1. Introduction, purpose and scope of the information

A "GLOBAL SPORT" is an Industrial Trade and Service Limited Company (hereinafter referred to as "Data Controllert") the purpose of this Privacy Statement is to contact the natural persons concerned (hereinafter referred to as "affected" or "users") inform them in a timely, easy-to-access, clear and understandable manner about the handling of their personal data, the General Data Protection Act of the European Union (Regulation No. 2016/679 - "GDPR") and the Act CXII. of 2011 on Freedom of Information law.

The purpose of this Prospectus is also to record and explain the data management and data protection rules of the www.globalsport.hu web site operated by the Data Controller (hereinafter referred to as the "Website") , providing information regarding the personal data that is processed, the purpose of data processing, and the person entitled to data processing and processing, the requirements of data security, and the rights and remedies available to the data subject to data handling.

The Data Controller agrees to be bound by the rules contained in this Prospectus, as set out in the applicable legal regulations. The Data Manager agrees that the data management of its website and its services is in accordance with the current EU and Hungarian regulations.

Information shall be suspended in the public space of the Data Handler for customer traffic, published on the website or sent to the person concerned upon request.

Personal scope: This Prospectus applies to all natural persons whose data are handled by the Data Controller, except for data processing related to employment.

Subject matter and time: This brochure covers most of the data management activities of the Data Manager, but the Data Handler reserves the right to issue special data management information in special cases for a smaller number of affected persons.

The Data Controller reserves the right to unilaterally change the prospectus but undertakes to make it publicly available and to publish it at the same time as the changes are made.

2. General information, Data Manager information

Data Manager Details:

Company Name: "GLOBAL SPORT" Industry Trade and Service Limited Company
Headquarters: 4030 Debrecen, Tömös utca 17.
Company Registration Number: 09-09-003314
Tax number: 11157625-2-09
Representative: András Molnár managing director
Phone number: +36-52/212-051
E-mail address: sales@globalsport.hu
Location of data management: the head office of the Data Handler

Personal data may be recognized by persons or organizations processing data on the Data Manager's access rights associated with the relevant data management purpose, and by data controllers on the basis of service contracts to the Data Controller, to the extent specified by the Data Controller and to the extent required to perform their activity.

3. The scope of personal data, the purpose, legal basis and duration of data management

Handling all personal data relating to the person concerned

• based on the volunteer's consent,
• performance of the contract,
• fulfillment of the legal obligation for the Data Manager
• is in the interest of enforcing the legitimate interests of the Data Controller (legal bases).

Information on certain areas of data management:

3.1. Data Learned and Handled by Cookies

The range of data processed: As natural persons can be associated with online identifiers such as IP addresses and cookie identifiers provided by the devices, applications, devices, and protocols they use, these data can be combined with other information and can be used to create a profile of natural persons, identify. Cookies are short data files placed on the user's computer by the site you visit. Cookies do not contain personal information and are not suitable for individual user authentication.

Google Analytics is a Google Analytics tool that helps the Data Manager to get a more accurate picture of the activities of site visitors. These cookies report on the statistics for using the site without having to individually identify visitors to Google. Google Analytics shows how visitors clicked on the site, how much time they spend and how geographically they are located. The main cookie used by Google Analytics is the "__ga" cookie. Google Analytics can also be used to show more relevant ads to the Data Manager in Google services (such as Google Search) and across the Internet, and to measure interactions with ads served by Google Analytics.

Facebook Pixel cookie is a small piece of code that you can use to keep track of the activity of users who are registered on Facebook, by placing them in the source code of your site. Its functionality resembles the Google Analytics cookie described above.

SALESmanago is an automated marketing software, a program that allows the Data Manager to create and automate different direct marketing campaigns with built-in functions.

The range of data processed is: IP address, location, time, duration and frequency of visiting the web site.

The purpose of the data management: The purpose of the cookies is to make the infocommunication and Internet service easier and more convenient, accordingly the purpose of the data management is to provide safe browsing of the data obtained by them, to analyze the usage data of the website, to develop the web page, to improve the user experience.

Legal basis for data handling, how to collect data: The legal basis for data handling is the consent of the data subject. When visiting this site, a popup window that includes this prospectus informs you about the application of cookies.

Duration of data management: Some cookies will disappear after the site is closed and some will be stored for a longer period of time but up to 2 years on the user's computer. A cookie can be deleted from your computer by your user or set your browser to disable cookies. Depending on the browser, these options are typically set in Settings / Privacy. By banning or deleting cookies, the use of websites may be less convenient to the user.

3.2. Contacting, customer mailing, handling complaints

Data managed: Data provided by the data handler, including contact name, address, telephone number, e-mail address, contact data manager (address, telephone, fax, e-mail) provided with the Data Handler. The person concerned has the possibility to send a message directly to the Data Manager at the website of www.globalsport.hu, in which case the name, e-mail address, subject and the text of the message will be treated. Through this menu item on the site you can request a business offer from the Data Handler on the user, but this menu item can not be used for order submission. In the case of a complaint, the Data Handler asks for the name, address, e-mail address and telephone number.

The purpose of the data management: is to respond to the affected message, to complain, to report the results of the investigation.

The recipients of the data are: Data Manager Manager, Customer Relationship Staff.

The legal basis for data handling: is the voluntary and unambiguous consent of the concerned person, and the fulfillment of consumer legal obligations. In the case of sending a message through the website, the user will give his / her consent by pressing the "Send" button after the Data Handler drew attention to this prospectus.

Duration of the data handling: 2 years, in the case of claim enforcing until the expiration of the claim.

3.3. Information that is known and managed when signing up for a newsletter

Scope of managed data: name, e-mail address. The user is responsible for the authenticity of the personal data provided.

The purpose of the data management: is to provide information about the latest information and offers of the Data Manager. With the prior and express consent of the Subscriber, the Data Handler may also use the personal information provided for marketing and advertising purposes, such as sending information about products or services that they own or sold by them, which may be of interest to the subscriber. Subscribers can always unsubscribe from the newsletter at any time or report it to the Data Manager if you no longer wish to use your data for marketing and advertising purposes by the Data Manager.

By subscribing to the newsletter, the subscriber explicitly asks that he should be among the recipients during these inquiries.

The possibility of unsubscribing is provided by a direct link in every newsletter.

The recipients of the data are: Data Manager Manager, Administrator, Customer Relationship Workers, MailChimp Employees who run the newsletter sending system.

The legal basis for data handling: is the consent of the person concerned who is given by the person concerned on the website by pressing the "Subscribe" button after providing information on how to manage his / her data.

Duration of data management: Unsubscribe.

3.4. Data management related to the performance of a contract

3.4.1. Natural person for clients

The Data Manager is responsible for handling personal data of the natural persons - customers, buyers, suppliers - contracted by him, in the context of the contractual relationship. Any natural person who wishes to establish or establish a contractual relationship with the Data Controller shall be deemed to be concerned. Personal data are addressed to: the Data Manager manager, customer service and financial affairs.

Number of treated data: name, address, address, birth name, place and date of birth, mother's name, telephone number, e-mail address, bank account number, tax identification number, tax number, registration number, possibly entrepreneurial or original producer ID number other data related to contracting (such as my partner).

The purpose of the data management: to conclude, execute, terminate, terminate contractual relations, to maintain contact, to enforce contractual claims and to comply with contractual obligations.

The legal basis for data handling: is the contribution of the person concerned, the fulfillment of the contract, the fulfillment of a legal obligation. Data management is also considered legitimate even if the processing of data prior to the conclusion of a contract for the contract to be concluded on the basis of communication with the party concerned is necessary to take the necessary steps to implement the intended contract. In such cases, the contributing statement of the contributor concerned is not necessary for the processing of data, but in the event of a failure to conclude a contract, personal data treated on such legal basis shall be deleted immediately.

The duration of the data processing: is 8 years from the date of termination of the contract, in accordance with the accounting and tax rules, or if there is a dispute between the partner and the data controller, the limitation period for the final completion of the dispute or the enforceability of the final decision. In the case of one-time bidding or one-time information, the data of the natural person concerned will be handled by the Data Handler's Contribution Statement and will be canceled within 30 days if no contract is established. In the case of contributions to regular information, this 30-day cancellation period shall be 30 days from the date or event on which the information opportunity expires on the date of the consent of the natural person concerned or on which day the natural person withdrew its consent to the processing of his data or requested your data to be deleted.

3.4.2. Provisions concerning the representation of a legal person by a natural person

The number of data processed is the name, phone number, fax number, and e-mail address of the natural person. In the case of a responsible technical manager, the contract includes the address and the NÜJ number (Journal Customer Sign).

The purpose of the data management: is to fulfill the contract with the partner of the Data Controller legal person, business relations.

