This Privacy Statement contains the data manager’s contact details, the scope of the data processed, the purpose, duration, legal basis and the rights of the person concerned regarding the handling of personal data collected by the data controller during the transmission of the data on www.oceanfriedlycutlery.com the data controller’s obligations.
The handling of personal data provided during the transmission is based on the consent given by the person concerned.
The person concerned, by accepting this Privacy Statement, agrees to contribute to the purpose, extent, manner, extent, and duration of this personal privacy statement for this privacy statement.
I. The identity and contact details of the data controller and his representative
1. The data controller:
Name: Royal Trade Kft
Company registration number: 28758314-2-14
Court of Registration: Court of Registration of Kaposvár
2. Representative of the data controller
Zoltán Tóth Managing Director
3. Contact details of the data controller:
Headquarter: H-8630 Balatonboglár, Napsugár utca 7.
email address: firstname.lastname@example.org
name: Websupport Magyarország Kft.
headquarter: H-1132 Budapest, Victor Hugo utca 18-22.
II. The scope, purpose, duration, and legal basis of the personal data handled
1. The scope of the personal data handled
The Data Handler manages the following data in the message service provided on the www.oceanfriendlycutlery.com website:
VAT registration number
Number of employees
Electronic mailing address
2. Duration of the processing of personal data
The data controller is responsible for the II. Personal data provided in point 1 shall be handled for 730 days from the day on which the reply to the message was sent to the affected party.
3. Purpose of handling personal data
The purpose of handling the personal data provided by the data subject is that the data controller can send his reply to the party concerned by the electronic message sent by the data subject.
The legal basis for the handling of personal data provided by the data subject is the CXII of 2011 on information self-determination and freedom of information. (1) of Regulation (EU) No 2016/679 of the European Parliament and of the Council on the voluntary contribution of the person concerned under Article 6 (1) (a).
III. Recipients of personal data
Personal data provided by the data subject may only be disclosed to the employees of the data controller or the data controller, to other natural or legal persons, public authorities, agencies, or any other entity the personal data provided by the data subject will only be disclosed to specified in the law.
IV. Rights of the person concerned
1. Right of access to the personal data of the person concerned
The person concerned has the right to be informed by the data controller about whether his personal data is being processed and, if such data is being processed, he has the right to have access to personal data and the following information:
(a) the purpose of data management;
(b) the categories of personal data concerned;
(c) the categories of recipients or recipients with whom or which personal data will be communicated or disclosed, including in particular third country addressees or international organizations;
(d) where appropriate, the intended duration of the storage of personal data or, where this is not possible, the criteria for determining that period;
(e) the right of the data subject to request the data controller to correct, delete or restrict the personal data relating to the data controller and object to the handling of such personal data;
(f) the right to lodge a complaint addressed to a supervisory authority;
(g) where data is not collected from the data subject, all available information on their source;
(h) an automated decision making process for the data subject, including profiling, and at least in such cases, the logic used and the understandable information on the significance of such data management and the likely consequences for the data subject;
(i) information on activities related to data management
The data controller shall provide the information in writing in the shortest possible time, at most within 25 days of the submission of the request, in an understandable form, at the request of the person concerned.
2. Right to a correction concerned
The data subject shall have the right to rectify any inaccurate personal data that he or she is entitled to request, without undue delay. Considering the purpose of data management, the person concerned has the right to request the addition of incomplete personal data, including by means of a supplementary statement.
