The purpose of this Privacy Notice (“Privacy Notice”) is to provide you basic information about how QX World Kft. processes your data when you visit and use https://www.qxworld.eu/ (“Website”). The Privacy Notice helps you to better understand how we use your personal data and explains how we collect and use it for and with whom it is shared.
1. CONTACT DATA OF THE CONTROLLER
Name: QX WORLD Kft.
Seat: Hungary, 1095 Budapest, Tinódi utca 1-3. A. ép. IV. em. 93. ajtó
Company reg. no.: 01-09-296566
email: [email protected]
(hereinafter: “Controller” vagy “we” vagy “us”)
2. PuRPOSE AND LEGAL BASIS OF THE PROCESSING, THE RETENTION PERIOD
Please find detailed information below on the data processing activities of the Controller.
|
Purpose of the processing |
Personal data processed |
Legal basis |
Retention period |
|
Website operation and managing your visit |
End-user data (including cookies, technical data related to website visits, particularly IP address, language, and browser version) |
EU Regulation 679/2016 ("GDPR") Article 6(1)(f) – Our legitimate interest in placing certain data related to the operation of the Website on your end-user device to ensure the basic functioning of the Website.. |
For as long as necessary to achieve the purpose of data processing, primarily until the end of the Website visit. |
|
Customer service activities (Zendesk) |
(i) Identification data (e.g., name, username (if registered)) (ii) Contact data (e.g., email address, phone number, address) (iii) Content of communication |
Article 6 (1) b) GPDR – the processing of your data is necessary for the execution and fulfilment of the related Website General Terms and Conditions as a contract and to access the services of the Website |
5 years from the termination of the contract or until it is necessary for the purpose of the processing (if no contract has been concluded); or until 5 years following from the deletion of the user account (general statutory limitation period) |
|
Handling/continuing communication if you express general interest in our products and services (e.g., providing product information, information requests) |
(i) Identification data (e.g., social media username) (ii) Contact data (e.g., email address) (iii) Content of communication |
GDPR Article 6(1)(f) – The Controller’s legitimate interest (ensuring smooth communication with customers). |
For as long as necessary to respond. |
|
Registration at the Website |
Name, address, phone number, Skype, email address, degrees, qualifications |
Article 6 (1) b) GPDR – the processing of your data is necessary for the execution and fulfilment of a contract |
For 5 years from the deletion of the user account (until the general statute of limitations period of 5 years expires) |
|
Data analysis for Website and service improvement, marketing activities, enhancing customer relations and experiences |
End-user data (e.g., cookies, technical data related to website visits, particularly IP address, language, and browser version) |
Article 6 (1) a) GDPR – consent
You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. |
Until the withdrawal of consent. |
|
Processing and fulfillment of online purchases (order tracking, purchase record-keeping, identification, confirmation) |
(i) Identification data (e.g., name, company name, username) (ii) Contact data (e.g., email address, phone number, address) (iii) Transaction data (e.g., payment information) (iv) Tax ID (v) Shipping address |
Article 6 (1) b) GPDR – the processing of your data is necessary for the execution and fulfilment of the related contract |
General statute of limitations (5 years). |
|
Handling online payments and invoicing |
(i) Identification data (e.g., name, company name, username) (ii) Contact data (e.g., email address, phone number, address) (iii) Transaction data (e.g., payment information) (iv) Tax ID (v) Billing address |
GDPR Article 6(1)(c) – legal obligation |
For invoicing-related data, 8 years (based on Section 169(2) of the Accounting Act of 2000). |
|
Delivery of purchased products |
(i) Identification data (e.g., name, username) (ii) Contact data (e.g., email address, phone number, address) |
Article 6 (1) b) GPDR – the processing of your data is necessary for the execution and fulfilment of the related contract |
General statute of limitations (5 years). |
|
Downloading purchased books or other materials from the Website |
Name, address, qualifications (optional); place of residence (country) |
Article 6 (1) b) GPDR – the processing of your data is necessary for the execution and fulfilment of the related contract |
[*] |
|
Complaints hanlding related to purchased products |
(i) Identification data (e.g., name, username) (ii) Contact data (e.g., email address, phone number, address) (iii) Transaction data (iv) Consumer complaint and resolution-related data |
GDPR Article 6(1)(c) – legal obligation: based on Section 17/A of Act CLV of 1997 on Consumer Protection |
3 years: based on Section 17/A of the Consumer Protection Act (Act CLV of 1997) |
|
Contacting you, sending newsletters (via email) regarding the Controller’s and Other parties’ products and services to make suggestions on products/services that may interest you |
(i) Identification data (e.g., name, username) (ii) Contact data (e.g., email address) |
Article 6 (1) a) GDPR – consent
You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. |
Until the withdrawal of consent. |
|
Creating advertising audiences based on browsing activity on the Website using Meta Pixel (Facebook Pixel) |
Data generated by Meta Pixel (Facebook Pixel) during the user’s logged browsing activity on the website: user IP address, website usage time, browser used, viewed content, and other actions such as adding products to the cart, making purchases. Facebook identifies advertising audiences in aggregate form based on these data. |
Article 6 (1) a) GDPR – consent
You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. |
Until the withdrawal of consent. |
In case your personal data is necessary to fulfil a legal obligation or to conclude / perform an agreement and you refuse to provide your data, then the Controller might not be able to perform the agreement (i.e. the provision of the service is not possible).
