Privacy Policy

The operator of this website,
INNOFIT INTERNATIONAL TRADE LTD
35 Stasikratous str.
1065 Nicosia,
Cyprus
Registration number 418443
email: innofitit@gmail.com
(hereinafter referred to as Controller) declares to make its best efforts under the GDPR Regulation to ensure the secure and legitimate management of Customer data.

We are available to our Customers at this email.
Under the GDPR, our Company is not required to appoint a data Protection Officer, thus you can contact our central contact points on privacy issues too. Should you have any questions regarding the information below or any other subject, feel free to contact us, we are happy to answer any of your questions.

In order to prevent unauthorized third-party access to your personal data, we use the latest SSL technology to encrypt the ordering process.

The protection of personal data is a matter of trust and Your confidence is important to us. We respect your personality and your rights to manage data concerning you and your person independently. Moreover, we stay strictly within the regulations concerning the processing of personal data. In this respect, we bring to our Customers’ attention the following:
Legal References
Our data processing principles are in line with the current legislation on data protection, so the national / international regulation applicable to the member states of the European Union is relevant.
Data Processors
When processing the data, our Company uses the following Data Processors to provide quality service to our customers:

Financial partner

STRIPE INC
  • Seat: 354 Oyster Point Blvd South San Francisco, CA, 94080-1912 United States
  • Registration Authority ID: RA000602

Hosting company data

GoDaddy.com, LLC
  • Seat: 14455 North Hayden Road Suite 219 Scottsdale, AZ 85260, United States 
  • Company registration number:
  • Community VAT registration number: EU826010755

Data of the newsletter sending and CRM provider

SalesAutoPilot Limited Liability Company
  • Seat: H-1016 Budapest, Zsolt utca 6/C 4. emelet 4.
  • Company registration number: 01-09-286773
  • Community VAT registration number: HU25743500

Automatic invoicing

Xero Inc.
  • Seat: 1615 Platte Street, Suite 400, Denver, CO 80202 USA

Accounting

Crystal Cyprus Corporate & Finance Services Ltd
  • 35 Stasikratous str.
  • Crystal Offices, Christou Morfaki Building
  • 3rd Floor, Office 301
  • 1065 Nicosia
  • Cyprus

Delivery

MOEDER s.r.o.
  • Seat: Komárňanská 2681/160 947 01 Hurbanovo 
  • Company registration number: 46383336
  • VAT Number: 2023360141
  • Community VAT registration number: SK2023360141

Knowledge Base Provider

MemberMouse, LLc
  • Seat: 1201 Orange Street, Suite 600, Wilmington, Delaware, 19801, United States 
  • Organization Website: www.membermouse.com
  • Contact Phone Number: (302) 575-0877

SMS Notification Service

Bip Communications Szolgáltató és Tanácsadó Kft.
  • Seat: H-1134 Budapest, Bulcsú utca 23. b. ép. III. em. 8.
  • Company registration number: 01 09 947432
  • Phone Number: +36-30/493-7166
  • Website: https://sms.bipkampany.hu/
We pay particular attention to working exclusively with expressly reliable partners who also consider security and legality highly important.
The Scope and Legal Basis of Personal Data Processed
The legal basis, purpose, nature, duration of data we process and the scope of data subjects.

When Visiting Our Webpages

  • Legal basis: legitimate interest of our Company
  • Data processed: IP address, time and duration of the visit, list of subpages visited, operating system you use, browser type, screen resolution.
  • The purpose of data processing is to produce statistical analyzes and, thus, to control and improve the quality of our services
    • Duration: 2 years
    • Data subjects: Google Analytics (Google is the Processor)
    • Note: the data evaluated in the statistical analysis are not identified by specific persons. (i.e. data are analyzed only en masse and, thus, in a completely anonymous way.)
Those interested in further information may find detailed information on the operation of Google Analytics at.

Newsletter (Direct Marketing) Services

  • Legal basis: explicit consent
  • Data processed: last name, first name, e-mail address
  • Non-compulsory data processed: range of interest (if the website provides multiple ways of subscription to newsletters)
  • Purpose of the processing is to notify about special offers, new products, campaigns, requests via direct marketing, general interaction
  • Duration: until unsubscribed / consent withdrawn
  • Data subjects: CRM

Purchase of the Product

  • Legal basis: legal obligation (certification)
  • Data processed: customer’s last name, first name, email address, telephone number, billing address, postal address, IP address, amount, date and time of the transaction, note by the customer
  • The purpose of data processing is to comply with our contractual obligations, to issue invoices, to perform our warranty obligations in certain cases, to notify you of technical changes regarding the product
  • Duration: 8 years (from the last day of the year of order)
  • Data subjects: CRM, Issuer of the Invoice, Bookkeeper, Deliverer, Financial Service Provider (card payment)

Profiling

The Controller performs no profiling based on the behavior, range of interest or other data provided by the visitors / registrants, or uses no automatic offer-creation, classification or decision-making.
Of course, you can unsubscribe from our list at any time by a single click – in this case, we will physically delete your data from all of our systems.
Or you can use any of our services without subscribing to our promotional e-mails.
Cookies

What are the cookies and how are they handled?

