Privacy Policy
1. INTRODUCTION
This website, viktoriakiss.hu, is hosted by Google through its Google Firebase Hosting service.Contact details:
Full legal name: Viktória Kiss
Email address: viki.kiss@gmail.com
Postal address: 1213 Budapest, Fürdő Street 3.
2. WHAT PERSONAL DATA DO WE PROCESS, AND FOR WHAT REASON?
Personal data refers to any information that clearly identifies an individual.The https://viktoriakiss.hu/ website processes the following personal data with precise legal basis:
COMMUNICATION DATA
This includes any messages sent to us via the website, email, social media messages, or any other communication form. We process and retain this data to fulfill orders and provide a legal basis in case of disputes. The legal basis for this processing is the user's demonstrable interest in our activities, as reflected in the messages sent to us.CUSTOMER DATA
This includes all data related to the purchase of products and services, such as the customer's name, shipping and billing address, email address, phone number, and purchase details. We process this data to successfully complete orders and maintain legally compliant records of purchases. The legal basis for storing this data is the fulfillment of the contract established through the purchase between the customer and Viktória Kiss.Purchase-related data is stored with Stripe Inc. (hereinafter "Stripe"), an international financial service provider, as card payments are processed through their platform. All purchase-related data is recorded in the Stripe system. Privacy-related information can be found on their website, and a direct link is provided on the checkout page. The only exception is the transaction ID, which Viktória Kiss also stores in the Google Cloud Firestore database to retrieve purchase details if needed. Transaction IDs are only accessible with admin privileges in Google Cloud Firestore.
USER DATA
This includes data generated during website usage, enabling the site's technical operation, maintaining security, storing user activity logs, and ensuring the most relevant content access. The legal basis for processing this data is the user's clear interest in our activities, which requires the storage of such data for proper operation and security.TECHNICAL DATA
This includes data generated from website usage, such as IP address, login details, browser data, page visit durations, page views, navigation paths, number and time of visits, time zones, and device details used to access the website. The data source is our analytics software. We process this data to analyze user behavior, maintain website security, and evaluate the effectiveness of marketing decisions. The legal basis for processing this data is the user's clear interest in our activities, allowing us to process this data for security compliance and business growth.MARKETING DATA
This includes visitor preferences on what marketing content they prefer to receive. We process this data to enable participation in giveaways and send advertisements related to products/services of interest to the user. The legal basis for processing this data is the user's clear interest in our activities, allowing us to process this data for security compliance and business growth. The collected data may be used periodically for targeted advertisements on platforms like Facebook™ and various dynamic advertising platforms, as well as for measuring advertisement effectiveness. The legal basis for processing this data is the user's clear interest in our activities, allowing us to process this data for security compliance and business growth. We do not collect sensitive data such as ethnicity, religious beliefs, sexual orientation, political opinions, trade union membership, health data, genetic or biometric information.3. HOW DO WE COLLECT DATA?
We may collect personal data when users directly provide it (e.g., by placing an order or sending a message). Some data may be automatically collected during website use, for example, through cookies and similar technologies. These only activate upon user consent, and if present, they are detailed in our cookie policy. Viktória Kiss places great importance on data protection and compliance with regulations. Therefore, after a data protection impact assessment, we compiled a list of collected data, its necessity, legal basis, and compliance with regulations. To protect data provided through forms and generated on the website, we apply SSL certification across the entire site, and Google v3 captcha secures the site and the form submission functions running within Google Firebase's protected environment. When selecting partners, we ensure they comply with GDPR regulations. If they are U.S.-based, we ensure they participate in the EU-US Privacy Shield data protection initiative and sign a data processing agreement to ensure responsible data handling.4. NOTES ON PERSONAL DATA
Occasionally, we may need to share personal data with certain partners to maintain normal business operations:- IT service providers and those performing troubleshooting and maintenance on computer systems
- Expert partners such as lawyers, accountants, bankers, insurers
- Government authorities requesting activity reports
- Payment service providers securely handling card transactions
- Courier services fulfilling incoming orders to the specified shipping address
5. DATA RETENTION PERIOD
We only store user data as long as required by legal/accounting/reporting obligations or as necessary for service operation. When deciding on the retention period, we consider the data's volume, nature, sensitivity, and potential impact of a data breach. For tax purposes, we must retain purchase and billing data for at least 8 years to comply with legal obligations. In certain cases, we may use anonymized data for statistical purposes and retain it indefinitely without further notice.6. USER RIGHTS
As an EU citizen, the General Data Protection Regulation (GDPR) grants the following rights to website users:a. Access to personal data
Users have the right to request a copy of their personal data stored by https://viktoriakiss.hu/. Requests are typically processed free of charge within 14 days. In cases of repeated, abusive, or unjustified requests, Viktória Kiss may charge a reasonable fee and require additional time to process the request. Additionally, Viktória Kiss requires identity verification before releasing personal data to prevent misuse. Requests can be submitted to viki.kiss@gmail.com.
b. Modification of personal data
Users have the right to request data corrections if their personal data has changed or was entered incorrectly. Requests can be submitted to viki.kiss@gmail.com.
c, Request for Deletion of Personal Data
Users have the right to request the deletion of all their personal data. We will fulfill the request free of charge within 14 days of the request. After the deletion of personal data, the user account will no longer be accessible, meaning that any purchased materials will also become unavailable, as the personal data associated with the user account is essential for accessing the service.
Viktória Kiss requires proof of identity before deleting personal data to prevent misuse. To request the deletion of personal data, please contact us at viki.kiss@gmail.com.
d, Request to Restrict the Processing of Personal Data
Users have the right to request restrictions on the availability of their data to third parties (service partners). When submitting the request, users may specify the service partners they wish to restrict.
It is important to note that cooperation with certain service providers is essential for the operation of the site (e.g., Stripe as a payment service provider). If these are restricted, the site's services will become unavailable to the user.
Viktória Kiss requires proof of identity before restricting the transfer of personal data to prevent misuse. To request the restriction of personal data transfer, please contact us at viki.kiss@gmail.com.
In Hungary, the official authority responsible for data protection is the National Authority for Data Protection and Freedom of Information (NAIH). Users can find more information about their data protection rights on the NAIH website.
National Authority for Data Protection and Freedom of Information,
1125 Budapest, Szilágyi Erzsébet fasor 22/C.,
Mailing address: 1530 Budapest, P.O. Box 5.,
Phone: +36 1 391 1400,
Fax: +36 1 391 1410,
Email: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu