Data Controller(Service Provider)
Name of Service Provider: Fehér Rendszerház Informatikai Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság
Registered Office: 2040 Budaörs, Ősz utca 21.
Branch Office: 2040 Budaörs Puskás Tivadar út 3.
Mailing Address: 2040 Budaörs Puskás Tivadar út 3.
Registry Court: Budapest Környéki Törvényszék Cégbírósága
Company Registration Number: 13 09 118073
Tax Identification Number: 14209790213
E-mail address: email@example.com
Telephone number: +3630/610-1027
Hosting Service Provider Profitárhely KFT.
Hosting Service Provider Address: 6000 Kecskemét, Szolnoki út 23.
- Principles of Data Processing; Data Security; adatbiztonság
The Data Controller processes personal data only for specified purposes, for the exercise of rights and the fulfillment of obligations.
The handling and recording of data, at all stages of data processing, comply with the principles of fairness and legality.
The Data Controller only processes personal data that is essential and suitable for the realization of the purpose of data processing. The Data Controller processes personal data only to the extent and duration necessary to achieve the intended purpose.
1.2. The Data Controller plans and performs data processing operations in a way that ensures the protection of the privacy of data subjects.
The Data Controller takes care of the security of data and takes the necessary technical and organizational measures, as well as establishes procedural rules, to ensure compliance with Act CXII of 2011 and other data and confidentiality protection regulations.
The Data Controller protects the data against unauthorized access, alteration, transmission, disclosure, deletion, or destruction, as well as against accidental destruction, damage, and loss of access due to changes in technology.
- Legal Basis, Purpose, and Processed Data of Data Processing
2.1. Personal data may be processed if the data subject has given consent, or if it is required by law or authorized by a law - within the scope defined therein - for a public interest-based purpose.
2.2. The consent of a minor over the age of 16, containing their agreement, is valid without the need for the consent or subsequent approval of their legal representative.
2.3. Registration on the www.frik.hu website and sending newsletters are based on the voluntary consent declaration of the data subject, provided with appropriate information. The data subject's declaration is required for registration and, if separately agreed upon, for sending newsletters.
If the User wishes to receive a newsletter, they can provide their consent separately during or after the registration process by placing an "X" in the small box that appears next to "Subscribe to newsletter."
2.4. The Data Controller processes the following data:
In case of registration: data subject's name (last name, first name); email address; county and city; confirmation that they have reached the age of 16.
In case of newsletter subscription: data subject's name (last name, first name); email address; county and city.
2.5.Purposes of data processing: Registration on the website www.frik.hu (first purpose) and sending newsletters (second purpose).
Legal basis for data processing: voluntary consent of the data subject.
Duration of data processing:
In case of registration: Until the user account is deleted, initiated by the user.
In case of newsletter sending: Until the date of unsubscribing from the newsletter.
2.6. Persons authorized to process and control data: The current CEO and employees of the service provider. The processed data is known only to the current CEO and employees.
2.7. The Data Controller does not transfer service-related data to third parties. The Data Controller does not transfer the processed data to data controllers or processors located in third countries.
3.1. The data subject may request information from the Data Controller regarding the processing of their personal data. Upon request, the Data Controller provides information in writing - within the shortest possible time, but no later than 25 days - about the personal data they process or control, the purpose and legal basis of the data processing, the duration of processing, the name and address of the data processor, and their activities related to data processing.
Az adatkezelő az érintett erre irányuló kérelmére írásban - a kérelem benyújtásától számított legrövidebb idő alatt, legfeljebb azonban 25 napon belül– megadja a kért tájékoztatást.
3.2. The data subject may request the correction of their personal data from the Data Controller.
If the personal data is not accurate and the Data Controller has accurate personal data available, the Data Controller corrects the personal data.
3.3. The data subject may request the erasure or blocking of their personal data from the Data Controller.
Personal data must be deleted
- if its processing is unlawful;
- if requested by the data subject;
- if it is incomplete or inaccurate;
- if the purpose of data processing has ceased or the storage period has expired;
- if ordered by a court or the Authority.
