Magic Baits UK
Environmentally friendly No harm to Nature ! 100% Organic
Name of the data handler:
Company name: The Magic Baits
Head office: 19 Festival Park Omagh
Managing Director: Csaba Hajagos
Company registration number: 8679290354
EU tax number: HU14366516
Contributing statement for handling personal information
I will voluntarily and expressly contribute to the management of my data during the visit, subscription, registration, and registration of Csali Hungária
electronic sites (https://themagicbaits.ewk.hu/registration/Facebook ads, ads).
By recording my details, I declare that I am a person of 18 years of age or older. I represent a legal person or other organization without legal personality and
I represent a person or a person I represent. I am an authorized person to represent the organization and to provide the consent for the processing of this information.
I declare that no special personal information will be made available to you during the registration or later in any form whatsoever for "The Magic
Bait". Special personal data are, inter alia, racial or ethnic origin; political opinions; religious and philosophical beliefs; trade union membership;
genetic or biometric data that are suitable for identifying the person; health data, or sexual orientation data.
I declare that I can not provide a personal identification number - examples without completeness: passport number, personal number, ID card number,
address card number, license number - I do not provide for "The Magic Bait".
With my consent, I acknowledge that The Magic Bait can send me messages, briefings, event invitations and phone calls related to the scope of my
I may revoke my consent to manage my information at any time by submitting a request sent to us via the terms provided in the prospectus, such as
Legal basis based on legitimate business interests
If you fill in your form and give your interest in the services of Csali Hungária, your application is considered a contract. In this case, the
legal basis for Personal Data Processing will be a legal interest based on a legitimate business interest under the GDPR Decree. From this altered legal
right, your rights and personal data will not be changed, this only means that during the preparation of the contract, if you do not request the process
to be terminated, your Personal Data will continue to be processed for the purpose of preparing the contract and for your purposes.
In the case of orders, a contractual legal basis
If you order a service from Csali Hungária, you will be a buyer under the conditions detailed in the Terms and Conditions. In this case, the legal basis
for your personal data processing will be a contractual legal basis under the GDPR regulation. From this changed legal right, your rights and personal
data will not be changed, this only means that the contract will be revoked during the term of the contract, and will continue to handle your personal
data in order to perform the contract.
As soon as the contract is completed or terminated, the legal basis for your data management changes again and your personal information is further
processed by law.
After termination or performance of a contract by law
Regarding the details on the invoice, we are required to continue to handle your Personal Data by law.
You have the following rights. In connection with these, we have to respond within a maximum of 1 month of GDPR. We will do everything we can to react
Right to information
You may be required to provide us with information about our personal information that we are managing. You may request access to this information
At any time, you may be able to request information in writing by sending a valid check-in letter sent to our address or by e-mail to
email@example.com. The request for information sent by letter is considered authentic if it is clearly identifiable on the basis of the request
Email Requests are considered authentic only if they are sent from a registered email address but this does not preclude identifying it for
security reasons before providing information.
The request for information may cover the data we manage, their source, the purpose, the legal basis, the duration of the data processing, the names and
addresses of the data processors, the activities related to data management and, in the case of the transmission of personal data, to whom and for what
purpose they have received or received their data.
If you are requested to provide information on whether your Personal Data is being processed, you will be given access to data management, data
categories, recipients, data storage, copyright, legal remedies, source data, automated decision making, and foreign data transfer in case of a yes
At any time, you may be able to request the correction or modification of your personal data by writing to us by email addressed to
to firstname.lastname@example.org. Taking into account the purpose of data management, you may request the complete Personal Data Supplement.
Right to forgo (Right to rescind)
You may request the deletion of the Personal Data we manage. Cancellation may be refused (i) for the purpose of exercising the right to freedom of
expression and access to information, or (ii) where personal data is processed in the public interest (authorized by law); and (iii) be made in an
equitable private interest (to present, enforce or protect legal claims)
In any event, we will inform you of the refusal of the cancellation request, stating the reason for the cancellation. After the request for deletion of
personal data, previous (deleted) data can no longer be recovered.
