Follow us!

Get in touch with us

Item has been added

Get 20% off!arrow_drop_up

Privacy Statement

Privacy Policy

Privacy Policy

When shopping on www.wooowdog.hu, you provide personal data.
which are set out in the Right to Informational Self-Determination and
Act CXII of 2011 on Freedom of Information (hereinafter referred to as:
"Infotv."), processing of personal data of natural persons
on the protection of personal data and the free movement of such data,
and Regulation (EC) No 2016/679 repealing Regulation (EC) No 95/46
General Data Protection Regulation of the European Parliament and of the Council (EU) (the
hereinafter referred to as “GDPR”), Electronic commerce services,
and some of the services related to the information society
Act CVIII of 2001 on the issues of
on the basic conditions and certain limitations of economic advertising activity
Act XLVIII of 2008 (hereinafter referred to as “Act”), Act No. 2000 on Accounting
Act C of 2011 (hereinafter referred to as the “Accounting Act”), on Value Added Tax
Act CXXVII of 2007 on VAT (hereinafter referred to as the “VAT Act”), and the
Act V of 2013 on the Civil Code (hereinafter referred to as the “Civil Code”)
and Act CLV of 1997 on Consumer Protection (hereinafter referred to as “Act CLV”).
tv.”), and Act CLIX of 2012 on Postal Services
(“Postatv.”). The provisions of the referenced legislation
We hereby inform you about the processing of your personal data accordingly.
details and your rights in this regard.

Processed data The data processing

purpose

Data management
duration

Legal basis for data processing

Basic data:

‱ name

‱ email address

‱ phone number

‱ billing and
shipping address

‱ product sales,

‱ shopping and
payment
documentation,

‱ accounting
obligation
fulfillment,

‱ user as
buyer
identification and
with him
keeping in touch,

‱ ordered
product (or
service)
fulfillment,
invoicing,

‱ payment
of its implementation
possibility, the
during online payment
the suspect of abuse

The contract
until its completion,

the person concerned
his/her consent
until its withdrawal,
in the absence of this

the Data Controller is
data from
date of purchase
after the Civil Code.
Based on Section 6:22 5
will be deleted after a year.

The contribution is
customer service
to email address
with a message sent

the person concerned
contribution is, Info.
Act. Section 5 (1) a) and
GDPR Article 6 (1)
paragraph a)
based on, and
performance of the contract
GDPR Article 6 (1)
paragraph b)
based on

purchase and payment
documentation, the
accounting obligation
fulfillment, as well as the
invoicing and
payment processing
legal obligation during
compliance with Article 6 of the GDPR.
Article 1(c)
point, as well as the
Accounting Act. § 169 (2)
paragraph and VAT
Act. Pursuant to Section 169

transactions
filtering.

back anytime
can be drawn.

Email or
telephone
customer service
operation
given during
personal
data:

Email address,
phone number,
name, address and
other
customer service
arrived at
other
personal data
and the case
circumstances.

Customer service
activities
supply. These
to the end
for its realization
it is necessary that the
Data controller
at your disposal
let them stand
requests and
comments,
which are
Data controller
with its activities
related.

The person concerned
person
his/her consent
until its withdrawal,
in the absence of this

the Data Controller is
to customer service
by email
request received
To the data controller
to be
of arrival
day, or
telephone conversation
After the Civil Code,
Based on Section 6:22 5
will be deleted after a year.

Customer service
during activities
processed data
legal basis for processing
the person concerned
contribution is, Info.
Act. Section 5 (1) a), the
GDPR Article 6 (1)
paragraph a), and
performance of the contract
GDPR Article 6 (1)
paragraph b)
based on, legal
fulfillment of obligation
Article 6 (1) of the GDPR
paragraph c) and the Fgy.
Act. Based on Section 17/A.

Email Address Direct
(direct marketing)
send offers
for the purpose of
data management

The contribution
until withdrawn
that is, until
please personal
your data
deletion or
you withdraw the
for data management
given
your consent,

Section 5 (1) of the Information Act
paragraph a)
based on the user
based on your consent
we are entitled to
by user
given personal
to manage data.

or unsubscribe from
newsletter.



1. THE DATA CONTROLLER PERSON

MĂĄrta HartyĂĄni (2096 Üröm, GĂĄbor Áron sĂ©tĂĄny 8.., Registration number:
56307939, telephone: +36 20 340 4582, e-mail: info@wooowdog.hu web address:
wooowdog.hu hereinafter referred to as: “Data Controller”)
The Data Controller determines the information requested during purchases in the webshop.
the scope, purpose and duration of data and other essential aspects of data processing
conditions for the purposes specified in points 3-4.

