1. Data Controller
Lanoga Software Development Ltd.
Seat: 11 Móra Ferenc utca 6413 Kunfehértó, Hungary
Office: 11 Zsinkó István utca 7622 Pécs, Hungary
Phone nr. : +36 72/820-085
E-mail: [email protected]
2. Legal grounds for data processing
The Company processes the data of its Clients in compliance with CXII of 2011 on Information Self-Determination and Freedom of Information. ('the Information Act') and Regulation (EU) 2016/679 of the European Parliament and of the European Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and the repeal of Decree 95/46 / EC (General Data Protection Regulation);, and is committed to protecting the personal data of the Clients, and considers it highly important to respect the right of information self-determination of users.
Other important legislation taken into account when preparing this information sheet:
- Act CXIX of 1995 on the management of name and address data for the purpose of research and direct marketing;
- Act CVIII of 2001 on certain aspects of electronic commerce services and services related to information society.
3. Basic concepts of Data Processing
- Information related to the person affected - in particular the name, identifying code, other physical, physiological, mental, economic, cultural or social information identifying the person concerned and the conclusion that may be deduced from the data related to the person affected
- Personal data: any data that can be associated with a specific (identified or identifiable) natural person (data subject), and a conclusion on the data subject can be made through the data concerned. Personal data in the course of data processing will retain this quality until its relationship with the data subject can be restored. The person concerned is considered to be identifiable, in particular, if he or she can be identified, directly or indirectly, by a name, identification mark or one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;
- Special data:
- a) Data related to racial origin, nationality, ethnicity, political opinion or party affiliation, religious or other ideological beliefs, trade union membership,
- b) health status, harmful / abnormal passions, sexual orientation as well as data related to the data subject’s criminal record;
- Consent: a voluntary and determined expression of the data subject's wishes, based on appropriate information and whereby he or she gives unambiguous consent to the processing of personal data relating to him or her, wholly or in part;
- objection: a statement by the data subject whereby he or she objects to the processing of his or her personal data and requests the termination of the data processing and the deletion of the data processed;
- Data controller: A natural or legal person, or an organization without legal personality, who determines the aim of data processing, makes the decisions on data processing (including the device used) and performs it or have the data processor delegated by him or her perform it;
- Data processing: irrespective of the procedure used, any operation or set of operations performed on the data, such as collecting, recording, archiving, organizing, storing, modifying, using, transmitting, disclosing, coordinating or interconnecting, blocking, deleting or destroying data, and the prevention of further use of the data. Data processing includes taking photographs, audio or video recording, and the recording of physical characteristics suitable for identifying a person (e.g. finger or palm-print, DNA sample, iris image);
- data transfer: if the data is made available to a specific third party;
- Disclosure: if the data is made available to anyone;
- deletion of data: making data unrecognizable in a way that their recovery is no longer possible;
- Data blocking: disabling the transmission, acquisition, disclosure, transformation, alteration, destruction, deletion, interconnection or alignment and use of data permanently or for a specific period of time;
- Data Destruction: complete physical destruction of data or media containing them;
- data processing: performing technical tasks related to data management operations, irrespective of the method and equipment used to perform the operations and the location of the application;
- data processor: a natural or legal person, or an entity without legal personality, who, on behalf of the controller, processes personal data;
- Third party: a natural or legal person or an entity without legal personality that is not the same as the data subject, data controller or data processor;
- Third Country: any country that is not a member of the European Economic Area.
4. Purpose of data processing
The Company processes only the data of natural persons who are include in its customers or members of client companies or involved in the work relationships.
The Company processes data for the following purposes:
- issuing documents needed for the conclusion and performance of the Contract, issuing the relevant invoice,
- fulfilment of other contractual obligations of the Company
- to facilitate communication between the Customers on the Company's site, based on the Client's consent;
- in case of breach of contract by the Client, the enforcement of the Company's rights,
- evaluating and analysing the Company's market, consumers, products and services,
- communicating with the Customer concerning the above
Data processing shall meet the purpose of data processing at all stages of data management.
5. Principles of data processing
The Company, as data controller, shall observe the following requirements in the course of managing the personal data of the Clients, and in the course of processing them by computer:
- The Company acquires and manages personal data fairly and lawfully,
- The Company only stores and processes the data for specified and legitimate purposes and does not use it in any other way,
- The Company only manages data that are essential for the purpose of data processing and are suitable for achieving the specified goal;
- The Company may process personal data only to the extent and for the time necessary to achieve the purpose concerned,
- The Company shall take appropriate security measures to protect personal data stored in data files in order to prevent unauthorized access, alteration, transmission or disclosure, erasure or destruction, accidental destruction and injury, and unavailability due to changes in the technology used.
- During the course of data processing, the Company ensures the accuracy and completeness of the data concerned, and makes sure that the Client can be identified only for the time necessary for the purpose of data processing.
6. Scope of data processed
The Company's concept of personal data includes data that can be related to the Customer, and whereby the Customer can be identified - such as the Customer's name, address, e-mail address, telephone number, mother's name, date of birth, birth name, or conclusions regarding the Customer can be made through the data. Personal data will retain this quality as long as its relationship with the Customer can be restored.
