Privacy Policy

Privacy Policy

Introduction

The most important goal for Mizsepack Nyomdaipari Kft. is to protect the personal data provided by the visitors of mizsepack.hu, to ensure the right of self-determination of information. Mizsepack Nyomdaipari Kft. undertakes to handle the personal data of its visitors in a way that fully complies with the relevant legal regulations and contributes to the creation of secure internet access for its visitors. Mizsepack Nyomdaipari Kft. treats the personal data of the visitors confidentially, in accordance with the legal regulations in force, ensures their security, takes the technical and organizational measures, and establishes the procedural rules necessary to enforce the relevant legal provisions and other recommendations.

This Policy sets out the principles that govern our personal data protection policy and day-to-day practice, and the purposes for which we use such data and how we ensure the retention and protection of personal data.

In drafting this Policy, we have taken into account the relevant legislation in force, in particular the following:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation -GDPR)
• Act CXII of 2011 on the right to information self-determination and freedom of information (Info. tv.)

Concepts and interpretations of personal data

Personal data:

any information relating to an identified or identifiable natural person; identify a natural person who, directly or indirectly, in particular by reference to one or more factors such as name, number, location, online identifier or physical, physiological, genetic, mental, economic, cultural or social identity of the natural person identifiable;

Data handling:

any operation or set of operations on personal data or files, whether automated or non-automated, such as collecting, recording, organizing, segmenting, storing, transforming or altering, querying, accessing, using, transmitting, distributing or otherwise making available , harmonization or interconnection, restriction, deletion or destruction;

Data controller:

a natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of the processing are determined by Union or Member State law, the controller or the specific aspects of the designation of the controller shall also be governed by Union or Member State law;

Data processor:

a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller;

Principles and legal basis of data handling

Principles of personal data processing:

1. a) be processed lawfully and fairly and in a manner that is transparent to the data subject (“legality, fairness and transparency”);
2. b) be collected for specified, explicit and legitimate purposes and not be treated in a way incompatible with those purposes (“purpose limitation”);
3. c) they must be appropriate, relevant and limited to what is necessary for the purposes of the processing (“data saving”);
4. d) they must be accurate and, where necessary, kept up to date; all reasonable measures must be taken to ensure that personal data which are inaccurate for the purposes of data processing are erased or corrected without delay (“accuracy”);
5. e) it must be stored in a form which allows the identification of data subjects only for the time necessary to achieve the purposes for which the personal data are processed (“limited storage”);
6. f) shall be handled in such a way as to ensure the adequate security of personal data, including the protection against unauthorized or unlawful processing, accidental loss, destruction or damage to personal data, by applying appropriate technical or organizational measures (“integrity and confidentiality”).

In all its data management, the Company will act in accordance with the principles above and will take the necessary measures to demonstrate compliance with the data management principles (“accountability”).

Legal basis for the handling of personal data:

Data handling can only be performed if the appropriate legal basis is available. In the absence of an appropriate legal basis, data processing cannot be lawfully pursued.

Such a legal basis could be:

• if the data management is based on law i.e. necessary for the fulfilment of legal obligations concerning Mizsepack (e.g. fulfilment of tax and accounting obligations)
• if the data subject has given its consent to the processing of his or her personal data for one or more specific purposes (e.g. filling in a contracting authority)
• if it was based on the legitimate interest of Mizsepack (e.g. data management to prevent fraud)
• if the handling is necessary for the performance of a contract in which the data subject is a party, or it is necessary to take steps at the request of the data subject prior to the conclusion of the contract; (e.g. to fulfil a contract)
• if the processing is necessary to protect the vital interests of the data subject or another natural person (e.g. data processing to search for a missing person)

The Data subject’s rights related to data management:

The Data Subject may request from Mizsepack:

1. a) access to personal data concerning her/him,
2. b) the rectification of its personal data; and
3. c) the erasure or restriction of the processing of its personal data, with the exception of mandatory data processing.

