EFFECTIVE 29 APRIL 2019
It is essential for us that we comply with the most recent data protection regulations, and that is why we created the following data regulation policy for https://www.neonaturecosmetics.com/ and Eszter Orsolya Nagy private entrepreneur.
Data is managed by Eszter Orsolya Nagy entrepreneur, and her company is responsible for the handling of private data.
Contact number: +36 30 3050306
Legal name: Eszter Orsolya Nagy private entrepreneur
E-mail adress: [email protected]
Mail address: 2100 Gödöllő, Dózsa György utca 2.
2, WHICH PERSONAL DATA DO WE USE AND WHY?
Personal data is what makes an individual identifiable beyond doubt.
At https://www.neonaturecosmetics.com/ we are handling the following personal data. (including legal basis):
- COMMUNICATIONAL DATA:
Any kind of message falls under this category that you send us via a website, an email, a social media platform, or any other communication platform. We process and store these data to be able to complete your order, and to use it as a basis for legal decision. The legal basis for processing such data is given user’s interest towards our services, which is indicated through the messages they send us.
- CUSTOMER DATA:
Any kind of data that a customer provides us related to their order (customer’s name, home and billing address, e-mail address, phone number, information about purchased product). We process these data to successfully complete given order, and to have sufficient legal background on our customer. The legal basis for storing these data is the fulfilment of the contract signed between the customer and Eszter Orsolya Nagy private entrepreneur.
- USER DATA:
Any kind of data falls under this category that is generated by browsing the website and makes it function properly. These data help us keep our website safe, store safe copies of user activity, and provide the most relevant content to our customers. The legal basis for processing these data is the user’s genuine interest towards our services, which can only be maintained by using and storing these data.
- TECHNICAL DATA:
Any kind of data falls under this category that is created by using our website (IP address, sign-in credentials, browser data, visitor time on each page, number of page downloads and navigation routes, page visits and date, time zones, and information about the device users use to display our website. The source of these data is our analytical software. We process these data to be able to analyse user behaviour, keep our website safe, and understand the relevance of marketing related decisions. The legal basis for processing these data is the user’s genuine interest towards our service, which allows us to process these data according to security regulations, and use them to improve our business more efficiently.
- MARKETING DATA:
Any kind of data falls under this category that is related to user preference regarding what sort of marketing content do they prefer to receive. We process these data to make users eligible for giveaways, and to send them advertising material related to our products and/ or services that they were previously interested in. The legal basis for processing these data is the user’s genuine interest towards our service towards our service, which enables us to process these data according to security regulations, and use them to improve our business more efficiently.
- Stored data may be used for targeted advertising via Facebook™ and other, dynamic platforms where we can measure these ads’ efficiency.
The legal basis for processing these data is the user’s genuine interest towards our service towards our service, which enables us to process these data according to security regulations, and use them to improve our business more efficiently.
We do NOT collect sensitive data, such as ethnicity, religion, sexual preference and orientation, political opinion and trade union membership, medical condition, and genetic or biometric information.
3, HOW DO WE COLLECT DATA?
We collect data by the user directly providing it to us (e.g. by placing an order or sending a message).
Certain data are collected automatically while browsing our website – one such examples are the so-called „cookies”. These only start gathering data once the user provides their consent.
We process certain data via third parties, such as data analytics providers (e.g. Google), advertising networks (e.g. Facebook™), and platforms providing online payment options (e.g. PayPal and Barion).
4, PRACTICAL STEPS TO ENSURE DATA PRIVACY
Protecting user data and complying with the most recent regulations is essential for Eszter Orsolya Nagy private entrepreneur. This is why
- Following the data protection impact assessment, we created a list about the processed data including their relevance, legal basis and compliance with the law.
Protecting user data and complying with the most recent regulations is essential for Eszter Orsolya Nagy private entrepreneur. This is why we process the following personal data at https://www.neonaturecosmetics.com/ while also pinpointing their legal basis. Data protection is essential, and we strive to collect all the data from our website as securely as possible.
- In protecting the data entered in online forms and website itself, we have received SSL certification (Let’s Encrypt Authority X3 certification).
- We are using a premium security software (iThemes Security Pro) to protect our website and the data stored on it against attacks, brute force or other viruses.
- Order details and user data are encrypted in the website’s database (in a pseudonym way) so they are inaccessible for third parties.
- This data protection policy also includes a form in which users can choose to inquire about, modify or erase their personal data.
- In order to keep our services function, it is necessary to provide some data to our service providers (web storage providers, courier services, automation software). In such case we always comply with GDPR. Should our partner have their HQ in the USA, we require them to be part of the EU-US Privacy Shield data protection initiative. We also ask them to sign an agreement, thus providing responsible data processing.
5, MARKETING COMMUNICATION
It is essential that our business perform marketing communication related activities. The legal basis for this is the interest users show towards our service, and their explicit approval of providing their data.
