DXN-Brand

DXN Customer Privacy Policy (EUROPE)

1. Introduction

A DXN Marketing Sdn. Bhd. (hereinafter: Service provider, Data controller) is hereby bound by the following Policy:

According to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), we hereby make the following notice.

The present Privacy Policy governs the data management practices of the following sites: www.dxn2u.com

The Privacy Policy is available at https://eworld.dxn2u.com/index.php?r=help%2Fprivacyeu​

           The present policy was prepared based on the GDPR and the relevant Hungarian legislation.

The policy modifications shall take effect at the time of publication at the above address.

 

​1.1 Data controller and its contact information:

Name: DXN Marketing Sdn. Bhd.

Registered office: 39, Salween Road, Georgetown, Pulau Pinang, Malaysia. Kedah.

Postal address: 10050

E-mail: member@dxn2u.com

 

​1.2 Contact info of data protection officer:

                      E-mail: euprivacy@dxn2u.com

Phone: +604 771 6688

 

2. Definitions

  1. “personal data:” any information relating to an identified or identifiable natural person (“subject”); an identifiable natural person is someone who can be identified, directly or indirectly, based on, for example, a name, number, location information, online identifier or one or more factors relevant to the natural person’s physical, physiological, genetic, intellectual, economic, cultural or social identity;

  2. “data management:” any automated or non-automated individual or bulk action performed on personal data, such as collection, recording, sorting, segmenting, storing, transformation or modification, retrieval, access, use, disclosure, forwarding, distribution or synchronizing, connecting, restricting, deletion or destroying through any other way of access;

  3. “data controller”: a natural or legal person, public authority, agency or any other body that defines the purposes and methods of personal data management individually or in cooperation with other entities; if the purposes and methods of data management are defined by EU or member state legislation, the Data controller or the special criteria for appointing the Data controller may also be governed by EU or member state law.

  4. “data processor:” a natural or legal person, public authority, agency or any other body that manages personal data on behalf of the Data controller.

  5. “recipient:” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;

  6. “consent of the data subject:” any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

  7. “personal data breach:” a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

 

3. Principles relating to processing of personal data

Personal data shall be:

  1. processed lawfully, fairly and in a transparent manner in relation to the data subject (“lawfulness, fairness and transparency”);

  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (“purpose limitation”);

  3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimisation”);

  4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (“accuracy”);

  5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (“storage limitation”);

  6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (“integrity and confidentiality”).

The controller shall be responsible for, and be able to demonstrate compliance with, paragraph 1 (“accountability”).

The Data controller declares that their data processing practices are in accordance with the principles specified in this section.

 

4. Specific data processing situations

​4.1. Registration and membership

Purpose of data processing: keeping a registry of members, enabling and keeping records of purchases, applying discounts, building the business.

  1. Fact of data collection, the scope of processed data and the purpose of data processing : 

    Personal data

    Purpose of data processing

    Country

    Identification, identifying the HQ associated with the data subject.

    Code and name of sponsor

    Necessary for registration

    Full name

    Identification, secure access to the user account.

    Gender

    Identification

    Date of birth

    Identification, sending gifts

    Personal identification document or passport number

    Identification

    Nationality

    Necessary for effective communication

    Mobile phone number, e-mail address

    Keeping contact, sending system notifications, confirmation and transaction notifications, logging in to the user account

    Language of preference

    Necessary for effective communication

    Name of beneficiary

    Necessary for bonus payment justification

    Relationship

    Necessary for bonus payment justification

    Passport and personal identification document number of beneficiary

    Necessary for bonus payment justification

    address of residence 1, 2, 3 (county, town, zip code)

    Necessary for bonus payment justification

    Time of registration

    Performing a technical action.

    IP address at time of registration

    Performing a technical action.

Data source: taken directly from the data subject.

E-mail addresses do not have to necessarily contain personal data.

  1. Sphere of data subjects: all subjects registered on the website (members).

  2. Period of data processing, deadline for data deletion: If any of the criteria of Article 17(1) of GDPR stand, personal data shall be processed until the subject requests deletion. According to Article 19 of the GDPR, the Data controller shall inform the data subject electronically of the deletion of any personal data provided by the data subject. If the data subject’s request for deletion extends to the e-mail address provided by them, the Data controller shall also delete the e-mail address after the notification. Accounting evidence is excepted, since according to Section 169(2) of Act C of 2000 on accounting, that data must be retained for a period of 8 years. The contractual data of the data subject may be deleted as per the deletion request of the data subject after the expiration of the Statute of Limitations as per the civil code.

The accounting documents underlying the accounting records directly or indirectly (including ledger accounts, analytical records and registers) shall be retained for minimum eight years, shall be legible and retrievable by means of the code of reference indicated in the accounting records.

  1. Potential data controllers authorised to destroy the data, recipients of personal data: The personal data may be processed by the authorised colleagues and data processors of the Data controller in accordance with the contents of the present notice.

  2. The rights of the data subject regarding data processing:

  • The data subject may request access to or rectification, deletion and restriction of processing of the personal data associated with the data subject.

  • The data subject also has the right to data portability, and may withdraw their consent at any time.

  1. The data subject may request access to, deletion, modification or processing restriction of the personal data as well as data portability in the following way:

    Country

    By mail posted to

    Via e-mail to

    Bulgaria

    София 1000

    Ул Ивайло N12 

    Даксен България ЕООД

    order@dxnbulgaria.com

    Czech Republic

    DXN INTERNATIONAL CZ s.r.o. Veslařská 885/206, 637 00 Brno

    dxncz@dxn2u.com

    Greece

    DXN Greece ΤΣΙΜΙΣΚΗ 2 κ ΚΑΤΟΥΝΗ ΤΚ54625 ΘΕΣΣΑΛΟΝΙΚΗ,

    helpdeskgr@dxn2u.com

    Italy

    DXN Italy srl, Via Tigrè 56/58, 00199 Roma

    dxnitaly@dxnitaly.com

    Portugal

    DXN International Spain S.L.U., Azcona 43, Local DXN, 28028 Madrid, Spain

    infospain@dxn2u.com

    Slovakia

    DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 82108 Bratislava

    daxensk@dxn2u.com

    Spain

    Calle Azcona 43, Madrid 28028, España

    atencioncliente@dxn2u.com 

    Hungary

    1066 Budapest, Teréz krt. 8.

    office@dxn.hu

    France DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 821 08 Bratislava, Slovakia daxensk@dxn2u.com
    Germany DXN Deutschland GmbH, Kurfürstendamm 193 c, 10707 Berlin, Germany info@dxn-deutschland.de
    Poland DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 821 08 Bratislava, Slovakia daxensk@dxn2u.com
    United Kingdom DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 821 08 Bratislava, Slovakia daxensk@dxn2u.com
    Netherland DXN Deutschland GmbH, Kurfürstendamm 193 c, 10707 Berlin, Germany info@dxn-deutschland.de

 

  1. Legal basis of data processing:

​7.1. Article 6(1) sections b) and c) of the GDPR,

7.2 Article 13/A(3) of Act CVIII of 2001 on certain issues of electronic commerce services and information society services (Hereinafter: Elcom Act).

For the purpose of providing the service – process personal data indispensable for providing the service for technical reasons. Should other conditions be identical, the service provider shall select and operate the means applied in the course of providing information society service at all times, so that personal data be processed only if it is absolutely indispensable for providing the service or achieving other objectives stipulated in this Act, and only to the required extent and duration.

7.3. In the case of issuing an invoice as per the accounting legislation, Article 6(1) section c).

7.4.In case of enforcing claims arising under contract, 5 years according to Section 6:21 of the Act V of 2013 on the Civil Code.

Section 6:22. [Statute of Limitations]

(1) Unless otherwise provided for in this Act, claims shall lapse after five years.

(2) The period of limitation commences upon the due date of the claim.

(3) An agreement for changing the limitation period shall be executed in writing.

(4) Any agreement excluding prescription shall be null and void.

  1. We hereby inform you that

  • data processing is necessary for the execution of the contract and for providing an offer.

  • you are required to provide personal data so that we may execute your order.

  • in the absence of data provision, we will be unable to process your order.

 

​4.2 Contact

  1. Fact of data collection, the scope of processed data and the purpose of data processing:

    Personal data

    Purpose of data processing

    Name

    Identification

    E-mail address

    Keeping contact, replying to messages

    Phone number

    Keeping contact

    Message content

    Necessary for reply

    Time of contact

    Performing a technical action.

    IP address at time of contact

    Performing a technical action.

 

E-mail addresses do not have to necessarily contain personal data.

  1. Sphere of data subjects: All data subjects who come in contact with the Data controller.

  2. Duration of data processing, deadline for deletion of data: If any of the criteria of Article 17(1) of GDPR are met, personal data shall be processed until the subject requests deletion.

  3. Potential data controllers authorised to destroy the data, recipients of personal data: The personal data may be processed by the authorised colleagues and data processors of the Data controller in accordance with the contents of the present policy.

  4. The rights of the data subject regarding data processing:

  • The data subject may request access to or rectification, deletion and restriction of processing of the personal data associated with the data subject.

  • The data subject also has the right to data portability, and may withdraw their consent at any time.

 

  1. The data subject may request access to, deletion, modification or processing restriction of the personal data as well as data portability in the following way:

    Country

    By mail posted to

    Via e-mail to

    Bulgaria

    София 1000

    Ул Ивайло N12 

    Даксен България ЕООД

    order@dxnbulgaria.com

    Czech Republic

    DXN INTERNATIONAL CZ s.r.o. Veslařská 885/206, 637 00 Brno

    dxncz@dxn2u.com

    Greece

    DXN Greece ΤΣΙΜΙΣΚΗ 2 κ ΚΑΤΟΥΝΗ ΤΚ54625 ΘΕΣΣΑΛΟΝΙΚΗ,

    helpdeskgr@dxn2u.com

    Italy

    DXN Italy srl, Via Tigrè 56/58, 00199 Roma

    dxnitaly@dxnitaly.com

    Portugal

    DXN International Spain S.L.U., Azcona 43, Local DXN, 28028 Madrid, Spain

    infospain@dxn2u.com

    Slovakia

    DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 82108 Bratislava

    daxensk@dxn2u.com

    Spain

    Calle Azcona 43, Madrid 28028, España

    atencioncliente@dxn2u.com 

    Hungary

    DXN Europe Kft. 1066 Budapest, Teréz krt. 8.

    office@dxn.hu

    France DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 821 08 Bratislava, Slovakia daxensk@dxn2u.com
    Germany DXN Deutschland GmbH, Kurfürstendamm 193 c, 10707 Berlin, Germany info@dxn-deutschland.de
    Poland DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 821 08 Bratislava, Slovakia daxensk@dxn2u.com
    Romania Prin poștă la adresa 530210 Miercurea Ciuc, str. Petőfi Sándor, nr.33, jud. Harghita, romania@dxneurope.eu
    Netherland DXN Deutschland GmbH, Kurfürstendamm 193 c, 10707 Berlin, Germany info@dxn-deutschland.de

 

  1. Legal basis of data processing: consent of data subject, Article 6(1) sections a), b) and c). By contacting us, you consent to the processing of your personal data provided to us through the establishing of contact (name, phone number, e-mail address) in accordance with the present policy.

  2. We hereby inform you that

  • the present data processing is based on your consent, or if necessary for giving an offer or required by contractual relationship, it is based on statutory obligation (cooperation).

  • you are required to provide personal data so that you can contact us.

  • in the absence of data provision, we will be unable to contact your Service provider.

 

​4.3. Customer contact

  1. Fact of data collection, the scope of processed data and the purpose of data processing:

    Personal data

    Purpose of data processing

    Name, e-mail address, phone number.

    Keeping contact, identification, fulfilling contractual obligations, business goals.

 

  1. Parties concerned: All data subjects who are in a membership relationship with the Data controller or keep contact with the Data controller by phone/e-mail/in person.

  2. Duration of data processing, deadline for deletion of data: The processing of personal data shall continue until the legal relationship between the Data controller and the data subject is terminated, or in case of contractual relationship, until the statute of limitations as per the civil law lapses.

  3. Potential data controllers authorised to destroy the data, recipients of personal data: The personal data may be processed by the authorised colleagues and data processors of the Data controller in accordance with the above principles.

  4. The rights of the data subject regarding data processing:

  • The data subject may request access to or rectification, deletion and restriction of processing of the personal data associated with the data subject.

  • The data subject also has the right to data portability, and may withdraw their consent at any time.

 

  1. The data subject may request access to, deletion, modification or processing restriction of the personal data as well as data portability in the following way:

    Country

    By mail posted to

    Via e-mail to

    Bulgaria

    София 1000

    Ул Ивайло N12 

    Даксен България ЕООД

    order@dxnbulgaria.com

    Czech Republic

    DXN INTERNATIONAL CZ s.r.o. Veslařská 885/206, 637 00 Brno

    dxncz@dxn2u.com

    Greece

    DXN Greece ΤΣΙΜΙΣΚΗ 2 κ ΚΑΤΟΥΝΗ ΤΚ54625 ΘΕΣΣΑΛΟΝΙΚΗ,

    helpdeskgr@dxn2u.com

    Italy

    DXN Italy srl, Via Tigrè 56/58, 00199 Roma

    dxnitaly@dxnitaly.com

    Portugal

    DXN International Spain S.L.U., Azcona 43, Local DXN, 28028 Madrid, Spain

    infospain@dxn2u.com

    Slovakia

    DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 82108 Bratislava

    daxensk@dxn2u.com

    Spain

    Calle Azcona 43, Madrid 28028, España

    atencioncliente@dxn2u.com 

    Hungary

    DXN Europe Kft. 1066 Budapest, Teréz krt. 8.

    office@dxn.hu

    France DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 821 08 Bratislava, Slovakia daxensk@dxn2u.com
    Germany DXN Deutschland GmbH, Kurfürstendamm 193 c, 10707 Berlin, Germany info@dxn-deutschland.de
    Poland DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 821 08 Bratislava, Slovakia daxensk@dxn2u.com
    Romania Prin poștă la adresa 530210 Miercurea Ciuc, str. Petőfi Sándor, nr.33, jud. Harghita, romania@dxneurope.eu
    Netherland DXN Deutschland GmbH, Kurfürstendamm 193 c, 10707 Berlin, Germany info@dxn-deutschland.de
  2. Legal basis of data processing:

7.1. Article 6(1) sections b) and c) of the GDPR.

7.2. In case of enforcing claims arising under contract, 5 years according to Section 6:21 of the Act V of 2013 on the Civil Code.

