Privacy Policy
The service provider/data controller processes the data of registered individuals on the website for the purpose of providing appropriate services to them.
The service provider fully intends to comply with the legal regulations regarding the processing of personal data, particularly those set out in Regulation (EU) 2016/679 of the European Parliament and the Council.
This privacy notice is made in accordance with Regulation (EU) 2016/679 of the European Parliament and the Council regarding the protection of personal data and the free movement of such data, taking into account Act CXII of 2011 on the right to informational self-determination and freedom of information.
The name and contact details of the service provider/data controller:
Company name: Smart Office Solutions Kft.
Headquarters and mailing address: 1117 Budapest, AlÃz utca 1.
Email address: smart[at]smart-office.hu
Phone: +36 1 411 34 11
Tax number: 25144808-2-43
Website: www.smart-office.hu
Definitions:
- GDPR (General Data Protection Regulation): The European Union’s new Data Protection Regulation.
- Data processing: Any operation or set of operations performed on personal data or data sets, whether automated or non-automated, including collection, recording, organizing, structuring, storing, altering or changing, retrieval, consultation, usage, communication, transmission, dissemination, or otherwise making accessible, coordination, or combination, restriction, deletion, or destruction.
- Data processor: A natural or legal person, public authority, agency, or any other body that processes personal data on behalf of the data controller.
- Personal data: Any information relating to an identified or identifiable natural person (data subject); an identifiable person is one who can be identified, directly or indirectly, particularly by reference to an identifier such as a name, number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
- Data controller: A natural or legal person, public authority, agency, or any other body that determines the purposes and means of the processing of personal data, either alone or in conjunction with others; if the purposes and means of the processing are determined by Union or Member State law, the data controller or special criteria for the designation of the data controller may be determined by Union or Member State law.
- Data subject’s consent: A voluntary, specific, informed, and unambiguous indication of the data subject’s wishes, expressed through a statement or a clear affirmative action, which signifies agreement to the processing of their personal data.
- Data breach: A security breach that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise processed.
- Recipient: A natural or legal person, public authority, agency, or any other body to whom or which personal data is disclosed, regardless of whether it is a third party. Public authorities that may receive personal data in the context of a specific inquiry under Union or Member State law are not considered recipients; the processing of personal data by these authorities must comply with applicable data protection laws according to the purpose of the processing.
- Third party: A natural or legal person, public authority, agency, or any other body which is not the data subject, the data controller, the data processor, or those authorized to process personal data under the direct authority of the data controller or processor.
The principles of data processing:
The data controller declares that the processing of personal data will be carried out in accordance with the provisions of this privacy notice and in compliance with the relevant legal requirements, with particular regard to the following:
Personal data must be processed lawfully, fairly, and in a transparent manner in relation to the data subject.
Personal data collection may only take place for specific, clear, and lawful purposes.
The purpose of processing personal data must be appropriate and relevant, and limited to the necessary extent.
Personal data must be accurate and up to date. Inaccurate personal data must be deleted without delay.
Personal data must be stored in a form that allows identification of data subjects only for as long as necessary for the purposes for which the data was collected. Personal data may only be stored for a longer period if it is for the purpose of public interest archiving, scientific or historical research, or statistical purposes.
Personal data must be processed in a way that ensures appropriate security through the use of technical or organizational measures, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage.
The principles of data protection must be applied to any information relating to an identified or identifiable natural person.
Important Data Processing Information
The purpose of data processing is for the service provider / data controller to provide appropriate additional services to individuals registered on the website during the operation of the website.
The legal basis for data processing is the consent of the data subject.
The scope of individuals affected by the data processing includes the registered users of the website.
Data Processing Duration and Data Deletion: The duration of data processing depends on the specific user purpose, but the data must be deleted without delay once the originally intended purpose has been fulfilled. The data subject can withdraw their consent to data processing at any time by sending an email to the contact email address. If there is no legal obstacle to deletion, the data will be deleted.
Those entitled to access the data include the data controller and its employees.
The data subject may request from the data controller access to their personal data, its rectification, deletion, or restriction of processing, and may object to the processing of such personal data, as well as exercise their right to data portability.
The data subject can withdraw their consent to data processing at any time, but this does not affect the legality of the data processing carried out prior to the withdrawal.
The data subject has the right to file a complaint with the supervisory authority.
