Data Protection Policy

Egri Borvár Ltd. (hereinafter referred to as “Service Provider”) processes the data of visitors to the www.tothferencpinceszet.hu website (hereinafter referred to as “Website”) and individuals who register on the Website, as well as persons placing orders (hereinafter collectively referred to as “Data Subject”). In connection with the processing of data, the Service Provider hereby informs Data Subjects about the personal data processed by it on the Website, the principles and practices followed in the processing of personal data, and the ways and possibilities for exercising the rights of Data Subjects. By using the Website, Data Subjects accept the information in the Privacy Notice and consent to the data processing defined below. Purpose of data processing The Service Provider stores and processes the data provided by the Data Subject in a targeted manner for the purpose of fulfilling the order, enabling invoicing, delivering the products to the address provided, handling complaints, maintaining contact, proving the conditions of the contract at a later time, and sending newsletters – if the Data Subject has subscribed. The purpose of automatically recorded data is statistical analysis and technical development of the IT system. The Service Provider will not use or may not use personal data for purposes other than those defined above. The disclosure of personal data to third parties or authorities is only possible with the prior and express consent of the Data Subject, except where required by law. If the Service Provider wishes to use the data provided for a purpose other than the original data collection purpose, it will inform the Data Subject and obtain their prior and express consent or allow them to prohibit the use. Data processing legal basis Data processing takes place based on the voluntary declaration of the users of the Website, provided adequate information, which includes the expressed consent of the Data Subject for the use of their personal data communicated during the use of the Website. The data processing by the Service Provider is based on the voluntary consent of the Data Subject, according to paragraph 5 (1) a) of Act CXII of 2011 on Informational Self-Determination and Freedom of Information (hereinafter referred to as the Info Act) and Act CVIII of 2001 on certain issues of electronic commerce services and information society services. The Service Provider does not verify the authenticity of the personal data provided to it. The accuracy of the data provided is the sole responsibility of the person providing it, the Data Subject, the contracting party. When providing any email address, the Data Subject also assumes responsibility for ensuring that only they use the service from the provided email address. Due to this responsibility, any liability related to logins or orders made using a given email address will be borne solely by the Data Subject who registered the email address. Designation of the Service Provider as the data controller Company name: Egri Borvár Kft Registered office: 3300 Eger, Kistályai út 40. Phone: +36 36 311 552 Email: [email protected] Tax ID: 14330829-2-10 Company registration number: 10-09-028365 Registration authority: Company Registry of Egri Törvényszék Bank account number: 10300002-10407568-49020011 Bank: MKB Bank Zrt. NAIH number: NAIH-142193/2018 The handling of personal data that is required during registration begins with the submission of an order or registration and continues until it is deleted. The provided personal data can be deleted at any time after a deletion request has been sent. After the request is received, the Service Provider will delete the personal data from its system within 5 business days. Duration of data processing The system stores logged data for a maximum of 12 months from the date of logging, with the exception of the date of the last visit, which is automatically overwritten. The above provisions do not affect compliance with retention obligations specified by legislation (such as accounting legislation) or data processing based on additional consents given during registration on the Website or in any other way. Scope of processed personal data Data provided during registration or when placing an order without registration. During registration, the Data Subject must provide an email address and a password on the registration interface. The system automatically logs in the user after successful registration, and the user can then enter their billing and shipping information. The Service Provider will use this information to process the order and communicate with the Data Subject. The Data Subject may also choose to provide additional personal information, such as their name, phone number, or billing and shipping address. Technical data The data of the user’s computer accessing the service that are generated during the use of the service and recorded automatically by the Provider’s system as a result of technical processes. These include the date and time of the visit, the IP address of the user’s computer, the type of browser, and the address of the web page visited and previously visited. The system automatically logs the data recorded without the user’s declaration or action upon entry or exit. Except as required by law, these automatically recorded data cannot be linked to other personal user data. Only the Provider has access to the data. The HTML code of the website may contain links to external servers independent of the Provider. These links may enable the providers to collect user data by connecting directly to their own servers. Cookies The Provider and designated external providers place and read a small data package, a cookie, on and from the user’s computer to enable personalized service. If the browser sends back a previously saved cookie, the service provider can link the current data stored during the user’s visit to previous data, but only in terms of its own content. The Service Provider uses the following cookies: Session cookies: session cookies are automatically deleted after the User’s visit. These cookies are used to make the Service Provider’s website operate more efficiently and securely, so they are essential for certain functions or applications of the website to work properly. Persistent cookies: the Service Provider also uses persistent cookies to improve the user experience (e.g. providing optimized navigation). These cookies are stored in the browser’s cookie file for a longer period of time, depending on the settings applied by the User in their internet browser. Cookies used for password-protected sessions. Cookies necessary for the shopping cart. Security cookies. The “Help” function in most browser menus provides information on how the User can: disable cookies in their browser, accept new cookies, instruct their browser to set a new cookie, or turn off other cookies. External servers assist in the independent measurement and auditing of website traffic and other web analytics data (Google Analytics). The data processors can provide detailed information to the User on how the measurement data is managed. Their website: www.google.com/analytics/ If the User does not want Google Analytics to measure the above data in the manner and for the purpose described, they can install the add-on that blocks it in their browser. Newsletter In case of subscribing to the newsletter, the Data Subject is obliged to provide their email address and full name to the Service Provider. The newsletter contains direct marketing elements and advertisements. The Service Provider handles the data provided by the Data Subject during the use of the newsletter. Regarding the newsletter, the Service Provider will handle the Data Subject’s data provided during the newsletter subscription until the Data Subject unsubscribes from the newsletter by clicking on the “Unsubscribe” button at the bottom of the newsletter or requests to be removed from the list of newsletter subscribers by email or mail. After unsubscribing, the Service Provider will no longer send newsletters to the Data Subject upon receipt of the request (by email, mail, or by clicking the “Unsubscribe” button). The circle of persons who have access to the data, data transmission, data processing The data can primarily be accessed by the Service Provider and its internal employees, but they do not disclose or transfer them to third parties. The Service Provider may use a data processor (such as a system operator, transport company, or accountant) for the performance of orders and settlement of accounts. Data processors’ identification Name: GLS General Logistics Systems Hungary Package Logistics Ltd. Registered office: 2 GLS Európa utca, Alsónémedi 2351, Hungary Email: [email protected] Activity: Courier service — Name: Teya hf. Registered office: Ármúli 30, 108 Reykjavik, Iceland Email: [email protected] Activity: Financial service provider — Name: PayPal (Europe) S.à.r.l. et Cie, S.C.A. Registered office: 22-24 Boulevard Royal L-2449, Luxembourg. Activity: Financial service provider — Name: Lukrécia Boricsné Csór Email: [email protected] Activity: Accounting In addition to the above, the transfer of personal data relating to the Data Subject may only take place in cases specified by law or with the Data Subject’s consent. Rights of data subjects and possibilities for enforcement Right to information The data subject is entitled to request information from the Service Provider at any time regarding the personal data concerning him or her that is processed by the Service Provider, and, with the exception of the email address provided during registration, may modify such information at any time in his or her own account on the Website. At the request of the data subject, the Service Provider shall provide information on the personal data concerning him or her that is processed by the Service Provider, the purpose of the data processing, the legal basis for the data processing, the duration of the data processing, and who receives or has received his or her data and for what purpose. The Service Provider shall provide the requested information in writing within 30 days of receipt of the request. The data subject may contact a representative of the Service Provider at the contact details specified below for any questions or remarks related to data processing. The data subject may request the deletion, correction, or blocking of his or her data The data subject is entitled to request the correction of incorrectly recorded data or the deletion of such data at any time at one of the contact details specified below. The Service Provider shall delete the data within 5 business days of receipt of the request, and the data will not be recoverable in this case. The deletion does not apply to data processing necessary under legal regulations (e.g., accounting regulations), which the Service Provider shall retain for the required duration. Furthermore, the data subject may request the blocking of his or her data. The Service Provider shall block the personal data if the data subject requests it, or if it can be assumed based on the available information that the deletion would violate the data subject’s legitimate interests. The personal data thus blocked may only be processed for as long as the purpose of the data processing that prevented the deletion of the personal data exists. The data subject and all those to whom the data was previously transmitted for the purpose of data processing must be notified of the correction, blocking, and deletion. Notification may be waived if it does not violate the data subject’s legitimate interest in light of the purpose of the data processing. If the data controller does not comply with the data subject’s request for correction, blocking, or deletion, the data controller shall provide the factual and legal reasons for the rejection of the request in writing within 30 days following receipt of the request. The data subject can object to the processing of their personal data. The service provider shall examine the objection as soon as possible, but no later than 15 days after the request has been submitted, make a decision on the validity of the objection, and inform the applicant of the decision in writing. The data subject may exercise their rights through the contact details provided in point 3: They may contact the National Authority for Data Protection and Freedom of Information (NAIH) (address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.; website: www.naih.hu) or Enforce their rights before a court of law, in accordance with the Hungarian Information Act and the Civil Code (Act V of 2013). If the data subject has provided the data of a third party during registration or ordering, or has caused any damage in any way while using the Website, the Service Provider is entitled to claim compensation from the data subject. In such a case, the Service Provider shall provide all possible assistance to the competent authorities to determine the identity of the person who committed the violation. Use of email addresses The Service Provider pays special attention to the legality of the use of electronic mail addresses it manages, and uses them only for sending informative or promotional emails in the manner defined below. The management of email addresses primarily serves the purpose of identifying the data subject, fulfilling orders, and facilitating communication during the use of the services, thus email sending is primarily carried out for these purposes. Data security The Service Provider is committed to ensuring the security of data, and takes technical measures to ensure that the recorded, stored and processed data are protected and prevents their destruction, unauthorized use, and unauthorized modification. The Service Provider also undertakes to ensure that any third party to whom the data may be transmitted or disclosed is also called upon to comply with these obligations. Other provisions The Service Provider reserves the right to unilaterally modify this Privacy Policy with prior notice to the data subjects. After the entry into force of the modification, the data subject shall be deemed to have accepted the provisions contained in the modified Privacy Policy by using the Website.

