HU

Privacy statement

1. INTRODUCTION

The purpose of this Privacy Policy is to set out the Data Protection Principles and policies applied by Netkorzo Online Kft. In developing the provisions of the Data Protection Information, the Data Controller has taken into account in particular Regulation CXII of 2011 of the European Parliament and of the Council (“General Data Protection Regulation” or “GDPR”) on the right to information self-determination and freedom of information. (“Information Act”), Act V of 2013 on the Civil Code (“Civil Code”), as well as Act XLVIII of 2008 on the Basic Conditions and Certain Restrictions of Economic Advertising Activities. provisions of the Act (“Grtv.”).

The Data Controller reserves the right to change this prospectus at any time, and will notify customers in a timely manner of any such changes. Should the data subject have a question that is not clear on the basis of this notice, he / she may ask the Data Controller's contact details, where the Data Controller's employees will answer it to the best of their knowledge. Although the Data Controller is committed to maintaining the highest level of service quality, it is not liable for any damages resulting from the use of the system. In order to protect the personal data of its data partners and users, the Data Controller considers it extremely important to respect the right of its customers to self-determination of information. The Data Controller shall treat personal data confidentially and take all security, technical and organizational measures

 

2. DATA MANAGER

Name of data controller: Netkorzo Online Kft.

Registered office: H-2081 Piliscsaba, Béla király útja 87.

Tax number: 22774963-2-13

Company registration number: 13-09-139270

Registration authority: Registry Court of the Budapest District Court

Date of registration: 26.08.2010

Email: info@netkorzo.hu

Availability of the data protection information:   https://netkorzo.hu/adatvedelmi

 

3. DEFINITIONS

3.1. PERSONAL DATA

Data that can be related to a specific (identified or identifiable) natural person (data subject), a conclusion that can be drawn from the data about the data subject. Personal data retains this quality during data processing as long as its connection with the data subject can be restored. In particular, a person shall be deemed to be identifiable if he or she can be identified, directly or indirectly, by reference to a name, an identification mark or one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity.

3.2. REGISTRATION SYSTEM

A set of personal data, disaggregated by any means, centralized, decentralized, functional or geographically, that is accessible according to specific criteria.

3.3. DATA MANAGER

A natural or legal person, or an organization without legal personality, which determines the purpose of the processing of data, makes and implements decisions on the processing of data (including the means used) or with a data controller entrusted by it.

3.4. DATA PROCESSOR

The natural or legal person or organization without legal personality who processes personal data on behalf of the Data Controller.

 

3.5. ADDRESSEE

Any natural or legal person, public authority, agency or any other body to whom personal data are disclosed, whether or not it is a third party. Public authorities that may have access to personal data in the framework of an individual investigation in accordance with Union or Member State law shall not be considered as recipients. The processing of such data by these public authorities must comply with the applicable data protection rules in accordance with the purposes of the processing.

 

3.6. AFFECTED

Any natural person identified or identifiable, directly or indirectly, on the basis of specific personal data.

 

3.7. THIRD PARTY

A natural or legal person or an organization without legal personality who is not the same as the data subject, the Data Controller or the data processor.

 

3.8. CUSTOMER

A Data Subject who uses a service of the Data Controller.

 

3.9. USER

Any natural person who contacts the Data Controller will visit their website.

3.10. DATA HANDLING

Irrespective of the procedure used, any or all operations performed on the data, such as collecting, recording, recording, organizing, storing, altering, using, transmitting, disclosing, reconciling or linking, blocking, deleting and destroying the data, and further prevention. Data management also includes the taking of photographs, sound or images, as well as the recording of physical characteristics that can be used to identify a person (eg fingerprint or palm print, DNA sample, iris image).

3.11. PROFILING

Any form of automated processing of personal data in which personal data are evaluated for the purpose of assessing certain personal characteristics of a natural person, in particular those relating to performance, economic status, state of health, personal preferences, interests, reliability, behavior, location or movement or used to predict.

3.12. NAMED

The processing of personal data in such a way that it is no longer possible to determine to which individual the personal data relate without the use of additional information, provided that such additional information is stored separately and technical and organizational measures are taken to ensure that an identified or this personal data cannot be linked to identifiable natural persons.

3.13. DATA PROCESSING

Perform technical tasks related to Data Protection operations, regardless of the method and means used to perform the operations and the place of application.

3.14. CONTRIBUTION

Voluntary and firm expression of the data subject's wishes, based on adequate information and giving his or her unambiguous consent to the processing of personal data concerning him or her, in full or in part.

