GDPR
The Match The Wine Korlátolt Felelősségű Társaság
Annex II of its Internal Privacy Policy:
Match The Wine Ltd
Data protection notice
Match The Wine Korlátolt Felelősségű Társaság (registered office: 1138 Budapest, Meder utca 2-4. B. 9. floor. 7. door, company registration number: 01-09-439243, tax number: 32724017-2-41, e-mail: daniel.terjeki@matchthewine.com, represented by Dániel Viktor Terjéki, Managing Director), as the data controller, hereby informs the data subjects in summary and briefly about the data processing activities carried out by the company.
The Data Controller shall ensure the security of the data. To this end, it shall take the technical and organisational measures and establish the procedural rules necessary to enforce the applicable laws, data protection and confidentiality rules.
The Data Controller shall take appropriate measures to protect the data against unauthorised access, alteration, disclosure, disclosure, deletion or destruction, accidental destruction or damage and against inaccessibility resulting from changes in the technology used.
The Data Controller shall also ensure the enforcement of data security rules by means of internal regulations, instructions and procedural rules, which are separate in content and form from the Data Protection Policy and this Notice.
When defining and applying measures to ensure the security of data, the controller shall take into account the state of the art and shall choose the most appropriate processing solution from among several possible processing solutions which ensure a higher level of protection of personal data, unless this would involve a disproportionate effort.
The Data Controller shall ensure, in particular, in the context of its IT security responsibilities:
- Measures to protect against unauthorised access, including protection of software and hardware devices and physical protection (access protection, network protection);
- Measures to ensure that data files can be recovered, including regular backups and separate secure management of copies (mirroring, backup);
- Protecting data against viruses (virus protection);
- The physical protection of data files and the media on which they are stored, including protection against fire, water, lightning and other natural hazards, and the recoverability of damage caused by such events (archiving, fire protection).
The Data Controller draws the attention of the data subjects to the fact that they may exercise their right to information and other rights (right to rectification, right to erasure, right to be forgotten, right to block/restrict data, right to object) by sending a statement to the e-mail address panasz@megnyerem.hu or to any other contact details of the Data Controller, unless prohibited by law, and may also contact the authorities (NAIH, www.naih.hu) or the courts in case of violation of their rights.
For a more detailed explanation of each processing operation, please refer to the Privacy Policy.
Single request for information, contact
Purpose of data processing: providing the data subject with appropriate information and contact
Legal basis: voluntary contribution
Stakeholders: Any natural person who contacts the Data Controller and requests information from the Data Controller while providing personal data.
Data processed? name, e-mail address, question content
Duration of data processing: until the objective is achieved or the limitation period expires
How the data is processed: electronic, manual
Source of data: directly from the person concerned
-
Products and services offered on the site
Purpose of data processing: to enable the data subject to use and shop on the site.
Legal basis: voluntary contribution
Stakeholders: Any natural person who registers on the Controller's website or places an order without registering.
Data processed: name, e-mail address, billing address, delivery address, telephone number
Duration of data processing: until the objective is achieved or until the end of the limitation period
How data is processed: electronic, manual
Source of data: directly from the person concerned
Data processed when subscribing to newsletters and promotional mailings
Purpose of data processing: to notify the data subject of the latest competitions and promotions with partners
Legal basis: voluntary contribution
Stakeholders: any natural person who subscribes to the newsletter
Data processed: e-mail address
Duration of data processing: until the request for cancellation or until the limitation period expires
How data is processed: electronic, manual
Source of data: directly from the person concerned
Data management related to customer records
Purpose of data processing: Keeping records of the Data Controller's customers, facilitating smooth communication
Legal basis: voluntary contribution
Stakeholders: Any natural person who is a customer or wishes to become a customer of the Data Controller
Data processed: name, e-mail address,
Duration of data processing: Until revocation from the data controller
How the data is processed: electronically
Source of data: directly from the person concerned
Data processing in relation to the consent form
Purpose of data processing: the processing of consent statements is necessary for the purposes of proving the legal basis for the processing and for the fulfilment of the consent (principle of accountability), and for communication
Legal basis:voluntary contribution
Stakeholders: Any natural person who gives consent to the processing of his or her data for any purpose
Data processed: name, e-mail address, data provided on the declaration
Duration of data processing: in case of a legal relationship: limitation period, otherwise the data subject's request for erasure
How data is processed: electronic, manual
Source of data: directly from the person concerned
Data processing related to the placing of an order
Purpose of data processing: processing of data in accordance with the services related to the performance of the contract with the data subject, including processing of payments, fulfilment of orders, sending notifications related to invoices, purchases, returns, exchanges and other transactions. As well as arranging delivery, facilitating returns and exchanges.
