Privacy Policy

Zsolnay Porcelain Manufactory Private Limited Company (registered office: 7630 Pécs, Zsolnay Vilmos u. 37; company registration number: 02-10-060272; tax number: 11886895-2-02,: service@zsolnay.hu; website address: http://www.zsolnay.hu / (hereinafter: website), telephone number: + 3630-798-0417; hereinafter: Data Controller) the definition of the protection of the relevant personal data on legal provisions[1] data management.

Introduction to data management

The Data Controller pays special attention to the protection of personal data and at all times takes care to ensure fair and transparent data management, and provides the necessary basic requirements for the provision of information on data processing. This Data Management Information contains more information about the data management providing the Data Management Service: the sources, scope, legal basis, purpose and duration of the data management, the rights related to personal data and the options to be found between them. the Data Subject may receive answers to the questions related to the data protection processes of the Data Controller.

The data controller provides services related to the production and distribution of porcelain that qualifies as hungaricum.

After an easier overview of the Data Manager's data management, the following summary tables are published for each data management process. Detailed information is provided in the full Data Management Information.

 

A summary of your data management's ability to send newsletters

Purpose of data management

Sending a newsletter in order to inform about the Data Controller's promotions, offers, the availability of new products, the possibility of using new services, and in order to promote the Data Controller's activities.

Legal basis for data management

Consent of the person concerned [Article 6 (1) (a) of the GDPR and Section XLVIII of 2008 on the basic conditions and certain restrictions on commercial advertising Section 6 (1) of the Act]; the consent may be withdrawn at any time

Scope of managed data

Name of the person concerned; His e-mail address.

Duration of data management

Until the withdrawal of the consent of the data subject

Data processors

- Across Media Ltd. (registered office: 1054 Budapest, Honvéd utca 8.)

 

Summary of the data management of the data controller regarding cookies

Purpose of data management

Adapting the Data Controller's services to the needs of the Data Subject by collecting and storing information about your preferences, personal settings and identification when browsing the Data Subject's website

Legal basis for data management

Cookies requiring consent:

Consent of the person concerned [Article 6 (1) (a) GDPR]. Consent may be withdrawn at any time.

Cookies that do not require consent:

Enforcement of the legitimate interest of the controller [Article 6 (1) (f) GDPR]

Scope of managed data

See section 7 of the data management guide

Duration of data management

If the Data Subject has consented, until the consent is revoked

 

Contact data management

Purpose of data management

The Data Subject shall ask the Data Controller a question that does not constitute a complaint in writing or electronically for the activities of the Data Controller or for any other reason, which the Data Controller shall answer.

Legal basis for data management

Consent of the person concerned [Article 6 (1) (a) GDPR]; the consent may be withdrawn at any time

Scope of managed data

Personal data provided by the Data Subject in his / her message, where applicable the name of the Data Subject; His e-mail address; phone number

Duration of data management

Until the withdrawal of the consent of the data subject, or in the absence of the withdrawal of the consent, after the provision of the Service of the Data Controller on the basis of the general limitation period of civil claims

 

1. Affected

They are involved in the processes carried out by the data controller in connection with the processing of personal data

-     subscribers to the newsletter;

-     the recipients of the cookies used by the Data Controller;

-     keep in touch with the Data Controller;

(hereinafter together referred to as the "Affected").

2. Sources of access to personal data by the Data Controller

The Data Controller shall provide the data subject's personal data from the Data Subject

-     subscribe to the newsletter;

-     contact request;

you will receive during.

 

3. Legal basis, purpose of the data processing, scope of the processed data and duration of the data processing

 

3.1. Data processed for the purpose of sending data controllers' newsletters, legal basis and duration of data processing

3.1.1. A newsletter is sent to inform the Data Controller about personalized promotions, offers, the availability of new products, the possibility of using new services, and to promote the activities of the Data Controller. The legal basis for this processing is the consent of the data subject [Article 6 (1) (a) GDPR; on the basic conditions and certain restrictions of economic advertising activity XLVIII. Section 6 (1) of the Act]. Consent may be withdrawn at any time.

3.1.2. As part of this data management, the data controller manages the following data: Name and e-mail address of the data subject.

3.1.3. The Data Controller manages the data until the data subject's consent is revoked, after which it is deleted. The consent can be revoked at any time free of charge, the Data Subject may unsubscribe from the newsletter at any time, about which the Data Controller provides separate information in each newsletter.

