Menüpontok
Wagyu pro
Wagyu pro
Ajánlataink éttermek és üzletek számára.

Data Management Information

The operator of the real WAGYU meat webpage – www.wagyu.hu – Itterem Mezőgazdasági Ltd. (4225 Debrecen, Szentgyörgyfalvi street 9., company registration number: 09-10-000567, henceforward provider, data manager) considers this statement obligatory for itself. The data manager commits itself to comply with current and with operative regulations in regards to its data management activities.

The User upon entering the website accepts the regulations of the present Data management policy.

The operator of the real WAGYU meat website, Itterem Mezőgazdasági Ltd. is dedicated to protect the personal data of their users and partners, and considers the right to self-determination of the clients highly important. Itterem Mezőgazdasági Ltd. as the operator and data manager of this website manages the personal data confidentially, and does every safety, technical and organizational measures which guarantee the safety of the data. The operator details its data management policy - activities, regulations related to data managed by the website - in the following document.

The Data Manager is obliged to keep every legislative requirement connected to managing personal data in every phase of the data management.

Data management policy applied during the operating of the website comply with the legislative requirements of data management, especially with the following ones:

Law V. from 2013 – about the Civil Code § 2:43. point (e)
Law CXII. from 2011 – about the right to self-determination and the freedom of information (henceforward Infolw., data protection act);
Law CVIII. from 2001 – about certain questions of e-marketing services and information society services (Emark. lw.);
Law XLVIII. from 2008 – about fundamental conditions and restrictions of economic advertisement (Ead.):
Law VI. from 1998, which enunciates the Act made in Strasbourg, January 28th, 1981 - about protection of individuals' electronically processed personal data.
Law CXIX. from 1995 ("Katv.")- about the data management of names and addresses that serve research and direct acquisition purposes.

1., Definitions, statements

1.1. affected party: any specific natural person, identified or identifiable directly or indirectly by personal data;

1.2. personal data: data that can be associated with the affected party – especially the name, ID number, or one or more known physical, physiological, mental, economical, cultural or social attribute of the party, as well as any information that can be deducted from these;

1.3. contribution: the direct and determined request of the affected party which is based on adequate information, and with which the party gives unambiguous consent to – comprehensive or partial – management of his/her personal data.

1.4. objection: the statement of the affected party with which the party disapproves the management of his/her personal data and requests the termination of data management, and asks for deleting the managed data;

1.5. data manager: natural or legal person, or organization - with no legal personality -, who determines the purposes of data management individually or with others, makes and executes data management decisions (including the used tool), or have an entrusted data manager execute it;

1.6. data management: independently of the applied method any action or sum of actions, especially collection, recording, sorting, storing, modification, using, querying, forwarding, publication, harmonizing, associating, locking, deleting or destroying, or preventing any further data usage, making photo,- voice,- or screen recordings, as well as recording physical characteristics that can be used for identifying patients (e.g. finger-, palm prints, DNA-sample, retinal images);

1.7. data forwarding: making the data accessible to a specific third party;

1.8. publication: making the data accessible to everyone;

1.9. data deletion: making the data unrecognizable in such a way that they cannot be restored;

1.10. data labelling: marking the data so that it can be distinguished;

1.11. data locking: marking the data permanently or temporarily inaccessible for data management purposes;

1.12. data destruction: physically destroying the data carriers containing the data;

1.13. data processing: executing technical tasks in connection with data management operations, independently of methods and tools used for executing operations, and the place of use, in case the technical task is done on the data;

1.14. data processor: natural or legal person, or organization - with no legal personality -, who processes data based on the contract made with the data manager;

1.15. third party: natural or legal person, or organization - with no legal personality -, who is not identical to the affected party, data manager or the data processor;

1.16. third country: every country that is not a member of the EEA (European Economic Area).

1.17. special data:

  1. any personal data related to racial origin, political opinion or affiliation, religious or other philosophical beliefs, advocacy membership, sexual interests,
  2. any personal data related to the state of health, bad habits, or criminal records.

2., Data management policy during operating the website

Personal data can be managed when

  1.  the affected party gives consent, or
  2.  it is ordered by the law – based on authorization by the law within the specified jurisdiction - or by the local government for public interest purposes (obligatory data management)

Personal data can be managed even if it is impossible, or would mean disproportionate costs to acquire the consent of the affected party and the managing of personal data is necessary for the data manager to fulfill the legal liabilities, or for advocacy purposes of the data manager or the third party, and the enforcement of these rights is proportionate to the limitation of the the personal data protection law.

If the affected party cannot give his/her consent due to incapability or other unavoidable reasons then for his/her own or for other person's vital interest protection, as well as for averting/preventing direct danger which threatens someone's life, physical integrity or belongings the personal data of the affected party can be managed in a necessary degree until the inability of providing consent exists.

