In the course of its activities, Vegis Hun Kft.
Data of the Data Controller:
- Company name: Vegis Hun Kft.
Company registration number: 01-09-196406
Headquarters: 1065 Budapest, Podmaniczky út 13 F1.
Tax number: 25042108-2-42
The Data Controller handles the personal data provided to it in all cases in compliance with the valid Hungarian and European legislation and ethical requirements, and in all cases takes the technical and organizational measures necessary for the proper secure data management.
These regulations are based on the following current legislation:
- 1995. year CXIX. TV. on the management of name and address data for the purpose of research and direct business acquisition
- 2001. year CVIII. TV. on certain aspects of electronic commerce services and information society services
- 2011. Act CXII of 2006 on the right to self-determination of information and freedom of information
- Regulation (EU) No 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46
The Data Controller undertakes to comply unilaterally with these Terms and Conditions and requests that its customers also accept the provisions of these Terms and Conditions. The data controller reserves the right to change the data protection policy, in which case the amended policy will be made public.
In our policy, the terms data protection have the following meaning:
Personal data: data that can be linked to any specific (identified or identifiable) natural person (hereinafter: data subject), a conclusion that can be drawn from the data about the data subject. Personal data retains this quality during data processing as long as its connection with the data subject can be re-established. In particular, a person shall be deemed to be identifiable if he or she can be identified, directly or indirectly, by reference to a name, an identification mark or one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity.
Consent: the voluntary and explicit expression of the will of the data subject, based on adequate information and giving his or her unambiguous consent to the processing of personal data concerning him or her, in full or in part.
Objection: a statement by the data subject objecting to the processing of his or her personal data and requesting the termination of the processing or the deletion of the processed data.
Data controller: a natural or legal person or an organization without legal personality who, alone or together with others, determines the purpose of data processing, makes and implements decisions on data processing (including the means used) or implements them with the Data Processor.
Data handling: regardless of the procedure used, any or all operations performed on the data, in particular the collection, recording, recording, organization, storage, modification, use, interrogation, transmission, disclosure, reconciliation or linking, blocking, erasure and destruction of the data, and preventing its further use, taking photographs, sound or images and recording physical characteristics capable of identifying a person.
Data transfer: making the data available to a specific third party.
Disclosure: making data available to anyone.
Data erasure: making data unrecognizable in such a way that it is no longer possible to recover it.
Data marking : the identification of the data in order to distinguish it.
Data blocking: the identification of data to limit their further processing permanently or for a specified period of time.
Data Destruction: The complete physical destruction of the media containing the data.
Data processing: the performance of technical tasks related to data management operations, regardless of the method and means used to perform the operations and the place of application, provided that the technical task is performed on the data.
Data processor: a natural or legal person or an organization without legal personality who processes data under a contract, including a contract concluded in accordance with the provisions of law.
Data set: the totality of the data managed in one record.
Third party: a natural or legal person or entity without legal personality who is not the data subject, the controller or the processor.
EEA State: a Member State of the European Union and another State party to the Agreement on the European Economic Area and a State of which a State party to the Agreement on the European Economic Area is a national under an international agreement concluded between the European Union and its Member States and a State not party to the Agreement on the European Economic Area enjoy the same status as a national of that State.
Third country: any state that is not an EEA state.
Data protection incident: unlawful handling or processing of personal data, in particular unauthorized access, alteration, transmission, disclosure, deletion or destruction, and accidental destruction and damage.
PRINCIPLES OF DATA MANAGEMENT
Personal data may be processed if the data subject consents to it or if it is ordered by law or – based on the authorization of a law, within the scope specified therein – by a decree of a local government.
Personal data may only be processed for a specific purpose, in order to exercise a right and fulfill an obligation. This purpose must be met at all stages of data management.
Only personal data that is necessary for the realization of the purpose of data processing, suitable for the achievement of the purpose, may be processed only to the extent and for the time necessary for the realization of the purpose.
Personal data may be transferred and the various data processing operations may be combined if the data subject has consented to it or is permitted by law and if the conditions for data processing are met for each personal data.
Personal data may be transferred from the country to a controller or processor in a third country, regardless of the medium or the mode of data transmission, if the data subject has expressly consented to this or is permitted by law, and during the handling or processing of the transferred data in the third country. an adequate level of protection of personal data is ensured.
In the case of mandatory data processing, the purpose and conditions of data processing, the scope and availability of the data to be processed, the duration of data processing and the identity of the data controller are determined by the law or local government decree ordering data processing.
The law may, in the public interest, order the disclosure of personal data by explicitly indicating the scope of the data. In all other cases, the consent of the data subject is required for disclosure, or in the case of special data, written consent. In case of doubt, it shall be presumed that the data subject has not given his consent.