 

 

3.2. Data processed for contact purposes, legal basis and duration of data processing

3.2.1. Contact between the Data Controller and the Data Subject, providing the Data Subject with the Data Controller's activities or for any other reason not a written or electronic complaint, and the data processing legal basis for the Data Controller's response [Article 6 (1) GDPR the dot]. Consent may be withdrawn at any time.

3.2.2. In this context, the data controller manages the following data:

-     the personal data provided by the Data Subject in his / her message, if applicable the name of the Data Subject; His e-mail address; phone number

3.2.3. The Data Controller shall process the processed data until the revocation of the Data Subject's consent or, in the absence of the revocation of the consent, for five years after the provision of the Data Controller's service on the basis of the general limitation period for general civil clai

 

 

4. Data processing

Data processors belonging to the data controller's contractual partners, used by the Data Controller in order to perform the provision of services, by whom the data of the Data Subject are processed:

-     Across Media Ltd. (registered office: 1054 Budapest, Honvéd utca 8.);

purpose of data processing: to provide IT background

 

5. Data security, those entitled to access the data

5.1. At the end of the data management period, the Data Controller deletes the data of the Data Subject.

5.2. The controller shall ensure the security of the data processed and shall take all measures to protect the data subject's privacy, unauthorized access, alteration, transmission, disclosure, deletion or destruction, and accidental destruction and damage, as well as inaccessibility due to changes in the technology used. that the personal data of the data subjects are protected in accordance with the law.

5.3. As part of the measures necessary to maintain the data security requirement, the Data Controller manages the Data Subject's data in a computer database in an automatic and manual manner and has ensured that the they are used to the extent strictly necessary for those entitled to access the data.

5.4. Computer systems are equipped with a firewall and adequate virus protection.

5.5. The data controller performs a technical inspection of the system and takes action in case of detection or indication of an error.

5.6. The data controller shall ensure that those entitled to access the data are fully informed of the data protection rules. As a guarantee of data security, the managers and employees of the Data Controller have a duty of confidentiality and legal responsibility with regard to the personal data obtained in the course of this activity.

5.7. The information and network identifiers (IP address) that become available to the Data Controller using the website visitors and the Data Subject's computer are logged in order to generate website traffic data and to detect any errors and attack attempts. The Network IDs are not linked by the Data Controller to any other data on the basis of which the person visiting the website or the Data Subject can be identified. Simultaneously with the visit to the website, no cookies or web bugs other than those specified in this Privacy Policy will be downloaded.

5.8. The range of persons entitled to get acquainted with the processed data on the part of the Data Controller is differentiated according to the data processing period managed for the given data management purpose:

-     until the sending of the newsletters and the withdrawal of the data subject's consent for the purpose of contact, the employees of the Data Controller working in the position of developer are entitled to get acquainted with the personal data of the Data Controller;

5.9. The Data Controller shall keep a register of the personal data of the Stakeholders who make a statement consenting to the sending of a newsletter containing promotions, promotions, offers, news, developments and developments.

 

6. Rights of the person concerned, legal remedies

6.1. The data subject may exercise his / her rights set forth in this section electronically, to the e-mail address astoria@zsolnay.hu, or by post to the Data Controller's registered office by letter addressed to the Data Controller.

6.2. At the request of the Data Subject, the Data Controller shall provide information in writing or electronically [Article 15 (1) GDPR; right to information]:

-     what data it handles about the Data Subject;

-     the purposes of data management;

-     the category of recipients to whom you may transfer personal data;

-     the duration of the data processing;

-     the rights of the data subject and the means of redress.

6.3. Before initiating the procedures regulated in this section, the Data Subject has the right to submit a complaint to the Data Controller in order to eliminate his / her concerns regarding data processing and to restore the lawful status. The data controller shall examine the complaint within one month, take minutes of it and make a decision on its merits, and inform the Data Subject of its decision in writing, electronically. If the Data Controller establishes the validity of the Data Subject's complaint, it shall restore the lawful status of the data processing or terminate the data processing, including further data collection and data transmission. In this case, the Data Controller may not further process the Data Subject's data, unless the Data Controller proves that the data processing is justified by compelling legitimate reasons which take precedence over the Data Subject's interests, rights and freedoms or related to the submission, enforcement or protection of legal claims. The Data Controller shall notify those to whom the data affected by the complaint have been forwarded of the complaint and the action taken on the basis thereof. The complaint procedure regulated in this section is intended to eliminate the concerns related to data management in the framework of contacting the Data Subject and does not apply to legal declarations made in order to enforce the related consumer rights in the case of on-site purchases of the Data Controller's products.

6.4. At the request of the Data Subject, the Data Controller shall provide a copy of the personal data in a widely used electronic format or in another format chosen by the Data Subject. [Article 15 (3) GDPR; right of access, right to issue copies]

6.5. The Data Controller shall amend, clarify (correct) the personal data of the Data Subject in accordance with the request of the Data Subject [Article 16 GDPR; right of rectification].

6.6. At the request of the Data Subject, the Data Controller deletes the data subject's personal data. The Data Controller may refuse to comply with the request on the grounds set out in Article 17 (3) GDPR, such as where personal data are necessary for the submission or enforcement of a legal claim or where EU or Member State law applicable to the Data Controller requires the processing of personal data. or in the public interest or for the purpose of exercising the right to freedom of expression and information. [Article 17 GDPR; right of cancellation].

6.7. You may at any time withdraw your statement of consent to the sending of newsletters containing the Advertising, the filling of staff shortages, the use of cookies requiring consent and the processing of your personal data for contact purposes without restriction or justification or declare your request to be prohibited from sending advertising. In this case, all personal data of the Data Subject shall be deleted from the register by the Data Controller immediately and no further newsletter [right to withdraw consent] shall be sent to the Data Subject. The withdrawal shall not affect the lawfulness of the data processing carried out on the basis of the consent prior to the withdrawal.

6.8. The Data Subject is entitled to request the restriction (blocking) of the processing of personal data

-     if you dispute the accuracy of personal data, you may request the blocking of the data for as long as the Data Controller verifies the accuracy of the personal data;

-     if the data processing is unlawful and the Data Subject objects to the deletion of personal data and instead requests a restriction on their use;

-     The controller no longer needs the personal data, but the Data Subject requests the blocking of the data in order to make, enforce or protect legal claims [Article 18 GDPR; right to restrict data processing (blocking)]

The data controller fulfills the blocking request by storing the personal data separately from all other personal data. For example, in the case of electronic data files, it is saved on an external data carrier or personal data stored on paper is moved to a separate folder. With the exception of storage, the controller shall handle it only with the consent of the Data Subject, or for the submission, enforcement or protection of legal claims, or for the protection of the rights of another natural or legal person, or in the important public interest of the Union or a Member State. We will inform you in advance about this release of the data management restriction.

6.9. The Data Subject has the right to receive his / her personal data in a widely used, machine-readable, structured format, as well as the right to transfer this data to another data controller. In addition, the Data Controller shall ensure that, upon its express request to this effect, it transmits the data of the Data Subject directly to another data controller specified by the Data Subject. [Article 20 (1) and (2) of the GDPR; right to data portability].

6.10. The data controller shall inform the Data Subject of the measures taken within one month of receiving the data subject's request. If the request is refused, the Data Controller will inform you of the reasons for the refusal within one month of receiving the request, as well as of the fact that you can lodge a complaint with the Authority and exercise your right to a judicial remedy.

6.11. The exercise of the right is free of charge. In certain cases, the Data Controller may charge a fee based on administrative costs or refuse to act on the request if the Data Subject requests a copy of his / her data or if the Data Subject's request is clearly unfounded or, in particular, excessive due to its repetitive nature).

6.12. The Data Controller reserves the right to request the provision of information necessary to confirm the identity of the Data Subject if there are reasonable doubts as to the identity of the person submitting the request. Such a case may be considered in particular if the Data Subject exercises the right to request a copy, in which case it is justified for the Data Controller to make sure that the request originates from the authorized person.

6.13. If, in the opinion of the Data Subject, the Data Controller has violated his / her right to the protection of personal data, or the Data Controller carries out illegal data processing, the Authority may initiate proceedings. Contact details of the Authority: postal address: 1530 Budapest, Pf .: 5 .; e-mail address: ugyfelszolgalat@naih.hu; telephone number: +36 (1) 391-1400; website address: www.naih.hu.

6.14. If, in the opinion of the Data Subject, the Data Controller has violated his / her right to the protection of personal data, he / she may initiate legal proceedings and demand compensation for the damage caused to the Data Subject by unlawful processing of his / her data or breach of data security. In the event of judicial enforcement, the Data Subject may also institute legal proceedings before the court of the place of residence or stay.