Right of access:

The data subject has the right to receive feedback from Mizsepack as to whether the processing of his/her personal data is in progress and if such processing is in progress, he/she have the right to access the personal data.. Mizsepack will provide the Data Subject with a copy of the personal data that is the subject of data processing. For additional copies requested by the Data Subject, Mizsepack may charge a reasonable fee based on administrative costs. If the data subject has submitted the request electronically, the information shall be provided in a widely used electronic format, unless otherwise requested by the data subject.

Right to rectification:

The Data Subject has the right to have inaccurate personal data concerning him/her corrected at his/her request without undue delay.

Right to erasure:

The Data Subject has the right to have its personal data deleted by Mizsepack at its request without undue delay. Mizsepack is obliged to delete the personal data of the data subject without undue delay if one of the following reasons exists:

1. a) personal data are no longer required for the purpose for which they were collected or otherwise processed;
2. b) the Data Subject withdraws its consent under Article 6 (1) (a) or Article 9 (2) (a) of the General Data Protection Regulation and there is no other legal basis for the processing;
3. c) the Data Subject objects to the processing pursuant to Article 21 (1) of the General Data Protection Regulation and there is no overriding legitimate reason for the processing, or the Data Subject objects to the processing pursuant to Article 21 (2) of the General Data Protection Regulation;
4. d) personal data have been processed unlawfully;
5. e) personal data must be deleted in order to comply with a legal obligation under Union or Member State law applicable to the controller;
6. f) the personal data were collected in connection with the provision of information society services referred to in Article 8 (1) of the General Data Protection Regulation (conditions for the consent of a child).

Right to restriction of processing:

The Data Subject have the right to restrict the processing of data at its request if any of the following is met:

1. a) the data subject disputes the accuracy of the personal data, in which case the restriction shall apply for a period which allows the controller to verify the accuracy of the personal data;
2. b) the processing is unlawful and the data subject opposes the deletion of the data and instead requests that their use be restricted;
3. c) the controller no longer needs the personal data for the purpose of processing the data, but the data subject requests them in order to submit, enforce or protect legal claims; or
4. d) the data subject has objected to the processing pursuant to Article 21 (1) of the General Data Protection Regulation; in this case, the restriction shall apply for as long as it is established whether the legitimate reasons of Mizsepack take precedence over the legitimate reasons of the data subject.

If the processing is restricted, such personal data may be processed, except for storage, only with the consent of the data subject or for the purpose of bringing, enforcing or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State.

Right to data portability:

The Data Subject is also entitled to receive the personal data concerning him/her made available by him/her to Mizsepack Kft. in a structured, widely used, computer-readable format. Furthermore, he/she has the right to transfer this data to another data controller without being hindered by the controller to whom the personal data have been made available, if: (i) processing is based on a consent pursuant to Article 6 (1) (a) or Article 9 (2) (a) of the General Data Protection Regulation or is based on a contract pursuance of Article 6 (1) (b) of the General Data Protection Regulation; and (ii) the data processing is automated

General rules for the exercise of the right of the Data Subject:

Mizsepack Kft. shall inform the Data Subject of the measures taken following its application without undue delay, but not later than within one month from the receipt of the application. If necessary, taking into account the complexity of the application and the number of applications, this period may be extended by a further two months. Mizsepack Kft. shall inform the Data Subject of the extension of the deadline, indicating the reasons for the delay, within one month from the receipt of the request. If the data subject has submitted the request electronically, the information shall, if possible, be provided electronically, unless the data subject requests otherwise.

Enforcement options:

In case of violation of the rights of the Data Subject, the Data Subject may file a lawsuit against Mizsepack Kft. The court is acting out of turn in the case. Mizsepack Kft. is obliged to prove that the data processing complies with the provisions of the law.

