The purpose of this Privacy Notice is to describe the rules governing the processing of personal data carried out by Design Korzó Bt. (registered office: 2097 Pilisborosjenő, Ady Endre utca 11/A, Hungary, company registration number: 13-06-073699, tax number: HU27395378), acting as data controller (hereinafter referred to as the “Data Controller”).
This Privacy Notice applies to the processing of personal data carried out in connection with the use of the Loving Wallpaper online store and related online services.
The Data Controller processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR), as well as the applicable Hungarian and European Union data protection legislation.
This Privacy Notice does not apply to websites, services or content operated by third parties to which the Website contains links. The processing of personal data in connection with such services is governed by the privacy notice of the respective service provider.
2. Definitions
Processing of Personal Data: any operation performed on personal data, in particular the collection, recording, storage, organisation, use, transfer, deletion or destruction thereof.
Data Controller: the person or organisation that determines the purposes and means of processing personal data.
The Data Controller under this Privacy Notice is:
Design Korzó Bt.
Registered office: 2097 Pilisborosjenő, Ady Endre utca 11/A, Hungary
Company registration number: 13-06-073699
Tax number: HU27395378
E-mail: hello@lovingwallpaper.com
Personal Data: any information by which a natural person can be identified directly or indirectly.
Data Processor: a natural or legal person who processes personal data on behalf of the Data Controller.
Website: the Loving Wallpaper online store and related online interfaces.
User: any natural person who uses the Website, registers, subscribes to the newsletter, initiates contact or places an order.
Third-Party Service Provider: a third-party service provider that provides services to the Data Controller and may, in connection with those services, have access to or process personal data.
Privacy Notice: this Privacy Notice.
3. Categories of Personal Data Processed
3.1. Data Automatically Processed During the Use of the Website
During visits to the Website, the Data Controller’s systems may automatically record certain technical data, in particular:
• IP address;
• browser type and version;
• operating system information;
• date and time of the visit;
• information about visited pages and actions performed;
• technical log data related to the use of the Website.
These data are processed for the purpose of ensuring the secure operation of the Website, detecting errors, and improving the service.
3.2. Data Processed During the Placement of an Order
When placing an order, the Data Controller may process, in particular, the following personal data:
If the User contacts the Data Controller by e-mail, contact form or any other means, the Data Controller processes the personal data provided during the contact request, in particular the name, e-mail address, telephone number and the content of the message.
3.4. Data Processed During Newsletter Subscription
In the event of using the newsletter service, the Data Controller processes the subscriber’s name and e-mail address.
4. Cookies and Other Technical Data
4.1.
The Website uses cookies and similar technologies for the purpose of ensuring proper operation, improving user experience, preparing statistical analyses and supporting marketing activities.
4.2.
Detailed information regarding the use of cookies is provided in the separate Cookie Notice.
4.3.
During the use of the Website, certain technical data may be automatically logged in order to ensure the security, stability and proper operation of the system.
5. Purpose and Legal Basis of Data Processing
5.1. Purposes of Data Processing
The Data Controller processes personal data, in particular, for the following purposes:
a) identification of the User and communication with the User;
b) processing, fulfilment and tracking of orders;
c) fulfilment of invoicing and accounting obligations;
d) ensuring the delivery of ordered products;
e) handling customer service enquiries;
f) sending newsletters and marketing communications based on the User’s consent;
g) operation, development and maintenance of the security of the Website;
h) preparation of statistical analyses and traffic measurements;
i) enforcement of the Data Controller’s rights and legitimate interests;
j) fulfilment of obligations required by law.
The Data Controller does not use personal data for purposes other than those listed above.
5.2. Legal Bases for Data Processing
The Data Controller processes personal data on the basis of one of the following legal grounds:
• the User’s consent;
• conclusion or performance of a contract;
• compliance with a legal obligation;
• the legitimate interest of the Data Controller.
In the case of data processing based on consent, the User is entitled to withdraw their consent at any time. The withdrawal of consent shall not affect the lawfulness of data processing carried out prior to the withdrawal.