If the data subject wishes to use the benefits offered by registration, i.e., to access the services provided by the website, providing the requested personal data is necessary. The data subject is not obligated to provide personal data, and failure to provide data will not result in any disadvantage. However, some website functions may not be available without registration.
The data subject has the right to request the data controller to rectify or complete any inaccurate personal data without undue delay.
The data subject has the right to request the data controller to delete any inaccurate personal data without undue delay. The data controller is obligated to delete the personal data of the data subject without undue delay if there is no other legal basis for processing.
Modifications or deletions of personal data can be initiated via email, phone, or letter through the contact details provided above.
Cookies
Cookies are small files placed on a user’s computer by the websites they visit, containing information such as page settings or login status.
Cookies are small files created by the websites you visit. By saving browsing data, they improve the user experience. With cookies, the website remembers its settings and offers relevant local content.
The service provider sends a small file (cookie) to the visitor’s computer to determine the fact and time of the visit. The service provider informs the visitor about this.
The individuals affected by the data processing are the website visitors.
The purpose of data processing is additional services, identification, and tracking of visitors.
The legal basis for data processing: User consent is not required if the use of cookies is essential for the service provider.
The scope of data: unique identifier, timestamp, setting data.
The user has the option to delete cookies at any time from the browser settings.
Those entitled to access the data: The data controller does not process personal data through the use of cookies.
The data storage method is electronic.
Sending newsletter
As the operator of the website, we declare that we fully comply with the applicable legal provisions when publishing information and descriptions. We also declare that, upon subscribing to the newsletter, we are unable to verify the authenticity of the contact details provided or determine whether the given data refers to a natural person or a business. Businesses that contact us are treated as client partners.
Purpose of Data Processing
The purpose of data processing is to send professional newsletters, promotional electronic messages, information, and updates, from which you can unsubscribe at any time without consequences. You may unsubscribe without any consequences even if your business has ceased to exist, if you have exited the business, or if someone else provided us with your contact information.
Legal Basis for Data Processing
The legal basis for data processing is your consent. We inform you that, by registering, you explicitly consent to being contacted by the service provider at the email address provided with offers, information, and other communications. As a result, the user consents to the processing of their necessary personal data for this purpose.
Data Provision
To receive our newsletter, you are required to provide the necessary data. If you do not provide this information, we will not be able to send you the newsletter.
Duration of Data Processing
Data processing continues until the withdrawal of your consent. You can withdraw your consent to data processing at any time by sending an email to the contact email address.
Data Deletion
Data will be deleted when the consent to data processing is withdrawn. You can withdraw your consent at any time by sending an email to the contact address.
Right to Withdraw Consent
Consent can also be withdrawn by using the “Unsubscribe” link included in the newsletters sent.
Access to Data
Only the data controller, employees, and data processors are authorized to access the data.
Data Storage Method
The data is stored electronically.
Modification or Deletion of Data
You can initiate the modification or deletion of your data via email, phone, letter, or using the “Unsubscribe” link at the bottom of the newsletters.
Registration on the Website
Purpose of Data Processing
The purpose of data processing is to provide additional services and establish contact.
Legal Basis for Data Processing
The legal basis for data processing is your consent.
Scope of Data Processing
The data subjects involved in the data processing are the registered users of the website.
Duration of Data Processing
Data processing continues until your consent is withdrawn. You may withdraw your consent to data processing at any time by sending an email to the contact email address.
Data Deletion
Data will be deleted when consent to data processing is withdrawn. You can withdraw your consent at any time by sending an email to the contact address.
Access to Data
Only the data controller, employees, and data processors are authorized to access the data.
Data Storage Method
The data is stored electronically.
Modification or Deletion of Personal Data
You may initiate the modification or deletion of your personal data via email, phone, or letter, using the contact details provided above.
Necessity of Providing Personal Data
Providing personal data is essential for identification in databases and communication purposes. The accurate company name and address are required for invoicing, which is a legal obligation.
Scope of Processed Data – Specific Purpose of Data Processing
Name – Identification, contact, invoicing.
Company Name – Identification, contact, invoicing.
Email – Identification, contact.
Phone – Identification, contact.
Registration Date – Technical information operation.
IP Address – Technical information operation.
The data subject can provide their consent for data processing by intentionally ticking the checkbox specifically provided for this purpose on the website.
As the data subject, you have the right to object to the processing of your personal data. In this regard, you are entitled to proceed according to the data processing information and the regulations outlined in this notice, as well as the legal procedures described in the notice.
