Effective: 29 April 2025
This policy provides an overview of what personal data we collect from users on our website https://www.polinvent.com/ (the "Website") and on our other interfaces (e.g. Facebook, Instagram), how we use and transfer this personal data, how data subjects can obtain information about the data provided, and what security measures we take to protect users' personal data.
POLINVENT Kft. cares about the protection of the personal data of its users, and therefore, in all operations (e.g. collection, processing and transmission), when processing personal data, it complies with the applicable EU and Hungarian legislation, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council - General Data Protection Regulation of the European Union (hereinafter: GDPR).
Regarding the processing of personal data indicated in this information, the processing of personal data is carried out by POLINVENT KFT (registered office: 2360 Gyál, Bánki Donát utca 22., company registration number: 13-09-197070, authorised representative: Attila Áron Nagy, managing director, hereinafter referred to as POLINVENT). Users may send their requests and questions regarding the protection of personal data and the exercise of their data subject rights to one of the following contact details:
Personal data is any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, telephone number, bank details, IP address.
When using our website, the following data is recorded as a log file on the website server:
The data collected in this way is used for internal, system operation and statistical purposes only. The data will not be stored together with other personal data of the user.
The data stored in the log files also ensure the functionality of the website. We use this data to optimise our website and to ensure the security of our IT systems. We do not use the data recorded in the log files for marketing purposes.
We process the log files for the purposes of data processing in accordance with Article 6(1)(f) of the GDPR to assert our legitimate interest in the proper functioning of the site and the collection of statistical data.
The data is deleted as soon as it is no longer necessary for the purpose for which it was collected:
If user IP addresses recorded in log files are deleted or changed, they can no longer be assigned to the client browsing the website.
Given the fact that the processing and storage of the data is necessary for the functioning of the website, the data subject cannot object to this processing.
On the website, the visitor can contact the data controller. The visitor can indicate his/her interest in the data controller's products by using the contact form. In the contact form, the name and e-mail address of the visitor must be provided. By filling in the form, the visitor as data subject declares that he/she has read the data controller's Privacy Notice. The personal data provided for this purpose will be processed by the data controller solely for the purpose of contacting you. After contacting the data subject, the data controller shall delete the personal data of the interested party without undue delay and at the latest within 3 working days. The processing is carried out for the purpose of establishing the contract on this legal basis.
On the website of the controller, the data subject declares that he or she is over 18 years of age in relation to the use of the customer contact form. A person under 18 years of age may not contact the controller via the customer contact form, given that, pursuant to Article 8(1) of the GDPR, the validity of his or her consent to processing requires the consent of his or her legal representative. The controller is not in a position to verify the age and entitlement of the person giving consent, so the data subject warrants that the data he or she has provided are accurate.
Users may register on our website in order to place an order. Registration is possible by providing the following data:
In addition to the above, the date and time of registration will also be saved. The above information is required for registration.
By registering, the user acknowledges the contents of this Privacy Policy and by clicking on the "Submit" button, the user expressly agrees that his/her data may be used for the following purposes after registration:
The legal basis for the processing of personal data is the consent of the data subject, i.e. Article 6(1)(a) GDPR.
We delete the data as soon as it is no longer necessary for the purpose for which it was collected, so we process the data until the registration is cancelled or the consent is withdrawn.
Please note that if you withdraw your consent to data processing, your registration (account) will be deleted, but we will continue to process your data relating to your purchases.
We process the following data when you make purchases through this website:
If you are registered, we will automatically use your registration details for your purchase after you log in to the website.
The processing of data relating to purchases is necessary for the performance of contracts and to comply with applicable civil law, consumer protection, accounting, tax and related procedural legislation, and the legal basis for the processing of such data is Article 6(1)(b) and (c) of the GDPR.
If you are the beneficiary of a given purchase (the purchased product is delivered to you, but you did not order it), or a contact person of the legal person of the purchaser, we process your data based on our legitimate interest in the performance of the contract, in accordance with Article 6(1)(f) of the GDPR.
We will delete your purchase data as soon as it is no longer necessary to fulfil contracts and/or other legal obligations.
We inform the persons concerned by the processing of personal data in connection with purchases that we process their personal data until the end of the year following the expiry of the general limitation period (5 years) for the purposes of protecting our rights, internal records and controls, based on our legitimate interest.
In the event of legal, administrative or other proceedings, we will process them on the basis of our legitimate interest for the period necessary for the proceedings, even beyond the period indicated above.
Payment details are processed together with your purchase details. You can only pay online by credit card through Stripe.
Stripe is a technology company building the economic infrastructure for the internet. It enables businesses of all sizes - from start-ups to public companies - to accept payments and manage their businesses online.
Paying by credit card is a convenient and secure way to shop in our Webshop. After ordering the goods you have selected, you will be redirected to the Stripe interface, where you can pay with your credit card through the encrypted transaction currently considered the most secure by Stripe.
Security is based on the separation of data. The Webshop receives the order information from the customer, and Stripe receives only the card details required for the payment transaction on the TLS encrypted payment page.
