- What principles do we follow in our data management?
Our Company follows the following principles in the processing of your data:
- we process personal data lawfully and fairly and in a transparent manner for you.
- personal data are collected only for specified, explicit and legitimate purposes and are not processed in a way incompatible with those purposes.
- the personal data we collect and process are adequate, relevant and limited to what is necessary for the purposes for which they are processed.
- our Company will take all reasonable steps to ensure that the data we process is accurate and, where necessary, kept up to date, and inaccurate personal data will be promptly deleted or rectified.
- personal data are stored in a form which allows you to be identified only for the time necessary to achieve the purposes for which the personal data are processed.
- we ensure adequate security of personal data against unauthorized or unlawful processing, accidental loss, destruction or damage by applying appropriate technical and organizational measures.
OUR COMPANY WILL PROCESS YOUR PERSONAL DATA
- on the basis of your prior informed and voluntary consent and only to the extent necessary and in any event for the purposes for which it is collected, recorded, processed, stored and used.
- in some cases, the processing of your data is based on legal requirements and is mandatory, in which case we will draw your attention to this fact.
- or in certain cases, our Company or a third party has a legitimate interest in the processing of your personal data, such as the operation, development and security of our website.
- Who we are?
The registered office of our Company: 2112 Veresegyház, Bánki Donát u. 4 (Hungary)
The premises of our Company: 2112 Veresegyház, Bánki Donát u. 4 (Hungary)
Homepage of our Company: veresmetal.hu
Our postal address: 2112 Veresegyház, Bánki Donát u. 4 (Hungary)
Our phone number: +36 30 654 3329
Our e-mail address: email@example.com
Our tax number: 22775603-2-13
Our company registration number: 13-09-161234
Our Company is not obliged to appoint a Data Protection Officer under Article 37 of the GDPR.
Name, address and contact details of our hosting provider:
IT-NAV Hungary Kft. 3300 Eger, Hatvani kapu tér 8. 3. em. 21. (Hungary)
Email address: firstname.lastname@example.org
Phone: +36 20 5800 489
The data we process:
|Activity description and purpose of data processing||Legal basis||Data processed||Duration||Registration number|
|Visiting the website To ensure the proper and high-quality operation of the website, to monitor and improve the quality of our services, to identify malicious visitors attacking our website, to measure the number of visitors, and statistical purposes||The legitimate interest of our company||IP address date and time of visit details of the pages visited, the operating system and browser type you are using||12 months|
|Administration, complaint responding to comments and complaints||Legal obligation||full name, e-mail address, telephone number, postal address, other personal messages||5 years|
If you have any questions about data processing, you can request further information by sending an e-mail to email@example.com or by post to the contact details you have provided, and we will respond to you without delay within 15 days (but not later than 1 month).
- What are cookies and how to handle them?
Some cookies do not require your prior consent. These are briefly disclosed by our website at the start of your first visit, such as authentication cookies, multimedia player cookies, load balancing cookies, session cookies to help you customize the user interface, and user-centric security cookies.
Our Company will inform you about cookies that require your consent – if the processing starts as soon as you visit the site – and ask for your consent at the beginning of your first visit.
We do not use or allow cookies that enable third parties to collect data without your consent.
Acceptance of cookies is not compulsory; however, our Company will not be liable if our website does not function as expected without the acceptance of cookies.
What cookies do we use?
|system cookies||not required||a session cookie in the web application firewall to prevent cross-referencing abuse||ensuring the functioning of the website||end browser session|
|tracking cookies (third party)||not required||to identify new sessions and visitors, the Google Analytics web tracking service went down||when you visit this website, you link to services provided by third parties (e.g. Google)||30 minutes|
You can read more about third party cookies here: https://www.google.com/policies/technologies/types/, and about data protection here https://www.google.com/analytics/learn/privacy.html?hl=hu
- What else do you need to know about our data management on our website?
You provide us with personal data voluntarily when registering or contacting our Company, and we therefore ask you to gradually ensure the truthfulness, accuracy and correctness of the data you provide, for which you are responsible. Incorrect, inaccurate or incomplete data may prevent you from using our services.
If you do not provide your own personal data but that of another person, we will assume that you have the necessary authorization to do so.
You may withdraw your consent to data processing at any time, free of charge
- by cancelling your registration,
- by withdrawing your consent to processing; or
- by withdrawing your consent to the processing or use of any data that you are required to provide during registration, or by requesting the blocking of your data.
For technical reasons, we will register the withdrawal of consent within 5 days, but please note that we may process certain data after the withdrawal of consent in order to comply with our legal obligations or to pursue our legitimate interests.
In the event of the use of misleading personal data, or if one of our visitors commits a criminal offence or attacks our Company’s system, we will delete your data immediately upon termination of your registration or, if necessary, retain it for the duration of the civil liability or criminal proceedings.