2. PROVIDING YOUR DATA IS VOLUNTARY

You are not obliged to provide your personal data, but if you do not provide it, you will not be
you can purchase products available in the webshop, or
services.

3. SCOPE OF DATA PROCESSED, PURPOSE OF DATA PROCESSING AND
DURATION

After the relevant registration and login, you can purchase the
On the Data Controller's website. Register and log in on the Data Controller's website.

with a user account created on the website or with external service providers
with existing registrations.

4. PERSONS WITH ACCESS TO PERSONAL DATA

The data is accessed by the Data Controller's marketing staff,
and other data processors named in this Information Extract
they can access in order to perform their duties.
The Data Controller uses the services of:

● Google LLC, (1600 Amphitheater Parkway Mountain View CA
94043)
● Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal
Harbour, Dublin 2, Ireland)
● RACKFOREST LTD. (Address: 1132 Budapest, Victor Hugo Street 11.
Tax number: 14671858-2-41)
● Shopify.com
●
● Web analytics services also use cookies, the purpose of which is to
to help analyze the use of online platforms. The
user on online platforms, by consenting to them
allows information regarding the use of the online interface to be
Google Analytics and Google Adwords are part of Google America.
to its servers in the United States. Other cookies managed by the European
It is stored on servers within the EU.

5. DATA TRANSFER

Your data will not be transferred to third parties beyond those listed below.
Transfer of data to a third party or recipient in the event of
This will happen if we inform you in advance about the potential recipient and this
after you have given your prior consent to this, or otherwise required by law
prescribes.

● With the implementation of online product sales as a data processing purpose
in connection with purchases made on the Internet
related data is provided by Barion Payment Inc. (1117 Budapest, Irinyi u.
4-20.) through the bank card acceptance network, the transaction
financial processing, transaction security and transactions
are transmitted for the purpose of tracking. The transmitted data
scope: last name, first name, shipping address, billing address,
phone number, email address, payment transaction data.
● When delivering products, the recipient's name, address, email address,
Your phone number and the value of the order must be sent to the Magyar Posta Zrt. (1138,
Budapest, DunavirĂĄg utca 6-8.) will be forwarded to
● Billing data processor:
szamlazz.hu KBoss.hu Ltd. 1031 Budapest, ZĂĄhony Street 7.

6. DATA SECURITY MEASURES

The Data Controller is obliged to ensure the security of the data, and will do so
and also those technical and organizational measures and develops them
the procedural rules that ensure that the data recorded, stored or processed
data is protected and prevents its destruction,
unauthorized use and unauthorized modification. Furthermore, it calls
the third parties to whom the data subject has been transferred, to
are obliged to comply with data security requirements.

The Data Controller ensures that unauthorized access to the processed data is prevented.
no person may access, disclose, or transmit it,
and you cannot modify or delete them.

The Data Controller will do everything in its power to ensure that the
data is not damaged or destroyed. The above commitment
the Data Controller's employees participating in its data processing activities,
and also for data processors acting on behalf of the Data Controller.

7. NOTIFICATION OF DATA PROTECTION INCIDENTS TO DATA SUBJECTS

Data breach: a breach of security that compromises the integrity of transmitted, stored
or otherwise processed personal data accidentally or unlawfully
destruction, loss, alteration, unauthorized disclosure or
results in unauthorized access to them.

If the data breach is likely to pose a high risk to the
with regard to the rights and freedoms of natural persons, the Data Controller
informs the public without undue delay, in a clear and comprehensible manner
the data subject about the data protection incident.

The data subject does not need to be informed if the following conditions are met:
any of the following is true:

● The data controller has appropriate technical and organizational security measures
implemented measures, and these measures were
applied to data affected by a data breach,
especially those measures – such as encryption
application – which allow access to personal data
make it incomprehensible to unauthorized persons
data.
● The data controller shall take further action following the data protection incident.
has taken measures to ensure that the rights and
high risk to their freedoms in the future
probably will not happen.
● Providing information would require a disproportionate effort. Such
In such cases, data subjects should be informed through publicly available information.
be informed or similar action must be taken which
ensures similarly effective information for those affected.

