PRIVACY NOTICE

 

The purpose of this notice is to provide information on the data processing activity related to the operation of www.centralaudit.hu (hereinafter referred to as the Website) in accordance with the provisions of Regulation 2016/679 of the European Parliament and of the Council (EU) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (27 April 2016) (hereinafter referred to as the GDPR) and Act CXII of 2011 on the Right to Information Self-Determination and Freedom of Information (hereinafter referred to as the Infotv.).

 

If you have any further questions about this notice or the processing of your personal data already provided, please contact us at any time at one of the following contact details.

 

  1. Data controller

 

The controller of the processing described in this Privacy Policy is:

 

name: Bucholcz Anita

seat: 3300 Eger, Trinitárius utca 2 fszt. 16-17.

 

Our contact details for queries relating to data processing:

postal address: 3300 Eger, Trinitárius utca 2 fszt. 16-17.

e-mail address: audit@centralaudit.hu

phone: +36 70 281 4077

 

  1. Data processing relationg to the website

 

II/A. Data Processing relating to the use of the contact form

 

  1. Scope of the data processed

 

You can send us a message under the “Contact” menu. If you send us a message via the Website, the following personal data will be processed.

 

The information you provide on the contact form:

 

Other data processed in connection with the message:

 

The data marked with * are mandatory (fields must be filled in), without these data the message cannot be sent. Only persons over 16 years of age are entitled to submit data on the Website!

 

  1. Purpose of the data processing

 

We process the data you provide us by sending a message to us on the Website, or that we become aware of in the course of this, for the purpose of responding to your request and contacting you in this connection.

 

  1. Legal basis of the processing

 

The processing of personal data is based on your voluntary consent given in possession of this notice. Processing on the basis of consent is permitted under Article 6(1)(a) of the GDPR.

 

You can give your consent before sending the message by ticking the relevant checkbox.

 

  1. Duration of the processing

 

Personal data processed in connection with enquiries (including e-mails) will be deleted after the purpose for which they were processed has ceased to exist. Accordingly, if the request and the response to it are not necessary for the purposes of further administration, they will be deleted immediately, otherwise they will be deleted after the processing of the request has been completed. Your personal data will also be deleted if you request this or withdraw your consent to the processing of your personal data.

 

II/B. Cookies

 

  1. What are cookies?

 

A cookie is a small text file that may be placed on your computer or other browsing device when you visit a website. The cookie is placed on your device by the website you are visiting, which stores it for a set period of time.

 

Cookies may store or search information on your browser. They may, for example, allow the website you visit to remember your actions for a certain period of time, e.g. to remember your individual preferences (e.g. login, language and other display settings), or they may also allow the website owner to obtain aggregate traffic data about the use of the website.

 

  1. What information is collected through cookies?

 

The cookies used on the Website do not collect or process any personal data about you in a way that could personally identify you.

 

They collect information such as the data from your logged-in computer that is generated when you use the Website and that is recorded by the cookies as an automatic result of technical processes. The data that are automatically recorded are automatically logged by the system when you visit or exit the website, without any declaration or action on your part.

 

This data is not linked to other personal user data, i.e. we cannot identify you on the basis of this data.

 

The data recorded by the cookies is only accessible to the third party service providers who manage the cookies and by our company.

 

  1. What cookies do we use and what do we do with the information they collect?

 

Types of cookies used on the Website:

 

 

 

 

With the exception of cookies strictly necessary for the functioning of the Website, the use of cookies is based on your consent, which you can give by clicking on the “Accept” button in the cookie pop-up or by using the relevant function. Cookies will only be used if you have given your consent. You can change your preferences (withdraw your consent) at any time.

 

Detailed list of cookies used on the Website:

 

Cookie name Provider Function Expiry time Type
pll_language Polylang Stores the user’s language settings. 1 year functional
complianz_policy_id Complianz It stores the identifier of the accepted cookie notice (Privacy Notice), so if the notice changes, the consent previously given will automatically be considered withdrawn by the Website. 1 year essential
complianz_consent_status Complianz It stores the user’s cookie consent status. 1 year essential
rc::c Google reCAPTCHA – Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) It filters activity on the Website by automated systems or robots. duration of the session essential
rc::b Google reCAPTCHA – Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) It filters activity on the Website by automated systems or robots. duration of the session essential
rc::a Google reCAPTCHA – Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) It filters activity on the Website by automated systems or robots. duration of the session essential
wordpress_test_cookie WordPress Checks whether cookies can be set. duration of the session functional

 

For more information about Google’s cookie-related privacy practices, please see Google’s privacy policy: https://policies.google.com/privacy?hl=hu.

