Effective as of May 2021
Pursuant to Article 12 (1) of the European General Data Protection Regulation (hereinafter GDPR), the owner of the website www.horoscode.com (hereinafter: the “Website”) Pál Méhész, individual entrepreneur (hereinafter: the “Data Controller/ We/ Horoscode”) – registration number 52039571- :informs the Data Subject (hereinafter: You, visitor, user, customer) how we use, store, disclose, and process information that we obtain about you when you are visiting our website, including information that we obtain through the personalized astrological service that we provide. Our service is to provide you astrological formula analysis for yourself or your child.
We are committed to the protection of your personal data and we consider it extremely important to respect the privacy rights of our customers.
Horoscode collects and processes personal data of:
- Users of Horoscode websites
- Users registered with Horoscode website (e.g. if he or she creates a user account)
- Individuals purchasing the astrological service
- Recipients of Horoscode newsletter
WHAT TYPES OF INFORMATION DO WE COLLECT AND HOW DO WE COLLECT IT?
When you use our service or visiting our website, we may collect a variety of information about you as described below
- Date of birth
- Time of birth
- Birth location
- Place of birth
- First and last name
- E-mail address
- Billing Address (Country, Zip code, City, street, street number)
- Name of the company, if applicable
- Registered address of the company, if applicable
- Tax number, if applicable
HOW DO WE USE INFORMATION COLLECTED ABOUT YOU?
We treat your personal data confidentially and we take all security, technical and organizational measures that guarantee the security of the data.
Our primary purpose in processing information about you is to
- Provide your or your child’s personalized astrological formula analysis in mp3 format based on date of birth, time of birth and birth location
- In case you purchase our service to issue the invoice
- In case you register for our newsletters to provide you our latest news and promotions on a regular basis
- Fulfill an order that you place through our website, including to process payment for any purchase made through our online payment platform provider
- In case you have any questions related to our services, general inquiries, technical questions
- Understand general customer trends and patterns so we can develop and support existing and ongoing marketing strategies for our products and services
What are the LEGAL GROUNDS of processing your personal data?
- Performance of contracts;
- Compliance with legal obligations of Horoscode
- Your consent (only insofar as the processing is based on a specific query and can be withdrawn at any time, for example the receipt of newsletters for which the you have registered for)
- Legitimate interests of Horoscode, including but not limited to
- advertising and marketing activities;
- understanding our customers behavior, activities, concerns and needs, market studies;
WHO ARE PROCESSING YOUR DATA?
Our Data Processors
Pál Méhész, Individual Entrepreneur– Domain and server provider
Registered address: Hungary, 2233 Ecser, Arany János utca 21-23. 1/2
Contact: [email protected]
Stripe Payments Europe Limited – Online Payment Processing Platform
Registered address: 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland
Contact: [email protected]
If the data processing is performed by someone else on behalf of the Data Controller, the Data Controller may only use data processors who provide an adequate guarantee of compliance with the requirements of the Regulation or have appropriate technical conditions to protect and enforce the data subject rights.
The Data Controller declares that during the provision of the service he / she will only contact data processors who meet the above requirement. The statements of the data processors to this effect are available to the Data Controller.
The processing of data by the data controller is regulated by a contract defining the subject, duration, nature and purpose of the data processing, the type of personal data, the categories of data subjects, confidentiality obligations and the obligations and rights of the data controller.
FOR HOW LONG DO WE KEEP YOUR DATA?
In general, Horoscode retains personal data for no longer than it is necessary for the purposes for which the personal data are processed.
- If you purchase our service, your personalized astrological formula in mp3 format will be kept only for 6 days after you purchased our service. After this data will be deleted.
- If you use any of the services provided by us, your billing data will be stored by the Data Processor authorized by us for a maximum of 8 years based on Hungarian Accounting Act, 169 §, after the expiration of which this data will be deleted.
- If you subscribe for our newsletter, until the withdrawal of your consent
- In case you register as a Supporter, until you withdraw your support.
YOUR RIGHTS UNDER THE GDPR
If you are based in the EU, in certain circumstances you have rights under data protection laws in relation to your personal data that we hold about you – specifically:
Request access to your personal data. You may have the right to request access to any personal data we hold about you as well as related information, including the purposes for processing the personal data, the recipients or categories of recipients with whom the personal data has been shared, where possible, the period for which the personal data will be stored, the source of the personal data, and the existence of any automated decision making.
Request correction of your personal data. You may have the right to obtain without undue delay the rectification of any inaccurate personal data we hold about you.
Request erasure of your personal data. You may have the right to request that personal data held about you be deleted.
Request restriction of processing your personal data. You may have the right to prevent or restrict processing of your personal data.
Request transfer of your personal data. You may have the right to request transfer of your personal data directly to a third party where this is technically feasible.
WHERE CAN YOU TURN TO IF YOU WANT TO PRACTICE YOUR PRIVACY RIGHTS OR HAVE QUESTIONS?
On our website, in the FAQ section in the link below, you can address any privacy related questions related to your personal data or if you want to practice your privacy rights.