Legal basis for data handling: The legal basis is created by the contract with the partner. The manager of the personal data of the concerned representative is primarily the business partner he represents for the Data Manager. The Data Controller assumes that the disclosure of the personal data provided by the partner was legitimate from a data protection point of view, so a separate contributor's statement is not required. In the case of a public documentary, other representative in a public database other than a partner's disclosure, the publicity of the database itself is the basis for the presumption of legitimate data handling for the personal data contained therein. Personal data are addressed to: the Data Manager manager, customer service and financial affairs.

The duration of the data handling: 8 years after the termination of the business relationship or the quality of the representative concerned, or in the event of a dispute between the data subject and the Data Controller, is the final termination of the dispute or the limitation period of enforceability of the final decision.

3.5. Other data management

Data Management not specified in this Prospectus shall be communicated by the Data Manager prior to the commencement of the data processing operation and obtaining the necessary contribution.

4. Data Processors, the most important rules of data processing

The Data Controller transmits the personal data necessary for the operation of the website and the fulfillment of the contract by the legal capacity of the sales and / or service providers.

4.1. iWebMa Magyarország LLC., address: 1132 Budapest, Visegrádi street 31.

• Data provided: data related to the operation of the website
• data processing goal: the operation and maintenance of the website
• duration of data processing: until the termination of the contract underlying the processing
• legal basis: a legitimate interest of a data controller.

4.2. Google (Google Analytics), https://www.google.com/about/datacenters/

• data transferred: cookie data
• Data Processing Purpose: Include Web Site Usage Data for Statistical and Ad Targeting (Third Party Cookies)
• Data management duration: 2 years
• legal basis: a legitimate interest of a data controller.

4.3. ………………….., address: …………………..

• Data provided: Website data
• Data Processing Purpose: Hosting Service, Web Site Data Storage and Security Backup (Form Submissions)
• duration of data processing: until the termination of the contract underlying the processing
• legal basis: a legitimate interest of a data controller..

4.4. The Rocket Science Group, LLC (MailChimp), address: 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA

• Data transferred: name, e-mail address
• Data processing purpose: operation and maintenance of newsletter sending surface
• duration of data processing: until the termination of the contract underlying the processing
• legal basis: the consent of the data subject, the legitimate interest of the data controller.

4.5. Quality'74 Economic Advisory Limited Company, address: 1088 Budapest, József körút 19. III. floor 6.

• Data provided: Accounting Data
• data processing goal: carrying out bookkeeping services, fulfillment of tax obligations
• duration of data processing: until the termination of the contract underlying the processing
• legal basis: fulfillment of legal obligations.

4.6. "SZENCZI" DIVIZOR Business Consultant and Auditor Limited Company, address: 1088 Budapest, József körút 19. III. floor 6.

• Data provided: auditing data
• data processing goal: carrying out audits
• duration of data processing: until the termination of the contract underlying the processing
• legal basis: fulfillment of legal obligations.

4.7. Dr. Ary Petronella is an individual lawyer, address: 4024 Debrecen, Csapó street 6. I / 8.

• Data provided: legal data required
• Data Processing Purpose: In the process of enforcing the Legal Requirements of the Data Controller or in the case of claims against the Data Controller, the Data Representative's legal representation
• duration of data processing: until the termination of the procedure or until the termination or until the termination of the contractual relationship
• legal basis: legitimate interest of the data controller, fulfillment of legal obligations.

The Data Processing Processor's rights and obligations regarding the processing of personal data are regulated by the Data Controller within the legal framework. The contract for the processing of data shall be in writing. Data processing can not entrust an organization that is interested in the business of personal data processing.

The Data Controller declares that in the course of its data processing activity it has no competence to make a substantive decision on data management, it may process personal data that it is aware of only in accordance with the provisions of the Data Controller, it may not process data for its own purposes and store and retain personal data according to the Data Controller.

The data controller is responsible for the legality of instructions given to the data processor regarding the data handling operations.

The Data Manager shall not authorize the data processor to use additional data processors.

5. Data security, data storage

5.1. Data security

The Data Manager retains the data handling:

• integrity and confidentiality: it protects the information so that it can only be accessed by those who are entitled to it, it protects the accuracy and completeness of the information and processing method,
• Availability: Ensures that when the eligible user needs it, you can actually access the information you need and have the tools available to you.

