Privacy Policy

1. Purpose of this privacy policy

Engineer office Németh-Greens Kft. (hereinafter referred to as the service provider), as the data controller, recognises the content of this legal notice as binding.

It undertakes to ensure that the processing of data in connection with its activities complies with the requirements of this privacy policy and the applicable national legislation and legal acts of the European Union. The Privacy Policy for the processing of data by the Service Provider is permanently available at www.nemeth-greens.hu/privacy-policy. The Provider reserves the right to change this policy at any time. It will of course inform its users of any changes in good time. If you have any questions about this notice, please contact us and our team will answer them. The Service Provider is committed to protecting the personal data of its customers and partners and attaches great importance to respecting its customers’ right to informational self-determination. The Service Provider treats personal data confidentially and takes all security and organisational measures to ensure the security of the data. The provider describes its data management practices below.

1. The data of the controller

If you wish to contact our company, you can contact the controller using the contact details above. The service provider will delete all emails received by it together with the personal data after a maximum of 5 years from the date of communication.

The operator of this website is Németh-Greens Kft.

Sales tax identification number: 27509430-2-08

Telephone number: +36302167692

E-Mail: info@nemeth-greens.hu

Registered with: Győr-Moson-Sopron Megyei Cégbíróság (Register Court of Győr-Moson-Sopron County)

Chamber: Soproni Kereskedelmi és Iparkamara (Sopron Chamber of Commerce and Industry)

2.1 Data protection officer

Name: Dr László Németh

Telephone number: +36-30/2167-692

1. Scope of the personal data processed

3.1 Personal data to be provided during registration

There is no registration interface on www.nemeth-greens.hu.

3.2 Technical data

The service provider shall select and operate the IT tools used to process personal data in the context of providing the service in such a way that the processed data is

• accessible to those authorised to access it (availability);
• their authenticity and genuineness is guaranteed (authenticity of processing)
• their integrity can be verified (data integrity);
• are protected against unauthorised access (data confidentiality).

The service provider shall take appropriate measures to protect the data against unauthorised access, unauthorised modification, disclosure, deletion or destruction and against unintentional destruction. The service provider shall ensure the security of data processing through technical, organisational and organisational measures that guarantee a level of protection appropriate to the risks associated with the processing. The service provider shall store the data during processing:

• Confidentiality: it protects the information so that only those who are authorised have access to it;
• Integrity: it protects the accuracy of the information and the way in which it is processed; and
• integrity of the information;
• Availability: ensures that the authorised user has access to the required
• access to the required information and the availability of the corresponding

3.3 Cookies

3.3.1 The role of cookies

• collect information about visitors and their devices;
• – store visitors’ individual preferences, e.g. those used in online transactions, so that they do not have to be re-entered;
• – facilitate the use of the website;
• – to provide a high quality user experience.
• – In order to offer a personalised service, a small data record, a so-called cookie, is stored on the user’s computer and read out again during a subsequent visit. If the browser returns a previously stored cookie, the cookie provider has the option of linking the user’s current visit to previous visits, but only in relation to its own content.

3.3.2 Strictly necessary session cookies

The purpose of these cookies is to enable visitors to browse the website and make full and smooth use of its functions and services. This type of cookie is valid until the end of the session (browsing) and is automatically deleted from the computer or other browsing device when the browser is closed.

3.3.3 Cookies from third parties (analytics)

The provider also uses Google Analytics as a third-party cookie on its website (www.nemeth-greens.hu and its subpages). By using Google Analytics for statistical purposes, the provider collects information about how visitors use the website. The data is used to improve the website and the user experience. These cookies also remain on the visitor’s computer or other browsing device, their browser, until they expire or are deleted by the visitor.

3.4 Data in connection with online ordering

www.nemeth-greens.hu does not have an online ordering facility.

 

3.5 Data in connection with online administration

Name: Dr László Németh

Telephone number: +36-30/2167-692

3.6 Data in connection with the newsletter

www.nemeth-greens.hu does not currently have a newsletter service.

4 Intended use and retention period of the processed data

The controller processes the personal data until the data subject’s request for erasure.

5 The purpose, method and legal basis of processing

5.1 General principles of data processing

Data processing in the context of the service provider’s activities is carried out on the basis of voluntary consent or legal authorisation. In the case of processing on the basis of voluntary consent, the data subjects may withdraw their consent at any time during the processing. In certain cases, the processing, storage and transmission of some of the data provided is required by law, about which we inform our customers separately. We inform data providers that the data provider is obliged to obtain the consent of the data subject if the data subject does not provide their own personal data. Our data management principles are in accordance with the applicable data protection laws, in particular the following:

• Act CXII of 2011, Hungary, on the Right to Informational Self-Determination and Freedom of Information (Infotv.);
• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46/EC (General Data Protection Regulation, GDPR);
• Act V of 2013, Hungary – on the Civil Code (Civil Code);
• Act C of 2000, Hungary – on Accounting (Accounting Act);
• Act LIII of 2017, Hungary – on the Prevention and Combating of Money Laundering and Terrorist Financing (PMT);
• Act CCXXXVII of 2013, Hungary – on Credit Institutions and Financial Enterprises (Hpt.).

