PRIVACY POLICY

Purpose of the Privacy Policy

Kvochkin Aleksandr, EV (address, hereinafter referred to as the "Service Provider," "Data Controller") acknowledges the content of this legal notice as binding. The Data Controller commits to ensuring that all data processing activities related to its operations comply with the principles outlined in this policy, as well as applicable national laws and the legal acts of the European Union.
The Data Controller’s data protection guidelines are continuously available at https://lookathu.com.

The Data Controller reserves the right to modify this notice at any time. In the event of changes, the public will be duly informed in a timely manner.
If you have any questions related to this notice, please contact us, and one of our colleagues will respond to your inquiry.

The Data Controller is committed to protecting the personal data of its clients and partners, and places high importance on respecting clients' rights to informational self-determination. The Data Controller handles personal data confidentially and takes all necessary security, technical, and organizational measures to ensure data protection.

Contact Information of the Data Controller

If you wish to contact our Company, you can reach the Data Controller via email or phone.
The Data Controller will delete all emails received with personal data within … years from the date of the communication.
Name: Kvochkin Aleksandr, EV
Registered Office: Budapest 1135, Szent László Street 48-50, B/2/15
Registration Number: 50848445
Tax Number: 67847659141
Phone: +36 20 410 1959
Email: alexander@lookathu.com

Data Protection Officer

Name: Kvochkin Aleksandr
Phone: +36 20 410 1959

Scope of Processed Personal Data

Personal data required during registration.
A detailed list of personal data requested during registration.

Technical Data
The Data Controller selects and operates IT tools for personal data processing in such a way that the processed data:

• is accessible to authorized persons (availability);
• its authenticity and verification are ensured (data processing credibility);
• its integrity is verifiable (data integrity);
• is protected from unauthorized access (data confidentiality).

The Data Controller ensures that the data is protected against unauthorized access, alteration, transmission, disclosure, deletion, destruction, or accidental loss through appropriate security measures.
The Data Controller implements technical, organizational, and procedural measures to ensure the security of data processing, providing a protection level adequate to the risks associated with data processing.
During data processing, the Data Controller maintains:

• Confidentiality: protects the information so that only authorized individuals can access it;
• Integrity: ensures the accuracy and completeness of the information and the processing method;
• Availability: ensures that authorized users can access the information when needed, with the necessary tools available.

Cookies

Purpose of Cookies

Cookies serve to:

• Collect information about visitors and their devices;
• Remember visitors’ individual settings, which may be used, for example, when making online transactions, so they do not need to be re-entered;
• Facilitate the use of the website;
• Provide a high-quality user experience.

For personalized service, a small data packet, known as a cookie, is placed on the user’s computer, which is read upon later visits. If the browser returns a previously saved cookie, the cookie handler may link the current visit to previous ones, but only concerning its own content.

Duration of Data Processing

The storage duration for each cookie can be found here:
Google General Cookie Information:
https://www.google.com/policies/technologies/types/
Google Analytics Information:
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en
Facebook Information:
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

Legal Background and Legal Basis for Cookies:

The legal basis for data processing is your consent, in accordance with Article 6(1)(a) of the Regulation.

Main Features of the Cookies Used by the Website:

Strictly Necessary Cookies:

These cookies are essential for the proper functioning of the website and enable basic functions to be used. Without these cookies, many features of the site will not be available to you. The lifespan of these cookies is limited to the duration of the session.

Cookies for Enhancing User Experience:

These cookies collect information about the user’s website usage, such as which pages are visited most frequently or what error messages are received from the site. These cookies do not collect information that can identify the visitor, meaning they work with completely anonymous data. The data collected from these cookies is used to improve the website’s performance. The lifespan of these cookies is limited to the duration of the session.

