PRIVACY POLICY
DATA CONTROLLER INFORMATION
Company name: Homlok Építő Zrt.
Registered address: H-9561 Nagysimonyi, 23 Arany János street
Company registration number Cg. 18-10-100718
Tax number: 25811058-2-18
Represented by: András Zsolt Homlok, CEO
E-mail: homlokzrt@homlokzrt.hu
We hereby provide the following information regarding the protection of natural persons with regards to personal information management and the free flow of such data, and the repealment of Decree 95/46/EC (general data protection decree), according to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (27 April, 2016). This privacy policy regulates the data management of the following pages:
The privacy policy is available via the following links:
DEFINITIONS
a) personal information: any kind of information related to an identified or identifiable natural person (“data subjects”); identifiable is the natural person who can be identified in a direct or indirect way, especially based on some kind of identification, e.g. name, number, location data, online ID, or one or more aspects of the biological, physiological, genetic, intellectual, economical, cultural or social characteristics of such natural person.
b) data management: any operation or operations, carried out either in an automated or a non-automated way, on the personal information or data sets, such as collection, recording, organization, distribution, storage, conversion or modification, query, lookup, use, disclosure, transfer, distribution or other type of making available, harmonization or matching, restriction, deletion or disposal.
c) data controller: a natural person or legal entity, public authority, agency or any other authority that constantly defines the purposes of personal data management individually, or with others; in case the purposes of data management are defined by EU or member state laws, the manager or the special aspects for appointing the data controller may also be defined by member state laws.
d) data processor: a natural person or legal entity, public authority, agency or any other authority that handles personal information o behalf of the data controller.
e) recipient: a natural person or legal entity, public authority, agency or any other authority that the personal data is communicated to, whether or not they are a third party. The public authorities who can access the personal data as part of an individual investigation, compliant with EU or member state laws, do not constitute recipients; the management of the above mentioned data by these public authorities must comply with the relevant data protection regulations, according to the purposes of data management.
f) third party: a natural person or legal entity, public authority, agency or any other authority that is not the same as the data subject, the data controller, the data processor or the persons who, under the direct management of the data controller or the data processor, are authorized to handle the personal information.
g) record keeping system: a data set of personal information, organized in any way, according to centralised, decentralised or functional or geographical aspects, accessible according to specified criteria.
h) data protection incident: a breach of security that results in the accidental or unlawful disposal, loss, modification, unauthorized communication or unauthorized access of data being transferred, stored or otherwise handled.
i) representative: a natural person or legal entity with a place of business or place of residence in the European Union, appointed by the data controller or the data processor in written form, according to Paragraph 27, representing the data controller or data processor in relation to the liabilities of the data controller or data processor pursuant to this decree.
j) company: a natural person or legal entity engaged in economic activity, irrespective of the legal form, including personal partnerships and associations engaged in regular economic activity.
PRINCIPLES OF DATA MANAGEMENT
1. Legitimacy, fair procedure and transparency
The company carries out data management in a legitimate and fair way, transparent to the data subject (legitimacy, fair procedure and transparency).
2. Purpose limitation
The company collects data only for specified, clear and legitimate purposes, and does not handle data in a non-compatible way (purpose limitation).
3. Data minimisation
The company carries out data management according to its purpose(s), in a relevant way, minimising data to the necessary level (data minimisation). Accordingly, the company does not collect or store more data than absolutely necessary for the purpose of the data management.
4. Accuracy
Data management by the company is accurate and up-to-date. The company takes all reasonable measures in order to immediately delete or rectify all personal information inaccurate from the aspect of the purposes of data management (accuracy).
5. Limited storage
The company stores the personal information in a format that makes personal identification of the data subjects possible for a limited time, necessary to achieve the data management purposes, according to the storage obligations specified by relevant legislative acts (limited storage).
6. Integrity and confidentiality
The company ensures appropriate level of safety of the personal information by using appropriate technical or organizational measures, including protection against unauthorized or unlawful handling, accidental loss, disposal or damage of personal information (integrity and confidentiality).
7. Accountability
The company is accountable for compliance with the above-detailed principles, and the company certifies such compliance (accountability). In accordance with the above, the company ensures continuous compliance with the regulations of this in-house policy, the continuous review of data management, and, if necessary, the modification and amendment of data management procedures. The company prepares documentation to certify compliance with statutory obligations.
