Privacy policy

Effective from 22 March 2021.

AnimalSoft Limited Liability Company operates the webshop available at the URL clientarea.livestocker.eu (hereinafter: “Webshop”), by means of which it communicates the Livestocker software to the public and makes available certain of its services specified in the general terms and conditions available on the Webshop (hereinafter together referred to as the “Services”).

This Prospectus (the “Prospectus”) applies to the Webshop as a whole and to all of its subdomains and directories. This Prospectus does not cover websites available on domains other than the Webshop, regardless the fact that the person concerned may get there via a link in the Webshop.

In connection with the personal data of natural persons using the Webshop, the Data Controller shall comply with the data protection legislation in force at any time - in particular with Act CXII of 2011 on the right to information self-determination and freedom of information (hereinafter: “Information Act”); the controller shall take into account: the protection of natural persons with regard to the processing of personal data and the free movement of such data; and General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council repealing Regulation (EC) No 95/46 (hereinafter "GDPR")

The data controller shall treat the personal data of the data subjects as confidential, ensures their protection, it shall also take the necessary technical and organizational measures and establish the rules of procedure necessary to enforce the GDPR and other data protection rules.

The data controller

AnimalSoft Limited Liability Company (company registration number: 01-09-200958; registered office: 1013 Budapest, Pauler utca 6., phone: +36/30 326-0589, e-mail: info@animalsoft.hu, hereinafter: “Data Controller”)

Scope of data processed, purpose and duration of data processing

The Data Controller displays offers, advertisements and suggestions to the data subject based on the characteristics of the livestock farm connected to the data subject (such as the breed and quantity of animals present) and uses the Facebook Pixel service (more about Facebook Pixel here). Read about it in the section on data processors), otherwise the Data Controller does not perform profiling.1

Personal data is collected by the Data Controller, partly through data processing, in all cases from the data subject (and not from third parties).

The data controller does not handle special data.

  1. Conclusion of a contract

    Data management related activity

    Concluding and performing a contract, making contract-related statements and communicating

    Affected person

    A representative of a natural person concluding a contract with the Data Controller or a person concluding a contract with the Data Controller.

    The data managed

    Name (if natural person), registration number, registered office / address, tax number of the party contracting with the data controller, the name, e-mail address and telephone number of the contact person specified by the party contracting with the Data Controller.

    Purpose of data management

    Entering into a contract with the data subject for the provision of the Services and performing this contract, and during the term of this contract, and to allow communication between the parties regarding any remaining obligations after the termination of the contract, making legal declarations in the process.

    Duration of data management

    Following the termination of the contract concluded for the Services, the Data Controller shall process the data until as long as there may be claims in connection with this contract, or until they expire (thus, as a general rule, in the absence of rest or interruption of the limitation period, for 5 years from the conclusion of the contract).

    Legal basis for data management

    GDPR Article 6 (1) (b) - necessary for the performance of a contract in which one of the parties is the concerned person.

  2. User Account

    Data management related activities

    Creating and maintaining a User Account, Providing Services through a User Account

    Affected person

    A natural person concluding a contract with the Data Controller or a representative of an organization concluding a contract with the Data Controller.

    The data managed

    Login name and password and any other information you may provide during use

    Purpose of data management

    Creating and maintaining a user account ("User Account"). The Data Controller identifies the contracting party through the User Account during the conclusion of the contract via the Webshop, enables the conclusion of the contract, and ensures that only those authorized to have access to the data and information provided or made available while using the Services

    Duration of data management

    Until the User Account is deleted.

    Legal basis for data management

    GDPR Article 6 (1) (b) - necessary for the performance of a contract in which one of the parties is the concerned person.

  3. Invoicing

    Data management related activities

    Issuance of invoices, preservation of documents

    Affected person

    A natural person who enters into a contract with the Data Controller.

    The data managed

    Name, tax number, registered office / address of the person concerned.

    Purpose of data management

    In order to pay for the Service, Act CXXVII of 2007 on Value Added Tax issuing an invoice according to law.

    Duration of data management

    It extends until the expiry of the period pursuant to Section 169 (2) of Act C of 2000 on Accounting, i.e. 8 years after the invoice has been issued.

    Legal basis for data management

    GDPR Article 6 (1) (c) - fulfillment of a legal obligation.

