Privacy Policy - Scintilla Group

From 25 May 2018, the GDPR (General Data Protection Regulation) became valid in the countries of the European Union. The Scintilla Kft. tries to comply with this Regulation in managing and storing the personal data.

You can find the updated regulation on the website in our Privacy Policy Informative (GDPR site).

PRIVACY POLICY INFORMATIVE

During the data management the Data Manager ensures the protection of individuals with regard to the processing of personal data and on the free flow of such data to comply with the 2016/679 Regulation of the EUROPEAN PARLIAMENT AND COUNCIL, which repeals the 95/46/EC (general data protection regulation).

In relation with the management of the data, the data management informs the visitors of this site (Users), about the data that it manages and about its principles and actions, and about the rights of the Users.

The Users are entitled to cancel their contributions partly or fully in a written form, and ask for the removal of their data in a way defined in the informative.

NAME OF THE DATA MANAGER

Company name: SCINTILLA-TRIO Gyártó és Kereskedelmi Korlátolt Felelősségű Társaság

Short name: SCINTILLA-TRIO Kft.

Location: H-1047 Budapest, Liszt Ferenc u. 8. B. lház. 1. em. 9.

Company registration number: 01 09 885982

VAT number: 13436252-2-41

Registry court: Fővárosi Törvényszék Cégbírósága

Mailing address and headquarters: 5100, Jászberény, Ipartelep út 9.

Telephone number: +36-57/515 340

E-mail address: sales@sparklights.eu

THE PLEA OF THE DATA MANAGEMENT

The plea of the data management in relation with the processing of personal data and on the free flow of such data and the Article 6, 1^st paragraph, a) the individual contribution of the Users, 2016/679 Regulation of the EUROPEAN PARLIAMENT AND COUNCIL (EU) which repeals the 95/46/EC is available on the website.

The Users can cancel their contribution to the data management at any time , in this case the data management removes every personal data of the Users from its system.

Without cancelling, the duration of the data management, the duration is defined in this informative.

SCOPE, TIME AND AIM OF DATA MANAGEMENT

Request via e-mail, phone or mail.

Managed data: Name, e-mail address, telephone number
Aim of the data management: postal request, e-mail request, phone request
Duration of the data management: Postal and e-mail request 1 year, phone request the duration of speaking.
Plea of the data management: the individual contribution of the Users

Making a purchase in the web shop.

Managed data: Name, delivery- and billing address, e-mail address, phone number, data for the registration
Aim of the data management: to ensure the free flow of data for the successful purchasing and delivery
Duration of the data management: shipping the products, duration of the warranty, until the Users’ request of cancelling the account, in case of a purchase, until the legally defined duration of data management in relation with the billing data
Plea of the data management: the individual contribution of the Users
- Data management of other aims

3.1.1 Data collected in relation with the use of the website (data management of other aims)

3.1.1.1 Managing of Cookies

By visiting the website, it leaves a data package (cookie), and processes it by the next visit, within the computer of the Users in order ot ensure the tailor-made services. If the browser sents back a previously saved cookie, the provider of it can connect the visit to other ones of the Users, but does this only in favour of its own content.

Temporary (session) cookie: these cookies are deleted after the visit of the Users automatically. These cookies ensure the more efficient and safer operation of the website, because of this they are unavoidable for the proper operation of the functions of the sites or for some applications. These cookies manage the individual identification number and the time and date of the visit, for the proper operation of the website.
Persistent cookies: the data manager uses persistent cookies to provide better operation for the User (optimized navigation). These cookies are stored longer the browser’s cookie file. The duration depends on the settings of the Users’ browser. These cookies manage the individual identification number and the time and date of the visit, for the proper operation of the website.

The cookies collect data of the visitors in order to provide a more efficient operation.

The plea of the data management: The individual contribution of the Users

Removal of the Cookies

The Users are entitled to delete of the cookies from their own computer, and can forbid the application of cookies within its browser. The cookies can be managed in the browsers in these settings: choose Settings/Privacy Policy/History Clear all cookies.

