top of page

About but

IMG_5125.jpg

Data management information   

This data protection declaration (Declaration) contains Erdélyi Mónika e.v. (Service Provider), the site and services available under the domain name www.mollyerdelyi.com (collectively: Service I Wedding I Brand I Video) and the rules regarding the handling of personal data, as well as the information regarding data management. The technical background of the Service is provided by the Service Provider, and the software on the servers is operated by the Service Provider.

By starting to use the Service, users accept the terms of this Statement. This privacy statement is continuously available on the homepage of the Service.

Data controller

  • Company/service provider/data manager: Erdélyi Mónika e.v. (hereinafter Service Provider)

  • Office address: 1105 Budapest Előd utca 4.  (no customer service)

  • Email: mollyphoto.m@gmail.com 

  • Phone: +36 70 33 89409

  • Tax number: 56907553-1-42

  • EV registration number: 55610953

  • Represented by: Mónika Erdélyi

Based on Article 37 of the GDPR, our company is not obliged to appoint a data protection officer, so you can also inquire about data protection at our central contact information or at the email address mollyphoto.m@gmail.com.

 

Data processor: the natural or legal person, public authority, agency or any other body that processes personal data on behalf of the data controller; (Regulation, Article 4, 8) The use of the data processor does not require the prior consent of the data subject, but information is required. 

 

Our data management is compatible with GDPR and Hungarian law

This means that the legal basis of this information is Regulation (EU) 2016/679 of the European Parliament and Council on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, as well as on the repeal of Regulation 95/46/EC ( hereinafter: Regulation). 

 

CXII of 2011. is required by law, so our website has been law-abiding since the beginning of its operation, complying with the CVIII of 2001. law - also a legal paragraph on certain issues of electronic commercial services and services related to the information society (mainly § 13/A). You can find the complete legal reference list at the end of the data management information.

 

 

Our principles for handling personal data

The protection of your data is extremely important to us. Your personal data is handled lawfully and fairly in a transparent manner, it can only be collected for specific, clear and legal purposes, it is limited to the necessary amount of data, and it is stored securely with limited storage capacity.

 

We ensure legality for you

The legal basis for data management can be regulated by law, e.g. CVIII of 2001 13/A.§(1) of the Act, which predetermines that e.g. what data can be processed when concluding a contract. However, all data that is not included in these, e.g. your e-mail address, phone number, or your data are requested for other purposes, they can only be done with your consent.

This is called data subject consent. When registering, you must indicate that you accept the legitimate use and management of your personal data for the given purposes by checking the checkbox. In our online store, we separate the subscription to the newsletter from the purchase and registration.

 

What are data management purposes?

 

Data management is not a general service, but only as much data can be stored as is necessary to achieve a specific goal and to draw your attention to the specific goal. For example, although we store your e-mail address in connection with the registration, we can only send newsletters and DM letters to it with your permission, i.e. with the consent of the person concerned.

 

By voluntarily providing your personal data or information(s) specific to you, you declare that you have read and expressly accepted the version of the entire data management information sheet in effect at the time the data or information was provided, knowing your rights.

What are cookies?

Cookies are small data files (hereinafter referred to as "cookies") that are transferred to your computer through the use of the website, saved and stored by your Internet browser.

 

The general tasks of cookies:

  • collect information about visitors and their devices;

  • they note the individual settings of the visitors, which will be used, e.g. basket contents, when using online transactions, so you don't have to type them in again;

  • facilitate the use of the website; they provide a quality user experience.

There are session cookies that do not require your prior consent. Our website provides brief information about these at the start of your first visit, such as authentication, multimedia player, load balancer, session cookies helping to customize the user interface, and user-centric security cookies.

 

Our Company will inform you about cookies that require consent - if data management already starts when you visit the page - at the start of the first visit and we ask for your consent. Our company does not use or allow cookies that allow third parties to collect data without your consent.

 

Cookies can be turned off in all modern browsers. You can read more about cookies in our cookie policy and in the more detailed information.

What is personal data and where is it stored?

"Personal data": any information relating to an identified or identifiable natural person ("data subject"); a natural person can be identified directly or indirectly, in particular on the basis of an identifier such as a name, number, location data, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person can be identified.

