Data Management Notice
This data management notice applies to the personal data voluntarily provided by Users visiting the website at https://imilanovich.com/ (hereinafter: the Website) and related to their interest in and use of the services available on the website.
Data Controller Information and Contact Details
Name: Milanovich Ildikó, sole proprietorship
Phone Number: +36203702229
Email: imilanovichphoto@gmail.com
The Data Controller deletes all emails received, along with personal data, within a maximum of 5 years after the communication.
Purpose of the Data Management Notice
Milanovich Ildikó, as a sole proprietorship (hereinafter: Service Provider / Data Controller), recognizes the content of this legal notice as binding upon herself. She undertakes to ensure that all data management activities related to her services comply with the provisions of this policy, applicable national laws, and the legal acts of the European Union. The Data Controller’s privacy guidelines concerning her data management practices are continuously available on the Website. The Data Controller reserves the right to modify this notice at any time, and will notify her audience in a timely manner. In case of questions or feedback, the Data Controller is available through the provided contact details. The Data Controller is committed to ensuring the complete protection of her clients' and partners' personal data and places great importance on respecting clients' rights to informational self-determination. The Data Controller handles personal data confidentially and takes all necessary security, technical, and organizational measures to ensure data security. The following outlines the Data Controller’s data management practices.
Legal Basis for Data Management
The Data Controller’s data management activities are based on the voluntary consent of the Data Subject, as specified in Section 5(1)(a) of Act CXII of 2011 on Informational Self-Determination and Freedom of Information (hereinafter: Info.tv.), and in accordance with Act CVIII of 2001 on certain issues of electronic commerce services and services related to the information society.
The Data Controller does not verify the authenticity of the personal data provided. The individual who provides the data is solely responsible for the accuracy of the information submitted. By providing an email address, the Data Subject assumes responsibility for using the provided email address exclusively for their own service inquiries. All responsibility related to the login actions performed with the provided email address lies solely with the Data Subject who submitted it.
Purpose of Data Management
The Data Controller stores and manages the data provided by the Data Subject (name and email address) during the website visit and contact form submission strictly for the purpose of offering services available on the Website, communication, and user identification. Automatically recorded data is used for statistical purposes and the technical development of the IT system. The Data Controller will not use or process the personal data for purposes other than those outlined above.
Disclosure of personal data to third parties or authorities – unless otherwise required by law – is only possible with the prior, explicit consent of the Data Subject. If the Data Controller wishes to use the provided data for purposes other than the original data collection, they will inform the Data Subject and obtain their prior, explicit consent or allow the Data Subject to prohibit the usage.
Contact Form on the Website:
Visitors to the Data Controller’s website may use the contact form to express their interest in the services offered. The contact form requires the visitor's name and email address. By filling out the form, the Data Subject acknowledges that they have read the Data Controller's Data Management Notice. Personal data provided for this purpose will only be used for contact purposes. After the contact is made, the Data Controller will delete the personal data of the interested party promptly, but no later than within 3 business days. Data management is based on the creation of a contract, with the legal basis being the General Data Protection Regulation (GDPR) Article 6(1)(b).
The Data Subject, by using the customer contact form on the Data Controller’s website, declares that they have reached the age of 16. Persons under the age of 16 may not use the contact form, as per Article 8(1) of the GDPR, which requires the consent of their legal representative. The Data Controller is unable to verify the age or consent status of the individual, so the Data Subject guarantees the accuracy of the information provided.
Duration of Data Management
The management of personal data provided during the application process starts with the application and ends when the data is deleted upon request. For optional data, the data management period lasts from the time the data is provided until the deletion request is made.
These provisions do not affect compliance with retention obligations specified by law (e.g., accounting regulations) or other data management activities based on additional consents provided during registration on the Website.
Scope of Persons Who Have Access to the Data, Data Transfer, Data Processing
The data is primarily accessible to the Data Controller’s internal staff, but it is not disclosed or transferred to third parties. For purposes such as accounting, the Data Controller may engage a data processor, such as an accountant.
The Data Controller handles the personal data of the Data Subjects in a traceable manner and in compliance with applicable laws. Additionally, the personal data will only be shared with third parties upon the explicit consent of the Data Subject and only in cases of official requests.
