The purpose of this data controlling guide is to inform the individuals concerned in a clear and concise manner about the processing of their personal data, pursuant to the General Data Protection Regulation of the European Union (Regulation 2016/679 – “GDPR”) and the Hungarian Information Act (Act CXII of 2011).
Brilltax Kft. (Hereinafter referred to as “data controller”) recognizes the rules contained in this information notice as binding on itself, established on the basis of the legislation in force.
The privacy policy of the web site under www.sungineer.org is available at https://www.sungineer.org/privacy-and-policy/
The particulars of the controller
Name: Brilltax Kft.
Address: HU-3903 Bekecs, Honvéd u. 196.
Phone: +36 70 674 3071
E-mail: brilltax@gmail.com
Representative: Gabriella Balogh
Tax number: 24814230-2-05
Company registration number: 05-09-026546, Miskolci Törvényszék Cégbírósága
Hosting Provider: C-Host Kft. (1115 Budapest, Halmi utca 29.)
The data controller undertakes that the data controlling related to the operation of its website and its service complies with the prevailing EU and Hungarian regulations.
The data controller reserves the right to change this information notice at any given time, but undertakes to disclose it and publish it.
General information
On the website
are saved by the data controller (legal grounds), the purpose of the data controlling is to fulfill the purchase order of the customer and customer service.
Types of personal information: name and surname, phone number, mail and e-mail address, or in case of different address: billing information as well.
In case of ordering, customer connection, the service provider keeps the name and address of the personal data for 8 years according to the current accounting and tax legislation (Act C of 2000), the other personal data are deleted after 1 year from the last
purchase.
3.1 Brilltax Kft, data processor
– scope of data transferred: name, address, phone number, e-mail address,
– purpose of data processing: bookkeeping, recording of documents
– duration of data processing: 8 years as per the Accounting Act, except for the telephone number: 3 business days after delivery
– legal basis: performance of the contract.
We inform the data subject in a concise, comprehensible and detailed manner about all the facts related to the management of her/his data, in particular the purpose and legal basis of the data controlling, the person entitled to data controlling and data processing, the duration of the data controlling and who can know the data.
Our information includes the rights and remedies of the data subject concerned.
The management of all personal data relating to the person concerned is based on voluntary consent or compliance with a legal obligation.
5.1. Details of website visitors
While visiting the websites, we record the IP address of the (unidentifiable) users, the date of the visit and the address of the page viewed as data controller – for technical reasons and for the production of statistics on user habits. These data are of a statistical nature, we do not assign the identity of our specific customer to them, so the data subject cannot be identified.
The server stores the data for up to one month. The legal basis of the data controlling: the voluntary consent of the private person concerned.
In order to provide customized service, the service provider places a small data packet (cookie) on the user’s computer. By using the websites, the user accepts that the service provider places the cookie on his computer.
The service provider, as a technical contributor, can ensure that, when visiting websites, third parties cooperating with the service provider, in particular Google Inc., store by means of cookies if the user has previously visited the service provider’s website and based on that may display ads to the user.
The user can delete the cookie from his computer or set his browser to disable the use of cookies. In addition, Google ensures that the user may disable Google-hosted cookies on the Google Ads Disabling page (https://www.google.com/privacy_ads.html). By disabling or deleting the use of cookies, the use of websites may become more uncomfortable for the user.
5.2. Contacting, completing order form, customer correspondence
Scope of the controlled data: name, address, phone number, email address.
Messages are only used as intended by the recipient if the business relationship is not established, the data are stored for a maximum of 30 days from the date of recording, and stored and controlled in accordance with the accounting and tax rules in the case of a business relationship. The duration of the data controlling in this case is: In accordance with Section 169 para. (2) of Act C of 2000 on accounting, mandatory period for billing data: 8 years.
5.3. Other data controlling
The controller handles detailed information about the data controlling not specified in this information notice before the start of the data controlling operation and obtains the necessary consent.
Servers serving data controller websites can be found at https: //www.hyperhost.cloud.
6.1. Data security
The data controller retains the following during data controlling:
Electronic messages transmitted over the Internet, regardless of protocol (e-mail, web, ftp, etc.) are vulnerable to network threats that lead to unfair practices, contract disputes, or disclosure or modification of information. To protect against such threats, the service provider will take all reasonable precautions. It monitors systems to record any security deviations and provide evidence for all security incidents. System monitoring also allows you to check the effectiveness of the applied precautions.
6.2. Data storage
The controller selects and operates its software and IT tools so that the data being processed are: – accessible to authorized persons (availability), – authentic and authenticated (authenticity of data controlling), – unchanged (data integrity), – shall be protected from unauthorized access (data confidentiality).
The controller ensures technical, organizational and organizational measures to protect the security of data controlling, providing a level of protection appropriate to the risks associated with data controlling.
The controller transfers the personal data necessary for the order and its fulfillment to its sales and / or service partners, as legally possible.
8.1. Information
The data subject may at any time request information on the controlling of his or her personal data, on the actual occurrence of data controlling, the rights and warranties of the data controlling, in particular the person of the data controller, the data processor, the legal basis for the data controlling, its purpose, duration, location of data storage, and data security measures.
At the request of the data subject, the data controller shall provide information on its activities related to data controlling and on the transfer of data.
The data controller shall provide the information in writing, in a comprehensible form, within a reasonably short period of time from the submission of the request, but within a maximum of 30 days.
The information is free of charge if the applicant has not yet submitted a request for information to the controller for the same activity or set of data in the same year.
In other cases, the data controller sets a cost reimbursement and provides the information after the payment of the cost compensation.
8.2. Deletion
The data controller deletes the personal data if its controlling is unlawful, the data subject requests it, the purpose of the data controlling has been terminated, or the legal time limit for storing the data has expired, or the deletion has been ordered by the court or data protection authority.
The data controller shall notify the data subject and the persons to whom the data have been forwarded for the purpose of data controlling, of the correction and deletion. The notification may be omitted if it does not violate the legitimate interest of the data subject with respect to the purpose of the data controlling.
You may also request the rectification or deletion of your personal data in the manner indicated in the registration or through your customer service. The only obstacle to failure to do so may be legal restriction.
8.3. Protest
The person concerned may object to the controlling of her/his personal data if
The data controller shall, at the same time as the data processing is suspended, examine the protest as soon as possible, but within a maximum of 15 days as of the submission of the request and shall inform the applicant in writing about its outcome.
If the objection is justified, the data controller terminates the data controlling, including further data collection and data transfer, and locks the data, and notifies the persons to whom the personal data affected by the protest has previously been forwarded of the protest or measures taken on its basis and those who must take action to enforce the right of protest.
If the data subject disagrees with the decision of the data controller, he or she may appeal to the court within 30 days as of the notification date of the same.
The data controller cannot delete the data of the data subject if the data controlling has been ordered by law. However, the data cannot be transmitted to the data receiver if the data controller has agreed to the protest or the court has established the legitimacy of the protest.
8.4. Right to apply to the courts, authorities
Complaints can be made against the activities of the data controller, proceedings can be initiated at the following authority:
Name: National Authority for Data Protection and Freedom of Information (NAIH)
Seat: 22/c Szilágyi Erzsébet fasor, 1125 Budapest, Hungary
Mail address: 1534. Budapest, Pf.: 834
Phone: +36 (1) 391-1400
Telefax: +36 (1) 391-1410
E-mail: ugyfelszolgalat@naih.hu