The Foody Product Kft. (address: 1043 Budapest, Lorántffy Zs. u. 7-9. fsz.1., VAT nr: 23744660-2-41) confirms that all kind of data processing consequencing from their operaton is in line with statutory data protection regulations and with the present data protection declaration. All rights are reserved to modify the data protection declaration by the company however the information about it shall be announced in our website. The basic principles of data protection of Foody Product Kft. are in line with statutory regulations, namely with the following ones:
• Act CXII of 2011 – on Informational Self-Determination and Freedom of Information
• Act V of 2013 – on the Civil Code
• Act CLV of 1997 – on Consumer Protection
• Act CVIII of 2001 – on E-commerce and Certain Issues regarding Information Society services
• Act C of 2012 – on the Criminal Code
• Act C of 2000 - on Accounting
‘data subject’ shall mean any natural person directly or indirectly identifiable by reference to specific personal data;
‘personal data’ shall mean data relating to the data subject, in particular by reference to the name and identification number of the data subject or one or more factors specific to his physical, physiological, mental, economic, cultural or social identity as well as conclusions drawn from the data in regard to the data subject;
‘the data subject’s consent’ shall mean any freely and expressly given specific and informed indication of the will of the data subject by which he signifies his agreement to personal data relating to him being processed fully or to the extent of specific operations;
‘the data subject’s objection’ shall mean a declaration made by the data subject objecting to the processing of his/her personal data and requesting the termination of data processing, as well as the deletion of the data processed;
‘controller’ shall mean natural or legal person, or organisation without legal personality which alone or jointly with others determines the purposes and means of the processing of data; makes and executes decisions concerning data processing (including the means used) or have it executed by a data processor;
‘data’ processing’ shall mean any operation or the totality of operations performed on the data, irrespective of the procedure applied; in particular, collecting, recording, registering, classifying, storing, modifying, using, querying, transferring, disclosing, synchronising or connecting, blocking, deleting and destructing the data, as well as preventing their further use, taking photos, making audio or visual recordings, as well as registering physical characteristics suitable for personal identification (such as fingerprints or palm prints, DNA samples, iris scans);
‘data transfer’ shall mean ensuring access to the data for a third party;
‘disclosure’ shall mean ensuring open access to the data;
‘data deletion’ shall mean making data unrecognisable in a way that it can never again be restored;
‘tagging data’ shall mean marking data with a special ID tag to differentiate it;
‘blocking of data’ shall mean marking data with a special ID tag to indefinitely or definitely restrict its further processing;
‘data destruction’ shall mean complete physical destruction of the data carrier recording the data;
‘data process’ shall mean performing technical tasks in connection with data processing operations, irrespective of the method and means used for executing the operations, as well as the place of execution, provided that the technical task is performed on the data;
‘data processor’ shall mean any natural or legal person or organisation without legal personality processing the data on the grounds of a contract, including contracts concluded pursuant to legislative provisions;
‘third party’ any natural or legal person or organisation without legal personality other than the data subject, the data controller or the data processor;
‘third country’ any state that is not an EEA State.
3. Our Data processing principles:
a/ Personal data of customers and partners of Foody Kft. are processed confidentally and all appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of or damage to, personal data.
b/ Personal data may be processed only for specified and explicit purposes, where it is necessary for exercising certain rights or fulfilling certain obligations. This purpose shall be achieved in all stages of operations of data processing.
c/ If the data subject is unable to give his consent on account of lacking legal capacity, the consent of the holder of parental responsibility or legal representative is required, apart from the parts of the service where the processing is used for registration occurring on everyday basis and needs no specific consideration.
d/ Personal data are collected and processed by our company only in case when the data subject has given his or her consent or when this is required by an Act.
e/ Only those personal data may be processed which are essential for the purpose for which it was collected, it must be suitable to achieve that purpose and it may be processed to the extent and the duration necessary to achieve that purpose.
f/ Personal data may be processed only with the data subject’s consent based on providing appropriate information.