The website can contain such information, mainly advertisements that come from third parties that are not related to the data management. These third parties can leave cookies, web beacons on the Computer of the Users in order to send advertisement to the Users in relation with their services. In these cases the privacy policies defined by the third parties, and the data management has no responsibility.

3.1.1.2. Data management of the outer service providers

The html code of the website contains links that come from an independent outer server and are linked to an outer server. The server of the outer provider is in direct connection with the computer of the User. Please be aware that the providers of these links can provide personal data because of the direct link, the communication of the browser of the Users.

The tailor-made contents for the Users are provided by the server of the outer service provider.

The hosting service provider can give detailed explanation of the data management by the outer providers.

DATA PROCESSING

According to the legislations the data management is entitled to have a data processor for providing technical actions or for service providing. The data processor is only entitled to the execution of the commands and decisions of the data management.

The website was made on WordPress. The hosting service provider of the website is also the WordPress: en.support.wordpress.com.

The data management only gives the delivery data of the Users to the delivery company and only for the efficient delivery.

DATA SECURITY

The data management does everything to ensure the safety of the data, ensures the proper level of security against misappropriation, destruction, removal, disclosure, loss or access by any unauthorised individual, or any other type of compromise. The data management ensures this with the proper technical and organizational strategies.

RIGHTS OF THE USERS

6.1. Information and access to the personal data

The Users are entitled to know about and check the personal data about them that is stored and about their management. Moreover, the Users are entitled to get an access to the stored data. The Users has to send their requests in a written form (in e-mail or mail). The data management gives the information to the Users in electronic form to the Users, unless they do not want to receive it in a written form. The data management does not give oral information via telephone.

The information can be accessed in these ways:

defining the set of data, aim of the data management, its time and its plea in relation to the set of data,
forwarding the data: to whom the data have been forwarded, or to whom will they be forwarded,
identification of the source of the data.

For the first time, the data management provides the copy of their personal data for the Users for free. For the another copies, the data management can charge administrative fees. If the data management asks for the copy in an electronic form, then the data management will provide it in an electronic form.

If the User does not agree with the data management and the correctness of the data after receiving the information, then they ask for the correction, completing, removal, restriction of the management of their data, can object against the management of the data, in the form which has been defined in the 6th part. Also, the User can initiate proceedings, defined in the 7th part.

6.2. Right for the correcting and completing of the managed personal data

For the written request of the Users, the data management corrects the data that have been marked as incorrect by the Users, by the correction of the Users. Also the data management corrects the designed data and completes the missing data as the Users design them. The data management informs every addressed about the correction, completing to whom the personal data was shown, unless it is impossible or it involves disproportionate effort.

6.3. Right for the restriction of the data management

The Users can ask for the restriction of the management of their data in a written form, if

the Users do not agree with the correctness of the data, in this case the restriction lasts until the data management checks the correctness of the data,
if the data management is illegal and the Users object the removal of the data, and ask for the restriction of the data instead,
the data management does not need the data for the purpose of data management, but the Users request them for the presentation, validation and protection of the legal requests.
The Users object against the data management: in this case, restriction lasts until it is set out whether the legal reasons of the data management are in prior against the Users’ legal rights.

The restricted personal data, except for the storage, can only be managed within this period, for the presentation, validation or protection of the legal rights, or for the protection of any natural or legal person, or for the public interest of the Union or some of the member countries. The data management informs the Users, to whose request it restricted the data management, about the reconstruction of the restriction of the data management in advance.

6.4. Right for the removal of the data

The data management immediately deletes the personal data of the Users in these cases for the request of the Users:

if the previously needed data are not necessary any more,
if the Users cancel their contribution to the data management, therefore the plea of the data management ceases to be,
if the Users object against the data management and there is no legal reason for the data management,
if the Users object against the using of their data for direct solicitation, considering profiling, if it is in relation with direct solicitation,
if the personal data is managed unlawfully,
if the the collecting of personal data is directly done for providing services related to information technology for children.

