Purpose of the regulations
The purpose of these regulations is to establish the data protection and data management policy for 3Dic Ltd. (located at Hungary, 1131 Budapest, Reitter Ferenc utca 132., VAT number: HU27766349), taking into account the principles of data protection and management as specified by law. This ensures the respect for the personal rights of data subjects, especially the right to the protection of personal data during the processing and handling of such data.
Interpretative provisions
1. Data Controller: An individual or entity, or an organization without legal personality, who alone or jointly with others decides on the purposes and means of data processing, either making decisions about the processing or entrusting a data processor with its execution.
2. Data Management: Refers to any operation or set of operations performed on data, using any method. This includes, but is not limited to, collecting, recording, organizing, storing, modifying, using, querying, disclosing, aligning, combining, blocking, deleting, and destroying data. It also covers measures to prevent further use of data, capturing photos, sounds or images, and recording physical characteristics (such as fingerprints, DNA samples, iris scans) for identification purposes.
3. Personal Data: Information related to an identifiable person that can be traced back to them, specifically including names, identification numbers, and information concerning their physical, psychological, economic, cultural, or social attributes, along with any conclusions drawn from such data.
4. Consent: The freely given, informed, and explicit indication of the data subject’s agreement to process their personal data, either wholly or in part.
5. Data Processing: Involves the execution of technical tasks associated with data management activities, using any methods and equipment, regardless of where the activities take place, as long as the task involves handling the data.
6. Data Processor: An individual or organization, with or without legal personality, who processes data on behalf of the controller, under a contract that conforms to legal requirements.
7. Data Subject: Any natural person who can be identified, directly or indirectly, through personal data.
Name of the data controller
3Dic Ltd. (Hungary, 1131 Budapest, Reitter Ferenc utca 132., VAT number: HU27766349)
E-mail: info@3dic.hu – hereinafter referred to as the Service Provider
The Service Provider, in its capacity as Data Controller for 3Dic Ltd., commits to upholding the Informational Self-Determination and Freedom of Information Act of 2011 (Act CXII) in the processing of customer personal data. Registration of data processing in the Data Protection Register of 2011 Act CXII is not required under Section 65 (3)(a) of the Act, as the data processing concerns only customers and excludes other categories like utility or telecommunication service providers. Customers are entitled to withdraw consent for data processing at any time.
The data processors, both natural and legal persons, are authorized to access the data
The data controller and its staff are granted access to the data, which will not be made public or shared with external parties.
Scope of personal data processed
1. During the registration process, Customers are required to provide the following personal details: email address, name, city, street, house number, postal code, and telephone number. The Website’s database retains this information to facilitate any potential service agreements, but the data controller is not authorized to share this information for marketing or any other purposes without explicit consent from the Customer. By agreeing to the terms of service, the Customer acknowledges entering into a customer relationship with the Service Provider for accessing freely available materials, during which they agree to the processing of the aforementioned data. Under this condition, the Service Provider recognizes these individuals as customers and handles their data in accordance with customer data management regulations.
2. During visits to the Website, one or more cookies—a small data packet sent from the server to the browser, which the browser sends back to the server with each request—are used to uniquely identify the browser. These cookies are strictly used to enhance user experience, streamline the login process, and assess the effectiveness of our advertising campaigns.
Legal foundation and objectives of data processing
1. Data processing occurs based on the users’ express consent provided through a well-informed declaration upon voluntarily completing questionnaires on the Website for both sellers and buyers. This declaration includes users’ explicit agreement to the use of their personal data collected during their interaction with the site. The voluntary consent of the data subjects serves as the legal basis for processing their data. Users consent to the processing of the specified data by explicitly agreeing to these data protection regulations, either by ticking the appropriate box or by voluntarily providing the requested data.
2. The objective of data management is to facilitate the delivery of services offered on the Website. The Service Provider retains customer data solely to verify the terms of any potential future orders. The use of email addresses collected through questionnaires is as follows: these addresses are utilized to identify the customer, facilitate communication, and distribute professional newsletters. With the customer’s explicit consent, the data controller may send newsletters that include marketing promotions or advertisements to the registered email address. The processing of customer data is conducted exclusively using computerized data processing methods.
3. Automatically collected data aims to generate statistics, support the technical development of the IT system, and protect user rights.
4. The data controller is prohibited from using the provided personal data for purposes other than those outlined in these sections. Sharing personal data with third parties or authorities can only occur with the user’s explicit prior consent unless legally mandated otherwise.
5. The data controller does not verify the personal data supplied. The individual who provides the data is solely responsible for its accuracy. When a customer provides an email address, they must also ensure that they are the sole recipient of services at that address. Consequently, all responsibilities related to accessing the provided email address lie solely with the user who registered it.
Duration of data management
1. Data processing of information required for registration commences at the time of registration and continues until the data is deleted. For data that is not mandatory, processing begins when the data is provided and ends when it is deleted.
2. The stipulations mentioned above do not impact obligations to retain data as mandated by relevant laws (e.g., accounting regulations).
Persons authorized to access the data
1. The data is primarily accessible by the Service Provider and its internal staff. The data is neither published nor transferred to third parties.
2. The Service Provider may engage a data processor (e.g., system operator, accountant) for managing the underlying IT systems, order fulfillment, and financial transactions. The Service Provider is not liable for the data management practices of these external entities.
3. Beyond the cases mentioned, personal data related to the Customer may only be transferred in situations prescribed by law or with the Customer’s explicit consent.
Customer rights
1. Customers have the right to inquire about the personal data held by the Service Provider at any time and may request the deletion of their data using the contact details provided in this document.
2. At the request of the Customer, the Service Provider shall provide information about the data processed by it, the purpose, legal basis and duration of the data processing, as well as who receives or has received their data. The Service Provider shall provide the requested information in writing within 30 days of the submission of the request.
3. The data subject may exercise his / her rights at the following contact details: mailing address: 3Dic LTD. (Hungary, 1131 Budapest, Reitter Ferenc utca 132.) The Customer may contact the employee of the Service Provider with any questions or remarks related to data management via the above contact information.
4. Customers have the right to request the correction or deletion of inaccurately recorded data at any time by sending a written request to the address provided. However, this does not cover data processing mandated by law (e.g., for accounting purposes), which the Service Provider is required to retain for the prescribed duration.
5. Customers may enforce their rights through legal proceedings and may seek assistance from the Data Protection Commissioner.
6. If a customer submits third-party data during questionnaire completion for service usage, or causes any damage through their use of the Website, the Service Provider reserves the right to seek compensation from the customer. In such instances, the Service Provider will provide all necessary assistance to the authorities to identify the offending party.
Other provisions
1. The Service Provider’s system may collect data related to user activity which cannot be connected to the personal information supplied by users during registration or to data created through the use of other websites or services.
2. Whenever the Service Provider intends to utilize data for purposes other than those for which it was originally collected, it will notify the user and either seek explicit prior consent or offer the option to refuse permission for such use.
3. The Service Provider is committed to safeguarding the security of the data and will implement technical measures to protect data that is recorded, stored, and processed, striving to prevent their destruction, unauthorized access, and unauthorized modification. It also obligates any third party receiving the data to adhere to these protective measures.
4. The Service Provider retains the right to unilaterally modify these regulations, notifying customers in advance. Continued use of the service following such modifications constitutes implicit agreement to the amended terms by the customer.