• info@sysbrand.eu
Instagram
0
0

Free shipping for purchases over 25.500 Ft

Free shipping for purchases over 25.500 Ft

0
0
0
0

Privacy Policy of SYS Brand

General Information:

SYS Brand Kft. (headquarters: Budapest, Gát u. 21. fsz.1, HU-1095, company registration number: [01-09-430538], tax number: [HU32558454], contact information: info@sysbrand.eu), as the data controller (hereinafter: “Data Controller”) and operator of the SYSBRAND.EU website (hereinafter: “Webstore”), handles the data provided by its customers (hereinafter: “Customer” or “Data Subject”) in accordance with this Privacy Policy (hereinafter: “Policy”) and applicable national legislation and legal acts of the European Union.

Purpose of Data Management:

The purposes of data management include the provision of commercial services, differentiation of customers, fulfillment and execution of contracts between the Data Controller and the Customer, verification of obligations and rights related to contracts, collection of claims, statistical analysis, construction of analytical models, maintaining contact, and monitoring services used.

Information of the Data Controller:

  • Name: SYS Brand Kft.
  • Headquarters: Budapest , Gát u. 21. fsz.1, HU-1095
  • Email: info@sysbrand.eu
  • Tax Number: HU32558454

Data management is conducted by internal employees of the Data Controller, and only they can access the data during the data management process. The Data Controller reserves the right to change this Policy at any time, with changes taking effect upon publication on the website.

Definitions:

  1. Personal Data: Any information relating to an identified or identifiable natural person.
  2. Data Management: Any operation performed on personal data, such as collection, recording, organization, storage, transformation, use, transmission, deletion, etc.
  3. Data Controller: The entity that determines the purposes and means of processing personal data.
  4. Data Processor: The entity that processes personal data on behalf of the Data Controller.
  5. Consent of the Data Subject: A voluntary, specific, and informed indication of the data subject’s wishes by which they signify agreement to the processing of personal data.

Data Transfer:

  1. The Data Controller may transfer all legally stored personal data to competent authorities as required by law.
  2. If the Data Controller outsources the operation of the Webstore, data may be transferred to third parties for processing, ensuring continuity and compliance with existing data security rules.
  3. Data transfers are recorded, including the date, legal basis, recipient, and scope of the data transferred.

Data Processors:

  • Accounting service Acris Ltd.
  • Payment system providers Revolut Bank UAB
  • Postal service provider Magyar Posta Zrt.
  • Website maintenance and development IVH d.o.o.

Data processors manage data according to the Data Controller’s instructions, cannot make substantive decisions, and must adhere to the data security provisions set by the Data Controller.

Legal Basis for Data Management:

The legal basis for data management is the Customer’s voluntary consent (GDPR Article 6(1)(b)), given during registration, order placement, or newsletter subscription.

Purpose and Duration of Data Management:

Data is managed to identify the Customer, create and manage contracts, monitor performance, invoice fees, validate claims, and operate the Webstore. Data is stored as long as necessary for these purposes or as required by law.

The Customer provides his/her data during registration or when subscribing to the newsletter, and the Data Manager manages them from then until the registration is canceled or, in the case of the newsletter, for 1 year from the date the last newsletter was opened by the Customer. Data can be deleted or unsubscribed at any time at the Customer’s request, as described in this Notice. Based on the accounting regulations, the Data Controller is obliged to keep the accounting documents and thus the data on which the records are based for eight years based on Section 169 (2) of Act C of 2000 on accounting. 

Contacting the Data Controller:

The data manager deletes all e-mails received by him with the sender’s name, e-mail address, date and time data and other personal data provided in the message after a maximum of five years from the date of communication.

Data security:

The data controller performs the data management in such a way as to ensure the protection of the privacy of the data subjects. The data controller protects the data in particular against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as against accidental destruction and damage, as well as against becoming inaccessible due to changes in the technology used. 

Scope of processed personal data:

During registration, the Customer must provide the following data:

  • surname
  • first name
  • street address
  • postal code/city
  • phone number
  • e-mail address
  • password

By sending the registration, the Customer declares that he has reached the age of 16. Persons under the age of 16 may not register in the Webstore, given that the consent of their legal representative is required for the validity of their legal declaration containing their consent to data management pursuant to Article 8 (1) of the GDPR.  

Data processed as a result of the use of the online store:

Use of cookies: When visiting the website, files in text format are saved on the data subject’s computer (hereinafter: Cookies).

You have the right to decide which of the above-mentioned cookies you allow to be installed on your computer. Please note that if you do not allow the cookies necessary for the operation of the website, certain parts of the website may not be displayed properly and certain functions may not be usable. Viewing and deleting cookies is usually possible at any time by selecting the settings function of the web browser, you can get more information about this from the “Help” function of the web browser. The legal basis for this data management is the voluntary consent of the data subject. 

The operator measures website visitation data using the Google Analytics service. When using the service, non-personal data that cannot be used to identify the person concerned is transmitted. You can read Google’s data protection information at https://policies.google.com/privacy?hl=hu

Customer Rights and Enforcement

Customers (hereinafter referred to as data subjects or Customers) have the right to request information about the processing of their personal data. They can also request corrections, deletions, or restrictions on processing (with the exception of mandatory data processing), exercise their right to data portability, and object to processing as indicated at the time of data collection or through the contact details provided by the data controller.

  1. Right to Information: The data controller ensures that data subjects are provided with all the information required by Articles 13 and 14 of the GDPR, and Articles 15-22 regarding the processing of personal data. This information must be concise, transparent, easily accessible, and clearly written, especially when addressing children. The information can be provided in writing, electronically, or verbally upon verification of the data subject’s identity.
  2. Right to Access: Data subjects have the right to receive confirmation from the data controller on whether their personal data is being processed. If processing is taking place, they are entitled to access their personal data and receive the following information:
    • The purposes of data processing.
    • Categories of personal data involved.
    • Recipients or categories of recipients, including third-country recipients and international organizations.
    • The planned period for which the data will be stored or the criteria used to determine this period.
    • The right to request correction, deletion, or restriction of processing, and the right to object to processing.
    • The right to file a complaint with a supervisory authority.
    • Information on the source of the data if it was not collected from the data subject.
    • The existence of automated decision-making, including profiling, and information about the logic involved and the significance of such processing.

A copy of the personal data must be provided to the data subject, with additional copies available for a reasonable fee. If the request is made electronically, the data should be provided in a commonly used electronic format, unless otherwise requested. The data controller must provide the information within one month of the request.

  1. Right to Rectification: Data subjects can request the correction of inaccurate personal data without undue delay. They can also request the completion of incomplete personal data, including through a supplementary statement.
  2. Right to Erasure (“Right to be Forgotten”): Data subjects can request the deletion of their personal data without undue delay under certain conditions, including:
    • The data is no longer needed for its original purpose.
    • The data subject withdraws consent and there is no other legal basis for processing.
    • The data subject objects to the processing and there are no overriding legitimate grounds.
    • The data has been processed unlawfully.
    • Deletion is required to comply with a legal obligation.
    • The data was collected in relation to the offer of information society services.

If the data has been made public, the data controller must take reasonable steps to inform other controllers to delete links or copies of the data.

This right does not apply if processing is necessary for:

    • Exercising the right to freedom of expression and information.
    • Compliance with a legal obligation or performing a task in the public interest.
    • Reasons of public interest in public health.
    • Archiving purposes in the public interest, scientific or historical research, or statistical purposes.
    • Establishing, exercising, or defending legal claims.
  2. Right to Restrict Processing: Data subjects can request the restriction of processing if:
    • They contest the accuracy of the data (for a period enabling verification).
    • The processing is unlawful and they oppose deletion.
    • The data controller no longer needs the data but the data subject requires it for legal claims.
    • They object to processing pending verification of legitimate grounds.

Restricted data can only be processed with the data subject’s consent, for legal claims, to protect others’ rights, or for important public interests.

  1. Right to Data Portability: Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format, and to transmit this data to another controller without hindrance.
  2. Right to Object: Data subjects can object to the processing of their personal data at any time, particularly if processing is based on public interest, exercise of official authority, or legitimate interests of the controller. If an objection is made, the data controller must cease processing unless compelling legitimate grounds are demonstrated.

For direct marketing purposes, data subjects can object at any time, and the data cannot be processed for these purposes if an objection is made.

  1. Automated Decision-Making and Profiling: Data subjects have the right not to be subject to decisions based solely on automated processing, including profiling, that significantly affects them. This right does not apply if the processing is necessary for a contract, authorized by law, or based on explicit consent, provided that appropriate measures are in place to safeguard the data subject’s rights.
  2. Right of Withdrawal: Data subjects can withdraw their consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

Facebook and Instagram Plugins

On our social media accounts, such as Facebook and Instagram, you can directly contact us through commenting, messaging, and chat functions. The information you provide through these means will be processed solely for the purpose of addressing your comment, request, or inquiry.

Based on legitimate interests, we have the right to manage our social media accounts and the content we share on them, engage with visitors, and respond to your requests.

Additionally, our websites use Facebook and Instagram plugins. When you visit our website, a direct connection is established between your browser and the servers of Facebook and Instagram through the plugin. When you use a service that utilizes these plugins, data can be directly transferred from your device to the social network operators (Facebook and Instagram). We have no control over the data collected by the plugin. If you are logged into these social networks, your use of the service can be linked to your account on these platforms. If you interact with the plugins, such as by liking, following, sharing, or commenting, this information can be automatically displayed in your social media profile. Even if you are not logged into your social media account, the plugins may send your IP address to the social network operators. Please take this into consideration when using our services.

We explicitly emphasize that we have no influence over the extent, nature, and purpose of the processing of your personal data carried out by the social network service providers. Therefore, we refer you to the privacy policies of the social network service providers.

The privacy policies are available at the following links:

Data Security:

The Data Controller ensures the protection of personal data against unauthorized access, alteration, transmission, disclosure, deletion, or destruction.

Contact Information:

For data-related inquiries or requests, contact:

SYS Brand Kft., Budapest, Gát u. 21. fsz.1, HU-1095

Right to Lodge a Complaint:

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority.

Contact details of the National Data Protection and Freedom of Information Authority:

Headquarters:  1125 Budapest, Szilágyi Erzsébet fasor 22/C.

Phone:  +36 1 391 1400

Fax:  +36 1 391 1410

E-mail:  ugyfelszolgalat@naih.hu

Website: naih.hu 

Changes to the Privacy Policy:

The Data Controller may update this Policy periodically. Any changes will be posted on the Webstore, and Customers will be appropriately informed.

Effective Date:

This Privacy Policy is effective as of 1.8.2024

Follow us

Instagram
  • info@sysbrand.eu

JOIN OUR SYS COMMUNITY and gain access to special offers, various ideas for fit recipes, and much more!

Always be up to date

In the SYS Brand online store, you can buy and pay by cash on delivery, card or advance transfer.

  • Free shipping for purchases over 25.500 Ft