  4. Operation of a webshop

Data management related activities

Operation of a webshop

 

Affected person

A natural person who uses the Webshop.

The data managed

The IP address associated with the data subject's device (and based on the data subject's location), the so-called session ID that identifies the data subject's device.

Purpose of data management

Execution of the shopping process in the Webshop, operation of the Webshop.

Duration of data management

14 days from the start of data processing, so that the data subject can continue the purchase later.

Legal basis for data management

GDPR Article 6 (1) (b) - necessary for performance of a contract to which one of the parties is the data subject, it is necessary to take steps at the request of the data subject before concluding the contract.

  1. Improving the quality of services and the Webshop

    Data management related activities

    Further development of Webshop and Services, needs assessment

    Affected person

    A natural person who uses the Webshop.

    The data managed

    The IP address associated with the data subject's device (and the data subject's location based on it), the activity of the data subject on the website forming the Webshop, the type of the data subject's device used to access the Webshop, the size of its display, the unique identifier of the device, the type of browser, the country of residence of the data subject and the language indicated as preferred by the data subject.

    Purpose of data management

    Improving the user experience, Webshop and data manager interfaces and marketing activities, and collecting statistical data to plan for achieving these goals.

    Duration of data management

    Until the consent is revoked or the User Account is deleted (whichever is earlier).

    Legal basis for data management

    GDPR Article 6 (1) (a) - the consent of the data subject.

  2. Payment at the Webshop

Data management related activities

Payment of the value of the contract concluded via the Webshop to the Data Controller

Affected person

A natural person who enters into a contract with the Data Controller in his or her own name or on behalf of another person or otherwise participates in the conclusion of a contract.

The data managed

Name, e-mail address, telephone number of the person concerned, the date and amount of the transaction, the related User Account.

Purpose of data management

Payment for the Services to the Data Controller during the purchase on the Webshop. The data required for the payment method chosen by the data subject will be transmitted to the service provider providing the chosen payment method (PayPal or SimplePay).

Duration of data management

Until the user account is deleted.

Legal basis for data management

GDPR Article 6 (1) (b) - necessary for the performance of a contract to which one of the parties is the data subject.

Cookies)2

The Data Controller uses so-called cookies in the Webshop.The use of certain cookies is essential to ensure the operation of the Webshop, and cookies that do not qualify as such are used by the Data Controller only with the consent of the data subject - via the Webshop's dedicated tool, before that does not handle data by such cookies.

The function of the cookie, the related purpose of data management

Processed (personal) data

Required cookies (Necessary): cookies without which the Webshop and the website cannot perform their basic function (for example, a cookie is required for the Webshop to "remember" the contents of the shopping cart when making a purchase)

session ID; and thus: IP address

Functional cookies (Preferences): to provide a more personalized user experience, to remember user settings and preferences (such as memorizing user settings)

session ID and using its database name, email address, company details, billing and shipping information

Performance Measurement (Statistics Cookies): It examines the activity of users in such a way that the extracted data does not allow unique identification.

anonymous demographic data

Marketing / targeting cookies (Marketing): based on the activity of each user, they allow the display of advertisements tailored to the given users, the examination of the individual activity.

Cookies used by Hotjar and Google Analytics and related to the Facebook Pixel service: demographic data, name, company data, billing and delivery data and user activity (clicks to browse the Webshop, products added to the cart)

About each cookie, which is partly stored directly by the Data Controller on the Webshop, and in part applied by one of its data processors, grouped according to the table above, information is available through the cookie management tool available on the Webshop. This panel pops up at the bottom of the browser window the first time you visit the Webshop, and may be recalled at a later date as provided in the following paragraph. This information also covers the duration of the data processing, the third party source of the cookie (if any), and the purpose of the cookie.

You can change your settings for handling cookies at any time, consent when opening the Webshop and thereafter (you can thus withdraw your consent) by clicking on the "Cookie Settings" button in the Webshop.