Newsletters can be retrieved via the unsubscribe link.
Right to Restrict Data Management
You may request that your Personal Data be handled if you dispute the accuracy of your Personal Data being processed. In this case, the restriction
applies to the time period that allows us to verify the accuracy of Personal Data.
The Personal Data we manage, if you dispute its correctness or accuracy, but the incorrect or imprecise nature of the disputed Personal Data can not
be clearly identified.
You may request that your Personal Information be handled even if Data Management is illegal, but it opposes the deletion of the treated Personal Data
and instead asks for their use limitation.
If you object to data handling, we limit the management of your personal data, which limits the duration of the term until it is determined whether the
data controller's legitimate reasons prevail over the legitimate grounds of the data subject.
The right to data storage
You may request that Personal Data provided by you be handed over to you in a machine-readable, widely used, machine-readable format and / or forwarded
to another data controller.
Right to protest
You may object to the processing of Your Personal Data (i) if your personal data is solely required to fulfill our legal obligation or to enforce our
legitimate interests; (ii) if the purpose of Data Management is to direct business acquisition, polling or scientific research; or (iii) if Data
Management is performed in the interest of a public interest task.
We investigate the lawfulness of the protest and, if the grounds for the protest are established, Data Management will be terminated and the treated
Personal Data will be blocked, and any protest and any action taken against it will be notified to all persons for whom the Personal Data affected by the
protest were previously forwarded.
Purpose of data management
Protecting your rights.
Your identification, contact with you
Identify your entitlements.
Customize your system and marketing messages sent to you. Ensure targeted, relevant messages based on the area of interest, industry, company type,
decision-making and job position.
Customer support, consulting, product presentation, answering questions.
Creating statistics, analyzes and decision making. Based on this, coordinating content development and product development is to actually use functions
that are actually read.
Creation of contractual services, service quality and security conditions.
Compliance with our Legal Obligations.
Validating our legitimate business interests.
We handle the information you provide:
LinkedIn / Facebook profile link
Billing address, location, delivery address
To log data for security reasons:
Page Views / Feature
Browser cookie / cookie
We build a profile for marketing purposes:
What problem is you looking for, why do you need a self-adhesive label?
What are the main aspects of decision making?
The profile construction is based on the data you provide. Our goal is to find the messages we send really interesting and relevant. Based on the profile
data, we aim manually with hand-made filters and we build newsletters. There is no automated data processing decision during the process.
Logs our inquiries (form, phone, email, personal request) in the EXCEL table.
In this case, each customer has only the data needed for identification.
Name of processors
Company Name: The Magic Baits
Stored data: customer data, order history, invoices, inquiries for products, services
Name: Google LLC
Title: 1 Hacker Way, Menlo Park, California 94025
Telephone: N / A
E-mail: N / A
Stored data: website visit data, correspondence, individual contracts and bids, calendar entries, phone contacts, data based on filters based on
spreadsheets, unique user identities, visitor identifier cookies.
Operations: website visitation analysis, A / B test run, email service, document management, calendar service, phone contacts synchronization between
devices, online spreadsheet manager, targeted advertising (retargeting).
Targeted advertising display:
Name: Facebook Inc.
Address: 1600 Amphitheater Parkway, Mountain View, CA 94043, USA
Phone: +1 650-543-4800
E-mail: N / A
Stored data: website visit data, unique user identities, visitor identification cookie.
Actions: Displaying targeted advertisements (retargeting).
Name: Rory Gormley & co.ltd
Address: 35 Main Street Dromore, CoTyrone BT78 3AE United Kigdom
Stored data: account details, invoice items, invoice details of buyer and seller invoice.
Operations: bookkeeping, statutory reporting and reporting.
Webanalitics on the website
Please note that we use Google Analytics, Google Remarketing, AdWords Conversion Tracking, and Facebook Remarketing to measure the attendance and visitor
behavior of our Magic Baits websites, to make statistics and to improve the performance of your ads.