g/ Before processing operations are carried out the data subject shall be clearly and elaborately informed of all aspects concerning the processing of his personal data, such as the purpose for which his data is required and the legal basis, the person entitled to control the data and to carry out the processing, the duration of the proposed processing operation and the persons to whom his data may be disclosed. Information shall also be provided on the data subject’s rights and remedies.
h/ Processed personal data shall comply with following requirements:
• they shall be processed fairly and lawfully;
• they shall be accurate, complete and, where necessary, kept up to date;
• they shall be kept in a way to permit identification of the data subject for no longer than is necessary for the purposes for which the data were recorded.
i/ It is possible to transfer personal data or to join different data processing systems only in case the data subject gives his/her consent or if the conditions (legal basis) of the data processing are satisfied and adequate level of protection is afforded for all personal data.
4. Getting access to personal data and storage
Processing personal data collected from website www.foody-product.hu are based on voluntary consent of website visitors. Processing and transferrring of personal data may be mandatory as decreed by law. Hereby, we remind you that when transferring personal data of a third party, it is the obligation of the transferring party to get hold of the consent of the data subject.
5. Register of personal data regulation
The purpose of data processing is keeping contact with clients and partners.
The legal basis for data processing is consent of the data subject, the 13/A § of Act CXII of 2001 on Informational Self-Determination and Freedom of Information, the 6 § (5) article of the Act XLVIII of 2008 on Essential Conditions of and Certain Limitations to Business Advertising Activity and 169. § (2) article of C Act of 2000 on Accounting. The scope of data processed involves name, address, e-mail address and phone number of data subject. The duration of data procession terminates five years following the end of the trade contact or when statement of consent is withdrawn by the data subject.
The data protection registration nr. is as follows: XXXXXXXXX
b) Az adatkezelés célja: a társaság által kiírt promóciós nyereményjáték során a résztvevőkkel történő kapcsolattartás
The purpose of data processing is to keep contact with the participants of promotional activity held by the company. The legal basis of the data processing is the consent of the data subject, the 13/A § of Act CXII of 2001 on Informational Self-Determination and Freedom of Information, the 6 § (5) article of the Act XLVIII of 2008 on Essential Conditions of and Certain Limitations to Business Advertising Activity and 169 § (2) article of C Act of 2000 on Accounting. The scope of data processing involves name, address, e-mail address and phone number of data subject. The duration of data procession terminates when statement of consent is withdrawn by the data subject or maximum in five years.
The data protection registration nr. is as follows: XXXXXXXXX
6. Data processing related to leaflets
The purpose of processing: to be enabled to send leaflets to subscribers, marketing. The legal basis of data processing is the consent of data subject, the 13/A § of Act CXII of 2001 on Informational Self-Determination and Freedom of Information, the 6 § (5) article of the Act XLVIII of 2008 on Essential Conditions of and Certain Limitations to Business Advertising. The scope of data processing involves name and e-mail address. The duration of data processing terminates when statement of consent is withdrawn by the data subject or maximum in five years.
The data protection registration nr. is as follows: XXXXXXXXX
7. Further information
Personal data may be transferred to authorities when transferring is necessary as decreed by law based on authorization conferred by law concerning specific data defined therein for the performance of a task carried out in the public interest. Personal data that concern criminal and legal offenses and are being transferred for the purposes of preventing, investigating, detecting and prosecuting criminal offences and data files containing information pertaining to misdemeanour cases, civil cases and non-contentious proceedings may only be processed by central or local authorities. Our company transfers only those personal data and to such extent to authorities which are by all means necessary to reach the purpose.
8. Data processing, storage
Foody Product Kft. ensures special security measures when proceeding personal data:
the data are accessible only for authorized persons (accessibility)
validity and verification are ensured (validity);
stability certified (dataintegrity);
the data are protected against unauthorized access (confidentiality) The security of data is ensured by the company by applying the highest technological measures.
• confidentiality to protect the information and to enable to get access only for authorized persons
• integrity ensures the accuracy and completeness of data processing
• accessibility ensures for the authorized persons to get access to the information and the technical devices necessary for this activity. Appropriate technical and organisational measures are continuously taken by the company against unauthorised or unlawful processing of personal data. Internet and e-mails are exposed to numerous risks and attacks leading to illegal activity, contractual risks, leaking of or modifying information. Our company implements adequate safeguards and appropriate technical and organizational measures to protect personal data. Permanent monitoring ensures that faults, unathorized entries emerging in automated data-processing systems are reported.