WHERE CAN YOU TURN IF YOU SEEK REDRESS?
a. Pál Méhész, Individual Entrepreneur
Registered address: Hungary, 2233 Ecser, Arany János utca 21-23. 1/2
Contact: FAQ – Privacy
b. Hungarian National Authority for Data Protection and Freedom of Information
Hungary, Budapest, Falk Miksa u. 9-11, 1055 Magyarország
Postal address: 1363 Budapest, Pf. 9
Information related to the data processing of the Data Controller is continuously available in the footer of the home page of the www.horoscode.com website operated by the Data Controller.
Personal data: any information relating to an identified or identifiable natural person.
Data processing: any operation or set of operations on personal data or files, whether automated or non-automated, such as collecting, recording, organizing, sorting, storing, transforming or altering, retrieving, viewing, using, transmitting, distributing or otherwise harmonization, interconnection, restriction or destruction.
Data controller: any natural or legal person, public authority, agency or any other body which determines the purposes and means of the processing of personal data, either individually or in association with others.
Data processor: a natural or legal person, public authority, agency or any other body that processes personal data on behalf of the controller.
Third party: a natural or legal person, public authority, agency or any other body other than the data subject, the controller, the processor or persons who have been authorized to process personal data under the direct control of the controller or processor
Privacy Incident: A security breach that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access to personal information that is transmitted, stored, or otherwise handled.
SPECIAL CATEGORIES OF DATA
The data subject declares that he / she has reached the age of 16 in connection with the subscription to the newsletter on the Data Controller’s website. A person under the age of 16 may not subscribe to the newsletter, given that the validity of his legal declaration of consent to data processing under Article 8 (1) of the GDPR requires the permission of his legal representative. The data controller is not in a position to verify the age and entitlement of the consenting party, so the data subject guarantees that the data provided is true.
No special categories of data is handled by the data controller. Such data brought to the knowledge of the contractor in any way shall not be recorded by the controller. If such data has entered any system without the knowledge of the data controller, it shall be deleted from the system immediately upon detection.
The Data Controller uses the following cookies in order to ensure the basic and convenience functions of the Website, to enhance the user experience, to monitor the behavior of the Users, and to generate statistics:
These cookies are absolutely necessary for you to browse the website and use special features of the website, such as access to a secure part of the website. For example, they allow you to use the shopping cart or check the status of your order. Persistent cookies are generally not used in this category unless they are really needed
As part of our advertising services, our website uses analytical tools. Thanks to these, we can implement advertising campaigns and evaluate the behavior of our customers
This cookie is used to monitor the behavior of our customers browsing our website. We only evaluate the user based on cookies. We do not use any other data and this ensures the anonymity of the user. You can restrict or disable your use of the tool in the “Set up ads” menu at https://www.google.com/settings/ads Read about privacy and Google’s Terms of Service at https://www.google.com/intl/en/policies/privacy
HOW DO WE SECURE YOUR DATA?
The Data Controller undertakes to ensure the security of the data contained in this Privacy Statement, to take the technical and organizational measures and to maintain the procedural rules that ensure that the recorded, stored and processed data are protected and prevent their destruction. , unauthorized use and unauthorized alteration. It also undertakes to call on all third parties to whom the data is transmitted or transferred to comply with the data security requirement.
The Data Controller ensures that the processed data cannot be accessed, disclosed, transmitted, modified or deleted by unauthorized persons. The processed data may only be disclosed to the data controller and the data processor (s) used by him / her, they shall not be passed on to a third party who is not entitled to access the data.
The Data Controller pays special attention to the security of the Users’ personal data. It acts in full compliance with the legal provisions and requires all its partners to do the same.
PERSONAL DATA BREACH
A PERSONAL DATA BREACH is a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to, personal data transmitted, stored or otherwise handled.
Examples of privacy incidents include:
- illegal transfer of personal data on a document, portable device, data carrier or IT system (eg by correspondence),
• unauthorized access to an IT system or application that handles personal data,
• damage to or loss of all or part of a database containing personal data,
• rendering part or all of the IT system unusable by a virus or other malicious software, etc.
In the event of a potential data breach (unless the data breach is not likely to pose a risk to the rights and freedoms of natural persons), the Data Controller shall immediately notify the Hungarian National Authority for Data Protection and Freedom of Information.
As soon as the Data Controller becomes aware of the incident, he / she shall report it without undue delay and, if possible, no later than 72 hours after becoming aware of the data protection incident. If the notification cannot be made within 72 hours, the reason for the delay shall be stated and the required information shall be provided in detail, without further undue delay.
To report a data protection incident, the Hungarian National Authority for Data Protection and Freedom of Information operates a system set up for this purpose on its website, through which reports can be made electronically.
If the data breach is likely to pose a high risk to the rights and freedoms of the data controller’s partners and customers, we will immediately inform the affected User.
The Data Controller hereby informs its clients that the court, the Prosecutor, the Investigating Authority, the Infringement Authority, the Administrative Authority, the Hungarian National Authority for Data Protection and Freedom of Information, the National Bank or other bodies are authorized to provide information, disclose and transfer data , or contact the data controller to make documents available. The Data Controller shall provide personal data to the authorities, as soon as the authority has indicated the exact purpose and scope of the data, only to the extent and to the extent strictly necessary to achieve the purpose of the request.