Electronic messages, such as e-mail, web, ftp, etc., transmitted over the Internet are vulnerable to network threats that lead to dishonest activity, controversy or disclosure or modification of information. In order to avoid such threats, the Data Controller will take all the precautionary measures that may be expected from him. Systems are monitored to capture all security dangers and provide evidence of any security incident. System monitoring also allows checking the effectiveness of the precautions applied.

The Data Controller ensures the security of the data, undertakes in this field to take all the technical and organizational measures that are essential to enforce the data security rules, data and privacy protection rules and establish the procedural rules necessary for the enforcement of the above-mentioned legislation.

The Data Controller protects the data by appropriate measures against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as inadvertent destruction and damage as well as the unavailability of the technology used.

The technical and organizational measures to be taken by the Data Controller for data security are specified in the detailed data management rules of the Data Manager.

In the determination and application of the data security measures, the Data Controller considers the current state of the art of technology and, in the case of several possible data management solutions, selects a higher level of protection for personal data unless it is disproportionate.

Data storage

The Data Manager selects and operates its software and IT tools so that the data processed:

• available to the authorized person (availability)
• authenticity and authentication (credibility of data management),
• its unambiguousness can be verified (data integrity),
• Protect against unauthorized access (confidentiality of data).

The Data Controller provides technical, organizational and organizational measures to protect the security of data management, providing a level of protection that meets the risks associated with data management.

6. Rights of the person concerned, remedies available

6.1. Undo the consent

In the case of data handling based on the consent of the person concerned, the data subject can withdraw his consent at any time. In such case, the Data Handler shall, without notice, without delay, delete the personal data of the person concerned in connection with the given data handling.

6.2. Right to information (access)

You may at any time request information about the handling of your personal data, the current processing of your data, your rights and guarantees, in particular the data controller, the data processor, the legal basis of the data handling, the purpose, duration, data storage location, and data security measures.

At the request of the person concerned, the Data Controller shall provide information about his data management activities and the transfer of data. The Data Controller shall provide the information in a reasonably short time, but within a maximum of one month from the submission of the application, in writing and in an understandable form.

Information is free of charge if the applicant has not yet filed an information request for the same activity or data subject in the same year to the Data Handler. In other cases, the data controller establishes a cost reimbursement and provides the information after payment of the cost reimbursement.

You may be asked for information about whether your personal information is being processed and, if so:

• What purpose?
• What data are exactly managed?
• To whom does the Data Handler pass this information?
• How long will this data be stored?
• What are the rights and remedies of the person concerned in connection with this?
• From whom did the Data Manager receive the data?
• Do the Data Manager make an automated decision for the person concerned using his / her personal data? In such cases, the data subject may also request information about the logic (method) used by the Data Manager and the significance of such data management and the expected consequences.
• If the person concerned has found that your data has been forwarded to the Data Management International Organization or to a third country (other than an EU Member State), you may request that you provide a demonstration of what guarantees the proper handling of your personal data.
• The person concerned may request a copy of the personal data he / she handles.

6.3. Right to rectify

The person concerned may request that the Data Controller repair or supplement the inaccurate or incomplete personal data that the Data Controller must comply with.

6.4. Right to delete (forgetting)

The person concerned may ask the Data Manager to delete his / her personal data if:

• personal data is no longer required for the purpose from which the Data Controller has collected or otherwise handled,
• the party concerned withdraws the consent of the data controller and does not have any other legal basis for data handling,
• the person concerned objects to his or her data handling and has no prior legitimate reason for data handling,
• if it is determined that the Data Controller has treated the personal data unlawfully,
• the personal data should be deleted for the legal obligation of the data controller applicable to the law of the Union or of the Member States.

Personal data may not be deleted by the Data Handler if required:

• to exercise the right to freedom of expression and information,
• fulfillment of obligations under the EU or Member States' law applicable to the data controller for the processing of personal data or for reasons of public interest,
• on the basis of public interest in the area of public health,
• for public interest archiving purposes, for scientific and historical research purposes or for statistical purposes, provided that deletion is likely to make it impossible or seriously compromise this data management or
• advocating, enforcing or protecting legal claims.

The Data Manager will take immediate action to cancel.

The Data Handler informs the person concerned of the correction and deletion, and informs those who previously forwarded the data for data processing. Notification may be omitted if it does not prejudice the legitimate interest of the data concerned for the purpose of data handling.

