Data Controller: STUDIO 6 IRODA Kft.
Address of Data Controller: 1087 Budapest, Könyves Kálmán körút 76. Building 204
Email: studio6@studio6.hu
Phone: +36 30 667 08 68
Tax Number: 32455296-2-42
(hereinafter referred to as “Data Controller”)
Purpose of this Privacy Notice
This notice aims to outline the data protection and processing principles applied by www.fanktional.hu and the company’s data protection and processing policies. The Data Controller undertakes that all data processing activities comply with this policy, applicable national legislation, and the requirements of the European Union’s GDPR.
The obligation to provide prior information to data subjects is also established by Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information.
The Data Controller reserves the right to modify this privacy policy at any time, allowing sufficient time for data subjects to adapt to the changes. All members of the company pay special attention to the protection and security of personal data. The Data Controller treats personal data confidentially and takes all generally expected technical and organizational measures to ensure the security of data.
Key Definitions
- Data protection: The set of principles, rules, procedures, tools, and methods that ensure the lawful processing of personal data and the protection of the rights of data subjects.
- Personal data: Any information relating to an identified or identifiable natural person (data subject). Personal data retains this quality as long as the data subject can be re-identified.
- Data subject: Any natural person who can be identified directly or indirectly by reference to personal data.
- Special (sensitive) data: Data relating to racial or ethnic origin, political opinion, religious or other beliefs, trade union membership, sexual life, health, or criminal convictions.
- Criminal personal data: Data related to criminal proceedings or criminal acts, including records held by law enforcement or correctional authorities that can be linked to a data subject.
- Data processing: Any operation on data, including collection, recording, organization, storage, modification, use, retrieval, transmission, disclosure, restriction, deletion, or destruction.
- Data controller: The person or organization that determines the purposes and means of processing personal data.
- Data processor: A person or organization processing personal data on behalf of the Data Controller.
- Consent: The voluntary, specific, informed, and unambiguous indication of a data subject’s wishes, by which they agree to the processing of personal data.
- Appropriate information: Prior to processing, the data subject must be clearly and fully informed of the purpose, legal basis, duration, and recipients of the processing.
- Objection: A declaration by which the data subject opposes the processing of their personal data.
- Data security: The technical and organizational measures applied to protect data against unauthorized access, alteration, disclosure, destruction, or accidental loss.
For more information, see the NAIH data protection glossary: https://www.naih.hu/adatvedelmi-szotar.html
Collection and Storage of Personal Data
Personal data is collected during purchases, service provision, or order processing.
Order and Invoicing Data Processing
Legal Basis:
- Act CXII of 2011 (Info Act) and Act C of 2000 on Accounting (Sztv.)
- Consent of the data subject or mandatory legal data processing requirements.
Purpose:
Issuing invoices in compliance with law and fulfilling accounting obligations. Orders recorded in writing are attached to invoices and stored under the same legal requirements.
Data Collected:
- Name
- Address
- Email address
Retention Period:
Invoices must be retained for 8 years according to Sztv. 169 § (2). Even if consent is withdrawn, the Controller is entitled to retain personal data for 8 years as required by law.
Newsletter and Marketing Data Processing
If you permit your data to be entered into our computer system for newsletters, further processing will be based on your consent.
Legal Basis: Consent under Info Act 5 § (1) a) and the 2008 Act XLVIII on Advertising Activities.
Purpose: To inform you about the latest offers and promotions.
Data Collected:
- Name
- Address
- Email address
Retention Period: Until consent is withdrawn.
Additional Data Processing
If further data processing is required, the Data Controller will provide prior information on the purpose, scope, and legal basis. Law enforcement requests are handled as required by law, with records maintained according to Info Act 15 § (2)-(3).
Accounting: Handled by the Data Controller.
Data Security Measures
Paper-based data is secured so that only authorized personnel have access. Technical and organizational measures are in place to prevent unauthorized access, modification, disclosure, or destruction of personal data.
Cookies
What is a Cookie?
A cookie is a data package placed on your computer by websites. Cookies store preferences and usage patterns, enhancing user experience. They can be temporary (session) or persistent.
Purpose of Cookies:
- Store user preferences and settings
- Facilitate website navigation
- Improve website performance
- Collect statistical data
- Enable targeted advertising
Types of Cookies Used:
- Session Cookies: Store location, language, and currency; expire after browser closes or max 2 hours
- Referrer Cookies: Track referring website; expire when browser closes
- Last Viewed Product/Category Cookies: Retention 60 days
- Design Cookies: Detect device type and switch to mobile view; retention 365 days
- Cookie Acceptance Cookie: Stores user acceptance; retention 365 days
- Cart Cookie: Tracks items in cart; retention 365 days
- Backend ID Cookie: Server identifier; expires when browser closes
Disabling Cookies:
Disabling cookies may limit some website functions. See browser instructions for deletion:
Rights of Data Subjects
During data processing, you are entitled to:
- Access information about your data
- Request correction of inaccurate data
- Request deletion of data
- Request restriction of processing
- Object to processing
Timeframes:
- Information request: maximum 25 days
- Correction request: maximum 15 days
- Deletion or restriction request: maximum 15 days
Objections:
You may object if processing is based on legitimate interest or for direct marketing.
Legal Remedies:
If your rights are violated, you may contact the National Authority for Data Protection and Freedom of Information (NAIH):
- Mailing address: 1530 Budapest, Pf. 5.
- Email: ugyfelszolgalat@naih.hu
You may also pursue remedies in court.
