https://dishirt.com is a webshop. Registered under the name of Katalin Pas-Kiss/katica’s. Registered Company Number: 55272133, Hungary. (Collective refered to as “dishirt”, “We” “Us” in this policy). For the purpose of the Data Protection Act 2018 (the Act), and Article 12 of the General Data Protection Regulations (GDPR) 2018 the data controller is dishirt.
Maintaining the security of your data is a high priority at dishirt, and we are committed to respect your privacy rights and want to be transparent about what data we collect about you and how we use it. This policy applies when you visit our site and shares information with you on how we use your data, what we collect, how we ensure privacy is maintained and your legal rights relating to your personal Data.
What personal data do we collect?
dishirt may collect the following information about you:
- Your name
- Your contact details: postal address, billing address and despatch address (if different), telephone numbers (including mobile number) and e-mail address
- Purchases and orders made by you
- Your browsing activity while on the dishirt website
- Your password if you create a registered account
- Payment details (your card information is not held by us, it is collected by our third party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions)
- Marketing and communication preferences
- Feedback and survey responses
- Reviews of our products or services
- Location via IP Address
- Device information when navigating our website
This list is not exhaustive and we may collect additional information under specific instances. Some of the above data is collected directly, for example if you email our customer services team or create an order. Other personal data is collected indirectly, for example through your browsing and shopping on our site. We may also collect personal data from third parties who have your permission to pass your details to us, or from publicly available sources.
How we collect information about you?
When you visit our site we may automatically collect information about your computer, including your ip address, information about your visit, your browsing history, and how you use our website. This information is combined with other information for example, completing contact forms or when you order, we need to have your name, e-mail address, card number and card expiry date. Without this information we will not be able to process your request or notify you of acceptance of your order. A contact telephone number may also be required so that we may contact you urgently if there is a problem with your order.
How we use your personal information?
We use personal information about you for the following purposes:
When processing your order or contact query.
Providing information about our products which can be personalised based on the information we have collected about you.
To verify your Identity.
For crime and fraud prevention, detection and related purposes.
The effectiveness of the advertising we serve you and others
Make suggestions and recommendations to you and other users of our site about the products we offer
With your agreement, to contact you electronically or through the post with promotional offers and products we think may interest you, so that you have exclusive access to our best deals. We use the information we have about you to tailor the content and try to ensure that the offers are as relevant to you as possible. If you would not like to receive these notifications, please select the relevant tick box at the basket/checkout page. For emails You can unsubscribe from all communications by simply clicking on the unsubscribe link placed in the end of every email communication we send. If, in the past, you have chosen to be notified and you no longer wish to receive correspondence from us please send an email to email@example.com and we will update your preferences
We may analyse your information to create a profile of your interests, preferences and purchase history so that we can contact you or provide you on your visit with more relevant products and information that would be interesting for you. We may source additional information from 3rd parties to enhance this.
You rave a right to object to profiling. If you would like to know more about this process then please contact firstname.lastname@example.org.
Security of your data
We follow a tight security procedure as required under Hungarian Data Protection Legislation (the Data Protection Act 2011. CXII. and EU 2016/679.) and in future Article 32(1)GDPR to protect the information that we store about you from unauthorised access. Our secure payment is via the highly respected and secure OTP (www.otpbank.hu) online payment system and information between you and us is 256 bit encrypted. We perform daily malware scans and restrict data access and have a internal confidentiality policy as follows:
Within dishirt we protect your privacy in 4 ways:
1. Access to customer account information is limited to those who need access for the performance of their job.
2. We use full login and password controls on our sales control system.
3. All full and part-time employees are required to sign a confidentiality clause as part of their terms of employment with the company.
4. Confidentiality and database access controls are reviewed periodically and updated as required to further protect your personal data.
3rd Party data express
As with many businesses dishirt relies on a number of core service providers who held fulfill our promise to you when you place an order, these may include our delivery partners such as Printful, our payment gateway and others within IT infrastructure and marketing services to help our business run smoothly and create a good experience for you. If you would like to understand more about Printful, please see their info poartal. …… and their pivacy policy.
First Party Cookie Integration
We may also use technologies, such as our own cookies, to provide you with relevant online display advertising tailored to your interests. Our marketing partner, Conversant, assists us in managing these technologies. To opt out of our cookies used for this online advertising or to submit a data subject request specific to these technologies.
Where data is shared with third parties we aim to ensure that this transfer is as secure as possible, we will conduct an audit of this process and potential impact on you plus we require all 3rd parties we work with to have a contract which outlines their compliance with appropriate data protection laws and that the use of the data is only used in relation to the purpose it is meant. Such as:
- PayPal | www.paypal.com – Payment Service
- Stripe | www.google.com – Payment Service
- Facebook (WhatsApp, Instagram) | www.facebook.com – Social Media Interaction
- Twitter | www.twitter.com – Social Media Interaction
- Google | www.google.com – Social Media Interaction
- Google Analytics | www.google.com – Analytics
- Adobe Analytics | www.adobe.com – Analytics
- FedEx | www.fedex.com – Product Delivery
- Latvijas Pasts | www.pasts.lv – Product Delivery
- DHL | www.dhl.com – Product Delivery
- USPS | www.usps.com – Product Delivery
- DPD | www.dpd.com – Product Delivery
- DHL | www.dhl.com – Product Delivery
- Printful | www.printful.com – Product Delivery
If, for any reason, you are unsure about the personal and account information we are holding in your name, please contact us by e-mail, email@example.com. We will happily review your file and update the records if required whether this is simply updating incorrect or out-of-date information or opting out of communications.