Third-Party Cookies (Analytics):

Google AdWords Cookie:

When someone visits our site, the visitor’s cookie identifier is added to the remarketing list. Google uses cookies, such as NID and SID cookies, to customize ads in Google products, such as Google Search. These cookies are used to remember your recent searches, interactions with specific advertisers’ ads or search results, as well as visits to advertisers’ websites. The AdWords conversion tracking feature uses cookies. The cookies are saved on the user’s computer when the person clicks on an advertisement, to track sales and other conversions resulting from the ad. Some common uses of cookies are: selecting ads based on relevance for the user, refining reports on campaign performance, and avoiding showing ads the user has already viewed.

Google Analytics Cookie:

Google Analytics is Google’s analytical tool that helps website and app owners gain a clearer picture of their visitors’ activities. The service uses cookies to collect and report statistical data on website usage without identifying individual visitors to Google. The primary cookie used by Google Analytics is the “__ga” cookie. In addition to reports based on website usage statistics, Google Analytics – together with some of the advertising cookies mentioned above – is used to display more relevant ads across Google products (such as Google Search) and across the web.

Remarketing Cookies:

These cookies allow ads to be displayed to previous visitors or users on other websites within the Google Display Network or when searching for terms related to their products or services.

Session Cookies:

These cookies store the visitor’s location, browser language, and payment currency. Their lifespan is limited to the browser session or a maximum of 2 hours.

Mobile Version/Design Cookies:

These cookies detect the device used by the visitor and switch to the full view on mobile. Their lifespan is 365 days.

Cookie Acceptance Cookie:

This cookie records the user’s acceptance of the cookie storage declaration when they arrive on the site. Its lifespan is 365 days.

Facebook Pixel (Facebook Cookie):

The Facebook Pixel is a code that helps generate conversion reports, create target audiences, and provides the website owner with detailed analytics on visitors' interactions with the site. Using the Facebook Pixel, the website can show personalized offers and ads to visitors on Facebook. You can study Facebook’s privacy policy here:

https://www.facebook.com/privacy/explanation

If you do not accept the use of cookies, certain functions will not be available to you. You can find more information on deleting cookies through the following links:

• Internet Explorer: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11
• Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
• Mozilla: https://support.mozilla.org/hu/kb/weboldalak-altal-elhelyezett-sutik-torlese-szamito
• Safari: https://support.apple.com/kb/ph21411?locale=en_US
• Chrome: https://support.google.com/chrome/answer/95647

Data Related to Online Orders
Data Related to Online Transactions
Data Related to Newsletters
Data Processing Activities Related to Newsletter Sending

The name of the company operating the newsletter system: Kvochkin Aleksandr, EV
The registered office of the company operating the newsletter system: Budapest 1135, Szent László Street 48-50
Phone number of the company operating the newsletter system: +36 20 410 1959
Email address of the company operating the newsletter system: alexander@lookathu.com

The Data Processor collaborates with the Data Controller under a contract to assist in sending newsletters. During this process, the Data Processor handles the data of the affected individual (name and email address) as necessary for the newsletter sending.
Description of the options for subscribing to or unsubscribing from the newsletter and ensuring the ability to unsubscribe.

Purpose, Method, and Legal Basis of Data Processing

General Data Processing Guidelines:

The data processing activities of the Data Controller are based on voluntary consent or legal authorization. In the case of data processing based on voluntary consent, data subjects can withdraw their consent at any stage of the data processing.
In certain cases, the processing, storage, and transmission of a given set of data is required by law, and we will inform our clients about this separately.
We draw the attention of those providing data to the Data Controller that if they are not providing their own personal data, it is the provider's responsibility to obtain the data subject's consent.
The principles of data processing are in line with the applicable data protection laws, especially with the following:

• Act CXII of 2011 – on the right to informational self-determination and freedom of information (Infotv.);
• Regulation (EU) 2016/679 of the European Parliament and Council (April 27, 2016) – on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR);
• Act V of 2013 – on the Civil Code (Ptk.);
• Act C of 2000 – on accounting (Számv. tv.);
• Act LIII of 2017 – on the prevention and suppression of money laundering and terrorist financing (Pmt.);
• Act CCXXXVII of 2013 – on credit institutions and financial enterprises (Hpt.).