Section 6:22. [Statute of Limitations]

(1) Unless otherwise provided for in this Act, claims shall lapse after five years.

(2) The period of limitation commences upon the due date of the claim.

(3) An agreement for changing the limitation period shall be executed in writing.

(4) Any agreement excluding prescription shall be null and void.

  1. We hereby inform you that

  • data processing is necessary for the execution of the contract and for providing an offer.

  • you are required to provide personal data so that we may execute your order/other requests.

  • in the absence of data provision, we will be unable to process your order/other requests.

 

​4.4. Newsletter, DM activity

  1. According to Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities, the User can give express prior consent to the Service Provider conveying advertisements and other mail to the contact addresses given at the time of registration.

  2. Furthermore, taking into account the provisions of the present notice, the Client can give consent to the Service provider processing the Client’s personal data necessary for sending advertising material.

  3. Service provider shall not convey unsolicited advertising messages and the User can unsubscribe from receiving the offers free of charge, without restrictions or justification. In such a case, Service provider will delete all of the Client’s the personal data necessary for sending advertising messages from the register, and will not send further promotional offers to the User. The User may unsubscribe from the advertising messages by clicking on the link in the message.

  4. Fact of data collection, the scope of processed data and the purpose of data processing:

    Personal data

    Purpose of data processing

    Name, e-mail address.

    Identification, ability to subscribe to newsletter.

    Time of subscription

    Performing a technical action.

    IP address at time of subscription

    Performing a technical action.

 

  1. Sphere of data subjects: All data subjects subscribed to the newsletter.

  2. Purpose of data processing: sending electronic advertising messages (e-mail, SMS, push notifications) to the data subject, giving updates and information on products, special offers, new features, etc.

  3. Duration of data processing, deadline for deletion of data: until the consent is withdrawn, i.e. the data subject unsubscribes from the messages.

  4. Potential data controllers authorised to destroy the data, recipients of personal data: The personal data may be processed by the sales and marketing colleagues of the Data controller in accordance with the above principles.

  5. The rights of the data subject regarding data processing:

  • The data subject may request access to or rectification, deletion and restriction of processing of the personal data associated with the data subject, and

  • can object to the processing of their personal data.

  • The data subject also has the right to data portability, and may withdraw their consent at any time.

 

  1. The data subject may express their objection or request access to, deletion, mortification or processing restriction of the personal data as well as data portability in the following way:

    Country

    By mail posted to

    Via e-mail to

    Bulgaria

    София 1000

    Ул Ивайло N12 

    Даксен България ЕООД

    order@dxnbulgaria.com

    Czech Republic

    DXN INTERNATIONAL CZ s.r.o. Veslařská 885/206, 637 00 Brno

    dxncz@dxn2u.com

    Greece

    DXN Greece ΤΣΙΜΙΣΚΗ 2 κ ΚΑΤΟΥΝΗ ΤΚ54625 ΘΕΣΣΑΛΟΝΙΚΗ,

    helpdeskgr@dxn2u.com

    Italy

    DXN Italy srl, Via Tigrè 56/58, 00199 Roma

    dxnitaly@dxnitaly.com

    Portugal

    DXN International Spain S.L.U., Azcona 43, Local DXN, 28028 Madrid, Spain

    infospain@dxn2u.com

    Slovakia

    DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 82108 Bratislava

    daxensk@dxn2u.com

    Spain

    Calle Azcona 43, Madrid 28028, España

    atencioncliente@dxn2u.com 

    Hungary

    DXN Europe Kft. 1066 Budapest, Teréz krt. 8.

    office@dxn.hu

    France DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 821 08 Bratislava, Slovakia daxensk@dxn2u.com
    Germany DXN Deutschland GmbH, Kurfürstendamm 193 c, 10707 Berlin, Germany info@dxn-deutschland.de
    Poland DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 821 08 Bratislava, Slovakia daxensk@dxn2u.com
    Romania Prin poștă la adresa 530210 Miercurea Ciuc, str. Petőfi Sándor, nr.33, jud. Harghita, romania@dxneurope.eu
    Netherland DXN Deutschland GmbH, Kurfürstendamm 193 c, 10707 Berlin, Germany info@dxn-deutschland.de
  2. The data subject may unsubscribe from the newsletter free of charge at any time

  3. Legal basis of data processing: data subject’s consent, Section 6(1) subsections a) and f), and Section 6(5) of the Act XLVIII of 6 on the Basic Conditions and Limitations of Commercial Advertising Activity:

Advertisers, advertising service providers and publishers of advertising shall maintain records on the personal data of persons who provided the statement of consent referred to in Subsection (1) to the extent specified in the statement. The data contained in the aforesaid records – relating to the person to whom the advertisement is addressed – may be processed only for the purpose defined in the statement of consent, until withdrawn, and may be disclosed to third persons subject to the express prior consent of the person affected.

  1. We hereby inform you that

  • data processing is based on Your consent and the legitimate interest of the service provider.

  • you are required to provide personal data if you would like to receive newsletters from us.

  • in the absence of data provision, we will be unable to send you newsletters.

 

​4.5. Handling Complaints

  1. Fact of data collection, the scope of processed data and the purpose of data processing:

    Personal data

    Purpose of data processing

    First name and surname

    Identification, keeping contact.

    E-mail address

    Keeping contact.

    Phone number

    Keeping contact.

    Billing name and address

    Identification; handling any quality complaints, questions and problems arising in relation to the ordered products.

  2. Parties concerned: All data subjects making purchases on the website and making a complaint.

  3. Duration of data controlling, deadline for deletion of data: According to Section 17/A(7) of Act CLV of 1997 on consumer protection, the copies of the complaint report, transcript and the replies given to the complaint must be saved for 5 years.

  4. Potential data controllers authorised to destroy the data, recipients of personal data: The personal data may be processed by the sales and marketing colleagues of the Data controller in accordance with the above principles.

  5. The rights of the data subject regarding data processing:

  • The data subject may request access to or rectification, deletion and restriction of processing of the personal data associated with the data subject, and

  • The data subject also has the right to data portability, and may withdraw their consent at any time.