During the operation of the Website, the Data Controller may process technical data, in particular IP addresses, on the basis of its legitimate interest for the purpose of ensuring system security, preventing misuse and providing services lawfully.
The legal basis for the processing of personal data necessary for the fulfilment of orders is the performance of the contract concluded between the User and the Data Controller.
5.3. Data Transfers
The Data Controller transfers personal data exclusively to data processors necessary for the provision of services and to authorities in cases prescribed by law.
5.4. Providing the Data of Third Parties
If the User provides the Data Controller with the personal data of another person, the User is obliged to ensure that they have the legal basis necessary for the processing of such data.
5.5. Accuracy of the Data Provided
The User is responsible for ensuring that the data provided by them are accurate, truthful and up to date.
6. Principles and Methods of Data Processing
6.1.
The Data Controller processes personal data lawfully, fairly and transparently in accordance with applicable data protection legislation, in particular the provisions of the GDPR.
6.2.
The Data Controller processes only such personal data as are necessary for the achievement of the purpose of processing and retains them only for as long as necessary.
6.3.
If the Data Controller intends to use personal data for a purpose other than the original purpose of processing, the data subject shall be informed in advance and, where necessary, their consent shall be obtained.
6.4.
The User is responsible for the accuracy and up-to-date nature of the personal data provided.
6.5.
The services of the Website are primarily intended for persons who have reached the age of 16. If the processing of personal data concerns a person under the age of 16, the consent of the person exercising parental responsibility is required for the processing of personal data.
6.6.
The Data Controller transfers personal data exclusively to the data processors specified in this Notice and to authorities entitled to receive such data under applicable law.
6.7.
The Data Controller implements appropriate technical and organisational measures to ensure the security of personal data and to protect them against unauthorised access, alteration, disclosure, deletion, loss or destruction.
6.8.
Pursuant to the provisions of the GDPR, the Data Controller is not required to appoint a Data Protection Officer.
7. Duration of Data Processing
7.1.
The Data Controller processes personal data only for as long as necessary to achieve the purpose of processing or for the period required by applicable law.
7.2.
Personal data provided during contact with the Data Controller shall be retained by the Data Controller for a maximum period of 90 days following the closure of the relevant enquiry, unless a legal obligation or legitimate interest justifies a longer retention period.
7.3.
Data related to purchases, orders and invoicing shall be processed by the Data Controller for the retention period prescribed by the applicable accounting and tax legislation.
7.4.
The data of persons subscribed to newsletters or marketing communications shall be processed by the Data Controller until consent is withdrawn.
7.5.
The Data Controller is entitled to retain personal data for the period necessary for the establishment, exercise or defence of legal claims, as well as for the conduct of administrative or judicial proceedings.
7.6.
The Data Controller shall delete or anonymise personal data where their processing is no longer necessary or where, following a request for erasure by the data subject, there is no legal obstacle to such deletion.
7.7.
The Data Controller shall handle requests relating to the erasure, rectification, restriction of processing of personal data and the exercise of other data protection rights in accordance with the provisions of the GDPR.
8. Rights of Data Subjects
8.1. Right of Access
The data subject is entitled to request information as to whether the Data Controller processes their personal data and, where such processing takes place, is entitled to obtain access to the personal data processed by the Data Controller and to information relating to such processing.
8.2. Right to Rectification
The data subject is entitled to request the rectification of inaccurate personal data and the completion of incomplete personal data.
8.3. Right to Erasure
The data subject is entitled to request the erasure of their personal data where the legal conditions for erasure are met.
The Data Controller shall not erase personal data where their processing is necessary for compliance with a legal obligation or for the establishment, exercise or defence of legal claims.
8.4. Right to Restriction of Processing
The data subject is entitled to request the restriction of the processing of their personal data in the cases specified by the GDPR.
8.5. Right to Data Portability
The data subject is entitled to request that the personal data provided to the Data Controller be supplied in a structured, commonly used and machine-readable format and may also request that such data be transmitted to another controller where the legal conditions for such transmission are met.