 

  1. How can you turn off cookies?

 

Most browsers automatically enable cookies by default. If you do not want the information described above to be collected about you in connection with your use of the Website, you can disable cookies in your Internet browser settings, in whole or in part, or otherwise change your cookie settings.

 

Please note that because some of the cookies used by the Website are intended to facilitate or enable you to use the Website, if you disable the use of these cookies, you may not be able to use the full functionality of the Website or the Website may not function as intended in your browser.

 

You can set cookies in each browser by proceeding as follows:

 

Internet Explorer:

https://support.microsoft.com/hu-hu/help/17479/windows-internet-explorer-11-change-security-privacy-settings

 

Firefox:

https://support.mozilla.org/hu/kb/tovabbfejlesztett-kovetes-elleni-vedelem-az-asztal#w_tovaabbfejlesztett-kaivetaes-elleni-vaedelem-beaallagtaasai

 

Google Chrome:

https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=hu

 

Safari:

https://support.apple.com/hu-hu/guide/safari/sfri11471/mac

 

 

Our employees who act in pursuance of the purpose of the processing, as well as our data processors and their employees, are entitled to access your personal data. These persons must treat the personal data they have access to as confidential.

 

We disclose personal data to courts, public prosecutors, other authorities in the context of our legal obligations, to the extent and in the manner required by law.

 

In the event that we pursue a legal claim against you, your personal data may also be disclosed to the extent necessary for the enforcement of the claim to our respective legal cooperation partners and our claims management partners.

 

III/A. Processors

 

The technical tasks related to the above processing operations are carried out by the processors listed in the table below. The processors shall act in accordance with the law and the instructions of the controller when carrying out the processing operations. We reserve the right to involve additional processors in the future, which we will inform data subjects of by amending this notice.

 

Our data processors and their tasks:

 

Processor Operations performed by the processor
name: Zihernet Bt.

seat: 5000 Szolnok, Dr. Sebestyén Gyula út 7. D. ép. fsz. 4. a.

contact person: Herczeg Ferenc

+3620 263-7926

Task: providing website hosting in relation to the operation of the Website

 

 

  1. Security of personal Data

 

We are committed to taking the necessary data security measures. As part of this, we adopt and implement, regularly review the technical and organisational measures and procedures to ensure that the personal data we process is secure and we will do our utmost to prevent the destruction, unauthorised use or alteration of the data, to ensure that the personal data we process is not accessible, disclosed, transmitted, modified or deleted by unauthorised persons. We remind all those to whom we transfer personal data to comply with data security requirements, and we require our employees involved in data processing activities to do the same.

 

In the context of the above, information technology solutions will be designed and selected to ensure that those who have access to the data have exclusive access to the data and that the data remain authentic and unaltered.

 

We monitor the technological developments at any time, and apply the available technical, technological, organizational solutions that meet the level of protection justified by our data processing.

 

  1. Personal data breach

 

All cases are classified as personal data breach when an unauthorized person has access to personal data or the data is destroyed, lost, altered, e.g. the database is destroyed or the media on which the data was stored get lost.

 

In the event of personal data breach, we assess its effects and risks (what kind of data are affected, in what quantity, can they be restored, etc.) and take immediate action for remedy. Within 72 hours of becoming aware of the data breach, we will report it to the Hungarian Data Protection Authority unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, we will give information about it on our Website or notify the affected people directly as far as possible. We also keep records of data breaches as required by law.

 

  1. your rights

 

Withdraw of consent: You have the right to withdraw your consent at any time without giving any reason. After withdrawal of consent, your personal data will no longer be processed. Withdrawal of consent does not affect the lawfulness of the processing that preceded it.