Name: Foody Product Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság
Address: 1043 Budapest, Lorántffy Zsuzsanna u.7-9. fsz.1.
Registration nr.: Cg. 01-09-186115
Registration Court: Fővárosi Törvényszék Cégbírósága as Company Court
VAT nr.: 23744660-2-41
10. Requests, complaints
The data subject may request from the data controller information on his personal data being processed, the rectification of his personal data and the erasure or blocking of his personal data, save where processing is rendered mandatory via the way given at the subscription or at the customer service. Upon the data subject’s request Foody Product Kereskedelmi Szolgáltató Korlátolt Felelősségű Társaság as data controller shall provide information concerning the data relating to him/her, including those processed by a data processor on its behalf or according to his/her notice, the purpose, grounds and duration of processing, the name and address of the data processor and on its activities relating to data processing and the conditions of data transfer – the legal basis and the recipients.
Data controllers must comply with requests for information without any delay and provide the information requested in an intelligible form, in writing, within not more than thirty days. The requested information shall be provided free of charge for any category of data once a year. Additional information concerning the same category of data may be subject to a charge. Personal data shall be erased if: processed unlawfully; so requested by the data subject, the purpose of processing no longer exists or the legal time limit for storage has expired; so ordered by court or by the National Authority for Data Protection and Freedom of Information.
When a data is rectified or erased, the data subject and all recipients to whom it was transmitted for processing shall be notified. Notification is not required if it does not violate the rightful interest of the data subject in light of the purpose of processing.
The data subject shall have the right to object to the processing of data relating to him:
if processing or disclosure is carried out solely for the purpose of discharging the controller’s legal obligation or for enforcing the rights and legitimate interests of the controller, the recipient or a third party, unless processing is mandatory;
if personal data is used or disclosed for the purposes of direct marketing, public opinion polling or scientific research;
in all other cases prescribed by law.
In the event of objection, the company – while immediately suspending the data processing - shall investigate the cause of objection within the shortest possible time, inside a fifteen-day time period and shall notify the data subject in writing of its decision. If, according to the findings, the data subject’s objection is justified, the data controller shall terminate all processing operations (including data collection and transmission), block the data involved and notify all recipients to whom any of these data had previously been transferred concerning the objection and the ensuing measures, upon which these recipients shall also take measures regarding the enforcement of the objection. If the data subject disagrees with the decision taken by the controller, the data subject shall have the right to bring action in the court of law within thirty days of the date of delivery of the decision.
The company shall not delete the data of the data subject if processing has been prescribed by law. However, data may not be disclosed to the data recipient if the controller agrees with the objection or if the court has found the objection justified. In the event of any infringement of his rights, the data subject may turn to court action against the controller. The court shall hear such cases in priority proceedings. The company shall be liable for any damage caused to a data subject as a result of unlawful processing or by any breach of data security requirements. The data controller may be exempted from liability for damages if he proves that the damage attributable to reasons beyond his control. No compensation shall be paid where the damage was caused by or the violation of rights relating to personality is attributable to intentional or negligent conduct on the part of the data subject. Anyone is entitled to request an investigation from the National Authority for Data Protection and Freedom of Information on the grounds of infringement of data protection law.
National Authority for Data Protection and Freedom of Information Address: H-1125 Budapest, Szilágyi Erzsábet fasor 22/c.
Postal address: 1530 Budapest, Pf.:5.
T +36 1 391 1400
F +36 1 391 1410
Foody Product Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság expressly excludes its liability for any loss or damage caused by
• inaccurate sotfware operation,
• any failure in operation of communication line or device,
• loss of mail sent by post or in any electronic medium – with the exception of registered letter -, particularly because of loss of data,
• any event beyond our reasonable control (including without limitation any failure of transmission, communication, computer or other facilities) failures due to unpredictable occurrings.