PRIVACY POLICY
INTRODUCTION
The service provider/data controller processes the data of the persons registered on the website during the operation of the website in order to provide them with an appropriate service.
The service provider intends to fully comply with the legal requirements for the processing of personal data, in particular the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council.
This Privacy Notice on the protection of the personal data of natural persons and on the free movement of data has been prepared on the basis of Regulation (EU) 2016/679 of the European Parliament and of the Council, taking into account the content of Act CXII of 2011 on the right of informational self-determination and freedom of information.
NAME OF SERVICE PROVIDER, DATA CONTROLLER
Name / company name: VASSON Zrt.
Registered office: 9400 Sopron, Verő József utca 1
Company registration number: 08-10-002017
Tax number: 32790834-2-08
Name and address of website: https://www.vasson.eu
Availability of the Privacy Policy: https://www.vasson.eu/adatkezelési-tájékoztató
CONTACT DETAILS OF THE DATA CONTROLLER
Name / company name: VASSON Zrt.
Address: 9400 Sopron, Verő József utca 1
Mailing address: same
E-mail: info@vasson.eu
Phone: +36 30 176 4444
DEFINITIONS
– GDPR (General Data Protection Regulation) is the new Data Protection Regulation of the European Union;
– "processing" means any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
– processor: the natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller;
– personal data: any information relating to an identified or identifiable natural person (data subject); an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, a number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
– controller: the natural or legal person, public authority, agency or any other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of the processing are determined by Union or Member State law, the controller or the specific criteria for the designation of the controller may be determined by Union or Member State law;
– consent of the data subject: a freely given, specific, well-informed and unambiguous indication of the data subject's wishes by which he or she gives his or her consent to the processing of personal data concerning him or her, by means of a statement or an unambiguous affirmative act;
– personal data breach: a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
– recipient: the natural or legal person, public authority, agency or any other body to whom the personal data are disclosed, whether or not it is a third party. Public authorities that may have access to personal data in the context of an individual investigation in accordance with Union or Member State law are not considered recipients; the processing of those data by those public authorities must comply with the applicable data protection rules in accordance with the purposes for which the data are processed;
– third party: any natural or legal person, public authority, agency or any other body which is not identical with the data subject, controller, processor or persons authorised to process personal data under the direct control of the controller or processor.
DATA PROCESSING POLICY
The Data Controller declares that it processes personal data in accordance with the provisions of the Privacy Policy and complies with the provisions of the relevant legislation, with special attention to the following:
The processing of personal data must be carried out lawfully and fairly, and in a transparent manner for the data subject.
Personal data may only be collected for specified, explicit and legitimate purposes.
The purpose for which personal data is processed must be appropriate and relevant and must only be necessary to the extent necessary.
Personal data must be accurate and up to date. Inaccurate personal data must be deleted immediately.
Personal data must be stored in a form that allows the identification of data subjects only for a period of time. Personal data may only be stored for a longer period of time if the storage is carried out for archiving purposes in the public interest, for scientific and historical research purposes or for statistical purposes.
The processing of personal data shall be carried out in such a way as to ensure adequate security of the personal data by the application of appropriate technical or organisational measures, including protection against unauthorised or unlawful processing, accidental loss, destruction or damage to the data.
The principles of data protection apply to all information relating to an identified or identifiable natural person.
IMPORTANT DATA PROCESSING INFORMATION
The purpose of data processing is to enable the service provider/data controller to provide appropriate additional services to the persons registered on the website during the operation of the website.
The legal basis for data processing is the consent of the data subject.
The scope of data processing is the registration users of the website.
Duration of data processing and deletion of data. The duration of data processing always depends on the specific user purpose, but the data must be deleted immediately if the originally set purpose has already been achieved. The data subject may withdraw his/her consent to data processing at any time by sending a letter to the contact e-mail address. If there is no legal obstacle to deletion, your data will be deleted.
The data controller and its employees are entitled to access the data.
The data subject may request the controller to access, rectify, erase or restrict the processing of personal data concerning him or her, and may object to the processing of such personal data and to the data subject's right to data portability.
The data subject may withdraw his/her consent to data processing at any time, but this does not affect the lawfulness of the data processing carried out on the basis of the consent before the withdrawal.
The person concerned may exercise the right to lodge a complaint with the supervisory authority.
If the person concerned wishes to use the benefits of registration, i.e. to use the relevant service of the website, it is necessary to provide the requested personal data. The person concerned is not obliged to provide personal data, and failure to provide data does not have any adverse consequences for him. However, it is not possible to use some of the functions of the website without registration.
The data subject has the right to have the data controller rectify or complete inaccurate personal data concerning him or her without undue delay at his or her request.
The data subject has the right to have the data controller erase inaccurate personal data concerning him or her without undue delay at his or her request, and the data controller is obliged to delete the personal data concerning him or her without undue delay, if there is no other legal basis for data processing.
Modification or deletion of personal data can be initiated by e-mail, telephone or letter using the contact details provided above.
COOKIES
Cookies are placed on the user's computer by the websites visited and contain information such as the site's settings or login status.
Cookies are therefore small files created by the websites you visit. They improve the user experience by saving your browsing data. Cookies allow the website to remember your website preferences and offer locally relevant content.
The website of the service provider sends a small file (cookie) to the computer of the visitors of the website in order to determine the fact and time of the visit. The service provider informs the website visitor about this.