8.6. Right to Object
The data subject is entitled to object to the processing of their personal data where the legal basis for processing is the legitimate interest of the Data Controller or a third party.
8.7. Withdrawal of Consent
Where the processing is based on consent, the data subject is entitled to withdraw their consent at any time. The withdrawal of consent shall not affect the lawfulness of processing carried out prior to the withdrawal.
8.8. Right to a Remedy
The data subject is entitled to lodge a complaint with the competent data protection authority and to seek judicial remedy in the event of a violation of their rights.
8.9. Contact
The data subject may submit requests relating to the processing of their personal data at the following contact address:
E-mail: hello@lovingwallpaper.com
The Data Controller shall assess and respond to requests within the time limits prescribed by the applicable data protection legislation.
9. Data Processors and Third-Party Service Providers
9.1.
The Data Controller may engage data processors for the performance of its activities. Data processors act on behalf of the Data Controller and in accordance with its instructions and do not have independent decision-making authority.
9.2.
The Data Controller is entitled to supervise the activities of data processors. Data processors may engage additional data processors only with the authorization of the Data Controller.
9.3.
For the operation of the Website, the preparation of analyses, the support of marketing activities, the management of advertisements and the fulfilment of orders, the Data Controller may engage third-party service providers.
9.4.
Third-party service providers process the data transferred to them in accordance with their own privacy policies. The Data Controller shall take all measures reasonably expected of it to ensure that third-party service providers process personal data in compliance with the applicable data protection legislation.
9.5.
The Data Controller may in particular use the following service providers:
• Google LLC (Google Analytics, Google Ads, Google Tag Manager and related services)
• Meta Platforms, Inc. (Facebook, Instagram, Meta Pixel)
• TikTok Technology Limited (TikTok Pixel and related marketing services)
• Pinterest Europe Ltd. (Pinterest Tag and related marketing services)
• Tárhely.Eu Szolgáltató Kft. (hosting services)
9.6.
Third-party service providers may use cookies, similar technologies, and statistical and marketing tracking codes for the analysis of Website usage, the improvement of user experience and the support of marketing activities.
9.7.
Detailed information regarding the use of cookies and similar technologies is set out in the Cookie Policy.
9.8. Payment Service Providers
For the processing of payments on the Website, the Data Controller may engage third-party payment service providers.
Payment service providers process the personal data transferred to them, as well as the data provided during payment transactions, in accordance with their own privacy policies.
The Data Controller does not have access to payment card details and does not store such data.
The payment service providers used by the Data Controller include in particular:
• Barion Payment Zrt. (processing of online payment card transactions)
In the case of bank transfers, the processing of payment data provided by the Buyer shall be governed by the data protection rules of the payment service provider executing the transfer and the bank maintaining the Data Controller’s account.
The payment service provider used in a particular transaction is always indicated during the payment process.
10. Data Transfers
10.1.
The Data Controller is entitled and obliged to transfer personal data to competent authorities, courts or other authorised bodies where such transfer is required by law, an official decision or any other binding legal provision.
10.2.
The Data Controller carries out data transfers in accordance with the applicable data protection legislation and other relevant legal requirements.
11. Amendment of the Privacy Policy
11.1.
The Data Controller reserves the right to amend or supplement this Privacy Policy at any time.
11.2.
The amended Privacy Policy shall become effective on the date of its publication on the Website.
12. Legal Remedies
12.1.
Questions, requests or complaints relating to the processing of personal data may be submitted to the following e-mail address:
hello@lovingwallpaper.com
12.2.
The data subject has the right to lodge a complaint with the National Authority for Data Protection and Freedom of Information (NAIH):
Address: 1055 Budapest, Falk Miksa utca 9-11.
Postal address: 1363 Budapest, Pf. 9.
Telephone: +36 1 391 1400
E-mail: ugyfelszolgalat@naih.hu
Website: www.naih.hu
12.3.
In the event of a violation of their rights, the data subject is entitled to bring legal proceedings before a competent court in accordance with the applicable legal provisions.
This website uses cookies to improve your experience.
By using this website you agree to our Privacy Notice.