For the consent of a minor – who is already 16 years old – to be valid, the consent or the subsequent approval of the minor's legal representative is not necessary.

In case the purpose of the consent-based data management is to implement the written contract made with the data manager, then the contract must contain every information which the affected party needs to know in regards to data management, especially the specifying of the managed data, the duration of the data management, the purpose of the usage, the fact that the data is forwarded, the recipients, the fact that a data processor was involved. The contract has to contain in an unambiguous way that the affected party gives consent upon signing to managing his/her data according to the contract.

In case the personal data is recorded with the consent of the affected party, then the data manager can manage the recorded data without further consent if not regulated otherwise by law

  1. for the purpose of fulfilling legal obligations, or
  2. for the purpose of enforcing the rights of the data manager or a third party, if this enforcing of rights is proportionate to the limitation of regulations about personal data protection, even if the affected party withdraws the consent. In case of doubt it must be presumed that the affected party has not provided consent.

Personal data can only be managed for a specific purpose, practice of law and fulfilling obligation. The data management must serve this purpose all the time, and the recording and managing of data must be decent.

Only that kind of personal data can be managed which is indispensable and appropriate for fulfilling the purpose of the data management, but only in the necessary degree and time.

The personal data during data management retains this characteristic until the connection with the affected party is restorable. The connection is considered restorable if the data manager has the technical conditions required for restoration.

During the data management the accuracy and completeness of the data, plus – if the data management purpose requires – the up-to-dateness, as well as that the affected party is only identifiable until the data management is necessary needs to be guaranteed.

Personal data can be only managed with a consent based on proper information. It must be communicated to the affected party before the data management begins that the data management is based on consent or is obligatory. The affected party must be informed – unambiguously, clearly and in detail – about everything related to managing his/her data, especially the purpose, legal basis, people entitled to manage and process the data, data management duration, and about that the personal data is managed under the consent of the affected party and for the purpose of fulfilling the data manager's legal obligations, or for the purpose of enforcing rights for a third party, as well as who can access the data. The informing must include the affected party's rights and the legal remedy options as well.

During data management the accuracy, completeness, up-to-dateness must be guaranteed, as well as that the affected party is only identifiable until the data management is necessary.

Personal data can only be forwarded to a third country data manager or data processor if the affected party explicitly gave consent or the previously detailed conditions of data management are met, and the protection of personal data in the third country is guaranteed. Forwarding data to EEA countries is considered as if the data was forwarded within Hungary.

3., Managed personal data and the characteristics of data management

The data management activities of www.wagyu.hu are based on voluntary consent. In certain cases however the managing, storing and forwarding of specific parts of the provided data is obligatory due to legislation, about which we will notify the visitors, users individually.

The information detailed in the current Data Protection Handout pertains only to managing personal data of natural persons, considering the fact that personal data is only interpretable in case of natural persons. Anonymous information which cannot be used for identifying people is not considered as personal data – this information cannot be associated with any natural person. Moreover the demographic data is not considered as personal data either, as they are collected in such way that they cannot be associated to specific people, thus a connection cannot be established with a natural person.

The Service Provider is obliged to provide a clear, awareness-raising and unambiguous notification before collecting, recording, managing any User data. In this notification the user is informed about the method, purpose and principle of the data recording. Furthermore the Service Provider raises the attention of the User in every occasion when the data recording, management is not obligated by law to the fact that the providing of the data is voluntary. In case of obligatory data providing the particular law needs to be indicated as well. The affected party needs to be advised about the purpose of data management and about who is going to handle and process the data. This notification is considered done with the law stating the already existing data management with forwarding and associating.

In every case when the Service Provider intends to use the provided data differently than the purpose of the original data recording then the Provider is obliged to notify the User about this and get a preliminary consent, and provide an option for him/her to disallow the data use.

The Service Provider complies with the stated limitations in all cases during collecting, recording and managing data, and informs the affected party via e-mail if needed. The Service Provider is not going to enforce any action on a User who denies providing data when it is not mandatory.

The Service Provider is obliged to take care of data safety and is going to do the technical and organizational changes - together with the rules of procedure – which guarantee that the collected, stored and managed data is protected, and prevents data from being destroyed, used or modified unauthorized. The Service Provider is obliged to inform any third party - to whom the data may be lawfully forwarded - to comply with these liabilities.

In every case when the Service Provider’s target audience are minors, or when the data makes it clear that the User is minor then the Service Provider is obliged to request – if technically possible – a preliminary parental consent, and in such cases the lack of consent makes it impossible the use of service.

3/1. The data of the visitors of www.wagyu.hu

Purpose of data management: upon visiting the website the service provider of the website records the visitors data for quality control and to prevent misuse.

Legal basis of data management: the consent of the affected party, and the law CVIII. 13/A. § (3) from 2001 which talks about certain questions of information society services.

