Privacy Policy

1. GENERAL INFORMATION

It is very important for us to comply with the currently valid data protection regulations and laws, so below we will discuss and present in detail the data protection steps and processes related to data collection with regard to our website, catmuseumbudapest.hu. The data is managed by CatMuseum Budapest.

Contact details:

Full legal name: Orsolya Török, sole trader

Phone number: +36 30 8500 115

Email address: catmuseumbudapest@gmail.com

Postal address: 1054 Budapest, Vadász utca 26.

2. WHAT PERSONAL DATA DO WE PROCESS AND FOR WHAT REASONS?

Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected can lead to the identification of a particular person, also constitute personal data.

On the catmuseumbudapest.hu website, we process the following personal data, specifying the legal basis:

COMMUNICATION DATA

This includes any message you send to us through the website, email, social media, or any other form of communication.

We process and store these data in order to be able to fulfill the orders and to provide a basis for decision in case of possible legal claims.

Our legal basis for this processing is the user’s verifiable interest in our activity, which can be found in the messages addressed to us.

CUSTOMER DATA

It includes all data related to the purchase of products and services, such as the customer’s name, shipping and billing address, e-mail address, phone number, and details of the purchased product.

We process this data in order to successfully fulfill orders and to have legally adequate records of purchases.

The legal basis for the storage of data is the fulfilment of the contract between the customer and CatMuseum Budapest.

USER DATA

This includes the data generated during the use of the website, which enables the technical operation of the site, to maintain the security of the site, to store backups of the users’ activities, and to ensure that you always have access to the most relevant content.

The legal basis for the processing of the data is the user’s clear interest in our activities. This and the technical functional of our website require the storage of user data.

TECHNICAL DATA

This includes data generated during the use of the website, such as the IP address, login information, browser data, visit time of each page, page views and navigation paths, the number and time of page visits, time zones, and the data of the device with which you view the page.

The source of the data is our analytics software.

We process this data in order to analyse the habits of users on the site, to maintain the safe operation of our site, and to understand the usefulness of our individual marketing decisions.

The legal basis for data processing is the user’s clear interest in our activity, which enables us to process this data in accordance with security requirements and use it to improve our business in order to operate more effectively.

MARKETING DATA

It includes the visitor’s preferences, which marketing content they would like to receive from us. We process this data in order to enable participation in Giveaways, and to send advertising related to our products/services in which the user has expressed interest.

The legal basis for data processing is the user’s clear interest in our activity, which enables us to process this data in accordance with security requirements and use it to improve our business in order to operate more effectively.

We can sometimes use the collected data for purposes such as providing targeted, relevant ads on the Facebook™ platform and various dynamic advertising platforms, and to measure the effectiveness of the ads.

The legal basis for data processing is the user’s clear interest in our activity, which enables us to process this data in accordance with security requirements and use it to increase business in order to operate more effectively.

In the course of our activities, we do not collect sensitive data such as ethnicity, religious views, sexual life and orientation, political opinions and trade union membership, or medical background, and genetic or biometric information.

3. HOW DO WE COLLECT DATA?

We may collect personal data when the user directly provides it to us (for example, by placing an order or sending a message).

Furthermore, certain data are collected automatically during the use of the website, for example with “cookies” and similar technologies. They only come into effect after the user’s consent has been given.

For more information, please see our Cookie Notice.

We receive certain data from external partners, including analytics providers such as Google (non-EU partner), advertising networks such as Facebook™ (non-EU partner), and payment partners such as Paylike.

4. OUR PRACTICAL STEPS TO DATA PROTECTION COMPLIANCE

The protection of user data and compliance with the current regulations are extremely important to CatMuseum Budapest. Therefore, after conducting a data protection impact assessment on the site, we prepared a list of the collected data, its necessity and legal basis, and its legal compliance.

  • In order to protect the data entered on the forms and generated on the site, we use SSL certification on the entire website (Let’s Encrypt Authority X3 certification).
  • In order to protect the site against attacks, we use premium security software (iThemes Security Pro) to protect the stored data against so-called “brute force” and virus attacks.
  • Purchase and user data are stored in encrypted form (pseudonymization) in the site’s databases, so they cannot be read by third parties.
  • In this data protection declaration, we provide users with forms to request information about the management of their personal data, to modify or delete their personal data.

From time to time, for the sake of our business activities, it is necessary to provide data to our service partners (for example, hosting provider, courier company, newsletter software).

In such cases, we always choose a provider that meets the requirements of the GDPR regulation and, in the case of a US-based partner, participates in the EU-US Privacy Shield data protection initiative. We also sign a data management contract with these providers, ensuring responsible data management.

5. MARKETING COMMUNICATION

Marketing communication is indispensable in the course of the company’s activities. The legal basis for data management in this regard is the expression of interest in our services or the express consent of users.

Based on the Privacy and Electronic Communications Regulations (PECR) of the European Union, we send messages for marketing purposes to our users if they have purchased from us or have specifically agreed to receive marketing messages.