In addition, browsers allow you to change cookie settings in general. Most browsers automatically accept cookies by default, but this can be changed to prevent automatic acceptance after setup. You can find information about the settings of some popular browsers at the following links:

Google Chrome; Firefox; Microsoft Internet Explorer 11; Microsoft Internet Explorer 10 ; Microsoft Edge

Persons having access to personal data

The data may be accessed by the employees of the Data Controller or by other data processors named in this Prospectus in order to perform their duties. Thus, the data processors named in this Prospectus may get to know personal data for the purpose of providing services, case management and data processing.

Data transmission

The data of the data subject will not be transferred to third parties, except for the transfer to the data processor defined below. In addition, the transfer of data to a third party or recipient shall take place at the most if we provide prior information on the potential recipient and then the data subject consents in advance to the transfer, or otherwise required by law. The Data Controller does not transfer personal data to third countries or international organizations in the course of its data management activities, except for the cases that may be indicated in this Prospectus.

Data processors

The data processors process personal data on behalf of the Data Controller in the framework of the services they provide to the Data Controller.The data processor is also obliged to act in accordance with the provisions of the relevant legislation, in particular the GDPR.

The Data Controller uses the Apptivo CRM system (i.e. a customer relationship management system designed to manage the processes towards the Data Controller's partners), during which, it with Apptivo Inc., (headquarters: 39055 Hastings St, # 209 Fremont, CA 94538, USA; mailing address: 38750 Paseo Padre Pkwy, Suite # A2, Fremont, CA 94536, USA; e-mail: privacy @ apptivo.com; https://www.apptivo.com/privacy-policy/) has a contractual relationship as such, who qualifies as a data processor. This processor stores personal information in the United States.

The Data Controller uses the service of BC.hu hosting and e-mail mailbox, during which it has a contractual relationship with BC.HU Informatikai Kft (registered office: 1155 Budapest, Wysocki u. 3., telephone number: + 36-20-220- 4000, e-mail address: hello@bc.hu), which thus qualifies as a data processor.

The Data Controller uses the Hotjar services to examine the activities of the data subjects on the Webshop (to create a so-called website heat map), in which it has a contractual relationship with Hotjar Limited (registered office: Level 2, St Julian’s Business Center, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta; e-mail: dpo@hotjar.com), which is thus considered a data processor. The purpose of using Hotjar is to make the Data Controller better understand its users (such as how much time they spend on the page, what they click on, what they do not like). This allows the Data Controller to develop the Webshop according to user needs. Hotjar collects data using cookies and other technologies (including in particular the IP address, the type of device used by the data subject to access the Webshop, screen size, unique device ID, browser type, country of residence, and preferred language of the person concerned). The data are stored in a pseudonymous user profile.

The Data Controller uses Google Analytics to examine the activities of the data subject in the Webshop and to collect statistical data, during which Google, LLC (address: 1600 Amphitheater Parkway, Mountain View, CA 94043, United States, contact: https: // support. google.com/policies/contact/general_privacy_form; phone number 650-253-0000) during which it has a contractual relationship with a company and it qualifies as a data processor. This data processor may store data in third countries (at the locations indicated here: https://www.google.com/about/datacenters/locations/). In order for the data to be transferred under the appropriate guarantees under the GDPR, the Data Controller and Google, LLC have entered into a data processing agreement which contains the general terms and conditions pursuant to European Commission Decision 2010/87 / EU. More information about the privacy compliance of this data processor can be found at https://privacy.google.com/businesses/compliance/.

The Data Manager is a user of the Mailchimp marketing platform. This data processor (Mailchimp) handles the management, organization and storage of subscriptions to the newsletter, and its services ensure that the newsletter is sent to a data subject only with the necessary consent. The Data Controller is affiliated with The Rocket Science Group LLC (which uses the name Mailchimp in the course of its business) (address: 675 Ponce de Leon Ave NE, Atlanta, GA 30308 USA; website: https://mailchimp.com/; contact: privacy @ mailchimp.com;) has a contractual relationship with it, which thus qualifies as a data processor. This data processor may also store data in third countries (especially the United States of America). In order to ensure that the data transfer is subject to appropriate guarantees under the GDPR, the Data Controller and The Rocket Science Group LLC have entered into a data processing agreement which contains the general terms and conditions in accordance with European Commission Decision 2010/87 / EU.More information about the privacy compliance of this data processor can be found at https://mailchimp.com/gdpr/.