  1. Country

    By mail posted to

    Via e-mail to

    Bulgaria

    София 1000

    Ул Ивайло N12 

    Даксен България ЕООД

    order@dxnbulgaria.com

    Czech Republic

    DXN INTERNATIONAL CZ s.r.o. Veslařská 885/206, 637 00 Brno

    dxncz@dxn2u.com

    Greece

    DXN Greece ΤΣΙΜΙΣΚΗ 2 κ ΚΑΤΟΥΝΗ ΤΚ54625 ΘΕΣΣΑΛΟΝΙΚΗ,

    helpdeskgr@dxn2u.com

    Italy

    DXN Italy srl, Via Tigrè 56/58, 00199 Roma

    dxnitaly@dxnitaly.com

    Portugal

    DXN International Spain S.L.U., Azcona 43, Local DXN, 28028 Madrid, Spain

    infospain@dxn2u.com

    Slovakia

    DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 82108 Bratislava

    daxensk@dxn2u.com

    Spain

    Calle Azcona 43, Madrid 28028, España

    atencioncliente@dxn2u.com 

    Hungary

    DXN Europe Kft. 1066 Budapest, Teréz krt. 8.

    office@dxn.hu

    France DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 821 08 Bratislava, Slovakia daxensk@dxn2u.com
    Germany DXN Deutschland GmbH, Kurfürstendamm 193 c, 10707 Berlin, Germany info@dxn-deutschland.de
    Poland DAXEN SLOVAKIA s.r.o., Viktorínova ul. 1, 821 08 Bratislava, Slovakia daxensk@dxn2u.com
    Romania Prin poștă la adresa 530210 Miercurea Ciuc, str. Petőfi Sándor, nr.33, jud. Harghita, romania@dxneurope.eu
    Netherland DXN Deutschland GmbH, Kurfürstendamm 193 c, 10707 Berlin, Germany info@dxn-deutschland.de
  2. Legal basis for data processing: Article 6(1) section c) of GDPR and Section 17/A(7) of Act CLV of 1997 on consumer protection.

  3. We hereby inform you that

  • providing personal data is based on legal obligation.

  • the processing of personal data is a prerequisite of signing the contract.

  • you are required to provide personal data so that we can handle your complaints.

  • in the absence of data provision, we will be unable to handle your complaints.

 

5. The recipients to whom the personal data will be disclosed

recipient”: a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not.

​5.1. ​Processors (who process the data on behalf of the controller)

The controller uses processors in order to facilitate its own data processing activities and to fulfil the obligations arising from the contract concluded with the data subject and the legislation.

The controller puts a large emphasis on only employing processors who (that) provide appropriate safeguards for implementation of the technical and organisational measures ensuring the compliance of the processing with the requirements of the GDPR and the data subjects’ rights.

The processor and any person acting under the control of the controller or the processor having access to the personal data will only use the personal data subject to this policy in accordance with the controller’s instructions.

The controller is legally liable for the processor’s activities. The processor will only be liable for any damage caused with the processing if it failed to comply with the obligations set out in the GDPR explicitly for processors or if it acting without regard to or in divergence from the controller’s lawful instructions.

The processor has no substantive decision-making powers with regard to the processing of the data.

The controller may engage a hosting service provider to provide the IT background and a courier service to deliver the products ordered, in which case these parties qualify as data processors.

 

Specific processors

 

Country

Accounting Tasks, invoicing

Bulgaria

Name : „Ен Консулт“ ЕООД

Address : бул. Ген. М. Д. Скобелев №36, ет. 2, ап. 4, София 1606, България, тел.

Contact : +35929202504

Czech Republic

Name : Accero s.r.o

Address : Chochola 3, 624 00 Brno

Greece

Name : http://www.link.com.gr/

Address : Link Building Kanellopoulou 13 Str Thessaloniki,

Contact : +30 2310 285861

Email : link2@link.com.gr

Italy

Name : Studio Angioletti Casiglia

Address : Corso D’Italia, 11 , 00198 Roma

Portugal

Name : CCV-ASESORAMIENTO Y GESTION DE EMPRESAS-

Address : C/Gran Via, 57, 5ª Puerta I. 28013, Madrid

Contact : +34 915478905 (Antonio García)

Slovakia

Name : SERENDIPITY, s. r. o.

Address : Vyšehradská 31, Bratislava

Spain

Name : CCV-ASESORAMIENTO Y GESTION

DE EMPRESAS-

Address : C/Gran Via, 57, 5ª Puerta I. 28013, Madrid

Contact :+34 915478905 (Antonio García)

Hungary

Name : Manage Kft. Fazekas Gábor

Address : 1097 Bp., Tóth K. u. 33.A.

Contact : +36 30 683 8284

Website : info@manage.axelero.net


Online marketing services

Name : Profonte Kft. Szombati Orsolya

Address :1171 Bp., Városligeti fasor 47-49

Contact : +36 20 253 1009

Website :  orsolya.szombati@profonte.hu

United Kingdom

Name : SERENDIPITY, s. r. o.

Address: Vyšehradská 31, Bratislava

Romania

Name : Multiconsult Center SRL

Address: B-dul Fratiei, nr.11, sc.A, ap.1, Miercurea Ciuc, jud. Harghita

Contact :+40-266-372528

Email : gagyi.jolan.reka@gmail.com

France

Name : SERENDIPITY, s. r. o.

Address : Vyšehradská 31, Bratislava

Poland

Name : Abaks

Address : Biuro Rachunkowe "Abaks" Mgr Inż.Grażyna Muszalska

ul. Struga 16 80-116 Gdańsk

 

 

Transfer of data to third parties

third party”: a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;

Third party controllers process the personal data disclosed by us on their own behalf, in accordance with their own privacy policy.

Country

Transportation

Bulgaria

Name : „Лео Експрес“ ЕООД

Address: ул.Владимир Поптомов №4, Димитровград, България, тел.

Contact : +359070010211

Czech Republic

Name : DPD

Address: Depo 1385 Měnín 580, 664 57 Brno, 225 373 373

Greece

Name : ACS courier

Address: ACS IONOS DRAGOUMI 17

Contact : 2310-567912 / 2310-567914

Italy

Name : GLS / CPC srl unipersonale

Address: Via dell'industria Z. I. Poggino, s.nc, 01100 Viterbo VT ( both in the same place)

Slovakia

Name : Direct Parcel Distribution SK s. r. o.

Address: Technická 7, 82107 Bratislava

 

Name : GLS General Logistics Systems

Slovakia,s.r.o.

Address: Lieskovská cesta 13, Lieskovec

 

Name : INSPEKTA SLOVAKIA a.s.

Address: Zelinárska 2, P.O.BOX 56, Bratislava

Spain

Name : Grupo MRW

Address: Avenida de los Toreros, 26. 28028 Madrid.

Contact :+34 917 568 729

Hungary

Name : GLS Magyarország Kft.

Address: 2351 Alsónémedi, GLS Európa u. 2.

Contact :info@gls-hungary.com

France

Name :Direct Parcel Distribution SK s. r. o.

Address : Technická 7, 82107 Bratislava
 

Name :GLS General Logistics Systems Slovakia,s.r.o.

Address : Lieskovská cesta 13, Lieskovec

 

Name :INSPEKTA SLOVAKIA a.s.

Address : Lieskovská cesta 13, Lieskovec

Germany

Name : DHL Paket GmbH

Address: Sträßchensweg 10; 53113 Bonn

Poland

Name : DPD

Address: DPD Polska Sp. z o.o. 02-274 Warszawa ul. Mineralna 15

Romania

Name : GLS Romania SA

Address: Str. Dorobanților 106, Sibiu, jud. Sibiu

Contact :+40-269-501900

E-mail: info@gls-romania.ro

United Kingdom

Name : GLS General Logistics Systems Slovakia,s.r.o.

Address: Lieskovská cesta 13, Lieskovec

Netherland

Name : DHL Paket GmbH

Address: Sträßchensweg 10; 53113 Bonn

 

​5.2.1 Register of members​

5.2. Individual data processors:

The members’ data are recorded by the state of the given member.

