Plexiclick - niewidoczny uchwyt na tablicę rejestracyjną

PLEXICLICK.PL

Plexiclick Privacy Policy

Effective: From 2021.12.01 until revoked

1. Introduction The purpose of this Regulation is to establish the data protection and data management principles applied by plexiclick.hu (Flashdeals Kft, registered office: 3524 Miskolc Klapka György utca 15 6/1, Company Registration Number: 05-09-034459, registered at the Miskolc District Court Company Registry, Tax Number: 27183122-2-05). Flashdeals Kft (hereinafter: Operator) manages the data of visitors to the plexiclick.hu website (hereinafter: Online Store), registrants on the Online Store, and purchasers (hereinafter collectively referred to as Data Subjects) during the operation of the Online Store. Viewing the web pages of the Online Store is possible without the transmission of any personal data; however, the use of certain functions may require the processing/handling of personal data. If the processing of personal data becomes necessary and there is no legal basis for such processing, consent from the data subject is required in all cases. The data controller recognizes this privacy statement as binding on itself, and it is also binding on all users of the website. The data controller reserves the right to modify this privacy statement at any time, unilaterally and without prior notice. The purpose of this Regulation is to ensure that in all areas of the services provided by the Operator, for every individual, regardless of nationality or residence, their rights and fundamental freedoms, especially the right to privacy, are respected during the processing of their personal data (data protection).

1.1 This regulation has been established based on the following effective laws: – Act CXIX of 1995 on the handling of name and address data for research and direct business acquisition purposes – Act CVIII of 2001 on certain issues of electronic commerce services and information society services – Act XLVIII of 2008 on the basic conditions and certain limitations of economic advertising activities – Act CXII of 2011 on the right to informational self-determination and on the freedom of information – Regulation (EU) 2016/679 (27 April 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC
2. The websites involved in data processing are https://plexiclick.pl and its subpages.

2.1. The hosting service provider of the websites involved in data processing: Name of the hosting service provider: Webber Digital Solutions Kft. Hosting provider's address: 1085 Budapest, József körút 69. Hosting provider's email address: [email protected] Hosting provider's website: https://hetzner.com

2.2. The owner, operator, and data controller of the websites involved in data processing are: Name: Flashdeals Kft Email: [email protected] Headquarters, mailing address: 3524, Miskolc Klapka György utca 15 6/1 Tax number: 27183122-2-05 Company registration number: 05-09-034459

2.3. Data Protection Officer: Considering the provisions of Regulation (EU) 2016/679 (GDPR), the Data Controller is not required to appoint a Data Protection Officer.
3. Definitions - personal data: Data that can be associated with the data subject - in particular the data subject's name, identification mark, and one or more pieces of information characteristic of his or her physical, physiological, mental, economic, cultural or social identity - as well as any conclusions about the data subject that can be drawn from the data . - special data: a) personal data relating to racial origin, belonging to a nationality, political opinion or party affiliation, religious or other worldview beliefs, interest-representative organization membership, sexual life, b) health status, harmful addiction relevant personal data and criminal personal data. - data subject: Any specific natural or legal person identified on the basis of personal data or directly or indirectly identifiable. - consent: The voluntary and decisive declaration of the data subject's will, which is based on adequate information, and with which he gives his unequivocal consent to the processing of his personal data in full or for certain operations. - protest: The statement of the data subject, with which he objects to the processing of his personal data and requests the termination of the data processing and the deletion of the processed data. - data controller: The natural or legal person or organization without legal personality who, independently or together with others, determines the purpose of data management, makes and implements decisions regarding data management (including the device used), or with the data processor commissioned by it executes. - data management: Regardless of the procedure used, any operation performed on the data or the set of operations, including in particular the collection, recording, recording, organization, storage, change, use, query, transmission, disclosure, coordination or connection, locking, deletion and destruction, as well as preventing further use of the data, taking photographs, audio or video recordings, and recording physical characteristics suitable for identifying the person (e.g. fingerprint or palm print, DNA sample, iris image). - data transmission: Making the data available to a specific third party. - disclosure: Making the data available to anyone. – data erasure: Making the data unrecognizable in such a way that their recovery is no longer possible. - data designation: Providing the data with an identification mark for the purpose of distinguishing it. - data blocking: Supplying the data with an identification mark for the purpose of limiting its further processing permanently or for a specified period of time. - data destruction Complete physical destruction of the data carrier containing the data. - data processing: The performance of technical tasks related to data management operations, regardless of the method and tool used to perform the operations, as well as the place of application, provided that the technical task is performed on the data. - data processor: The natural or legal person or organization without legal personality who processes data on the basis of the contract concluded with the data controller, including the conclusion of a contract based on the provisions of the law. – data file: The totality of the data managed in one register. - third party: A natural or legal person, or an organization without legal personality, who is not the same as the data subject, data controller or data processor.
4. General information

4.1 The operator collects and processes personal data solely in accordance with the law.

4.2 The operator will only send marketing emails and newsletters with prior consent.

4.3 The Data Subject can unsubscribe from the newsletter at any time by clicking the unsubscribe link found at the bottom of the emails, or by separately notifying the customer service at [email protected].

