GDPR. statement

GDPR statement

Name of the data handler:

Company name: The Magic Baits

Head office: 19 Festival Park Omagh

BT78 1JW

United Kingdom

Managing Director: Csaba Hajagos

E-mail: www.themagicbaits@gmail.com

Phone: +447900781726

Website: https://themagicbaits.ewk.hu

Company registration number: 8679290354

EU tax number: HU14366516

Contributing statement for handling personal information

I will voluntarily and expressly contribute to the management of my data during the visit, subscription, registration, and registration of Csali Hungária

electronic sites (https://themagicbaits.ewk.hu/registration/Facebook ads, ads).

By recording my details, I declare that I am a person of 18 years of age or older. I represent a legal person or other organization without legal personality and

I represent a person or a person I represent. I am an authorized person to represent the organization and to provide the consent for the processing of this information.

I declare that no special personal information will be made available to you during the registration or later in any form whatsoever for "The Magic

Bait". Special personal data are, inter alia, racial or ethnic origin; political opinions; religious and philosophical beliefs; trade union membership;

genetic or biometric data that are suitable for identifying the person; health data, or sexual orientation data.

I declare that I can not provide a personal identification number - examples without completeness: passport number, personal number, ID card number,

address card number, license number - I do not provide for "The Magic Bait".

With my consent, I acknowledge that The Magic Bait can send me messages, briefings, event invitations and phone calls related to the scope of my

activity.

I may revoke my consent to manage my information at any time by submitting a request sent to us via the terms provided in the prospectus, such as

themagicbaits@gmail.com.

Legal basis based on legitimate business interests

If you fill in your form and give your interest in the services of Csali Hungária, your application is considered a contract. In this case, the

legal basis for Personal Data Processing will be a legal interest based on a legitimate business interest under the GDPR Decree. From this altered legal

right, your rights and personal data will not be changed, this only means that during the preparation of the contract, if you do not request the process

to be terminated, your Personal Data will continue to be processed for the purpose of preparing the contract and for your purposes.

In the case of orders, a contractual legal basis

If you order a service from Csali Hungária, you will be a buyer under the conditions detailed in the Terms and Conditions. In this case, the legal basis

for your personal data processing will be a contractual legal basis under the GDPR regulation. From this changed legal right, your rights and personal

data will not be changed, this only means that the contract will be revoked during the term of the contract, and will continue to handle your personal

data in order to perform the contract.

As soon as the contract is completed or terminated, the legal basis for your data management changes again and your personal information is further

processed by law.

After termination or performance of a contract by law

Regarding the details on the invoice, we are required to continue to handle your Personal Data by law.

Rights

You have the following rights. In connection with these, we have to respond within a maximum of 1 month of GDPR. We will do everything we can to react

much earlier.

Right to information

You may be required to provide us with information about our personal information that we are managing. You may request access to this information

At any time, you may be able to request information in writing by sending a valid check-in letter sent to our address or by e-mail to

www.themagicbaits@gmail.com. The request for information sent by letter is considered authentic if it is clearly identifiable on the basis of the request

sent.

Email Requests are considered authentic only if they are sent from a registered email address but this does not preclude identifying it for

security reasons before providing information.

The request for information may cover the data we manage, their source, the purpose, the legal basis, the duration of the data processing, the names and

addresses of the data processors, the activities related to data management and, in the case of the transmission of personal data, to whom and for what

purpose they have received or received their data.

Access right

If you are requested to provide information on whether your Personal Data is being processed, you will be given access to data management, data

categories, recipients, data storage, copyright, legal remedies, source data, automated decision making, and foreign data transfer in case of a yes

response.

Correction right

At any time, you may be able to request the correction or modification of your personal data by writing to us by email addressed to

to www.themagicbaits@gmail.com. Taking into account the purpose of data management, you may request the complete Personal Data Supplement.

Right to forgo (Right to rescind)

You may request the deletion of the Personal Data we manage. Cancellation may be refused (i) for the purpose of exercising the right to freedom of

expression and access to information, or (ii) where personal data is processed in the public interest (authorized by law); and (iii) be made in an

equitable private interest (to present, enforce or protect legal claims)

In any event, we will inform you of the refusal of the cancellation request, stating the reason for the cancellation. After the request for deletion of

personal data, previous (deleted) data can no longer be recovered.

