Website disclaimer and data protection policy
This policy applies to every SciArt Design customer and/or prospect (individuals, though not companies or organisations) without distinction of your nationality or place of residence. The type of personal data we process and how it is processed depends on the services provided.
The highest level of personal data protection is particularly important for SciArt Design (Owner: Tibor Janosi Mozes, Tax number: ESY4409725H).
The purpose of this Data Protection Policy is to inform the visitors of sciartdesign.com webpage („Webpage”) on data processing related to the operations of SciArt Design, in line with the provisions of 2000/520/EC Decision of the Commission of the European Communities, the adequate protection of the personal data is ensured in line with Section 8 § (1) b) of the Information Act.
SciArt Design will comply with all applicable GDPR provisions as they come into force, whilst also working closely with our customers and partners in order to meet our contractual obligations for our products and services in all sectors.
SciArt Design fully recognises the impact of the GDPR upon our customer base and, as such, continues to be committed to providing technology solutions to support customers’ GDPR obligations, whether as standard features within our product range or as added-value solutions.
Please note that it is possible to visit the Webpage without providing any personal data. The Webpage does not contain behaviour-based advertisements (so-called cookies). Nevertheless, in case the visitor intends to receive information on the events organized by SciArt Design, subscribes to the Newsletter or provides contact data to SciArt Design for business development and cooperation purposes, the following provisions shall apply.
- personal data: any information relating to a natural person directly or indirectly identifiable, as well as conclusions drawn from the data with regard to the data subject. In the course of data processing, the data in question shall be treated as personal as long as the data subject remains identifiable through it. The data subject shall - in particular – be considered identifiable if the data controller is in possession of the technical requirements which are necessary for the identification.
- sensitive data: personal data revealing racial origin or nationality, political opinions and any affiliation with political parties, religious or philosophical beliefs or trade-union membership, personal data concerning sex life, health, pathological addictions, or criminal record.
- data subject: any natural person who can be identified, directly or indirectly by reference to specific personal data.
- data processing: any operation or the totality of operations performed on data, irrespective of the procedure applied; in particular, collecting, recording, registering, classifying, storing, modifying, using, querying, transferring, disclosing, synchronising or connecting, blocking, deleting and destructing data, as well as preventing their further use, taking photos, making audio or visual recordings, as well as registering physical characteristics suitable for personal identification.
- data controller: a natural or legal person, or organisation without legal personality, which – alone or jointly with others – determines the purposes and means of processing of data; makes and executes decisions concerning data processing or have it executed by a data processor.
- data process: performing technical tasks in connection with the data processing operations.
- data processor: any natural or legal person or organisation without legal personality processing data based on a contract concluded with the data controller, including contracts concluded pursuant to legal provisions.
- data transfer: ensuring access to the data for third party.
- the data subject’s consent: any freely and expressly given specific and informed indication of the will of the data subject by which he gives his agreement to personal data relating to him being processed fully or to the extent of specific operations. In case of sensitive data, written consent is required.
- providing adequate information: Prior to data processing being initiated, the data subject shall be informed whether his consent is required or the data processing is mandatory. In addition, the data subject shall be clearly informed of all aspects of the processing of his personal data, such as the purpose for which his data is required and the legal basis, the person entitled to control the data and to carry out the processing, the duration of the proposed processing operation and the persons to whom his data may be disclosed. Information shall also be provided on the data subject’s rights and remedies.
- the data subject’s objection: a declaration made by the data subject objecting to the processing of their personal data and requesting the termination of data processing, as well as the deletion of the data processed.
- data security: system of technical and organizational solutions against the unlawful acquisition, modification and destruction of data.
- data deletion: making data unrecognisable in a way that it can never again be restored.
- blocking of data: marking data with a special ID tag to indefinitely or definitely restrict its further processing.
- third country: any country that is not a member of the European Economic Area.
3. General provisions
The controllers of the personal data under the scope of this Data Protection Policy is SciArt Design.
The legal ground of processing personal data is the data subject’s consent. SciArt Design does not process sensitive data under the scope of this Data Protection Policy. SciArt Design processes the given personal data only as long as the purpose of data processing persists, but no longer than the withdrawal of the consent of the data subject.
The personal data will not be forwarded to further data controllers. Only the members of the SciArt Design and those employees are entitled to access the personal data, whose access is absolutely necessary to achieve the purpose of data processing.
For the purpose of ensuring data security, the SciArt Design implements all appropriate technical and organizational measures that are requested to protect personal data, as well as all adequate procedural rules to enforce the provisions of the Information Act and other national and international data protection regulations. The SciArt Design protects the processed personal data against unauthorized access, alteration, transmission, public disclosure, deletion or destruction, as well as damage and accidental loss, and ensure that stored data cannot be corrupted and rendered inaccessible.
4. Specific provisions on each data processing
4.1. Personal data processed for the purpose of site visitors
- Session cookies: These are temporary cookies, which only exist for the period a User accesses the SciArt Design Website and which are automatically deleted from the User's device at the end of each visit. Session cookies enable the SciArt Design Website to keep track of the Users' movements within the SciArt Design Website and prevent Users from being asked for the same information endlessly.
- Persistent cookies: These are cookies which remain on the User's device for a limited period of time after the User's visit to the SciArt Design website. The SciArt Design Website uses three types of persistent cookies.
- Personalisation cookies: Personalisation cookies enable the SciArt Design Website to remember the User's preferences for their next visit. For example, on the User's first visit to the SciArt Design Website, the language will be set to English and the currency to Euros by default. If the User selects another language and/or currency during this visit, the personalisation cookie will store this information on the User's device and the SciArt Design Website will automatically be presented to the User in its preferred language and currency during their subsequent visit.
- Performance cookies: Performance cookies are used to improve the SciArt Design Website navigation and security by analysing anonymised information about the User such as their browser type, browser plugins version, operating system. For example, if the information registered by the Performance cookies reveals that a great number of users are relying on a browser not compatible with a SciArt Design Website functionality, SciArt Design will adapt this functionality to make it compatible with such browser. The SciArt Design Website uses the Google Analytics Cookie for this purpose.
- Retargeting cookies: Retargeting cookies are used to serve ads specific to the User and their interests. The ads served will be targeted based on the User's browsing history. For example, if the User has visited the SciArt Design Website without realising a purchase of services, the User may see SciArt Design advertisements when visiting a non-related site. Retargeting cookies use non-personally identifiable information and don't track personal information about the User. The SciArt Design Website uses the DoubleClick DART Cookie for this purpose.
The Help feature on most browsers details the procedure to prevent the use and acceptation of cookies. More information about the management of cookies can also be found on the applicable browser manufacturer website. Additionally, the User may also opt-out of retargeting cookies used by SciArt Design by installing the tool available at this address: https://tools.google.com/dlpage/gaoptout
We may collect other data that you submit via our social media accounts as well as other means of communication. For example, we may collect personal data when you provide feedback or when you participate in interactive features such as surveys, contests, or promotions.
4.1.3. Sending legal newsletters
SciArt Design provides its clients, other business partners and potentially interested other parties, who gave their preliminary, freely given and explicit consent, with legal newsletters. For this purpose, SciArt Design holds a record of the names, e-mail addresses, phone numbers, company names and positions of the data subjects.
The data processor defined in the annex of this policy (hereinafter: „Data Processor”) is entitled to execute technical tasks relating to the editing and sending legal newsletters upon a written data process agreement.
The Data Processor may use its own servers located in a third country during the data process.
Considering that the Data Processor is on the „safe harbour list” defined in the 2000/520/EC Decision of the Commission of the European Communities, the adequate protection of the personal data is ensured in line with Section 8 § (1) b) of the Information Act.
- Type of data: Email address, IP addresses.
- Basis and Purpose: This processing is based on your consent. We collect and process this data to customise and improve our services.
- Retention: We keep all personal data we collect outside the scope of the provision of our services for a period of one (1) year or until you request its deletion.
4.2. Personal data processed for the purpose of SciArt Design Office (ChiringuitOffice) physical visitors
SciArt Design regularly organizes professional events for its clients, business partners and other invited persons. On the grounds of the preliminary, freely given and explicit consent of the data subjects, SciArt Design sends invitations and other documents, and for this purpose, SciArt Design holds a record of the names, phone numbers, e-mail addresses, company names and positions of the data subjects.
4.2.1. SciArt Design Office
Short name: ChiringuitOffice
Long name: ChiringuitOffice CoWorking and Art Gallery
Carrer de Ramon Turró, 257-259
4.3. Personal data processed for the purpose of Clients
4.3.1. Client Account information
In order to create and manage your account on our platform, you need to provide us with sufficient information to allow us to identify you.
- Type of data: Email address, first and last name, postal address, language preference, your login, your IP address.
- Basis and Purpose: We only collect and process this data for the provision of our service.
- Retention: We keep your personal data for as long as you hold an account with SciArt Design . Should you want to close your account, please contact firstname.lastname@example.org and we will anonymise all personal data attached to your account. However, please be aware that in certain cases regulatory or legal obligations may prevent SciArt Design from completely deleting your personal data. For example, we are required to keep every invoice we issue for ten (10) years.
4.3.2. Client Payment information
We collect certain payment and billing information when you order paid services. For example, we ask you to designate a billing contact, including name and contact information. You might also provide payment information, such as Bank Account number, card details or PayPal identifiers.
- Type of data: Bank Account infro,ation including iban and bic code, partial credit card information including first and last name, and PayPal account identifier.
- Basis and Purpose: We only collect and process this data for the provision of our service.
- Retention: We keep your personal data for as long as you hold an account with SciArt Design. Should you want to close your account, please contact email@example.com and we will anonymise all personal data attached to your account. However, please be aware that in certain cases regulatory or legal obligations may prevent SciArt Design from completely deleting your personal data. For example, we are required to keep every invoice we issue for ten (10) years.
4.3.3. Client Service information
This service does not require the provision of additional personal data.
22.214.171.124. DNS Services
This service does not require the provision of additional personal data.
126.96.36.199. SSL Services
The basic SSL solution what SciArt Design recommend is the Let's Encrypt SSL which solution does not require the provision of additional personal data.
188.8.131.52. Domain Name service
For this service, you will be required to provide additional personal data by creating contact profiles which will be transferred to each registry with whom you want to register a domain name. Additionally, in case you have selected a so-called generic extension, a copy of your contact profiles will also be stored with Freemium Ltd. Hungary, (Post code: 1085 City: Budapest, Street: József krt. 77-79. Fszt. 2., Tax nr.: HU22976718) and Tarhely.Eu Ltd., Hungary (Post code: 1144 City: Budapest, Street: Ormánság utca 4. X. em. 241., Tax nr.: HU14571332), which are the ICANN-authorised escrow service providers that we use. Although established in the European Union, this companies adheres to the Privacy Shield Principles.
- Type of data: First and last name, postal address, email address, phone number.
- Basis and Purpose: Collection and processing of this data is necessary to comply with our legal obligations as data processor for registries. Transfer of relevant data is a mandatory requirement by the registries who have a monopoly on the extensions they manage.
- Retention: Each registry has its own retention period but in general this does not exceed two years after the deletion of the Domain Name.
- Transfer Abroad: Depending on the registry you would like to register a domain name with, your personal data may be transferred outside the EEA.
When registering a domain name with a registry established outside the EEA (Europe), you expressly understand and agree that this registry is not bound by the same privacy laws as SciArt Design and that, in some cases, no protection of your personal data is offered. To benefit from an adequate level of protection of your personal data, you should register your domain name under a European extension or, alternatively, an extension managed by a registry established within the EEA. In case of doubt, don’t hesitate to contact our legal department at firstname.lastname@example.org.
5. Data subject’s rights
Upon the data subject’s request, SciArt Design provides information concerning the data relating to him, including those processed by a data processor on its behalf or according to his notice, the sources from where they were obtained, the purpose, legal ground and duration of processing, the name and address of the data processor and on its activities relating to data processing.
SciArt Design complies with requests for information, and provides the information requested in an intelligible form, in writing at the data subject’s request, without any delay but within thirty days at the latest. The information is provided free of charge for any category of data once a year.
The data subject may request the rectification, deletion and blocking of personal data. SciArt Design blocks the personal data instead of deleting it, if there is reasonable ground to believe that the deletion would affect the legitimate interests of the data subject. Blocked data shall be only processed for the purpose which prevented its deletion.
In addition, the data subject has the right of objection, and is also entitled to file a court claim or to contact the National Authority for Data Protection and for the Freedom of Information.
The provisions of the Information Act shall apply for questions not covered in this Data Protection Policy.
6. Data Protection Officer Details
Tibor Janosi Mozes
Carrer Baro de Sant Lluis 6.