These Regulations set out the data protection and data management principles applied by LA-IMPEX Kft. (registered office: 2000 Szentendre, Dózsa György út 47., company registration number: 13-09-163426, registration authority: Budapest Metropolitan Court as a court of registration, tax number: 24306331-2-13) and the data protection and data management policy of LA-IMPEX Kft.
LA-IMPEX Kft. (hereinafter referred to as: Service Provider) processes the data of visitors to the Website, those who register on the Website, and those who order Services (hereinafter collectively referred to as Data Subjects) during the operation of the website www.laimpex.com (hereinafter referred to as: Website).
The purpose of this Policy is to ensure that, in all areas of the services provided by the Service Provider, every individual, regardless of nationality or place of residence, has their rights and fundamental freedoms, in particular the right to privacy, respected during the automatic processing of their personal data (data protection).
Name: LA-IMPEX Ltd.
Headquarters and mailing address: 2000 Szentendre, Dózsa György út 47.
Phone number: +36-26/525-286
Email address: info [at] la-impex.hu
Data processing registration number: NAIH-122362/2017.
Legislation governing data processing
The following laws apply to the data processing carried out by the Data Controller:
− Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation 95/46/EC.
− Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (“Data Protection Act”).
The legislation can be viewed on the website of the National Data Protection and Freedom of Information Authority: https://naih.hu/
Personal data: data that can be linked to a specific natural person (hereinafter referred to as the data subject), in particular the name, identification number of the data subject and one or more physical, physiological, mental, economic, cultural or social identity specific to the data subject, and the conclusion that can be drawn from the data concerning the data subject. Personal data retains this quality during data processing as long as its relationship with the data subject can be restored;
Data file: the set of data managed in a register;
Data processing: any operation or set of operations performed on data, regardless of the procedure used, in particular the collection, recording, recording, systematization, storage, alteration, use, query, transmission, disclosure, coordination or combination, blocking, erasure and destruction of personal data, and the prevention of further use of data;
Data Controller:
a) LA-IMPEX Kft.
Data Processing: the performance of technical tasks related to data processing operations, regardless of the method and means used to perform the operations, and the place of application, provided that the technical task is performed on the data;
Data Destruction: the complete physical destruction of the data medium containing the data;
Data Transfer: the making of Personal Data accessible to a specific third party;
Data Processor: the natural or legal person or organization without legal personality who is the data controller processes personal data on behalf of;
Data erasure: making data unrecognizable in such a way that their recovery is not possible;
Automated data file: a set of data that is processed automatically;
Machine processing: includes the following operations if they are performed in whole or in part by automated means: storage of data, logical or arithmetic operations performed on data, alteration, deletion, retrieval and dissemination of data;
User: the natural person who registers on the website of LA-IMPEX Kft. (www.laimpex.com).
Disclosure: making Personal Data available to anyone;
4.1. Registration. During registration, the Data Subject must provide the following personal data:
4.2. Technical data
Data technically recorded during the operation of the system: the data of the Data Subject’s login computer, which are generated during the use of the service and which are recorded by the Service Provider’s system as an automatic result of technical processes. The data automatically recorded are automatically logged by the system upon entry or exit without a separate declaration or action by the Data Subject. These data cannot be linked to other personal user data – except in cases required by law. Only the Service Provider has access to the data.
4.3. Cookies
During visits to the Website, the Service Provider sends one or more cookies – i.e. small files containing a string of characters – to the visitor’s computer, through which their browser can be uniquely identified. These cookies are provided by Google , and their use is governed by Google . This is done through the Adwords system. These cookies are only sent to the visitor’s computer when visiting certain subpages , so they only store the fact and time of visiting the given subpage , and no other information.
cookies sent in this way is as follows: External service providers, including Google , use these cookies to store if the Data Subject has previously visited the advertiser’s website, and based on this, advertisements are displayed to the Data Subject on the websites of external service providers’ partners, including Google . The Data Subject can opt out of Google advertising on the page for deactivating Google ads. cookies . (You can also indicate to the Data Subject that the Network Network Advertising You can also disable cookies from third-party providers on the Initiative opt-out page .)
After blocking, they will not receive personalized offers from the Service Provider.
Cookies used :
External servers help to independently measure and audit the Website’s traffic and other web analytics data ( Google Analytics ). Data controllers can provide detailed information to the Data Subject about the management of measurement data.
Contact them: www.google.com/analytics
If the Data Subject does not want Google to Analytics measures the above data in the manner and for the purpose described, install the add-on that blocks this in your browser.
“Help” function in the menu bar of most browsers provides information about how to use the browser.
4.4. General data processing related to orders
Order. When placing an order, the Data Subject must provide the following personal data:
the provisions of the Information Act, the data subject may request the Service Provider to delete his or her personal data recorded in this section.