Newsletters can be retrieved via the unsubscribe link.

Right to Restrict Data Management

You may request that your Personal Data be handled if you dispute the accuracy of your Personal Data being processed. In this case, the restriction

applies to the time period that allows us to verify the accuracy of Personal Data.

The Personal Data we manage, if you dispute its correctness or accuracy, but the incorrect or imprecise nature of the disputed Personal Data can not

be clearly identified.

You may request that your Personal Information be handled even if Data Management is illegal, but it opposes the deletion of the treated Personal Data

and instead asks for their use limitation.

You may also exercise this right if the purpose of the Privacy Policy is met but you require your data to be processed to claim, enforce or protect legal

claims.

If you object to data handling, we limit the management of your personal data, which limits the duration of the term until it is determined whether the

data controller's legitimate reasons prevail over the legitimate grounds of the data subject.

The right to data storage

You may request that Personal Data provided by you be handed over to you in a machine-readable, widely used, machine-readable format and / or forwarded

to another data controller.

Right to protest

You may object to the processing of Your Personal Data (i) if your personal data is solely required to fulfill our legal obligation or to enforce our

legitimate interests; (ii) if the purpose of Data Management is to direct business acquisition, polling or scientific research; or (iii) if Data

Management is performed in the interest of a public interest task.

We investigate the lawfulness of the protest and, if the grounds for the protest are established, Data Management will be terminated and the treated

Personal Data will be blocked, and any protest and any action taken against it will be notified to all persons for whom the Personal Data affected by the

protest were previously forwarded.

Purpose of data management

Protecting your rights.

Your identification, contact with you

Identify your entitlements.

Customize your system and marketing messages sent to you. Ensure targeted, relevant messages based on the area of interest, industry, company type,

decision-making and job position.

Customer support, consulting, product presentation, answering questions.

Creating statistics, analyzes and decision making. Based on this, coordinating content development and product development is to actually use functions

that are actually read.

Product development

Creation of contractual services, service quality and security conditions.

Compliance with our Legal Obligations.

Validating our legitimate business interests.

Treated data

We handle the information you provide:

Name

E-mail

phone number

Website

LinkedIn / Facebook profile link

Billing address, location, delivery address

To log data for security reasons:

Page Views / Feature

Exact time

IP address

Browser cookie / cookie

We build a profile for marketing purposes:

What problem is you looking for, why do you need a self-adhesive label?

What are the main aspects of decision making?

The profile construction is based on the data you provide. Our goal is to find the messages we send really interesting and relevant. Based on the profile

data, we aim manually with hand-made filters and we build newsletters. There is no automated data processing decision during the process.

Inquiries:

Logs our inquiries (form, phone, email, personal request) in the EXCEL table.

In this case, each customer has only the data needed for identification.

Name of processors

Company Name: The Magic Baits

Stored data: customer data, order history, invoices, inquiries for products, services

Marketing, Analytics

Name: Google LLC

Title: 1 Hacker Way, Menlo Park, California 94025

Telephone: N / A

E-mail: N / A

Website: https://www.google.com/

Stored data: website visit data, correspondence, individual contracts and bids, calendar entries, phone contacts, data based on filters based on

spreadsheets, unique user identities, visitor identifier cookies.

Operations: website visitation analysis, A / B test run, email service, document management, calendar service, phone contacts synchronization between

devices, online spreadsheet manager, targeted advertising (retargeting).

Targeted advertising display:

Name: Facebook Inc.

Address: 1600 Amphitheater Parkway, Mountain View, CA 94043, USA

Phone: +1 650-543-4800

E-mail: N / A

Website: https://www.facebook.com/

Stored data: website visit data, unique user identities, visitor identification cookie.

Actions: Displaying targeted advertisements (retargeting).

Booking

Name: Rory Gormley & co.ltd

Address: 35 Main Street Dromore, CoTyrone BT78 3AE United Kigdom

Phone: 02882898179

E-mail: infi@rorypgormley.co.uk

Stored data: account details, invoice items, invoice details of buyer and seller invoice.

Operations: bookkeeping, statutory reporting and reporting.

Webanalitics on the website

Please note that we use Google Analytics, Google Remarketing, AdWords Conversion Tracking, and Facebook Remarketing to measure the attendance and visitor

behavior of our Magic Baits websites, to make statistics and to improve the performance of your ads.

The programs referred to in the browser are so called. Cookies are placed, which store user unique identifiers. The websites of Csali Hungária Kft. Allow

visitors to use Google Analytics, Google Remarketing, AdWords Conversion Tracking and Facebook Remarketing. It also contributes to monitoring your

behavior, tracking it, and utilizing all the services provided by the programs.

Additionally, you can always disable the data capture and storage of cookies for the future as described below. Please note that the settings and usage

of Google Analytics, Google Remarketing, and Facebook Remarketing programs fully comply with the requirements of the Data Protection Authority.

According to Google, Google Analytics uses first-party cookies to report visitors' interactions on your site. These cookies record only personally

identifiable information. Browsers do not share their own cookies between domains. For more information on cookies, see the Google Ad and Privacy FAQ.

Google Analytics

"The Magic Baits" primarily uses information about how many visitors visited your site and how much time visitors spent on the website. "The Magic Baits

uses the program to produce statistics primarily for the production of its statistics, including the effectiveness of its campaigns. The program

recognizes the visitor's IP address so you can track whether the visitor is a returning or new visitor, as well as tracking the way the visitor has

entered the site and where he entered.

Facebook Remarketing

"The Magic Baits" uses Facebook's remarketing pixel to increase the effectiveness of Facebook ads, to build a remarketing list. So, after visiting the

Web site, you can show ads to an external service provider, such as Facebook. Remarketing lists are not suitable for person identification. The visitor's

personal information is not included, only the browser software is identified.

Disable cookies

If you want to manage or disable cookie settings, you can do this in your browser. This option can be found in the Cookies / Cookies / Tracking Features

Placements menu depending on the browser toolbar. Usually, you can use the Tools> Preferences> Privacy Settings to set which tracking features you enable

/ disable on your computer.

If you do not want Google Analytics to report on your visits, you can install the Google Analytics Disabling Browser Extension. This add-on instructs

Google Analytics JavaScript scripts not to send visitors information to Google. If you've installed the Disabling Browser Extension, you will not be

involved in the content experiment.

To disable Google Analytics web activity, visit the Google Analytics opt-out page and install the extension to your browser. For more information on

installing and uninstalling the extension, see the help for that browser.

Data Management Principles

The Data Controller manages the Personal Data in accordance with the principles of good faith and fairness and transparency, as well as the applicable

legislation and the provisions of this Prospectus.

The Personal Data is indispensable for the use of the Services by the Data Controller based on the consent of the User concerned and solely on purpose.

The Data Controller shall only disclose Personal Data in this Prospectus or in this Prospectus. for the purposes specified in the relevant legislation.

The scope of the Personal Data handled is proportionate to the purpose of data management and can not be expanded (data saving).

The personal data of a person who has not reached the age of 18 is not handled by "The Magic Baits".

The Data Controller transfers the Personal Data it manages to third parties in the present Prospectus - specified in the Data Processors and in some of

the references referred to in this Prospectus - outside the External Providers. Except as provided in this clause, the use of the data in a statistically

aggregated form that can not contain any other data capable of identifying the User concerned shall not constitute Data Management or Data Transmission.

In certain cases - in the case of official court, police inquiries, legal proceedings against copyright, property or other breaches or their reasonable

suspicion, the Data Controller violates the Data Manager's interests, endangers the provision of Services, etc. - make available to the third parties the

Personal Data available to the User concerned.

The Data Management System may collect data on the Activity of Users that can not be combined with other data provided by Users during registration, nor

with any other data generated by the use of other websites or services.

The Data Handler is responsible for correcting, limiting or limiting the personal data it manages. deletes the affected User and informs those who

previously transferred Personal Data for Data Management. Notification may be omitted if it does not prejudice the legitimate interest of the data

concerned for the purposes of Data Management.

The Data Controller shall ensure the security of Personal Data, take the technical and organizational measures and establish the procedural rules that

ensure that the recorded, stored or managed data are protected or preventing accidental loss, unauthorized destruction, unauthorized access, unauthorized

use and unauthorized alteration or unauthorized disclosure. In order to comply with this obligation, the Data Controller invites all third parties to

whom Personal Data is transmitted.