 

7. Cookies

7.1. When you visit the website, the Data Subject's computer stores cookies. Cookies are small text files that your browser stores on your affected device in order to save certain information. The next time the Data Subject visits a website using the same device, the information stored in the cookies will be transmitted either to the website (“First Party Cookie”) or to another website to which the cookie belongs (“Third Party Cookie”).

7.2. Through the saved and returned information, the website recognizes that the Data Subject has previously logged in there and visited it using the browser used on the device. This information is used by the Data Controller to optimally design and display the website in accordance with the data subject's preferences. In this respect, only the cookie itself is identified on the Data Subject's device. Beyond this limit, the Personal Data of the Data Subject shall be saved by the Data Controller only with the express consent or in the event that it is absolutely necessary for the use of the service offered to the Data Subject and achieved by the Data Subject.

7.3. The legal basis for the use of data management cookies, ie the data processing carried out for the purpose of tailoring the services provided on the website to the needs of the Data Subject, is the data subject's consent [Article 6 (1) (a) GDPR]. Cookies that require the consent of the Data Subject are Advertising Cookies.

7.4. The data subject has given his / her consent to the use of cookies by clicking on the checkbox of the given cookie on the website. The Data Controller provides information on cookies that do not require the consent of the Data Subject below.

7.5. The website uses the following types of cookies, which are explained below about the scope and function of cookies:

  • Definitely necessary cookies

  • Function and Performance cookies

  • Consent-based cookies

7.6. The website uses the following cookies:

Cookie name

Cookie type

Cookie Provider

Data handled by cookies

Purpose of cookie

Cookie life

Session

session cookie

zsolnay.hu

-

cookie required for operation

session duration

PHPSESSID

session cookie

zsolnay.hu

-

cookie required for operation

session duration

cookieconsent_dismissed

 

zsolnay.hu

whether or not you have accepted the use of cookies

 

stored on the user's machine until deleted

localization_lang

session cookie

zsolnay.hu

Language variable HU / EN

cookie required for operation

session duration

_ga, _gid

Analytics

Google Analytics

Measuring traffic data

Measuring traffic data

Until the google account is deleted

 

7.7. Definitely necessary cookies

7.7.1. Essential cookies provide features without which the website cannot be used as intended. These cookies are used exclusively by the Data Controller and are therefore First Party cookies. This means that all information stored in cookies is returned to the website.

7.7.2. For example, the necessary cookies are used to ensure that the Data Subject, as a registered user, always logs in when accessing the various subpages of the website, so that he does not have to re-enter his login details each time he enters a new page.

7.7.3. It is possible to use absolutely necessary cookies on the website without the consent of the Data Subject. Essential cookies cannot therefore be activated or deactivated individually. However, the Data Subject may turn off cookies in their browser at any time

7.7.4. Legal basis: Article 6 (1) (b) of the GDPR.

 

7.8. Function and Performance cookies

7.8.1. Feature cookies allow the website to store information that has already been provided (such as a registered name or language choice) and to offer improved and more personalized features based on that information. These cookies only collect and store anonymous data so that they cannot track the Movement of the Data Subject on other websites.

7.8.2. Performance cookies collect data about how the website is used in order to improve the attractiveness, content and features of the website by the Data Controller. These cookies help, for example, to determine whether the subpages of the website have been visited and which subpages have been visited, as well as which content users are particularly interested in. The power shines also serve to

-     record in particular the number of visits to a page, the number of visits to subpages, the time spent on the website, the order of the pages visited, which search terms led the Data Subject to the Data Controller, the country, region and, where applicable, the city from which enters the proportion of the Affected and the mobile devices entering the website;

-     also record the movement of the computer mouse, the clicks made with the mouse and scrolling, so that the Data Controller understands which areas of the website are of particular interest to users.

7.8.3. This data is not used by the Data Controller in connection with the data subject's name or user profile, but is processed as part of a statistical statement. As a result, you can shape the content of the website and optimize its offerings according to the needs of the users. For technical reasons, the IP address transmitted to the Data Subject's computer is automatically anonymized and does not allow conclusions to be drawn for the individual user.

7.8.4. Legal basis: Article 6 (1) (f) of the GDPR.

 

7.9. Consent-based cookies

7.9.1. Cookies that are not absolutely necessary and are not function or performance cookies, such as advertising / marketing cookies, are used by the Data Controller only with the express consent of the Data Controller.

7.9.2. The Data Controller also reserves the right to use the data obtained by cookies from the anonymous analysis of the visitors' habits of the website in order to display certain advertisements for certain products on the website. All of this will benefit the Data Subject because the Data Controller will display advertising or content that he or she believes is of interest to the Data Subject based on his or her browsing habits, thereby reducing the number of randomly displayed ads or content that are less relevant to the Data Subject's needs.