Legal basis: voluntary contribution
Stakeholders: Any natural person who gives consent to the processing of his or her data for any purpose
Data processed: name, e-mail address, phone number, billing address, shipping address
Duration of data processing: in case of a legal relationship: limitation period, otherwise the data subject's request for erasure
How the data is processed: electronic, manual
Source of data: directly from the person concerned
THE RIGHTS AND REMEDIES OF THE DATA SUBJECT
This chapter sets out the rights and remedies available to data subjects in relation to their personal and special categories of data.
The data subject's rights and remedies under Act CXII of 2011 and EU Regulation 2016/679 are set out below and the Data Controller informs the data subject by means of this Policy.
The Data Controller draws the attention of the data subject to the fact that he or she may exercise his or her rights by sending a request to the address of the Data Controller's head office or by using one of the other contact details of the Data Controller (see Chapter 2).
Right of information, also known as the data subject's "right of access": pursuant to Act CXII of 2011 and Article 15 of EU Regulation 2016/679, the Data Controller shall, at the request of the data subject, provide information on.
The information is free of charge if the person requesting the information has not yet submitted a request for information to the Data Controller for the same data set in the current year. In other cases, a fee may be charged. The fee already paid shall be refunded if the data have been unlawfully processed or the request for information has led to a rectification.
The Data Controller draws the attention of the data subjects to the fact that the information must be refused on the basis of Act CXII of 2011,
The Data Controller shall notify the National Authority for Data Protection and Freedom of Information of rejected requests for information annually by 31 January of the year following the year in question.
Right of rectification: the data subject has the right to obtain, at his or her request and without undue delay, the rectification of inaccurate personal data relating to him or her. Having regard to the purposes of the processing, the data subject shall have the right to obtain the rectification of incomplete personal data, including by means of a supplementary declaration. However, if the personal data is inaccurate and the accurate personal data is available to the Data Controller, the Data Controller shall rectify the personal data without the data subject's request.
The right to erasure, also known as the "right to be forgotten": the data subject shall have the right to obtain from the Controller, upon his or her request, the erasure of personal data relating to him or her without undue delay and the Controller shall be obliged to erase personal data relating to the data subject without undue delay, unless compulsory processing precludes it.
The Data Controller is obliged to delete data under the GDPR if.
In the event that the Controller has disclosed the personal data for a reason and is required to delete it pursuant to the above, it shall take reasonable steps, including technical measures, taking into account the available technology and the cost of implementation, to inform other controllers that have processed the data that the data subject has requested the deletion of the links to or copies of the personal data in question.
The Data Controller draws the attention of the data subject to the limitations of the right to erasure or "right to be forgotten" under the EU Regulation, which are:
The right to restriction of processing, also known as blocking: the data subject has the right to obtain from the Data Controller, at his or her request, the restriction of processing.
If, on the basis of the information available to him or her, it is likely that deletion would harm the legitimate interests of the data subject, the data must be blocked. The personal data thus blocked may be processed only for as long as the processing purpose which precluded the deletion of the personal data continues to exist.
Where the data subject contests the accuracy or correctness of the personal data, but the inaccuracy or incorrectness of the contested personal data cannot be clearly established, the data shall be blocked. In this case, the restriction shall apply for the period of time necessary to allow the Controller to verify the accuracy of the personal data.
Under the EU regulation, data must be blocked if.
If the processing is subject to restriction (blocking), such personal data may be processed, except for storage, only with the consent of the data subject or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for important public interests of the Union or of a Member State.
The Data Controller hereby draws the attention of the data subjects to the fact that the right of the data subject to rectification, erasure or blocking may be restricted by law in the interests of the external and internal security of the State, such as national defence, national security, the prevention or prosecution of criminal offences, the security of law enforcement, or for reasons of economic or financial interest of the State or local authorities, important economic or financial interests of the European Union, and for the purpose of preventing and detecting disciplinary or ethical offences, including in all cases of control and supervision, in connection with the exercise of professional activities, labour law offences and infringements of labour law and the protection of the rights of the data subject or of others.
Without undue delay and within a maximum of 15 days of receipt of the request, the Data Controller shall inform the data subject of the data subject's request and/or rectify the data and/or erase and/or block the data or take other steps in accordance with the request, unless there are grounds for not doing so.
The Data Controller shall notify the data subject in writing of the rectification, erasure or restriction of processing, as well as all those to whom the data were previously transmitted or disclosed for processing. Upon request, the Controller shall inform the data subject of these recipients. Notification may be dispensed with where this would not be against the legitimate interests of the data subject having regard to the purposes of the processing, or where the provision of the information proves impossible or would involve a disproportionate effort. The controller shall also notify the data subject in writing if the exercise of the data subject's rights cannot be exercised for any reason and shall specify the factual and legal grounds and the remedies available to the data subject: recourse to the courts and the National Authority for Data Protection and Freedom of Information.
The "right to data portability": the data subject has the right to.
In exercising the right to data portability, the data subject has the right to request, where technically feasible, the direct transfer of personal data between controllers.
The exercise of this right must not prejudice the right to erasure. That right shall not apply where the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. The exercise of the right shall not adversely affect the rights and freedoms of others.
Right to object under the GDPR: You have the right to object .
If the Data Controller carries out processing against which the data subject may exercise the right to object, the Data Controller shall examine the objection within the shortest possible period, but not exceeding 15 days from the date of the request, and shall inform the applicant in writing of the outcome of the examination. If the applicant's objection is justified, the Data Controller shall terminate the processing, including any further collection and transmission, and block the data, and notify the objection and the action taken on the basis of the objection to all those to whom the personal data concerned by the objection have been previously disclosed and who are obliged to take measures to enforce the right to object.
If the data subject does not agree with the decision of the Data Controller or the Data Controller fails to comply with the time limit, the data subject has the right to take legal action within 30 days of the decision being notified.
Legal redress: the data subject can go to court if his or her rights are violated. The court will decide the case out of turn. The Data Controller has the burden of proof that the processing is in compliance with the law.
The data subject may lodge a complaint in the event of a breach of his or her right to information self-determination:
National Data Protection and Freedom of Information
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
www: http://www.naih.hu
e-mail: ugyfelszolgalat@naih.hu
You can file a complaint or a complaint in case of violation of your rights in relation to content that is offensive to minors, hateful, exclusionary, corrective, violation of the rights of a deceased person, violation of reputation:
National Media and Communications Authority
1015 Budapest, Ostrom u. 23-25.
Mailing address: 1525. Pf. 75
Tel: (06 1) 457 7100
Fax: (06 1) 356 5520
E-mail: info@nmhh.hu
Data protection notice (GDPR)
The Data Controller uses so-called cookies (hereinafter referred to as cookies) when you visit the website. A cookie is a set of letters and numbers that the Controller's website sends to the browsers of visitors to the website in order to save certain settings, facilitate the use of the Controller's website and help the Controller to collect some relevant statistical information about visitors to the website. Cookies do not contain any personal information and are not suitable for identifying individual users. The purpose of processing cookies is to identify and distinguish visitors, to identify the current session of visitors, to store the data provided during the session, to prevent data loss, to learn the browser specifications.
The legal background for cookie-related data processing is provided by Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information (Infotv.), Act C of 2003 on Electronic Communications and Act CVIII of 2001 on certain issues of electronic commerce services and information society services. In accordance with Article 5(1)(a) of the GDPR, the processing of personal data is based on your consent. If you do not agree to the use of cookies, the functions for entering the number of guests will not be available to you.
For more information on how to delete cookies, please follow the links below:
Internet Explorer: https://support.microsoft.com/hu-hu/help/17442/windows-internetexplorer-delete-manage-cookies
Firefox: https://support.mozilla.org/hu/kb/sutik-informacio-amelyet-weboldalak-tarolnakszami
Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=hu
What cookies do we use?
matchthewine.com uses cookies (small files consisting of letters and numbers that are stored in the browser of the user visiting the website or transmitted to the hard drive of his/her computer, if you consent) to distinguish the user from other users of matchthewine.com. This allows the user to browse matchthewine.com more easily and the cookies help Match The Wine Ltd to improve the website.
The following types of cookies are used in the operation of matchthewine.com:
Essential cookies
These cookies are essential for matchthewine.com to work. Among other things, they allow you to log in to restricted areas of matchthewine.com. This type of cookie cannot be disabled.