4.5. Newsletter-related data processing
the website www.laimpex.com. In connection with the use of this option, the user subscribing to the newsletter voluntarily provides the personal data specified below to LA-IMPEX Kft. for processing:
5.1. Data processing of the internet content on the website www.laimpex.com (hereinafter referred to as the Website) is carried out on the basis of the Data Subject’s voluntary, properly informed declaration, which declaration contains the Data Subject’s express consent to the use of their personal data provided during the use of the Website. The legal basis for data processing is the voluntary consent of the data subject pursuant to Section 5(1) (a) of Act CXII of 2011 on the right to informational self-determination and freedom of information (Infotv.), and Act CVIII of 2001 on certain issues of electronic commerce services and services related to the information society.
The Data Subject gives consent to certain data processing by using the Website, registering, or voluntarily providing the data in question.
5.2. The purpose of data management is to ensure the provision of services available on the Website. The Service Provider uses the data provided by the Data Subject for a specific purpose, solely for the purpose of fulfilling the order, enabling invoicing, maintaining contact, and if the Data Subject has subscribed to the newsletter, sending the newsletter and later proving the terms of any contract that may be concluded.
5.3. The purpose of the automatically recorded data is to prepare statistics, technically develop the IT system, and protect the rights of the Data Subject.
5.4. The Service Provider does not use or may use the personal data provided for purposes other than those specified in these points. The disclosure of personal data to third parties or authorities – unless otherwise required by law – is possible only with the prior, express consent of the Data Subject.
5.5. The Service Provider does not verify the personal data provided to it. The person providing it is solely responsible for the adequacy of the data provided. When providing the e-mail address of any Data Subject, he/she also assumes responsibility for the fact that he/she is the only one using the service from the provided e-mail address. In view of this assumption of responsibility, any liability related to logins made from a given e-mail address lies solely with the Data Subject who registered the e-mail address.
6.1. The processing of personal data provided during the order or registration begins with the order or registration and lasts until its deletion upon request. In the case of non-mandatory data, data processing lasts from the time the data is provided until the data in question is deleted upon request. Personal data may be deleted by the Data Subject in the cases and manner specified in the General Terms and Conditions (hereinafter: GTC). Personal data will be deleted within 10 working days of receipt of the request.
6.2. Data automatically and technically recorded during the operation of the system will be stored in the system for a period of time justified from the time of their generation in order to ensure the operation of the system. The Company ensures that these automatically recorded data cannot be linked to other user Personal data – except in cases required by law. If the User has withdrawn his consent to the processing of his Personal data or has unsubscribed from the service, his person will no longer be identifiable from the technical data.
6.3. The above provisions do not affect the fulfillment of retention obligations specified in the law (e.g. accounting laws) and data processing based on additional consents given during registration on the Website or otherwise.
6.4. In the case of a newsletter, the processing of personal data lasts until you unsubscribe from the newsletter in the manner specified in point 9.4.
7.1. The data is primarily accessible to the Service Provider and its internal employees, but it is not published or passed on to third parties.
7.2. The Service Provider may use a data processor (e.g. system operator, accountant) to operate the underlying IT system, fulfill orders, and settle accounts.
Name of data processors:
Websupport Hungary Ltd. 1119 Budapest, Fehérvári út 97-99. (domain and hosting service)
Domino 5/1 Ltd., 2000 Szentendre, Anna Street 18 , (accounting)
NeoSoft Information Technology Service Ltd., 8000 Székesfehérvár, Távírda utca 2/ A (email marketing, newsletter service)
7.3. LA-IMPEX Ltd. processes the personal data of the Data Subjects in a traceable manner and in accordance with the law. In addition to the above, personal data is transferred to third parties only and exclusively with the consent of the Data Subject and is only released in the event of official requests.
8.1. The Data Subject has the right to request information about the personal data concerning him or her processed by the Service Provider at any time, and may modify them at any time in the manner specified in the GTC .
8.2. At the request of the Data Subject, the Service Provider shall provide information on the data concerning him/her processed by it, on the data processed by the data processor commissioned by it or at its request, on their source, on the purpose, legal basis, duration of the data processing, as well as on the name, address and activities of the data processor related to the data processing, on the circumstances, effects and measures taken to prevent the data protection incident, and – in the case of the transfer of the Data Subject’s personal data – on the legal basis and recipient of the data transfer. The Service Provider shall provide the requested information in writing within 30 days of the submission of the request.
The Service Provider – if it has an internal data protection officer, through the internal data protection officer – keeps a record for the purpose of monitoring the measures related to the data protection incident and informing the Data Subject, which contains the scope of the Data Subject’s personal data, the scope and number of Data Subjects affected by the data protection incident, the date, circumstances, effects and measures taken to address it, as well as other data specified in the law prescribing data processing.
8.3. The data subject may exercise his/her rights at the following contact details:
Mailing address: LA-IMPEX Kft. 2000 Szentendre, Dózsa György út 47.
E-mail customer service: info [at] la-impex.hu
The Data Subject may contact the Service Provider’s employee with any questions or comments related to data processing via the contact details indicated in Section 8.3.
8.4. The Data Subject has the right to request the correction or deletion of incorrectly recorded data at any time. The Data Subject can correct some of his/her data on the Website; in other cases, the Service Provider will delete the data within 10 working days of receiving the request, in which case they will not be recoverable. The deletion does not apply to data processing required by law (e.g. accounting regulations), which the Service Provider will retain for the necessary period.
8.5. The Data Subject may also request the blocking of their data. The Service Provider blocks the personal data if the data subject requests this or if, based on the information available to it, it can be assumed that the deletion would violate the legitimate interests of the Data Subject. Personal data blocked in this way may only be processed as long as the purpose of data processing exists, which precluded the deletion of the personal data.
The Data Subject and all those to whom the data was previously transmitted for the purpose of data processing must be notified of the correction, blocking and deletion. Notification may be omitted if this does not prejudice the legitimate interests of the Data Subject, taking into account the purpose of data processing.
If the Service Provider does not comply with the Data Subject’s request for correction, blocking or deletion, it shall provide the factual and legal reasons for rejecting the request for correction, blocking or deletion in writing within 30 days of receipt of the request.
The Data Subject may object to the processing of his/her personal data. The Service Provider shall examine the objection as soon as possible after the submission of the request, but no later than 15 days, make a decision on its validity, and inform the applicant of its decision in writing.
8.6. The Data Subject is subject to the provisions of Info.tv and the Civil Code (Act V of 2013)
8.7. If the Data Subject provided third party data during registration to use the service or caused damage in any way during the use of the Website, the Service Provider is entitled to enforce compensation against the Data Subject. In such a case, the Service Provider will provide all possible assistance to the acting authorities in order to establish the identity of the infringing person.
9.1. The Service Provider pays special attention to the legality of the use of the electronic mail addresses it manages, so it only uses them in the manner specified below for sending (informational or advertising) e-mails.
9.2. The management of e-mail addresses primarily serves the identification of the Data Subject, the fulfillment of orders and the maintenance of contact during the use of services, so e-mails are sent primarily for this purpose.
9.3. In the event of changes to the services provided by the Service Provider or the GTC, the Service Provider will in certain cases send information about the changes, as well as other similar services of the Service Provider, to the Data Subjects in electronic form, by e-mail. However, the Service Provider does not use such notifications for advertising purposes.
9.4. Newsletter
The Service Provider sends letters containing advertisements or commercials (newsletters) to the e-mail addresses provided during purchase or registration only with the express consent of the Data Subject, in cases and in a manner that complies with legal requirements. The newsletter has direct marketing elements and contains advertising. The Service Provider processes the data provided by the Data Subject when using the newsletter.
In the case of a newsletter, the Service Provider processes the data provided by the Data Subject during the newsletter subscription until the Data Subject unsubscribes from the newsletter or requests to be removed from the newsletter subscriber list by e-mail or post. In the event of unsubscribing, the Service Provider will not contact the Data Subject with further newsletters or offers. The Data Subject may unsubscribe from the newsletter and withdraw their consent at any time free of charge.
10.1. The Service Provider undertakes to ensure the security of the data, to take technical measures to ensure that the data recorded, stored and processed are protected, and to do everything possible to prevent their destruction, unauthorized use and unauthorized modification. It also undertakes to call on any third parties to whom the data may be transmitted or transferred to fulfill their obligations in this regard.
10.2. The Service Provider reserves the right to unilaterally amend these Regulations at any time. After the amendment enters into force, all Users must be informed in an appropriate manner (in a newsletter, in a pop-up window upon entry). By continuing to use the service, Users acknowledge the changed data processing rules, and there is no need to request their consent beyond this.
11.1. The User may exercise his rights in court under the Infotv . and Act V. of 2013 (Ptk.), and may also request the assistance of the National Data Protection and Freedom of Information Authority (1125 Budapest Szilágyi Erzsébet fasor 22/C; postal address: 1530 Budapest, Pf. 5.) in any matter related to personal data. In addition, the Data Controller’s staff can be contacted with any questions or comments related to Data Management at the email address info [at] la-impex.hu.
Szentendre, April 25, 2024.
*The document was translated using Google Translate. The legally valid document is the Hungarian version.