Privacy policy

Purpose of the Privacy Policy:

The purpose of this Privacy Policy is to ensure that the Data Controller processes the data provided by the Message Senders through the Website, by the Email Senders via email messages, and by Registrants during Registration, as well as by Buyers through the Webshop when placing an order, in accordance with Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information (hereinafter: Info Act) and Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter: GDPR).

 

Definitions:

Data Controller:

Vivina Kft.

(Regarding the company to be established in the future by or with the participation of Vivina Kft. for the continuation of services/activities provided through the Website, see the additional information in the Data Controller’s details below.)

Email: An email sent to the Data Controller.

Email Sender: A natural or legal person who sends an Email to the Data Controller.

Registrant: A person who registers on the Website.

Buyer: A person placing an order through the Webshop.

Webshop: The platform on the Website designed for purchases.

Data Subjects: Natural persons entitled to exercise rights concerning the protection of their personal data. These include the Email Sender, Message Sender, Registrant, and Buyer.

Website: The website operated by the Data Controller: www.vivinacafe.com.

Visitor: A person visiting the Website.

Message: A message sent by a Message Sender to the Data Controller via the contact form available on the Website.

Message Sender: A visitor who sends a message to the Data Controller through the Website.

 

Data Controller’s Details:

Vivina Kft.

Registered office: 1143 Budapest, Stefánia út 57. B

Tax number: 27553886-2-42

Website: www.vivinacafe.com

Email: hello@vivinacafe.com

The Company is not required to appoint a Data Protection Officer under Article 37 of the GDPR.

There is no data transfer to foreign countries.

Vivina Kft. informs Data Subjects that in the future, the operation of the Website and Webshop, and the services/activities provided through them, are planned to be taken over by a company to be established by or with the participation of Vivina Kft. Upon this transition, the newly established company will become the Data Controller, and data will be transferred to it. By accepting this Privacy Policy, Data Subjects acknowledge this information and give their prior consent to the transfer of their data to this third party. They will receive timely notice on the Website regarding any change in the Data Controller to exercise their rights.

 

Principles of Data Processing:

The Company follows these principles in data processing:

  • Processes personal data lawfully, fairly, and transparently.
  • Collects personal data only for specified, explicit, and legitimate purposes and does not process them incompatibly with these purposes.
  • Ensures the collected and processed data are adequate, relevant, and limited to what is necessary.
  • Takes reasonable steps to ensure data accuracy and updates them as necessary; incorrect personal data is promptly deleted or corrected.
  • Stores personal data in a way that allows identification only as long as necessary for the purposes of processing.
  • Ensures appropriate technical and organizational measures to protect personal data from unauthorized or unlawful processing, accidental loss, destruction, or damage.

 

Data Processing Activities:

This Privacy Policy applies to data processing for the following activities:

  • Receiving and sending Emails
  • Receiving and sending Messages
  • Registration
  • Purchases through the Webshop
  • Newsletter service

 

Purposes of Data Processing:

The Data Controller processes personal data for the following purposes:

  • Receiving and sending Emails: To respond appropriately to messages, inquiries, and requests received via Email.
  • Receiving and sending Messages: To facilitate communication between the Data Controller and Message Senders, ensuring requested information is provided.
  • Registration: To enable purchases in the Webshop, fulfill orders placed by Data Subjects as buyers, and issue invoices if a purchase is made.
  • Purchases through the Webshop: To accept orders, confirm, fulfill, and deliver them, issue invoices, and comply with regulatory requirements.
  • Newsletter service and sending marketing materials.

 

Scope of Processed Data:

The Data Controller processes only the following voluntarily provided data:

  • Receiving and sending Emails: The data provided by a third party in an Email for the purpose of responding or achieving the purposes specified in the Email.
  • Receiving and sending Messages: Data processed for receiving messages:
    • Subject (mandatory)
    • Last name (mandatory)
    • First name (mandatory)
    • Company name (mandatory)
    • Address/Headquarters (mandatory)
    • Email address (mandatory)
    • Phone number (optional)
    • Message (optional)
  • Registration:
    • Name
    • Billing name
    • Billing address (postal code, city, address)
    • Shipping address (postal code, city, address)
    • Phone number
    • Email address
    • Password
  • Purchases through the Webshop:
    • Billing name
    • Email address
    • Phone number
    • Billing address (postal code, city, address)
    • Shipping address (postal code, city, address)
  • For newsletters and direct marketing:
    • Name of consenting individuals
    • Email address

       

Data Retention Period:

  • Receiving and sending Emails: Data is stored for up to 5 years from receipt.
  • Receiving and sending Messages: Data is stored for up to 5 years from receipt.
  • Registration: Until the Data Subject withdraws consent or deletes their account, or for 5 years of inactivity. If a purchase was made, invoices will be stored for the required legal period.
  • Purchases through the Webshop: Accounting documents are retained for at least 8 years under the Accounting Act.
  • Newsletter service: Data is stored until the service is terminated or consent is withdrawn.

     

Legal Basis for Data Processing:

  • Receiving and sending Emails: Based on the Email Sender’s consent given by sending the Email.
  • Receiving and sending Messages: Based on the Message Sender’s consent given by submitting the Message.
  • Registration: Based on the voluntary and informed consent of the Data Subject provided by checking the relevant checkbox during registration.