In order to make our website attractive and to allow certain features to be used, so-called cookies are used on various pages. These are small data files stored in your terminal equipment (computer, smartphone). They usually contain a specific character string that allows the unique identification of the browser when retrieving the website again.

Their primary objective is to make our online offers more user-friendly and efficient, and to remember the visitors’ individual preferences. The user data collected in the cookies are converted by technical precautions into pseudonyms, so it is usually no longer possible to assign the data to the user accessing.

It is not mandatory to accept cookies and you can change that at any time in the settings of your browser or you can delete them completely. However, our Company is not responsible if, in the absence of the authorization of cookies, our website does not function as expected. Of course, we strive to deliver the maximum user experience even without having to accept cookies.

How to Switch Off Cookies

What cookies do we use?

There are cookies that do not require your prior consent. These are briefly summarized in our website when You start your first visit. Our Company will inform you on the cookies that require your consent when you start your first visit and we ask for your consent.
Our Company applies or allows no cookies that allow third parties to collect data without Your consent.
System Cookies
Most of the cookies we use are called “session cookies” that are automatically deleted when your browser session ends. The purpose of these cookies is to make our website safer, more efficient and user-friendly. This type of cookies do not require any consent.
Persistent Cookies
Persistent cookies are saved even after you close your browser, so you can save the search criteria you have set. The persistent cookies are automatically deleted after a certain time, which may differ depending on the cookies. However, you can delete these cookies at any time in your browser's security settings.
Tracking Cookies (Third Party Cookies)
Cookies stored on your computer or mobile device may also come from partner companies (e.g. Google Analytics, Google Remarketing, Facebook Remarketing) and require explicit consent. We use cookies of this kind of cookies to ensure that our website is constantly optimized and developed on demand. Furthermore, traceability measures are also used to gather information on how visitors use the web pages.
Your device used for browsing stores the contact company's cookies for up to 180 days or until you delete them.
For further information on third-party cookies, see https://www.google.com/policies/technologies/types/, on data protection, see https://www.google.com/analytics/learn/privacy.html?hl=hu.
Further info: We are dedicated to using cookie warnings on each of our websites that allow the running of e.g. remarketing cookies only after explicit consent is given, therefore, without Your request, no remarketing advertisements will bother You – thereby ensuring Your demands.
Receiving Advertising Messages

What do You need to know about our direct marketing and newsletter data management?

By modifying Your personal information on the newsletter and/or direct marketing registration interface (i.e. by clearly stating your intention to consent), you contribute for us to use Your personal data for marketing purposes. In this case, until the consent is canceled, Your data will be processed for the purpose of sending direct marketing and/or newsletter, and you will be sent advertising and other mails, as well as bulletins and offers and/or forward newsletters (Art. 6 of the Business Advertising Act).
You may give your consent to the direct marketing and the newsletter together or separately, or you may withdraw it / them free of charge and at any time.
The withdrawal of the consent to the data processing regarding direct marketing and / or newsletter is not considered at the same time as the withdrawal of consent to data processing on our website.

Other Data Processing Matters

We may only transfer your data to the extent outlined in the legislation, and, as far our data processors are concerned, we shall ensure by contractual specifications that Your personal data may not be used by them for purposes other than those included in Your consent.

Courts, public prosecutors’ offices and other authorities (e.g. police, revenue office, National Data Protection and Information Authority) may contact our Company for the provision of information, disclosure of data or making documents available. In these cases, we must fulfill our duty of disclosure, but only to the extent strictly necessary to achieve the purpose of the request.

We protect your personal data by appropriate technical and other measures, and ensure the security and availability of your data, moreover, we protect them from unauthorized access, alteration, damages, disclosure and any other unauthorized use.
The Data Subjects’ Rights

The Right to Information

The Controller shall take appropriate measures to provide the data subjects with all the information referred to in Articles 13 and 14 of the GDPR concerning the processing of personal data, and to provide any information referred to in Articles 15 to 22 and 34 in a concise, transparent, comprehensible and easily accessible form, using clear and comprehensible language.

We will provide information within 14 days (though not later than within 1 month) from the submission of Your request. The information is free of charge unless you have already submitted an information request for the same data set in current year. Your expenses paid will be reimbursed if your data have been unlawfully processed or if your request for information has resulted in a correction. Information may be refused only in cases provided for by law, with indication of the place of law and with a briefing on the possibility of judicial redress or the recourse to the Authority.

You, and any person to whom the data has been previously transmitted for the purpose of data processing, shall be informed by our Company about any rectification, blocking, marking and deletion of personal data, unless your legitimate interest is not prejudiced by the failure to give such notification.