8. RIGHTS AND LEGAL REMEDIES OF THE DATA SUBJECTS

The rights set out above regarding the use of recordings
In addition, data subjects may exercise the following rights in accordance with this information
regarding data processing according to:

Access to information and access to processed personal data
law:

The data subject has the right to receive feedback from the Data Controller on
regarding whether your personal data is being processed and if so,
such data processing is in progress, you have the right to have your personal data
data and access to the following information:

● the purposes of data processing;
● the categories of personal data concerned;
● the recipients or categories of recipients with whom or for whom
personal data has been or will be disclosed, including
especially third country recipients and international
organizations;
● where applicable, the planned period for which the personal data will be stored,
or, if this is not possible, the determination of this period
aspects;
● the right of the data subject to request from the data controller the
the correction, deletion or
restriction of processing of such personal data and object to the processing of such personal data
against treatment;
● the submission of a complaint to a supervisory authority
yoga;
● if the data was not collected from the data subject, information about its source
all available information;
● the fact of automated decision-making, including profiling, and
at least in these cases, the logic applied and the
understandable information about how such data processing is carried out
significance and what is expected for the person concerned
has consequences.

If personal data is transferred to a third country or international organization
is forwarded to, the data subject has the right to
be informed about the appropriate guarantees regarding the transmission.

The Data Controller shall provide a copy of the personal data subject to data processing to the
shall make available to the data subject. For further copies requested by the data subject, the
The data controller shall charge a reasonable fee based on administrative costs.
If the data subject submitted the application electronically, the
information to the Data Controller through widely used electronic
format, unless the data subject requests otherwise.

The right to request a copy referred to in the previous paragraph does not
may adversely affect the rights and freedoms of others.

The rights set out above can be exercised through the contact details set out in point I above.
can be practiced.

Right to rectification:
The Data Controller, at the request of the data subject, shall correct inaccurate personal data concerning the data subject.
corrects the data without undue delay. The purpose of the data processing
taking into account the data subject has the right to request the incomplete personal data
of your data – including through an additional declaration –
its addition.
Right to erasure (“to be forgotten”):
The data subject has the right, if one of the following reasons exists, to:
that upon request, the Data Controller deletes the data concerning him/her without undue delay
personal data concerning:

● personal data is no longer necessary for the purpose for which it was collected
they were collected or otherwise handled;
● the data subject withdraws his/her consent, which is the basis for data processing,
and there is no other legal basis for the data processing;
● the data subject objects to the data processing and there is no priority
legitimate grounds for data processing or if the
data processing would be related to direct business acquisition;
● personal data has been processed unlawfully;
● the personal data are subject to the EU or national legislation applicable to the data controller
it must be deleted to comply with a legal obligation under Member State law;
● for the collection of personal data in the information society
related to the provision of related services.

Deletion of data cannot be initiated if data processing is necessary:

● the right to freedom of expression and information
for the purpose of exercising;
● the data controller is required to process personal data
compliance with an obligation under EU or Member State law, or
in the public interest;
● for preventive health or occupational health purposes,
assessment of the employee's ability to work, medical
diagnosis, health or social care or
provision of treatment, or health or social systems and
for the management of services, based on EU or Member State law
or under a contract with a healthcare professional and
the processing of this data by or for a professional
is carried out under the responsibility of the person who, in accordance with EU or Member State law, or
established by the competent Member State bodies
professional confidentiality obligation specified in the rules
is subject to the scope of the EU Directive, or by another person who is also an EU
or in the law of a Member State or the competent authority
defined in the rules established by the Member State bodies
is subject to a confidentiality obligation;
● in the public interest in the field of public health, such as
against serious cross-border health threats
protection or healthcare, medicines and
the high quality and safety of medical devices
and is based on Union or Member State law which
provides for appropriate and specific measures to protect the rights of the data subject and
guarantees protecting your freedoms, and in particular professional secrecy
concerning;
● on the basis of public interest in the field of public health and the use of these data
treatment by or under the responsibility of a professional
who is subject to EU or Member State law, or the relevant
established by the competent Member State bodies
professional confidentiality obligation specified in the rules
is subject to the scope of the EU Directive, or by another person who is also an EU
or in the law of a Member State or the competent authority
defined in the rules established by the Member State bodies
is subject to a confidentiality obligation;

● for archiving in the public interest, scientific and historical research purposes or
for statistical purposes, if the right to erasure is exercised
would likely make it impossible or seriously endanger
this data processing; or
● to assert, enforce or defend legal claims.