Right of Access – in accordance with Article 15 GDPR, you are entitled to obtain information, free of charge, about your saved data, where applicable, has a right to the correction, blocking, deleting of data (Article 5 (1 d), e) Article 12 and 17-19 GDPR). On Request dishirt shall inform the user in line with Valid Law in Writing of the User’s personal data (after appropriate security check to prove identity) we have saved. To request information that we may hold on you please email firstname.lastname@example.org with the subject line “Right of Access Request”. We will have one month (unless complex this can then be extended for 2 months) to respond to your request and will provide it in a common electronic format (CSV).
Right to lodge a complaint – In accordance to Article 77 GDPR. You have the right to complain to a supervisory body if you feel your data is being misused. Contact the ICO (Information Commissioners Office) for more information. We would hope that you would discuss with us any concerns so that we could look to rectify before it gets this far.
Right to Data Portability – In accordance to article 20 GDPR. You have the right to receive the personal data concerning yourself which you have provided to dishirt as the data controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.
Right to be Forgotten – In accordance with Article 17 GDPR, You have a right for your data to be forgotten and erased (anonymised personal data) from our systems. If you would like this to happen please email email@example.com with the Subject Line “Right to be Forgotten Request”. We will need to confirm your identity before doing this and we will be extremely sorry to see you go. Please note under some circumstances we may be able to refuse this request for example the HMRC requires companies to keep records of VAT for up to 6 years plus under terms of good of sale we may delay the erasure process until after the 14 days returns and refunds policy has expired after your last purchase.
Please note that the data cleansing process is total and we will have no records of your previous interaction. This is specific interest to rules following the Right to be Forgotten, which in turn may mean that we can legally acquire your data from opted in sources at a later date with no knowledge that you were once previous customer.
Please note, as advised by the ICO an Audit log comprising of just a name, plus the date the request came in, is kept for any access requests. A name on its own is not classed as personal identifiable information.
Our cookies can contain personal information about you and are used only to determine your browser and user preferences for our site. We believe that this can greatly assist us in providing you with the service that you desire and to enhance your browsing experience. However, if you prefer, your browser software should enable you not to accept cookies. You should still be able to use our site without cookies enabled. We may also use technologies, such as our own cookies, to provide you with personalised online display advertising tailored to your interests. To view the list of cookies and our policy please visit here.
To opt out of our cookies used for this online advertising, click here. (Youronlinechoices.com)
Legal basis for dishirt processing customer data
dishirt collects and uses customers’ personal data because it is necessary for the purposes of complying with our duties and exercising our rights under a contract for the sale of goods to a customer; or complying with our legal obligations. In general, we only rely on our legitimate interest or permission (e.g. when you tick a box to send us an email via our Contact us form) as a legal basis for processing in relation to sending direct marketing communications to customers via post, email or text messages. Customers have the right to withdraw consent at any time. Where consent is the only legal basis for processing we will cease to process data after consent is withdrawn.
Our Legitimate Interests
It is necessary for the legitimate interests of dishirt to process customer data as follows:
- Selling and supplying goods and services to our customers
- Protecting customers, employees and other individuals and maintaining there safety, health and welfare
- Promoting, marketing and advertising our products and services
- Personalising communications or content within emails and onsite
- Understanding customers behavior, activities, preferences and needs
- Improving existing or developing new products and services
- Complying with legal and regulatory obligations
- Preventing, Investigating and detecting crime, fraud, or anti-social behavior and prosecuting offenders, including working with law enforcement agencies
- Protecting dishirt, its customers, suppliers and employees, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to dishirt
Fulfilling our duties to our customers, colleagues, shareholders and other stakeholders
For more information around GDPR and Legitimate interest please see the ICO website guide here. For details relating to E-mail marketing and PECR regulations please see the ICO guide here.
Transferring your information outside Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Economic Area (EEA). For example International customers are redirected to a 3rd party payment system outside of the EU. These countries may not have similar data protection laws to Hungary. By submitting your personal data, You’re agreeing to this transfer, storing and processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy.
Data retention policy
Any information relating to your account (including order history, communications and correspondence records) is kept while you are still an active customer. If you have not bought within 5 years all data will be safely destroyed. We hold very little paper records but any relevant materials will be shredded. Electronic data sets will be deleted or anonymised from master sources and backups. An automated process to identify, alert and process these deletions is in place.
Please note that the data cleansing process is total and we will have no records of your previous interaction. This is specific interest to rules following the Right to be Forgotten, which in turn may mean that we can legally acquire your data from opted in sources at a later data with no knowledge that you were once previous customer.
Please note that within our website are a number of external links to other websites and companies, if you click on these then you will be subject to that 3rd parties privacy policies and not dishirt.
You can change your browser settings to delete certain cookies or not allow them to be stored on your computer or mobile device without your express consent. You can find information on how to handle cookies in the “Help” section of your browser.
You can find out how it all works in the browser you are using at the following links:
Google Chrome App:
The following websites will also help you understand how cookie-based advertising works and how you can manage your cookie settings:
Network Advertising Initiative – unsubscribe page:
This Privacy Document was updated on the 07 Jan 2021.