PRIVACY POLICY
The purpose of the data management information
Purpose of the privacy policy J&P's Treasure Ltd. (registered office: 9791, Torony, Orgona utca 15/A. Company registration number: Cg.18-09-114428; hereinafter, service provider, the data controller) as data controller, you agree to be bound by the content of this legal notice. It undertakes to ensure that all data processing related to its activities complies with the requirements set out in this code, in the applicable national legislation, as well as in the legal acts of the European Union.
The data protection guidelines arising in connection with the data management of the Data Controller are continuously available at https://jpstreasure.com/
The Data Controller reserves the right to change this information at any time. Of course, you will notice your audience of any changes in good time.
If you have any questions related to this announcement, please write to us and we will answer your question as soon as possible.
The Data Controller is committed to protecting the personal data of its customers and partners and considers it of utmost importance to respect its customers' right to informational self-determination. The Data Controller treats personal data confidentially and takes all security, technical and organizational measures that guarantee data security.
The Data Controller describes its data management practices below.
​
Data controller's data
​
If you would like to contact our Company, you can contact the data controller by e-mail: jptreasure2019@gmail.com and peter@jpstreasure.com addresses, while you can contact the data controller by phone at the +36703984106 contact details.
​
The Data Controller shall delete all e-mails received by it together with the personal data received by it after a maximum of 5 years from the date of disclosure unless the processing of the data is still necessary and essential due to a legal obligation or an ongoing procedure.
​
Name of the service provider: J&P's Treasure Kft (hereinafter referred to as data controller)
The registered office of the service provider: 9791, Torony, Orgona utca 15/A.
E-mail contact details and e-mail address of the service provider: jptreasure2019@gmail.com, peter@jpstreasure.com
Representative: Péter László Kucsera-Kubát
Company registration number: Cg.18-09-114428
Name of the authority registering in the register: Court of Registration of the Szombathely Regional Court
Tax number: 26786337-2-18
Phone number+36703984106
Scope of processed personal data
Personal data to be provided during registration and purchase: Name, address (postal code, city, street, house number, floor
Personal data to be provided during registration and purchase:
Name, address (postal code, city, street, house number, floor, door), contact address, contact e-mail, telephone number, and occasionally tax number.
​
Technical data
​
The Data Controller selects and operates the IT tools used to process personal data in the course of providing the service in such a way that the processed data:
​
• accessible to authorized persons (availability);
• its authenticity and authentication are ensured (authenticity of data management);
• its invariability can be verified (data integrity);
• be protected against unauthorized access (data confidentiality).
​
The Data Controller protects the data with appropriate measures against unauthorized access, alteration, transmission, disclosure, deletion, or destruction, as well as against accidental destruction.
The Data Controller ensures the protection of the security of data processing with technical, organizational, and organizational measures that provide a level of protection appropriate to the risks associated with data management.
The Data Controller keeps it during data management
• confidentiality: protects the information so that it can only be accessed by those who are authorized to do so;
• integrity: protects the accuracy and completeness of the information and the method of processing;
• availability: ensures that when the eligible user needs it, they can access the information they want and have the tools to do so.
Cookies
The function of cookies
-
collect information about visitors and their devices;
-
note the individual settings of visitors, which may be used,e.g. when using online transactions, so that they do not have to be typed again;
-
facilitate the use of the website;
-
provide a quality user experience.
To provide a customized service, a small data package, a so-called cookie, is placed on the user's computer and read back during a subsequent visit. If the browser returns a previously saved cookie, the service provider that manages the cookie has the option to link the user's current visit to previous ones, but only concerning its own content.
For the data storage period of the given cookie, more information is available here:
Google's general cookie information:
https://www.google.com/policies/technologies/types/
Google Analytics information: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=hu
Facebook information: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
Legal background and legal basis of cookies:
The legal basis for data processing is your consent under Article (General Data Protection Regulation, briefly: GDPR) 6 (1) (a) of the Regulation.
The main characteristics of the cookies used by the website:
​
Cookies strictly necessary for operation: These cookies are essential for the use of the website and allow you to use the basic functions of the website. In the absence of these, many of the site's features will not be available to you. The lifetime of these types of cookies is limited to the duration of the session.