The consent of the data subject shall be deemed to be given in respect of the data which he or she discloses in the course of his or her public performance or which he or she discloses for the purposes of disclosure. In proceedings initiated at the request of the data subject, his or her consent to the processing of his or her necessary data shall be presumed. This fact must be brought to the attention of the person concerned. The data subject may also give his / her consent in the framework of a written contract concluded with the Data Controller in order to fulfill the provisions of the contract. In this case, the contract must contain all the information that the data subject must know from the point of view of the processing of personal data, in particular the definition of the data to be processed, the duration of the data processing, the purpose of use, data transmission and data processing. The contract must state unequivocally that, by signing, the data subject consents to the processing of his or her data as specified in the contract.
The right to the protection of personal data and the personal rights of the data subject, unless otherwise provided by law, may not be infringed by other interests in the processing of data, including the disclosure of data of public interest.
FUNDAMENTALS OF DATA MANAGEMENT
In all cases, the processing of personal data by the Data Controller is based on law or voluntary consent. In some cases, data processing, in the absence of consent, on another legal basis or under Article 6 of the Regulation. rests on Article.
Website visitor data
The Data Controller does not record the user’s IP address or other personal data when visiting the websites operated by it.
The php code of the websites operated by the Data Controller may contain links to and from an external server for the purpose of web analytics measurements. The measurement also includes conversion tracking. The web analytics service provider does not handle personal data, only data related to browsing that is not suitable for identifying individuals. Web analytics services are currently provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043) as part of Google Analytics.
The Data Controller may use the name and email address of the user who has subscribed to the newsletter to send newsletters for marketing purposes.
SECURITY OF DATA PROCESSING
- GoDaddy Operating Company, LLC.
- Stripe Inc.
185 Berry Street
San Francisco, CA 94107
Az Adatkezelő az adatokat védi különösen a jogosulatlan hozzáférés, megváltoztatás, továbbítás, nyilvánosságra hozatal, törlés vagy megsemmisítés, valamint a véletlen megsemmisülés és sérülés ellen. Az Adatkezelő a szerver üzemeltetőivel együtt olyan technikai, szervezési és szervezeti intézkedésekkel gondoskodik az adatok biztonságáról, ami az adatkezeléssel kapcsolatban jelentkező kockázatoknak megfelelő védelmi szintet nyújt.
RIGHTS OF STAKEHOLDERS
The data subject may request information on the processing of his / her personal data, as well as request the correction or deletion of his / her personal data, with the exception of the data processing required by law, at any of the Data Controller’s contact details or on the website.
At the request of the data subject, the Data Controller shall provide information on the data processed by him / her, the purpose, legal basis, duration of the data processing, the name, address (registered office) and activities related to data processing, as well as who received or received the data.
The Data Controller is obliged to provide the information in writing, in a comprehensible form, free of charge as soon as possible after the submission of the request, but no later than within 25 days.
The Data Controller is obliged to correct personal data that does not correspond to reality.
Personal data shall be deleted by the Data Controller if their processing is unlawful, requested by the data subject, incomplete or incorrect – and this condition cannot be legally corrected – provided the deletion is not precluded by law if the purpose of data processing is terminated expired or ordered by a court or data protection commissioner. The rectification and erasure shall be notified to the data subject and to all persons to whom the data have previously been transmitted for data processing purposes. The notification may be omitted if it does not harm the legitimate interests of the data subject with regard to the purpose of the processing. The data subject may object to the processing of his or her personal data if the processing (transfer) of personal data is only necessary to enforce the right or legitimate interest of the data controller or the data recipient, unless the processing is required by law, the use or transfer of personal data or for the purpose of scientific research, the exercise of the right to protest is otherwise permitted by law.
The Data Controller – with the simultaneous suspension of data processing – is obliged to examine the protest within the shortest time from the submission of the application, but not later than within 15 days, and to inform the applicant in writing of the result. If the protest is justified, the data controller is obliged to terminate the data processing, including further data collection and data transfer, and to block the data, as well as to notify all persons to whom he or she has previously transferred the data subject of the protest and who are obliged to take measures to enforce the right to protest.
If the data subject’s rights are violated, he or she may take legal action against the data controller before the court or the data protection authority. Remedies and complaints are available at the following contacts:
Name: National Authority for Data Protection and Freedom of Information
Address: 1125 Budapest, Szilágyi Erzsébet avenue 22 / c.
Phone: 06- 1-391-1400 Fax: 06-1-391-1410
E-mail: firstname.lastname@example.org Website: naih.hu