her daily business activities , handles the customers` and partners` e-mail address, telephone numbers, based on contractual basis- General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point or based on individual consent – General Data Protection Regulation Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point.  

7. The Data Manager might have contractual connection with other entrepreneurs, suppliers and service providers which also require the compliance with data protection rules. In this case, the handling of personal data is based on contractual basis both for of natural person and legal person- General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point), in case of an official representative of a legal person, a prior consent is required after providing the necessary information about personal data handling, ruled by – General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point.

8. The Data Manager describes her business activities and services mainly on her website (www.adriennfehervari.com). The website uses cookies which also collect information about the visitors. Handling of data is the consent of the visitor as per – General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point.

9. The visitor on the website has the possibility to get in contact with the Data Manager with clicking on the “Contact” page. The visitor needs provide his/her name and e-mail address. The purpose of personal data handling is to be able to contact back the customer. In case if one of the services will not be purchased by the person who made the inquiry, their personal data will be cancalled immediately or the latest within 3 working days. The Data Manager handles these personal information such like input for a future possible service contract, thus falls under the – General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point. With filling in the “Contact” page and sending an inquiry to the Data Manager, the website visitor acknowledges the Privacy Policy and agrees to that.

10. There are a few feedbacks from previous customers on the website about the received services. The full name of the person who sends feedback will only be visible on the website if she/he agreed in a written form after receiving a detailed explanation – General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point.

11. There is an option for the website visitors to sign up for newsletter with providing their name and e-mail address. With signing up to the newsletter   they acknowledge and agree to the Privacy Policy and give their consent if they agree to handling their personal data for marketing purposes. Handling of data happens with the consent of the subscriber – governing rule is General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point.

12. The Data manager operates social media accounts for marketing purposes and  to describe her activities and services. There can be occasions of some games offering discounted prices or free business offerings. In this case the Data Manager handles the name and e-mail address of the winners. They consent to handling their personal data based on – General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point.

13. In case of any complain against the Data Manager`s services, there are mandatory personal data that need to be registered such as name and e-mail address to make sure the person is identifiable who made the complain and for further contact to solve the issue. In case of a complain the issue handling and personal data handling happen following the Consumer Protection Law –   1997. year CLV. Law. In accordance with this law, data handling happens based on the – General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. 

The Data Manager has a data inventory of all personal data along with cancellation deadlines. This data inventory is attached as an appendix at the bottom of this document.

7. Required data processors:

The Data Manager agrees to work with only those data processing tools and third parties that comply with the GDPR requirements. 

Az The customers and partners acknowledge and consent that their personal data is sent over to the below data processors:

• Data processor is the accounting company hired by the Data Manager:

• Proactive Bookkeeping Kft.
• 1145 Budapest, Amerikai út 75 A ép 2
• hello@proab.hu

• Partner responsible for invoicing:

• KBOSS.hu Kft.
• 1031 Budapest, Záhony u. 7.
• info@szamlazz.hu 

• Data processor who makes sure to facilitate bank card payments; is a Data Manager on its own: 

• PayPal (Europe) S.a.r.l. et Cie, S.C.A.
• 22-24 Boulevard Royal L-2449, Luxemburg

• The company providing web storage services is also considered a Data Processor:

• Websupport Magyarország Kft.
• 1132 Budapest, Victor Hugo utca 18-22.
• info@tarhelypark.hu

• The webdesigner is also considered as Data Processor: 

• Lendvai Réka E.V.
• 8623 Balatonföldvár, Ady Endre utca 21.
• hello@mydeerdesign.com

• Data Processor is in a wider perspective: 

• Google Ireland Limited
• Gordon House, Barrow Street, Dublin 4, Ireland

• Data Processor is the online service provider for video calls (Zoom):

• Zoom Video Communications, Inc.
• 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113
• info@zoom.us

• Data Processor is the e-mail marketing tool used by the Data Manager: MalerLite

• MailerLite Inc.
• Ground Floor, 71 Lower Baggot Street, Dublin 2
• D02 P593, Ireland
• info@mailerlite.com 

• Some of the offerings are available on Etsy thus considered as Data Processor:  

• Etsy Ireland UC
• 66/67 Great Strand Street, Dublin 1, Ireland
• +353 1 513 7100
• legal@etsy.com 

• Data Processor and Joint Data Manager is Instagram due to the usage of professional Instagram accounts:

• Meta Platforms Ireland Ltd.
• 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland

• As per the Hungarian laws – 2013. year LXXVII. law – the Data Manager is obligated to transfer the personal data of her partners to the “felnőttképzési államigazgatási szerv”- governmental office responsible for higher education. 

• Pest Megyei Kormányhivatal Szakképzési és Felnőttképzési Főosztály
• cím: 1089 Budapest, Kálvária tér 7.
• telefonszám: 06 1/210 9721

• The Data Manager sends further the personal data of her partners to the National Tax and Customs Administration of Hungary. 

The Data Processor and Data Handler partners handle the personal data based on the instructions of the Data Manager, strictly following the confidentiality obligations.

8. Data handling related to contracts made by the Data Manager:

Customer contracts:

People can apply to the services provided by the Data Manger – coaching, yoga – through e-mail, telephone, social media or the time booking system on the website. When applying, the customer needs to provide his/her name, phone number, e-mail address. These kind of personal data is necessary to collect in case of any changes in the booked time slot and to connect the customer to a time slot. The collected personal data is handled following the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point). If the partner backs off from the services, then the Data Manger will delete his/her personal data immediately or the latest within 3 working days. In case of a service is conducted, the handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point. The Data Manger creates an invoice for the partners for the purchased services. The invoice includes the partner name and address. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. All personal data included in the invoice is handled in accordance with the law and are stored for 5 years.

The Data Manager receives orders through her website too. The customers can be both private persons or legal persons. In case of a purchase, the customer provides his/her personal data (name, address, e-mail address). The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point. The Data Manger creates an invoice for the partners for the purchased services. The invoice includes the partner name and address, maybe the VAT number. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. All the personal data included in the invoice is handled in accordance with the law and are stored for 5 years. 

The Data Manager leads and facilitates courses and workshops. Anyone can apply to these events through e-mail, telephone, social media, website purchase or necessary forms filled up on the website. When applying, the partner needs to provide his/her name, phone number, e-mail address. The purpose of requesting personal data is to register for the course, keeping contact with the customer and it makes possible to organise courses. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point. The Data Manger creates an invoice for the partners for the purchased services. The invoice includes the partner name and address, maybe the VAT number. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. All the personal data included in the invoice is handled in accordance with the law and are stored for 5 years. 

Personal data handling related to Adult Education:

The governing rule of Adult Education 2013. evi LXXVII. – says that in case of courses that are considered as adult education, there are special rules that need to be followed at data handling, making a contract and forwarding data to the central governing body. The Data Manager asks for customer`s identification: name,  date and place of birth, mother name -, besides address, e-mail address, highest education. The purpose of requesting personal data is to register for the course, keeping contact with the customer and it makes possible to organise courses. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point and Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. The Data Manger creates an invoice for the customers for the purchased services. The invoice includes the partner name and address, maybe the VAT number. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. All personal data and documents are handled in accordance with the law and are stored for 8 years.

Supplier contracts:

The Data Manager might have contractual connection with other entrepreneurs, suppliers and service providers which also require the compliance with data protection rules. In this case, the handling of personal data is based on contractual basis both for natural person or legal person – based on General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point), in case of the official  representative of a legal person, a prior consent is required after providing the necessary information about personal data handling, ruled by – General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a).

Az The Data Manager provides explanation of personal data handling to company representatives about their rights and asks written consent for handling their data. In these cases the handling of personal data is based on the clear consent of the partner as per the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point). After the contract ends and there is no special requirement for storing data/documents required by the law, then the phone numbers and e-mail addresses will be deleted. However the personal data provided in the contract and on the invoice will need to be stored for 5 years in accordance with the law. 

9. Invoices created for the customers and personal data handling related to them:

The Data Manager creates an invoice for the customers for the purchased services. The invoice includes the partner name, address, maybe VAT number. Creating an invoice is obligated by the law.  The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. All the personal data included in the invoice is handled in accordance with the law and are stored for 5 years. In case if the Data Manager provides courses that fall under the rules of adult education then all documents related to the course – including the invoices – should be handled following the respectful adult education laws and should be stored for 8 years. 

10. Children’s personal data, special personal data:

The Data Manager provides her business offerings only to people who are at least 18 years old. 

The website visitor gives her/his confirmation regarding his/her age is above 16 years old – via signing up for the newsletter and accepting the cookies. People who are younger than 16 cannot sign up for newsletters and cannot give his/her confirmation via accepting the cookies either as per the General Data Protection Regulation (GDPR) 8. Article (1) Paragraph states that giving such consent for handling personal data should be conducted by a legal representative. The Data Manager is not able to check the website visitors` age and rights thus the website visitor is responsible for their  correct personal data and following the law as per their age and rights.

While providing the services the Data Manager might get to know special information about the health conditions of the customers. By nature, these special personal information require unique protection. The Data Manger might use these information for only the purpose of her job and following the law regulations. The Data Manager stores the information till the end of a provided service. After that she cancels these special information immediately or the latest within 3 days.  Handling of special data happens based on “General Data Protection Regulation (GDPR)” 9. Articleének (2) Paragraphének a).  The customer gives his/her consent to handling of special personal data. These kind of health information might be necessary for the good quality of the provided services, governed by the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point).

Any further Special personal information that is revealed to the Data Manager will not be recorded or stored. If such kind of information was recorded then it will be immediately deleted once recognised. 

11. Process for storing e-mail addresses and phone numbers:

The Data Manager gets to know the e-mail address and phone number of her  clients while providing the purchased business services. These kind of personal information are handled by he General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point. After the contract ends and there is no special requirement for storing data/documents required by the law, then the phone numbers and e-mail addresses will be deleted. In some cases the Data Manger might need to store the personal data further after the contract ends, in these cases she asks the written consent of the people impacted as per the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point).

12. The Data Managers website:

The data manger describes her activities and services on her website (www.adriennfehervari.com)

The website uses different cookies that also gather personal data of the visitors.  Data handling is in accordance with the General Data Protection Regulation -Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point.

The below list details the cookies used on the website www.adriennfehervari.com:

• viewed_cookie_policy

• duration: 1 year
• type: persistent

• CookieLawInfoConsent

• duration: 1 year
• type: persistent

• cookielawinfo-checkbox-advertisement

• duration: 1 year
• type: persistent

• cookielawinfo-checkbox-analytics

• duration: 1 year
• type: persistent

• cookielawinfo-checkbox-functional

• duration: 1 year
• type: persistent

• cookielawinfo-checkbox-necessary

• duration: 1 year
• type: persistent

• cookielawinfo-checkbox-others

• duration: 1 year
• type: persistent

• cookielawinfo-checkbox-performance

• duration: 1 year
• type: persistent

• woocommerce_cart_hash

• duration: till the end of browser usage
• type: persistent

• woocommerce_items_in_cart

• duration: till the end of browser usage
• type: persistent

• wp_woocommerce_session_165a94377d12ee3e01fa6b2ff99a5b5d

• duration: 2 nap
• type: persistent

• x-cdn

• duration: till the end of browser usage
• type: persistent – PayPal 

• x-pp-s

• duration: till the end of browser usage
• type: persistent – PayPal 

• nsid

• duration: till the end of browser usage
• type: persistent – PayPal 

• tsrce

• duration: 3 nap
• type: persistent – PayPal 

• ts

• duration: 3 year
• type: persistent – PayPal 

• ts_c

• duration: 3 year
• type: persistent – PayPal 

• enforce_policy

• duration: 1 year
• type: persistent – PayPal 

• l7_az

• duration: 30 perc
• type: persistent – PayPal 

• paypal-offers–country

• duration: 3 nap
• type: other

• LANG

• duration: 9 óra
• type: other

• elementor

• type: persistent

Cookies:

• collect information about the visitors and their devices
• remember the individual settings of the visitors
• make the usage of the website easier 
• make sure a good quality of user experience

The customised cookies leave a small data package on the user`s computer that will be read later in case of visiting the website again. If the web browser sends back a previously saved cookie then the service provider can link the current visit with the previous one but only in relation to their own individual contents.

Persistent cookies:

The goal of these cookies is to make the browsing expewreince smooth. These types of cookies are active till the end of the browsing experience, after closing the web browser these cookies will be deleted from the computer or from any other device we used for browsing.

The consent of the website visitor regarding the cookies:

Web browser cookies:

In the settings of the browser the user can accept or refuse the cookies and has the option to delete the appearing new cookies. The user has the option to set up a notification every time when new cookies are placed on the computer or on any other device. You can find more information about the handling of cookies at the “Help” function of the browser. 

If the visitor decides to turn off a few or all the cookies then certain functions of the website will not be available to him/her. 

When accepting the cookies, the website visitor confirms that they are older than 16 years old. People who are younger than 16 cannot give his/her confirmation via accepting the cookies as per the General Data Protection Regulation (GDPR) 8. Article (1) Paragraph states that giving such consent for handling personal data should be conducted by a legal representative. The Data Manager is not able to check the website visitors` age and rights thus the website visitor is responsible for their  correct personal data and following the law as per their age and rights.

Personal Data handling related to website purchases and sign-ups: 

The Data Manager receives orders through her website too. The customers can be both private persons or legal persons. In case of a purchase, the customer provides his/her personal data (name, address, e-mail address). The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point. The Data Manger creates an invoice for the partners for the purchased services. The invoice includes the partner name and address, maybe the VAT number. The handling of the personal data happens based on the General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. All the personal data included in the invoice is handled in accordance with the law and are stored for 5 years. 

Personal Data handling in relation with the time booking system:

There are several options to book a service at the Data Manager. There is a time booking system available on the website where filling in their names and e-mail addresses people can sign up for offerings. The purpose of personal data handling is to be able to contact back the customer and to book a time slot with her/him. In case if there is no service provided then the personal data will be cancelled immediately or the latest within 3 working days. The Data Manager handles these personal information such like input for a future possible service contract, thus falls under the – General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point. With filling in the form of the time booking system, the website visitor acknowledges the Privacy Policy and agrees to that. 

Personal Data handling for those who get in contact with the Data Manager through using the form on the “Contact” page:

The visitor on the website has the possibility to get in contact with the Data Manager with clicking on the “Contact” page. The visitor needs to provide his/her name and e-mail address. The purpose of personal data handling is to be able to contact back the customer. In case if there is no purchase by the person who made the inquiry, their personal data will be cancelled immediately or the latest within 3 working days. The Data Manager handles these personal information such like input for a future possible service contract, thus falls under the – General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph b) point. With filling in the “Contact” page and sending an inquiry to the Data Manager, the website visitor acknowledges the Privacy Policy and agrees to that. 

Personal Data handling for those whose feedback is visible on the website:

There are a few feedbacks from previous customers on the website about the received services. The full name of the person who sends feedback will only be visible on the website if she/he agreed in a written form after receiving a detailed explanation – General Data Protection regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point. The Data Manager handles these kind of personal information until the partner recalls his/her consent.

13. Newsletter sign-up:

There is an option for the website visitors to sign up for newsletter with providing their name and e-mail address. With signing up to the newsletter   they acknowledge and agree to the Privacy Policy and give their consent if they agree to handling their personal data for marketing purposes. Handling of data happens with the consent of the subscriber – governing rule is General Data Protection Regulations – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point.

The goal of personal data handling related to newsletters is to provide full and timely information to the recipients about the new offerings and news at the Data manager, following all law requirements. Singing-up for newsletter and/or DM type messages are voluntary, and they have an access to unsubscribe at any time. 

With signing up for newsletters, the website visitor confirms that they are older than 16 years old. People who are younger than 16 cannot sign up for newsletters as per the General Data Protection Regulation (GDPR) 8. Article (1) Paragraph states that giving such consent for handling personal data should be conducted by a legal representative. The Data Manager is not able to check the website visitors` age and rights thus the website visitor is responsible for their  correct personal data and following the law as per their age and rights.

14. Social Media Accounts of the Data Manger:

The Data Manager operates Instagram pages as well. The Data Manger uses these accounts for marketing purposes and they also fall under the regulation of Data Handling. 

https://www.instagram.com/iamadriennfehervari/ 

https://www.instagram.com/adrienn_womenempowerment/ 

The Data Manager provides comprehensive personal support via Instagram. If she receives an inquiry, she tries to reply back as soon as possible. When receiving personal information, she uses them only till the extent to reply to the question.

The goal of using Instagram accounts: marketing through social media, delivering information. The operator of the Instagram accounts may use the information for her own purposes also to build her marketing profile and creating relevant advertisement. 

In order to get in contact with the Data Manager, the user needs to log in to Instagram. Instagram will also request personal data, store them and process them. The Data Manager doesn`t have any supervision above the type/extent/length and process of personal data handling by Instagram. The Data Manager does not receive personal data from Instagram. For further information please read the privacy policy of Instagram.

There can be occasions of some games that offer discounted prices or free business offerings. In this case the Data Manager handles the name and e-mail address of the winners. They consent to handling their personal data based on – General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point. 

Personal data handling of the Instagram accounts` followers happen based on the   General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph a) point. The Instagram account visitor gives her/his consent for personal data handling with clicking on the Follow button. 

15. Complain handling related to the Data Manager`s business activities:

In case of any complain against the Data Manager`s services, there are mandatory personal data that need to be registered for further contact to solve the issue. In case of a complain the issue handling and personal data handling is mandatory based on the Consumer Protection Law –   1997. year CLV. Law. In accordance with this law, data handling happens based on the – General Data Protection Regulation – Általános Adatvédelmi Rendelet 6. Article (1) Paragraph c) point. The Data Manager prepares an official report of the complain and the handling of the complain and stores a copy of the original case for 5 years and handles the personal data in accordance with that. 

16. Safety of Personal Data Handling:

The Data Manager makes every effort to comply with the law and ensures the  safety of the personal data. She ensures all the technical and organisational requirements  and keeps applying all the laws and regulations that ensure the protection of the personal data. She prevents the personal data to get distructed, to be used  or changed unauthorized.  She also ensures that in case she forwards the information to a third party, she will make sure the third party is aware of the data protection requirements.

Az The Data Manager ensures that unauthorized people won`t have access to the stored personal data, unathorized people can`t publish/forward/change/cancel them. The personal data can be known and handled by only the Data Manager and her contractual business partners, they cannot be handled over to an unauthorized third party. 

The Data Manager pays very close attention to the safety of her partners` and customers` personal data. She follows all concerning rules and requires her partners also to do so. The protection of personal data includes the physical protection – documents need to be stored in a locked room – and the IT protection – biometric identification.

The Data Manager stores personal data on servers of data processors mentioned in this Privacy Policy, on her technical devices and in case of paper base data, they are stored locked at the company`s headquarter. 

The customers and partners acknowledge and accept that the full protection of their personal data is not possible and cannot be guaranteed on the internet and in computer systems. In case of anauthorized access to the personal data – despite of all the efforts of the Data Manager – the below guidelines should be followed. 

17. Rights of people whose personal data is handled:

• Transparency:

The goal of this Privacy Policy is to provide clear, transparent information of the personal data handling process at the Data Manager

• Access Rights:

The data subject has have the right to ask for information about their personal data handling process by the Data Manager. He/She is entitled to know the below: 

• the purpose of personal data handling,
• the categories of the particular personal data
• other third parties to whom the personal data have been forwarded to
• the duration of storing personal data 

You can ask information regarding the above data from the Data Manager on the below address and e-mail address:

Fehérvári Adrienn Self-Employed 3388 Hungary, Poroszló, Kossuth út 10.

E-mail: adrienn.soulpurpose@gmail.com 

The Data Manager will reply back to you within 30 days. In case of inquiry through post, she will reply via post, in case of inquiry through e-mail, she will reply via e-mail.

• Right to Rectification:

The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. 

You can ask information regarding the above data from the Data Manager on the below address and e-mail address:

Fehérvári Adrienn Self-Employed 3388 Hungary, Poroszló, Kossuth út 10.

E-mail: adrienn.soulpurpose@gmail.com

The Data Manager will reply back to you within 30 days. In case of inquiry through post, she will reply via post, in case of inquiry through e-mail, she will reply via e-mail.

• Right to erasure:

The data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

• the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed,
• the data subject withdraws consent on which the processing is based and where there is no other legal ground for the processing,
• the data subject objects to the processing and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing 
• the personal data have been unlawfully processed;,
• the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.

You can ask information regarding the above data from the Data Manager on the below address and e-mail address:

Fehérvári Adrienn Self-Employed 3388 Hungary, Poroszló, Kossuth út 10.

E-mail: adrienn.soulpurpose@gmail.com

The Data Manager will reply back to you within 30 days. In case of inquiry through post, she will reply via post, in case of inquiry through e-mail, she will reply via e-mail.

• Right to restriction of processing:

The data subject has the right to obtain from the controller restriction of processing where one of the following applies:

• the accuracy of the personal data is contested by the data subject,
• the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.

You can ask information regarding the above data from the Data Manager on the below address and e-mail address:

Fehérvári Adrienn Self-Employed 3388 Hungary, Poroszló, Kossuth út 10.

E-mail: adrienn.soulpurpose@gmail.com

The Data Manager will reply back to you within 30 days. In case of inquiry through post, she will reply via post, in case of inquiry through e-mail, she will reply via e-mail.

• Right to data portability:

The data subject has the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided

You can ask information regarding the above data from the Data Manager on the below address and e-mail address:

Fehérvári Adrienn Self-Employed 3388 Hungary, Poroszló, Kossuth út 10.

E-mail: adrienn.soulpurpose@gmail.com

The Data Manager will reply back to you within 30 days. In case of inquiry through post, she will reply via post, in case of inquiry through e-mail, she will reply via e-mail.

• Right to object:

The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on, the (EU) 2016/679. regulation 21. article.

You can ask information regarding the above data from the Data Manager on the below address and e-mail address:

Fehérvári Adrienn Self-Employed 3388 Hungary, Poroszló, Kossuth út 10.

E-mail: adrienn.soulpurpose@gmail.com

The Data Manager will reply back to you within 30 days. In case of inquiry through post, she will reply via post, in case of inquiry through e-mail, she will reply via e-mail.

• Automated individual decision-making:

The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.  Automated decision-making is a process or method where an IT/technical automatised process profiles the data subject in a way which produces legal effects concerning him or her or similarly significantly affects him or her.  The Data Manager doesn`t use any IT automatised process which would have significant legal effects on the data subject.

You can ask information regarding the above data from the Data Manager on the below address and e-mail address:

Fehérvári Adrienn Self-Employed 3388 Hungary, Poroszló, Kossuth út 10.

E-mail: adrienn.soulpurpose@gmail.com

The Data Manager will reply back to you within 30 days. In case of inquiry through post, she will reply via post, in case of inquiry through e-mail, she will reply via e-mail.

18. Personal Data Breach:

Personal Data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. 

Examples of personal data breach:

• supplying data illegally on physical document or electronic devices 
• unauthorized persons having access to personal data
• data basis is partially or fully damaged that stores personal data
• IT system disfunctions partially or fully due to a virus or other software 

In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.

The National Authority for Data Protection and Freedom of Information has a dedicated system on its website only for personal data breach cases where the notification can happen online.

The controller shall document any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken.  The reasons, events and personal data categories have to be recorded and stored. The Data Manager has to list also the impacts and consequences of the personal data breach and the nature of remedial action taken. 

It is not necessary to notify a breach to the supervisory authority if possibly there is no risk of rights and freedoms of natural persons.  

When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall communicate the personal data breach to the data subject without undue delay. The communication to the data subject shall describe in clear and plain language the nature of the personal data breach and contain at least the information and measures.  

The communication to the data subject shall not be required if any of the following conditions are met:

• the Data Manager has implemented appropriate technical and organisational protection measures, and those measures were applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorised to access it, such as encryption;
• the Data Manager has taken subsequent measures which ensure that the high risk to the rights and freedoms of data subjects is no longer likely to materialise;
• it would involve disproportionate effort. In such a case, there shall instead be a public communication or similar measure whereby the data subjects are informed in an equally effective manner

19. Summery of the most important regulations:

• European Parliament and Council (EU) 2016/679 regulation (2016. april 27.) – the personal data protection of natural persons
• 2011. year CXII. Law – freedom of information;
• 2013. year V. Law – Civil Code;
• 2013. year LXXVII. law – Adult Education
• 1995. year CXVII. Law – income tax.

20. Rights for reporting an issue at the court:

In case if the data subject`s rights are damaged, he/she can report the issue to the court. The court will do the necessary steps of the further process.

21. Authority for Data Protection process:

Complains can be submitted through the National Authority for Data Protection and Freedom of Information: 

Name: National Authority for Data Protection and Freedom of Information 

Address: 1055 Budapest, Falk Miksa u. 9-11.

Postbox: 1363 Budapest, Pf. 9.

Telephone: 0613911400 

Fax: 0613911410

E-mail: ugyfelszolgalat@naih.hu 

Website: http://www.naih.hu

22. Other guidelines:

Those information that are not covered in this privacy policy, will be described to the data subject at the time when their personal data is required. This process will also happen in accordance with the current laws and regulations.

The data subjects must be aware that they might be contacted by the court, lawyer, regulatory authorities, National Authority for Data Protection and Freedom of Information, Hungarian National Bank and in accordance with the law – other authorities might contact the Data Manger to request the customers` personal data.  When receiving a request like this, the Data Manager makes sure to provide only  and exactly those kind of data that have been asked. 

For further information of the referred laws and regulations in this Prvacy Policy, you can check the website of National Authority for Data Protection.

Poroszló, 2022. 01.12.

Fehérvári Adrienn

Self-employed

1. APPENDIX