In view of the relevant provisions of GDPR, the Data Controller is not obliged to designate a Data Protection Officer.

The Data Controller is responsible for compliance with the principles.

Confidentiality

"The Magic Baits" handles the recorded data in confidence and does everything to ensure the security of the data, and uses them in the manner required

for the proper functioning of the Website. This includes email and sms sending to you and to the specified contact details you specify, in which case the

message will be sent via that provider.

"The Magic Baits" will never sell or loan personal information to third parties for marketing purposes. In case of a summons, court decision or legal

proceedings, if necessary, "The Magic Baits" may transfer your personal information and other relevant information.

In addition, "The Magic Baits" can assure or exercise your law-based rights and protect you against court proceedings.

"The Magic Baits" choose the IT tools used to manage the data in a secure way to ensure that the data processed can only be accessed for the "Magic

Baits", as authorized by it, in order to maintain the credibility of the data , there is no change in recorded data, other than the record-keeping

process, to protect recorded data against unauthorized access.

The information handled by "The Magic Baits" may be transmitted by an authority or by court order and by law, which will notify its users in the letter

"The Magic Baits" if it is not contrary to the official or judicial notice or the relevant legislation a prescription.

Access to our personal data

For our employees, we only provide the necessary access to work for the personal data we manage. All logs are logged, we have limited access to the

data-saving function.

Data backups are made using two-key encryption. Thus, the employees who have access to the data backup file do not even access the saved data, in the

absence of a "offline stored" key for delisting.

For servers with sharp data, you only have access to the narrowest required circuit - a server server team. All access is strictly log-in, with 3 factor

- VPN key, SSH key, user password authentication.

Data Security

Data security is a complex issue for sensitive business data management systems. In "THe Magic Baits", internal rules and processes ensure that data

security and privacy requirements are met in all areas:

Data Security

Network security

Separating data

availability

Data Recovery, Disaster Relief

Identification and access control

Security-conscious software development

All data stored in the MiniCRM is stored physically in the territory of the European Union or in a country that is considered equivalent to GDPR by the

GDPR and is subject to the EU Privacy Policy.

Technology

"The Magic Baits" regularly updates all applied software to protect known attack on platforms at all levels (Employee Tools, Server Operating System,

Virtualization Layer, Guest Operating System, Application).

Identification and access control

All access is only possible through trained user accounts to ensure traceability.

User accounts are protected by strong passwords, password strengths are provided in the app's built-in rules. Each password is stored as a highly

encrypted, one-way "salted" hash value.

Accounts are password protected by an automated blocking system that blocks the IP address and user account after several false attempts.

Data management duration

Depending on the requirements of GDPR, we handle your data with predetermined limitation time limits for each managed data circuit.

As a rule of thumb, detailed security logs for 90 days, other security logs are stored for 365 days.

Personal data after last contact for 365 days, except where a statutory requirement or performance of a contract requires a longer period of time.

Data transmission

We are authorized and are required to forward any Personal Data that is available to us and which we have legally stored to the competent authorities

which forcing us to transmit Personal Data is subject to statutory or final authority. Due to such data transfer and the resulting consequences, Data

Managers can not be held responsible.

If we transfer the operation or utilization of our service to a third party in whole or in part, we may disclose the Personal Data we have processed in

whole or in part to this third party, but we may also pass it on to the new operator with the appropriate prior information, provided that this transfer

can not in a disadvantageous situation as regards the data management rules indicated in the current text of this Prospectus. In the case of data

transfer under this paragraph, before the data is forwarded, we will be able to object to data transmission before the data is forwarded. In case of

protest, your data will not be forwarded according to this point.

The data controller shall keep a record of the data transmission of the personal data it manages, the legal basis and the addressee of the data transfer,

the data specified in the transmission of personal data and other data specified in the statutory provision for the data management in order to inform

the data concerned.

Updating the information, tracking legal changes

The prospectus is continuously reviewed and updated by the data controller in accordance with changes in the legal environment and the official

expectations. The User can be informed about the current Prospectus under the "Privacy Policy" section of Csali Hungária Kft.