The programs referred to in the browser are so called. Cookies are placed, which store user unique identifiers. The websites of Csali Hungária Kft. Allow
visitors to use Google Analytics, Google Remarketing, AdWords Conversion Tracking and Facebook Remarketing. It also contributes to monitoring your
behavior, tracking it, and utilizing all the services provided by the programs.
Additionally, you can always disable the data capture and storage of cookies for the future as described below. Please note that the settings and usage
of Google Analytics, Google Remarketing, and Facebook Remarketing programs fully comply with the requirements of the Data Protection Authority.
According to Google, Google Analytics uses first-party cookies to report visitors' interactions on your site. These cookies record only personally
identifiable information. Browsers do not share their own cookies between domains. For more information on cookies, see the Google Ad and Privacy FAQ.
"The Magic Baits" primarily uses information about how many visitors visited your site and how much time visitors spent on the website. "The Magic Baits
uses the program to produce statistics primarily for the production of its statistics, including the effectiveness of its campaigns. The program
recognizes the visitor's IP address so you can track whether the visitor is a returning or new visitor, as well as tracking the way the visitor has
entered the site and where he entered.
"The Magic Baits" uses Facebook's remarketing pixel to increase the effectiveness of Facebook ads, to build a remarketing list. So, after visiting the
Web site, you can show ads to an external service provider, such as Facebook. Remarketing lists are not suitable for person identification. The visitor's
personal information is not included, only the browser software is identified.
If you want to manage or disable cookie settings, you can do this in your browser. This option can be found in the Cookies / Cookies / Tracking Features
Placements menu depending on the browser toolbar. Usually, you can use the Tools> Preferences> Privacy Settings to set which tracking features you enable
/ disable on your computer.
If you do not want Google Analytics to report on your visits, you can install the Google Analytics Disabling Browser Extension. This add-on instructs
involved in the content experiment.
To disable Google Analytics web activity, visit the Google Analytics opt-out page and install the extension to your browser. For more information on
installing and uninstalling the extension, see the help for that browser.
Data Management Principles
The Data Controller manages the Personal Data in accordance with the principles of good faith and fairness and transparency, as well as the applicable
legislation and the provisions of this Prospectus.
The Personal Data is indispensable for the use of the Services by the Data Controller based on the consent of the User concerned and solely on purpose.
The Data Controller shall only disclose Personal Data in this Prospectus or in this Prospectus. for the purposes specified in the relevant legislation.
The scope of the Personal Data handled is proportionate to the purpose of data management and can not be expanded (data saving).
The personal data of a person who has not reached the age of 18 is not handled by "The Magic Baits".
The Data Controller transfers the Personal Data it manages to third parties in the present Prospectus - specified in the Data Processors and in some of
the references referred to in this Prospectus - outside the External Providers. Except as provided in this clause, the use of the data in a statistically
aggregated form that can not contain any other data capable of identifying the User concerned shall not constitute Data Management or Data Transmission.
In certain cases - in the case of official court, police inquiries, legal proceedings against copyright, property or other breaches or their reasonable
suspicion, the Data Controller violates the Data Manager's interests, endangers the provision of Services, etc. - make available to the third parties the
Personal Data available to the User concerned.
The Data Management System may collect data on the Activity of Users that can not be combined with other data provided by Users during registration, nor
with any other data generated by the use of other websites or services.
The Data Handler is responsible for correcting, limiting or limiting the personal data it manages. deletes the affected User and informs those who
previously transferred Personal Data for Data Management. Notification may be omitted if it does not prejudice the legitimate interest of the data
concerned for the purposes of Data Management.
The Data Controller shall ensure the security of Personal Data, take the technical and organizational measures and establish the procedural rules that
ensure that the recorded, stored or managed data are protected or preventing accidental loss, unauthorized destruction, unauthorized access, unauthorized
use and unauthorized alteration or unauthorized disclosure. In order to comply with this obligation, the Data Controller invites all third parties to
whom Personal Data is transmitted.
In view of the relevant provisions of GDPR, the Data Controller is not obliged to designate a Data Protection Officer.