The scope of data processing is the visitors of the website. The purpose of data processing is to provide additional services, identification, and to track visitors.
Legal basis for data processing. The user's consent is not required if the service provider absolutely needs it for the use of cookies.
Scope of data: unique identification number, time, setting data.
The user has the option to delete cookies from browsers at any time in the Settings menu.
Data controllers are entitled to access the data. By using cookies, the data controller does not process personal data.
Method of data storage: electronic.
SOCIAL MEDIA
A social media site is a media tool where the message is distributed through social users. Social media uses the internet and online presence opportunities to transform users from content recipients to content editors. Social media is an interface of internet applications that hosts user-generated content, such as Facebook, Google+, Twitter, Pinterest, etc.Social media can be used to make
public speeches, lectures, presentations, products or services.
The forms of information published on social media can be forums, blog posts, images, video and audio files, message boards, e-mail messages, etc.
In accordance with the above, the scope of the processed data may be the user's public profile picture in addition to personal data.
Scope of data subjects: all registered users.
The purpose of data collection is to promote the website or the website linked to it.
The legal basis for data processing is the voluntary consent of the data subject.
Duration of data processing: according to the regulations available on the given social media site.
Deadline for the deletion of data: according to the regulations available on the given social media site.
Persons entitled to access the data: according to the regulations available on the given social media site.
Rights related to data processing: according to the regulations available on the respective social media site.
Method of data storage: electronic.
It is important to note that when you upload or submit any personal information, you are granting the social media operator a worldwide license to store and use such content. Therefore, it is very important to make sure that the user has full rights to communicate the information that is published.
GOOGLE ANALYTICS
Our website uses Google Analytics ☑ □ does not use it
If Google Analytics is used: Google Analytics compiles reports on the habits of website users for its customers based on first-party cookies.
On behalf of the operator of this website, Google will use this information to evaluate how users use the website. As an additional service, it prepares reports related to the activity of the website for the website operator so that the operator can perform further services.
The data is stored on Google's servers in an encrypted format to make it more difficult and prevent data misuse.
You can disable Google Analytics as follows. Quote from this page: Website users who do not want Google Analytics JavaScript to report on their data can install the Google Analytics Opt-Out Browser Add-on. The plugin prohibits the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sending information to Google Analytics. The browser extension can be used in most newer browsers. The Google Analytics opt-out browser add-on does not prevent data from being sent to the website itself or to other web analytics services.https://support.google.com/analytics/answer/6004245?hl=hu
Google Privacy Policy: https://policies.google.com/privacy?hl=hu
Information on the use and protection of data is available in detail at the links above.
Data protection in detail: https://static.googleusercontent.com/media/www.google.com/en//intl/hu/policies/privacy/google_privacy_policy_hu.pdf
DATA PROCESSORS
Hosting provider:
Name / company name: Magyar Telekom Nyrt.
Headquarters: 1097 Budapest, Könyves Kálmán krt. 36.
E-mail: ugyfelszolgalat@telekom.hu
The data you provide is stored on a server operated by the hosting provider. Only our employees and the staff operating the server have access to the data, but they are all responsible for the security of the data.
Name of the activity: hosting service, server service.
Purpose of data processing: to ensure the operation of the website.
Data processed: personal data provided by the data subject
Duration of data processing and deadline for deletion of data. Data processing until the end of the operation of the website or in accordance with a contractual agreement between the operator of the website and the hosting provider. If necessary, the data subject may also request the deletion of their data by contacting the hosting service provider.
The legal basis of data processing is the consent of the data subject or data processing based on law.
RIGHTS RELATED TO DATA PROCESSING
Right to request information
You can request information from us through the contact details provided about what data our company processes, on what legal basis, for what data processing purpose, from what source and for how long. Upon your request, we will send you information immediately, but no later than within 30 days, to the e-mail address you provided.
Right to rectification
You can ask us to amend any of your data using the contact details provided. We will take action on this immediately, but within 30 days at the latest, and we will send information to the e-mail address you provided.
Right to erasure
You can request us to delete your data via the contact details provided. At your request, we will do this immediately, but within 30 days at the latest, and we will send information to the e-mail address you provided.
Right to blocking
You can ask us to block your data via the contact details provided. The blocking lasts as long as the reason you have indicated requires the storage of the data. At your request, we will do this immediately, but within 30 days at the latest, and we will send information to the e-mail address you provided.
Right to object
You may object to the processing of your data by contacting us at the contact details provided. We will examine the objection within the shortest possible time from the submission of the application, but no later than within 15 days, make a decision on its merits and inform you of its decision by e-mail.
In the event of unlawful data processing you have experienced, please notify our company, so that the lawful state can be restored within a short time. In your interest, we will do our best to solve the problem you have outlined.
If you believe that the lawful state cannot be restored, please notify the authority at the following contact details:
National Authority for Data Protection and Freedom of Information
Postal address: 1530 Budapest, Pf.: 5.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
E-mail: ugyfelszolgalat (at) naih.hu
URL https://naih.hu
koordináták: N 47°30'56"; E 18°59'57"
LAWS ON WHICH DATA PROCESSING IS BASED
– REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
– Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information.
– Act LXVI of 1995 on Public Documents, Public Archives and the Protection of Private Archive Material.
– Government Decree 335/2005 (XII.29.) on the general requirements for document management of bodies performing public duties.
– Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Information Society Services.
– Act C of 2003 on Electronic Communications.
The Privacy Policy is valid from 10.06.2025 until withdrawal.