Privacy Policy


1. Introduction

The operator of the website www.apartgallery.hu, Artysense Kft. (Company Registration Number: 01-09-432658, Tax Number: 32081239-1-42, Registered Office: 1063 Budapest, Szinyei Merse Pál u. 21., hereinafter referred to as the "Controller"), is committed to the protection of personal data and complies with the EU General Data Protection Regulation 2016/679 (GDPR) when processing data.


This policy provides detailed information on how the Controller collects, uses, stores and protects personal data.


2. General provisions

The Controller processes personal data to process electronic orders, to fulfill purchase contracts and for the necessary communication with the Customer.


Contact details of the Controller:

E-mail: apartgallerybudapest@gmail.com

Phone: +36 20 291 7632

Personal data is processed for the period specified by law and will not be transferred to other countries.


3. Source of personal data

The personal data provided by the Customer are collected during the electronic order created in the e-shop.

The scope of the processed data: name, address, telephone number, e-mail address, as well as purchase and delivery data.

The Controller only processes the Customer's identification and contact data, which are necessary for the performance of the contract;

Personal data will not be published or transferred to other countries.

The Controller processes personal data for the period specified by law for delivery and accounting purposes, as well as for the necessary communication between the contracting parties.


4. Purpose and legal basis of data processing

The Controller processes the Customer's personal data for the following purposes:

Registration on the website in accordance with Section 2 of Chapter 4 of the GDPR;

To fulfill the electronic order created by the Customer (name, address, e-mail, telephone number);

Compliance with laws and regulations arising from the contractual relationship between the Customer and the Controller;

Personal data is necessary for the fulfillment of the purchase contract. The contract cannot be concluded without personal data.

Purposes of data processing:

Fulfillment of purchase contracts.

Handling of invoicing and delivery.

Fulfillment of legal obligations (e.g. accounting).

Ensuring customer relations (e.g. sending notifications).


Legal grounds:

Fulfillment of a contract (Article 6 (1) b) of the GDPR).

Fulfillment of a legal obligation (Article 6 (1) c) of the GDPR).

Consent (GDPR Article 6 (1) a)).


5. Duration of storage of personal data

Retention period of data arising from the contractual relationship: 3 years after the performance of the contract.

Retention of billing data: 8 years in accordance with legal requirements.

After the storage period, the personal data will be deleted.


6. Recipients and processors of personal data

Data processors with access to the Customer's personal data:

Webnode AG (webshop administrator).

Shipping partners (for the purpose of delivering orders).

Google Analytics (website statistics).

The processing takes place exclusively for the purpose of fulfilling the contract between the Controller and the Customer.


7. Customer rights

The Customer may exercise the following rights:

Right of access: request information about the personal data processed.

Right to rectification: you can request the rectification of inaccurate or incomplete data.

Right to erasure: you can request the deletion of your data after the storage period has expired.

Right to object: you can object to the processing of your data.

Right to data portability: you can request the release of your data in a structured, machine-readable format.

Right to withdraw consent: you can withdraw your consent to the data processing at any time.

Right to complain: you can file a complaint with the National Authority for Data Protection and Freedom of Information (NAIH).


NAIH contact details:

Address: 1055 Budapest, Falk Miksa utca 9-11.

E-mail: ugyfelszolgalat@naih.hu

Telephone: +36 1 391 1400


8. Protection of personal data

The Controller applies appropriate technical and organizational measures to ensure the security of personal data.

Measures:

Password-protected systems.

Regular software updates and maintenance.

Application of virus protection.


9. Final provisions

By placing an electronic order on the website, the Customer declares that he has understood and accepted the data protection policy.

The Operator will inform the Customers about the modification of the policy on the website.


Effective date: Budapest, 2024.11.13.


If you have any further questions, please contact us at the contact details provided.