Managed data: date, time, IP address of the User’s machine, the address of the currently and previously visited page, operating system and browser data of the User.

Data management duration: 365 days from the visiting of the website.

The webanalytics software of Google Analytics and their external servers help to independently measure and audit the visitor number and other webanalytic data. The data manager can request information about the management of this data in www.google-analytics.com.

The external service providers place and read back so called cookies in the user’s machine in order to be able to provide customized service. When the browser sends back a previously saved cookie the service provider managing it has the possibility to link the user’s current visit with previous visits, but only in regards to their own content.

3/2. Contact information on the webpage, requesting and providing information

Purpose of data management: contacting, keeping contact, providing and requesting information.

Legal basis of data management: consent of the affected party.

Managed data: name, e-mail address, address, phone number, subject of the message, its content, date and time, and other personal data provided by the affected party.

Deadline for data deletion: 5 years from data providing.

Deleting or modifying of personal data can be requested in the following ways:

by post: Itterem Mezőgazdasági Zrt., 4225 Debrecen, Szentgyörgyfalvi út 9.

by e-mail: info@wagyu.hu

3/3. Request for quotation on the webpage

Purpose of data management: contacting, sending the proper quotation

Legal basis of data management: consent of the affected party.

Managed data: name, e-mail address, address, phone number, subject of the message, its content, date and time, and other personal data provided by the affected party.

Deadline for data deletion: 5 years from data providing.

Deleting or modifying of personal data can be requested in the following ways:

by post: Itterem Mezőgazdasági Zrt., 4225 Debrecen, Szentgyörgyfalvi út 9.

by e-mail: info@wagyu.hu

4. Data forwarding, forwarding of certain personal data to inland service providers

The Service Provider has the right to forward the managed personal data to a third party. The legal basis of data forwarding: the consent of the User, the first paragraph of the Information law 5., the electronic commercial services and paragraph 3 of the law CVIII. 13/A from year 2001 – which is about certain part of services in connection with information society.

4.1. Postal letters, information, brochures, delivering packages

Purpose of data forwarding: informing the postal company
Data that is forwarded: name, company name, post address
Data is forwarded to the following data managers:

Name: DPD Hungária LLC.
HQ: 1158 Budapest, Késmárk Str. 14.B
Online address: dpd@dpd.hu

Name: Magyar Posta Ltd.
HQ: 1138 Budapest, Dunavirág Str. 2-6..
Online address: ugyfelszolgalat@posta.hu

5. User rights in connection with personal data management, destroying data

The legal basis of managing personal data that was detailed in the previous point is the voluntary consent of the users.
Every visitor, user, customer and logged in guest can request information about managing their personal data.

The affected party can ask the data manager

  1. information about managing their personal data,
  2. to correct their personal data and
  3. to delete or block their personal data – except the mandatory data management.

The data manager if requested is going to give written information to the affected party about their managed data, the purpose of data management, the legal basis of it, the duration, the data processor's name, address (of its HQ) and about other activities in connection with data management, plus about who receive the data and for what purpose within 30 days. The information can be requested via e-mail: info@wagyu.hu, or via post by providing a postal address.

The information comes for free in case the person requesting it haven't already asked for information regarding the same field in the current year. Otherwise the data manager is going to state that the already paid expenses must be reimbursed if the data was handled unlawfully or if the request of information lead to correcting.

The data manager in order to check the legality of data forwarding and for the purpose of keeping the affected party up to date is keeping records about data forwarding, which contain the managed personal data's date of forwarding, the legal basis of data forwarding, its address, the type of the forwarded data and other data that is declared by the laws of data management.

Users can protest against managing their personal data – they can ask for correction and deletion as well via e-mail (info@wagyu.hu) or through a postal letter.

The affected party can protest against managing his/her personal data,

  1. if the managing and forwarding of personal data is needed for the data manager only to comply with legal obligations or it is needed for enforcing the rights of the data manager, data handler or a third party, except in case of mandatory data management;
  2. if the use or forwarding of personal data happens for a direct business acquisition, a survey or a scientific research; or
  3. in other specific cases declared in law.

The data manager – while seizing the data management – is obliged to examine the request within the shortest time possible from filing - 15 days at most - and to inform the applicant about the result in a written form. In case the objection is legit the data manager is obliged to seize the data management – including data collection and forwarding – and block any data, as well as inform those about the objection and about the taken actions who received personal data via forwarding of the affected party, and those who are obliged to take actions in order to endorse the right of objection.

In case the affected party disagrees with the decision of the data manager, or if the data manager misses the 15 days deadline, the affected party can turn to court within 30 days from the statement, or from the last day of the deadline.

In case the personal data is false and the data manager has the data corresponding to reality, then the data manager will correct the data.

