The aim of the websites of Valdo Cafe System Kft. (2737 Ceglédbecel, Iskola utca 58, hereinafter referred to as “Provider”), available on the domain www.valdocafe.com (hereinafter referred to as “Website”), is to present the products manufactured and sold by itself.
Provider (as data controller) hereby informs the users of this Website about the personal data it processes on the Website, the principles and practices of processing personal data, the organisational and technical measures taken for protecting personal data, as well as the means and options for exercising user rights of the Users involved.
Provider shall process the recorded personal data as confidential, in compliance with the data protection regulations and international recommendations, in accordance with this Privacy Statement. Provider is committed to protecting the personal data of its Partners and Users, therefore it is particularly important for Provider to respect the informational self-determination rights of the Website’s Users. Provider shall process all personal data as confidential and take every security, technical and organisational measure to ensure the safety of such data.
Provider is entitled to unilaterally modify this Privacy Statement, following the prior notification of the Users of the Website. The modified provisions take effect upon User’s first visit to the website following the publication thereof.
If you have any questions after perusing this Privacy Statement, please refer them to firstname.lastname@example.org, and our colleagues will reply to your query.
By using the Website, User accepts the Privacy Statement and consents to the processing of their data, as specified below.
1. Principles and definitions
Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (“Privacy Act”) stipulates that personal data may be processed only when the data subject has given his consent, or when decreed by law or by a local authority due to public interest. Personal data may only be processed for specified purposes, to exercise certain rights or perform certain obligations. Data processing shall comply with the purpose of the data processing at all stages. The recording and the processing of data shall be fair and legal. Only personal data that is crucial to the purpose of data processing and is suitable for achieving that purpose may be processed. Personal data may only be processed to the extent and for the period of time necessary for achieving the purpose. Data relating to the data subject – particularly the name, tax identification number or details about their physical, physiological, mental, economic, cultural or social identity –, as well as conclusions drawn therefrom regarding the data subject are considered personal data.
No consent of the legal representative is required for legally incapacitated persons or minors with limited legal capacity, since the Statement refers to frequent, everyday life mass registrations that do not require particular consideration.
2. Details of the Data Controller
- Provider’s name: Valdo Cafe System Korlátolt Felelősségű Társaság (hereinafter referred to as Provider)
- Provider’s registered seat: 2737 Ceglédbercel Iskola utca 58..
- Mailing address: 1224 Budapest, Ezüstgaras utca 14.
- Representative/Head of Site: Michael Irsay, CEO
- Company Registration Number: 13-09-130927
- Tax Registration Number: 14876819-2-13
- Provider’s customer services email address: email@example.com
- Provider’s phone number of the : +3613626595
3. The scope of personal data, purpose, legal grounds and duration of data processing
In accordance with Article 5 Paragraph (1) a) of Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (hereinafter referred to as the “Privacy Act”), the data processing of Provider is performed with the voluntary consent of User and in compliance with Act CVIII of 2001 on certain aspects of electronic commerce and information society services.
Provider does not check the provided personal data or the validity thereof. The data providing person, User or Contracting Party is solely responsible for the appropriateness of the provided data. When providing an email address, all Users undertake responsibility that they are they exclusively use provided email address. For this reason, any liability for logins related to an email address shall be borne exclusively by the User who provided the email address.
3.1. Technical data of Visitors to the Website, cookies
Anonymous visitor identifiers (cookies) are files or pieces of information stored on your computer (or other devices capable of connecting to the Internet, such as your smartphone or tablet) when you visit a Valdo Cafe site. A cookie usually includes the name of the Website, its origin and “lifespan” (i.e. how long it will remain on your device) and its value, which is usually a randomly generated, unique number.
Two types of cookies are used on Valdo Cafe websites: session cookies and persistent cookies. Session cookies are temporary, i.e. they only stay on your device until you are browsing a Valdo Cafe website. Persistent cookies remain on your device for much longer, possibly until you manually delete them.
Some websites also collect information using pixel tags, which can be shared with a third party. This directly supports our promotional activities and the development of our websites. For example, the information on how visitors use our websites can be shared with advertisement agencies in order more efficiently use online advertisements on our websites. Such information does not make personal identification possible, even if it is linked to personal data.
Controlling and deleting cookies
In default, most Internet browsers accept cookies. You can change these settings in order to block cookies or ask for notifications when cookies are set up on your device. There are several ways to manage cookies. Please check your browser information or the help page if you need more information on browser settings and their modifications.
Analysing log files
Analysing log files provides a lot of useful information for the service providers. In the log files servers record data on requests sent by visitors, including the dynamic IP address of the computer, the browser type, the address of the requested website etc. This information is not suitable for personal identification. Such data is used for to analyse trends, prepare site statistics, do administration of the services and analyse the “movement” of visitors, which all help us improve the standards of our services. The series of data thus retrieved is suitable for personal identification; however, we do not connect them to information collected from other sources.
