Privacy and Cookies

PRIVACY NOTICE

 

– on the processing of personal data on Perpetua Europa Websites –

Conscious Luxury Kft. (the “Company” or “Controller”) is processing the personal data of individuals visiting the perpetuaeuropa.com website (the “Perpetua Europa Website”) in connection with the provision of the functions and services of the sites and with the marketing activities of the Company on Perpetua Europa Websites.

The aim of this privacy notice (the “Privacy Notice”) is to provide you, as the subject of the data processing with information about processing of your personal data and about your data privacy rights in connection with such processing activities in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (the “GDPR”) and according to Act CXII of 2011 on Informational Self-determination and Freedom of Information (the “Data Protection Act”).

The Company conducts data processing activities for various purposes, each of them having different characteristics. The general part of this Privacy Notice serves to provide general information of when the Company processes your personal data. The specific information (purpose of the data processing activity, legal ground of processing, scope of processed personal data, retention time, etc.) relating to each data processing activity is included in annex 1 of this Privacy Notice.

Because the contents of this Privacy Notice may change from time to time, the Company will make sure to notify you whenever such changes take place. Before reviewing the information about a data processing activity and exercising your data privacy rights (see Section 2 below), please always access the up-to-date version of this Privacy Notice, which is always available at https://www.perpetuaeuropa.com/privacy-policy

 

1 DETAILS OF THE DATA CONTROLLER AND THE DATA PROTECTION OFFICER

The controller of the personal data is Conscious Luxury Kft. With a registered address on 1097 Budapest, Hungary, Vágóhíd utca 3. C. ép. 2. Em, and registration number 01-09-396727 before the Budapest Court of Registration.

The contact person designated for managing and responding to inquiries and requests by data subjects is: Katalin Szabo and she will be accessible at hello@perpetuaeuropa.com 

You may contact the Controller directly via the above contact persons to exercise your data privacy rights.

 

2  DATA PRIVACY RIGHTS

With any comment, question, complaint and any other request in connection with the processing of your personal data, we encourage you to contact the Controller directly. The Company will give a substantive response to your request without delay, but no later than one month after receipt of your request. If the complexity of your request or the number of requests justifies it, the deadline for replying may be extended by another two months, of which you will be notified by the Controller within the original deadline.

You have certain rights in connection with the processing of your personal data (i.e., data privacy rights), basically determined by the legal basis for processing. In annex 1 you can find a general description of data privacy rights you can exercise, and at the end of each table in annex 1, a more detailed description on whether you are entitled to exercise such rights in the context of the data processing activity concerning your personal data. Please note that the GDPR and in some cases the Data Protection Act, as well as other relevant laws might set further conditions and/or limitations in connection with exercising these rights. Therefore, we advise you to closely study this Privacy Notice, the GDPR and the applicable laws before filing a request. If you need any help in connection with the applicable laws, please get in contact with us via the contact methods indicated in section 1 above.

  A. Withdrawal of consent (subsection (3) of Article 7 of the GDPR)

You have the right to withdraw your consent granted for a specific data processing activity at any time. Please note that the withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.

  B.  Access (Article 15 of the GDPR)

You have the right to request confirmation from the Controller as to whether or not personal data concerning you are being processed, and where that is the case, access to the personal data and certain information determined in Article 15 of the GDPR.

  C. Rectification (Article 16 of the GDPR)

You have the right to request the Controller to rectify any inaccurate personal data concerning you without any undue delay. Considering the purpose of the processing, you have the right to have the incomplete personal data completed, including by means of providing a supplementary statement.

  D. Right to erasure (“right to be forgotten”) (Article 17 of the GDPR)

You have the right to request the erasure of your personal data if any of the circumstances set out under Article 17(1) of the GDPR apply. If the exceptions in Article 17(3) of the GDPR do not apply and/or the Controller does not have any legal ground to further process your personal data, then it will execute the request for deletion without undue delay.