The Data Controller enables card payments through, among other things, the SimplePay system. In doing so, it has a contractual relationship with OTP Mobil Kft. (Cg. 01-09-174466; registered office: 1143 Budapest, Hungária krt. 17-19., Telephone number: +36 1 5100 374), on the basis of which this company qualifies as a data processor. The data controller cannot know the bank card data. The Data Controller transmits the following data to the data processor: name, telephone number, e-mail address, transaction amount, IP address, date and time of the transaction, delivery address, billing address. (The data controller provides information on other issues, such as the scope of the processed data, at the following link: https://simplepay.hu/adatkezelesi-tajekoztatok/.)

The Data Controller allows you to pay using the PayPal service. if you choose the PayPal option in connection with the payment, the payment for the Services will be made using the PayPal account of the person concerned. (or the one of the undertaking for which the person concerned acts) In this regard, the Data Controller uses the services of the following company as data controller: PayPal (Europe) S.à r.l. et Cie, S.C.A. (address: 22-24 Boulevard Royal L-2449, Luxembourg). The data processor and its group apply the binding corporate rules available at the following link https://www.paypal.com/en/webapps/mpp/ua/bcr?locale.x=en_EN, in order to process the data in a third country as a result of intra-group transfers on the basis of appropriate guarantees under the GDPR. The PayPal Privacy Officer is available at 22-24 Boulevard Royal L-2449, Luxembourg; and the data processing and data protection officer will provide information at the following link: https://www.paypal.com/us/smarthelp/contact-us?email=privacy.

The Data Controller uses the Facebook Pixel service. Facebook Pixels place cookies on the Website browser device, the purpose of which is to build the right advertising audience, measure conversions between devices, target ads, optimize them to the right audience, display personalized advertisements, advertisements, as well as preparation of reports, preparation of statements about the Webshop and the traffic data of the application.

As a result, by assessing the presumed needs of the data subject, advertisements that are more relevant to the person concerned and are tailored to their online activity, will be displayed. Data management affects the activity of the affected Webshop and the data sent by the affected browser (such as clicks, products in the cart, IP address, browser type). The services are provided to the Data Controller by Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland).

You can read more about Facebook Pixel cookies here: https://www.facebook.com/policies/cookies/.Using Facebook Pixel may involve the transfer of data to third countries (primarily the US), the Data Controller and Facebook Ireland Limited have entered into a data processing agreement which contains the general terms and conditions pursuant to European Commission Decision 2010/87 / EU in order to provide adequate guarantees.

The data controller issues invoices through a system called Számlázz.hu.This service is provided by KBOSS.hu Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság / Trading and Service Limited Liability Company/ (registered office: 1031 Budapest, Záhony utca 7., company registration number: 01-09-303201, tax number: 13421739-2-41, e-mail: info@szamlazz.hu, data protection official: Dr. Éva Istvánovics lawyer, contact: dpo@kboss.hu) to the Data Controller, which thus qualifies as a data processor.This data processor has access to the data to be included in the invoices in accordance with the law (which may, in particular, but not exclusively, be considered personal data in the case of sole proprietors).

Data security measures:

The Data Controller is obliged to ensure the security of the data, it shall also take the technical and organizational measures and establish the rules of procedure which ensure that the data recorded, stored or processed are protected, and prevent their destruction, unauthorized use and unauthorized alteration. It also draws the attention of third parties, to whom the data of the data subject have been transmitted, that they are obliged to comply with the data security requirement.

The Data Controller shall ensure that the processed data cannot be accessed, disclosed, transmitted, modified or deleted by unauthorized persons.The Data Controller will do its utmost to ensure that the data is not damaged or destroyed. The above obligation is also ordered by the Data Controller for the employees participating in its data management activities and for the data processors acting on behalf of the Data Controller. During the data management by the Data Controller, the personal data is stored on its own devices as well as in the data processing systems.

In order to prevent unauthorized access to the data, the Data Controller shall ensure the retention of personal data and prevent unauthorized access to its own assets as follows: Access to computers is password and firewall protected, and computers run antivirus software. Data Manager has a Linux system running IPtables2. The Data Controller uses SSL encryption during communication.

Informing data subjects of a data protection inciden3 if it occurs

If the data protection incident is likely to pose a high risk to the rights and freedoms of natural persons, the Data Controller shall, without undue delay, inform the data subjects of the data protection incident in a clear and comprehensible manner.

