Privacy Policy
DATA HANDLING
Effective: from 10.08.2022
Before ordering, please find out about the rules of the country where the order is placed regarding the product, and only then place the order. In certain countries, it is strictly forbidden to buy (even order online), use, possess, or distribute the products distributed by elfbarrendeleseu.com.
By using our website, you are aware of this and assume responsibility for any consequences!
In case of incomplete registration or data entry, personal data will not be stored in our system after leaving the page.
The operators of the elfbarrendeleseu.com electronic cigarette online store are committed to protecting the personal data of customers. The online store treats visitors' personal data confidentially and takes all security, technical and organizational measures that guarantee data security. The data is used exclusively to complete the purchase, to send the package and to deliver the data, the data is not disclosed to third parties.
Its basic data management principles are in line with the applicable legislation on data protection, and in particular with the following:
- LXIII of 1992 on the protection of personal data and the disclosure of data of public interest.Law
- VI of 1998 on the protection of individuals during the machine processing of personal data.Law
- 95/46/EC of October 24, 1995 of the European Parliament and the Council of the European Union on the protection of individuals and the free flow of such data in relation to the management of personal data directive
- CVIII of 2001 on certain issues of electronic commercial services and services related to the information society.Law
- CXIX of 1995 on the management of name and address data for the purpose of research and direct business acquisition.Law
The data protection concept of the elfbarrendeleseu.com web store is based on voluntary consent based on adequate information, and it strives to implement it in every phase of using the service. The service provider is not authorized to manage the data, so it is not considered a data processor.
We do not provide personal data to unauthorized third parties.
During the browsing of the online store, technical information is recorded for statistical purposes. (IP address, duration of visit, etc.). The Data Controller will only hand over this data to the authorities in legally justified and substantiated cases. Data provided when subscribing to the newsletter of the online store is treated confidentially by the Data Controller, the option to unsubscribe is provided at the bottom of every newsletter sent, and can be requested at any of the contact details provided. You can request the deletion of your data at any time. For this, please contact us by e-mail. In matters not regulated in these General Terms and Conditions of Use, the Civil Code, Government Decree 17/1999 (II. 5) on distance contracts, and CVIII of 2001 on certain issues of electronic commercial services and services related to the information society . We act according to the provisions of Tv.
By browsing the pages of the elfbarrendeleseu.com web store and placing your order, you accept our General Terms and Conditions of Use, as well as our Data Management Guidelines.
MANAGEMENT OF COMMUNICATION DATA
This includes any message that you send to us via the website, email, social media message, or any other form of communication.
We process and store these data in order to be able to fulfill the orders and to provide a basis for decision in case of possible legal claims.
Our legal basis for this processing is the user's verifiable interest in our activity, which is manifested in the messages addressed to us.
MANAGEMENT OF CUSTOMER DATA
Which includes all data related to the purchase of products and services, such as the customer's name, shipping and billing address, e-mail address, phone number, and details of the purchased product.
We process this data in order to successfully fulfill orders and to have legally adequate records of purchases.
The legal basis for the storage of data is the fulfillment of the contract created by the order between the customer and the owner of the site, ALEMIX, SRO.
MANAGEMENT OF USER DATA
This includes the data generated during the use of the website, which enables the technical operation of the site, to maintain the security of the site, to store backups of the users' activities, and to ensure that you always have access to the most relevant content.
The legal basis for the processing of the data is the user's clear interest in our activities, which requires their storage to ensure this and for the technical functioning of the site.
Management of technical data
This includes data generated during the use of the site, such as the IP address, login information, browser data, visit time of each page, page views and navigation paths, the number and time of page visits, time zones, and the data of the device with which you view the page.
The source of the data is our analytical software.
We process this data in order to analyze the habits of users on the site, to maintain the safe operation of our site, and to understand the usefulness of our individual marketing decisions.
The legal basis for data processing is the user's clear interest in our activity, which allows us to process this data in accordance with security requirements and use it to increase business in order to operate more effectively.
MANAGEMENT OF MARKETING DATA
Which includes the visitor's preferences, which marketing content they would like to receive from us. We process this data in order to enable participation in prize games and to send advertising related to our products/services in which the user has expressed interest.