The hosting service provider for the Data Controller's website is also considered a data processor:
Hostinger International Ltd.
Address: Švitrigailos str. 34, LT-03230 Vilnius, Lithuania
Email: support@hostinger.com
Domain provider:
Name: iwantmyname, ideegeo Group LTD,
Headquarters: PO Box 116, Napier, Hawke's Bay, 4110, New Zealand
Website: www.iwantmyname.com
The Data Controller’s billing partner:
Name: Számlázz.hu
Address: KBOSS.hu Kft., 1031 Budapest, Záhony utca 7/D.
Tax Number:
Website: https://www.szamlazz.hu/
Email: info@szamlazz.hu
Due to the use of Facebook and Instagram pages and social plug-ins integrated into the website, the Data Controller has a shared data controller and data processor partner:
Facebook Ireland Ltd.
4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Due to the use of Google Analytics on the website, the Data Controller’s data processor is:
Google Ireland Limited
Gordon House, Barrow Street, Dublin 4, Ireland
Rights of the Data Subject and Enforcement of Rights
The Data Subject has the right to request information about the processing of their personal data, as well as to request correction, deletion, withdrawal, data portability, and to exercise their right to object to the processing of data in accordance with the method indicated at the time of data collection or through the Data Controller’s contact details.
The Data Subject is encouraged to first approach the Data Controller regarding any complaints, so that the issue can be investigated and resolved. In case of violation of their rights, the Data Subject may turn to the courts for redress. The court will handle the case on an expedited basis.
Data Protection Authority Procedure: Complaints can be submitted to the National Authority for Data Protection and Freedom of Information (headquarters: 1125 Budapest, Szilágyi Erzsébet Fasor 22/C.; mailing address: 1530 Budapest, PO Box 5; phone: 0613911400; fax: 0613911410; email: ugyfelszolgalat@naih.hu; website: http://www.naih.hu).
Other
The Data Controller reserves the right to unilaterally modify this Data Management Notice, with prior notification to the Data Subjects (via website notification). Upon the notice’s entry into force, the Data Subject accepts the modified Data Management Notice by using the website.
The Data Controller’s website mainly showcases its activities and services. It provides information about the Data Controller’s contact details and allows visitors to contact her.
The Data Controller’s website does not use cookies except for those required by Google Analytics and social plug-ins. The legal basis for processing personal data collected via these is the visitor's consent (GDPR Article 6(1)(a)).
Third-Party Cookies (Analytics):
The Data Controller’s website uses Google Analytics cookies from third parties. Google Analytics is a web analytics service used to collect information about how visitors use the website. This data is used for improving the website’s development and user experience. These cookies remain on the visitor's computer or other device until they expire or are deleted by the visitor.
If the website or applications use Google Analytics alongside other Google advertising products (such as Google Ads), other advertising identifiers may be collected. Users can disable this service and adjust cookie settings in the Ad Settings.
Google Analytics collects the user’s IP address to secure the service and help the website owner understand where visitors come from (referred to as "IP geolocation"). Google Analytics allows the masking of collected IP addresses; however, website owners can still view users’ IP addresses, even without using Google Analytics.
Google Analytics collects data about the device/browser, IP addresses, and actions taken on the website/application. This information is used to measure and record user actions, which are then presented in statistical reports. Customers can personalize cookies and the data collected through features like cookie settings, User-ID, data imports, and the Measurement Protocol.
Google Analytics uses cookies, device identifiers, and other data to measure user activities on websites/applications. The collected IP addresses are used to protect the service and provide website owners with insights into the geographical origin of their users.
The current link: http://www.google.com/policies/privacy/ads/.
Google acts as the data processor for Google Analytics. According to the General Data Protection Regulation (GDPR), Google Analytics is a data processor because it collects and processes data on behalf of its clients (such as the data controller) according to the instructions of these clients. Google may only use the data under the terms of its contracts with Google Analytics clients and according to the settings provided by these clients on the user interface of its products.
Google Analytics collects internal cookies, device/browser-related data, IP addresses, and activities performed on websites/apps. This data is collected to measure and record users' activities on websites and/or apps that use Google Analytics and to generate statistical reports. Clients can customize the cookies and the scope of the collected data with features such as cookie settings, User-ID, Data Import, and the Measurement Protocol.
For clients using SDKs for Google Analytics apps, Google collects an app instance identifier, which is a number randomly generated when the user first installs an app.
Google Analytics uses IP addresses to infer the geographical location of visitors and to protect the service and its clients. Clients can activate the IP anonymization feature, which causes Google Analytics to use only part of the collected IP address instead of the whole address. Additionally, clients can override IP addresses with the IP override feature if needed.
Google uses the data managed in Google Analytics to provide its clients with the Google Analytics measurement service. Identifiers, such as cookies and app instance identifiers, are used to measure what actions users take on clients' websites and/or apps. IP addresses are used to maintain service security and to give website owners an overview of the geographical origins of their users.
Contact form on the website:
Visitors can contact the data controller through the contact form on the website. By filling out the contact form, the visitor indicates their interest in the services of the data controller. The visitor must provide their name and email address. By completing the form, the data subject declares that they have read the data controller's Privacy Notice. Personal data provided for this purpose will only be used by the data controller to make contact. After the contact is made, the data controller will promptly, but no later than within 3 working days, delete the interested party’s personal data. The data processing is carried out for the purpose of contract creation, based on this legal ground (Article 6(1)(b) of the GDPR).
Use of social plug-ins:
The data controller's website also embeds content from social media sites. In such cases, joint data processing takes place with the operator of the social media site. The legal basis for data processing is the consent of the data subject (Article 6(1)(a) of the GDPR), which is given by accepting the notification about data collection via cookies and consenting to the data collection.
The data subject, when using the contact form on the data controller's website, declares that they are over 16 years old. Persons under 16 years of age cannot contact the data controller using the contact form, as under Article 8(1) of the GDPR, the legal representative’s consent is required for the validity of the consent for data processing. The data controller cannot verify the age and eligibility of the consenting person, so the data subject guarantees the accuracy of the provided information.
Personal data processing related to "Reviews" on the website:
Some previous client reviews regarding the services of the data controller are posted on the website. The reviews appear with the full name of the reviewer. The full name (and possibly other personal data) and the review will only be published on the website if the reviewer has given written consent based on appropriate information (Article 6(1)(a) of the GDPR). The data controller will process personal data until the data subject withdraws their consent.
The data controller and their social media pages:
The data controller also operates a Facebook page, where personal data is processed. The data controller uses this page to promote their activities and introduce their services. This page is used for marketing purposes.
https://www.facebook.com/imilanovichphoto
The data controller provides comprehensive personal support through Facebook as well. If the data subject contacts them through Facebook, they will try to answer as soon as possible. Data obtained via the Facebook page will only be used to answer the inquiry, not for further advertising purposes.
The purpose of using the Facebook page: promotion on a social media platform, sharing information. Facebook may also use the data for its own purposes, including profiling the data subject and targeting ads.
To contact the data controller via Facebook, the data subject must log in. Facebook may also request personal data, store, and process it. The data controller has no influence over the type, extent, or processing of this data and does not receive personal data from Facebook’s operator. Further information on this can be found on Facebook's page.
The data controller occasionally organizes prize draws on social media pages. In such cases, personal data of the winner is processed for the purpose of delivering the prize. The winner’s data will be processed by the data controller based on the data subject's consent (Article 6(1)(a) of the GDPR) and will be stored for the retention period specified by law.
The personal data of the followers on the Facebook page will be processed by the data controller based on their consent (Article 6(1)(a) of the GDPR), which is considered given by liking, following, or commenting on posts.
The data controller is also present on Instagram with the following profile:
https://www.instagram.com/imilanovich_photo
Personal data of followers on Instagram will be processed. The data processing is based on the consent given by following the page (Article 6(1)(a) of the GDPR).
Győr, 25. 09. 2024.
imilanovich photography
You can find me also:
Send me a Message
© 2024-2025. All rights reserved.
Data Management Notice
Lifestyle family photography in Győr and surroundings.