Privacy Policy

1. PURPOSE OF THE DATA MANAGING INFORMATION

Emoke Onyekwere-Vribinszki entrepreneur (Adress: 1140 Wien, Flötzersteig 222/19/3 Austria), further: service provider, data handler) as data manager, accepts te responsibility the content of present legal information,which was created based on the decree 2016/679 of the EUROPEAN PARLIAMENT AND COUNCIL (EU). It takes the liability, that every data management related to its activity answers the regulations of the present document and of the international regulations, and of the regulations of the European Union. 

The data protection policies related to the data management of the service provider are continuously reachable under https://omalicha.at/cookie-policy/

The service provider has the right any time to make changes in present document. Naturally, it informs the customers about the changes in time. If customers have any questions about present information, they can contact the service provider.

Service provider is committed to protect the personal data of its customers and partners, finds it very important to respect the rights of its clients to their informational self-determination. It handles the data punctually, rightfully, transparently and restricted to the necessity. Service provider handles the personal data confidentially and makes all the technical, security and organizational efforts to guarantee the adequacy to the above mentioned decree. The data handler supervises and updates these measurements when necessary.

Information from service provider about its data handling practice.

2. DATA OF THE DATA MANAGER

The data manager can be contacted through the following contacts:

Name: Emoke Onyekwere-Vribinszki

Adress: 1140 Wien, Flötzersteig 222/19/3, Austria

GISA Numbers: 30374034 Trade,

29635658 Production of decorative art objects und crafted goods

29635689 Production of bags from untypical or second hand materials

Registered by: WKO Wien, Österreichische Gewerbeordnung

http://www.ris.bka.gv.at

Issued by: Magistrat der Stadt Wien

WAT exempt due to small business regulation

Tax number: 084205939

Tel: +436504550549

E-mail: info@omalicha.at
You can find more details under the following links:

https://firmen.wko.at/Web/DetailsKontakt.aspx?FirmaID=d04a217c-7827-4915-83d7-1c9838acfcc8&StandortID=0&Suchbegriff=onyekwere&Page=1

https://firmen.wko.at/Web/DetailsKontakt.aspx?FirmaID=0692870f-713c-46d4-8c1c-4cffa1414b30&StandortID=0&Suchbegriff=onyekwere&Page=1

https://firmen.wko.at/Web/DetailsKontakt.aspx?FirmaID=0c22d0c5-bbb0-4475-8c55-cb4aa3a6686e&StandortID=0&Suchbegriff=onyekwere&Page=1

Service provider:

Deletes every received emails and personal data after maximum 5 years

After transaction deletes every registered customers from its electronic commercial system, except if the customer requests during the transaction under „Notes and special requests”, that service provider should keep customer data. In this case there is always a possibility to modify or delete these data, through an email sent to info@omalicha.at. Revocation of the contribution does not affect the lawfulness of the data management prior to the withdrawal.

Contract order and business language is German, English or Hungarian.

You can contact our customer service from Mo-Fri from 9 am – 5 pm under the No +43 650 455 05 49 or email: info@omalicha.at

3. CIRCLE OF THE ANAGED PERSONAL DATA

3.1 PERSONAL DATA REQUIRED DURING REGISTRATION, ONLINE ADMINISTRATION AND ONLINE PURCHASING

Registration name, name, adress, delivery adress, email adress.

The circle of personal data to be given during registration and the purchase, all fields must be filled.

Due to the pseudonymity principle, please make a login name a name that makes it impossible to identify you, the pseudonym name and, if possible, use that email address that does not even refer to your person. To complete web store orders / billing, shipping / please enter your real name. / As mentioned before, we will delete this data from our web data management after the transaction has been performed.

3.2 TECHNICAL DATA

Service provider selects and operates the information technology used to handle personal data in the provision of the service so that the data treated:

– are accessible to the authorized person (availability);
– authenticity and authentication (credibility of data management);
– its unambiguousness can be verified (data integrity);
– Protected against unauthorized access (confidentiality of data).

Service provider protects the data by appropriate actions against unauthorized access, alteration, forwarding, disclosure, deletion or destruction and accidental destruction.

Service provider provides technical, organizational and organizational measures to protect the security of data management, providing a level of protection that meets the risks associated with data management.

Service provider keeps during the data management:

– secrecy: protects the information so that it can only be accessed by those who are entitled to it;
– integrity: it protects the accuracy and completeness of information and processing methods;
– availability: Ensures that when the eligible user needs it, you can actually access the information you need and have the tools available to you.