CONTACT

WINE SHOP AND CELLAR

3300 Eger, Kistályai street 40.
+36 36 311-552  | +36 30 519-1088
E-mail address

OPENING HOURS

MON – FRI: 11:00 – 17.00
SAT: 08.00 – 14.00
SUN: CLOSED

SZÉPASSZONY VALLEY

3300 EGER, CELLAR 46.
+36 30 602 0372

OPENING HOURS

MON – TUE – WED: CLOSED
THURS: 12.00 – 18.00
FRI: 12.00-21.00
SAT: 10.00-21.00
SUN: 10.00-18.00

WINE TOURISM AND TASTING

+36 30 178 7042
E-Mail address

EXPORT

Éva Barta
+36 20 988 6161
E-Mail address

USEFUL LINKS

Newsletter

By clicking the Subscribe button, I declare that I have read and accept the Privacy Policy.

Follow us

© 2023 created by kriet.studio

© 2023 created by kriet.studio

We need to verify your age

Are you over 18?

Cookie policy

This site uses cookies to provide our services and to display relevant content. By using our site, you acknowledge that you have read and understood our Cookie Policy, Privacy Policy and Terms of Service. Your use of our website, including our services and content, is subject to these policies and terms.

By using our site, you agree to the terms of our Privacy Policy.