  E. Restriction of processing (Article 18 of the GDPR)

You have the right to request the restriction of processing where the grounds determined in Article 18 of the GDPR apply.

  F.  Data portability (Article 20 of the GDPR)

You have the right to receive your personal data provided to the Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Controller, if the processing is based on consent [point (a) of Article 6(1) or point (a) of Article 9(2)] or is conducted for the performance of a contract to which You are a party [point (b) of Article 6(1)] and the processing is carried out by automated means. In exercising your right to data portability, you have the right to have the personal data transmitted directly from one controller to another, where technically feasible.

  G. Objection (Article 21 of the GDPR)

If the data processing is based on the legitimate interest of the Controller: You have the right to object (on grounds relating to your particular situation) at any time against processing of your personal data based on legitimate interest, including also profiling. The Controller will no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing, which override your interests, rights and freedoms or if the data processing is necessary for the establishment, assertion or defense of legal claims.

If the purpose of the data processing is direct marketing: You have the right at any time to object (on grounds relating to Your particular situation) against processing of your personal data if the purpose of the data processing is direct marketing, including also profiling if it is related to direct marketing. The Controller will no longer process the personal data in case you submit such objection against processing of your personal data for direct marketing purposes.

 

3 LEGAL REMEDIES

If you deem that your personal data are processed unlawfully and/or any of your data privacy rights have been violated you are entitled to seek the following legal remedies:

A. You have the right to contact the Controller directly via the contact details in section 1 of this Privacy Notice, and address you concerns beforehand.

 

B. You have the right to lodge a complaint with the national supervisory authority: 

Hungarian National Authority for Data Protection and Freedom of Information (seat: 1055 Budapest, Falk Miksa utca 9-11.; postal address: 1363 Budapest, Pf.: 9.; e-mail: ugyfelszolgalat@naih.hu; telephone number: +36 (1) 391-1400; web: www.naih.hu

 

C. You are entitled to file a claim with your local court having jurisdiction in the case against the Controller or – in relation to processing activities covered by the scope of activities of the processor – the processor, if you deem that your personal data is processed unlawfully and/or any of your data privacy rights have been violated. Subject to your own decision, the claim can be filed before the court of your home address or place of abode. More information on courts’ jurisdiction and contact details is available at the following website: www.birosag.hu.

 

D. DATA RETENTION TIMES, EXECUTION OF DATA ERASURE 

The retention time of the processing of each personal data is included in annex 1.

Upon expiration of the data processing period, and if the Data Controller decides to delete personal data on its own authority or upon request, the personal data will be irrevocably removed from the server of the Vanguards Websites within 30 days.

 

5 IMPLEMENTED DATA SECURITY MEASURES

This section contains the general data security measures applied by the Controller. If the Controller applies different data security measures in connection with a given data processing activity, those are described at the given data processing activity in Annex 1.

The Controller handles personal data confidentially and takes all security, technical and organizational measures that guarantee the security of the data. The Controller will ensure the protection of the security of data processing with technical and organizational measures that provide a level of protection appropriate to the risks related to data processing.

 

Perpetua Europa is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. 

 

All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.The Controller also ensures that personal data is accessed only by reasonable personnel within the organization and, if personal data is processed on hard copies, the proper storage and protection of such materials.

 

6 VERSION DETAILS

The Privacy Notice was issued on 16 May 2022. This text is version 1 of the Privacy Notice.

 

ANNEX 1

- on the processing of personal data on Perpetua Europa Websites - 

 

 

GENERAL PROPERTIES OF THE DATA PROCESSING ACTIVITY

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


DATA SECURITY MEASURES

 

 

 

 

 


 

TRANSFER OF PERSONAL DATA


GENERAL PROPERTIES OF THE DATA PROCESSING ACTIVITY

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

DATA SECURITY MEASURES

 

TRANSFER OF PERSONAL DATA

 

 

 

GENERAL PROPERTIES OF THE DATA PROCESSING ACTIVITY

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

DATA SECURITY MEASURES

 

 

 

Cookies:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

PRIVACY NOTICE

- on the processing of personal data regarding newsletter subscriptions - 

Conscious Luxury Kft.. (the “Company” or “Controller”) is processing the personal data of individuals visiting the perpetuaeuropa.com website  in connection with the provision of the functions and services of the sites and with the marketing activities of the Company on Perpetua Europa Websites.