- Other data processing issues
We may only transfer your data to the extent permitted by law and, in the case of our data processors, we will ensure that they cannot use your personal data for purposes that are not in accordance with your consent by imposing contractual conditions. For more information, see point 2.
Our company does not transfer data abroad.
The courts, prosecutors and other authorities (e.g. police, tax authorities, National Authority for Data Protection and Freedom of Information) may contact our Company for information, data or documents. In these cases, we must comply with our obligation to provide information, but only to the extent strictly necessary to fulfil the purpose of the request.
Our contractors and employees involved in the processing of your personal data are entitled to access your personal data to the extent specified in advance, subject to confidentiality obligations.
We will take appropriate technical and other measures to protect your personal data and to ensure its security, availability and to protect it from unauthorized access, alteration, damage or disclosure and any other unauthorized use.
As part of our organizational measures, we control physical access in our buildings, train our employees and keep paper documents locked away with appropriate protection. Technical measures include encryption, password protection and anti-virus software. Please note, however, that data transmission over the Internet cannot be considered a fully secure transmission. We do our best to make our processes as secure as possible, however, we cannot take full responsibility for the transmission of data through our website, but we do maintain strict standards for the security of your data and the prevention of unlawful access to the data we receive.
What are your rights and remedies?
- request information about the processing of your data,
- request the rectification, modification or integration of your personal data processed by us,
- object to the processing and request the erasure and blocking of their data (except for mandatory processing),
- have recourse to the courts,
- complain to the supervisory authority or initiate proceedings (https://naih.hu/panaszuegyintezes-rendje.html).
Supervisory Authority: National Authority for Data Protection and Freedom of Information
- Registered office: 1125 Budapest, Szilágyi Erzsébet fasor 22/c. (Hungary)
- Postal address: 1530 Budapest, Pf.: 5.
- Telephone: +36 (1) 391-1400
- Fax: +36 (1) 391-1410
- E-mail: firstname.lastname@example.org
At your request, we will provide you with information about the data processed by us or by our data processor and the source of that data. At your request, we will provide you with information about:
- the purposes and legal basis of the processing,
- the duration of the processing and, if this is not possible, the criteria for determining this duration,
- the names and addresses of our data processors and their data processing activities,
- the circumstances of data breaches, their effects and the measures we have taken to prevent and respond to them; and
- the legal basis and the recipient of the transfer of your personal data.
We will provide you with information within 15 days (but not more than 1 month) of the request. The information is free of charge unless you have already submitted a request for information in the current year for the same set of data. We will refund any compensation you have already paid if we have processed the data unlawfully or if the request for information has led to a correction. We may refuse to provide information only in cases provided for by law, by indicating the place where the information is provided and by informing you of the possibility of judicial remedy or recourse to the Authority.
Our Company will notify you of the rectification, blocking, flagging and erasure of personal data, as well as all those to whom it has previously disclosed the data for processing, unless the non-notification is not in your legitimate interest.
If we do not comply with your request for rectification, blocking or erasure, we will, within 15 days (but not more than 1 month) of receipt of the request, inform you in writing or, with your consent, by electronic means, of the reasons for our refusal and inform you of the possibility of judicial remedy and of recourse to the Authority.
If you object to the processing of your personal data, we will consider your objection within 15 days (but not more than 1 month) of your request and inform you in writing of our decision. If we decide that your objection is justified, we will stop the processing, including any further collection and transfer, and block the data, and notify the objection and any action taken in response to it to all those to whom we have previously disclosed the personal data to which the objection relates and who are obliged to act to enforce the right to object.
We will refuse to comply with the request if we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. If you disagree with our decision or if we miss the deadline, you have 30 days from the date of the decision or the last day of the deadline to take legal action.
Data protection litigation falls within the jurisdiction of the courts, which may, at the option of the data subject, be brought before the courts of the place of residence or domicile of the data subject. A foreign citizen can also lodge a complaint with the supervisory authority of his/her place of residence.
Before lodging a complaint with a supervisory authority or a court, please contact our Company to discuss and resolve the problem as quickly as possible.
- What is the main legislation governing our activities?
- Regulation (EU) 2016/679 of the European Parliament and of the Council on the processing of personal data of natural persons (GDPR)
- Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information – (“Info” Act)
- Act V of 2013 on the Civil Code (Civil Code Act)
- Act CVIII of 2001 on certain aspects of electronic commerce services and information society services – (“Eker” Act)
- Act C of 2003 on electronic communications – (“Eh” Act)
- Act CLV of 1997 on Consumer Protection (“Fogyv” Act)
- Act CLXV of 2013 on complaints and notifications of public interest. (“Pk” Act)
- Act XLVIII of 2008 on the Basic Conditions and Certain Limits of Economic Advertising Activities (“Gr” Act)