The Webshop is not informed of the data content of the payment page, which can only be accessed by Stripe. The result of the transaction will be communicated to the Webshop page after payment. To pay by card, your Internet browser must support SSL encryption. The value of the goods/services purchased, the amount paid, will be blocked immediately on your card account.
All our customers must do is click on "Pay online by credit card" when selecting a payment method, and then enter the credit card number, expiry date, three-digit security code and the name on the credit card in the Stripe payment interface.
Stripe's online payment system allows you to pay with MasterCard; VISA; American Express; Apple Pay; Google Pay.
We can only accept cards issued for electronic use only if the bank issuing the card authorises its use! Please check with your bank whether your card can be used for online purchases.
Confirmation of all transactions (including unsuccessful ones) will be sent to the email address provided at the time of purchase.
We will not pass on any additional costs associated with the payment method to our customers, but your service provider (e.g. credit card issuer, PayPal) may deduct other costs beyond our control.
Users are entitled to contact us using the e-mail contact details on our website, where we process the following data:
The data generated during the contact process and any subsequent correspondence will be processed for the purposes of maintaining contact with you, responding to your inquiries, fulfilling your requests, and handling any complaints. Additionally, we process this data based on our legitimate interests for the protection of our rights, internal record-keeping, audits, and quality assurance, as well as to comply with our legal obligations. Therefore, the legal basis for processing this data is Article 6(1)(c) and (f) of the GDPR.
In accordance with the above, the data processed in connection with contacting us and maintaining communication will be retained until the end of the year following the general statute of limitations period (5 years). In the event of legal, official, or other proceedings, we may process this data beyond the aforementioned period based on our legitimate interests, for the duration necessary for such proceedings.
We use various technologies on the Website that involve(s) the use of your personal data, details of which are available in our Cookie Notice.
The personal data you provide will be shared with and/or accessed by the following partners, who will further process your data as independent data controllers:
Office: 1185 Budapest, BUD International Airport Terminal 1, DHL building 302.
Company registration number: 01-09-060665
Web: www.dhl.hu
Purpose of data processing: parcel delivery service
Data transferred: name, postcode and address of the User, billing name and address.
We use the following data processors for data processing:
In addition to the above, we may transfer your data to third parties only to our legal, financial and claims management partners and to public authorities and courts, will inform you in advance or obtain your consent to transfer data to other third parties.
We undertake several security protocols to safeguard your personal data. The information we process is protected through physical and technological means to ensure access is restricted solely to duly authorized personnel.
Our information technology infrastructure is fortified by a dedicated hardware firewall to prevent unauthorized access from external networks. Access to personal data is limited to those employees within our organization who require such access to fulfill their designated responsibilities. These employees receive comprehensive training in security and data privacy practices. To secure the acquisition and transmission of personal information via our website, we employ standardized Secure Sockets Layer (SSL) encryption technology. During the order processing phase, personal information is transmitted through SSL-encrypted communication, indicated by the padlock symbol in the web browser and the "https://" prefix in the address bar.
You are advised to maintain the confidentiality of your password and refrain from disclosing it to third parties for website access. Furthermore, it is recommended that you periodically update your password. We strongly counsel against utilizing the same password for accessing our website as you employ for other password-protected online platforms, such as email accounts and online banking services.
Upon concluding your session on our website, it is prudent to log out of your account and close your browser to mitigate the risk of unauthorized access. Please be aware that we cannot provide an absolute guarantee of data security for communications conducted via electronic mail.
As a data subject under the GDPR, you possess the following rights concerning your personal data that we, as the data controller, process:
You have the right to inquire whether we are processing your personal data. If we are, you are entitled to access that data and receive pertinent details about the processing activities, including the reasons for processing and who the data may be shared with.
Should your personal data be inaccurate, you have the right to request that we rectify it promptly. Taking into account the reasons for processing, you may also request that incomplete data be completed, which can include providing additional information.
You have the right to have your data erased, without undue delay, by the data controller, if one of the following grounds applies:
The above does not apply in cases where the processing is necessary:
You shall have the right to obtain from the controller restriction of processing where one of the following applies:
As a data subject, you have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, machine-readable format and the right to transmit such data to another controller without our hindrance, if:
In exercising this right, you have the right to request, where technically feasible, the direct transfer of personal data between controllers.
The exercise of this right must not adversely affect the rights and freedoms of others.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data based on Article 6(1)(e) or (f) of the GDPR (processing necessary for the performance of a task carried out in the exercise of official authority or processing carried out for the purposes of the legitimate interests pursued by the controller), including profiling based on those provisions. In this case, we may no longer process the personal data, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
If your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such purposes, including profiling, if it is related to direct marketing. If you object to the processing of your personal data for direct marketing purposes, your personal data will no longer be processed for these purposes.
If you have any questions, comments or complaints about our processing or if you wish to exercise any of the rights set out above, please contact us using one of the contact details below:
In the event that you consider the processing of your personal data to be non-compliant with applicable regulations, or if you have incurred damages as a consequence of such processing, you are entitled to pursue the following remedies:
We reserve the right to unilaterally change this Privacy Notice and its annex without prior notice. Therefore, please check this website regularly for any changes to this Privacy Notice.