Privacy Policy

Data controller information

Name: YeastFlow Kft.
E-mail address:
Tax number: 26700384-2-08
Company registration number: 08 09 033318
Registered seat: 9028 Győr, Régi Veszprémi út 14–16.
Postal address: 9028 Győr, Régi Veszprémi út 14–16.

Data controller information

Name: YeastFlow Kft.
E-mail address:
Tax number: 26700384-2-08
Company registration number: 08 09 033318
Registered seat: 9028 Győr, Régi Veszprémi út 14–16.
Postal address: 9028 Győr, Régi Veszprémi út 14–16.

Definitions
1. GDPR: the European Union’s General Data Protection Regulation (EU 2016/679).
2. Data processing: any operation or set of operations performed on personal data or on
sets of personal data, whether by automated means or not, such as collection,
recording, organization, structuring, storage, adaptation or alteration, retrieval,
consultation, use, disclosure by transmission, dissemination or otherwise making
available, alignment or combination, restriction, erasure or destruction.
3. Data processor: a natural or legal person, public authority, agency or other body
which processes personal data on behalf of the controller.
4. Personal data: any information relating to an identified or identifiable natural person
(data subject); an identifiable natural person is one who can be identified, directly or
indirectly, in particular by reference to an identifier such as a name, a number,
location data, an online identifier or to one or more factors specific to the physical,
physiological, genetic, mental, economic, cultural or social identity of that natural
person.
5. Data controller: a natural or legal person, public authority, agency or other body
which, alone or jointly with others, determines the purposes and means of the
processing of personal data; where the purposes and means of such processing are
determined by Union or Member State law, the controller or the specific criteria for its
nomination may be provided for by Union or Member State law.
6. Consent of the data subject: any freely given, specific, informed and unambiguous
indication of the data subject’s wishes by which the data subject, by a statement or by
a clear affirmative action, signifies agreement to the processing of personal data
relating to them.
7. Data breach: a breach of security leading to the accidental or unlawful destruction,
loss, alteration, unauthorized disclosure of, or access to, personal data transmitted,
stored or otherwise processed.
8. Recipient: a natural or legal person, public authority, agency or another body, to which
the personal data are disclosed, whether a third party or not. Public authorities which
may receive personal data in the framework of a particular inquiry in accordance with
Union or Member State law shall not be regarded as recipients; the processing of
those data by those public authorities shall be in compliance with the applicable data
protection rules according to the purposes of the processing.
9. Third party: a natural or legal person, public authority, agency or body other than the
data subject, controller, processor and persons who, under the direct authority of the
controller or processor, are authorized to process personal data.

Principles of data processing

1.1. The data controller declares that it processes personal data in accordance with this
Privacy Policy and complies with the applicable legal requirements, with particular regard to
the following:
1.1.a. Personal data shall be processed lawfully, fairly and in a transparent manner in relation
to the data subject.
1.1.b. Personal data shall be collected for specified, explicit and legitimate purposes only.
1.1.c. The purposes of processing personal data shall be appropriate and relevant, and
limited to what is necessary.
1.1.d. Personal data shall be accurate and, where necessary, kept up to date. Inaccurate
personal data shall be erased without delay.
1.1.e. Personal data shall be kept in a form which permits identification of data subjects for
no longer than is necessary for the purposes of the processing. Personal data may be stored
for longer periods insofar as the data will be processed solely for archiving purposes in the
public interest, scientific or historical research purposes or statistical purposes.
1.1.f. Personal data shall be processed in a manner that ensures appropriate security of the
personal data by implementing appropriate technical or organizational measures, including
protection against unauthorized or unlawful processing and against accidental loss,
destruction or damage.
1.1.g. The principles of data protection shall apply to any information relating to an identified
or identifiable natural person.
1.2. Personal data are processed by the data controller solely to the extent necessary and for
the purposes specified in this Privacy Policy and in the relevant legislation.
1.3. The legal basis for processing is the contract and service performance, as well as the
consent of the data subject.
1.4. The scope of data subjects includes any adult natural person, legal entity, or
organization without legal personality who visits the Website in connection with the
information society, registers on the Website, purchases products, uses services on the
Website, or places orders (Data Subject).
1.5. The data provided by the Data Subject are retained by the data controller until the Data
Subject requests their deletion or withdraws their consent. The data subject may withdraw
consent to processing at any time by e-mail or by phone. Withdrawal at any time does not
affect the lawfulness of processing based on consent before its withdrawal.
1.6. If there is no legal obstacle to deletion, the data will be deleted. Data must also be
deleted when the purpose of processing has been achieved, i.e. the order has been fulfilled.
1.7. Personal data are stored in a form which permits identification of data subjects only for
as long as necessary to achieve the purposes of processing. Data are stored electronically.
1.8. Persons entitled to access the data are the data controller and those employees who are
directly involved in providing the service to the Data Subject. Employees of Yeastflow Kft.
may also have access to the personal data provided by the data subject.
1.9. If the data subject wishes to use the benefits of registration, i.e. to use the relevant
service of the website, it is necessary to provide the requested personal data. The data
subject is not obliged to provide personal data, and failure to provide data has no adverse
consequences for them. However, certain functions of the website cannot be used without
registration.

