Linda Smart Technologies Zrt. (Business Registration: 01-10-142252, EU VAT Registration Number: HU32220276, Registered Office: 1188 Budapest, Kelme u. 6., hereinafter Linda Smart Technologies Zrt. as a provider or data controller) as a data controller expresses consent to be bound by the content of present legal notice.

This information is intended to record the privacy and data management principles applied by Linda Smart Technologies Zrt. and the Company's privacy and data management policy.

Linda Smart Technologies Zrt. undertakes to ensure that all data flow and data processing related to its activity is in accordance with the provisions of this Prospectus and of Act CXII of 2011 on the right to Informational Self-determination and on Freedom of Information (hereinafter: Info act) and the requirements set out in EU General Data Protection Regulation 20 16/679 (hereinafter: GDPR).

Linda Smart Technologies Zrt. is committed to protecting the privacy of its clients' and partners’ personal data and it considers it a priority to respect their informational self-determination. Linda Smart Technologies Zrt. treats personal information confidential and will take all security, technical and organizational measures that guarantee the security of the data.

Definitions

The scope of personal data, the purpose, legal basis and duration of data processing

The data controller's data management is based on a voluntary contribution, contractual or statutory obligation. The legal basis of the data controller's processing of data is the fulfilment of the services provided and used by him/her and other related contracts (hereinafter referred to as "Contracts") which he or she is providing and its aim is intended to fulfil the rights and obligations arising from the contract.

The Data Controller is entitled to manage and retain personal data until the fulfilment of the contracts specified above, the complete settlement and until the retention period required by law necessary to comply with legal obligation.

Our competent internal staff is entitled to get to know primarily the data processed by the data controller, we do not pass it over to third parties except for a legitimate interest (such as debt collection), statutory obligation of if the user has previously given his/her explicit consent to it.

The data controller may use data processors of a GDPR compliant third party contracted to a written contract in order to comply with the Contracts.

Parties or their subcontractors employed as data processors may handle all personal data of the data controller and third party data controllers solely for the fulfilment of used or provided services by the data controller, for the performance of other contracts in the subject and for the fulfillment and exercise of rights and obligations.

The data controller confirms that the party receiving data as a processor is entitled to handle personal data.

If one of the parties acts as a data processor under the relevant data protection law, - in accordance with Article 28 of the GDPR regulation - the parties are required to conclude a written data processing agreement or a matching agreement to comply with the law. In the course of the performance of the contract, the data processor receiving the request for the transfer of personal data to the data processing third party is obliged to obtain the prior written consent of the data controller and to conclude a GDPR compliant contract of written data processing that is similar to the content specified therein.

When third-party data processors fail to meet their obligations set out in the GDPR, the receiving party shall have full responsibility to the data controller under the GDPR. In the event of termination of the Contracts, upon the written request of the data controller the data processing party - acting reasonably - is obliged to return all personal data processed and all data resulting from processing to the data controller and to cancel all copies thereof, except for the data for which the law requires data retention.

During the execution of the Contracts and during the relevant retention period, the receiving party shall ensure

  1. the protection of the personal data of the data controller by the means of the most up-to-date security measures, and
  2. limited access of qualified workers under the obligation of adequate secrecy.

The data subject is entitled to receive feedback from the data controller about whether his or her personal data is being processed and, if such data is being processed, he or she has the right to access the personal data and the following information.

The data subject shall have the right to request from the data controller to rectify - without undue delay - any inaccurate personal data of that of the data subject. Taking into account the purpose of data management, the person concerned has the right to request the supplementation of incomplete personal data, including by means of a supplementary declaration.

The data subject shall have the right to request from the data controller to delete – without undue delay - the personal data related to the data subject, and the data controller is obliged to delete the personal data of the data subject without undue delay if other conditions are met.

The data subject shall have the right to request that the data controller restricts his or her data handling if one of the following is met:

  1. the person concerned disputes the accuracy of the personal data; in this case, the restriction applies to the length of time until the data controller inspects the accuracy of the personal data;
  2. data processing is illegal and the data subject opposes the deletion of the data and instead asks for restriction on the use;
  3. the data controller no longer needs the personal data for data processing, but the data subject requires them to submit, enforce, or protect legal claims; or
  4. the person concerned objected data handling; in this case, the restriction applies to the time period during which it is established whether the legitimate interests of the data controller prevail over the legitimate grounds of the party concerned.