The legal basis for data processing is the user's clear interest in our activity, which allows us to process this data in accordance with security requirements and use it to increase business in order to operate more effectively.
We can sometimes use the collected data for purposes such as providing targeted, relevant ads on the Facebook™ platform and various dynamic advertising platforms, and measure the effectiveness of the ads.
The legal basis for data processing is the user's clear interest in our activity, which allows us to process this data in accordance with security requirements and use it to increase business in order to operate more effectively.
In the course of our activities, we do not collect sensitive data such as ethnicity, religious views, sexual life and orientation, political opinions and trade union membership, or medical background, and genetic or biometric information.
OUR DATA PROTECTION
the protection of users' data and compliance with current regulations are extremely important to us. Therefore, after conducting a data protection impact assessment on the site, we prepared a list of the collected data, its necessity and legal basis, and its legal compliance.
- In order to protect the data entered on the forms and generated on the site, we use SSL certification on the entire website (SECTIGO)
- Purchase and user data are stored in encrypted form (pseudonymized) in the site's databases, so they cannot be read by third parties.
- In this data protection declaration, we provide users with forms to request information about the management of their personal data, to modify or delete their personal data.
From time to time, for the sake of our business activities, it is necessary to provide data to our service partners (for example, hosting provider, courier company, newsletter sending software).
In such cases, we always choose to meet the requirements of the GDPR regulation and, in the case of a US-based partner, participate in the EU-US Privacy Shield data protection initiative, and we sign a data management contract with them, ensuring responsible data management.
TIME CONTENT OF DATA MANAGEMENT
We only store user data for as long as our legal/accounting/data provision obligations make it mandatory, or as long as it is necessary for the operation of the service.
When deciding on the duration of storage, we consider the amount, nature and sensitivity of the data and the potential impact of its leakage in the event of a data breach.
For tax reasons, we need to keep customers' billing and purchase data for at least 8 years in order to fulfill our legal obligations.
Under certain circumstances, we may use the data in an anonymized form for statistical purposes, in which case we store the data for an unlimited period of time without informing you.
VISITOR RIGHTS
As a citizen of the European Union, the law called General Data Protection Regulation (GDPR) provides the following rights to the users of the site:
a, Access to Personal Information
Site users have the right to request a copy of the personal data stored by ALEMIX, SRO. In general, the request is fulfilled free of charge within 15 days after the application.
In the case of repeated, abusive, unjustified data requests, ALEMIX, SRO may charge a moderate amount to secure the data, and additional time may be required to secure the data.
Furthermore, ALEMIX, SRO requests proof of identity before releasing the data, in order to prevent abusive use. To request personal data, please use our e-mail address below: info@vapesandpuffs.com
b, Modification of personal data
If the personal data has been changed or entered incorrectly, users have the right to request that the data be changed. To change your personal data, please contact us at info@vapesandpuffs.com
c, Request to delete personal data
Users have the right to request the deletion of all their personal data. We fulfill the request free of charge within 15 days of the request. After deleting the personal data, the user account will not be available, so any purchased materials will also become unavailable, as the personal data related to the user account is absolutely necessary to access the service.
ALEMIX, SRO requests proof of identity before deleting personal data, in order to prevent abusive use. To delete personal data, please use our e-mail address: info@vapesandpuffs.com
d, Requesting restriction of personal data
It is important to note that cooperation with certain service providers is essential for the operation of the site (e.g. Saltpay as a payment service provider), so if they are restricted, the site's services will become unavailable to the user.
ALEMIX, SRO requests proof of identity before restricting the transfer of personal data in order to prevent abusive use. To limit the transfer of personal data, please use our e-mail address: elfbarrendeleseu@gmail.com
From time to time it is necessary to share certain personal data with certain of our partners in order to maintain normal business, we have a data protection contract with them.
-IT service providers, and service providers performing troubleshooting and maintenance on computer systems
- Expert partners, such as lawyers, accountants, bankers, insurance companies
-Government bodies that request a report on our activities
-Payment service providers who manage bank card data securely
-Courier services that fulfill incoming orders to the specified delivery address