Mizsepack Kft. is obliged to compensate the damage caused to others by the illegal handling of the data of the Data Subject or by violating the requirements of data security. Mizsepack Kft. is released from liability if it proves that the damage was caused by an unavoidable cause outside the scope of data processing. The damage shall not be compensated to the extent that it resulted from the intentional or grossly negligent conduct of the injured party.

In case of a complaint related to the processing of personal data, the Data Subject may also apply to the National Data Protection and Freedom of Information Authority (Dr. Attila Péterfalvi, Chairman of the National Data Protection and Freedom of Information Authority, postal address: 1363 Budapest, Pf. 9., address: 1055 Budapest, Falk Miksa utca 9 -11., Phone: +36 (1) 391-1400; Fax: +36 (1) 391-1410; E-mail: ugyfelszolgalat@naih.hu; website: www.naih.hu).

Information on the handling of cookies used on the website www.mizsepack.hu

1. Why do we use cookies?

The so-called visitor IDs (cookies, cookies) are files or pieces of information that are stored on your computer (or other Internet-enabled device, such as your smartphone or tablet) when you visit a page. A cookie usually contains the name of the site it came from, its own “lifespan” (i.e., how long it stays on your device) and its value, which is usually a randomly generated unique number.

Based on expiration, we can use two types of cookies on the pages: session cookies and persistent cookies. Session cookies are temporary, that is, they remain on your device until you leave our site. Persistent cookies remain on your device, and may remain until you manually delete them.

2. What types of cookies do we use?
3. a) Cookies required for operation:

These cookies ensure the intended and proper operation of the website’s features, facilitate its use, and typically collect information about its use without personally identifying our visitors (for example, making it easier to remember previous steps when you navigate back to a page in the same session). They help visitors to browse on the website, to use its functions and services available through the website smoothly and fully in particular noting the visitor’s actions on those pages or identifying the logged-in user during a visit. The duration of the processing of these cookies only applies to the current visit of the visitor, these type of cookies are automatically deleted from your computer at the end of the session or when the browser is closed.

1. b) Cookies that facilitates use:

These cookies remember the user’s choices, such as the form in which the user wants to see the page. These are essentially the setting data stored in the cookie itself.

This data is mostly on the user’s computer, the website may only access and recognize the visitor.

1. c) Performance Cookies:

These cookies collect information about the user’s behaviour, time spent and clicks within the visited website. These are typically done through third party applications (e.g. Google Analytics, AdWords).

3. Privacy information about the cookies used:

The website of our company may record and manage the following data about the visitor and its device when using the website:

• The IP address used by the visitor,
• Browser type,
• The operating system characteristics of the device you are browsing on (language set),
• Date of visit,
• The (sub) page, feature, or service you are visiting,
•  

Company name and contact details of the data controller: Mizsepack Nyomdaipari Kft. (Registered office: 6050 Lajosmizse, Gyártelep 3; company registration number: 03-09-100303; tax number: 10464430-2-03).

4. You can find information about the cookie settings of the most frequently used browsers at the following links:

Google Chrome

Mozzila Firefox

Microsoft Edge

Microsoft Internet Explorer

Safari (Mac computer application)

Safari (iPhone, iPad or iPod touch devices)

5. Data subjects’ rights and enforcement options:

In connection with the processing of personal data, the Data Controller may be requested to access, rectify, delete or restrict the processing of personal data concerning the data subject, and the data subject may object to the processing of such personal data and exercise the right to data portability if the conditions are met. The Data Subject may contact the Data Controller at any time regarding the processing of its personal data (Telephone: + 36 (76) 556 789; Email: info@mizsepack.hu), furthermore, in the event of a complaint concerning the processing of its personal data, the Data Subject can also contact the National Data Protection and Freedom of Information Authority (postal address: 1363 Budapest, Pf .: 9., address: 1055 Budapest, Falk Miksa utca 9-11., Phone: +36 (1) 391 -1400; Fax: +36 (1) 391-1410; Email: ugyfelszolgalat@naih.hu; website: www.naih.hu).