Physical Locations of Data Storage

Your personal data (i.e., those data that can be related to you personally) may be processed in the following ways: on the one hand, technical data generated in our computer system may automatically be recorded as part of maintaining an internet connection, related to the computer, browser, internet address, and the visited pages you use. On the other hand, you may also provide your name, contact information, or other data if you wish to contact us personally during your use of the website.
The technical data automatically recorded during the operation of the system: the data of the computer logging in, which are generated during voting and automatically recorded by Kvochkin Aleksandr, EV's system as part of technical processes. These automatically recorded data are logged by the system without the data subject's separate statement or action upon logging in or out. This data cannot be linked to other personal user data, except in cases where it is required by law. The data is accessible solely by Kvochkin Aleksandr, EV.

Data Transfer, Data Processing, and Access to Data

A detailed list of companies involved in data transfer, storage, and access. The names and contact details of the relevant companies (e.g., accounting, invoicing, shipping, CRM system, online payment, etc.).

Name of the Data Processor:
Kvochkin Aleksandr, EV

Address of the Data Processor:
1135 Budapest, Szent László Street 48-50

Phone number of the Data Processor:
+36 20 410 1959

Email address of the Data Processor:
alexander@lookathu.com

The Data Processor assists the Data Controller in keeping records of orders based on a contract. During this process, the Data Processor handles the data subject's name, address, phone number, order numbers, and order dates within the civil legal limitation period.

Rights of Data Subjects and Enforcement of Rights

During the data processing period, you are entitled to the following rights in accordance with the Regulation:

• Right to withdraw consent
• Right of access to personal data and information related to data processing
• Right to rectification
• Right to restrict processing
• Right to erasure
• Right to object
• Right to data portability

If you wish to exercise your rights, identification will be required, and the Data Controller must communicate with you accordingly. Therefore, for identification purposes, personal data will need to be provided (but identification can only be based on data the Data Controller already holds about you). Additionally, your complaint regarding data processing will be accessible in the Data Controller's email account within the specified period mentioned in this notice. If you were a customer and wish to identify yourself for complaint handling or warranty issues, please provide your order identification as well. This will help us identify you as a customer.
Data processing complaints will be responded to within 30 days.

Right to Information

The Data Controller will take appropriate measures to ensure that data subjects are provided with all information related to the processing of personal data in accordance with Articles 13 and 14 of the GDPR, as well as with all notifications under Articles 15–22 and 34 of the Regulation in a concise, transparent, intelligible, and easily accessible format, clearly and understandably.

Right of Access to Personal Data

You are entitled to receive feedback from the Data Controller on whether your personal data is being processed, and if such processing is taking place, you are entitled to:

• Access to the processed personal data, and
• Information from the Data Controller regarding:
• The purposes of the data processing;
• The categories of personal data concerning you that are being processed;
• Information on the recipients or categories of recipients to whom or with whom the personal data has been or will be disclosed;
• The planned duration of the data storage, or, if not possible, the criteria used to determine that period;
• Your right to request the rectification, erasure, or restriction of processing of your personal data, and your right to object to the processing based on legitimate interests;
• The right to lodge a complaint with a supervisory authority;
• If the data was not collected from you, all available information about its source;
• The existence of automated decision-making, including profiling, and at least the logic involved, as well as the significance and the expected consequences of such processing for you.

The exercise of this right may aim at determining and verifying the lawfulness of the data processing, and the Data Controller may charge a reasonable fee for repeated requests for information.

The Data Controller ensures access to personal data by sending the relevant data and information to you via email after identifying you. If you have registered, access will be provided through your user account, where you can view and verify the personal data being processed.