Social Media
Social media is a media tool where messages are spread through social users. Social media uses the internet and online platforms to enable users to transition from content consumers to content creators.
Social media refers to internet applications that host user-generated content, such as Facebook, Google+, Twitter, etc.
Forms of social media presence can include public speeches, presentations, demonstrations, product or service introductions.
Information published on social media can take the form of forums, blog posts, images, videos, audio files, message boards, email messages, etc.
Accordingly, the scope of data processed may include, in addition to personal data, the user’s public profile picture.
Data Subjects: All registered users.
Purpose of Data Collection: Promotion of the website or associated webpages.
Legal Basis for Data Processing: Voluntary consent of the data subject.
Duration of Data Processing: According to the regulations visible on the respective social media platform.
Data Deletion Deadline: According to the regulations visible on the respective social media platform.
Authorized to Access Data: As per the regulations visible on the respective social media platform.
Rights Related to Data Processing: As per the regulations visible on the respective social media platform.
Data Storage Method: Electronic.
It is important to note that when a user uploads or submits personal data, they grant the social media platform operator worldwide permission to store and use such content. Therefore, it is essential to ensure that the user has full rights to share the information being posted.
Google Analytics
Our website uses Google Analytics.
Google Analytics generates reports for its clients based on internal cookies, tracking the habits of website users.
On behalf of the website operator, Google uses this information to evaluate how users interact with the website. As an additional service, Google generates reports related to website activity for the operator, so they can deliver additional services.
The data is stored on Google servers in an encrypted format to make it harder and prevent misuse of the data.
Google Analytics can be disabled as follows. Quote from the page:
Users who do not wish to have Google Analytics generate reports on their data can install the Google Analytics opt-out browser add-on. This add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sending information to the Google Analytics system. The add-on works on most modern browsers. The Google Analytics opt-out browser add-on does not prevent data from being sent to the website or other internet analysis services.
https://support.google.com/analytics/answer/6004245?hl=en
Google’s Privacy Policy: https://policies.google.com/privacy?hl=en
Detailed information on the use and protection of the data can be found on the above links.
For detailed privacy information: https://static.googleusercontent.com/media/www.google.com/en//intl/en/policies/privacy/google_privacy_policy_en.pdf
Rights Related to Data Processing
You have the right to request information from us through the provided contact details about what data we process, the legal basis for processing, the purpose of processing, the source of the data, and how long we retain it. Upon your request, we will send you the information promptly, but no later than within 30 days, to the email address you provided.
The Right to Rectification
You have the right to request us to correct any of your data. Upon your request, we will rectify the data promptly, but no later than within 30 days, and will send you information regarding the rectification to the email address you provided.
The Right to Erasure
You have the right to request us to delete your data. Upon your request, we will delete the data promptly, but no later than within 30 days, and will send you information regarding the deletion to the email address you provided.
The Right to Restriction of Processing
You have the right to request us to restrict the processing of your data. The restriction will last as long as the reason you provided for storing the data is necessary. Upon your request, we will restrict the data promptly, but no later than within 30 days, and will send you information regarding the restriction to the email address you provided.
The Right to Object
You have the right to object to the processing of your data. We will examine the objection and make a decision on its validity as soon as possible, but no later than within 15 days, and will notify you of the decision by email.
Legal Recourse Regarding Data Processing
If you experience unlawful data processing, please notify our company so that we can restore the lawful status as quickly as possible. We will do everything in our power to resolve the issue in your favor.
If, in your opinion, the lawful status cannot be restored, please notify the authority at the following contact details:
National Authority for Data Protection and Freedom of Information
Mailing address: 1530 Budapest, P.O. Box: 5.
Address: 1055 Budapest, Falk Miksa utca 9-11.
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
Email: ugyfelszolgalat (at) naih.hu
URL: https://naih.hu
Laws serving as the basis for data processing
Regulation (EU) 2016/679 of the European Parliament and of the Council (April 27, 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation).
Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information.
Act LXVI of 1995 on the Protection of Public Records, Public Archives, and Private Archives.
Government Decree 335/2005 (XII. 29.) on the General Requirements for Document Management of Public Bodies.
Act CVIII of 2001 on Electronic Commerce Services and Certain Issues of Information Society-Related Services.
Act C of 2003 on Electronic Communications.