4.4 The Data Subject is entitled to request information about the data stored about them at any time, and is entitled to request the deletion of this data, except in cases of data processing due to legal or other obligations.

4.5 The Operator assumes no responsibility for data processing on external websites accessible through the links.
5. Data processing principles

5.1 Security: Data must be protected against unauthorized access, alteration, disclosure, damage, and destruction through appropriate and reasonable measures.

5.2 Limitation of data collection: Personal data can only be collected by lawful and fair means, with the knowledge and consent of the data subject.

5.3 Purpose-bound data processing: Personal data may only be processed for a specific purpose, for the exercise of rights, and for the fulfillment of obligations. Only personal data that is essential for achieving the purpose of data processing can be processed, and only to the extent and duration necessary for that purpose.

5.4 Data Transfer: Personal data may be transferred, and different data processing activities may be linked, if the data subject has consented to it, or if the law permits it, and if the conditions for data processing are met for each individual personal data.

5.5 Limited use: Personal data can be processed if the data subject consents to it, or if it is mandated by law or by a local government decree based on the authorization of the law, within the specified scope. In the case of mandatory data processing, the purpose and conditions of data processing, the scope and accessibility of the data to be processed, the duration of data processing, and the identity of the data controller are determined by the law or municipal decree ordering the data processing.

5.6 Data transfer to a third country: Personal data may be transferred to a data controller or data processor in a third country if the data subject has explicitly consented to it, or if it is permitted by law, and if the processing of the transferred data in the third country ensures an adequate level of protection for personal data.

5.7 Data Quality: The data must be accurate, complete, and up-to-date.
6. Cookie Policy

6.1 The fact of data collection: The plexiclick.hu website uses cookies, or in other words, cookies. Cookies are harmless text files that are stored on a computer device through an internet browser. Many websites and servers use cookies. Many cookies contain a so-called cookie identifier. The cookie identifier is the unique identifier of the cookie. It consists of a sequence of characters through which web pages and servers can be associated with the specific internet browser that stores the cookie.

6.2 Purpose of data collection: The cookie allows the visited websites and servers to distinguish individual browsers from other internet browsers that store different cookies. With the help of the unique cookie identifier, a specific internet browser can be recognized and identified. By using cookies, plexiclick.hu can provide its website users with several user-friendly services that would not be possible without setting cookies. With the help of cookies, information and offers on the websites can be optimized, keeping the user in mind. Cookies allow us to recognize users who have previously visited the website. The purpose of this recognition is to make it easier for users to use the website. For a user of the website who uses cookies, for example, it is not necessary to enter the access data every time they visit the homepage, because the website saves this information, and the cookie is thus stored on the user's computer system.

6.3 Scope of the affected parties: all users of the web store

6.4 Scope of processed data: see the respective (below) points

6.5 Duration of data processing: Depends on the user's browser settings The data subject can prevent the use of cookies on the website at any time by adjusting the appropriate settings in their internet browser. In addition, any cookies that have already been set can be deleted at any time through the settings of any browser. If the affected person disables the cookie settings in the internet browser, not all functions of the website will be usable.
7. Registration on the website

7.1 The fact of data collection: The data subject has the opportunity to register on the data controller's website by providing personal data. The data controller collects and stores the data subject's personal data solely for internal use.

7.2 Purpose of data collection: The purpose of collecting personal data voluntarily provided by the data subject is to enable the data controller to offer content or services that are only available to registered users. Registered individuals can freely modify the personal data provided during registration or completely delete it from the data controller's database.

7.3 Scope of the affected: users who create a user account by registering on the website

7.4 Scope of processed data: Last name, First name, email address, mailing address. With registration, the IP address assigned by the Internet service provider, which the data subject uses, the date, and the time of registration will also be stored. The storage of this data is the only way to prevent the misuse of our services, and if necessary, it allows for the investigation of committed crimes. The data controller can thus be ensured by storing the data. I do not transfer this data to third parties, except when there is a legal obligation to do so or if the transfer serves the purpose of a criminal investigation.