1. physical storage locations of the data

Your personal data (i.e. data that can be associated with you personally) may be processed by us in the following ways: On the one hand, our computer system automatically generates technical data about the computer, browser programme, Internet address and pages visited in connection with the Internet connection; on the other hand, you may provide your name, contact details or other data if you wish to contact us personally when using the website. Data technically recorded during the operation of the system: the data of the data subject’s computer generated during the voting process and recorded by the Rackforest Ltd. system as an automatic result of technical processes. The automatically recorded data is automatically logged by the system at the time of logging in or logging out, without any special declaration or action by the data subject being required. This data cannot be linked to other personal data of the user, except in cases required by law. Only Rackforest Kft. has access to this data.

Data of the service provider:

Name of the service provider: DIGITOP Informatika Kft.

Address of the service provider: 9400 Sopron, Ipar körút 6.

Tax number: 12855687-2-08

Contact details of the service provider’s customer service:

E-mail address: helpdesk@digitop.hu

Telephone number: +36 99 999 032

Transmission, processing and access to data 

The service provider does not transfer data or send data for processing to other parties.

1. Rights of the data subject and means of enforcement

The data subject may request information about the processing of their personal data and request the rectification, erasure or cancellation of their personal data, unless it is mandatory data processing, and may exercise their right to data portability and objection in the manner indicated at the time of data collection or by contacting the data controller using the contact details provided above.

8.1 Right to information

The service provider shall take appropriate measures to provide data subjects with all the information referred to in Articles 13 and 14 of the General Data Protection Regulation and all the information referred to in Articles 15 to 22 and 34 of the General Data Protection Regulation concerning the processing of personal data in a concise, transparent, intelligible and easily accessible form, using clear and plain language.

8.2 Right to information of the data subject

The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information: the purposes of the processing; the categories of personal data concerned; the recipients or categories of recipients to whom or with whom the personal data have been or will be disclosed, in particular including recipients in third countries or international organisations; the envisaged period for which the personal data will be stored; the right to rectification, erasure or restriction of processing and the right to object; the right to lodge a complaint with a supervisory authority; information on the sources of the data; the fact of automated decision-making, including profiling, and clear information on the logic involved and the significance of such processing and its envisaged consequences for the data subject. The controller shall provide the information within a maximum of one month from the date of the request.

8.3 Right to rectification

The data subject may request the rectification of inaccurate personal data concerning him/her that is processed by the service provider and the completion of incomplete data.

8.4 Right to erasure

The data subject shall have the right to obtain from the service provider the erasure of personal data concerning him or her without undue delay where one of the following grounds applies

• the personal data are no longer necessary in relation to the purposes for which they were collected or are processed for other purposes
• processed in another manner;
• the data subject has withdrawn consent on which the processing is based and the processing
• there is no other legal basis for the processing
• the data subject objects to the processing and there are no overriding legitimate grounds for the processing
• there is a legitimate reason for the processing
• the personal data have been processed unlawfully;
• the personal data have been processed in breach of a legal obligation under Union law or the law of the Member States to which the controller is subject
• erased for compliance with a legal obligation to which the controller is subject under applicable law
• the collection of personal data for information society services
• in connection with the provision of information society services.

Data may not be erased if the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation in Union or Member State law to process personal data or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, for public health purposes, for archiving purposes, for scientific or historical research purposes or for statistical purposes in the public interest or for the establishment, exercise or defence of legal claims.

8.5 Right to restriction of processing

At the request of the data subject, the service provider shall restrict processing if one of the following conditions is met:

• The data subject disputes the accuracy of the personal data; in this case, the restriction is limited to the processing of the personal data.
• If the data subject contests the accuracy of the personal data, the restriction shall apply for a period enabling the accuracy of the personal data to be verified;
• the processing is unlawful and the data subject opposes the erasure of the data and requests the restriction of their use instead
• the restriction of the use of the data;
• the controller no longer needs the personal data for the purposes of the processing, but they are required by the
• the data subject needs it for the establishment, exercise or defence of legal claims; or
• the data subject has objected to the processing, in which case the restriction shall apply for the period
• until it is established whether the legitimate grounds of the controller override
• outweigh the legitimate grounds of the data subject.

Where processing is restricted, personal data shall, with the exception of storage, only be processed with the data subject’s consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

8.6 Right to data storage

The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to the controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

8.7 Right to object

The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or which is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, including profiling based on those provisions. The controller shall no longer process the personal data unless there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

8.8 Automated decision-making in individual cases, including profiling

The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

8.9 Right to cancellation

The data subject has the right to withdraw their consent at any time.

8.10 Right of recourse to the courts

The data subject may take the controller to court in the event of a violation of their rights. The court shall decide on the case ex officio.

8.11 Procedure of the data protection authority

Complaints can be submitted to the National Authority for Data Protection and Freedom of Information:

Name: National Authority for Data Protection and Freedom of Information

Head office.

Postal address: 1530 Budapest, mailbox 5.

Telephone: 0613911400

Fax: 0613911410

E-mail: ugyfelszolgalat@naih.hu

Website: http://www.naih.hu

1. Other provisions

Information on data processing not listed in this notice is provided at the time of collection. We inform our customers that the court, the public prosecutor’s office, the investigating authority, the law enforcement authority, the administrative authority, the National Authority for Data Protection and Freedom of Information, the National Bank of Hungary or other legally authorised bodies may contact the data controller to provide information, disclose or transmit data or provide documents. The service provider shall only disclose personal data to the authorities – if the authority has specified the exact purpose and scope of the data – to the extent and to the extent strictly necessary for the purpose of the request.