The Data Controller is responsible for compliance with the principles.
"The Magic Baits" handles the recorded data in confidence and does everything to ensure the security of the data, and uses them in the manner required
for the proper functioning of the Website. This includes email and sms sending to you and to the specified contact details you specify, in which case the
message will be sent via that provider.
"The Magic Baits" will never sell or loan personal information to third parties for marketing purposes. In case of a summons, court decision or legal
proceedings, if necessary, "The Magic Baits" may transfer your personal information and other relevant information.
In addition, "The Magic Baits" can assure or exercise your law-based rights and protect you against court proceedings.
"The Magic Baits" choose the IT tools used to manage the data in a secure way to ensure that the data processed can only be accessed for the "Magic
Baits", as authorized by it, in order to maintain the credibility of the data , there is no change in recorded data, other than the record-keeping
process, to protect recorded data against unauthorized access.
The information handled by "The Magic Baits" may be transmitted by an authority or by court order and by law, which will notify its users in the letter
"The Magic Baits" if it is not contrary to the official or judicial notice or the relevant legislation a prescription.
Access to our personal data
For our employees, we only provide the necessary access to work for the personal data we manage. All logs are logged, we have limited access to the
Data backups are made using two-key encryption. Thus, the employees who have access to the data backup file do not even access the saved data, in the
absence of a "offline stored" key for delisting.
For servers with sharp data, you only have access to the narrowest required circuit - a server server team. All access is strictly log-in, with 3 factor
- VPN key, SSH key, user password authentication.
Data security is a complex issue for sensitive business data management systems. In "THe Magic Baits", internal rules and processes ensure that data
security and privacy requirements are met in all areas:
Data Recovery, Disaster Relief
Identification and access control
Security-conscious software development
All data stored in the MiniCRM is stored physically in the territory of the European Union or in a country that is considered equivalent to GDPR by the
"The Magic Baits" regularly updates all applied software to protect known attack on platforms at all levels (Employee Tools, Server Operating System,
Virtualization Layer, Guest Operating System, Application).
Identification and access control
All access is only possible through trained user accounts to ensure traceability.
User accounts are protected by strong passwords, password strengths are provided in the app's built-in rules. Each password is stored as a highly
encrypted, one-way "salted" hash value.
Accounts are password protected by an automated blocking system that blocks the IP address and user account after several false attempts.
Data management duration
Depending on the requirements of GDPR, we handle your data with predetermined limitation time limits for each managed data circuit.
As a rule of thumb, detailed security logs for 90 days, other security logs are stored for 365 days.
Personal data after last contact for 365 days, except where a statutory requirement or performance of a contract requires a longer period of time.
We are authorized and are required to forward any Personal Data that is available to us and which we have legally stored to the competent authorities
which forcing us to transmit Personal Data is subject to statutory or final authority. Due to such data transfer and the resulting consequences, Data
Managers can not be held responsible.
If we transfer the operation or utilization of our service to a third party in whole or in part, we may disclose the Personal Data we have processed in
whole or in part to this third party, but we may also pass it on to the new operator with the appropriate prior information, provided that this transfer
can not in a disadvantageous situation as regards the data management rules indicated in the current text of this Prospectus. In the case of data
transfer under this paragraph, before the data is forwarded, we will be able to object to data transmission before the data is forwarded. In case of
protest, your data will not be forwarded according to this point.
The data controller shall keep a record of the data transmission of the personal data it manages, the legal basis and the addressee of the data transfer,
the data specified in the transmission of personal data and other data specified in the statutory provision for the data management in order to inform
the data concerned.
Updating the information, tracking legal changes
The prospectus is continuously reviewed and updated by the data controller in accordance with changes in the legal environment and the official
More questions / answers
You can always ask for information on data processing and / or processing by email at email@example.com.
If you have a violation of your rights, you may turn to the court. The trial is governed by the jurisdiction of the court. According to his / her choice,
he / she can be initiated before the court of domicile or residence. We will inform you of the possibility and means of redress.
Omagh, 25 May 2018.