The Data Controller may only refuse the request for erasure of the data subject's data in cases of mandatory data processing. (e.g., obligation to retain invoices under the Accounting Act)
Instead of erasure, the Data Controller shall lock the personal data if requested by the data subject or if it can be presumed based on the available information that erasure would violate the data subject's legitimate interests. The locked personal data may only be processed as long as the purpose of data processing that excluded the erasure of personal data exists. If the Data Controller does not comply with the data subject's request for rectification, lock, or erasure, within 25 days following the receipt of the request, it shall communicate in writing or electronically with the data subject, with the factual and legal reasons for rejecting the request for rectification, lock, or erasure. In case of rejection of the request for rectification, erasure, or lock, the Data Controller shall inform the data subject about the possibility of seeking judicial remedy and turning to the Authority.
Judicial enforcement; compensation; non-pecuniary damages
4.1. In case of infringement of the data subject's rights, the data subject may take legal action against the Data Controller.
If the Data Controller causes damage to others by unlawfully processing the data subject's data or by breaching the requirements of data security, it shall be obliged to compensate for it.
If the Data Controller violates the data subject's right to privacy by unlawfully processing the data subject's data or by breaching the requirements of data security, the data subject may claim non-pecuniary damages from the Data Controller.
4.2. Anyone may initiate an investigation before the National Authority for Data Protection and Freedom of Information (NAIH) by submitting a complaint, claiming that a violation of rights related to the processing of personal data has occurred or there is an immediate danger of such violation.
Contact details of NAIH:
Postal Address: 1530 Budapest, Pf.: 5.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Telephone Number: +36 (1) 391-1400
Fax: +36 (1) 391-1410
5.1. Definitions used in this Privacy Notice
Data subject: any identified or identifiable natural person based on specific personal data
Personal data: any data relating to the data subject that can be associated with the data subject - especially the name, identifier, and any knowledge characteristic of the data subject's physical, physiological, mental, economic, cultural, or social identity - as well as any conclusion that can be drawn from the data regarding the data subject;
Consent: the voluntary and explicit expression of the data subject's will, based on appropriate information, by which the data subject gives his or her unmistakable consent to the processing of personal data concerning him or her - in full or in part, including certain operations;
Objection: the statement of the data subject objecting to the processing of his or her personal data and requesting the termination of data processing or the erasure of the processed data;
Data Controller: a natural or legal person or an organization without legal personality who or which determines the purpose of data processing, makes decisions regarding data processing (including the means used), and carries out or has data processing carried out by a data processor;
Data processing: any operation or set of operations performed on the data, regardless of the procedure applied, including collection, recording, organization, storage, alteration, use, retrieval, transmission, disclosure, coordination, or combination, locking, erasure, and destruction of data, as well as the prevention of further use of the data, taking photographs, sound or image recordings, and the recording of physical characteristics suitable for identification (e.g., fingerprints, DNA samples, iris images);
Data transfer: making the data accessible to a specified third party;
Data erasure: making the data unrecognizable in a way that restoration is no longer possible;
Data locking: marking the data with an identifier to restrict its further processing permanently or for a specified period;
Data destruction: the complete physical destruction of the data carrier containing the data;
Data processing: performing technical tasks related to data processing, irrespective of the method and means used for performing the operations and the location of application, provided that the technical task is performed on the data;
Data processor: a natural or legal person or an organization without legal personality who or which, based on a contract - including a contract concluded under a legal provision - processes data;
Data file: the collection of data kept in a single register;
Third person: any natural or legal person or an organization without legal personality who or which is not the data subject, the Data Controller, or the data processor.
EEA state: a Member State of the European Union and another state that is a party to the Agreement on the European Economic Area, as well as a state whose citizen enjoys the same legal status as the citizens of the European Union and its Member States and that is not a party to the Agreement on the European Economic Area, based on an international agreement concluded between the European Union and its Member States and the state concerned.
Third country: any state that is not an EEA state.
If you have any questions regarding the data processing of our company, please contact us. Our contact details are: [provide your contact information.
Company name: Fehér Rendszerház Informatikai Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság
Registered Office: 2040 Budaörs, Ősz utca 21.
Hosting Service Provider: 2040 Budaörs Puskás Tivadar út 3.
Telephone Number: +3630/610-1027
E-mail address: firstname.lastname@example.org