I. Data controller and processor
Name: SMDesign Kft
Location of headquarters / mailing address: 1118 Budapest, Nagyszeben Way 24/a
Authority of registration: Regional government of Budapest
Tax Number: 25992113-2-43
Registration number: 01-09-300449
Telephone number: +36-30-288-3222
E-mail address: sophie@sophiemolnardesign.com
II. Contact of the privacy policy office-holder
The company does not practice activities that would justify the use of a privacy policy office-holder.
III. Data management use and rights
The goal of the current informative is to inform the website users and future partners about how and what kind of personal data is being used. From our perspective, the common understanding is only assured if all legal principles are listed separately. This is placed at the bottom of this page.
1.Contact form
The contact form used for this website provides a possibility to contact us on an online platform. Information that is required for this form is the name and email address, the article number and the message related to it. These pieces of information are used based on approval.
2.Blog comments
Comments that are left on the blog with the help of the readers are used as a conversation starter. When an individual comment is made on the blog, their name and email address is requested. The basis of data management is the subscription for the website. To monitor spams, all comments are checked with the ‘Askimet’ facilities.
3.Newsletter/eDM
Information about news, new products and sales are sent to individuals who subscribed. Newsletters include the name and the contact of the company, which, therefore, constitutes as an ad. The subscription procedure requires the name and email address, the address and telephone number of customers.
4.Facebook page
This online platform that is used for interaction, expressing views and opinions, excessing news, advertisement and contacting potential new clients also requires personal information (e.g. names, comments) which are collected with the contribution of users. On the company’s Facebook page there is also a private message sending function.
5.Billing
If an order is made, a contract and a bill is written about the order and its’ requirements (e.g. costs), obligated by law. For the billing process the name, address, email address is viewed (usually already collected during the first contact) and compared to existing information. If a client contacted us over the telephone, they automatically approved of the company to collect personal information.
6.Contacting us over the telephone
If someone calls the company’s number that is located on the website, their name and phone number is automatically saved and collected (unless there is no work relationship made). This is important information as phone calls from unknown numbers are not answered. These pieces of personal information are used based on the contribution of a client, and used for re-contacting them (e.g. to call them back if thy placed a call and we are unable to answer).
7.Professionals’ and business members’ contact
During professional/business relationships the head of partners’ contact (names, telephone numbers, email addresses) are handled based on legal rights.
8.Cookies
Cookies are information bundles made out of numbers and letters that are sent by websites to the user’s browser in order to save certain settings, to help the website function more easily and to gather some relevant, statistics-like type of information from users. Cookies do not include personal information and cannot be used to identify users. Rather, cookies often include an individual identifier-that is protected, and randomly generated-stored by instruments. Some cookies leave off after a window is closed, some others are stored on the computer for a longer period.
Every cookie related activity could be inhibited by users by cancelling data files from previously visits. Information regarding the precise process of this can be found on these sites:
Cookies and website data management in Chrome
Information about cookies in Firefox
Managing cookies in Internet Explorer and in Edge
Some browsers allow that every time they are closed, they automatically delete all browser information. More information about this can be found here.
At some parts of website downloads the website’s visit analyser used by us (the Google Inc.’s Google Analytics) automatically places smaller data files in some cases including personal information on the user’s computer. According to the current law, users get notified about this at the first visit on the website and ask for permission and approval. Data files are used to help some functions of the website. Data files from older visits go to the operator. The precise names of these data files (_ga, _gat, _gid) can be read here Link6. IP addresses gathered by Google Analytics from browsers are stored anonymously therefore it cannot be connected to the user. These are stored for 26 months and restart if a new event happens to the user (e.g. a new process starts).
If a user does not want Google Analytics to collect and store information from any website visit for analytics, please use this browser (it can be used for any browser).
Google also uses those kind of Cookies (“DSID”, “IDE”, “NID”) that are used for connecting the user’s activity on her different devices (only if the user previously signed in into his Google account on these devices). This ‘connected activity’ is later used for synchronising ads and measuring conversion events. If the user does not want ads to appear synchronised across her devices, she can use this link to switch off the ‘personalise’ function of ads.
If a user previously had received a Cookie from Facebook-because she has an account, or because she has visited the facebook.com website-, her browser sent data in relation to the cookie when she clicked on the ‘Like’ button or other websites (like this one) that has social plug-ins. You can find more information about this here.
On the company’s website, for marketing reasons, a Facebook conversion measure pixel is used that requires the visitors’ permission when they first enter the site. Information gathered from this pixel will go to Facebook. More information about Facebook Cookies can be found here.
If a user leaves a comment on the website, with her permission the website’s Cookie will help to store her name and email address so at the next visit these would not be necessary to type in again (only if the user checks the checkbox).
The newsletter software uses many types of Cookies that store language related data, help to boost performance and forward analytics.
All share buttons placed on the website (Facebook, Google+, Pinterest) and plug ins (e.g. a YouTube video) also puts Cookies on the user’s computer.
IV. Withdrawal of contribution
All activities that require user contribution (see above):
Sending out newsletters that include ads
Users connecting via the website’s form
Operating the Facebook page
Leaving a comment on the website
Making statistics on the number of visitors
Contacting us over the phone
Contribution is reversed at any time, as easily and it was given.
Permission to receive newsletter can be reversed by clicking on the link at the end of the newsletter.
In regards of the Facebook page, contribution can be reversed by un-liking and deleting previously left comments.
At any other activity that requires user permission please write to this email address: sophie@sophiemolnardesign.com
Data collection prior to reversing user permission is legal.
V. Contract and legal obligations
Managing billing information and setting out bills is one of the legal obligations of our company. If the asked billing information is not given by the user, the accepted service cannot be carried out.
After a client orders one of our services and this order is received a contract is made either in a spoken or a written form. On the regular basis the company ties a contract with individuals and sometimes, however, it happens that in case of a legal entity some personal information can be brought into the contract (e.g. name, telephone number, email address). In order to tie a contract, these pieces of personal information are absolute necessary in order for us to identify the other partner and where we could reach them. Without this information the contract is considered as non-existent and we would be unable to provide the client with any services.
VI. Appellation of legal interest
Contact information (names and data) of business partners, head of business partners or contact persons are handled based on legal rights. Those individuals who work with the company for one or two workflows are also considered a business partner. For example, the head of marketing/stylist of the principal company who receives the order or the press that received the professional material to print, or even a computer programmer who helps along with the web related tasks, etc.
Personal information from such individuals was received from the individuals themselves, via old phone calls, meetings with members of the company. How personal information is handled with confidentiality can be read about above.
VII. Duration of storing data
Blank of contact (name, email address) – until cancellation request
Comments left on the blog (name, email address, comment) – until cancellation request
Subscription of newsletter (name, email address, address, telephone number) – until unsubscribing
Facebook page (name, comment) – until the cancellation of the page itself, until removing the given likes for the page or until the cancellation of operations done on the page
Billing name and address – until the cancellation data included in the law
Information of business partners (name, email address, telephone number) – until the business relationship stands, until cancellation request
Cookies from the ‘sophiemolnardesign.com’ website – until the expiry date of the cookies ends, and until the user cancels cookies from her browser
GA visitors’ statistics – 26 months
VIII. Security arrangements
The company protects personal information against unauthorized access, accidental making information public and against unauthorized information change using appropriate security arrangements. On the company’s laptops a Windows Defender is installed to protect against viruses. Similarly, the company’s telephones are protected by fingerprints and for the company’s Gmail and Facebook accounts are protected by double security log ins. The company’s main website is protected from unauthorized individuals.
IX. Addressees
To provide particular tasks the company uses data elaborators.
Server memory service provider:
MediaCenter Hungary Kft.,
6000 Kecskemét, Sosztakovics street 3. II/6.
Telephone: +36 76/506-618
Email: mediacenter@mediacenter.hu
(Access to the website’s full content, forwarding emails coming to the email account with own domain address)
Receiving and sending emails:
Gmail – Google Inc., Mountain View, California, USA
(Access to mailing and it’s every pieces of data)
Subscribing to the newsletter:
MailChimp
(Access to subscription related data)
Facebook page:
Facebook Inc.
Menlo Park, California, USA
Data management informative: https://www.facebook.com/about/privacy/update
(Access to user name and comments)
Facebook pixel:
Facebook Inc.
Menlo Park, California, USA
(Access to the HTTP-header [IP address, location of the website, the changeover, user agent], pixel identifier, Facebook cookie.)
Google Analytics:
Google Inc., Mountain View, California, USA
(Access to the IP address of visitors that is anomie and not connected to individuals)
Pinterest share button:
Pinterest-Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland
Data management informative: https://policy.pinterest.com/hu/privacy-policy
(Access to information regarding the visit)
X. Individual of concern’s rights
Access to personal data
Partners, clients and website visitors have the right to ask for feedback regarding whether their personal data is being processed end if yes, they have the right to get access to the following information:
Reason for data management,
Categories of the concerned personal rights,
Addressees whom/that was personal information was shared with or will be shared with, including the third country’s addressees and international organisations,
Planned period of data storage, if it is not possible, the aspects of determination of such period,
The right of the concerned to request – from the data manager- to alter, cancel or to constrain managing personal information in relation to the concerned or even object against using her personal information
Right to alter
Partners, clients and website visitors have the right to ask for alteration of incorrect personal information. Considering the reason for data management, even absent information can be asked to be added. Every single addressee is notified about information-altering who was informed about the original pieces of information beforehand. This does not apply to those individuals whose reaching after is impossible or takes an unreasonably long time. If the concerned requests it, she will be notified about the list of addressee.
Right to cancel
Without fictitious delay the company is liable to cancel business partners’, principals’, website visitors’ personal information upon their request or even without request if:
If personal information is no longer necessary for the reason they were collected for or were managed in another way,
If the principal/client/visitor objects against data management and there is no legal reason for data management that has priority,
If personal information were handled against the law,
If member state and EU legal rights that are applied to the personal information manager are cancelled,
If the collection of personal information was done when other social service processes were present
If any personal information was made public and it’s need to be cancelled, in mind with the cost of technology and implementation, all reasonable steps will be made to inform the data managers that the principal/client/website visitor requested the links related to their personal information or the information itself to be deleted, including potential doubles.
The personal information will not be cancelled if data processing is related to for the plea, validation and protection of legal needs. If a request to delete a personal information like this, the company will take it under consideration and will respond with the decision.
Every single addressee is notified about information-altering who was informed about the original pieces of information beforehand. This does not apply to those individuals whose reaching after is impossible or takes an unreasonably long time. Upon request, the client/the principal/the user will be informed about the addresses.
Right to constrain data management
A client/a principal/a website visitor has the right to request the constrain of data management if:
Disputes the clarity, accuracy of personal data,
The data management is illegal and the utilization of personal data is requested not the cancellation of them,
The company no longer needs personal data for data management but the client/user/principal demands the plea, approval, protection of legal needs,
The user/client/principal objected against the data management based on legal interest. In this case, the constrain applied for the time period until the conclusion on whether the data manager’s or the concerned’ legal motivation earns priority was made
If the data management process falls under a constrain, personal information could only be used (apart from storing) with the approval of the user/client/principal or to plea, approve or to protect legal needs or to protect any other legal individual and rights of legal individuals, or the EU and many member states’ important public weal.
The client/user/principal is notified prior to the dissolution of constrain.
Every single addressee is notified about the constrain who was informed about the original pieces of information beforehand. This does not apply to those individuals whose reaching after is impossible or takes an unreasonably long time. Upon request, the client/the principal/the user will be informed about the addresses.
Right to carry information
In cases in which data that is processed automatically, if the data management right is based on approval or the legal basis of the contract the client/principal/website visitor has the right to receive their already given personal information in an articulated, widely used, computer legible format and to plea these pieces of information to another data manager (only if it is technically feasible).
The right to carry information cannot affect others’ rights and freedom in a disadvantageous way.
Right to object
The client/principal can obligate (at any time in relation to her position) against the use of her personal information if data management’s legal base is the legal right. In this case personal information cannot be used any longer, expect, if the company proofs that the use is reasoned by legal forces that have priority above and against the client’s/principal’s rights, interests and freedoms, or which are related to the plea, approval and protection of legal interest.
Automatic decision making in unique cases, including profile creating
The company does not do any automated decision making and profile creating, therefore this right cannot be ensured by us.
XI. Complaints
Your personal information is handled by the biggest circumspection. However, if you feel like the company did not do all expected dispositions to protect your personal data, or if you have a question regarding this, please write to the email address below: sophie@sophiemolnardesign.com
If the company violates the data management principles, individuals concerned can practice their legal remedies in front of the court, in the context of a civil suit. The judgement of the suit is under the court of justice’s command.
The suit can be put into action in front of the individual’s residential court of justice (the list of court of justices and contact can be found here)
Any further complaint or question regarding personal information can be brought to the Hungarian National Authority for Data Protection and Freedom of Information (1125 Budapest, Szilágyi Erzsébet alley 22/c, mailing address: 1530 Budapest, Post office box:5, email address: ugyfelszolgalat@naih.hu, website: http://www.naih.hu.)
XII. Automated decision making
There is no current automated decision making functioning in the company.
XIII. During the determination of legal basis of data management these places of provisions under law were considered:
Newsletter including ads only can be sent out with approval. This is ordered by the European Council (EU) 2016//79. Order 6. item (1) par. a) section and the fundamental terms and its’ limits of the economical advertising law of 2008, XLVIII law. 6 § (1) – (3) paragraph.
Contacting via the website, commenting on the blog, running the Facebook page, the visitors’ statistics and conversion measures, cookies and business relationships, and data management during arrangements considered the European Parliament and Committee (EU) 2016/679. Order 6. Item (1) paragraph a) section.
The legal basis for data management in relation to billing is the European Parliament and Committee (EU) 2016/679. Order 6. Item (1) paragraph c) section and the order on taxation 2017. CL. Order. 78 § (3) paragraph (deadline of safekeeping of warrant) and the law of general sales tax 2007. CXXVII. Order. 169. § e) section (regulatory parts of the bill).
Other commissions
This informative becomes operative from the 25th of May, 2018 and if there will be new guidelines, pols and laws that become public the company will have to modify and review the content. If the company’s centre of activities changes or it brings in new marketing instruments, it will have to be modified as well.
Follow Us!