Right of Access

The data subject shall have the right to request information on the data we process in accordance with Article 15 of the GDPR, in particular regarding the following:
  • purposes of the processing;
  • categories of personal data concerned;
  • categories of recipients whose data have been communicated or will be communicated;
  • intended storage period;
  • right to rectification, deletion or restriction of processing of data and right to object;
  • existence of the right to complain;
  • information on data sources;
  • automated decision-making, including profiling, and, where appropriate, substantive information concerning the data.
The controller shall provide the information within a maximum period of one month from the submission of the application.

Right to Rectify Data (Article 16 of the GDPR)

The data subject may request the rectification of any relating inaccurate personal data and the completion of incomplete data.

Right to Deletion (Article 17 of the GDPR)

The data subject shall have the right to request the deletion of their personal data if the requirements of Article 17(1) of the GDPR are met. The deletion of data cannot be initiated if data processing is necessary:
  • for the purpose of exercising the right to freedom of expression and information;
  • with the purpose of performing any obligation requiring the processing of personal data applicable to the controller as per EU or member state law, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;
  • with a purpose concerning the area of public health or for archiving, scientific and historical research or statistical purposes on grounds of public interest;
  • or to make, enforce or protect legal claims.
We undertake the registration of the withdrawal of the consent with a deadline of 14 days, but we point out that we are allowed to process certain data even after the consent has been withdrawn in order to fulfill our legal obligation or to exercise our legitimate interests.

Right to the restriction and withdrawal of data processing (Article 18 of the GDPR)

The Controller shall, at the data subject’ request, limit the data processing where any of the following conditions is met:
  • the data subject disputes the accuracy of the personal data, in which case the restriction shall apply for the period of time which enables the verification of the accuracy of the personal data;
  • the processing is unlawful and the data subject opposes the deletion of the personal data and requests the restriction of their use instead;
  • the controller no longer needs the personal data for the purpose of data processing, but the data subject requires them for the purpose of submitting, enforcing or protecting legal claims; or
  • the data subject has objected to the processing of data; in that case, the restriction shall apply for as long as it is established whether the controller’s legitimate reasons prevail over the data subject’s legitimate grounds.
Where the processing is restricted, personal data may be processed only with the data subject’s consent (except for storage), or for the submission, validation or protection of legal claims, or for the protection of the rights of other natural or legal persons, or for the important public interest of the Union or a member state.

Right to Data Portability (Article 20 of the GDPR)

The data subject shall have the right to receive the personal data relating to them or made available by them to the controller in a structured, widely used, machine-readable format and to transmit such data to another controller.

Right to Object (Article 21 of the GDPR)

The data subject shall have the right to object, on grounds relating to their own situation, at any time to processing their personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, or to any processing necessary for the purposes of the legitimate interests pursued by the controller or by a third party, including profiling based on those provisions.

In the event of an objection, the controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

If You object to the processing of Your personal data, the objection will be examined as soon as possible, within 14 days (not later than 1 month) from the submission of Your request, and You will be informed in writing of our decision. If we decide that your objection is justified, we will cease the processing, including the collection of further data and the transmission of data, block the data, and we will notify about the objection and the measures taken thereunder all those whom the personal data affected by the objection have previously been transmitted to, and who are obliged to take action to assert the right to object.

We refuse to comply with a request if we prove that the processing of data is justified by compelling legitimate reasons which take precedence over Your interests, rights and freedoms or which relate to the submission, validation or protection of legal claims. If you disagree with our decision or if we miss the deadline, You may initiate legal proceedings within 30 days from the date of the notification of the decision or from the last day of the deadline.

Automated Decision-Making on Specific Matters, Including Profiling (Article 22 of the GDPR)

The data subject shall have the right not to be subject to a decision based solely on automated data processing, including profiling, which would have legal effects on him or would similarly significantly affect them.

Right of Revocation

The data subject shall have the right to revoke their consent to their personal data at any time.

Right to Apply to the Courts

The data subject, in the event of a breach of their rights, may apply to court against the Controller. The court shall apply an expeditious procedure in this case.
The court of justice shall have jurisdiction to adjudge litigations on data protection, and the lawsuit can be initiated at the court of justice of data subject’s place of residence or stay. A foreign citizen may lodge a complaint with the supervisory authority of their place of residence.

Before You apply to the surveillance authority or the court with your complaint to be consulted and to address the problem arisen as soon as possible, please contact our Company at the e-mail or via a registered delivery with acknowledgment of receipt addressed to the seat of our Company.

Right to Lodge a Complaint

Final Provisions
The Controller points out that the data subject is responsible for the accuracy of the personal data. If they do not provide their own personal data or incorrect data / personal data, the data subject shall be obliged to fully exempt the Controller in case of a third party’s claim against the Controller. Issues not regulated by this Privacy Policy shall be governed by the regulations on confidentiality, especially those included in the GDPR.
Modification of the Privacy Policy
Our company reserves the right to make unilateral changes to this Privacy Policy, about which it shall adequately inform the parties concerned.

The modified provisions shall apply after their entry into force. 
February 01, 2022