Privacy policy

www.konto-acoustics.com – PRIVACY POLICY

Key Properties Kft. as “Data controller” (registered office: 1054 Budapest, Aulich utca 3. IV. em. 4.; e-mail: info@konto-acoustics.com) While operating our site (website) www.konto-acoustics.com we pay special attention to the privacy and processing of your personal data. Our privacy policy provides detailed information about what personal data of our customers and website users, and on which legal grounds, and for what purposes your personal data are used, to whom we may transfer those data and what rights you have in relation to the processing of your personal data.

Due to changes in the relevant legal regulations, our privacy policy may have to be updated or amended, of which we will notify you immediately. If your consent is specifically required for any such update or amendment, we will ask for your consent to processing the data again.

Data processing is carried out primarily in accordance with the General Data Protection Regulation of the European Union (Regulation (EU) 2016/679 of the European Parliament and of the Council, hereinafter referred to as GDPR), and all other relevant legal rules of the EU and Hungary. The Hungarian text of the GDPR is available here.

Data processing activities are not only provided for by the GDPR, but also the Hungarian law, in particular

  • Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (Info Act),
  • Act V of 2013 on the Civil Code (Ptk.),
  • Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities (Grt.),
  • Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Information Society Services (“Ekertv” Act).

Within the meaning of the relevant legal regulations, our data processing activities comply with the data protection principles set forth in the GDPR, according to which, the personal data shall be:

  • processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
  • collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’);
  • adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
  • accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);
  • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’);
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
  • The controller shall be responsible for and be able to demonstrate compliance with the above-mentioned requirements (‘accountability’).

1. Which personal data do we process?

Upon providing access to our services, we collect different types of data such as name and e-mail address.

The followings are considered as personal data:

  • credentials such as first name and last name (name), e-mail address, invoice address and delivery address;
  • contact details meaning personal data that render it possible to keep in contact with the data subject; e.g.: e-mail address, telephone number,
  • order details that are details concerning the product/services ordered and the method of payment and delivery including bank account number and information about complaints;
  • information collected in the course of customers’ using customer service such as recorded conversations.

2. On which legal ground do we process personal data?

We process personal data in different situations and for different purposes. If you

  • use our website’s sample sending or newsletter service,
  • make a purchase or request a quotation, we process your data in order to deliver your order, protect our legitimate interests and fulfil our statutory obligations.

Personal data are processed for different purposes and on different legal grounds, about which, please, find further details below:

Data Processing ActivityPurpose of Data ProcessingLegal GroundsSet of the Personal Data ProcessedDuration of Data Processing
Request for a quotation, order, purchaseto provide information, enforce legal claims and manage consumer rights in relation to orders, purchases and the performance of a contractconclusion of contracts and our legitimate interestscredentials, orders and contact detailsgeneral limitation period of 5 yrs. + 1 year following the last purchase
Invoice datato issue invoicesdata processing ordered by lawcredentialsa period laid down by law, but no longer than 10 years
Sample requests, newsletter serviceto keep in contact, to send out discount and promotion alertsdata subject’s consentcontact details, settings, behavioural profile, other derived datauntil withdrawal of consent
Processing for customer serviceto process consumer requests and handle complaints, record orders, maintain/upgrade the quality level of the service, adjust/increase service levelconclusion of contracts and our legitimate interestscredentials, order details, contact details, information collected in the course of consumers using customer service1 year as regards to data on handling complaints; a general limitation period of 5 years + 1 year in respect of order details
Processing log filesto protect the IT systemour legitimate interests in IT-securitybehavioural profile5 years

3. Data processing

All data recorded on our servers are processed by ourselves as the data controller. It means that we define the intended purpose of personal data, the tools for data processing, and we are responsible for the compliance of processing.

In most cases, your data are processed for our own purposes. In such cases, your data are transferred to our business partners so that you are provided with a payment facility, delivery and all other conditions underlying the fulfilment of your order. Your data are also transferred to our own data processors, who process your personal data in line with our clear instructions. Based on your consent, your data may also be transferred to social media and advertising sites that will provide you with customized advertisements based on your interest.

In case a processor is involved, pursuant to Article 28 of GDPR, processing by such a processor shall be governed by a written contract, of which we shall notify you:

  • our partner hosting our website is Tarhely.eu.Kft. (1538 Budapest, Pf. 24. www.tarhely.eu)
  • suppliers and operators of the camera and access control system installed on our site.

Your personal data are exclusively stored on servers within the borders of the EEA (European Economic Area, i.e. the EU plus Iceland, Norway and Lichtenstein). Your personal data are stored on servers that we operate ourselves. For security reasons, we only temporarily store data on external servers.

We will notify you of any possible international data transfer and, where necessary, will ask for your express consent thereto.

