I. Data Controller:
Name: Smart Colors Limited Liability Company (hereinafter referred to as "Data Controller")
Registered office (and place of complaint): Budapest, Somlói út 58. Floor 2., door 4.
Company registration number of the Data Controller: 01-09-201878
Name of the registering authority: Fővárosi Törvényszék Cégbírósága (Company Registry Court of Budapest Capital Regional Court)
Tax number of the Data Controller: 25135752-2-43
Contact details of the Data Controller, regularly used e-mail address for correspondence: firstname.lastname@example.org
Customer service telephone number of the Data Controller: +36 30 325 8148
Customer service hours:
Monday - Thursday: 08:00 - 18:00*
Friday: 08:00 - 16:00
* weekdays only, time zone GMT+1 (Central European Time)
The Data Controller declares that all processing of data related to its activities (hereinafter "Processing") complies with the requirements set out in this Policy and the applicable legislation (27 April 2016), Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter "GDPR").
II. Legal basis for Processing:
The legal basis for Processing is the a) and b) sections of paragraph (1) at the Article 6 of the GDPR. The primary legal basis is the fact that by registering on the website www.fulmerhoney.com, the customer (hereinafter referred to as "Customer") voluntarily provides data and by registering has given his consent to the processing of his personal data for the purpose of the purchase. The provision of the data is based on a contractual obligation, and failure to provide the data will result in the delivery of the ordered products being cancelled.
III. Purpose of Processing:
The purpose of the Processing is to enable the Data Controller to fulfil its contractual obligations towards the Customer.
The specific purpose of the Processing:
- to serve the Customer,
- sending a confirmation email of the Customer's order,
- notifying the Customer of the delivery date,
- issuing an invoice and delivery note,
- processing the payment by credit card,
- logging in at a later time after registration to expedite the order,
- sending a newsletter for the request of a Customer.
IV. Scope of the data processed:
- The Customer's personal data: name, address, telephone number, email address, billing name, billing address and tax number in the case of VAT invoices.
- Purchase data: transaction number, date and time of the transaction, name of the products purchased, quantity, purchase price, payment method.
- User data: date of registration, unique identifier, last login, display of previous orders for the user, newsletter request/rejection, IP address of logins, user password (stored using bcrypt hashing)
V. Duration of Processing:
The Data Controller shall keep the processed data for 8 (eight) years from the year of the last purchase, or for 5 (five) years from the date of cancellation of the Customer's registration, whichever is later, in accordance with the second paragraph of the title C. 169.§ of the Act of 2000 on Accounting.
VI. Transfer of data to third parties:
The delivery of orders is carried out by FedEx Express Hungary Kft. (1185 Budapest, BUD International Airport, Logistics Center II - Office Building 283), therefore the following data must be transmitted to the delivery company: name, address, phone, email. The courier service may use SMS, email or phone notification of the delivery time.
Online credit card payments can be made through the Stripe financial services system or by using a PayPal account. The following information is transmitted to the service providers: payer ID, amount, date and time of the transaction. The details of the credit card used for the payment are processed exclusively by the financial service provider.
For e-invoicing, the invoicing name, address, tax number, email address, product name, quantity and purchase price will be sent to Billingo Technologies Zrt. (1133 Budapest, Árbóc utca 6, 1st floor).
The following data processed by the Data Controller will be forwarded to Fulmer Honey Kft. (2336 Dunavarsány, Vörösmarty utca 2438.), the distributor of the Products, and to Montwerk Media Kft. (1114 Budapest, Ulászló utca 44. 5th floor, door 10) for marketing and IT development purposes.
VII. Data security:
The website system has custom-built protection.
The computer used to view the managed data always runs the latest Windows or macOS operating system and its built-in firewall. The technical security of the data recorded on the www.fulmerhoney.com website is constantly controlled and monitored by the operator of the server serving it. In the event of an attempted intrusion into the database, the Data Controller, the data subject, the authorities and, in general, the authorities will be notified immediately and will act in accordance with the legislation in force.
3rd Party Systems used by the Webshop:
Google Analytics Google Ads
Google Analytics Google Tag Manager
VIII. Consent of the data subject:
IX. Complaints, requests for information, withdrawal of consent regarding data protection:
The Customer concerned may at any time request the Data Controller to delete or modify his/her data in the webshop database by sending an email to email@example.com. The Customer concerned may at any time withdraw his/her consent to the processing, request the restriction of the processing of his/her data and object to the processing. In addition, the Customer concerned may submit a complaint to the supervisory authority:
National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság)
1055 Budapest, Falk Miksa utca 9-11.
1363 Budapest, Pf. 9.
E-mail address: firstname.lastname@example.org
Office gate: NAIH – KR ID: 429616918
+36 30 683 5969
+36 30 549 6838
+36 1 391 1400
+36 1 391 1410
In the event of a breach of the rights of the Customer concerned, the Customer may also take legal action. He or she may choose to bring the action before the competent court of law at the place where the Data Controller has its registered office or at the place of his or her residence.
The Customer concerned may at any time request information from the Controller about the data processed concerning him/her. The Data Controller shall provide the processed data in a machine-readable format and the Customer shall be free to use them.
The Customer concerned may also contact the Data Controller in relation to the data recorded in the e-invoicing programme and transmitted by the Data Controller to third parties. The provisions of Act CXXVII of 2007 on Value Added Tax shall apply to the rules for issuing and recording invoices.
The Customer concerned can contact the financial service provider regarding the data provided at the time of purchase for payment by credit card via the following website: https://stripe.com or https://www.paypal.com