7.5 Duration of data processing: until the termination of the user account. You can request the termination of the user account at the provided contact.
8. Subscription to the newsletter

8.1 The fact of data collection: On the plexiclick.hu website, users have the option to subscribe to a newsletter by providing personal information.

8.2 Purpose of data collection: Regular information about events related to the Webshop via newsletter. Subscribing to the relevant newsletter is only possible if the individual has a valid email address and registers for the newsletter.

8.3 Scope of the data subjects: all individuals who have subscribed to the newsletter

8.4 Scope of processed data: Last name, First name, email address

8.5 Duration of data processing: Until the unsubscription from the newsletter. The data subject can unsubscribe from the newsletter at any time. The consent to the storage of personal data, which the data subject has given for the sending of the newsletter, can be revoked at any time. To withdraw consent, a suitable link can be found in every newsletter. Furthermore, the newsletter subscription can also be revoked upon a specific request made through the provided contact.
9. Contacting the operator

9.1 The fact of data collection: The Webshop's website allows for electronic contact with the operator, and direct communication is also possible, which includes so-called electronic mail (email). If the data subject contacts the data controller via email or contact form, the personal data transmitted by the data subject will be automatically stored by the mailing system.

9.2 Purpose of data collection: The system stores such personal data voluntarily provided by the data subject for the purpose of contacting the data subject, that is, to enable the operator to respond to the inquiry.

9.3 Scope of the affected parties: users who voluntarily send messages to the operator

9.4 Scope of processed data: email address, as well as other voluntarily provided personal data

9.5 Duration of data processing: until the voluntary consent given by the data subject is withdrawn. The withdrawal of consent can be requested through the provided contact information.
10. Comment feature on the blog

10.1 The fact of data collection: The Webáruáz blog gives users the opportunity to add unique comments and remarks to individual posts. The blog is a web-based, publicly accessible portal through which articles can be published in the form of so-called blog posts, or in other words, blog entries.

10.2 Purpose of data collection: The storage of the IP address and email address is for security reasons, in case the rights of the affected third party are violated or illegal or prohibited content is published through a specific comment. The storage of this personal data is in the interest of the data controller, so that they can take appropriate action in the event of a violation. I do not transfer this data to third parties, except when such transfer is required by law. The publication of the name (which is not necessarily the real name) is intended to facilitate and personalize responses to the raised comments.

10.3 Scope of the affected:
users who write comments on the blog

110.4 Scope of processed data:
If the data subject writes a comment on the Webshop blog, the system will also store and publish the observations made by the data subject, and the name chosen by the user (which can also be a so-called "nickname") will be disclosed. Furthermore, the IP address assigned to the affected individual by the Internet service provider, as well as the mandatory email address provided (in a manner not visible to the public), will also be recorded in the system.

10.5 Duration of data processing:
for the IP address and email address, 60 days; for the published name, until the consent given by the data subject is withdrawn. The withdrawal of consent can be requested through the provided contact information.
11. Remarketing activity The Data Controller runs so-called remarketing advertisements through the advertising systems of Facebook and Google. These service providers collect and receive data from the Data Controller's website, as well as from other internet websites, for example, through cookies. Using this data, they enable the use of web analytics and targeted advertising services. They allow the Data Controller to display advertisements exclusively to people who have previously visited the Data Controller's website or a specific subpage. The targeted advertisements in this way may appear on websites within the Facebook and Google partner networks. The remarketing lists are not suitable for identifying the User.
12. Regular deletion of personal data The data controller processes and stores the personal data of the data subject only for the duration necessary to achieve the purpose of data collection, or as long as required by the laws or regulations established by the European legislator or other legislators applicable to the data controller. If the storage purpose is no longer applicable, or if the storage period prescribed by the European legislator or other competent legislators has expired, the operator routinely deletes the personal data in accordance with legal requirements.
13. The rights of the data subject

13.1 Right of access: The data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning them are being processed, and, where that is the case, access to the personal data and the information listed in Article 15(1) of Regulation (EU) 2016/679 (GDPR) free of charge.

13.2 The right to rectification: The data subject has the right to request the data controller to rectify inaccurate personal data concerning them. Considering the purpose of data processing, the data subject has the right to request the completion of incomplete personal data.

13.3 The right to erasure ("the right to be forgotten") The data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall be obliged to erase personal data concerning the data subject without undue delay if one of the grounds referred to in Article 17(1) of Regulation (EU) 2016/679 (GDPR) applies. If the data controller has made the personal data public and is required to delete it, they shall take reasonable steps, taking into account available technology and the cost of implementation, including technical measures, to inform the data controllers who are processing the data that the data subject has requested the deletion of links to the personal data in question or copies or replications of the personal data from them.