4. Use of Cookies

Whenever a user visits our website, he/she consents to the website’s sending one or more cookies – a small file containing a series of characters – to his/her computer, so that the browser running thereon is uniquely identifiable.

These cookies are provided by Google, Facebook and ourselves. The former ones are used via Google AdWords and Facebook Pixel, whereby the latter ones are applied in the webshop. Cookies are only sent to a user’s computer when specific sites are visited, and only the act and the dates of such visits will be stored therein, no other data or information will be available via these cookies.

Cookies are used as follows: by means of cookies, external service providers store activity information on any user’s previous visits to an advertiser’s website, and based thereon, show interest-based advertisements to such users on the websites of their partners. Users can disable Google cookies on the Google Ad Settings page (here you may also offer users the opportunity to disable cookies from external service providers on the opt-out page of the Network Advertising Initiative).

Cookies used: analytics, tracking, traffic log, login and user ID session cookie. The “Help” menu in most browsers’ scroll-down menu bar provides information on how to ban unwanted cookies, how to accept new cookies and how to disable other cookies.

For the measurement of website analytics, we use Google Analytics, the web analytic tool provided by Google Inc. (“Google”). Google Analytics works using cookies, i.e. text files that are stored in users’ computers and render it possible for us to monitor and analyse user activity on our website. All the information recording the visit and use of a website by a user that are created by cookies are supposed to be stored on Google’s servers. A user’s IP-address, however, is stored in a short format on a server within the borders of the European Economic Area. The entire IP-address only lands and gets shortened on Google’s servers in the US in special cases. Google uses this type of information to evaluate the website use by a user, provide reports on site activity and render further services to the site’s operator in relation to the use of the website. Under Google Analytics, the IP address received from a user’s browser will not be combined with further Google data. A user may block storage of cookies by setting his/her browser accordingly. Furthermore, a user may also ban any transfer or processing of the data (i.e. IP address) keeping track of the use of the website and created by cookies, by downloading and installing a browser plugin from the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

Google AdWords remarketing: External service providers (such as Google) use these cookies to store information on any user’s previous visits to the advertiser’s website and on grounds thereof, show interest-based advertisements to the user on the websites of their partners (including Google).

Facebook Pixel remarketing: Our website uses Facebook cookies and Facebook Pixel. Facebook Pixel is a code by means of which, and upon visiting our website, reports are made on conversions, target groups may be built, and detailed analytics are prepared about visitors who browse on our website. The information collected is used to display ever more relevant advertisements on the Facebook ad channels. In the course of using Facebook Pixel, no data identifying visitors are transferred to Facebook. If, however, while browsing on our website you are also logged in to other Facebook services, Facebook as data controller may identify you and track your activity on the konzolvilag.hu website. For further information on Facebook Pixel, go to https://www.facebook.com/business/help/651294705016616.

5. TRANSFER OF PERSONAL DATA TO AUTHORITIES

In case of an official court order or investigation of an authority, we may disclose the personal data stored by ourselves and requested by the authority or court on grounds of point c) of Article 6 (1) of GDPR, provided the authority or court duly refers to the legal basis of such data transfer. On condition that the exact purpose and set of data are referred to in the relevant request, the data controller will only disclose the amount of personal data and to the extent to which any court or authority states that they are absolutely indispensable. Prior to rendering any data to a court or authority, we will first examine whether all the conditions of such an act are in place and if they are, we will then satisfy the relevant request.

6. SECURITY OF PERSONAL DATA

We select and operate the IT devices used in processing personal data in a way that (i) they are accessible for the authorized (availability); (ii) the authenticity and authentication thereof are ensured (authenticity); (iii) their being unreplaced is verifiable (integrity); (iv) they are protected against unauthorized access (confidentiality).

We implement appropriate technical and organisational measures to protect the security of personal data that ensures a level of security appropriate to the risk arising in relation to personal data storage and, in the course of processing, preserves (i) confidentiality: prevents unauthorised access to, or use of, personal data; (ii) integrity: protects the accuracy and completeness of the information and the method of processing; (iii) availability: ensures that the authorised user, when in need, can really access the requested information and the underlying devices supporting this act are in place.

The IT system and network of the data controller are protected against computer-aided fraud, spying, sabotage, vandalism, fire and flood, as well as different types of computer viruses, computer hacking and attacks leading to service denial. The data controller ensures security by using server-level and application-level protection.

In the case of a personal data breach, the data controller, taking into account the recommendations of the Data Protection Officer (DPO), takes all the measures required by the GDPR, cooperates with the User(s) and declares that they have an appropriate policy in place for the management of such breaches.

