Data Protection Statement

Imprint
 

Service Provider’s Name: Kun-Zóni Zsuzsanna ev.

Service Provider’s Registered Office: 1035 Budapest, Szellő utca 10.

Service Provider’s Contact: Kun-Zóni Zsuzsanna, hello@sanaa.hu

Registering Authority: Ministry of Interior

Tax Number: 68896254-1-33

Registration Number: 52405406

Chamber Membership: Chamber of Commerce and Industry, 1054 Budapest, Szabadság tér 7., mkik@mkik.hu

Hosting Provider: Wix.com Ltd., Headquarters: 5 Yunitsman Street, Tel Aviv-Yafo, 6936025, Israel, email: support@wix.com

We consider it very important to comply with the currently applicable data protection regulations and laws; therefore, below we describe in detail the data protection measures of www.sanaa.hu and its processes related to data collection.

​

The data is managed by Kun-Zóni Zsuzsanna ev., who is also responsible for the processing of personal data.

​

WHAT PERSONAL DATA DO WE PROCESS, AND WHY?

Personal data is any information that clearly allows the exact identification of an individual. On the www.sanaa.hu website, we process the following types of personal data, with the exact legal basis specified:

​

COMMUNICATION DATA
This includes any message you send to us via the website, email, social media messages, or any other form of communication. We process and retain this data to fulfill orders and to provide a basis for decision-making in the event of legal claims.

Our legal basis for processing this data is the user’s demonstrable interest in our activities, as evidenced by the messages addressed to us.

​

CUSTOMER DATA
This includes all data related to the purchase of products and services, such as the customer’s name, shipping and billing address, email address, phone number, and details of the purchased product. We process this data to successfully complete orders and to maintain legally compliant records of purchases.

The legal basis for storing this data is the performance of the contract established by the purchase between the customer and the Service Provider.

​

USER DATA
This includes data generated during the use of the website, which enables the technical operation of the site, ensures security, stores backups of user activity, and provides access to the most relevant content possible.

The legal basis for processing this data is the user’s demonstrable interest in our activities, which requires storage to ensure the technical operation and security of the site.

TECHNICAL DATA
This includes data generated during the use of the site, such as IP address, login information, browser data, time spent on individual pages, page views and navigation paths, number and times of site visits, time zones, and device data used to view the site.

The source of this data is our analytics software.

We process this data to analyze user habits on the site, maintain secure operation, and understand the effectiveness of certain marketing decisions.

The legal basis for processing is the user’s demonstrable interest in our activities, which allows us to process this data in compliance with security requirements and use it to improve business efficiency.

MARKETING DATA
This includes visitor preferences regarding what type of marketing content they wish to receive from us. We process this data to enable participation in sweepstakes and to send advertising related to our products/services that the user has shown interest in.

The legal basis for processing is the user’s demonstrable interest in our activities, which allows us to process the data in compliance with security requirements and use it to grow our business more effectively.

Collected data may also be used for purposes such as targeted, relevant advertising on the Facebook™ platform or other dynamic advertising surfaces, and to measure the effectiveness of such advertising.

The legal basis for processing is again the user’s demonstrable interest in our activities, enabling us to process the data in compliance with security expectations and to grow our business more effectively.

We do NOT collect sensitive data such as ethnicity, religious beliefs, sexual life and orientation, political opinions and trade union membership, health information, genetic or biometric data.

HOW DO WE COLLECT DATA?

Personal data may be collected when the user directly provides it (e.g., by placing an order or sending a message). In addition, some data is collected automatically during website use, such as through cookies and similar technologies. These are only activated after the user gives consent.

For more information, please see our Cookie Policy.

We may also receive certain data from external partners, such as analytics providers like Google (non-EU partner), advertising networks like Facebook™ (non-EU partner), and payment service providers such as PayPal (non-EU partner).

PRACTICAL STEPS FOR DATA PROTECTION

Protecting user data and complying with applicable regulations is extremely important to us.

Following a data protection impact assessment of the website, we created a list of the data collected, their necessity and legal basis, and their compliance with the law.

We place great emphasis on data protection at www.sanaa.hu and have made significant efforts to ensure the secure collection of information.

To protect data provided via forms and generated on the site, we use SSL certification across the entire website (Let’s Encrypt Authority X3 certification).

This privacy policy provides users with the ability to request information about, modify, or delete their personal data via forms.

Occasionally, for business purposes, we may share data with necessary service partners (e.g., hosting provider, courier company, newsletter software).

In such cases, we always ensure that partners comply with GDPR requirements, and for US-based partners, that they participate in the EU-US Privacy Shield initiative.

MARKETING COMMUNICATION

Marketing communication is essential for our business activities. The legal basis for this data processing is user interest in our services or explicit user consent.

In accordance with the EU Privacy and Electronic Communications Regulations (PECR), we send marketing messages to our users if they have purchased from us or explicitly consented to receive marketing messages.

We always provide clear options to suspend consent and unsubscribe from messages. Every email contains an unsubscribe link, or removal from our database can be requested via hello@sanaa.hu.

Even if unsubscribed from marketing communication, we may still send messages related strictly to order fulfillment.

NOTE ON PERSONAL DATA

Occasionally, it may be necessary to share certain personal data with our partners to maintain normal business operations:

• IT service providers and system maintenance/troubleshooting providers

• Professional partners such as lawyers, accountants, bankers, insurers

• Government authorities requesting reports on our activities

• Payment providers securely processing bank card data

• Courier services fulfilling orders to the provided shipping address

International Data Transfers
Sometimes, to maintain business operations, we may need to share user data with service partners outside the European Economic Area (EEA).

Since countries outside the EEA often do not provide the same level of data protection, European law prohibits such data transfers unless certain conditions are met.

Whenever personal data is transferred outside the EEA, we take the following steps in addition to those mentioned in section 4 to ensure secure handling:

• Transfer only to countries deemed adequate by the European Commission regarding data protection.

• Use only US-based services that participate in the EU-US Privacy Shield initiative.

If these conditions are not met, we request the user’s explicit consent for data transfer, which can be withdrawn at any time.

EXTERNAL LINKS

This site may contain links to external websites or embedded code snippets enabling external services.

Clicking such links or using embedded solutions may allow external partners to collect user data.

Although we make every effort to vet our partners properly, we have no control over their privacy policies and are not responsible for their data handling practices.

DATA RETENTION

We only store user data for as long as required by legal/accounting/reporting obligations or as long as needed to operate the service.

When determining the retention period, we consider the amount, nature, and sensitivity of the data, and the potential impact of a data breach.

For tax purposes, we must retain customer billing and purchase data for at least 8 years to comply with legal obligations.

In some cases, anonymized data may be used for statistical purposes, which may be stored indefinitely without notice.

USER RIGHTS

As citizens of the European Union, users of this site are granted the following rights under the General Data Protection Regulation (GDPR):

a. Access to Personal Data
Users have the right to request a copy of the personal data stored by businessrise.hu. This request is generally fulfilled free of charge within 14 days of submission.
In cases of repeated, abusive, or unjustified requests, the Service Provider may charge a reasonable fee and may require more time.

The Service Provider may request proof of identity before releasing data to prevent misuse. To request your personal data, please email hello@sanaa.hu.

b. Modification of Personal Data
If personal data has changed or was entered incorrectly, users have the right to request corrections. Please contact hello@sanaa.hu for modifications.

c. Request for Deletion of Personal Data
Users have the right to request the deletion of all their personal data. Requests are fulfilled free of charge within 14 days. After deletion, the user account will no longer be accessible, and previously purchased materials may also become unavailable, as personal data is essential for account access.

The Service Provider may request proof of identity before deletion to prevent misuse.

d. Restriction of Data Processing
Users have the right to request limitations on sharing their data with third-party service partners. During the request, the user may specify which partners should be restricted.

However, please note that cooperation with certain providers is essential for the site’s operation (e.g., PayPal as a payment provider). Restricting them may make the site’s services inaccessible.

The Service Provider may request proof of identity before restricting data transfer to prevent misuse.

In Hungary, the official authority responsible for data protection is the National Authority for Data Protection and Freedom of Information (NAIH). Users can learn more about their data protection rights on the NAIH website.

National Authority for Data Protection and Freedom of Information
1055 Budapest, Falk Miksa utca 9-11
Phone: +36 1 391 1400
Email: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu

ANONYMIZED DATA AND “COOKIES”

On www.sanaa.hu, email messages, and advertisements, we use cookies and similar technologies, such as tracking codes, remarketing tags, and pixels, which are only activated after the user consents.

These technologies help us better understand user behavior and interests, thereby supporting higher quality and more efficient operation.

Our goal is to make businessrise.hu as user-friendly and personalized as possible. If the user wishes to block the recording of non-personal data by these technologies, it can be done in the following ways:

• Using cookie warnings displayed on the website

• By disabling cookies in the browser

• Or by using this tool

Would you like me to also translate the Cookie Policy section in full (if you have it), so the entire Privacy Policy package is complete in English?