Please read this document carefully before contacting us (enquiry, request for proposal).
PRIVACY POLICY
1. Data controller's details
I.A.S.G. Ltd.
Location.
Website: www.iasg.hu
Tax number: 25014787-2-13,
Company registration number: 13-01-171656,
Electronic contact: adatkezeles@iasg.hu
The Data Controller is not obliged to appoint a Data Protection Officer under Article 37 GDPR.
2.
This Privacy Notice is valid from 10 June 2022 until its withdrawal.
I.A.S.G. Ltd. (hereinafter referred to as the "Controller"), as the operator of iasg.hu, informs its visitors that it processes personal data in connection with the website only on the basis of the provisions of this Privacy Policy.
The subject matter of this notice covers all processes carried out by the Data Controller in the course of operating the website, in the course of which personal data as defined in Article 4(1) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as "GDPR") are processed.
The definitions in this notice correspond to the interpretative definitions set out in Article 4 of the GDPR.
The Controller declares that it processes personal data only for the exercise of a right or the performance of an obligation. The personal data processed will not be used for private purposes and will at all times be processed in accordance with the purpose limitation principle - if the purpose of the processing ceases to exist or the processing is otherwise unlawful, the data will be deleted.
The Controller may have the following legal bases for processing personal data:
the data subject has given his or her prior consent to the processing,
The processing is necessary for the performance of a contract to which the data subject is a party or is necessary for the purposes of taking steps at the request of the data subject prior to entering into the contract,
processing is necessary for compliance with a legal obligation to which the controller is subject,
processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party.
For processing based on voluntary consent, data subjects may withdraw their consent at any stage of the processing.
The Data Controller shall retain during the processing
confidentiality: it protects the information so that only those who are entitled to have access to it have access to it;
integrity: to protect the accuracy and completeness of the information and the method of processing;
availability: it ensures that when the authorised user needs it, he has effective access to the information and the means to obtain it.
The employees of the Data Controller shall keep the personal data they receive as business secrets.
In the course of their work, the employees of the Data Controller shall ensure that no unauthorised persons have access to personal data. Personal data are stored and stored in such a way that they cannot be accessed, accessed, altered or destroyed by unauthorised persons.
3. Data subject's rights and means of enforcement
If you wish to exercise your rights, this implies your identification and the necessary communication with the Data Controller. Therefore, in order to identify you, you will need to provide personal data (but the identification can only be based on data that the Controller already processes about you. If you have been a customer and would like to be identified for the purposes of complaint handling or warranty handling, please also provide the confirmation number associated with your order number for identification purposes. We can use this to identify you as a customer.
The Data Controller will respond to your request for processing (which may be for information, rectification, erasure, restriction or withdrawal of consent, depending on the legal basis of the processing) within 30 days at the latest.
During the period of processing, you have the following rights under the GDPR:
3.1.
a) Right to information
b) Right of access
c) Right to data portability
3.2 Rights to the enforcement of the principle of accuracy
a) Right to rectification
b) The right to erasure and oblivion
c) Right to restriction of processing
3.3 The right to object and the right to withdraw consent
3.4. Remedies procedures
Right to apply to the courts
The data subject may take the Data Controller to court in the event of a breach of his or her rights. The court shall rule on the case out of turn.
Data Protection Authority complaint
You may lodge a complaint or initiate proceedings with the supervisory authority, the National Authority for Data Protection and Freedom of Information.
Contact details of the Authority:
Name: National Authority for Data Protection and Freedom of Information
Headquarters.
Address for correspondence: 1530 Budapest, PO Box 5.
Telephone: +36-1-391-1400
Fax: +36-1-391-1410
E-mail: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu
4. Process of data processing
4.1.
Anyone can access the website of the Data Controller without revealing their identity and without providing their personal data, and can obtain information freely and without restriction on the website and on the pages linked to it. However, non-personally identifiable information is collected automatically and without limitation from visitors to the website. However, no personal data can be extracted from this data, and therefore no processing within the scope of the GDPR takes place.
The Data Controller uses the web analytics service Google Analytics on the website. Google Analytics uses "cookies", text files placed on the website visitor's computer, to help analyse the use of the website. The information generated by the cookie about the use of the website (the website visitor's IP address) will be transmitted to and stored by Google on servers in the United States of America.
Google will not associate the information generated by the cookie with any other data - therefore, Google will not process any personal data on the basis of the applicable data protection legislation. The website visitor may refuse the use of cookies by selecting the appropriate settings on his or her browser.
By using this website, the website visitor consents to the processing of his/her data in the manner and for the purposes set out above.
Google will use this information for the purpose of evaluating and analysing your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage.
4.2. Contacting the Data Controller
On the website of the Data Controller, the visitor has the possibility to contact the Data Controller by filling in a form with the relevant data required to contact the Data Controller. However, the data subject can only send the data if he or she accepts the Controller's data processing rules by ticking a box, without which he or she cannot send the message.
The legal basis for this processing is the consent of the data subject.
Purpose of the processing: to facilitate contact with the Data Controller.
Data processed: name, e-mail address, telephone number, text of the message fields
Time limit for data storage: until the contact is made (until the purpose is achieved).
Method of data storage: electronic
5. Other provisions
The principles of data management are in line with the applicable legislation on data management and data protection, in particular:
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46/EC (General Data Protection Regulation, GDPR);
Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (Infotv.);
Act V of 2013 - on the Civil Code (Civil Code).
In matters not covered by this information, the rules of the GDPR shall apply.