3. DATA RECIPIENTS
A) Meta Pixel
The Meta Pixel is a piece of code that allows reporting on conversions, creating audiences, and providing the website owner with detailed analytical data on visitor website usage. With the Meta remarketing pixel tracking code, personalized offers and advertisements can be displayed to website visitors on the Facebook platform. The Facebook remarketing list is not intended for personal identification. For more information about Meta Pixel, please visit: https://www.facebook.com/business/help/651294705016616.
The Meta Pixel (formerly known as Facebook Pixel) service is provided by Meta Platforms Ireland Limited (headquartered at Block J, Serpentine Avenue, Dublin 4, Ireland; hereinafter referred to as "Meta Ireland"). In relation to the personal data processed by the Meta Pixel, the Data Controller and Meta Ireland are considered joint controllers, and their rights and obligations related to data processing are regulated by a joint controller agreement. The joint controller agreement ("Controller Addendum") can be found here: https://www.facebook.com/legal/controller_addendum.
For more information about Meta Ireland’s data processing activities, please visit: https://www.facebook.com/about/privacy.
B) Data processors
We work with companies that help us run the Website and render the service. These companies provide services such as delivering customer support, home delivery and sending emails on our behalf (these are called data processors). In some cases, these companies have access to some of your personal information in order to provide services to you on our behalf. They are not permitted to use your personal data for their own purposes.
Data processors engaged by the Controller:
|
NAME |
ADDRESS |
ACTIVITY |
|
Wise Digital Kft. |
1033 Budapest, Csikós utca 8. 1. em. 11. ajtó
|
Marketing agency |
|
Budapest Consulting Kft. |
1125 Budapest, Istenhegyi út 101/D. |
Accounting services
|
|
KBOSS.hu Kft. |
1031 Budapest, Záhony utca 7. |
Providing a platform for invoicing (Számlázz.hu) |
|
MailChimp (The Rocket Science Group, LLC.) |
675 Ponce de Leon Ave NE Suite 5000 Atlanta, GA 30308 USA |
Sending newsletters |
In addition to the above, for the delivery of the products you order from us, we use courier services (such as FedEx, UPS), which also act as our data processors.
C) Disclosure to other data controllers
In other cases, we provide your data to other entities to use such data under their own name and for their own purposes. Sometimes we may need to do this to comply with a legal obligation (such as when we need to provide certain transactional, technical or identity data to the police or other authorities), and in other cases, we rely on other legal grounds, such as our legitimate interests or your consent.
4. DATA TRANSFERS
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
(i) we may transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
(ii) by way of entering into appropriate data transfer agreements based on Standard Contractual Clauses as referred to in Article 46(5) GDPR or other adequate means, we have established that all other recipients located outside the EEA will provide an adequate level of data protection for the personal data and that appropriate technical and organizational security measures are in place to protect personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing.
The Rocket Science Group LLC d/b/a MailChimp is listed on the "Data Privacy Framework List" (https://www.privacyshield.gov/EU-US-Framework) established under the US-EU privacy framework agreement, which means it provides an adequate level of protection. Therefore, pursuant to Article 45(1) of the GDPR, personal data may be transferred to it.