Suspension of consent and unsubscribing from message are possible in a clearly visible manner in all cases. At the bottom of each e-mail, you can find an unsubscribe link, or you can request your removal from the database by sending an email to catmuseumbudapest@gmail.com.

We can also send messages in the case of unsubscribing from marketing communications, but only regarding the fulfilment of orders.

6. NOTICE REGARDING PERSONAL DATA

From time to time, it is necessary to share certain personal data with some of our partners in order to maintain normal business operations:

-IT service providers, and service providers performing troubleshooting and maintenance on computer systems

– Expert partners, such as lawyers, accountants, bankers, insurance companies

-Government bodies that request a report on our activities

-Payment service providers who manage bank card data securely

-Courier services that fulfill incoming orders to the specified delivery address

International data transfers

In order to maintain business, it is sometimes necessary to share user data with service partners outside the European Economic Area (EEA).

In many cases, countries outside the EEA do not provide the same level of data protection, so European laws prohibit the export of data if the necessary conditions are not met.

Whenever personal data is transferred outside the EEA, in addition to the steps discussed in point 4, we do the following in order to manage the data securely:

– We only transfer data to countries that the European Commission deems appropriate in terms of data security.

-We only use US-based services that are part of the EU-US Privacy Shield data security initiative.

If the above is not met, we ask for the users’ express consent to the data transfer. Consent can be withdrawn at any time.

Links to external pages

This website may contain links to external pages, or there are code snippets embedded in our pages that ensure the operation of external services.

Clicking on these links or using embedded solutions may allow third-party partners to collect data about users.

Although we do our best to properly screen partners, we have no control over their privacy policies and are not responsible for their data management policies.

7. DATA RETENTION

We only store user data for as long as our legal/accounting/data provision obligations make it mandatory, or as long as it is necessary for the operation of the service.

When deciding how long to store it, we consider the amount, nature and sensitivity of the data and the potential impact of its leakage in the event of a data breach.

For tax reasons, we need to keep customers’ billing and purchase data for at least 8 years in order to fulfill our legal obligations.

Under certain circumstances, we may use the data in an anonymized form for statistical purposes, in which case we store the data for an unlimited period of time without informing you.

8. VISITOR’S RIGHTS

As a citizen of the European Union, the law called General Data Protection Regulation (GDPR) provides the following rights to the users of the site:

a, Access to Personal Information

Site users have the right to request a copy of the personal data stored by CatMuseum Budapest. In general, the request is fulfilled free of charge within 14 days of the query.

In case of repeated, abusive, unjustified data requests, CatMuseum Budapest may charge a moderate amount to provide the data, and additional time may be required to provide the data.

Furthermore, CatMuseum Budapest requests proof of identity before releasing the data, in order to prevent abusive use. To request personal data, please contact us at the given e-mail address.

b, Modifying personal data

If the personal data has changed or has been entered incorrectly, users have the right to request that the data be changed. To change your personal data, please contact us at catmuseumbudapest@gmail.com.

c, Request to delete personal data

Users have the right to request the deletion of all their personal data. We fulfill the request free of charge within 14 days of the request. After deleting the personal data, the user account will not be available, so any purchased materials will also become unavailable, as the personal data related to the user account is absolutely necessary to access the service.

CatMuseum Budapest requests proof of identity before deleting personal data, to prevent abusive use. To delete your personal data, please use the contact form above.

d, Request to limit the processing of personal data

Users have the right to limit the provision of their data to third parties (service partners) upon request. When submitting the request, you can also name the service partners you want to restrict.

It is important to note that cooperation with certain service providers is essential for the operation of the website (e.g. Paylike as a payment service provider), so if they are restricted, the website’s services will become unavailable to the user.

The CatMuseum Budapest requests proof of identity before restricting the transfer of personal data, in order to prevent abusive use. To limit the transfer of personal data, please contact us at the provided e-mail address!

In Hungary, the official body dealing with data protection is the National Data Protection and Freedom of Information Authority (NAIH). Users can find out more about their data protection rights on the NAIH website.

National Data Protection and Freedom of Information Authority, 1125 Budapest, Szilágyi Erzsébet fasor 22/C., Mailing address: 1530 Budapest, Pf.: 5.,

Phone: 06.1.391.1400,

Fax: 06.1.391.1410,

E-mail: ugyfelszolgalat@naih.hu

Website: http://www.naih.hu

9. ANONYMIZED DATA AND COOKIES

The catmuseumbudapest.hu website uses “cookies” and similar technologies, such as tracking codes, re-marketing tags, and pixels, which are activated after the user’s consent, in e-mail messages and advertisements.

These technologies help us better understand user behaviour and interests, thus helping us to operate more effectively and more efficiently.

Our goal is to make the use of CatMuseum Budapest as user-friendly and personal as possible. If the user wishes to prohibit the recording of non-personal data by these technologies, it can be done in the following ways:

– their loading can be disabled using the cookie warnings displayed on the website

– by disabling “cookies” in the browser

You can find more information about additional cookies and tracking codes on catmuseumbudapest.hu in our Cookie Notice.