The right to restrict data processing:
At the request of the data subject, the Data Controller shall restrict data processing if the following applies:
one of the following conditions is met:

● the data subject disputes the accuracy of the personal data, in which case the
The limitation applies to the period of time that allows
the data subject must check the accuracy of the personal data;
● the data processing is unlawful and the data subject opposes the erasure of the data, and
calls instead for restrictions on their use;
● the Data Controller no longer needs the personal data
for data processing purposes, but the data subject requires them for legal purposes
for the establishment, exercise or defense of legal claims; or
● the data subject is the Data Controller based on public interest or legitimate interest
objected to the processing of your data; in this case, the
The limitation applies for the period until it is determined
whether the legitimate grounds of the data controller prevail over the
against the legitimate grounds of the person concerned.

If data processing is subject to restrictions based on the above, such personal data
data, except for storage, only with the consent of the data subject, or legal
to assert, enforce or defend claims, or for other
for the protection of the rights of a natural or legal person, or of the Union,
or it may be handled in the important public interest of a Member State.

The Data Controller shall restrict the data subject at whose request the processing of his/her personal data was restricted based on the above.
data processing, prior notification of the lifting of the restriction on data processing
informs.

Right to data portability:
The data subject has the right to obtain the information concerning him/her from the Data Controller.
personal data provided to you is structured, widely used,
in a machine-readable format and you are entitled to receive them
transfer the data to another data controller without
would hinder the Data Controller, whose personal data is
made available if:

● the processing is based on consent or contract; and
● data processing is carried out in an automated manner.

When exercising the right to data portability as above, the
The data subject has the right to request, if technically feasible, the
direct transfer of personal data between data controllers.

The exercise of the right to data portability shall not prejudice the right to erasure.
(the “right to be forgotten”). This right does not apply to the
in case the data processing is in the public interest or is entrusted to the data controller
a task performed in the exercise of public authority
necessary for its implementation.

The right to data portability must not adversely affect the rights and
freedoms.

Right to object:
The data subject has the right to object to processing for reasons relating to his or her own situation.
object at any time to the processing of your personal data by the Data Controller,
if the legal basis for data processing is public interest or the Data Controller
a task performed in the exercise of a delegated public authority
or the legitimate interests of the Data Controller or a third party
the need to enforce, including the provisions mentioned
profiling based on personal data. In this case, the Data Controller
You may not process the data any further unless you prove that the data processing
justified by compelling legitimate reasons which take precedence
against the interests, rights and freedoms of the data subject, or which have a legal
related to the presentation, enforcement or defense of claims.

If personal data is processed for direct marketing purposes,
the data subject has the right to object at any time to the processing of personal data concerning him/her
against the processing of data for this purpose, including profiling, if
it is related to direct marketing. If the data subject objects to the
against the processing of personal data for direct marketing purposes,
then the personal data can no longer be processed for this purpose.

If personal data is processed for scientific and historical research purposes
or for statistical purposes, the data subject has the right to have his/her
object to the processing of personal data concerning him/her for reasons related to his/her situation

against the processing of data, unless the processing is carried out for reasons of public interest
necessary to perform the task.

Right of withdrawal:
The data subject has the right to, if the data processing by the Data Controller is
based on the consent of the data subject, the data subject may withdraw his/her consent at any time.
Withdrawal of consent does not affect the processing based on consent,
the lawfulness of data processing before withdrawal.

Procedure in case of a data subject request regarding the exercise of the above rights:
The Data Controller shall, without undue delay, but in any case,
informs the data subject within one month of receipt of the request
data subjects' rights regarding the exercise of the rights set out in this information
on the measures taken in response to the request. If necessary, taking into account the
complexity of the application and the number of applications, this deadline may be extended by two additional
can be extended by one month.

The Data Controller shall inform the Data Controller of the reasons for the delay regarding the extension of the deadline.
within one month of receipt of the request, indicating
informs the data subject. If the data subject submitted the data electronically
request, the information will be provided electronically if possible,
unless the data subject requests otherwise.

If the Data Controller does not take action following the data subject's request,
without delay, but no later than one month after receipt of the request

informs the data subject of the reasons for not taking action within one month,
and that the data subject may lodge a complaint with a supervisory authority
authority and may exercise their right to judicial remedy.

