Name: Masterworks Hungary Kft
Headquarters: 1136 Budapest, Pannónia utca 30. Ü3. door
Mailing address, complaint handling: 1136 Budapest, Pannónia utca 30. Ü3. door
Email: hello@masterworks.hu
Phone number: +3670 55 77 451
Website: https://www.masterworks.hu
Name: Shopify International Limited
Mailing address: 2nd Floor, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland
Email address: support@shopify.com
Phone number: 0800-808-5233
This document contains all relevant data management information regarding the operation of the webshop in accordance with the European Union's General Data Protection Regulation No. 2016/679 (hereinafter: Regulation, GDPR) and CXII of 2011. TV. (hereinafter: Infotv.) based on
What is a cookie?
The Data Controller uses so-called cookies when visiting the website. The cookie is an information package consisting of letters and numbers that our website sends to your browser with the aim of saving certain settings, facilitating the use of our website and helping us to collect some relevant, statistical information about our visitors.
Some of the cookies do not contain personal information and are not suitable for identifying the individual user, but some of them contain an individual identifier - a secret, randomly generated string of numbers - which is stored on your device, thereby ensuring your identification. The operational duration of each cookie is contained in the relevant description of each cookie.
Legal background and legal basis of cookies:
The legal basis for data management is your consent based on Article 6, paragraph (1) point a) of the Regulation.
Google Adwords cookie When someone visits our site, the visitor's cookie ID is added to the remarketing list. Google uses cookies, such as NID and SID cookies, in Google products, such as to customize the ads displayed in Google Search. For example, it uses such cookies to remember your most recent searches, your previous interactions with ads or search results from certain advertisers, and your visits to advertisers' websites. AdWords conversion tracking uses cookies. To track sales and other conversions resulting from advertising, cookies are saved on the user's computer when that person clicks on an advertisement. Some of the common uses of cookies are: to select ads based on what is relevant to the user, to improve reporting on campaign performance, and to avoid showing ads that the user has already seen.
Google Analytics cookie: Google Analytics is Google's analysis tool, which helps the owners of websites and applications to get a more accurate picture of the activities of their visitors. The service may use cookies to collect information and report statistical data on the use of the website without individually identifying visitors to Google. The main cookie used by Google Analytics is the "__ga" cookie. In addition to the reports generated from website usage statistics, Google Analytics - together with some of the advertising cookies described above - can also be used to display more relevant ads in Google products (such as Google Search) and across the Internet.
Cookies strictly necessary for operation: These cookies are essential for the use of the website and enable the use of the basic functions of the website. In the absence of these, many functions of the site will not be available to you. The lifetime of these types of cookies is limited to the duration of the session.
currency Stores the customer's currency. Its lifespan is 30 days.
Facebook pixel (Facebook cookie) The Facebook pixel is a code with the help of which a report is prepared on the website about conversions, target audiences can be compiled, and the owner of the page receives detailed analysis data about the visitors' use of the website. With the help of the Facebook pixel, you can display personalized offers and advertisements on the Facebook interface to website visitors. You can read Facebook's privacy policy here: https://www.facebook.com/privacy/explanation
If you do not accept the use of cookies, certain functions will not be available to you. You can find more information about deleting cookies at the following links:
In order to conclude and fulfill the contract, several cases of data management may be implemented. We would like to inform you that data processing related to complaint handling and warranty administration is only carried out if you exercise one of the aforementioned rights.
If you do not make a purchase through the webshop, but are only a visitor to the webshop, then the provisions of data management for marketing purposes may apply to you if you give us consent for marketing purposes.
The data processing carried out for the purpose of concluding and fulfilling the contract in more detail:
If, for example, you contact us with a question about a product by email, contact form, or phone. Prior contact is not mandatory, you can skip this and order from the webshop at any time.
Managed data
Data provided by you during contact.
Duration of data management
We process the data only until the contact is completed.
Legal basis for data management
Your voluntary consent, which you give to the Data Controller by contacting us. [Data management according to Article 6 (1) point a) of the Regulation]
By storing the data entered during registration, the Data Controller can provide a more convenient service (e.g. the data subject does not have to be entered again when making a new purchase). Registration is not a condition for concluding a contract
Managed data
During data management, the Data Controller manages your name, address, telephone number, e-mail address, the characteristics of the purchased Goods and the date of purchase.
Duration of data management
Until you withdraw your consent.
Legal basis for data management
Your voluntary consent, which you give to the Data Controller when you register [Data processing according to Article 6 (1) point a) of the Regulation]
During the processing of orders, data management activities are necessary in order to fulfill the contract.
Managed data
During data management, the Data Controller manages your name, address, telephone number, e-mail address, the characteristics of the purchased Goods, the order number and the date of purchase.
If you have placed an order in the webshop, data management and the provision of data are essential for the fulfillment of the contract.
Duration of data management
We process the data for 5 years according to the civil law statute of limitations.
Legal basis for data management
Fulfillment of the contract. [Data management according to Article 6 (1) point b) of the Regulation]
The data management process takes place in order to issue an invoice in accordance with the legislation and to fulfill the obligation to preserve accounting documents. The Sztv. Pursuant to § 169, paragraphs (1)-(2), economic companies must keep the accounting documents directly and indirectly supporting the accounting.
Managed data
During data management, the Data Controller manages your name, address, telephone number, and e-mail address.
Duration of data management
The invoices issued by Sztv. Based on § 169, paragraph (2), it must be kept for 8 years from the date of issue of the invoice.
Legal basis for data management
CXXVII of 2007 on VAT. On the basis of Section 159 (1), the issuance of the invoice is mandatory and it must be kept for 8 years on the basis of Section 169 (2) of Act C of 2000 on accounting [Data processing according to Article 6 (1) point c) of the Regulation].
The data management process takes place in order to deliver the ordered product.
Managed data
During data management, the Data Controller manages your name, address, telephone number, and e-mail address.
Duration of data management
The Data Controller manages the data until the delivery of the ordered goods.
Legal basis for data management
Fulfillment of the contract [Data management according to Article 6 (1) point b) of the Regulation].
The data management process takes place in order to send out newsletters.
Managed data
During data management, the Data Controller manages your name, address, telephone number, and e-mail address.
Duration of data management
Until the data subject's consent is revoked.
Legal basis for data management
Your voluntary consent, which you give to the Data Controller by subscribing to the newsletter [Data processing according to Article 6 (1) point a) of the Regulation]
Data management as a remarketing activity is carried out with the help of cookies.
Managed data
Data managed by cookies specified in the cookie information.
Duration of data management
The data storage period of the given cookie, more information is available here:
Google's general cookie information:
https://www.google.com/policies/technologies/types/
Google Analytics information:
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en
Facebook information:
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
Legal basis for data management
Your voluntary consent, which you give to the Data Controller by using the website [data management according to Article 6 (1) point a) of the Regulation].
If the Data Controller wishes to carry out further data processing, it provides preliminary information on the essential circumstances of data processing (legal background and legal basis of data processing, purpose of data processing, scope of data processed, duration of data processing).
Name of data processor: Shopify International Limited
Contact details of the data processor:
Phone number: 0800-808-5233
Email address: support@shopify.com
Headquarters: 2nd Floor, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland
Website: https://www.shopify.com/
The Data Processor stores personal data based on the contract concluded with the Data Controller. You are not entitled to access personal data.
Name of the company operating the newsletter system: Shopify International Limited
Headquarters of the company operating the newsletter system: 2nd Floor, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland
Phone number of the company operating the newsletter system: 0800-808-5233
Email address of the company operating the newsletter system: support@shopify.com
Website of the company operating the newsletter system: https://www.shopify.com/
The Data Processor participates in the sending of newsletters based on the contract concluded with the Data Controller. In doing so, the Data Processor processes the data subject's name and e-mail address to the extent necessary for the newsletter.
Name of the data processor: KBOSS.hu Kft.
The seat of the data processor is: Záhony utca 7, 1031 Budapest.
Phone number of the data processor:
The e-mail address of the data processor is: kboss.hu.kft@szamlazz.hu
Website of the data processor: https://www.szamlazz.hu/
Based on the contract concluded with the Data Controller, the Data Processor participates in the registration of accounting documents. In doing so, the Data Processor will provide the name and address of the data subject to the extent necessary for accounting records, Sztv. It is processed for a period corresponding to paragraph (2) of § 169, after which it is deleted.
Name of data processor: Shopify International Limited
Registered office of the data processor: 2nd Floor, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland
The telephone number of the data processor is 0800-808-5233
The e-mail address of the data processor is: support@shopify.com
Website of the data processor: https://www.shopify.com/
The Data Processor participates in the registration of orders based on the contract concluded with the Data Controller. In doing so, the Data Processor processes the data subject's name, address, telephone number, number and date of orders within the civil law limitation period.
Name of data controller: Stripe Inc
The registered office of the controller is 354 Oyster Point Blvd South San Francisco, CA 94080 United States
The phone number of the data controller: +36706333743
The e-mail address of the data controller is: support@stripe.com
Website of the data controller: www.stripe.com
Based on the contract concluded with the Data Controller, the payment service provider participates in the implementation of online payment, for which data is transferred to the online payment service provider during the purchase process. In doing so, the online payment service provider handles the invoicing name, name and address, order number and date of the concerned person in accordance with its own data management rules.
The purpose of the data transmission is to provide the online payment service provider with the transaction data necessary for the payment transaction initiated by the online payment service provider.
The legal basis for data transmission: the performance of the contract between you and the Data Controller based on Article 6 (1) point b) of the Regulation, which includes payment by the customer, and in the case of online payment, data transmission in accordance with this point is required for payment
Within the period of data management, you are entitled to the following rights according to the provisions of the Regulation:
If you wish to exercise your rights, it involves your identification, and the Data Controller must necessarily communicate with you. Therefore, for the purpose of identification, it will be necessary to provide personal data (but the identification can only be based on data that the Data Controller manages about you anyway), and your complaints about data management will be available in the Data Controller's email account within the period specified in this information regarding the complaints. If you were a customer of ours and would like to identify yourself in order to handle complaints or warranty, please enter your order ID for identification. Using this, we can also identify you as a customer.