7.9.3. Marketing cookies come from external advertising companies (Third Party Cookies) and collect information about the websites visited by the Data Subject in order to create targeted advertising for the Data Subject.

7.9.4. Legal basis: Article 6 (1) (a) of the GDPR.

7.9.5. You can block cookies used for online advertising through tools set up in a number of countries under the Affected Self-Regulatory Programs, which ensure that the Affected Person's choice is enforced, such as the US https://www.aboutads.info/choices/ or the European http://www.youronlinechoices.com/hu/. The settings for cookies can be found depending on the browser toolbar (Internet Explorer here, Google Chrome here, Mozilla Firefox here, Safari here). Use these links to set what tracking features you want to enable / disable on your computer. Your consent to the use of consent-based cookies can be revoked by the Data Subject at any time, individually, for the future by modifying the cookie settings accordingly.

7.9.6. Stakeholders who do not want Google Analytics to report on their visit can install the Google Analytics disabled browser extension. This add-on instructs Google Analytics JavaScript (ga.js, analytics.js, and dc.js) not to send visit information to Google. In addition, Stakeholders who have installed the disabling browser plug-in will not participate in content experiments. If you intend to disable Affected Analytics web activity, you can visit the Google Analytics Disable pageand install the extension on your browser. For more information about installing and uninstalling the extension, see the help for your browser.

 

7.10. Manage and delete cookies

The Data Subject may configure his or her browser (Explorer here, Google Chrome here, Mozilla Firefox here, Safari here) to prevent cookies from being saved as a general rule, and / or so that the browser asks each time that the Data Subject agrees. e by turning on cookies. The Data Subject may delete cookies at any time if it has been re-enabled. You can use the browser's help function to get detailed information about how the data subject works. Disabling the use of cookies with general effect may restrict the operation of certain functions of the website.

 

7.11. Google Analytics

7.11.1. This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). In doing so, Google Analytics uses a specific form of cookie that is stored on the Data Subject's computer and allows analysis of the Data Subject's use of the Website. The information generated by the cookie about your use of the website is usually transmitted to and stored by a Google server in the United States.

7.11.2. Cookies may prevent cookies from being stored if you use the appropriate settings when using your browser software. Additionally, by downloading and installing the browser plug-in available at https://tools.google.com/dlpage/gaoptout?hl=en, you may prevent the Data Subject from recording and managing data generated by the cookie about the use of the website by the Data Subject. (including IP address).

7.11.3. The website also uses Google Analytics to analyze visitor traffic through the user ID, independent of the device. You can turn off data cross-device tracking for your data subject in your Google Account under "My Information," "Personal Information."

7.11.4. Legal basis: Article 6 (1) (f) of the GDPR.

 

7.12. Display of data manager ads by external service providers

7.12.1. Data Manager's ads are displayed on various websites by third-party service providers, including Google. The Data Controller and third-party service providers, such as Google, use their own cookies (such as Google Analytics cookies) and third-party cookies (such as DoubleClick cookies) together to find out about users' past visits to the site and to optimize and to display.

7.12.2. Legal basis: Article 6 (1) (f) of the GDPR

 

8. Other provisions

8.1. If the Data Controller amends the Data Management Information, he / she shall place a notice on the website or forward the amended information to the e-mail address provided by the Data Subject so that the Data Subject can get acquainted with it.

8.2. The Data Controller shall provide information on data processing not listed in this Data Management Information when recording the data. The Data Controller may contact the Data Controller for the provision of information, disclosure, transfer or provision of documents on the basis of the authorization of a court, prosecutor's office, other investigating authority, infringement authority, administrative authority, National Data Protection and Freedom of Information Authority or other bodies. The Data Controller shall provide such authorities with personal data only to the extent and to the extent strictly necessary for the purpose of the request, provided that the authority has indicated the exact purpose and scope of the data.

8.3. If the Data Controller wishes to perform further data processing on the personal data for a purpose other than the purpose for which they were obtained, it shall inform the Data Subject of this different purpose and any relevant additional information prior to the further data processing.

8.4. If the Data Controller communicates the data to another recipient, he / she shall inform the Data Subject thereof at the latest when the personal data is communicated for the first time.


[1] Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Regulation (EC) No 95/46 - General Data Protection Regulation (GDPR).