The following information is placed/collected by the cookies: unique login details, session ID (to allow the site to remember your preferences during the session), server affinity and authentication details (to establish and maintain the connection with the most appropriate servers).
We also use strictly necessary cookies for the duration of each session ("session ID cookies" or "session cookies").
Session cookies
The cookie used during session management is used to store information about the user's settings or changes to them. Session management allows the storage of information about the user on the server (user name, purchase items, etc.) Session information is temporary and is deleted after the user has left the site by logging out of the website or closing their browser.
By using session ID cookies, our service providers also check whether the Cookie Notice, which provides consent information, has been viewed and ensure that an online cookie usage notification is regularly displayed to inform you about the use of cookies on the site and how to opt-out or opt-in. Session ID cookies also store your personal settings in the Program.
You may refuse or block the use of these cookies by changing the cookie function of your browser. The 'help' tab in the toolbar of most browsers will tell you how to stop accepting new cookies, how to be notified when a new cookie arrives and how to turn off existing cookies. However, if you reject or disable the use of these cookies, you will not be able to use the Programme, as these cookies are essential for the Programme to work.
Analytical/performance cookies
These cookies allow us to identify and count the number of visitors and show how visitors move around the website while using it. This can be used to improve the way the website works, for example, by helping users to find what they are looking for easily.
As an external service provider, Google Analytics helps us to independently measure website traffic and other web analytics data. Google Analytics is a web analytics service owned by Google Inc. Google Analytics uses so-called tracking cookies to identify visitors, and uses these cookies to create analyses and evaluations of user behaviour for the owner/operator of the Website/Webplayer/Application. Google Analytics does not record any IP data that can be used to identify the Data Subject beyond reasonable doubt.
Functionality cookies.
These cookies help the user to be recognised when they visit the website again. Its content can be personalised, the user can be called by name and their preferences can be remembered by the system.
Cookies and tracking technologies used on matchthewine.com
The following tables summarise the privacy information about the cookies used:
a) Cookies for basic functionality
| Legal basis for processing | Purpose of data processing | Duration of data processing | Managed data |
| Legitimate interest | The website | Session cookies: | · _ab |
| corresponding to | visitors | ||
| ensure the functioning of | until the end of the session,Facilitating usecookies depending on the cookie:· 1 minute· 5 minutes· 20 min· 25 min· 30 min· 1 hour· 16 hours· 2 weeks· 3 weeks· 12 weeks· 1 year· 2 years | · flatsome_cookie_notice· _checkout_queue_token· _cmp_a· _identity_session· _master_udr· _pay_session· _secure_account_session_id· _session_id· _shopify_country· _shopify_essential· _storefront_u· _tracking_consent· auth_state_<<id>>· card_update_verification_id· cart· cart_currency· cart_sig· cart_ts· checkout· checkout_prefill· checkout_session_lookup·checkout_session_token_<<id>>· checkout_token· customer_account_locale· customer_payment_method·customer_shop_pay_agreement· device_fp_id· · discount_code |
| ·dynamic_checkout_shown_on_cart· hide_shopify_pay_for_checkout· identity-state· identity-state-<<id>>·identity_customer_account_number· keep_alive· locale_bar_accepted· locale_bar_dismissed· localization· logged_in· login_with_shop_finalize· master_device_id· order· pay_update_intent_id· preview_theme· previous_checkout_token· previous_step· profile_preview_token· receive-cookie-deprecation· remember_me· secure_customer_sig· shop_pay_accelerated· shopify-editor-unconfirmed-settings· shopify_pay· shopify_pay_redirect· storefront_digest· tracked_start_checkout· user· user_cross_site· wpm-domain-test |
b) Cookies for statistical purposes
| Legal basis for processing | Purpose of data processing | Duration of data processing | Managed data |
| Your | Information | Depending on the cookie: | · _landing_page |
| consent | collecting with | · session | · _original_referrer |
| about how our visitors use our website | until the end of,· 10 minutes· 30 minutes· 1 year | · _shopify_ga· _shopify_s· _shopify_sa_p· _shopify_sa_t· _shopify_y·checkout_one_experiment· shop_analytics· unique_interaction_id |
You can use your web browser settings to disable cookies. However, if you disable all cookies in your browser (including essential cookies), you may not be able to access some or all of our Website. For more information about cookies and how to disable them, please visit www.allaboutcookies.org.
For more information about the cookies used specifically on this site, please visit https://www.shopify.com/legal/cookies.
Budapest, 2025. 02. 03.