  1. The activity carried out by the data processor: Registering members, monitoring the business activities thereof

    1. Name and contact details of data processor:

      Country

      Name

      Registered Office

      Email Address

       

      Bulgaria

      Димитрина Каменова

      София 1000

      Ул Ивайло N12 

      Даксен България ЕООД

      order@dxnbulgaria.com

      Czech Republic

      DXN INTERNATIONAL CZ s.r.o

      Veslařská 885/206, 637 00 Brno

      dxncz@dxn2u.com

      Greece

      Απόστολος Ζαχαριάς

      Θεσσαλονίκη

      helpdeskgr@dxn2u.com

      Italy

      Giuseppe Girlando

      DXN Italy srl, Via Tigrè 56/58

      , 00199 Roma

      dxnitaly@dxnitaly.com

      Portugal

      DXN International Spain S.L.U.

      Azcona 43, Local DXN, 28028 Madrid, Spain

      infospain@dxn2u.com

      Slovakia

      DAXEN SLOVAKIA s.r.o.

      Viktorínova ul. 1, 821 08 Bratislava

      daxensk@dxn2u.com

      Spain

      DXN Internacional Spain SLU

      Calle Azcona 43, Madrid 28028, España

      atencioncliente@dxn2u.com

      Hungary

      DXN Europe Kft.

      1066 Budapest, Teréz krt. 8.

      office@dxn.hu

      France DAXEN SLOVAKIA s.r.o. Viktorínova ul. 1, 821 08 Bratislava daxensk@dxn2u.com
      Germany DXN Deutschland GmbH Kurfürstendamm 193 c, 10707 Berlin, Germany info@dxn-deutschland.de
      Poland DAXEN SLOVAKIA s.r.o Viktorínova ul. 1, 821 08 Bratislava, Slovakia daxensk@dxn2u.com
      Romania DXN Marketing SRL Kft. 530210 Miercurea Ciuc, str. Petőfi Sándor, nr.33, jud. Harghita romania@dxneurope.eu
      United Kingdom DAXEN SLOVAKIA s.r.o. Viktorínova ul. 1, 821 08 Bratislava daxensk@dxn2u.com
      Netherland DXN Deutschland GmbH Kurfürstendamm 193 c, 10707 Berlin, Germany info@dxn-deutschland.de

Data processor declares that he/she controls the data in accordance with the GDPR and these regulations.

  1. The fact of data processing, the scope of the controlled personal data: Personal data provided in section 4.1.

  2. Parties concerned: All the parties having a membership relationship with the data controller.

  3. The purpose of data processing: Registering members, monitoring the business activities thereof, contact, assistance.

  4. Duration of data processing, deadline for deletion of data: 5 years after the termination of the membership relationship, the data processor shall delete the personal data of the party concerned, except those which have to be stored based on a legal obligation.

  5. The legal basis of the data processing: section (1) of article 28 of the GDPR.

  6. Rights of the concerned party:

1. You can get informed of the circumstances of the processing of data,

2. You are entitled to receive feedback from the data controller on whether the processing of your data is in progress, and you can access all the information relating to the processing of data.

3.You are entitled to receive the personal data concerning you in a structured, commonly used and machine-readable format.

4. You are entitled to obtain from the controller without undue delay the rectification of your inaccurate personal data.

 

​5.2.2 Hosting service provider

  1. Activity carried out by the data processor: Hosting service

  2. Name and contact details of data processor:

Name: DXN Marketing Sdn. Bhd. ​

Address: 39, Salween Road, Georgetown, Pulau Pinang, Malaysia 10050

  1. The fact of data processing, the scope of the controlled personal data: All the personal data provided by the concerned party.

  2. Parties concerned: All the parties using the website.

  3. The purpose of data processing: Making the website available, ensuring its proper functioning.

  4. Duration of data controlling, deadline for deletion of data: Data processing lasts until the termination of the agreement between the data controller and the hosting service provider, or until the concerned party requests from the hosting service provider to delete his/her data.

  5. Legal basis for data processing: section f) of paragraph (1) of article 6 of the GDPR, and paragraph (3) of 13/A of Act CVIII of 2001 on certain issues of electronic commerce activities and information society services.

  6. Rights of the concerned party:

1. You can get informed of the circumstances of the processing of data,

2. You are entitled to receive feedback from the data controller on whether the processing of your data is in progress, and you can access all the information relating to the processing of data.

3. You are entitled to receive the personal data concerning you in a structured, commonly used and machine-readable format.

4. You are entitled to obtain from the controller without undue delay the rectification of your inaccurate personal data.

5. You can object to the processing of your personal data.
 

 

​5.3. Data transmission to third party

5.3.1. ​Online payment

  1. Activity carried out by the Addressee: Online payment

  2. Name and contact details of addressee:

Country

Online Payment

Czech Republic

 

Name : l Raiffeisen BANK

Address: Hvězdova 1716/2b, Praha 4, 140 78

Website : https://www.rb.cz/osobni

Website Protection Regulations : https://www.rb.cz/informacni-servis/ochrana-osobnich-udaju/informacni-memorandum

 

France

Name : Paypal

Address: daxensk@dxn2u.com

Website : www.paypal.com

Website Protection Regulations : https://www.paypal.com/hu/webapps/mpp/ua/privacy-full


 

Name : Paiement par carte de crédit

Address: Tatrabanka

Website : www.tatrabanka.sk

Website Protection Regulations : https://www.tatrabanka.sk/web/images/pdf/informacne-memorandum-ochrany-osobnych-udajov.pdf

 

Germany

Name : PayPal

Address: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg

Website : www.paypal.com

Website Protection Regulations : https://www.paypal.com/hu/webapps/mpp/ua/privacy-full 


 

Name : Klarna/Sofort

Address: Sveavägen 46, 111 34 Stockholm, Schweden

Website : https://www.klarna.com/de/

Website Protection Regulations : https://www.klarna.com/sofort/datenschutz/


 

Name : Commerzbank Frankfurt am Main

Address: Commerzbank AG, 60261 Frankfurt/Main

Website : https://www.commerzbank.de/de/metanavigation/kontakt/kontakt.html

Website Protection Regulations : https://www.commerzbank.de/portal/de/footer1/datenschutzhinweise/Datenschutzhinweise.html

 

Greece

BANK TRANSFER

Bank Name: Alpha Bank
IBAN: GR6001404850485002002004317
Bank Account: 485002002004317
SWIFT: CRBAGRAA

Website www.alpha.gr

Website Protection Regulations : https://apps.alpha.gr/GDPR/default.aspx


 

Bank Name: Ethniki Bank (NBG)
IBAN: GR5301102100000021047196973
Bank Account: 21047196973
SWIFT: ETHNGRAA

Website www.nbg.gr
Website Protection Regulations : https://www.nbg.gr/Style%20Library/ReusableContent/Privacy_statement_en.pdf


 

PAY BY CREDIT/DEBIT CARD

Company : DXN GREECE LTD
Address:2 TSIMISKI STR, TK 54625, THESSALONIKI
TEL: +302310551203, +302310551204
FAX: +302310551207
Website https://eworld.dxn2u.com/

Payment through Alpha e-Commerce

https://www.alphaecommerce.gr/vpos/PaymentHandler2 trid=398696571&st=86d61d27ac157c


 

Pay by Masterpass

Company : DXN GREECE LTD
Address:2 TSIMISKI STR, TK 54625, THESSALONIKI
TEL: +302310551203, +302310551204
FAX: +302310551207
Website https://eworld.dxn2u.com/

Payment through Alpha e-Commerce

https://www.alphaecommerce.gr/vpos/PaymentHandler2?trid=398696571&st=86d61d27ac157c

 

Hungary

Name : OTP Bank Zrt.