According to the European Union’s Privacy and Electronic Communications Regulations (PECR) we send marketing content to our users if they purchased something earlier on our website, or if they explicitly express their consent to receiving such messages.
We alway display the option to suspend or unfollow these services in a visible way. Each email has an „unsubscribe” option in the footer, and the same action can be requested via [email protected]
Once you have unsubscribed, we are still allowed to send out message, but strictly related to orders.
6, A NOTE ON HANDLING PERSONAL DATA
In order to sustain a healthy business process, it is necessary that we share certain personal data with our partners at times:
- IT and other providers who are responsible for IT troubleshooting and/ or maintenance: Eszter Nagy Orsolya
- Professional partners such as lawyers, accountants, bankers and insurance providers: Mária Gurbi Accounting
- Any governmental body that requires us reports about our activities
- Payment service providers that handle credit/ debit card data securely: Barion, PayPal
- Courier services that complete deliveries to our customers’ addresses: Hungarian Postal Services, GLS
International data transfer
In order to sustain business processes, it is necessary that we share some of our user’s data with our partners outside of the European Economic Area (EEA).
Countries outside of the EEA do not always grant a similar level of data protection, and that is why European regulations forbid sharing data if the necessary conditions are not met.
Whenever we are sharing personal user data with third parties outside of the EEA, the following steps are followed apart from what has already been mentioned at section 4. earlier in this document:
- We only share data with partners that operate in countries that the European Commission lists „safe” from a data protection perspective.
- We only collaborate with providers in the USA that are part of the EU-US Privacy Shield data security initiative.
Should any of the two conditions not be met, our users are specifically asked to approve the transfer of their data towards these entities. This approval can be retracted any time.
Hyperlinks leading to third party sites
Our page contains hyperlinks leading to third party sites, or links that are embedded in our website’s code – these ensure that our partners’ services function properly.
Clicking on these links, or embedding them on our website allows our partners to gather data about the users.
7, HOW LONG DO WE STORE DATA?
We only store user data until it is required from a legal/accounting/data providing perspective, or until it is need for providing our services.
When we decide on the exact duration of storing data, we consider the data’s quantity, type and sensitivity, and also the potential damage it could cause once leaked.
In order to comply with tax regulations, we keep billing and purchase details for at least 8 years.
In certain conditions we use personal, anonymous data for statistical purposes – in this case we store data without further notice for an indefinitive time.
8, USER RIGHTS
As a citizen of the European Union, General Data Protection Regulation grants the following rights to our users:
a, Access to personal data
Users of our website have the right to receive a copy of their personal data stored byhttps://www.neonaturecosmetics.com/. This request is free of charge and it is fulfilled within 14 days.
In case a user submits requests that are repeated, without reason or raise suspicion of misuse, Eszter Orsolya Nagy private entrepreneur may charge a fee for providing these personal data, while the information may be stored for a longer duration.
Furthermore, Eszter Orsolya Nagy private entrepreneur may ask for proving identity before providing the requested data in order to prevent misuse. Please use the following contact form for requesting personal data:
b, Modifying personal data
In case user data have been modified or user has provided inaccurate data, user has the right to ask for modifying their data. In order to modify user data, please contact us at [email protected].
c, Erasing personal data
User has the right to ask for erasing all of their personal data. The request will be fulfilled within 14 days. Once personal data have been erased, the user’s account will not be available, which means that any previous purchase will not be available either as accessing any service requires personal data linked to the user account.
Eszter Orsolya Nagy private entrepreneur may ask for providing identification before erasing personal data in order to rule out the possibility of misuse. Please use the contact form above if you would like to erase your personal data.
d, Requesting data process limitation
User has the right to ask for limiting their data towards third parties (service providers). User has the option to name the service providers they desire to limit.
It is important to note that cooperation with certain provides is inevitable for the proper functioning of the website (e.g. Barion as a secure payment provider). This means that should the user limit access to their information, all the services of the website will be unavailable.
Eszter Orsolya Nagy private entrepreneur requests providing identification before limiting the access to the stored data – this is done to avoid misuse. Please use the contact form above if you would like to erase your personal data.
The entity authorised to deal with data protection in Hungary is the National Data Protection and Information Freedom Authority (NAIH). Please visit the NAIH site to learn more about data protection and user rights.
National Data Protection and Information Freedom Authority (NAIH),
1125 Budapest, Szilágyi Erzsébet fasor 22/C., Postal address: 1530 Budapest, Pf.: 5.,
E-mail: [email protected]
9, ANONYMISED DATA AND COOKIES
These technologies help us understand user behaviour and interests better, which enables us to function as a business at a higher level and more efficiently.
Our aim is to make https://www.neonaturecosmetics.com/ as user-friendly and personal as possible. Should the user ban these technologies to record any non-personal data, it can be done as follows:
- by refusing advertising cookies in the pop-up on our website
- by blocking cookies in the browser
- by using this tool
You can find more information on cookies and tracking codes used at https://www.neonaturecosmetics.com/ in our Co.