7. LEGAL REMEDIES

In order to be able to exercise the below rights, please, contact us via e-mail sent to info@konto-acoustics.com. You have the right:

  1. to obtain from the controller confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data (right to access within the meaning of Article 15 of GDPR),
  2. to obtain the rectification of inaccurate or the completion of incomplete personal data (right to rectification within the meaning of Article 16 of GDPR),
  3. to obtain from the controller the erasure of personal data concerning you without undue delay and, where your personal data have been made public, to request the controller to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data (right to erasure within the meaning of Article 17 of GDPR)
  4. to obtain from the controller restriction of processing (right to restriction of processing within the meaning of Article 18 of GDPR, Privacy Act);
  5. to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided (right to data portability within the meaning of Article 20 of GDPR),
  6. to object to processing of the personal data concerning you (right to object within the meaning of Article 21 of GDPR),
  7. to withdraw your consent at any time, which, however, shall not affect the lawfulness of processing based on consent before its withdrawal (right to withdraw consent within the meaning of Section (3) of Article 7 of GDPR),
  8. to lodge a complaint with a supervisory authority, if you consider that the processing of your personal data infringes the relevant Regulation (right to lodge a complaint with a supervisory authority within the meaning of Article 77 of GDPR).

You may unsubscribe from our newsletter service by clicking on the link at the bottom of each newsletter.

All your requests on how to exercise your rights in relation to data processing will be handled without delay, but no later than within one month. In exceptional cases, if in particular your request proves to be complex, we reserve the right to extend this period by two more months. We will certainly notify you of any such extension and our reasons therefor. Within the meaning of your right to access, you may request copies of your processed personal data. The first copy will be provided free of charge, whereas the data controller may charge you for all further copies.

You have the right to lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (HU-1125 Budapest, Szilágyi Erzsébet fasor 22/c, telephone: +36 (1) 391-1400, fax: +36 (1) 391-1410, email: ugyfelszolgalat@naih.hu, website: www.naih.hu) on our processing activity and to initiate proceedings against us for judicial remedy before the courts. Proceedings for judicial remedy may be initiated before a court as per your temporary or permanent address. If the data controller causes you damage by unlawfully processing your personal data or infringing the data security requirements, it shall be held liable to pay you compensation. Furthermore, if the data controller infringes your right to privacy, you may claim a grievance fee.

(c) Key Properties Kft. – www.konto-acoustics.com

All rights reserved!

Further notes for website users:

In the duration of this Contract, Key Properties Kft. (1054 Budapest, Aulich u. 3. II/2.) shall process your personal data that you supplied above in order to perform its contractual obligations and to keep in contact, as well as for the purpose of consumer protection for a general limitation period of 5 (five) plus 1 (one) years. For the purposes of invoicing and fulfilling statutory obligations, we shall process your name and your address that you indicated as the invoicing address for a period of 10 (ten) years. Further information on personal data processing is available on our website. For direct marketing purposes and subject to our legitimate interests, we may send you information on our products and services that you may disable by way of a separate e-mail sent to us. Upon accepting our price quotation, you declare to have learnt our privacy policy published on this website.

I agree to receive promotional e-mails and product samples

Based on your consent indicated by the above sentence, we shall process your e-mail address as personal data for direct marketing purposes (newsletter). You may unsubscribe from our newsletters by sending a separate e-mail to us. Further information on personal data processing is available in our website’s Privacy Policy section.

Keep my order details 

Based on your consent indicated by the above sentence, we shall store your data received upon making an order and make those accessible to you until further notice and beyond the retention period. Further information on personal data processing is available in our website’s Privacy Policy section.

Cookie information

Our website uses cookies to identify which pages are used and to which extent (necessary cookies), and to show you relevant advertisements and information (remarketing cookies) based on your interests. For further information, please check above, section 4. cookies.

Cookie settings

Remarketing cookies

These cookies are placed on our website by third parties. Cookies enable us to generate interest-based online advertisements on websites other than ours that are based on information such as visits tracked on our website. Cookies may be created by third-party service providers such as social media and left on our website.

Facebook Pixel

Google Ads

Strictly necessary cookies

These cookies are essential to provide you with properly operating online services, thus enabling you to use the services we offer you. If these cookies are disabled, you will not be able to use our website.

Google Analytics

Session cookies

SimplePay Policy

By using OTP SimplePay the customer acknowledges the following personal data stored in the user account of Key Properties Kft., 1054 Budapest, Aulich utca 3. IV. em. 4. in the user database of https://konto-acoustics.com/
will be handed over to OTP Mobil Ltd. and is trusted as data processor. The data transferred by the data controller are the following:

Name (Company), Phone, Country, State, City, Zip, Address 1, Address 2

The nature and purpose of the data processing activity performed by the data processor in the SimplePay Privacy Policy can be found at the following link:
http://simplepay.hu/vasarlo-aff