 

The data we collect is stored in various secure locations in our infrastructure and on the server, including system log files, back-end databases and analytics systems. Part of the storage and management process, as in any other online store, is that our employees, server providers, IT specialists, accounting, online account and banking providers receive some of your data. The law therefore obliges us to conclude a contract with them as data processors. You can also find a list of our data processors in the information sheet. It is important for you to know that our employees and data processors receive only the data that belongs to them, i.e. necessary for the common purpose, purchase or other contact process. All data is stored in a secure and locked location. We do not store data on pen drives or phones.

How long do we store your personal data?

Until you withdraw your consent, or in the absence of this, after the termination of the Company's account, the data will be stored in accordance with Act V of 2013 on the Civil Code ("Ptk.") 6:22. §, it will be deleted after 5 years, or sooner if a specific purpose becomes obsolete. Typically cookies, in the case of cookies, incorrect registration, request for a quote, etc.

 

It is important to know that your right to cancellation is, in some cases, overridden by law. The Company is obliged to keep the data based on § 169 of Act C of 2000 on accounting, then the Company will only delete the data after 8 years after the termination of the account, regardless of the consent of the data subject. In practice, this is the case if the data is part of the documents supporting accounting, for example in documents related to the conclusion of a contract between the Company and the customer (e.g. in an order) or in the issued invoice. You have the opportunity to give and withdraw your consent at any time during the newsletter. If you receive an advertising message from us via e-mail with a link and text at the bottom of the page, we will remind you that you have the opportunity to unsubscribe free of charge at any time without any restrictions or reasons.

 

Data security, SSL certificate

The Service Provider takes all necessary security steps, organizational and technical measures in order to ensure the highest level of security of personal data and to prevent their unauthorized change, destruction and use.

 

Our pages have an SSL security certificate. SSL certificates are used to create a secure, encrypted channel between the client and the server. The transmission of certain information, such as credit card information, account login information, and other sensitive information, must be encrypted to prevent data leakage. With an SSL certificate, our data is encrypted before it is transmitted over the Internet. Encrypted data can only be translated by the destination server. This ensures that the data provided on the website cannot be appropriated.

 

Transactions take place with PIN codes and other encryptions. Some of our services provide links to other websites, e.g. Facebook. Because we do not control the information policies and practices of these third-party websites, please read their privacy policies to learn how they collect and use personal information. Some of our products and services can be paid for by bank card and e-voucher. In both cases, we refer you to third parties that have done everything to ensure security themselves.

 

Your rights related to your personal data

Right to information:  The Data Controller takes appropriate measures to ensure that all information related to the processing of personal data, mentioned in Articles 13 and 14 of the GDPR, and Articles 15-22 and provide each piece of information according to Article 34 in a concise, transparent, comprehensible and easily accessible form, clearly and comprehensibly worded. We will provide our information within 14 days (but no later than 1 month) of submitting the application. The information is free of charge, unless you have already submitted an information request to us for the same data area in the current year. The reimbursement you have already paid will be refunded in the event that the data was handled unlawfully or the request for information led to a correction. Information can only be refused in cases provided for by law by indicating the legal place, as well as by providing information about the possibility of judicial remedy or turning to the Authority. We guarantee your rights regarding your personal data, which you can read about in detail in the regulations.

 

Your rights in relation to data:  

  1. Right of access

  2. Right to rectification

  3. The right to erasure

  4. The right to be forgotten

  5. The right to restrict data processing

  6. The right to data portability

  7. The right to protest

  8. Protest on the evening of direct business acquisition

  9. The right to object to automated decision-making processes

Right of access:  You are entitled to receive feedback from the data controller as to whether your personal data is being processed, and if such data is being processed, you are entitled to receive access to your personal data and the information listed in the regulation.

 

Right to rectification: You have the right to have the data manager correct or supplement inaccurate personal data relating to you without undue delay at your request. For registered users: You can change some of your data in your user profile at any time.

 

Right to erasure: You are entitled to have the data manager delete your personal data without undue delay upon your request, and the data manager is obliged to delete your personal data without undue delay under certain conditions. It is important to know that your right to cancellation is, in some cases, overridden by law, e.g. invoice, contract condition.

 

The right to be forgotten: If the controller has disclosed personal data and is required to delete it, it will take reasonable steps, including technical measures, taking into account the available technology and the costs of implementation, to inform the controller that you have requested deleting the links to the personal data in question or the copy or duplicate of this personal data.