The personal data has to be deleted if

  1. the managing is unlawful
  2. the affected party requests it (except the mandatory data management);
  3. it is incomplete or false and this state cannot be fixed lawfully, supposing that the deletion is allowed by the law;
  4. the purpose of the data management seized to exist, or the deadline for storing data exceeded
  5. it was ordered by the court or by Authorities.

Instead of deletion the data manager blocks the personal data if the affected party requests it, or if it is presumable from the provided information that the deletion would violate the rights of the affected party. The personal data that was blocked this way is manageable until the purpose of data management exists, which ruled out the deletion of the data.

The data manager marks the managed personal data if the affected party argues their correctness or accuracy but this can't be established unambiguously.

The affected party and everyone who received forwarded data has to be notified about the correcting, blocking, marking and deleting. The notification can be neglected if in regards to the purpose of data management it does not violate the right of the affected party.

If the data manager does not perform the affected party's request for correction, blocking or deletion then within 25 days of the request's receipt date the data manager communicates the reasons – facts and legal reasons - for rejecting the request for correcting, deleting or blocking data in a written, or - if a consent was given – in an electronic way. In case of rejecting the request for correcting, deleting or blocking the data manager notifies the affected party about the legal proceedings and calling upon Authorities.

The affected party's right to correct, delete or block data can be limited by the country's foreign and inland security, so the the national defense, the national security, the preventing and pursuing of crimes, for the safety of law enforcement, the economical or financial interests of the country or the municipality, the economical or financial interests of the EU, the disciplinary and ethical misdemeanors in connection with practicing professions, the preventing and revealing of labor law and safety violations – including monitoring and inspection – as well as for the protection of rights for the affected party or others.

The data manager can not delete the affected party's data if the data management was ordered by law. The data however can not be forwarded for the recipient if the data manager agreed with the objection or if the court stated the objection legitimate.

A request for data deletion, received via e-mail or post will be answered within 8 work days of its arrival.

6., Storage of personal data, data management

The computer hardware and data storing solutions of Itterem Mezőgazdasági Ltd. can be found in its Headquarters (4225 Debrecen, Szentgyörgyfalvi Str. 9.), site (2211 Vasad, Szabadság Str. 57.) and the server of the website's hosting company, DotRoll LLC. (1148 Budapest, Fogarasi Str. 3-5., Company registration number: 01-09-882068, tax number: 13962982-2-42).

7. Contact data of the data manager

Name: Itterem Mezőgazdasági Ltd.
HQ: 4225 Debrecen, Szentgyörgyfalvi Str. 9.
Online address: info@wagyu.hu

8. Data manager contact data

Name: Itterem Mezőgazdasági Ltd.
HQ: 4225 Debrecen, Szentgyörgyfalvi Str. 9.
Online address: info@wagyu.hu

Name: DPD Hungária LLC.
HQ: 1158 Budapest, Késmárk Str. 14.B
Online address: dpd@dpd.hu

Name: Magyar Posta Ltd.
HQ: 1138 Budapest, Dunavirág Str. 2-6..
Online address: ugyfelszolgalat@posta.hu

9. Possibilities for legal remedy

The data manager proceeds according to the law CXII. from year 2011. about the right to self-determination and the freedom of information. The users can practice their enforcement of rights according the Data protection law and the Civil Code in front of the court, and can request the help of the National Data Protection and Freedom of Information Authority (HQ: 1125 Budapest, Szilágyi Erzsébet avenue 22/c, Post address: 1530 Budapest, PO. 5., Phone: 06 -1- 391-1400, Telefax: 06-1-391-1410, http://www.naih.hu E-mail: ugyfelszolgalat@naih.hu).

In case the rights of the affected party are violated the party can turn to court against the data manager. The court is going to proceed out of turn.

The judgment of the lawsuit is under courthouse jurisdiction. The lawsuit – if the affected party asks - can be initiated in the courthouse which is the nearest to the affected party's home or place of residence.

The data manager is obliged to reimburse the cost of any damages done by unlawfully managing the affected party's data or by violating data safety of a third party. The data manager is also responsible for any damages done to the affected party by the data processor.

In case the data manager violates the affected party's privacy rights by unlawful data management or by breaking data security requirements the affected party can demand settlement from the data manager.

The data manager is responsible for any harm caused to the affected party by the data processor and the data manager is obliged to pay the settlement to the affected party that comes from infringement of privacy rights. The data manager is exempted from the responsibility of the caused damage and the paying of the settlement if it can be proven that the damage or the privacy rights violation was caused by an unavoidable reason outside of data management.

No reimbursement has to be paid and no settlement can be demanded if the damage or the privacy rights violation was caused by deliberate or careless behavior of the affected party.

The data manager is constantly working on making your data up to date. Therefore we ask you to notify us whenever your data changes. In case you provided your data upon online registration then you can also modify it online.

Debrecen, 31st of April, 2017.
Itterem Mezőgazdasági Ltd.