If you have any questions or problems related to our services, contact the Provider at any of the contact details specified under Section 2.
Provider shall delete all incoming messages, together with the name, email address and other, voluntarily provided personal data of the sender within 90 days following the resolution of the case.
4. Data processing
It is first and foremost Provider and their internal employees are entitled to be familiar with the data, and they may not publish or make them available to third parties.
Provider may engage data processors (e.g. system operators or accountants) in the process.
5. The storing of personal data, security of data processing
Personal data related to the website is mainly processed by Valdo Cafe System Kft. Provider stores the data on a dedicated server that are guarded 24/7.
Provider ensures the security of data processing with technical, organisational and systemic measures that provide a level of protection corresponding to the risks related to data processing.
The IT system and network of Provider is protected against computer-assisted fraud, spying, sabotage, vandalism, fire and floods, as well as against computer viruses, hacks and denial-of-service (DoS) attacks. Provider ensures the security of the data with server-level and application-level security procedures.
Regardless of protocol (email, web, ftp etc.), electronic messages forwarded on the Internet are vulnerable against network threats that lead to fraudulent activity, the contesting of a contract or disclosure or modification of information. Provider makes every reasonable effort for the protection against such threats. It provides surveillance for the systems in order to record every security anomaly and have proof in the event of any security related event. The surveillance of the system enables Provider to check the efficiency of the applied security measures as well.
6. User rights, judicial remedies
6.1. The right to Information
User is entitled to request information on their personal data processed by the Provider in mail, or in an email sent to firstname.lastname@example.org.
Upon User’s request, Provider shall provide information on the data relating to the User that is processed by the Provider, on the purpose, legal grounds and duration of the data processing, as well as recipients of such data along with the purpose thereof. Provider shall provide the requested information in writing within 25 days following the receipt of the request.
User may contact the employees of the Provider regarding any questions or comments related to the data processing, at the contact information specified below.
6.2. User may request the deletion, correction or blocking of their data
User is entitled to request the correction or deletion of their data recorded incorrectly using the contact details specified below. Provider shall delete the data within 5 days following the receipt of the request, and in this case, they cannot be recovered later. The deletion does not concern the data processing required by legislation (e.g. by accounting law), as Provider will retain such data for the required time period.
User may also request the blocking of their data. Provider shall block personal data if User requests it, or if it can be presumed – based on the available information – that their deletion would violate User’s legitimate interests. Such blocked personal data may only be processed until the purpose of data processing that excluded their deletion persists.
The User and all persons to whom data have been sent for the purposes of data processing shall be informed about the correction, blocking and deletion of the data. Their notification may be omitted if it does not prejudice the legitimate interests of User regarding the purpose of data processing.
If Provider fails to fulfil User’s request for correction, blocking or deletion, it shall inform User in writing about the factual and legal grounds for refusing to fulfil the request for correction, blocking or deletion, within 25 days following the receipt of the request.
6.3. User may object to the processing of their personal data
User may object to the processing of their personal data. Provider shall examine the objection within the shortest time period possible, but no later than within 25 days following the filing of the request it shall make a decision on whether the objection was grounded, and it shall inform the applicant about the decision in writing.
User may exercise this right by sending their objection to any of the contact information specified under Section 2.
6.4. Means of judicial remedy in accordance with the Privacy Act and Act V of 2013 on the Civil Code
If providing information is refused, or the request for correction, deletion or blocking is rejected, User may refer to the National Authority for Data Protection and Freedom of Information.
If User disagrees with the decision on their objection to the processing of their personal data, or if Provider fails to comply with the time limit, User may refer to a court within 30 days following the receipt of the notification on the decision or following the expiry of the deadline.
National Authority for Data Protection and Freedom of Information (NAIH)
1125 Budapest, Szilágyi Erzsébet fasor 22/c.
If User provided the data of a third party to receive the service, or caused any damage in the course of using the Website, Provider is entitled to receive compensation from User. In such cases, Provider shall do their best to help the acting authorities establish the identity of the infringer.
7. Miscellaneous provisions on data processing
We hereby inform Users that the court, the prosecutor and the investigating authority may contact Provider in order to request information, data, transfer of data or supply of documents (Article 71 of Act XIX of 1998 on Criminal Proceedings). Provider shall only transfer personal data to the extent required by the request, if the authority has specified the exact purpose and the scope of the requested data.
Provider reserves the right to unilaterally modify this Privacy Statement, following prior notification of the Users (by notification on the Website). By using the Website following the modification of the Privacy Statement User consents to the changed content thereof.
This Privacy Statement takes effect on 26 March 2017.