Cookies
2.1. Cookies are placed on the user’s computer by the websites visited and contain
information such as site settings or login status.
2.2. Cookies are small files created by visited websites. By saving browsing data, they
improve user experience. With the help of cookies, the website remembers site settings and
can offer locally relevant content.
2.3. The service provider’s website sends a small file (cookie) to the visitor’s computer in
order to determine the fact and time of the visit. The service provider informs the website
visitor about this.
2.4. The scope of data subjects in processing: visitors to the website.
2.5. Purpose of processing: provision of additional services, identification, tracking of visitors.
2.6. Legal basis for processing: user consent is not required where the service provider’s use
of cookies is strictly necessary. In all other cases, the consent of the data subject is required.
2.7. Scope of data: unique identification number, timestamp, settings data.
2.8. In browser settings (usually under Tools/Settings, Privacy settings, cookies), the Data
Subject can accept or reject new cookies and delete existing cookies. It can also be set that
the browser notify the Data Subject each time new cookies are placed on the computer or
other device. Further information on managing cookies can be found in the browser’s help
function. If the Data Subject decides to disable some or all cookies, they will not be able to
use all functions of the Website.
2.9. Controllers entitled to access the data: the data controller does not process personal
data by using cookies.
2.10. Method of storage: electronic.

Social media pages
3.1. A social networking site is a medium where messages are disseminated through social
users. Social media uses the Internet and online presence opportunities to enable users to
connect.
3.2. It is important to consider that when a user uploads or submits personal data, they grant
a worldwide license to the operator of the social networking site to store and use such
content. Therefore, it is very important to ensure that the user has full rights to disclose the
information published.
3.3. YeastFlow also uses the Facebook Pixel, which enables reporting on conversions on the
Website, the creation of target audiences, and provides YeastFlow with detailed analytics on
visitors’ website usage. This allows social networks to map the Data Subject’s user habits
and to display personalized offers and advertisements to them on Facebook, Instagram and
TikTok.

Google Analytics
4.1. Google Analytics compiles reports for its clients on website user behavior based on first-
party cookies.
4.2. On behalf of the website operator, Google uses the information to evaluate how users
use the website, and, as an additional service, prepares reports on website activity for the
website operator so that further services can be provided.
4.3. Data are stored by Google on servers in encrypted form to hinder and prevent misuse.
4.4. Google Analytics can be disabled as follows. Quotation from the site:
Website users who do not want the Google Analytics JavaScript to report on their data can
install the Google Analytics opt-out browser add-on. The add-on prevents the Google
Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google
Analytics. The add-on works with most modern browsers. The Google Analytics opt-out
browser add-on does not prevent data being sent to the website itself or to other web
analytics services. https://support.google.com/analytics/answer/6004245?hl=hu
4.5. Google’s privacy policy: https://policies.google.com/privacy?hl=hu
Detailed information on the use and protection of data is available at the above links.
Detailed privacy:
https://static.googleusercontent.com/media/www.google.com/en//intl/hu/policies/privacy/goog
le_privacy_policy_hu.pdf