13.4 Right to restriction of processing: The data subject has the right to request the restriction of processing by the controller if any of the conditions listed in Article 18(1) of Regulation (EU) 2016/679 (GDPR) are met.

13.5 The right to data portability: The data subject has the right to receive the personal data concerning them, which they have provided to a data controller, in a structured, commonly used, and machine-readable format, and to transmit those data to another data controller without hindrance from the data controller to whom the personal data was provided.

13.6 The right to object: The data subject has the right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them, if the processing is based on the legitimate interests of the data controller or on the performance of a task carried out in the public interest or in the exercise of official authority. If the processing of personal data is carried out for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning them for this purpose, including profiling, if it is related to direct marketing. If the data subject objects to the processing of personal data for direct marketing purposes, the personal data can no longer be processed for this purpose.

13.7 Objection to profiling and automated data processing: The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them. In case of violation of their rights, the data subject may turn to the court or the data protection authority against the data controller. You can exercise your right to remedy and file a complaint at the following contact points: Name: National Authority for Data Protection and Freedom of Information Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.
Phone: 06-1-391-1400
Fax: 06-1-391-1410
E-mail: [email protected]
Website: https://naih.hu
14. Privacy provisions regarding the application and use of Google Analytics (with anonymization feature) On this website, the operator has integrated components of the Google Analytics service (with anonymization feature). Google Analytics is a web analytics service. Web analytics is the collection and analysis of data related to the behavior of visitors on websites. The web analytics service collects, among other things, data on the website from which a person clicked through (the so-called referrer), which subpages they visited, or how often and for how long they viewed each subpage. Web analytics is primarily used for optimizing a website and conducting cost-benefit analysis of online advertising. The operator of the Google Analytics service is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States. Through the Google Analytics service for web analysis, the operator uses the "_gat._anonymizeIp" application. With the help of this application, Google shortens the IP address of the affected Internet connection and stores it anonymously when the website is accessed from a member state of the European Union or the European Economic Area. The purpose of the Google Analytics component is to analyze traffic on our website. Google uses the collected data and information, among other things, to evaluate the use of our website and to create online reports that provide information about activities on our websites. Google Analytics places a cookie on the affected system. You can read more about cookies above. By enabling cookies, you allow Google to analyze the use of the website. Each time the website is accessed, the internet browser of the affected system automatically sends data to the Google Analytics component. During this technical procedure, the Google company becomes aware of personal data, such as the affected IP address, which informs Google, among other things, about the origin of visitors and clicks. The cookie is used to store personal data, such as access time, access location, and the frequency of visits to the affected website. With each visit, such personal data, including the IP address, is transmitted to Google in the United States. These personal data are stored by Google in the United States. Google may transfer the personal data collected during the process to third parties. The data subject, as mentioned above, can prevent the use of cookies on the website at any time by adjusting the appropriate settings in their internet browser. Modifying the internet browser in this way also prevents Google Analytics from setting a cookie on the affected system. In addition, the cookies already used by Google Analytics can be deleted at any time. The affected individual has the option to prevent the data generated by Google Analytics, which is related to the use of this website, as well as the processing of this data by Google and information of this nature. For this purpose, the data subject must download a browser extension from here: https://tools.google.com/dlpage/gaoptout. This browser extension tells Google Analytics through a JavaScript code that data and information related to the visit of web pages cannot be transmitted to the Google Analytics service. Google considers the installation of the browser add-on as an objection. If the affected information technology system is later deleted, formatted, or reinstalled, the affected individual must reinstall the browser extension to disable Google Analytics. If the browser extension has been removed by the affected individual or any other person under their authority, or if it has been disabled, the browser extensions must be reinstalled or reactivated. For more information and Google's relevant privacy policies:
– https://www.google.com/intl/en/policies/privacy
– https://www.google.com/analytics/terms/en.html
– https://www.google.com/analytics
15. Social portals and buttons A social portal is an online space for social "meetings," an online community platform that allows users to communicate with each other and interact in the virtual space. A social network can serve as a platform for exchanging opinions and experiences, and it can also enable the online community to provide personal or business-related information. Social portals may have buttons that can be embedded in websites.

15.1. Privacy provisions regarding the application and use of Facebook On this website, the operator has integrated components of the Facebook social network. Facebook allows users of the social network to create private profiles, upload photos, publish posts, and comment on them, among other things. The operator of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If someone lives outside the United States or Canada: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. To review Facebook's plug-ins, you can visit the following Facebook page: http://developers.facebook.com/docs/plugins/ When visiting the website, a direct connection is established between the browser and the Facebook servers, so Facebook receives the information that the website was accessed from the given IP address. If you are logged into your Facebook account and click the Like or Share button, the content of the webpage can be linked to your Facebook profile, allowing Facebook to associate your visit to the webpage with your account. For more information, read Facebook's privacy policy: http://www.facebook.com/about/privacy/ If you do not want Facebook to associate your visits to the site with your Facebook user account, log out of Facebook before visiting the website.