3.3 COOKIES

3.3.1 THE TASKS OF THE COOKIES

– they collect information of the visitors and their tools;
– they remember the individual settings of the visitors, which can be used for example by online transactions, so the data do not have to be retyped again;
– they make the usage of the website easier;
– they give a quality user experience.

In order to give a customized service, a small data package (cookie) is placed on the computer of the visitor, which is read again at the next visit. If the browser sends back a previously saved cookie, then the service provider has the possibility to connect the present visit with previous visits, but only regarding its own contents.

3.3.2 NECESSARY SESSION COOKIES

The purpose of these cookies is to ensure that the visitors of omalicha.at could explore the website fully and without problems, use all the available functions and services. The validity of such cookies expires after the activity on the website has finished, and after closing the browser these cookies automatically get deleted from the computer or any other gadget.

3.3.3 COOKIES PLACED BY THIRD PARTIES

The omalicha.at website can also use the cookies of the Google Analytics as a third party. By using Google Analytics as a statistics service, omalicha.at collects information about how the visitors use the website. The data are used for the developing of the website and optimizing the user experiences. These cookies also remain on the computer or on any other tool used for browsing until they expire, or until the visitor deletes them.

3.3.4 DESCRIPTION OF THE COOKIES USED BY OMALICHA.AT

Can be found under https://omalicha.at/index.php/cookie-policy

3.3.5 FINDING, BLOCKING AND DELETING OF THE USED COOKIES WITH MOZILLA FIREFOX

Search: Mouse right click/ispect element/storage/cookies

Block: Tools/Options/Privacy and Security/Cookies and Site Data

Delete: Tools/Options/Privacy and Security/Cookies and Site Data/Clear Data

In other browsers the searching, deleting and blocking can also be done in a similar way.

4. PLANNED PERIOD OF USING AND KEEPING OF THE MANAGED DATA

Name of data management: Webshop

Use: Electronic commerce

Legal basis Accounting Act and Number of Accounting Obligations

Retention time: required by above mentioned law.

Failure to provide data does not make it possible to purchase.

Data management name: Manage newsletters

Use: Commercial marketing

Legal basis: voluntary contribution.

Retention Time: Till Unsubscribe

5. PURPOSE, METHOD AND LEGAL BASIS OF DATA MANAGEMENT

5.1 GENERAL DATA MANAGEMENT POLICY

Service provider’s business activities are based on a voluntary contribution or a statutory mandate. In the case of data management based on voluntary contributions, the data subjects may withdraw their consent at any time during the processing of data. The data management service is not provided directly to children.

In some cases, the management, storage, and transmission of a particular set of data is mandatory by law, which is specifically notified to our customers.

We would like to inform the customers of service provider that, if they do not provide their own personal data, the data supplier is obliged to obtain the consent of the person concerned.

The data management principles are in line with existing data protection legislation, in particular:

– Number of the Austrian Law on Information Self-Destruction and Freedom of Information. (Infotv.);
– Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Regulation (EC) No 95/46 / (General Data Protection Regulation, GDPR);
– the number of Austrian civil litigation TV, if any
– the number of Austrian accounting TV.

6. PHYSICAL DATA STORAGE LOCATIONS

The personal data you provide and the automatically generated data resulting from your use of the system can be found on your computer and / or email and hosting provider.

7. DATA FORWARDING, DATA PROCESSING, CIRCLE OF PEOPLE WHO HAVE ACCESS TO DATA

Accountant: Krisztina Knapp (email: tothkrisz21@hotmail.com)

Web hosting provider: www.tarhely.eu (email: iroda@tarhely.eu)

Shipping: Osterreichische Post AG (Phone: +43 577 67 – 0)

Service provider: Emoke Onyekwere-Vribinszki (email: omalicha1977@yahoo.com / info@omalicha.at)

8. RIGHTS AND LEGAL POSSIBILITIES OF THE AFFECTED PERSONS

You may request the information concerned to handling your personal data and may request the modification of your personal data or, with the exception of mandatory data, cancellation, revocation, and have right of protest as indicated in the record and the above mentioned contact details of the data controller.

8.1 RIGHT TO GETTING INFORMATION

Service provider shall take appropriate measures to ensure that all information relating to the processing of personal data, referred to in Articles 13 and 14 of the GDPR, and Article 34, are in a concise, transparent, comprehensible and easily accessible form, in a clear and unambiguous manner.