Scope of data processed by the Company:
- First name and surname
- Company name (optional)
- Field of expertise
- Delivery address
- Invoicing address
- Email address
- Phone number
The Company cannot be held liable for unauthorized data management by its Clients.
7. Source of data
The Company obtains the personal data of its Clients in various ways and sources, thus, in particular, as the Client provides the Company with data at the conclusion of a Contract. The Company may manage Customer information together and associate it with data that has otherwise been made available to the Company regarding the uses indicated above.
8. Duration of data management
The Company is entitled to manage and process personal data of the Client during the existence of the legal relationship and, as well as if the Client has been late in payment, until the settlement of its outstanding debt to the Company.
Data, the processing of which is required by law, is authorized and must be managed and processed until the deadline specified by law.
9. Legal grounds for data processing
The Company may manage the data without special consent and after the withdrawal of the Client's consent for the purpose of fulfilling its legal obligation or for enforcing the legitimate interest of the Company or a third party, adding that the way these interests are enforced has to be in proportion with limiting the right to the protection of personal data.
10. Persons performing data processing
The Company and its employees, affiliates and associates, as well as its affiliated companies and their legal successors shall be entitled to the acquiring and processing of the data to the aim and extent specified above.
The persons involved in the data processing of the Company shall be bound by the obligation of confidentiality with regard to the data they become aware of.
11. Data Processing
The rights and obligations of the data processor regarding the processing of personal data are determined by the Company in accordance with the relevant legislation. The Company is responsible for the lawfulness of its instructions. The data processor may not make a substantive decision regarding the data management, and may process the personal data it has received only in accordance with the provisions of the Company, may not process data for its own purposes, and shall store and preserve personal data in accordance with the provisions of the data controller.
12. Data transfer
If the Customer fails to fulfil its payment obligation to the Company and the Company uses a claim management company or legal representative to collect the Customer's claim, the Customer shall be entitled to transfer the Customer's data. The claim management company or the legal representative can manage the data of the Client based on the order given by the Company for the purpose of recovering the claims of the Company or the claim management company (such as administrative fees, attorneys' fees etc.) incurred by the claim management company regarding the recovery until the end of the recovery period set by the Company and the claim management firm, i.e., in principle, for 90 days or until the claim is successfully recovered within that period. The claim management company or the legal representative may also handle the data transferred in litigation, out-of-court and non-litigation procedures for claim enforcement. The data transferred will be communicated to the employees of the claim management company or the legal representative. Customer agrees to the collection of additional data from the Client by the claim management company or by the legal representative for the purpose of collecting the claim in addition to the data already provided (e.g. recording of the Customer's new address or telephone number in the public directory). The Company is entitled to transfer the data of the Client to the companies carrying out the accounting and auditing, to a claim management company or legal representative, and in all cases where the law orders mandatory data transfer to the bodies specified in the law.
13. Providing Information
Customers are entitled to request information on the management of their personal information or to request the correction, deletion or blocking of their personal data.
Upon the Customer's request in any form, the Company is obliged to provide information in writing in a comprehensible manner, on the data it processes regarding the data subject, as well as the purpose, legal grounds, duration of the data processing concerned, and the name, address and data processing activities of the data processor within 30 days. Besides, in the case of transmission of Customer's personal data, the legal grounds and the addressee of the transfer.
The Client's request for information may be refused only in the cases specified by law, with appropriate justification referring to the law. In the event of refusal to inform, the data subject must be informed of the possibility of judicial remedy and of the option of recourse at the National Authority for Data Protection and Freedom of Information.
14. Rights of Data Subjects
If personal data concerning the data subject are not correct, the data subject is entitled to request the correction of his / her data. The Customer may object to the processing of his or her personal data in accordance with the applicable legislation, if the processing of such data does not comply with the law. The personal data processed must be deleted if its management is unlawful or the data subject applies for it and the purpose of the data processing has ceased to exist, if it is incomplete or incorrect and if ordered by the National Authority for Data Protection and Freedom of Information.
Personal data should be blocked instead of deletion if requested by the data subject or if the available information suggests that the deletion would infringe the legitimate interests of the data subject. Personal data blocked this way can only be processed until the purpose of the data processing that excludes the deletion of personal data prevails.
The data subject as well as all those to whom the data was previously transferred for data management have to informed on the correction, blocking and deletion. (Notification may be omitted if this does not infringe the legitimate interest of the data subject for the purpose of data processing.) If the request for correction, blocking or deletion by the data subject cannot be executed, the refusal of correction, blocking and deletion shall be communicated in writing within 30 days of receipt of the request including its factual and legal grounds. In this case, the person concerned should be informed of the possibility of judicial remedy and of having recourse to the relevant authorities.
If you feel that the Data Controller has violated your personal data protection rights, please contact us so that we could remedy any violation.
Lanoga Software Development Ltd.
Seat: 11. Móra Ferenc utca 6413 Kunfehértó, Hungary
Office: 11. Zsinkó István utca 7622 Pécs, Hungary
Phone: +36 72/820-085
Email: [email protected]
We inform the data subjects that they can also enforce their claims in civil litigation or may request the assistance of the National Authority for Data Protection and Freedom of Information (NAIH): http://www.naih.hu/contact.html
Any possible civil dispute is governed by Hungarian law