Privacy Statement

for visitors and registered users of artprintlab.com and pigmenta.hu

1. INTRODUCTION

The Service provider / Data Controller manages data of registered customers, in order to be able to provide them with proper service.
The Service provider is taking every measure to correspond to the existing regulations of the law, especially regulation 2016/679 of the European Parliament and Council.

2. SERVICE PROVIDER / DATA CONTROLLER name and contact

Company name: Poszterfotó Számítástechnikai Szolgáltató Kft.
Address: 1145 Budapest, Amerikai út 56.
Tax number: 10955121-2-42
E-mail: info@artprintlab.com
Telephone: +36 1 2233033

3. GDPR DEFINITIONS

• GDPR:The General Data Protection Regulation (GDPR) was adopted as Regulation (EU) 2016/679 of the European Parliament and of the Council on April 27, 2016.
• Personal Data: Any information relating to an identified / identifiable individual, whether it relates to his or her private, professional, or public life. Can be anything from a name, photo, email address, bank details, posts on social networking sites, medical information, IP address, or a combination of the data that directly or indirectly identifies the person.
• Consent: The concept of "consent" is foundational to EU data protection law. In general, the validly obtained consent of the data subject will permit almost any type of processing activity, including Cross-Border Data Transfers.
• Data Controller: Any organization, person, or body that determines the purposes and means of processing personal data, controls the data and is responsible for it, alone or jointly. Examples when the data controller is an individual include general practitioners, pharmacists, and politicians, where these individuals keep personal information about their patients, clients, constituents etc. Examples of organizations can be data controllers, for profit or not for profit, private or government-owned, large or small, where those organizations keep personal information about their employees, clients, etc.
• Data Processor: A data processor processes the data on behalf of the data controller. Examples include payroll companies, accountants, and market research companies.
• Third Party: A third party is any natural or legal person, public authority, agency, or any other body other than the data subject, the controller, the processor, and the persons who, under the direct authority of the controller or the processor, are authorized to process the data.

4. PRINCIPLES OF DATA HANDLING

Lawfulness, fairness and transparency
• We must process personal data lawfully, fairly and in a transparent manner in relation to the data subject.
Purpose limitation
• We must only collect personal data for a specific, explicit and legitimate purpose. We must clearly state what this purpose is, and only collect data for as long as necessary to complete that purpose.
Data minimisation
• We must ensure that personal data you process is adequate, relevant and limited to what is necessary in relation to our processing purpose.
Accuracy
• We must take every reasonable step to update or remove data that is inaccurate or incomplete. Individuals have the right to request that we erase or rectify erroneous data that relates to them, and we must do so within a month.
Storage limitation
• We must delete personal data when we no longer need it. The timescales in most cases aren't set. They will depend on our business’ circumstances and the reasons why we collect this data.
Integrity and confidentiality
• We must keep personal data safe and protected against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

5. IMPORTANT INFORMATION ON HANDLING OF DATA

The purpose of data management is to enable the service provider / data manager to provide appropriate additional services to the persons registered on the site while operating the website.
The legal basis for the processing is the consent of the person concerned.
The data users are the registered users of the website.
Duration of data management and deletion of data. The duration of the data management always depends on the specific purpose of the user, but the data must be deleted immediately if the original purpose has been achieved. Your consent to data processing may be revoked at any time by a letter sent to the contact email address. If there is no legal impediment to deletion, your data will be deleted.
The controller and his employees are entitled to access the data.
The data subject may request from the controller access to, rectification, erasure or restriction of the processing of personal data concerning him or her, and may object to the processing of such personal data and to the data subject's right to data portability.
The data subject may at any time withdraw his or her consent to the data processing, but this shall not affect the lawfulness of the data processing carried out on the basis of that consent prior to the withdrawal.
The person concerned may claim the right to lodge a complaint with the supervisory authority.
If the person concerned wishes to take advantage of the registration, that is to say, to use this service of the website, the personal data requested must be provided. The person concerned shall not be obliged to provide personal data and shall have no adverse consequences for the non-provision of the data. However, some features of this website cannot be used without registration.
At the request of the data subject, the data subject shall have the right to rectify or supplement inaccurate personal data relating to him without undue delay.
The data subject shall have the right, upon request, to delete any inaccurate personal data relating to him or her without undue delay, and the controller shall be obliged to delete personal data relating to the data subject without undue delay, unless there are other legal grounds for such processing.
Modifications or deletions of personal information may be initiated by email, telephone or mail using the contact options provided above.

6. DATA HANDLED

NAME: Identification, communication, billing.
COMPANY NAME: Identification, communication, billing.
ADDRESS: Identification, communication, billing.
E-MAIL: Identification, communication.
PHONE: Identification, communication.
TIME OF REGISTERING: Technical information.

The user consents to the handling of their data, by filling out their information.