The data subject needs not be informed if any of the following conditions is met:

  • the controller has implemented appropriate technical and organizational security measures, and these measures have been applied to the data affected by the data protection incident, in particular measures such as the use of encryption, which make the data incomprehensible to persons not authorized to access personal data;

  • the controller has taken further measures following the data protection incident to ensure that the high risk to the data subject's rights and freedoms is no longer likely to be realized;

  • information would require a disproportionate effort. In such cases, data subjects shall be informed through publicly available information, or a similar measure shall be taken which ensures similarly effective information to data subjects.

Rights of data subjects

In addition to the rights set out above, data subjects may exercise the following rights in connection with the processing of data in accordance with this Prospectus. In case of exercising any rights of the data subject, please inform the Data Controller at one of the contact details provided in this Prospectus.

Right to information and access to personal data processed:

The data subject is entitled to receive feedback from the Data Controller on the issue, whether their personal data is being processed and, if such processing is in progress, they have the right to access their personal data and the following information:

  1. the purposes of the processing;

  2. the categories of personal data concerned;

  3. the recipient or categories of recipients to whom the personal data have been or will be communicated, including in particular third country consignees, and international organizations;

  4. where applicable, the intended period for which the personal data will be stored, or, if that is not possible, the criteria for determining that period;

  5. the right of the data subject to request the controller to rectify, erase or restrict the processing of personal data concerning him or her and to object to the processing of such personal data;

  6. the right to lodge a complaint with a supervisory authority;

  7. if the data were not collected from the data subject, all available information on their source;

  8. the fact of automated decision-making, including profiling, and, at least in these cases, comprehensible information on the logic used and the significance of such data processing and the expected consequences for the data subject

If personal data are transferred to a third country or to an international organization, the data subject is entitled to be informed of the appropriate guarantees for the transfer.

The Data Controller shall provide the data subject with a copy of the personal data subject to data processing. The Data Controller may charge a reasonable fee based on administrative costs. If the data subject has submitted the request electronically, the information shall be provided by the Data Controller in a widely used electronic format, unless the person concerned requests otherwise.

The right to request a copy referred to in the preceding paragraph shall not adversely affect the rights and freedoms of others.

Right of correction:

At the request of the data subject, the Data Controller shall correct inaccurate personal data concerning the data subject (without undue delay). Taking into account the purpose of the data processing, the data subject has the right to request that his or her incomplete personal data be supplemented, inter alia, by means of a supplementary statement.

Right of cancellation ("forgetting"):

The data subject shall have the right to delete personal data concerning him / her at his / her request without undue delay if one of the following reasons exists:

  1. personal data are no longer required for the purpose for which they were collected or otherwise processed;

  2. the data subject withdraws his or her consent on which the processing is based and there is no other legal basis for the processing;

  3. the data subject objects to the processing and there is no overriding legitimate reason for the processing or if the processing would be linked to a direct acquisition;

  4. personal data have been processed unlawfully;

  5. personal data must be deleted in order to fulfill a legal obligation under Union or Member State law applicable to the controller;

f) personal data have been collected in connection with the provision of information society services. The Data Controller shall not be obliged to delete personal data if they are necessary for one of the following purposes:

  1. for the purpose of exercising the right to freedom of expression and information;

  2. compliance with an obligation under Union or Member State law applicable to the controller to process personal data or in the public interest;

  3. for preventive health or occupational health purposes, the assessment of the worker's ability to work, the making of a medical diagnosis, the provision of health or social care or treatment, and to manage health or social systems and services, under Union or Member State law or under contract to a healthcare professional and the processing of such data by or under the responsibility of a professional who is bound by professional secrecy as laid down in Union or Member State law or in rules laid down by the competent authorities of the Member States , or by another person who is also subject to an obligation of confidentiality laid down in Union or Member State law or in rules laid down by the competent authorities of the Member States;

  4. in the public interest in the field of public health, such as protection against serious cross-border threats to health or the provision of high quality and safety of healthcare, medicines and medical devices, and under Union or Member State law which provides for appropriate and specific measures to guarantee the rights and freedoms of the data subject, and in particular professional secrecy;

  5. in the public interest in the field of public health and the processing of such data by or under the responsibility of a professional; who is bound by professional secrecy as laid down in Union or Member State law or in rules laid down by the competent authorities of the Member States, and by another person who is also subject to an obligation of confidentiality laid down in Union or Member State law or in rules laid down by the competent authorities of the Member States;

  6. for archiving in the public interest, for scientific and historical research purposes or for statistical purposes, where the right of erasure would be likely to make it impossible or seriously jeopardize such processing; 4; or

  7. to submit, assert or defend legal claims.