3.15. PRIVACY INCIDENT

A breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access to personal information that is transmitted, stored, or otherwise handled.

3.16. PROTEST

A statement by the Data Subject objecting to the processing of his / her personal data and requesting the termination of the data processing and the deletion of the processed data.

3.17. DATA TRANSMISSION

If the data is made available to a specific third party.

3.18. DATA DELETION

Making data unrecognizable in such a way that it is no longer possible to recover it.

 

4. PRINCIPLES IN DATA PROCESSING

The processing of personal data is lawful only if and to the extent that at least one of the following is met:

A. the data subject has consented to the processing of his or her personal data for one or more specific purposes;

B. the processing is necessary for the performance of a contract to which the data subject is subject or at the request of the data subject prior to the conclusion of the contract;

C. the data processing is necessary to fulfill the legal obligation to the Data Controller;

D. the processing is necessary for the protection of the vital interests of the data subject or of another natural person;

E. the processing is necessary for the performance of a task in the public interest or in the exercise of a public authority conferred on the Data Controller;

F. the processing is necessary for the protection of the legitimate interests of the Data Controller or of a third party, unless those interests take precedence over the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, in particular if the child concerned.

The Data Controller handles personal data in accordance with the principles of good faith, fairness and transparency, as well as the provisions of applicable law and this Privacy Statement.

The Data Controller uses the personal data only with the consent of the Data Subject or for the purpose of performing a contract, only for a purpose.

The Data Controller will only process personal data in this Privacy Statement or for the purpose specified in the relevant legislation. The scope of personal data processed is proportionate to the purpose of the data processing. In all cases where the Data Controller intends to use personal data for a purpose other than the purpose of the original data collection, it shall inform the Data Subject thereof and obtain its prior express consent, or provide him or her with an opportunity to prohibit the use.

The Data Controller does not check the personal data provided, the Data Subject is solely responsible for their adequacy.

The personal data of a person under the age of 16 may only be processed with the consent of an adult exercising parental supervision over him or her. The Data Controller is not in a position to check the consent of the consenting person or the content of his / her statement, so the data subject or the person exercising parental supervision over him / her guarantees that the consent complies with the law. In the absence of a consent statement, the Data Controller will not collect personal data about the Data Subject who has not reached the age of 16, except for the IP address used when using the service, which will be recorded automatically due to the nature of the Internet services. 

The Data Controller will not transfer the personal data processed by it to third parties other than the Data Processors specified in this Privacy Policy. An exception to the provision contained in this section is the use of the data in a statistically aggregated form, which does not contain any other data suitable for the identification of the Data Subject in any form, thus not

constitutes data processing or data transmission. In some cases, the Data Controller - due to a formal court or police request, legal proceedings due to copyright or property or other violation of the Data Controller, violation of the Data Controller's interests, endangering the provision of services, etc. - make the available personal data of the Data Subject available to third parties.

The Data Controller shall ensure the security of personal data, take the technical and organizational measures and establish the procedural rules that ensure that the recorded, stored and processed data are protected and prevent their accidental loss, unauthorized destruction, unauthorized access, unauthorized use and unauthorized alteration or distribution. In order to fulfill this obligation, the Data Controller invites all third parties to whom it transmits personal data.

Subject to the relevant provisions of the GDPR, the Data Controller will not appoint a Data Protection Officer.

The service provider is considered a data processor with regard to the data collected on the websites and webshops of the customers using its services, and does not perform data management in this respect. The Customer, as the Data Controller, can provide information on the scope of the personal data processed in this way, the purpose, title and duration of the processing, and the Customer is solely responsible for the data management of these data.

 

5. SCOPE OF PERSONAL DATA PROCESSED, PURPOSE, LEGAL BASIS AND DURATION OF THE DATA PROCESSING 

5.1. DATA OF VISITORS OF THE WEBSITE, LOGS

When visiting its own websites, the Data Controller records the IP address of the Users, the time of the visit and the address of the page viewed. The data is used by the Data Controller to operate the protection system, to detect errors, to clarify disputes and to prove abuses. The data will be deleted after 2 months. The Data Controller does not use personally identifiable cookies on its own websites.