Please do contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
5. Data subjects’ rights
|
Right |
What does it mean? |
|
Right of access |
You have the right to access your personal data, including requesting information on whether we processes your data, which data are processed, etc. |
|
Right to rectification |
You have the right to the correction of your personal data. This enables you to ask that any incomplete or inaccurate data we hold about you be corrected. |
|
Right to erasure (right to be forgotten) |
Subject to certain conditions and in certain cases, you have the right to the erasure of your personal data. This means that you may request that we delete your personal data that we may have processed unlawfully or where the use of your data is no longer needed for a purpose. Please keep in mind that we may not be able to meet your request for specific legal reasons that will be notified to you, if applicable. |
|
Right to restriction of the processing |
You may also request the restriction of the processing of your personal data. For instance, you may request that we suspend the processing of your personal where our use of the data is unlawful but you do not want us to delete it. We restrict the processing of your personal data for a period to verify the accuracy of such data if you request to obtain the restriction of the processing of your personal data, and you challenge the accuracy of such data. We restrict the processing of your personal data if you request to obtain the restriction of the processing of such data, the processing of which is unlawful, and you opposes the erasure of such data. We restrict the processing of your personal data if we do not need such data for the purposes of the processing, but you require your data for the establishment, exercise or defence of legal claims. We restrict the processing of your personal data if you object to the processing of your personal data that are necessary for the purposes of the legitimate interests that we pursue, and you wait to verify that the processing of your personal data has a legitimate ground that does not override your objection |
|
Right to data portability |
Where the processing of your data is either based on your consent, or is necessary for the performance of a contract, you may request the provision of your personal data that you have provided to us in a standard format, and you may also request that such data be transferred to another entity. |
|
Right to object |
Importantly, when we process your data on the basis of our legitimate interests you may object to such processing and request that any of those activities be stopped. In such cases we shall no longer process your personal data, unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. |
|
Right to withdraw your consent |
You may withdraw your consent at any time (under the following contact details) where we rely on your consent for processing your data. Remember that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. – Email: [email protected] – Per post: Hungary, 1095 Budapest, Tinódi utca 1-3. A. ép. IV. em. 93. ajtó – By clicking on the unsubscribe link placed in the footer of each newsletter – Through cookie settings for analytical data related to the Website. |
|
Right to lodge a complaint |
Without prejudice to any other administrative or judicial remedy that you may have (such as the right to claim compensation for damages suffered as a result of our breach of the GDPR), you have the right to lodge a complaint with the Hungarian Data Protection and Freedom of Information Authority (NAIH) supervisory authority, or another data protection supervisory authority in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR. The contact details of the NAIH are as follows: postal address: Hungary – 1363 Budapest, Pf.: 9.; phone: +36 1 391-1400; e-mail: [email protected] website: www.naih.hu |
|
|
This Privacy Notice is effective from 01. 01. 2025. |
[O1]Az adatkezelési tájékoztató angol nyelvű verzióját is elkészítettük, amely a magyar nyelvű tájékoztató utáni oldaltól látható.
A véglegesítést követően javasoljuk, hogy külön-külön kerüljenek feltöltésre az egyes nyelvi verziók a honlapra. Így a magyar nyelvű weboldalon a magyar, míg az angol nyelvű weboldalon az angol verziót szükséges feltüntetni.
[O2]A táblázatban foglaltakat az adatkezelési tevékenységek nyilvántartása alapján tüntettük fel.
Mindazonáltal kérjük felülvizsgálni, hogy az valóban megfelel-e a ténylegesen alkalmazott gyakorlatnak.
Amennyiben módosításra kerülne sor, úgy az adatkezelési tevékenységek nyilvántartását is megfelelően módosítani szükséges.
[O3]A diploma és a végzettség mennyiben szükséges adatok a weboldalon történő regisztrációhoz?
Nem kötelező megadni, a felhasználók jelentős része nem is adja meg, opcionális. Nem a diploma számát kérjük be, hanem, hogy mondjuk milyen szakon végzett. [BS4]
[O5]Az online könyv letöltése esetén mi az indoka ezen adatok kezelésének („elkérésének”)? Melyek azok az adatok, amelyek elengedhetetlenek ahhoz, hogy az online könyvet az érintett rendelkezésére bocsássák?
E-mail címet és eszközhöz tartozó sorozatszámot kérünk, hogy beazonosíthassuk a felhasználót, és ellenőrizni tudjuk a hozzáféréseit. [BS6]
[O7]Az adatkör szükségességére vonatkozó visszajelzés alapján meghatározandó
Mint sok webhely üzemeltetője, mi is gyűjtjük azokat az információkat, amelyeket a böngészője küld, amikor meglátogatja a webhelyünket. Ezek a naplóadatok olyan információkat tartalmazhatnak, mint az Ön számítógépének Internet Protocol ("IP") címe, a böngésző típusa, a böngésző verziója, a weboldalunk meglátogatott oldalai, a látogatás időpontja és dátuma, az ezeken az oldalakon töltött idő és egyéb statisztikák.
Ez a weboldal sütiket használ a böngészési preferenciák nyomon követésére. Ha Ön engedélyezi a sütik használatát, a fájl hozzáadásra kerül, és a süti segít a webes forgalom elemzésében, illetve tudatja Önnel, hogy mikor látogat meg egy adott webhelyet.
A sütik kis mennyiségű adatot tartalmazó fájlok, amelyek tartalmazhatnak névtelen egyedi azonosítót, és lehetővé teszik, hogy a webes alkalmazások egyénként válaszoljanak Önnek. A webalkalmazás az Ön igényeihez, kedvenceihez és ellenszenveihez igazíthatja működését azáltal, hogy információkat gyűjt és megjegyzi az Ön preferenciáit.
Sok más webhelyhez hasonlóan mi is használunk "sütiket", hogy információkat gyűjtsünk és megértsük a webhely használatát, hogy javíthassuk a webhelyünk tartalmát és kínálatát. Ön utasíthatja böngészőjét, hogy utasítsa vissza az összes cookie-t, vagy jelezze, ha cookie-t küldünk. Ha azonban nem fogadja el a cookie-kat, előfordulhat, hogy nem tudja használni webhelyünk egyes részeit.
+1 (989) 681-1063
+1 (856) 322-8589