Right to restrict data processing:

At the request of the data subject, the Data Controller shall restrict the data processing if one of the following conditions is met:

  1. the data subject contests the accuracy of the personal data, in which case the restriction shall apply for a period which allows the data subject to verify the accuracy of the personal data.
  2. the processing is unlawful and the data subject opposes the erasure of the data and instead requests that their use be restricted;
  3. the Data Controller no longer needs the personal data for the purpose of data processing, but the data subject requests them in order to submit, enforce or protect legal claims; or
  4. the data subject has objected to the data processing in connection with the data processing of the Data Controller based on the public interest or a legitimate interest; in that case, the restriction shall apply for as long as it is established whether the legitimate reasons of the controller take precedence over the legitimate reasons of the data subject.

If the processing is subject to a restriction on the basis of the above, such personal data, with the exception of storage, shall be subject to the consent of the data subject or to the submission, enforcement or protection of legal claims, or to protect the rights of another natural or legal person, or in the important public interest of the European Union or of a Member State.

The Data Controller shall inform the data subject, at whose request the data processing has been restricted on the basis of the above, of the lifting of the data processing restriction in advance.

Right to data portability:

The data subject has the right to receive the personal data concerning him / her made available to the Data Controller in a structured, widely used, machine-readable format, it is also entitled to transfer this data to another data controller without being hindered by the Data Controller if the data processing is based on consent or a contract and the data processing is carried out in an automated manner.

In doing so, the data subject shall have the right, if technically feasible, to request the direct transfer of personal data between data controllers.

The exercise of the right to data portability shall not infringe the right of erasure ("forgetting"). That law does not apply where the processing is in the public interest or necessary for the performance of a task carried out in the exercise of its public powers conferred on the controller.

The right to data portability must not adversely affect the rights and freedoms of others.

Right to protest:

The data subject has the right to object to the processing of his / her personal data by the Data Controller at any time (for reasons related to his / her own situation), if the legal basis of the data processing is the performance of a task performed in the public interest or in the exercise of a public authority conferred on the Data Controller, or the need to enforce the legitimate interests of the Data Controller or a third party, including profiling based on those claims. In this case, the Data Controller may no longer process the personal data, unless it can be demonstrated that the processing is justified by compelling legitimate reasons, which take precedence over the interests, rights and freedoms of the data subject, or relating to the filing, enforcement or defense of legal claims.

Where personal data are processed for the direct purpose of obtaining a business, the data subject shall have the right to object at any time to the processing of personal data concerning him or her for that purpose, including profiling insofar as it relates to direct business acquisition. If the data subject objects to the processing of personal data for the direct acquisition of business, then personal data may no longer be processed for this purpose.

Right of withdrawal:

The data subject is entitled to the fact that if the data controller’s data management is based on his or her consent, it shall withdraw its consent at any time. Withdrawal of consent shall not affect the lawfulness of the consent-based dat. a processing prior to withdrawal.

Procedure in the event of an application by a data subject concerning the exercise of the above rights:

The Data Controller shall, without undue delay, but no later than within one month of receipt of the request, inform the data subject of the action taken on his or her request. If necessary, taking into account the complexity of the application and the number of applications, this time limit may be extended by a further two months.

The Data Controller shall inform the data subject of the extension of the deadline, indicating the reasons for the delay, within one month from the receipt of the request. If the data subject has submitted the request by electronic means, the information shall, as far as possible, be provided by electronic means, unless the data subject requests otherwise.

If the Data Controller does not take action on the basis of the data subject's request, it shall inform the data subject of the reasons for the non-action without delay, but no later than within one month from the receipt of the request,and that the person concerned may lodge a complaint with a supervisory authority and have the right to a judicial remedy.