Address: 1051 Budapest, Nádor utca 16.

Contact :

Website : www.otpbank.hu

Data Protection Regulation : https://www.otpbank.hu/portal/hu/adatvedelem

 

Italy

Name : Paypal.com

Address: Via Roberto Lepetit 8, 20124 Milano (MI)

Website : www.paypal.com

Data Protection Regulation: https://www.paypal.com/hu/webapps/mpp/ua/privacy-full


 

Name : Consorzio Triveneto S.p.A.

Address:Corso Sempione, 55, 20149 Milano (MI)

Website : www.bassilichi.it/consorzio-triveneto

Data Protection Regulation:http://www.bassilichi.it/note-legali-consorzio-triveneto/


 

Name : Banca Monte dei Paschi di Siena

Address: ervizio ICT Compliance, Via Lippo Memmi, 14 , 53100 Siena (SI)

Website : www.mps.it

Data Protection Regulation : https://www.mps.it/privacy.html

 

Poland

Name : Paypal

Address: daxensk@dxn2u.com

Website : www.paypal.com

Data Protection Regulation: https://www.paypal.com/hu/webapps/mpp/ua/privacy-full


 

Name : Płatność kartą kredytową

Address: Tatrabanka

Website : www.tatrabanka.sk

Data Protection Regulation: https://www.tatrabanka.sk/web/images/pdf/informacne-memorandum-ochrany-osobnych-udajov.pdf

Portugal

DXN Internacional Spain S.L.U.

Name : Caixa Bank

Address: C/ Azcona 43, Madrid 28028, España

Website : www.dxn-spain.com

Contact : ES61 2100 0721 0802 0075 0418

 

Romania

Name : Paypal

Website :www.paypal.com

Data Protection Regulation : https://www.paypal.com/hu/webapps/mpp/ua/privacy-full

 

Slovakia

Name : Paypal

Address: daxensk@dxn2u.com

Contact : www.paypal.com

Data Protection Regulation :

https://www.paypal.com/hu/webapps/mpp/ua/privacy-full


 

Name : Platba kreditnou kartou

Address: Tatrabanka

Contact :www.tatrabanka.sk

Data Protection Regulation : https://www.tatrabanka.sk/web/images/pdf/informacne-memorandum-ochrany-osobnych-udajov.pdf

 

Spain

Name : Tarjeta de Crédito

Address: Calle Azcona 43, Madrid 28028, España

 

United Kingdom

 

Name : Paypal

Address : PayPal (Europe) s.à.r.l. et Cie, S.C.A., 22-24-Boulevard Royal l 2449, Lussemburgo.

Website : www.paypal.com

Data Protection Regulation : https://www.paypal.com/hu/webapps/mpp/ua/privacy-full


 

Name : Bank Card Payment

Address : Tatrabanka

Website :www.tatrabanka.sk

Data Protection Regulation :ttps://www.tatrabanka.sk/web/images/pdf/informacne-memorandum-ochrany-osobnych-udajov.pdf


 

 

Netherland

Name : Paypal

Address :PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg

Website : www.paypal.com

Data Protection Regulation : https://www.paypal.com/hu/webapps/mpp/ua/privacy-full


 

Name : Klarna/Sofort

Address :Sveavägen 46, 111 34 Stockholm, Schweden

Website : https://www.klarna.com/de/

Data Protection Regulation :https://www.klarna.com/sofort/datenschutz/


 

Name : Commerzbank Frankfurt am Main

Address :Commerzbank AG, 60261 Frankfurt/Main

Website : https://www.commerzbank.de/de/metanavigation/kontakt/kontakt.html

Data Protection Regulation : https://www.commerzbank.de/portal/de/footer1/datenschutzhinweise/Datenschutzhinweise.html

3. The fact of data processing, the scope of controlled data: e-mail address

4.Parties concerned: All the parties selecting paypal payment on the website.

5. The purpose of data processing: Carrying out online payment, confirming transactions and fraud monitoring (controlling abuses) for the protection of the users.

6. Duration of data controlling, deadline for deletion of data: Last until the payment has been carried out.

7. Legal basis for data processing: section b) of paragraph (1) of article 6 of GDPR. The legal basis is necessary for carrying out the online payment on request of the concerned party.

8. Rights of the concerned party:

  1. You can get informed of the circumstances of the processing of data,
  2. You are entitled to receive feedback from the data controller on whether the processing of your data is in progress, and you can access all the information relating to the processing of data.
  3. You are entitled to receive the personal data concerning you in a structured, commonly used and machine-readable format.
  4. You are entitled to obtain from the controller without undue delay the rectification of your inaccurate personal data.

Other information: Online purchases are carried out through the paypal system. The personal data and bank card data provided when placing the order are forwarded to the American servers of paypal. The personal data so forwarded are treated according to the Data Protection Regulations of paypal.com.

 

6. Handling of Cookies 

  1. The cookies typical of webshops are the so-called “cookies for password-protected work management”, “cookies necessary for shopping cart”, and “safety cookies”, “Necessary cookies”, “Functional cookies”, and “cookies responsible for the management of the statistics of the website” for the use of which prior consent of the data subject is not necessary.

  2. The fact of data processing, the scope of the controlled personal data: Individual identification number, dates, times

  3. Parties concerned: All the parties visiting the website.

  4. The purpose of data processing: Identification of users, registering the “shopping cart” and monitoring visitors.

  5. Duration of data controlling, deadline for deletion of data:

    Type of cookies

    Legal basis for data processing

    Purpose of data processing

    duration

    Scope of controlled data

    Session cookies

    Paragraph (3) of 12/A of Act CVIII of 2001 (Elkertv.) on certain issues of electronic commerce activities and information society services

    The period until

    the closing of the relevant visitor’s session

    connect.sid

     

    Permanent or saved cookies

    Paragraph (3) of 13/A of Act CVIII of 2001 (Elkertv.) on certain issues of electronic commerce activities and information society services

    until the deletion of the concerned party

     

    Statistical cookies

    Paragraph (3) of 13/A of Act CVIII of 2001 (Elkertv.) on certain issues of electronic commerce activities and information society services

    1 to 2 months

     
  6. Potential data controllers entitled to be apprised of the data: By using the cookies, the data controller does not control personal data.

  7. Information on the rights of the concerned parties relating to data processing: Concerned parties can delete the cookies generally under the settings of Data Protection in the menu of Tools/Settings of the browsers.

  8. Legal basis for data processing: No consent is required from the concerned party if the sole purpose of using cookies is carrying out a communication over an electronic communications network, or if it is strictly necessary for providing a service relating to the information society that the subscriber/user expressly requested.

 

7. Use of Google and facebook services

​7.1. Use of Google Adwords Conversion Tracking

  1. The data controller uses “Google Adwords” online advertisement programme, and within the framework thereof it uses the conversion tracking service of Google. Google conversion tracking is the analytics service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google“).