3. The right to delete and block personal data processed by the data controller
The data subject shall have the right to delete personal data concerning him without undue delay, and the data controller shall be obliged to delete the personal data of the data subject without undue delay if one of the following reasons exists:
(a) personal data is no longer required for the purpose from which they have been collected or otherwise handled;
(b) the party concerned withdraws his consent and there is no other legal basis for data processing;
(c) object to data handling for reasons connected with the situation of the person concerned and has no prior legitimate reason for data handling or where the personal data is handled for direct business and the data subject is objecting to data handling;
(d) the personal data has been unlawfully handled;
(e) the personal data are to be deleted in order to comply with the legal obligation imposed on the data controller in the Union or Member States’ law;
(f) the collection of personal data was directly related to the provision of information society services to children;
(g) requested by the person concerned;
h) incomplete or incorrect – and this condition cannot be legally remedied, provided that the deletion is not excluded by law;
i) the purpose of data management has ceased or the statutory deadline for data storage has expired;
j) ordered by the court or by the National Data Protection and Information Authority.
Instead of being deleted, the data controller will block the personal data if the data subject so requests or if, based on the information available to him, it is assumed that the deletion would harm the legitimate interests of the data subject. Personal data so locked up can only be handled if there is a data management target that excludes the deletion of personal data.
4. Right to Restrict Data Management
The data subject shall have the right to request that the data controller restrict his or her data handling if one of the following is met:
(a) the person concerned disputes the accuracy of the personal data; in this case, the restriction concerns the period of time for the data controller to verify the accuracy of the personal data;
(b) data manipulation is unlawful and the data subject is opposed to the deletion of the data and, instead, requests that they be restricted;
c) the data controller no longer needs personal data for data processing, but the data subject requires them to submit, enforce or protect legal claims;
d) the data subject has objected to data handling for reasons related to his / her own situation; in this case, the restriction applies to the duration of determining whether the data controller’s legitimate reasons prevail over the legitimate grounds of the party concerned.
5. Right to protest the person concerned
The person concerned is entitled to object at any time to his or her personal data for the purposes of his / her own personal situation, based on the data handling treatment required to enforce the legitimate interests of the data controller or a third party, including profiling based on those provisions. In this case, the data controller may not process the personal data unless the data controller proves that the data processing is justified by compelling reasons of lawfulness that prevail over the interests, rights, and freedoms of the data subject, or for the purpose of submitting, enforcing, or protecting legal claims related.
If your personal data is handled for direct business, the person is entitled to object at any time to the handling of personal data relating to that purpose, including profiling, if it is related to direct business acquisition.
If a person objects to the personal data being handled for direct business purposes, personal data may no longer be handled for that purpose.
In addition, the person affected by the Act CXII of 2011 on Information Freedom of Information Act and Freedom of Information Act 21 of the Act on the Protection of Personal Data against the Data Controller. The objection shall be examined by the data controller within the shortest time, but not later than 15 days after the submission of the request, on the grounds of its validity, and shall inform the applicant in writing.
If the party concerned does not agree with the decision to protest or the data controller does not make a statement within the deadline, the person concerned may apply to the court within 30 days from the date of notification of the decision or from the last day of the deadline. The lawsuit may be initiated by the person concerned, according to his choice, before the competent court of domicile or residence.
6. Right to have the stored data
The data subject shall have the right to receive personal data made available to him by a data controller in a fragmented, widely used machine-readable format and shall be entitled to transmit such data to another data controller without this being obstructed by the data controller provided personal information to you when:
(a) the processing of data is either a contribution to the management of the personal data concerned or a contribution to the management of specific categories of personal data or a contract in which the party concerned is a party; and
(b) data management is carried out in an automated manner.
7. Right to withdraw the consent of the person concerned at any time
The party concerned may revoke his consent at any time, which revocation does not affect the lawfulness of the data handling performed based on the consent prior to the withdrawal.
8. Other possibilities for enforcement of the case
If, according to the data subject, the Data Controller has violated any obligation of personal data, he may file a complaint before the National Data Protection and Information Authority (NAIH) (address: 1125 Budapest, Erzsébet Szilágyi fasor 22 / c) at https://naih.hu/index.html , or at 1530 Budapest, Pf .: 5th postal address.
9. The consequence of the omission of the provision of personal data
The data subject is not obliged to provide personal data written in this privacy statement but if it is not provided, the data controller cannot respond to the message sent to him.