 

The right to restrict data processing: At your request, the data controller will restrict data processing if one of the following conditions is met:

  • you dispute the accuracy of the personal data, in which case the limitation applies to the period that allows the data controller to check the accuracy of the personal data;

  • the data processing is illegal and you object to the deletion of the data and instead request the limitation of its use;

  • the data controller no longer needs the personal data for the purpose of data management, but you still require them to present, enforce or defend legal claims;

  • you objected to data processing; in this case, the restriction applies to the period until it is established whether the legitimate reasons of the data controller take precedence over your legitimate reasons.

The right to data portability: You are entitled to receive the personal data concerning you that you have provided to the data controller in a segmented, widely used, machine-readable format, and you are also entitled to transfer this data to another data controller without hindering this the data controller to whom you made the personal data available. So if you ask, we are very happy to export the stored data in PDF and/or CSV format.

 

The right to object:  You have the right to object to the processing of your personal data at any time for reasons related to your own situation, including profiling based on the aforementioned provisions.

  • We will examine the protest as soon as possible, within 14 days (but no more than 1 month) from the submission of the request and inform you of our decision in writing. If we have decided that your protest is well-founded, in that case we will terminate the data management - including further data collection and transmission - and lock the data, as well as notify all those to whom the personal data affected by the protest were previously notified of the protest and the measures taken based on it. forwarded, and who are obliged to take action to enforce the right to protest.

We will refuse to comply with the request if we prove that the data processing is justified by compelling legitimate reasons that take precedence over your interests, rights and freedoms, or that are related to the submission, enforcement or defense of legal claims. If you do not agree with our decision, or if we miss the deadline, you can go to court within 30 days from the notification of the decision or the last day of the deadline.

 

Objection in the event of direct business acquisition:  If personal data is processed for the purpose of direct business acquisition, you are entitled to object at any time to the processing of your personal data for this purpose, including profiling, if it is related to direct business acquisition. If you object to the processing of your personal data for direct business purposes, your personal data may no longer be processed for this purpose.  

 

Automated decision-making in individual cases, including profiling: You have the right not to be subject to the scope of a decision based solely on automated data processing, including profiling, which would have legal effects on you or similarly significantly affect you. The previous paragraph does not apply if the decision:

  • Necessary to conclude or fulfill the contract between you and the data controller;

  • is made possible by EU or member state law applicable to the data controller, which also establishes appropriate measures for the protection of your rights and freedoms, as well as your legitimate interests; or consent

Data transfer

We only transfer data to third parties with prior consent or legal requirements. When obtaining prior consent, we inform the data subject of the recipient of the data transmission, knowing which he can freely decide to grant consent. 7 Prior consent is not required in the case of data transmission based on legal regulations.

Data processing

"data processor": the natural or legal person, public authority, agency or any other body that processes personal data on behalf of the data controller. The tasks of the data processors used by our company to perform technical tasks related to data management operations are in particular the following:

  • operation of your customer relationship management (CRM) system,

  • help with product registration, providing information about the service,

  • selling and introducing products/accessories/services to customers

  • accounting, IT, programming, server

  • storage of data managed by the data controller

In all cases, a written service contract is concluded with the data processors, and the data processed by them can be stored until the contract is terminated. A detailed list of effective data processors and a description of their activities is contained in the full version of the data management information.

Complaint and other important things

 

We hope that we handle your data to your satisfaction and that you will find all the information in the data management information sheet. Nevertheless, if you do not understand something, or if you want to object to the unlawful handling of your personal data, contact us at our contact details. Our data protection officer or our colleagues will help you solve the problem. In the event of a data protection incident, we act according to the law.

 

Of course, you have the right to file a complaint with the supervisory authority responsible for your place of residence, if you consider that the processing of your personal data conflicts with the relevant legislation. The authority's central contact information: National Data Protection and Freedom of Information Authority mailing address: 1530 Budapest. PO box: 5. Phone: +36 -1-391-1400 E-mail: ugyfelszolgalat@naih.hu

 

This website uses cookies to provide the best possible user experience. Cookies store information in your browser and perform functions such as recognition when you return to our website and help our team understand which parts of the website are interesting and useful.

bottom of page