The Data Controller provides the requested information and communication free of charge,
provided that, insofar as the request of the data subject is clearly unfounded
or – especially due to its repetitive nature – excessive, the Data Controller shall take into account the
by providing the requested information or communication or by taking the requested action
a reasonable fee for the administrative costs associated with the
may charge or refuse to take action on the request.

The Data Controller informs all recipients of all processing carried out by it.
about rectification, erasure or restriction of data processing, with whom or with which
the personal data has been disclosed, unless this proves impossible, or
requires a disproportionate effort. At the request of the data subject, the Data Controller
informs you about these recipients.

9. RELATING TO CHILDREN AND THIRD PARTIES
PERSONAL DATA

Persons under the age of 16 may not provide personal information about themselves,
unless permission has been sought from the person exercising parental supervision. The
By providing personal data to the Data Controller, you declare
and you warrant that you will act in accordance with the above, your capacity to act is
is not limited in terms of providing information.

If you are legally required to provide any personal data
you are not entitled to do so independently, you are obliged to do so by the third parties concerned (e.g.
legal representative, guardian, other person – such as a consumer – whose
(acting on behalf of) obtain consent or make the data available
provide another legal basis for the release. In this context, you are obliged to
consider whether by providing the given personal data
whether the consent of a third party is required in this context.
It may happen that the Data Controller will not have personal contact with you, so
You are obliged to ensure compliance with this point and the Data Controller
shall not be liable in this regard. Regardless, the Data Controller
You have the right to verify at any time whether your personal data is processed by
whether there is an appropriate legal basis. For example, if you are a third party –
for example, you are acting on behalf of a consumer, we are entitled to request your
your authorization and/or the relevant data processing authority of the person concerned
his/her contribution to the given matter.

The Data Controller will do everything in its power to delete
any personal data that has been unauthorizedly disclosed to the
The Data Controller ensures that, if it is aware of this,
This personal data will not be forwarded to anyone else, nor will it be
For use by the Data Controller. Please note that the data specified in point 13
Please inform us immediately via our contact details if you become aware that
a child about themselves, or a third person about you without authorization
provided personal data to the Data Controller.

10. CONTACT DETAILS

If you are legally required to provide any personal data
you are not entitled to do so independently, you are obliged to do so by the third parties concerned (e.g.
legal representative, guardian, other person – such as a consumer – whose
(acting on behalf of) obtain consent or make the data available
provide another legal basis for the release. In this context, you are obliged to
consider whether by providing the given personal data
whether the consent of a third party is required in this context.
It may happen that the Data Controller will not contact you personally, so
You are obliged to ensure compliance with this point and the Data Controller
shall not be liable in this regard. Regardless, the Data Controller
You have the right to verify at any time whether your personal data is processed by
whether there is an appropriate legal basis. For example, if you are a third party –
for example, you are acting on behalf of a consumer, we are entitled to request your
your authorization and/or the relevant data processing authority of the person concerned
his/her contribution to the given matter.

The Data Controller will do everything in its power to delete
any personal data that has been unauthorizedly disclosed to the
The Data Controller ensures that, if it is aware of this,
This personal data will not be forwarded to anyone else, nor will it be
For use by the Data Controller. Please note that the data specified in point 13
Please inform us immediately via our contact details if you become aware that
a child about themselves, or a third person about you without authorization
provided personal data to the Data Controller.

10. CONTACT DETAILS

With your personal data stored in the system and data management
Please contact our customer service with confidence at info@medosan.hu
by e-mail. Please keep in mind that the processing of your personal data
in your interest – we can only do so in the following cases:
to provide information or take action if your identity is compromised
you justify it well.

Your legal remedies:

● Any questions or comments related to data management
The Data Controller can be found at the address provided in this Notice.
at one of the contact details.
● At the National Data Protection and Freedom of Information Authority
(mailing address: 1530 Budapest, P.O. Box: 5., telephone: +36 (1) 391-1400,
email: ugyfelszolgalat@naih.hu, website: www.naih.hu) with notification
you can initiate an investigation on the grounds that personal
you have suffered a legal violation in connection with the processing of your data or
there is an immediate danger; or
● The data subject has the right to file a complaint against the Data Controller in the event of a violation of his/her rights.
You can go to court. The court will deal with the matter out of turn. That
that the data processing complies with the provisions of the law,
The data controller is obliged to prove. The court shall decide the case.
The lawsuit – at the choice of the person concerned – is
before the court of the place of residence or residence of the person concerned
can be brought before the court of the place of residence or place of stay
can be started before.