6.5. Right to Restrict Data Management

An interested party may request that the Data Controller restricts data management if one of the following is true:

• the person concerned disputes the accuracy of the personal data, in this case the restriction refers to the time period in which the Data Controller checks the accuracy of the personal data,
• data manipulation is illegal and the data subject is opposed to the deletion of the data and instead asks to limit their use,
• the Data Handler no longer needs personal data for data processing but the claimant requires them to submit, enforce or protect legal claims or to
• the person concerned objected to data handling; in this case, the restriction applies to the period during which it is established that the Data Manager's legitimate reasons prevail over the legitimate grounds of the party concerned.

In the case of a restriction, personal data may be handled only with the consent of the person concerned or with the submission, validation or protection of legal claims or the protection of the rights of a natural or legal person, or in the public interest of the Union or of a Member State.

The Data Handler informs the data subject in advance of any unblocking of the restriction.

6.6. Right to data storage

The data subject shall have the right to receive personal data handled by the Data Controller in a machine-readable, widely used machine-readable format and shall be entitled to transmit this data to another data controller or to be transmitted by the Data Handler if his / is based on a contract with the person concerned / the relevant interest and is automated.

This right does not apply where data management is necessary for the performance of a public interest task and is without prejudice to the right to cancel and to disadvantage the rights and freedoms of others.

6.7. Right to protest

The person concerned may object to the handling of his or her personal data, if any:

• data management is necessary for the performance of a public interest task, including profiling based on it,
• data processing is necessary to enforce legitimate interests of the data controller or a third party, including profiling based on that data.

In the above cases, the Data Controller deletes personal data unless its handling is justified by compelling reasons of legitimate interest in the interests, rights and freedoms of the data subject, or relating to the submission, validation or protection of legal claims.

You may also object to the handling of your personal data if:

• the data is handled for direct business (in which case you may object to profiling), in this case the Data Manager will delete personal data,
• personal data is handled for scientific and historical research purposes or for statistical purposes. In this case, the Data Handler will delete the personal data unless it is necessary for the performance of a task for public interest purposes.

6.8. Automated decision-making rights, including profiling

The data subject shall be entitled to exclude the scope of a decision based solely on automated data handling, including profiling, which would have a bearing on it or would significantly affect it.

The foregoing shall not apply if the decision:

• necessary for the conclusion or performance of the contract between the data subject concerned and the data controller,
• is made available to the Data Controller by the law of the Union or of the Member States which also lays down appropriate measures to protect the rights and freedoms and legitimate interests of the data subject,
• based on the express consent of the person concerned.

Except for statutory obligation, the person concerned may also apply for human intervention in this case, express his or her position and object to the decision.

The Data Manager does not make profiling.

6.9. Procedural rules

The Data Controller shall, without undue delay, but in any event within one month of the receipt of the request, inform the data subject of any action taken on his or her request to exercise his or her rights. If necessary, taking into account the complexity of the application and the number of applications, this deadline may be extended by two additional months. The Data Manager shall inform the person concerned of the extension of the deadline by indicating the reasons for the delay. If the Data Controller fails to take action upon the request of the concerned party, he shall inform the data subject without delay and within one month of the receipt of the request for reasons of non-action and whether he may file a complaint with a supervisory authority and exercise his right of judicial redress.

If the application concerned is submitted electronically, the information should be provided electronically, as far as possible, unless otherwise requested by the data subject.

The Data Manager shall provide information and action free of charge. If the claim in question is clearly unjustified or excessive, in particular because of its repeated nature, the Data Controller may levy a fee or refuse to take action on the basis of the request, subject to the provision of the requested information or information or to the administrative costs of the requested action.

6.10. Remedies

Privacy Policy Procedures

If, according to the person concerned, the processing of personal data is contrary to the provisions of the General Data Protection Regulation, the person concerned has the right to file a complaint with the National Data Protection and Information Authority (NAIH).
Postal address: 1530 Budapest, Pf.: 5.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Telefon: +36 (1) 391-1400
Fax: +36 (1) 391-1410
Web: http://naih.hu
E-mail: ugyfelszolgalat@naih.hu

Right to Court

If, according to the person concerned, the processing of personal data is contrary to the provisions of the General Data Protection Act and has violated the rights of the data subject, he or she shall be entitled to apply to the court concerned.

The trial is governed by the jurisdiction of the court. The case may be initiated before the court of the place where the data controller is headquartered or where the domicile or place of residence of the data subject is concerned. The lawsuit may also be party to lawsuits. The authority may intervene for the sake of success.

For court proceedings, in addition to the provisions of the General Data Protection Act, Act V of 2013 on the Civil Code, 2: 51-54. And other legal provisions relating to court proceedings shall prevail.