Please specify in your request whether you are requesting access to your personal data or to information related to the data processing.

Right to Rectification

You are entitled to request that the Data Controller promptly rectify any inaccurate personal data related to you.

Right to Erasure

The data subject has the right to request the deletion of their personal data without undue delay in the following cases:

• The personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
• The data subject withdraws their consent on which the processing is based, and there is no other legal ground for the processing;
• The data subject objects to the processing, and there is no overriding legitimate reason for the processing;
• The personal data has been unlawfully processed;
• The personal data must be erased to comply with a legal obligation under EU or Member State law;
• The personal data was collected in relation to offering information society services.

Erasure of data cannot be requested if the processing is necessary:

• For the exercise of the freedom of expression and the right to information;
• To comply with a legal obligation under EU or Member State law applicable to the Data Controller, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
• For public health purposes, archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes based on public interest;
• For the establishment, exercise, or defense of legal claims.

Right to Restriction of Processing

The Data Controller shall restrict the processing of personal data upon the request of the data subject if one of the following conditions applies:

• The data subject contests the accuracy of the personal data, in which case the restriction will apply for the period necessary to verify the accuracy of the personal data;
• The processing is unlawful, and the data subject opposes the erasure of the data and instead requests the restriction of its use;
• The Data Controller no longer needs the personal data for processing purposes, but the data subject requires it for the establishment, exercise, or defense of legal claims;
• The data subject has objected to the processing; in this case, the restriction applies for the time necessary to verify whether the legitimate grounds of the Data Controller override the rights and freedoms of the data subject.

If processing is restricted, personal data may only be processed with the consent of the data subject, or for the establishment, exercise, or defense of legal claims, or to protect the rights of another natural or legal person, or for important public interest reasons of the EU or a Member State.

Right to Data Portability

If the processing is carried out by automated means or is based on your voluntary consent, you have the right to request that the Data Controller provide you with the data you have provided to them in a structured, commonly used, and machine-readable format (such as XML, JSON, or CSV format). If technically feasible, you can request the Data Controller to transmit this data to another data controller.

Right to Object

The data subject has the right to object at any time, on grounds related to their particular situation, to the processing of their personal data for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller, or for the purposes of pursuing the legitimate interests of the Data Controller or a third party, including profiling based on these provisions. In case of objection, the Data Controller may no longer process the personal data unless there are compelling legitimate grounds for the processing, which override the interests, rights, and freedoms of the data subject, or the processing is for the establishment, exercise, or defense of legal claims.

Automated Decision-Making, Including Profiling

The data subject has the right not to be subject to decisions based solely on automated processing, including profiling, that have legal effects concerning them or significantly affect them in a similar way.

Right to Withdraw Consent

The data subject has the right to withdraw their consent at any time.

Right to Go to Court

If the data subject's rights are violated, they may seek a remedy in court. The court will process the case on an expedited basis.

Supervisory Authority Procedure

A complaint can be filed with the National Authority for Data Protection and Freedom of Information:

• Name: National Authority for Data Protection and Freedom of Information
• Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C. Mailing address: 1530 Budapest, P.O. Box 5.
• Phone: 0613911400
• Fax: 0613911410
• Email: ugyfelszolgalat@naih.hu
• Website: www.naih.hu

Other Provisions

Any data processing not listed in this notice will be informed at the time of data collection.

We inform our clients that authorities such as courts, prosecutors, investigative authorities, public administrative authorities, the National Authority for Data Protection and Freedom of Information, the Hungarian National Bank, or other bodies empowered by law may request data from the Data Controller for information provision, disclosure, transmission, or making documents available.

The Data Controller will only disclose personal data to authorities to the extent necessary for the purpose of the request, provided the authority specifies the precise purpose and the scope of the data.

This document contains all relevant information regarding data processing in relation to the operation of the webshop, in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter: Regulation, GDPR) and Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (hereinafter: Infotv.).