Cookies to improve your experience:: These cookies collect information about the user's use of the website, such as which pages he visits most often or what error message he receives from the website. These cookies do not collect information that identifies the visitor, that is, they work with completely general, anonymous information. The data obtained from them is used to improve the performance of the website. The lifetime of these types of cookies is limited to the duration of the session.
Google Adwords cookie: When someone visits our site, the visitor's cookie ID is added to the remarketing list. Google uses cookies, such as NID and SID cookies, in Google products, such as to customize the ads displayed in Google Search. For example, it uses such cookies to remember your most recent searches, your previous interactions with ads or search results from certain advertisers, and your visits to advertisers' websites. AdWords conversion tracking uses cookies. To track sales and other conversions resulting from the ad, cookies are saved on the user's computer when that person clicks on an ad. Some of the common uses of cookies are: to select ads based on what is relevant to the user, to improve reporting on campaign performance, and to avoid showing ads that the user has already seen.
Google Analytics cookie: Google Analytics is Google's analytics tool that helps website and app owners get a better idea of their visitors' activities. The service may use cookies to collect information and report statistical data on the use of the website without individually identifying visitors to Google. The main cookie used by Google Analytics is the "__ga" cookie. In addition to reporting from website usage statistics, Google Analytics, together with some of the advertising cookies described above, can also be used to show you more relevant ads on Google products (such as Google Search) and across the web.
Remarketing cookies: May appear to previous visitors or users when browsing other websites in the Google Display Network or searching for terms related to your products or services
Session cookie: These cookies store the visitor's location, browser language, payment currency, lifetime after browser closure, or up to 2 hours.
Mobile version, design cookie: Detects the device used by the visitor and switches to full view on mobile. Its lifespan is 365 days.
Cookie acceptance cookie: Upon arrival at the site, in the warning window, you accept the statement on the storage of cookies. Its lifespan is 365 days.
Facebook pixel (Facebook cookie):The Facebook pixel is a code with the help of which a report is prepared on the website about conversions, target audiences can be compiled, and the owner of the page receives detailed analysis data about the visitors' use of the website. With the help of the Facebook pixel, you can display personalized offers and advertisements to website visitors on the Facebook interface.
​
You can read Facebook's privacy policy here: https://www.facebook.com/privacy/explanation
If you do not accept the use of cookies, certain functions will not be available to you. You can find more information about deleting cookies at the following links:
• Internet Explorer: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11
• Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
• Mozilla: https://support.mozilla.org/hu/kb/weboldalak-altal-ellyezett-sutik-torlese-szamito
• Safari: https://support.apple.com/kb/ph21411?locale=en_US
• Chrome: https://support.google.com/chrome/answer/95647
Data related to online ordering:
Name, address (zip code, town, street, house number, floor, door), contact address, contact e-mail, phone number.
Data related to online administration
Name, contact email.
​
Our company does not send newsletters and does not manage data related to newsletters.
Purpose, method, and legal basis of data processing
General data management policy
​
The data processing of the Data Controller's activities is based on voluntary consent and legal authorization. In the case of data processing based on voluntary consent, the data subjects may withdraw this consent at any stage of the data processing.
In some cases, the processing, storage, and transmission of a certain set of data are required by law, of which we notify our customers separately.
We draw the attention of informants to the Data Controller that if they do not provide their own personal data, the informant is obliged to obtain the consent of the data subject.
Its basic data management principles are in line with the applicable legislation on data protection, and in particular with the following:
-
Act CXII of 2011 on informational self-determination and freedom of information (Privacy Act);
-
Regulation (EU) 2016/679 of the European Parliament and of the Council (April 27, 2016) - on the protection of natural persons with regard to the processing of personal data and the free flow of such data, and the repeal of Regulation 95/46/EC (general data protection regulation, GDPR);
-
Act V of 2013 on the Civil Code (Civil Code);
-
Act C of 2000 on Accounting;
-
LIII of 2017 on the prevention and prevention of money laundering and terrorist financing. law;
-
CCXXXVII of 2013 Act
Physical data storage locations
Your personal data (that is, the data that can be linked to your person) can be processed by us in the following way: on the one hand, in connection with maintaining the Internet connection, technical data related to the computer you use, browser program, Internet address, and visited pages are automatically generated in our computer system, on the other hand, you can also provide your name, contact information or other data if you wish to contact us personally when using the website.