15.2. Privacy provisions regarding the application and use of Google+ On this website, the operator has integrated components of the Google+ social portal. The operator of Google+ is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States. With the Google +1 button, information can be published worldwide. Google+ is a social networking site that can be used by creating a Google account. When visiting the website, a direct connection is established between the browser and the Google+ servers, allowing Google+ to receive information that the website was accessed from the given IP address. If you are logged into your Google+ account and click the +1 button, the content of the webpage can be linked to your Google+ profile, allowing Google+ to associate your visit to the webpage with your account. If you do not want Google+ to associate your visits to the site with your Google+ user account, log out of your Google+ account before visiting the website. For more information:
– https://developers.google.com/+/
– https://www.google.com/intl/en/policies/privacy/
– https://developers.google.com/+/web/buttons-policy

15.3. Privacy provisions regarding the application and use of Instagram On this website, the operator has integrated components of the Instagram service. Instagram is an audiovisual social platform where users can share photos and videos with each other and transmit them to other social media platforms. The operator of Instagram is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, United States. When you visit the website, a direct connection is established between the browser and the Instagram servers, so Instagram receives information that the website was accessed from the given IP address. If you are logged into your Instagram account and click on an Instagram button, the content of the webpage can be linked to your Instagram profile, allowing Instagram to associate your visit to the webpage with your account. If you do not want Instagram to associate your visits to the site with your Instagram user account, log out of your Instagram account before visiting the website. For more information:
– https://help.instagram.com/155833707900388
– https://www.instagram.com/about/legal/privacy/
16. The legal basis for data processing The Data Controller, in the course of its activities, bases the processing of personal data in all cases on law or voluntary consent. In certain cases, data processing without consent is based on other legal grounds or on Article 6 of Regulation (EU) 2016/679 (April 27, 2016). based on Article 6.
17. The provision of personal data as a legal or contractual requirement; A requirement necessary for the conclusion of the contract; The obligation of the data subject to provide personal data, the possible consequences of failing to provide such data. The provision of personal data is partially mandated by law (e.g., tax regulations), or contractual provisions (e.g., information regarding the contractual partner) may also require it. For example, the data subject is obliged to provide personal data when a contract is being concluded. The refusal to provide personal data will result in the inability to conclude a contract with the data subject.
18. Considering the provisions of Regulation (EU) 2016/679 (GDPR) on the protection of personal data of minors, as well as the applicable laws in Hungary, the Data Controller does not collect or process personal data of individuals who have not yet reached the age of 16. A User who has not yet reached the age of 16 cannot voluntarily consent to any data processing based on consent (not even in the simplest cases, e.g. Accepting cookies)! The Data Controller makes reasonable efforts to ascertain the age of Users providing consent, depending on the level of risk associated with data processing for minors and the available technology. In the case of consent for individual data processing, the User is obliged to familiarize themselves with and accept this statement, thereby declaring that they have reached the age of 16 by consenting to the data processing. In the event that an extreme case arises where the User has not yet reached the age of 16, and wishes to take advantage of the opportunities and benefits provided by the various data processing activities, parental or legal guardian consent is required for each data processing activity, which the parent or legal guardian can provide in writing via the electronic contact information given by the Data Controller. If, during data processing or data handling, the Data Controller becomes aware that the User giving consent has not yet reached the age of 16, the personal data may be used to obtain parental or legal guardian consent. If a User who has not yet reached the age of 16 fails to obtain parental or legal guardian consent, the Data Controller will delete the affected personal data and terminate the data processing.
19. Additional external data processing companies and services utilized by the data controller
Név: DPD
Address: 1134 Budapest Váci út 33., A épület II. emelet Hungary
Internet availability: https://www.dpd.com/
The purpose of data transmission: the delivery of the ordered goods
Scope of transmitted data: customer's name, shipping address with postal code, name of the purchased product, quantity, unit price

Name: KBOSS.hu Ltd.
Address: 1031 Budapest, Záhony utca 7.
Internet availability: https://www.szamlazz.hu
TThe purpose of data transmission: issuing an invoice
Scope of transmitted data: billing name, billing address with postal code, name of the purchased product, quantity, unit price

Name: Stripe
Website: https://stripe.com
The purpose of data transfer: online credit card payment
Scope of transmitted data: billing name, billing address, email address

Powrót do strony głównej