  2. When the User reaches a website through a Google advertisement, a cookie necessary for conversion tracking will be installed on his/her computer. The validity of these cookies is limited and they do not contain any personal data, so the User cannot be identified with them.

  3. When the User is browsing certain pages of the website and the cookie is still valid, Google and the data controller can see that the User clicked on the advertisement.

  4. All Google AdWords customers receive different cookies, so these cannot be tracked through the websites of the customers of AdWords.

  5. Information obtained with the help of conversion tracking cookies serve the purpose of preparing conversion statistics for the customers of AdWords choosing conversion tracking. This is how the customers can get information about the number of users clicking on their advertisements and redirected to a site with a conversion tracking label. However, they cannot get information with which any user can be identified.

  6. If you do not wish to participate in conversion tracking, you can refuse to do so by blocking the option to install cookies in your browser. After this, you will not be in the conversion tracking statistics.

  7. Further information and the data protection statement of Google can be found on the following website: https://www.google.de/policies/privacy/

 

7.2. Using Google Analytics

  1. This website uses the Google Analytics application, which is a service of web analytics of Google Inc. (“Google”). Google Analytics uses “cookies”, text files and saves them on your computer, helping the analysis of the websites visited by the User.
  2. Information created with cookies related to the website used by the User usually get to and are stored on a USA server of Google. By activating IP-anonymity on the website Google abbreviates the IP-address of the User beforehand in the member states of the European Union or in other states participating in the Agreement on the European Economic Area.
  3. The full IP address is only sent to and abbreviated at the USA server of Google in exceptional cases. On behalf of the operator of this website Google shall use this information to assess how the User used the website and to prepare reports for the operator of the website concerning the activity of the website, and to perform further services concerning website and internet use.
  4. Within the framework of Google Analytics the IP address sent by the browser of the User shall not be compared to other data of Google. The User can prevent storage of cookies by setting their browser appropriately, however, we warn you that in this case it can happen that not all functions of this website will be fully usable. You can also prevent Google from collecting and processing data of the User concerning website use by cookies (including the IP address) if you download and install the plugin under the following link. https://tools.google.com/dlpage/gaoptout?hl=hu

 

7.3. Facebook pixel

  1. Facebook pixel is a code that helps to make a report on the website of the conversions, define target audiences, and the owner of the site receives analytical data on the use of the site by the visitors. With the help of a pixel tracking code, Facebook remarketing can show offers, advertisements tailor-made to the visitors of the website on the platform of Facebook. Facebook remarketing list is not suitable for identification. You can find further information of the Facebook pixel here: https://www.facebook.com/business/help/651294705016616

 

​7.4. Social networking sites

  1. Fact of data management, scope of managed data: Registered name and public profile picture of the user on social networking websites such as Facebook/Google+/Twitter/Pinterest/Youtube/Instagram etc.

  2. Parties concerned: All parties are concerned who registered on social networking sites such as Facebook/Google+/Twitter/Pinterest/Youtube/Instagram etc. and “liked” the page of the Service Provider and contacted the data controller through the social networking site.

  3. Purpose of data collection: Sharing, “liking”, following and promoting certain contents, products, promotions of the website or the website itself on the social networking sites.

  4. Duration of the data processing, the deadline for deletion of data, the data controllers entitled to be apprised of the data and information on the rights of the concerned parties relating to the processing of data: The concerned person can get informed of the source of the data, the processing thereof, and the mode and legal basis of the transmission on the relevant social networking site. The data are controlled on the social networking sites, so the regulations of the site apply to the duration, mode of the data processing and to the deletion and modification options of the data.

  5. Legal basis for data processing: the voluntary consent of the concerned person to the processing of his/her data on the social networking site.

 

8. Customer relations and other data managements

  1. If any question arises while using the services of the data controller, or the concerned person has a problem, he/she can contact the data controller via the contacts specified on the website (telephone, e-mail, social networking sites etc.).

  2. No 2 than two years after the disclosure, the data controller shall delete the received e-mails, messages, data provided by phone or via Facebook etc. along with the name, e-mail address and other voluntarily provided data of the interested party.

  3. On the data processing not listed in this prospectus, information will be given when the data is registered.

  4. On the extraordinary request of authorities, or on the basis of legal empowerment, on request of other bodies, Service Provider shall give information, disclose data, transmit data and make documents available.

  5. In these cases, Service Provider shall disclose to the applicant personal data only in such a quantity and to such an extent which is strictly necessary for the purpose of the request, if he/she indicated the precise purpose and the scope of the data.

 

9. Rights of the concerned party

  1. Right of access

You are entitled to receive feedback from the data controller on whether the processing of your data is in progress, and if such a data processing is in progress, you are entitled to obtain access to the personal data and the information listed in this decree.

 

  1. Right to rectification

You are entitled to obtain, on request, from the controller without undue delay the rectification of the inaccurate personal data concerning you. Taking into account the purposes of data processing, you are entitled to require the completion of incomplete personal data, including by means of a supplementary declaration.

 

  1. Right to erasure

You are entitled to require the data controller to erase the personal data concerning you, and the data controller is obliged to erase the personal data concerning you without undue delay under specific conditions.

 

  1. Right to be forgotten

If the personal data were made public by the data controller and if he/she is obliged to delete the personal data, data controller shall, taking into account the available technology and the implementation costs, take the reasonably expectable measures, including technical measures, to inform other data controllers who process the disclosed personal data that you requested the deletion of all links to these personal data or of copies or replicas of such personal data.

 

  1. Right to restriction of processing

You are entitled to require the controller to restrict the processing if one of the following conditions is met:

  • You dispute the accuracy of the personal data, in this case the limitation refers to a period of time which enables the controller to verify the accuracy of the personal data.

  • the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;

  • the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;

  • You have appealed against the data processing; in this case the restriction refers to a period of time it takes to determine whether the legitimate reasons of the data controller outweigh your legitimate reasons.

 

  1. Right to data portability

You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format, and you also have the right to transmit such data to another data controller without hindrance by the data controller who was provided with the personal data (...)

 

  1. Right to object

In case of data processing based on legitimate interest or official authority, as legal basis, you have the right to object, on grounds relating to his or her particular situation, at any time to the (...) processing of the personal data concerning him or her, including profiling based on the mentioned provisions.

 

  1. Protest in case of direct business acquisition

If your personal data is handled for direct business acquisition, you are entitled to protest at any time against the processing of any personal data relating to it, including profiling, if it is related to direct business acquisition. If you object to your personal data being handled for direct business acquisition purposes, your personal information can no longer be handled for that purpose.

 

  1. Automated decisions in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

The preceding paragraph shall not apply if the decision is:

  • Necessary to conclude or complete a contract between you and the data controller;

  • made possible by the law of the Union or of the Member States applicable to the data controller, which also lays down appropriate measures to protect your rights and freedoms and legitimate interests; or

  • Is based on your explicit consent.

 

10. Deadline for action

The data controller shall inform you, without undue delay, within 1 month of receipt of the request, of the measures taken on the above applications.

If necessary, it may be extended by 2 months. The controller will inform you about the extension of the deadline by indicating the cause of the delay within 1 month of receipt of the request.