 

Right of access: You shall have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the following information:

 

the purposes and the legal ground of the processing, your personal data processed by us and their categories, the recipients or categories of recipients (including the processors) to whom the personal data have been or will be disclosed (where personal data are transferred to a third country, you shall have the right to be informed of the appropriate safeguards relating to the transfer), the legal ground of the data transfer, period for which the personal data will be stored, the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing, the right to lodge a complaint with the Hungarian Data Protection Authority, the source of the data, the circumstances and effects of the possible data breach and the measures implemented for their prevention

 

Simultaneously we shall also provide a copy of the personal data undergoing processing The first copy is free of charge, but we are entitled to charge a reasonable fee for each additional copy. The amount of such fee will be notified to you in advance

 

Right to rectification and supplementation: If you become aware that any of your personal data is incorrect, inaccurate or incomplete, please provide us with the correct or additional information as soon as possible so that we can make the correction or completion.

 

Right to erasure („Right to be forgotten”): You have the right to request the deletion of your personal data. Withdrawal of your consent to data processing will also entail the deletion of your data, unless there is another legal basis for the processing. Please note that we may refuse to erase your data in particular if we need or may need the data to comply with a legal obligation or to pursue a claim.

 

Furthermore, erasure takes place if

  1. the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  2. the personal data have been unlawfully processed;
  3. the personal data have to be erased for compliance with a legal obligation out of EU law or national law.

 

Right to restriction of processing: You shall have the right to obtain from us restriction of processing where one of the following applies (i) the accuracy of the personal data is contested by you, in which case the restriction applies for the period enabling us to verify the accuracy of the personal data; (ii) the processing is unlawful and you opposes the erasure of the personal data and requests the restriction of their use instead; (iii) we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims; (iv) you has objected to processing, in which case the restriction applies until it is established whether our legitimate grounds prevail over your legitimate grounds.

 

Where processing has been restricted, such personal data shall, except for storage, only be processed with your consent or for the establishment, exercise, or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest.

 

In case of restriction of processing you shall be informed by us before the restriction of processing is lifted.

 

Right to object: Regarding data processing based on our legitimate interest, you may object to our data processing if you feel that the data processing is prejudicial to you.

 

In the event of an objection, personal data will be deleted unless there is an overriding reason to keep it. Such an overriding reason may be if we wish to pursue a claim against you.

 

Right to data portability: In the case of processing based on a contractual legal basis or consent, you may request that the personal data you have provided to us that we process electronically is transferred to you or to another person designated by you in a commonly known and easily usable electronic format.

 

 

If you wish to exercise any of the above rights, please send your request in writing to www.centralaudit.hu or by post to our address at 3300 Eger, Darvas utca 2/A. In the letter, please also include your identification details and postal address. If we have any doubts about your identity or if the information provided is not sufficient to identify you, we are entitled to ask you for additional identification data.

 

Your request will be fulfilled within 1 month. If necessary, we are entitled to extend this period by a further 2 months and will send you a reasoned decision.

 

Valid requests will be granted free of charge. However, if the request is manifestly unfounded or excessive, in particular because of its repetitive nature, we are entitled to charge a reasonable fee or even refuse to act on the request.

 

We will inform all those to whom we have disclosed the data concerned of the rectification, erasure or restriction of the data, unless this proves impossible or involves a disproportionate effort. Upon your request, we will inform you of the recipients to whom we have communicated or informed as described above.

 

 

Should we cause any damage to you or to a third person through unlawful or unsecure processing of your personal data, you or the person suffered damage is entitled to require damages from us. If, in this regard, we infringe your privacy, you are entitled to claim restitution.

 

Please note that we shall be exempt from liability if the damage is proven to be caused by an unavoidable external cause outside the scope of the data processing or if the damage comes from your deliberate or grossly negligent behaviour.

 

  1. Remedies

 

  1. Contacting the controller

 

If you consider that we are processing your personal data unlawfully, please advise us, as the controller, of your observations or claims first, at any of our contact details listed in paragraph I so that we can process and handle your remarks as quickly and efficiently as possible.

 

  1. Submitting a complaint at the data protection authority

 

In the event of unlawful processing, you also have the right to turn to the National Authority for Data Protection and Freedom of Information (NAIH) and initiate their proceedings.

 

Contact details of the authority:

 

website: http://www.naih.hu/

address: 1055 Budapest, Falk Miksa utca 9-11.

postal address: 1363 Budapest, Pf.: 9.

e-mail: ugyfelszolgalat@naih.hu

 

  1. Going to court

 

Please note that you are entitled to lodge a claim at court. You may file the lawsuit at the county court having jurisdiction based on our seat or your permanent as well as temporary place of residence.

 

Budapest, 1. September 2021

 

Buholcz Anita

data controller