The Users cannot validate their right to removal if the data management is necessary:

for the purpose of exercising right to freedom of opinion and informing,
for the public interest related to the field of public health,
for the purpose of archiving of public interest, for the purpose of scientific and historical research, or for statistics, if exercising the right to removal would make the data management impossible or would endanger it.
for the presentation, validation and protection of legal inquiries.

6.5. Right for data portability

Data portability enables the Users to get and use their own personal data that they have been previously to the data management, for their own purpose and through their own defined providers. In every case the eligibility is restricted to the data given by that Users. There is no possibility of the data portability of other data (for example: statistics).

The data management completes the inquiry related to the data portability based only in e-mail or in mailed request. For the completing, it is necessary for the data management to have a proof that really that Users want to validate their rights who are entitled to it. For this, it is necessary for the Users to come to the headquarters of the data management after getting a notification, with the data that is necessary for the identification of that certain requesting Users. With this right, the Users can request the portability of those data that they given to the data management. The exercising of this right is not equal to the automatic removing of the data from the system of the data management, so that the Users can further use the services of the data management.

6.6. Protesting against the management of personal data

From their own nature the Users can protest against the management of their personal data, considering profiling, and the Users are entitled to protest against the management of their data for the purpose of direct solicitation, considering profiling. If the Users protest against the management of personal data, the data management removes those Users from its system.

The Users can protest in written ways (via mail or e-mail), in case of a newsletter, by clinking on unsubscribing with the link that is provided in the newsletter.

6.7. Due date of the fulfilling of the request

According to the requests in 6.1-6.6, and in 1 month after the arrival of the request, the data management informs the Users about the taken measures. If it is necessary, considering the complexity and the number of the requests, this due date can be extended with 2 months, but in this case by designating the reason of the delay, the data management informs the Users in one month after receiving the request. If the Users applied the request in an electronic way, the information will be given in an electronic way, unless the Users ask them in another way.

ACTIONS OF REMEDIES

The Users can exercise their rights in a written way, such as, via e-mail or postal letter.

The Users cannot validate their rights if the data management proves that it cannot identify the Users. If the request of the Users are unfounded or excessive (exclusively to its repetitive way), the data management can ask for a fee or can deny the request. This has to be proven by the data management. If the data management has a doubt about the identity of the natural person that applied the request, can ask for the necessary information for the confirming of the Users identity.

In relation with the data management, the Users can write a legal remedy or a complain to the Hungarian National Authority for Data Protection and Freedom of Information (location: 1125 Budapest Szilágyi Erzsébet fasor 22/C), mailing address: 1530 Budapest, Pf.: 5. Phone number: +36 (1) 391-1400). (www.naih.hu; ugyfelszolgalat@naih.hu)

MANAGING THE INCIDENTS RELATED TO DATA PROTECTION

A data protection incident is an injury of safety, that can cause the accidental or unlawful annulment, loss, changing, or the unlawful access of, or unlawful publication of the forwarded, stored or otherwise managed personal data. The data management keeps records, which contains the managed data, the number of the impacted, the data of the incident, its conditions, the actions done for the prevention of the incident. In case of an accident, if it does not risk the rights and freedom the natural people, the data management has to inform the Users and the supervisory authorities about the incident of the data protection.

OTHER PROVISIONS

The data management has the right to modify this Privacy Policy, and the data management has to notify the Users about it. The modifications will be operating from the day that has been designated in the notification, unless the Users protest to it. By using the website, the Users accept the modifications of the Privacy Policy.

If the Users gave third party data for the application for the services, or by subscribing the newsletter, or for another purpose, or caused damage while using the website in any way, then the data management is entitled to ask for a compensation from the Users.

The data management does not check the personal data. Only the Users are responsible of the given data, who gave them. When giving an e-mail address, every Users are responsible for only applying for the services by themselves.