5.2. CUSTOMER REGISTRATION, ORDER

It is only possible to order the services of the Data Controller after registration. The purpose and legal basis of data management is the fulfillment of orders, the provision of services, contact with the Customer, the fulfillment of contractual obligations and the exercise of rights arising from the order, the fulfillment of accounting obligations, and the sending of newsletters and information letters. The personal data requested during the registration is the following: username, password, name, address, telephone number, e-mail address, the number of the identification document in case of ordering a certain domain name, according to the registration policy of the given domain termination. The Data Controller will store the data necessary for the performance of the contract for 5 years after the end of the subscription period, taking into account that a civil law claim related to the contract may arise within this time.

5.3. NEWSLETTER

The purpose of data management is to send an e-mail-based newsletter to those interested, to provide information on current information and services. The legal basis for data processing is the voluntary consent of the data subject or the legitimate interest of the Data Controller and the XLVIII of 2008 on the basic conditions and certain restrictions of commercial advertising activities. Section 6 (5) of the Act. The scope of the managed data: name, e-mail address. The duration of the data processing lasts until it is revoked in the case of a statement of consent, and until the exercise of the right of protest in the case of a legitimate interest of the Data Controller. The data subject may exercise the right to withdraw the consent or to protest by clicking on the link in the sent newsletter or by sending a letter to the Data Controller's registered office by post.

5.4. CUSTOMER SERVICE

The Data Controller provides customer service to the Users. Depending on the form of the request, the User consents to the processing of his / her personal data. Incoming e-mails, telephone conversations, messages sent using the contact forms on the website, online conversations together with all voluntarily provided data are recorded by the Data Controller, stored for a maximum of 5 years and used in connection with the provision of the service.

5.5. JOB APPLICATION

It provides an opportunity to apply for a job on the Data Controller's website. Information requested when applying: name, telephone number, e-mail address, professional CV. The personal data provided will be stored electronically until the withdrawal of consent at the latest.

 

6. RANGE OF ADDITIONAL DATA PROCESSED BY THE DATA CONTROLLER

In order to serve, the Data Controller places a data packet (so-called "cookie") on the User's computer, the primary purpose of which is process identification and load distribution. All cookies are necessary for the basic operation of the website and are not suitable for personal identification. The User can delete the cookie from his / her own computer or set his / her browser to disable the use of cookies. By disabling the use of cookies, the User acknowledges that without a cookie the operation of the given page is not complete.

The Data Controller uses the following cookies:

A. Session ID cookies

B. Password note cookies

C. Google statistics, adwords and remarrketing cookies

 

7. METHOD AND SECURITY OF DATA MANAGEMENT

The Data Controller handles and stores all personal data electronically, no paper-based copy of personal data is made. The computer systems and other data storage devices of the Data Controller were located at its headquarters and in the server room of Servergarden Kft. (Budapest, District XI, Expo tér 5-7.). Data stored on servers cannot be accessed by server room staff. The Data Controller undertakes to apply appropriate technical and organizational measures taking into account the state of science and technology and the costs of implementation, as well as the nature, scope, circumstances and purposes of data processing and the varying probability and severity of the risk to the rights and freedoms of natural persons. Covering the full range of your privacy activities. The Data Controller shall protect the data with appropriate measures, in particular against unauthorized or infringing access, alteration, transmission, disclosure, loss, deletion or destruction, as well as accidental destruction, alteration and damage, as well as becoming inaccessible due to changes in the technology used. The

The data controller is obliged to handle the data using the data security level in accordance with the best industry practice, the GDPR, the current Hungarian legislation and any other data protection and data security legislation. In the event of data loss due to the fault of the Data Controller, the Data Controller is obliged to restore the data free of charge.

Electronic messages transmitted over the Internet, regardless of protocol (e-mail, web, ftp, etc.), are vulnerable to network threats that lead to unfair activity, contract disputes, or the disclosure or modification of information. To protect against such threats, the Data Controller will take all precautionary measures required of it. It monitors the systems to record any security incidents and provide evidence of any security incidents. System monitoring also allows you to check the effectiveness of the precautions taken.

 

8. RANGE OF PERSONS ACCESSING DATA, DATA TRANSMISSION, DATA PROCESSING

 

The data are primarily accessible to the Data Controller's or the Data Controller's internal employees, however, they are not published, they are not transferred to third parties, except for the data processors and the cooperating external service providers. The Data Controller may use a data processor or co-operate with external service providers in order to fulfill orders, ensure the operation of the services and settle the settlement.

8.1. DATA PROCESSORS

In connection with the customers, the Data Controller transmits data to the following companies and uses the following data processors. The Data Processors do not make an independent decision, they are only entitled to act in accordance with the contract concluded with the Data Controller and the instructions received. The data processors shall record, process and process the personal data transmitted to them by the Data Controller in accordance with the provisions prescribed by the GDPR. processed.