7. PURPOSE OF DATA HANDLING

We use personal information collected via our Sites for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests ("Business Purposes"), in order to enter into or perform a contract with you ("Contractual"), with your consent ("Consent"), and/or for compliance with our legal obligations ("Legal Reasons"). We indicate the specific processing grounds we rely on next to each purpose listed below.

We use the information we collect or receive:
To facilitate account creation and logon process [with your Consent]. If you choose to link your account with us to a third party account *(such as your Google or Facebook account), we use the information you allowed us to collect from those third parties to facilitate account creation and logon process.

To send administrative information to you [for Business Purposes, Legal Reasons and/or possibly Contractual]. We may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, and policies.

Fulfill and manage your orders [for Contractual reasons]. We may use your information to fulfill and manage your orders, payments, returns, and exchanges made through the Sites.

Request Feedback [for our Business Purposes and/or with your Consent]. We may use your information to request feedback and to contact you about your use of our Sites.

To protect our Sites [for Business Purposes and/or Legal Reasons]. We may use your information as part of our efforts to keep our Sites safe and secure (for example, for fraud monitoring and prevention).

To enforce our terms, conditions and policies [for Business Purposes, Legal Reasons and/or possibly Contractual].

To respond to legal requests and prevent harm [for Legal Reasons]. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond

For other Business Purposes. We may use your information for other Business Purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Sites, products, services, marketing and your experience.

Google Analytics:
Our website is using Google Analytics directly.
Google Analytics builds the report based on internal cookies when your customers use a web page about their users' habits.
The trustworthiness of the web site operator, among other things, is provided by Google to evaluate how users use the web site. It is also an additional service for producing consistent reports on the activities of the website, provided by the operator of the website, so that the service providers can provide full service
The European Commission stores it in encrypted form on Google's servers, making it well-founded and facilitating data misuse.

Google Privacy Policy:
https://policies.google.com/privacy?hl=hu

Cookie Policy:
Artprintlab.com may use cookies, web beacons, tracking pixels, and other tracking technologies when you visit our website [Name of Website.com], including any other media form, media channel, mobile website, or mobile application related or connected thereto (collectively, the “Site”) to help customize the Site and improve your experience.
We reserve the right to make changes to this Cookie Policy at any time and for any reason. We will alert you about any changes by updating the “Last Updated” date of this Cookie Policy. Any changes or modifications will be effective immediately upon posting the updated Cookie Policy on the Site, and you waive the right to receive specific notice of each such change or modification
You are encouraged to periodically review this Cookie Policy to stay informed of updates. You will be deemed to have been made aware of, will be subject to, and will be deemed to have accepted the changes in any revised Cookie Policy by your continued use of the Site after the date such revised Cookie Policy is posted.
Most browsers are set to accept cookies by default. However, you can remove or reject cookies in your browser’s settings. Please be aware that such action could affect the availability and functionality of the Site.

8. DATA PROCESSOR

Server provider:
Company name: ZL.hu Kft.
Address: 1134 Budapest, Lőportár u. 8.
Telephone: +36 20 5858585
E-mail: help@zl.hu

A processor may not engage a sub-processor’s services without the controller’s prior specific or general written authorisation. If authorisation is given, the processor must put in place a contract with the sub-processor. The terms of the contract that relate to Article 28(3) must offer an equivalent level of protection for the personal data as those in the contract between the controller and processor. Processors remain liable to the controller for the compliance of any sub-processors they engage.

9. SUBJECT’S RIGHTS

Right to request information
You can request information from us through the contact details you specify, what kind of data you have on our company, on what legal basis, for what purpose, from what source, for how long. Upon your request, we will send you information immediately, but no more than 30 days, to the email address you provide.

Right to rectification
You can request us to modify any of your details through the contact details provided. We will respond promptly to your request, but within a maximum of 30 days, and we will notify you of the contact details you provide.

Right to delete
You can request the deletion of your information from us through the contact details provided. Upon your request, we will do so immediately, but within a maximum of 30 days, and we will send an email to the email address you provided.

Right to lock
You can request us to lock your data through the contact details provided. The lock will continue until the reason you have specified requires the data to be stored. Upon your request, we will do so immediately, but within a maximum of 30 days, and we will send an email to the email address you provided.

Right to protest
You may object to the processing of data through the contact details provided. We will investigate the objection as soon as possible after filing, but no more than 15 days, and will make a decision on its merits and will notify you by email.

Data Enforcement Option
If you are affected by unauthorized data processing, please notify our company and we will be able to restore the legal status within a short period of time. For your convenience, we will do our best to resolve this issue.

If you believe that the legal status cannot be restored, please inform the Authority at the following contact details:

Hungarian National Data and Information Protection Authority

Post address: 1530 Budapest, Pf.: 5.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Telephone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
E-mail: ugyfelszolgalat (at) naih.hu
Website: https://naih.hu