Technically recorded data during the operation of the system: the data of the concerned applicant's computer that is generated during the voting and which the data management system automatically records as the result of the technical processes. The data system, which is automatically recorded, automatically logs the entry and exit without a separate declaration or action by the data subject. These data cannot be combined with other personal user data - except in cases made mandatory by law. Only the data controller has access to the data.
Data management, data transfer, data processing, the scope of those who get to know the data
Data transfer and data processing is carried out for and on behalf of the following companies.
​
If you use our services within Europe, your personal data will be transferred to FedEx Express International B.V., headquartered in Hoofddorp, Netherlands. If you use our services outside of Europe, your personal data will be transferred to FedEx Corporation, based in Memphis, Tennessee, USA, who will act as a data processor.
Name of data processor/controller: FedEx Express International B.V. Attn: Legal Department
Headquarters: Taurusavenue 111, 2132 LS Hoofddorp, Netherlands
Purpose: To ensure the home delivery of products purchased through the Webshop
Legal basis: consent of the data subject
Name of the data processor: FedEx Corporation, Attn: Legal Department - Compliance
Headquarters: 1000 Ridgeway Loop Road, Ste 600, Memphis, TN 38120, United States of America
Purpose: To ensure the home delivery of products purchased through the Webshop
Legal basis: consent of the data subject
Name of data processor/data controller: WIX.com:
Based at 40 Namal Tel Aviv St., Tel Aviv, Israel; and 500 Terry A. Francois Boulevard, 6th Floor, San Francisco, CA, 94158
Purpose: Hosting service
Name of data processor/data controller: karcmentes.com
Headquarters: 1125 Budapest, Istenhegyi út 101/D.
Purpose: invoicing program, issuing invoices
Legal basis: Compliance with tax and accounting legal obligations related to invoicing
Retention period: 8 years from the date of data collection, under Section 169 of Act C of 2000, which provides for the mandatory retention of accounting documents
Based on its agreement with the Data Controller, the Data Processors shall process the name, address, telephone number, and value of the orders within the civil law limitation period to fulfill the provisions of the agreement and the law.
Information related to data management related to bank card payments
When making purchases through the Webshop, the customer has the opportunity to pay the value of the order through PayPal, or with a bank card and bitcoin (cryptocurrency). During the execution of online payments, the Data Controller does not acquire the bank card data, they are only known and managed by the financial service provider operating the credit card payment page that allows secure payment.
Your rights and remedies
Within the period of data processing, you have the following rights in accordance with the provisions of the Regulation:
• the right to withdraw consent
• access to personal data and information related to data management
• right to rectification
• restriction of processing,
• right to erasure
• right to protest
• right to portability.
If you wish to exercise your rights, it involves your identification, and the Data Controller must communicate with you as necessary. Therefore, for the purpose of identification, it will be necessary to provide personal data (but the identification can only be based on data that the Data Controller manages about you anyway), and your complaint about data management will be available in the Data Controller's email account within the period specified in this information regarding complaints.
If you were a customer of ours and would like to identify yourself in order to handle complaints or warranty, please enter your order ID for identification. Using this, we can also identify you as a customer.
The Data Controller will respond to complaints related to data management within 30 days at the latest.
Right to information
The Data Controller shall take appropriate measures to provide data subjects with all the information referred to in Articles 13 and 14 of the GDPR and each provision of information pursuant to Articles 15 to 22 and 34 in a concise, transparent, intelligible, and easily accessible form, using clear and plain language.
The data subject's right of access
​
You are entitled to receive feedback from the Data Controller as to whether your personal data is being processed, and if it is being processed, you are entitled to:
• get access to the managed personal data and
• the following information should be provided by the Data Controller:
• the purposes of the processing;;
• categories of personal data processed about you;
• information about the recipients or categories of recipients to whom the personal data has been or will be disclosed by the Data Controller;
• the envisaged period for which the personal data will be stored or, if this is not possible, the criteria used to determine that period;
• your right to request from the Data Controller the correction, deletion or restriction of processing of your personal data and, in the case of data processing based on legitimate interests, to object to the processing of such personal data;
• the right to submit a complaint to the supervisory authority;
• if the data was not collected from you, all available information about its source;
• the fact of automated decision-making (if such a procedure is used), including profiling, as well as, at least in these cases, comprehensible information about the logic used and the significance of such data management and the expected consequences for you.
The purpose of exercising the right may be aimed at establishing and checking the legality of the data, therefore, in case of multiple requests for information, the Data Controller will charge a fair fee in exchange for providing the information.