The aim  of  this  privacy  notice  (the  “Privacy Notice”)  is  to provide  you,  as  the  subject  of  the  data  processing  with information  about  processing  of  your  personal  data  and  about  your  data  privacy  rights  in  connection  with  such processing activities in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (the “GDPR”) and according to Act CXII of 2011 on Informational Self-determination and Freedom of Information (the “Data Protection Act”).

 

1. Details of the Data Controller and the Data Protection Officer 

The controller of the personal data is Conscious Luxury Kft, with a registered address on 1097 Budapest, Hungary, Vágóhíd utca 3. C. ép. 2. Em, and registration number 01-09-396727 before the Budapest Court of Registration.

The email address of the contact person designated for managing and responding to inquiries and requests by data subjects is: hello@perpetuaeuropa.com 

You may contact the Controller directly via the above email address to exercise your data privacy rights. 

 

2. Scope of personal data processed and the purpose of data processing 

Contact information (e-mail address), to be able to send newsletters to the subscribers;
Name, gender to address the subscribers;
Month and day of birth to send birthday wishes;
Country, city, interest ("jewelry" or "engagement ring") and gender to segment the subscribers and send only relevant information. 

 

3. The legal basis for data processing 

The data will be processed in accordance with your voluntary, informed statement, which contains your express consent to the processing of your personal data provided during the subscription to the newsletter. The legal basis for data processing is Article 6 (1) (a) of GDPR. Consent is voluntary and you have the right to withdraw it at any time. Withdrawal of consent shall not affect the lawfulness of any previous processing of data with consent. You have the right to object to the processing of data for direct business purposes. 

 

4. Recipients of personal data

For the purpose of operating the website and managing the newsletter database, the Data Controller transfers personal data to the Data Processor (Conscious Luxury Kft., hello@perpetuaeuropa.com).

 

5. The duration of data processing

Until the withdrawal of the consent to the data processing. 

 

6. Your rights and remedies

You can request information about the processing of your personal data and access the data, as well as request the rectification or erasure of personal data, except for certain types of data processing, you can exercise your right to data portability and right to object in the manner indicated at the time of data collection or at the above contact details of the data controller.


Upon request, the information shall be provided in electronic form without delay and at the latest within one month. Your requests for the fullfilment of your rights are fulfilled by the Data Controller free of charge.


Right to information:
The Data Controller shall take appropriate measures to provide the data subjects with all information concerning the processing of personal data referred to in Articles 13 and 14 of the GDPR and Articles 15 to 22 and provide all the orientation referred to in Article 34 in a concise, transparent, comprehensible and easily accessible form, in a clear and comprehensible manner, but also in a precise way. 

Right of access:
You have the right to access your personal data (receive a copy) and to receive feedback from the Data Controller as to whether your personal data is being processed. If personal data is being processed, you have the right to access the personal data and the following information in the list.

• the purposes of processing;
• the categories of personal data concerned;
• the recipients or categories of recipients to whom or with whom the personal data have been or will be disclosed, including in particular recipients in third countries (outside the European Union) or international organizations;
• the planned duration of the storage of personal data;
• the right to rectify, erase or restrict data processing and to protest;
• the right to lodge a complaint with the supervisory authority;
• information on data sources; the existence of automated decision-making, including profiling, and meaningful information on the logic involved and the significance of such data management and the envisaged consequences for the data subject. 

Right to rectification:
In accordance with the law, you may request the rectification of inaccurate personal data concerning you processed by the Data Controller and the supplementation of incomplete data.

Right to erasure:

You have the right to have your personal data erased without undue delay at your request for any of the following reasons:
• the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
• you withdraw the consent on which the data processing is based and there is no other legal basis for the data processing;
• you object data processing and there is no overriding legitimate reason for the data processing;

• unlawful processing of personal data can be established;
• the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject
• personal data have been collected in connection with the provision of information society services. 

Erasure of data may not be initiated if the data processing is necessary for the following purposes:
• to exercise the right to freedom of expression and information;
• for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
• in the field of public health, or for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes
for the establishment, exercise or defence of legal claim 

Right to restrict data processing:
Upon request, data processing may be restricted under the conditions set out in Article 18 of the GDPR:
• the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data
• the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
• the Data Controller no longer needs the personal data for the purpose of data processing, but you request them for the establishment, exercise or defence of legal claims;
• You objected to the data processing; in that case, the restriction shall apply for as long as it is established whether the legitimate reasons of the controller take precedence over the legitimate reasons of the data subject.
Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with the data subject's consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. The data subject shall be informed by the Data Controller before the restriction of processing is lifted. 

Right to data portability:
He shall have the right to receive the personal data concerning him which he has made available to the controller in a structured, widely used machine-readable format and to transmit this data to another controller. The Data Controller can fullfil such a request of the data subject in MS Word or Excel format. The right to data portability is conditional on the data processing being automated and based on a consent or contract. 

Right to object:
If personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning them for this purpose, including profiling, insofar as it relates to direct marketing. In the event of an objection to the processing of personal data for the purpose of direct marketing the data may not be processed for this purpose. You have the right to object if the processing is based on the legitimate interest of the controller, but in this case the consideration of the request will be considered, depending on which party's rights take precedence under Article 21 (1) GDPR. 

Right of withdrawal:
You have the right to withdraw your consent at any time. Withdrawal of consent shall not affect the lawfulness of the data processing based on consent before its withdrawal. 

Rules of procedure: 

The Data Controller shall, without undue delay, but in any case within one month from the receipt of the request, inform the data subject of the action taken on the request. If necessary, taking into account the complexity of the application and the number of applications, this time limit may be extended by a further two months. The Data Controller shall inform the data subject about the extension of the deadline, indicating the reasons for the delay, within one month from the receipt of the request. 

If you have submitted the application electronically, the information is provided electronically, unless the data subject requests otherwise.
If the Data Controller fails to take action on the data subject's request, it shall inform the data subject without delay, but no later than one month after receipt of the request, of the reasons for delay and of the data subject's complaint to the supervisory authority. 

The Data Controller shall inform all recipients to whom it has disclosed personal data about any rectification, erasure or restriction on the processing of personal data, unless proves impossible or requires a disproportionate effort. At your request, the Data Controller will inform these recipients. 

If you believe that your rights have been violated, you can file a complaint at the Data Controller (at the contact details according to point 1), where your request or complaint will be treated confidentially and you will not be disadvantaged as a result. In addition, you have the right to complain directly to the competent authority: 

Hungarian National Authority for Data Protection and Freedom of Information 

Mailing address: 1363 Budapest, Pf. 603. Address: 1055 Budapest, Falk Miksa utca 9-11. Phone: +36 (1) 391-1400
Email: ugyfelszolgalat@naih.hu
Website: http://naih.hu 

Screen Shot 2022-06-04 at 14.34.22.png
Screen Shot 2022-06-04 at 14.42.33.png
Screen Shot 2022-06-04 at 14.44.39.png
Screen Shot 2022-06-04 at 14.48.24.png
Screen Shot 2022-06-04 at 14.50.08.png
Screen Shot 2022-06-04 at 14.53.34.png
Screen Shot 2022-06-04 at 14.55.37.png
Screen Shot 2022-06-04 at 14.57.58.png
Screen Shot 2022-06-04 at 15.01.10.png
Screen Shot 2022-06-04 at 15.03.09.png
Screen Shot 2022-06-04 at 15.07.54.png
Screen Shot 2022-06-04 at 15.10.27.png