I. Scope and definitions
Márton Tóth, sole proprietor (hereinafter referred to as “Data Processor”, “We”) will process your personal data during its activities. This privacy policy (“Policy”) sets out the procedures and principles on the basis of which we will process and handle your personal data. If anything is unclear or you would like to ask anything about your personal data, please use the contact information provided in this policy.
The personal data processing rules contained in this policy correspond to the obligations imposed on us in the processing of personal data by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC – General Data Protection Regulation (hereinafter referred to as “GDPR”).
Through this policy, we also inform you of the facts and your rights that you need to be aware of in accordance with the GDPR, and which ensure sufficient transparency in the processing of your personal data.
- ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person [Art. 4(1) GDPR];
- ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction [Art. 4(2) GDPR];
- ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law [Art. 4(7) GDPR];
- ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller [Art. 4(8) GDPR];
- ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her [Art. 4(11) GDPR];
II. Personal Data Administrator
Márton Tóth sole proprietor
1063 Budapest Szív utca 11., Hungary
hello@tresscodehair.com
Point of contact: Márton Tóth
III. Reasons for collecting your personal data
We only process personal data when we deem it necessary for a legitimate purpose under the GDPR. We only use personal data for the purposes for which they were collected, as described in our privacy policy and data processing agreement. We will only collect and process personal data from you if it is necessary for:
- Fulfilling the contract that you have signed or closed with us.
- The provision of the service you want to use.
- Compliance with the requirements of the law.
- The purposes of our legitimate interests, unless in this case your interests or the fundamental rights and freedoms of data subjects that require the protection of personal data are preferred.
Legal Grounds for Processing of Personal Data:
| Processed data | Purpose of data processing | Legal grounds for processing | Storage limitation |
| Name, e-mail address, shipping address, billing address, telephone number provided during user registration | Performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract | The data subject has given consent to the processing of his or her personal data; Necessary for compliance with a legal obligation to which the controller is subject | Account deletion |
| Name, e-mail address, shipping address, billing address, telephone number provided when making a purchase | Performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract | The data subject has given consent to the processing of his or her personal data; Necessary for compliance with a legal obligation to which the controller is subject | In accordance with the purpose of data processing |
| Billing details: name, billing address | Performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract | Necessary for compliance with a legal obligation to which the controller is subject | In accordance with legal obligations |
| Name and email address | Promotional activities, direct sales(newsletter) | The data subject has given consent to the processing of his or her personal data | Until the user unsubscribes |
We will always inform you of any further use of your personal data that differs from the initial purpose of processing.
IV. Categories of personal data processed
The processing of personal data shall only be carried out for the purpose of fulfilling various legal or contractual obligations. The Processing shall be limited to the categories of personal data as specified in section III of this document. A We do not process special categories of Personal Data with regard to customers. The Data Processor shall ensure that the Personal Data we use and hold is accurate, complete, kept up to date and relevant to the purpose for which we collected it for the purpose you provided the data for.
V. Recipients of personal data
For the purposes of the data processing as per section III, we employ the services of third party service providers. These mainly include our accounting, legal, tax, marketing and other similar advisors to whom we pass on your personal information if it is necessary in order to use their services – consultation. Furthermore, we employ IT and hosting providers. In the event that we choose to use a subcontractor to provide the service you require, we may pass your personal data on to the subcontractor to the extent necessary. In case we send you goods, we may forward your personal data to these external processors for the purpose of sending the goods. Magyar Posta Zrt., Extreme Digital-eMAG Kft. (Vaterafutár)
VI. Retention of personal data
We will not retain your personal data processed longer than necessary for the purposes for which it was collected or otherwise processed as set out in this policy, and for which we have a valid legal basis. In any case, we will not retain it longer than allowed under statutory local retention periods, e.g., tax or commercial requirements. In case where we would be involved in any legal claims, we are entitled to continue to process your personal data that is relevant for such claims, subject to applicable local retention requirements.
VII. Data subject rights
- The data subject’s right of access, rectification, right to erasure;
- The data subject right to restriction of processing
- The data subject’s right to object;
- The right to data portability;
- The right not to be subject to a decision based solely on automated processing;
- Right to file a complaint with the Supervisory Authority.
We are committed to resolving complaints about our collection or use of your Personal Data. If you are unsatisfied with our response, you may be entitled to make a written submission to the data relevant protection supervisory authority within 30 days. Please note that our lead supervisory data protection authority is the Hungarian Data Protection and Information Freedom Authority. Supervisory Authority: National Data Protection and Information Freedom Authority Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C. Website: http://www.naih.hu, Email address: ugyfelszolgalat@naih.hu You have the right of judicial remedy against a supervisory authority resolution.
VIII. Contact details
If you have any questions or comments about this Privacy Policy, you can contact us via the same email address: hello@tresscodehair.com.
IX. Additional provisions
We don’t share your personal information with third parties. Only aggregated, anonymized data is periodically transmitted to external services to help us improve the https://tresscodehair.com website and service. We currently use Google Analytics, Google Search, Google Tag Manager. The Data Processor reserves the right to update or modify this Privacy Policy at any time without prior notice. Any updates will be posted on the https://tresscodehair.com website.