Access to personal data is ensured by the Data Controller by providing you with your identification in a subsequent e-mail of the processed personal data and information. is registered, then we provide access so that when you enter your user account, you manage the data as personal data and prove it.
In your request, please indicate whether you are requesting access to personal data or information related to data processing.
​
Right to rectification
You have the right to request that the Data Controller correct inaccurate personal data concerning you without delay.
Right to erasure
If one of the following reasons exists, the data subject has the right to request that the Data Controller delete his/her personal data without undue delay:
• personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
• the data subject withdraws consent on which the processing is based and there is no other legal basis for the processing;
• the data subject objects to data processing and there is no overriding legal reason for data processing;
• the personal data have been unlawfully processed;
• personal data must be deleted to fulfill the legal obligation prescribed by EU or member state law applicable to the data controller;
• the personal data have been collected in relation to the offer of information society services.
The erasure of data cannot be initiated if the processing is necessary: for the purpose of exercising the right to freedom of expression and information; for compliance with a legal obligation that requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; for public health purposes or for archival, scientific or historical research purposes or statistical purposes, on grounds of public interest; or for the establishment, exercise or defense of legal claims.
Right to restriction of processing
At the request of the data subject, the Controller shall restrict the processing if one of the following conditions is met:
-
the accuracy of the personal data is contested by the data subject, in which case the restriction is granted for that period which allows the accuracy of the personal data to be verified;
-
the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead
-
the data controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise, or defense of legal claims; or
-
the data subject objected to data processing; in this case, the restriction applies to the period until it is determined whether the legitimate reasons of the data controller take precedence over the legitimate reasons of the data subject
If data management is subject to restrictions, personal data may only be processed with the consent of the data subject, with the exception of storage, or to submit, enforce or defend legal claims, or to protect the rights of another natural or legal person, or in the important public interest of the Union or a member state.
Right to data portability
If the processing is carried out by automated means, or if the processing is based on your voluntary consent, you have the right to request the Data Controller to receive the data you have provided to the Data Controller, which the Data Controller provides to you in xml, JSON or csv format, if this is technically feasible, to request that the Data Controller transmit the data in this form to another controller.
Right to protest
The data subject has the right to object at any time for reasons related to his own situation to the processing of his personal data necessary for the performance of a task carried out in the public interest or within the framework of the exercise of public authority granted to the data controller, or the processing necessary to enforce the legitimate interests of the data controller or a third party, including profiling based on the aforementioned provisions too. In the event of a protest, the data controller may no longer process the personal data, unless it is justified by compelling legitimate reasons that take precedence over the interests, rights and freedoms of the data subject, or that are related to the presentation, enforcement or defense of legal claims.
Automated decision-making in individual cases, including profiling
The data subject has the right not to be covered by the scope of a decision based solely on automated data management, including profiling, which would have a legal effect on him or affect him to a similar extent.
Right of withdrawal
The data subject shall have the right to withdraw his or her consent at any time.
Right to go to court
In the event of a violation of their rights, the data subject may apply to the court against the data controller. The court acts out of sequence in the case.
Data protection authority procedure
Complaints can be lodged with the National Authority for Data Protection and Freedom of Information:
National Authority for Data Protection and Freedom of Information
Headquarters: 1055 Budapest, Falk Miksa utca 9-11.
Postal address: 1363 Budapest, Pf. 9.
Email: ugyfelszolgalat@naih.hu
Phone: +36 (1) 391-1400; Fax: +36 (1) 391-1410
Miscellaneous
​
We provide information on data processing not listed in this prospectus at the time of data collection.
We inform our customers that the court, the prosecutor, the investigative authority, the infringement authority, the public administrative authority, the National Data Protection and Freedom of Information Authority, the Hungarian National Bank, or other bodies based on the authorization of the law, provide information, communicate data, transfer documents, or they can contact the data controller to make it available
The Data Controller shall disclose personal data to the authorities – if the authority has indicated the exact purpose and scope of the data – only to the extent and to the extent that is strictly necessary for the purpose of the request.
This document contains all relevant data processing information related to the operation of the webshop in accordance with the General Data Protection Regulation of the European Union No. 2016/679 (hereinafter referred to as the Regulation). GDPR) and Act CXII of 2011 (hereinafter referred to as the Info Act).