The data controller informs all addressees of any rectification, deletion or limitation of data handling with whom or with which personal information has been communicated, unless this proves impossible or requires disproportionate effort. At the request of the data subject, the data controller shall inform him or her of those addressees.

The data subject shall have the right to receive his or her own personal data - previously made available to the data controller by him or her - in a structured, widely used machine-readable format and shall be entitled to transmit such data to another data controller without this being obstructed by the data controller to whom the personal data has been provided if the data is handled on a voluntary or on a contractual basis and the data management is handled automated.

If the personal data is handled for direct business purposes, the data subject is entitled to object at any time to the handling of personal data relating to that purpose, including profiling if it is related to direct business acquisition.

If a person objects to the personal data being handled for direct business purposes, then the personal data may no longer be handled for that purpose.

The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

If a potential personal data breach within the data management system is likely to be a high risk to the rights and freedoms of natural persons, the data controller shall inform the data subject of the data breach without undue delay.

Personal data handling, security of data management

The data controller's computing systems and other data retention locations are located at the headquarters, branches and relevant servers.

The data controller selects and manages the IT tools used to manage personal data in the provision of the service so that the data handled should be:

The data controller protects the data by appropriate measures, in particular against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as unavailability due to accidental destruction, damage, and the technique used.

Taking into account of the current state of the art, the data controller shall implement appropriate technical, organizational and institutional measures to protect the security of data management, providing a level of protection appropriate to the data handling risks.

At the same time, we inform the people concerned that electronic messages, protocols (e-mail, web, ftp, etc.) transmitted over the Internet are vulnerable to network threats that lead to dishonest activity, controversy or disclosure or modification of information. To protect such threats, the data controller will take all the precautionary measures he or she may have to take.

Cookies

When you visit https://lindasmart.shop (and / or its associated domain names with the same content), the service provider sends one or more cookies - that is, a small file containing a series of characters - to the visitor's computer, which will allow its browser to be individually identifiable. These cookies will only be sent to the visitor's computer by visiting certain sub-pages, so in this case only the fact and actual time of visiting that sub-page will be stored, no other information.

The use of these cookies is as follows: external service providers, including Google, with the help of these cookies store the fact if the user has previously visited the webpage of http://lindasmart.shop (and / or its associated domain names with the same content).

If the User does not want Google or other providers to measure the above data as described and intended earlier, he or she should install a plug-in that blocks cookies in his or her browser.

The "Help" feature in most of the browser's menu bar provides you with information about your browser

Customer service

If you have any questions, remarks or concerns about our company, data management or using our services, you may contact us on any of our contact information found on our website.

Other

We provide information about data management not listed above upon data recording.

Notifying the parties concerned our company reserves the right to unilaterally modify this Privacy Statement.

Our company does not control the personal information provided. Only the person who gave it is responsible for the compliance of the data provided. Upon entering his or her email address, the party concerned takes responsibility that he or she is the only person using the service from the specified e-mail address.

We inform our customers that the investigating authority, the National Data Protection and Information Authority and other bodies based on the authority of the law may contact Linda Smart Technologies Zrt. for information, disclosure, transfer or filing of documents.

Procedural rules

The data controller has 30 days to provide information on personal data, correct or delete it. If the data controller fails to comply with such claim, he or she shall state the reasons for the rejection within 30 days.

Data Protection Authority

You may lodge a complaint with the National Agency for Data Protection:

National Agency for Data Protection, 1125 Budapest, Szilágyi Erzsébet fasor 22/C., Postal address: 1530 Budapest, Pf.: 5., Telephone: 06.1.391.1400, Fax: 06.1.391.1410, E-mail: ugyfelszolgalat@naih.hu, Website: http://www.naih.hu

All the obligations contained in this summary will be retained even after the termination of the Contracts.