The Data Controller shall provide the requested information and details free of charge, provided that, if the data subject's request is manifestly unfounded or, in particular due to its repetitive nature, excessive, the Data Controller may charge a reasonable fee or refuse to act on the request, taking into account the administrative costs of providing the requested information or action or taking the requested action.

The Data Controller shall inform all recipients to whom or with whom the personal data have been communicated of any rectification, erasure or restriction on data processing, unless this proves impossible or requires a disproportionate amount of effort. Upon request, the Data Controller shall inform the data subject of the identity of these recipients.

Personal information about children and third parties

Persons under the age of 16 may not provide personal information unless they have been asked for permission from a person exercising parental responsibility. By making the personal data available to the Data Controller, the parent, as a data subject, declares and guarantees that he / she will act in accordance with the above, its capacity to act in relation to the provision of information is not limited.

If you are not legally entitled to provide any personal data independently, you are obliged to obtain the consent of the third parties concerned (e.g. legal representative, guardian, other person, such as the consumer, on whose behalf acting), or provide another legal basis for making the data available. In this context, you must consider whether the consent of a third party is required in connection with the provision of the personal data in question. The Data Controller may not come into personal contact with you, so you are obliged to ensure compliance with this section and the Data Controller is not liable in this connection. Regardless of this, the Data Controller is always entitled to check whether the appropriate legal basis for the processing of any personal data is available. For example, if you are acting on behalf of a third party, such as a consumer, we are entitled to request your authorization and / or the data subject's appropriate consent to the processing of the data.

The Data Controller will make every effort to delete any personal data that has been made available without authorization. The Data Controller ensures that, if it becomes aware of this, this personal data will not be transferred to another person or used by the Data Controller.

Please let us know immediately at the contact details provided in the Contact Details section if you become aware that a third party has unauthorizedly provided personal data about you to the Data Controller.

Contact Information

Please send any questions or requests related to your personal data and data management stored in the system to the e-mail address info@animalsoft.hu or in writing to our address at 613 Pauler utca 6, Budapest, or contact us by phone at +36/30 326 -0589. Please note that we are only able to provide information or take action on the processing of your personal data for your benefit if you have provided credible proof of identity.

Legal remedy

If you have any questions, requests or comments regarding the processing of your personal data, please contact us at one of the contact details provided in this Prospectus.

You can initiate an investigation at the National Data Protection and Freedom of Information Authority [mailing address: 1530 Budapest, Pf .: 5., phone: +36 (1) 391-1400, email: ugyfelszolgalat@naih.hu, website: www.naih.hu] on the grounds that there is an infringement or imminent threat of an infringement of the processing of your personal data.

If the data subject’s rights, are violated he / she may also take legal action against the Data Controller. The court is acting out of turn in the case. The Data Controller is obliged to prove that the data processing complies with the provisions of the law. The trial falls within the jurisdiction of the tribunal. The action may, at the option of the person concerned, also be brought before the court of the place where the person concerned is domiciled or resident.

11Profiling is any form of automated processing of personal data in which personal data is used to assess or predict certain personal characteristics of the user (eg characteristics related to personal preferences, interests, health, behavior, location or movement)..

2 Short data files placed on the user's computer (or other devices such as a mobile phone) by the website being visited. The purpose of the cookie is to facilitate the given infocommunication and internet service, to make it more convenient, and to provide the owner of the website with information. There are many varieties, but they can generally be classified into two major groups. One is a temporary cookie that the website only places on a user's device during a specific session (e.g. during security authentication), the other is a type of persistent cookie (e.g.: recording permanent settings) that stays on your device for a longer period of time (this also depends on the settings of your device or browser).

3 Privacy Incident: A security breach that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access to personal information that is transmitted, stored, or otherwise handled.

4The processing of personal data for archiving purposes in the public interest, for scientific and historical research purposes or for statistical purposes shall be subject to appropriate safeguards to protect the rights and freedoms of the data subject. These guarantees must ensure that technical and organizational measures are in place to ensure, in particular, that the principle of data protection is observed. E These measures may include pseudonymisation, provided that such objectives can be achieved in this way. If these purposes can be achieved through further processing of the data in a way that does not or no longer allows the identification of data subjects, the purposes shall be achieved in this way.