DATA MANAGEMENT
1. Contact via www.homlokzrt.hu
The fact of data collection, the scope of managed data and the purpose of data management
| Personal information | Necessary for contact and quotes. |
| Name: | Identification of the data subject |
| E-mail address | Communication. E-mail addresses not necessarily contain personal information. |
| Telephone: | Communication |
| Data subjects | All the data subjects contacting us via the web page. |
| Duration of data management, deadline for data deletion | Immediately upon the request of the data subject, by filling a form or sending an e-mail. |
| Possible data controllers, authorized to access the data, recipients of personal information | Personal information may be managed by the data controller and their colleagues charged with carrying out marketing activities, respecting the above principles. |
| Description of the data subjects’ rights to data management | • The data subject may request access to, and rectification or deletion of, or restriction of access to the personal data relating to them from the data controller, and • may object to the handling of such personal data, and the data subject has the right to data portability and the withdrawal of consent at any time. |
| Access to, deletion or modification of, or restricting access to the personal data, data portability, or objection against data processing may be initiated in the following ways by the data subject | Postal mail: H-9561 Nagysimonyi, 23 Arany János street
By e-mail: homlokzrt@homlokzrt.hu |
| Legal basis for data management | Consent of the data subject, Paragraph 6, Article (1), Item a), Paragraph 5, Article (1) of the Act on Information Technology. |
| Information | We hereby inform you that data management is based on your consent. |
2. Use of “Google Analytics”
The home pages of Homlok Zrt. use Google Analytics, the web analytics service of Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files, stored on your computer, thus facilitating the analytics of the web page visited by the User.
The information created using the cookies related to the web page used by the User are normally sent to and stored on one of the USA-based servers of Google. By activating IP-anonymizing on the web page, Google truncates the User’s IP address upon its arrival at the server inside the European Union’s member states or in other states that are a party to the Agreement on the European Economic Area, before saving it in a mass storage. (https://support.google.com/analytics/answer 2763052?hl=en)
Sending the complete IP address to one of Google’s USA-based servers and having them truncated there is carried out in special cases only. Commissioned by the operator of this web page, Google will use this information to evaluate the use of the web page by the User, and to create reports on home page activity for the web page operator, and to provide other services related to web page and internet usage.
Google Analytics does not link the IP address provided by the user's browser to other Google data. The User may prevent the storage of cookies by adjusting their browser accordingly, however, please note that not all features of this website may be fully accessible in this case. In addition, you may prevent Google from collecting and processing cookie data related to web page usage by the User (including the IP address) by downloading and installing the browser plug-in available on the following link. https://tools.google.com/dlpage/gaoptout?hl=hu
3. Use of “cookies”
The fact of data collection, the scope of managed data and the purpose of data management
| Unique identification number, dates, times | Identifying users and tracking visitors. |
| Data subjects | All the data subjects using the web page |
| The purpose of data management | Identifying users and tracking visitors. |
| Duration of data management, deadline for data deletion | Until the end of the relevant visitor session, or a period of two years, according to the regulators issued by Google Analytics https://developers.google.com/analytics/devguides /collection/analyticsjs/cookie-usage
|
| Possible data controllers, authorized to access the data, recipients of personal information | The controller does not process personal information using cookies. |
| Description of the data subjects’ rights to data management | The data subjects have the option to delete the cookies in the Tools / Options menu of the browsers, usually under the menu item Privacy settings. |
| Legal basis for data management | The consent of the data subject is not required if the sole purpose of the use of cookies is the transmission via the electronic communications network, or for the service provider to provide the information society service specifically requested by the subscriber or user. |
4. Other data handling
If a question arises during the use of our data management services, or the data subject has a problem, you may contact the data controller in the ways specified on the website (telephone, e- mail, social media sites, etc.).
The data controller will delete all the received e mails, messages, and data received by phone, Facebook, etc., together with the name and e mail address of the inquirer, and any other personal data provided voluntarily after a maximum of 2 years from the date of disclosure.
Further information on data management not listed in this policy will be provided when recording the data.
The Service Provider is obliged to provide or hand over information, or to make documents available upon the special request of certain authorities or other authorities based on authorization by legislative acts.
In such cases, the Service Provider issues personal data to the requesting party, if they specify the exact purpose and scope of the data, only to the extent strictly necessary to achieve the purpose of the request.
DATA TRANSMISSION, DATA PROCESSORS
The hosting provider
1. Activity provided by the data processor: Hosting service
2. Name and contact information of the data processor
Netalfa Informatikai Szolgáltató Kft.
H-9700 Szombathely, 7 Fő square.
Company registration number: 18-09-105081
Tax number: 12853489-2-18
3. The fact of data management and the range of handled data: All personal data provided by the
data subject.
4. Data subjects: All the data subjects using the web page.
5. The purpose of data management: Making the website available and ensuring its proper
operation.
6. Duration of data management, deadline for data deletion: Data management will go on up to
the termination of the agreement between the data controller and the hosting provider, or the
data subject's request for cancellation to the hosting provider.
7. Legal basis for data processing: consent of the User, Paragraph 5, Article (1), Item 6, section (1),
item a) of the Act on Information Technology, and Paragraph 13/A, Article (3) of Act CVIII of
2001 on certain aspects of electronic commerce services and information society services.