8.2 THE RIGHT OF THE AFFECTED TO ACCESS

The person concerned has the right to be informed by the data controller about whether his personal data is being processed and, if such data is being processed, he has the right to have access to personal data and the following information:

– the aims of data management;
– the categories of personal data involved;
– recipients or the categories of recipients with whom or which personal data will be communicated or disclosed, including, in particular, third country addressees or international organizations;
– the intended duration of personal data storage;
– Limitation of rectification, deletion or limitation of data and right of protest;
– the right to file a complaint addressed to the supervisory authority;
– Data sources information;
– Automated decision-making, including profiling, as well as the logic used and the understandable information on how relevant such data management is and what the likely consequences for the affected person are.

The data controller shall provide the information within a maximum of one month from the submission of the application. It also points out that it does not want to provide information about the data it has requested to fulfill its obligations to account for, since it is lawfully treated according to legal requirements. The information stored on the electronic information / website will proceed as described above.

8.3 RIGHT TO CORRECTION

The person concerned may request the rectification of inaccurate personal data handled by the service provider and the completion of incomplete data.

8.4 RIGHT TO DELETION

In the case of one of the following reasons, the concerned party may, upon request, have the service provider cancel his personal data without undue delay:

– personal data is no longer needed for the purpose for which they were collected or otherwise treated;
– the party concerned withdraws the consent of the data manager and there is no other legal basis for data handling;
– the person concerned objects to data handling and there is no prior legitimate reason for data handling;
– personal data has been unlawfully handled;
– the personal data should be deleted in order to comply with the legal obligation imposed on the data manager in the Union or Member States’ law;
– the collection of personal data has been linked to the provision of information society services.

Deletion of data In the cases provided for in Regulation (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL, is not possible.

8.5 RIGHT TO RESTRICT DATA MANAGEMENT

At the request of the concerned service provider limits the processing of data if one of the following conditions is met:

– the person concerned disputes the accuracy of the personal data; in this case, the restriction refers to the period of time that allows the accuracy of the personal data to be verified;
– Data handling is illegal and the data subject opposes the deletion of the data and instead asks to restrict their use;
– the data controller no longer needs personal data for data processing, but the data subject requires them to submit, enforce, or protect legal claims; or
– the person concerned objected to data handling; in this case, the restriction applies to the duration of determining whether the data controller’s legitimate reasons prevail over the legitimate grounds of the party concerned.

If data processing is restricted, personal data may be handled only with the consent of the person concerned or with the submission, validation or protection of legal claims or the protection of the rights of a natural or legal person, or in the public interest of the Union or of a Member State.

8.6 OBLIGATION TO GIVING INFORMATION

The data controller informs all addressees of any rectification, deletion or data limitation with whom or with which personal information has been communicated, unless this proves impossible or requires disproportionate effort. At the request of the data subject, the data controller shall inform the addressees thereof.

8.7 RIGHT TO DATA CARRYING

The person concerned shall have the right to receive the personal data provided to him by the data controller in a machine-readable, widely-used, readily available format, in the cases provided for in Regulation (EU) 2016/679 of the European Parliament and Council (EU) 2016/679, and to forward this data to another data controller.

8.8 RIGHT TO OBJECTION

The person concerned has the right, at any time, to object to the managing of his personal data by the data manager or a third party for reasons relating to his own situation unless the interests or fundamental rights and freedoms of the data subject that protect personal data necessary. The right of protest also exists in the case of profiling based on those provisions. In the event of a protest, the data controller may not process personal data unless it is justified by compelling reasons of lawfulness that prevail over the interests, rights and freedoms of the person concerned, or which relate to the submission, enforcement or defense of legal claims.

8.9 RIGHT TO WITHDRAWAL

The person concerned has the right to withdraw his consent at any time.

8.10 RIGHT TO TURN TO COURT

In case of breach of his or her rights, the data subject may turn to the court. The court proceeds out of turn

8.11 DATA PROTECTION MAGISTERIAL PROCESS

Complaints may be made by:

Datenschutzbehörde
Wickenburggasse 8-10
1080 Wien
+43 1 52 152-25 69
dsb@dsb.gv.at

9. OTHER INSTRUCTIONS

Data management not listed in this information is provided when data is taken.

We inform our clients that the data manager may be contacted by other bodies on the basis of the court, the prosecutor, the investigating authority, the offender authority, the administrative authority or the law, to provide information, transmit data or provide documentation.

Service Provider for the authorities – if the authority indicates the exact purpose and scope of the data – issues personal data only to and to the extent that is indispensable for the purpose of the request.