The Data Controller will respond to complaints related to data management within 30 days at the latest.
You have the right to withdraw your consent to data management at any time, in which case the data provided will be deleted from our systems. However, please note that in the case of an order that has not yet been fulfilled, the cancellation may result in us not being able to deliver to you. In addition, if the purchase has already been completed, based on the accounting regulations, we cannot delete the data related to invoicing from our systems, and if you owe us a debt, then based on a legitimate interest related to the collection of the claim, we can process your data even in the event of withdrawal of consent.
You are entitled to receive feedback from the Data Controller as to whether your personal data is being processed, and if it is being processed, you are entitled to:
The purpose of exercising the right may be aimed at establishing and checking the legality of data management, therefore, in the event of multiple requests for information, the Data Controller may charge a fair fee in exchange for providing the information.
Access to personal data is ensured by the Data Controller by sending you the processed personal data and information by email after your identification. If you have registered, we provide access so that you can view and check your personal data by logging into your user account.
Please indicate in your request that you are requesting access to personal data or information related to data management.
You have the right to request that the Data Controller correct inaccurate personal data concerning you without delay.
You have the right to request that the Data Controller restrict data processing if one of the following is true:
the data management is illegal, but you object to the deletion of the data for any reason (for example, because the data are important to you for asserting a legal claim), therefore you do not request the deletion of the data, but instead request the restriction of their use;
The Data Controller no longer needs the personal data for the purpose of the indicated data management, but you require them to present, enforce or defend legal claims; obsession
If data management is subject to restrictions, such personal data may only be processed with the consent of the data subject, with the exception of storage, or to submit, enforce or defend legal claims, or to protect the rights of another natural or legal person, or in the important public interest of the Union or a member state.
The data controller will inform you in advance (at least 3 working days before the restriction is lifted) of the lifting of the restriction on data management.
You are entitled to have the Data Manager delete your personal data without undue delay if one of the following reasons exists:
If, for any legitimate reason, the Data Controller has made public the personal data processed about you, and is obliged to delete it for any of the reasons indicated above, it is obliged to take the reasonably expected steps - including technical measures - in order to inform the data, taking into account the available technology and the implementation costs controller and other data controllers that you have requested the deletion of the links to the personal data in question or the copy or duplicate of this personal data.
Deletion does not apply if data management is necessary:
You have the right to object to the processing of your personal data based on legitimate interests at any time for reasons related to your own situation. In this case, the Data Controller may no longer process the personal data, unless it proves that the data processing is justified by compelling legitimate reasons that take precedence over your interests, rights and freedoms, or that are related to the submission, enforcement or defense of legal claims .
If personal data is processed for direct business acquisition, you have the right to object at any time to the processing of your personal data for this purpose, including profiling, if it is related to direct business acquisition. If you object to the processing of personal data for direct business purposes, then the personal data may no longer be processed for this purpose.
If the data management is carried out in an automated way or if the data management is based on your voluntary consent, you have the right to ask the Data Controller to receive the data you have provided to the Data Controller, which the Data Controller sends in xml, JSON or csv format at your disposal, if this is technically feasible, you can request that the Data Controller forward the data in this form to another data controller.
You have the right not to be subject to the scope of a decision based solely on automated data management (including profiling) that would have legal effects on you or would similarly significantly affect you. In these cases, the Data Controller is obliged to take appropriate measures to protect the rights, freedoms and legitimate interests of the data subject, including at least the right of the data subject to request human intervention on the part of the data controller, to express his point of view and to submit objections to the decision.
The above does not apply if the decision:
Infotv. pursuant to its provisions, the Data Controller had to register certain data operations in the data protection register. This reporting obligation was terminated on May 25, 2018.
The Data Controller declares that it has taken appropriate security measures in order to protect personal data against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as against accidental destruction and damage, as well as against becoming inaccessible due to changes in the technology used.
The Data Controller will do everything within its organizational and technical capabilities to ensure that its Data Processors also take appropriate data security measures when working with your personal data.
If, in your opinion, the Data Controller has violated a legal provision on data management or has not fulfilled any of your requests, you can initiate the investigation procedure of the National Data Protection and Freedom of Information Authority (address: 1363 Budapest, Pf. 9., e-mail) in order to terminate alleged illegal data management : ugyfelszolgalat@naih.hu, phone numbers: +36 (30) 683-5969 +36 (30) 549-6838; +36 (1) 391 1400).
We would also like to inform you that in the event of a violation of the legal provisions on data management, or if the Data Controller has not fulfilled any of your requests, you may file a civil lawsuit against the Data Controller in court.
The Data Controller reserves the right to modify this data management information in a way that does not affect the purpose and legal basis of data management. By using the website after the amendment enters into force, you accept the amended data management information.
If the Data Controller wishes to carry out further data processing in relation to the collected data for a purpose other than the purpose of their collection, it will inform you of the purpose of the data processing and the following information before the further data processing:
The data processing can only start after this, if the legal basis of the data processing is consent, in addition to the information, you must also consent to the data processing.