If the data controller fails to take measures upon your request, he or she will notify you without delay and at the latest within one month of the receipt of the request for reasons of non-action and whether you may file a complaint with a supervisory authority and exercise his or her remedy.

 

11. Security of data processing

The data controller and the data processor shall take appropriate technical and organizational measures to take into account the state of science and technology and the costs of implementation, the nature, scope, circumstances and objectives of data management and the risk of varying probability and severity of natural persons' rights and freedoms to guarantee an adequate level of data security, including, among other things, where appropriate:

  1. the pseudonymization and encryption of personal data;

  2. ensuring the continuous confidentiality, integrity, availability and resilience of the systems and services used to manage personal data;

  3. in the case of physical or technical incidents, the ability to restore access to personal data and the availability of data in a timely manner;

  4. a method for systematically testing, assessing and evaluating the effectiveness of technical and organizational measures to ensure the security of data processing.

 

12.Inform the person concerned about the privacy incident

If the privacy incident is likely to pose a high risk to the rights and freedoms of natural persons, the data controller shall inform the data subject of the data protection incident without undue delay.

Information given to the data subject should be clear and easy to understand and the nature of the privacy incident must be disclosed and the name and contact details of the Data Protection Officer or other contact person providing additional information should be disclosed; the likely consequences of a data protection incident should be described; the measures taken or planned by the data controller to remedy the data protection incident, including, where appropriate, measures to mitigate the potential adverse effects of the data protection incident.

The person concerned shall not be informed if any of the following conditions is met:

  • the data controller has implemented appropriate technical and organizational protection measures and applied those measures to the data covered by the data protection incident, in particular measures such as the use of encryption that render the data unintelligible to any person who is not authorised to access the data;

  • after the data protection incident, the data controller has taken further measures to ensure that high risk for the rights and freedoms of the person concerned is no longer likely to occur;

  • the information would require disproportionate effort. In such cases, the data subject shall be informed by means of publicly disclosed information or a similar measure shall be taken to ensure that such information is equally effective.

If the data controller has not yet notified the data subject of the data protection incident, the supervisory authority may, after considering whether the privacy incident is likely to pose a high risk, may order the information of the data subject.

 

13. Report a privacy incident to the authority

The data protection incident shall be reported to the supervisory authority under Article 55 without undue delay and, if possible, no later than 72 hours after the data protection incident becomes known, unless the data protection incident is unlikely to pose a risk to the rights of natural persons and freedom. If the notification is not filed within 72 hours, the reasons for proving the delay must also be enclosed.

 

14. Possibility to lodge a complaint

You can lodge a complaint against a possible infringement of the data controller with the National Data Protection and Information Authority:

Country

Name

Address

Tel :

Fax :

Email

Bulgaria

Национален орган за защита на личните данни и информацията

София 1592, бул. „Проф. Цветан Лазаров” №.2

Tel : 02/91-53-518

 

kzld@cpdp.bg

www.cpdp.bg

 

Czech Republic

Úřad pro ochranu osobních údajů

Pplk. Sochora 27, 170 00 Praha 7

Korespondenční adresa: Pplk. Sochora 27, 170 00 Praha 7

Tel: +420 234 665 800

Fax: +420 234 665 444

posta@uoou.cz

France

CNIL – Commission Nationale de l´Informatique et des Libertés

3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07, France

Tel : + 33 (0)1.53.73.22.22

 

Fax: + 33 (0)1.53.73.22.00

 

Germany

Nationaler Datenschutz und InformationBehörde

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Maja Smoltczyk
Friedrichstr. 219
10969 Berlin

Tel.: +49 (0)30 13889-0
Fax: +49 (0)30 2155050

mailbox@datenschutz-berlin.de

Greece

Αρχή Προστασίας Δεδομένων Προσωπικού Χαρακτήρα,

Κηφισίας 1-3, Τ.Κ. 115 23, Αθήνα

Tel : +30-210 6475600

Fax : +30-210 6475628

contact@dpa.gr

Hungary

Nemzeti Adatvédelmi és Információszabadság Hatóság

1125 Budapest, Szilágyi Erzsébet fasor 22/C.

Levelezési cím: 1530 Budapest, Postafiók: 5.

Tel: +36 -1-391-1400

Fax: +36-1-391-1410

ugyfelszolgalat@naih.hu

 

Italy

Garante per la protezione dei dati personali

Piazza di Monte Citorio, 121 - 00186 Roma (RM)

Numero di telefono: +39 - 06.696771 / 06.69677.2917

Fax: +39 - 06.69677.3785

garante@gpdp.it

Poland

Biuro Generalnego Inspektora Ochrony Danych Osobowych
 

ul. Stawki 2

00-193 Warszawa

tel. 22 531 03 00
fax. 22 531 03 01

kancelaria@giodo.gov.pl

Portugal

Comissão Nacional de Protecção de Dados - CNPD

R. de São. Bento, 148-3°
1200-821 Lisboa

Tel. +351 21 392 84 00


Fax +351 21 397 68 32

geral@cnpd.pt 

Romania

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

B-dul G-ral. Gheorghe Magheru 28-30,

Sector 1, cod postal 010336

Bucuresti, România

Tel:  +40-318.059.211,

     : +40-318.059.212

 

Fax: +40-318.059.602

anspdcp@dataprotection.ro

Slovakia

Úrad na ochranu osobných údajov Slovenskej republiky

Hraničná 12
820 07 Bratislava 27
Slovenská republika

Tel. + 421 2 32 31 32 14

statny.dozor@pdp.gov.sk

Spain

Agencia Española de Protección de Datos

C/ Jorge Juan, 6
28001-Madrid

Tel : 901 100 099

Fax : 91 266 35 17

 

United Kingdom

 

Information Commissioner's Office

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113 (local rate)
or
01625 545 745 (national rate)

Fax: 01625 524 510

 

Netherland

 

Autoriteit Persoonsgegevens
 

Prins Clauslaan 60

P.O. Box 93374
2509 AJ Den Haag/The Hague

Tel. +31 70 888 8500
Fax +31 70 888 8501

info@autoriteitpersoonsgegevens.nl

 

 

15. Closing remarks

During the preparation of the prospectus we have been following the following legislation:

  • REGULATION (EEC) No 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (27 April 2016) on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Regulation (EC) No 95/46 (General Data Protection Regulation).

  • Act CXII of 2011 on Information Self-Destruction and Freedom of Information (hereinafter: Info Act).

  • Act CVIII of 2001 on Electronic Commerce Services and Information Society Services (in particular paragraph 13/A)

  • Act XLVII of 2008 on the Prohibition of Unfair Commercial Practices against Consumers;

  • Act XLVIII of 2008 on the Basic Conditions and Limitations of Commercial Advertising Activity (in particular paragraph 6)

  • Acct XC of 2005 on Electronic Freedom of Information

  • Act C of 2003 on Electronic Communications (specifically paragraph 155)

  • Opinion 16/2011 on the EASA/IAB Recommendation on Best Practice in Behavioral Online Advertising

  • Recommendation of the National Data Protection and Information Authority on the data protection requirements for prior information

  • Regulation (EU) 2016/679 of the European Parliament and of the Council (27 April 2016) on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Regulation (EC) No 95/46.

18 May 2018

 

DXN Marketing Sdn. Bhd.