 

Name: Servergarden Ltd.

Headquarters: 1139 Budapest, Váci út 99-105. Balance Building intact. 3. em.

Tax number: 24855608-2-41

Company registration number: 01 09 186097

 

8.2. EXTERNAL SERVICE PROVIDERS, RECIPIENT

In order to provide the service, the Data Controller may cooperate with external data controllers and transfer personal data to them, as follows. The Data Controller is not responsible for the Privacy Policy of external service providers.

A. Internet Service Providers Council, H-1132 Budapest, Victor Hugo u. 18-22.

 

9. RIGHTS OF THE PERSON CONCERNED
9.1. RIGHT OF ACCESS
The Data Subject has the right to receive feedback from the Data Controller as to whether the processing of his / her personal data is in progress and, if such data processing is in progress, he / she has the right to get acquainted with his / her personal data and the information listed in the Decree.

9.2. RIGHT OF CORRECTION
The Data Subject has the right to have inaccurate personal data concerning him / her corrected at his / her request without undue delay. Taking into account the purpose of the data processing, the data subject has the right to request that the incomplete personal data be supplemented, inter alia, by means of a supplementary statement.

9.3. RIGHT TO CANCEL
The Data Subject has the right to delete the personal data concerning him / her without undue delay upon his / her request, and the Data Controller is obliged to delete the personal data concerning the data subject without undue delay if one of the following reasons exists:

A. personal data are no longer required for the purpose for which they were collected;

B. the data subject withdraws his or her consent to the processing and there is no other legal basis for the processing;

C. the Data Subject objects to the processing of his or her data and there is no overriding legitimate reason for the processing of the data.

Where the controller has disclosed personal data and is required to delete them, it shall take reasonable steps, including technical measures, taking into account the technology available and the cost of implementation, to inform the controllers that the data subject has requested such personal data. deleting links to data or a copy or duplicate of such personal data.

9.4. RIGHT TO RESTRICT DATA PROCESSING
The Data Subject has the right to restrict the data processing at the request of the Data Controller if

A. the Data Subject disputes the accuracy of the personal data;

B. the Data Controller no longer needs the personal data, but the data subject requests it in order to enforce legal claims.

9.5. RIGHT TO DATA PORTABILITY
The Data Subject is entitled to receive the personal data concerning him / her made available to the Data Controller in a structured, widely used, machine - readable format, if the data processing is based on consent or contract and the data processing is automated.

9.6. RIGHT TO PROHIBIT
The Data Subject has the right to object to the processing of his / her personal data at any time for reasons related to his / her situation, if the processing of personal data is in the legitimate interest of the Data Controller.

 

10. METHOD OF ENFORCEMENT
The Data Controller can be contacted at the contact details specified in point 2 with any questions or remarks related to data management. 

The Data Subject's complaint related to data management directly to the National Data Protection and Freedom of Information Authority (address: 1125 Budapest, Szilágyi Erzsébet fasor 22 / c .; phone: + 36-1-391-1400; e-mail: ugyfelszolgalat@naih.hu; website:  www.naih.hu)  .

In case of violation of the rights of the Data Subject, he / she may go to court. The court has jurisdiction to hear the case. The lawsuit may also be instituted before the court of the data subject's place of residence or stay, at the choice of the data subject. Upon request, the Data Controller shall inform the Data Subject of the possibility and means of legal redress.

 

11. APPLICABLE LAW, OTHER PROVISIONS
This Privacy Statement is governed by Hungarian law.

If the laws in force in the User's country impose stricter rules on the parties than those contained in this Privacy Statement, the User is obliged to comply with them. However, the User acknowledges and agrees that the Data Controller's liability is based on the law applicable to this Privacy Statement and excludes its liability for failure to comply with the provisions of the User's country to the fullest extent possible under applicable law and court decisions.

This Privacy Statement is for information purposes only and is not sufficient to fully understand the data processing. In the case of questions to which this Privacy Statement did not provide a clear answer, the User may request information from the Data Controller at the contact details indicated in point 2.

 

 

Date: Budapest, March 30, 2022.

Entry into force: 30.03.2022

Sütibeállításokkal kapcsolatos információk

Weboldalunk sütiket használ az oldal működtetése és használatának megkönnyítése érdekében.

×
I accept the cookies for the following categories: