1. What are the principles behind our data management?
Our company adheres to the following principles when managing your data:
- Your personal data will be treated legally and fairly. When we are handle your information, it will be made transparent to you.
- Your personal data will only be collected for specific, transparent and legitimate reasons. We will not use your information for any unrelated tasks.
- The personal data we collect and handle is all relevant and appropriate for the purpose of our data management. Furthermore, we only collect essential information.
- Our company takes all necessary measures to ensure that the information we collect is accurate and if necessary, up-to-date. All inaccurate data, which has already been collected, will be immediately deleted or corrected.
- We file your personal information in a way that you can only be identified for the duration of the personal data management tasks.
- We ensure the security of your personal data by providing appropriate technical and organisational measures against unauthorised or unlawful manipulation, accidental loss, destruction or damage to your data.
With your personal data, our company…
- will only use the necessary information required for our collection, recording, organisation and storage of your data, based on the information we have provided you with, and by adhering to your voluntary consent.
- will make your personal data legally binding and compulsory in certain cases. In such cases, we will make sure to remind you of these obligations.
- or another third party will, in some cases, have a legitimate reason for managing your personal data, such as the operation, development and security of our website or web store.
2. Who are we?
Company name: PBT Hungary Ltd.
Headquarters: 1139 Budapest, Teve u. 9/d
Billing address: 1139 Budapest, Teve u. 9/d
Name of Representative: Bence Kovács
Company Registration Number: 01-09-667141
Tax Number: 12335990-2-41
Company name, address and contact information of our company’s hosting service provider:
Company name: SITEFACE Szolgáltató Kft
Address: 1181 Budapest, Csontváry K.T utca (street) 2. 4 em. (floor) 12
Tax number: 10901311-2-43
When managing data, in order to provide high quality services to our customers, we use the following data processing service providers:
1181 Budapest, Csontváry K.T utca 2. 4 em.12
IT and Storage Services
If we choose to change our data processors, these changes will be recorded in this notice.
Information about the data we manage:
Name of the activity and the purpose of data management
Visiting the website
The aim is to ensure the adequate, high-quality of the website’s operation,
to check and improve the quality of our services,
to record the number of visits,
for statistical purposes.
Legal interest of our company.
date of visit,
data of the supplementary pages visited,
the operating system and browsing system you are using.
For 12 months.
Our company does not handle personal data of this kind. Based on these data it is not possible for us to identify you.
Registration on the website
Aim is to register the new customer.
Until the registration is cancelled, or the consent is withdrawn.
Use of web shop services
· Aim is to register and keep track of visitors,
· handling and execution of orders,
· purchases, invoicing and delivery management,
· handling complaints, taking calls,
· analysing the habits of our customers,
· keeping in touch with our customers.
(GDPR Article 6., Clause 1 C,
Electronic Commerce Law. Section 13/A §,
Audit Office Law. 169. §).
· Full name,
· telephone number and e-mail address,
· online registration number,
· details of your purchase (product, quantity, price, date),
· payment details
· individual, or long-term discounts, participation in promotions
· dispatch information: delivery deadline and delivery address, or collection point details,
· billing name, or full name of individual,
· your tax number or tax identification number, (should these data be necessary for billing)
· billing address.
· For an indefinite period during the use of the web shop, but no later than the cancellation of the data contribution.
· In compliance with the contract, the retention period for the data obtained is 5 years.
· The retention period for invoices and documents issued (with which the invoice was produced) is 8 years.
objective: maintaining contact,
about new promotions, notifications about new products.
Until the individual unsubscribes.
You can anytime unsubscribe from our newsletter
We only ask for our visitors’ personal data on our website if they would like to register, login or purchase online.
You can contact email@example.com by email, or by post for more information regarding our data management. We will reply to your queries, without delay, within 15 working days (but not more than 1 month).
3. What are cookies and how do we handle them?
There are some cookies that do not require your prior consent. When first visiting our webpage, we will provide you with brief details about these cookies, such as authentication, multimedia players, load balancing, session cookies, user-interface customization cookies and user-centric security cookies.
In the event that your data is being processed, just by clicking on the website for the first time, our company will inform you and request your cookie consent.
Our company does not use, or allow cookies with which third parties may collected your data without your prior consent.
It is not obligatory to accept our cookies. However, our company does take responsibility for website’s undesirable performance due to the absence of these cookies.
Which cookies do we use?
the web application’s firewall cookie session, designed to prevent misleading cross references
ensuring the website’s operation
end of browsing session
For more information about third-party cookies, please visit:
4. What should you know about our web shop data management?
You voluntarily provide us with your personal information when registering, purchasing or contacting our company. For this reason, we ask you to please only provide accurate, precise and correct information when communicating with us, as you are responsible for the information you share. Incorrect, inaccurate and incomplete information may hinder the utilisation of our services.
In the event that you do not provide us with your own personal information, but that of another person, we will assume that you have their authorisation to do so.
You may revoke your data management consent at any time and at no cost…
- with revoking your consent to data handling, with the deletion of your registration,
- by unsubscribing from our newsletter
We undertake to register your withdrawal of consent – due to technical reasons - within 15 days. However, please note that we may still be able to process some of the information in order to fulfill our legal obligations or legal interests (ex. Accounting Law. 169.§, Consumer Protection Law. 17/A §).
In the event of fraudulent use of personal data, or if a visitor commits a criminal offense or attacks our company’s system, we will delete the individual’s details immediately and remove their registration from our records. However, if necessary, we will keep this information for the duration of the civil legal liability agreements or criminal proceedings.
5. What should you know about our direct marketing and newsletter management?
Through your subscribtion with the express purpose of providing data (declaration) or through later modification of your personal data stored on the newsletter (i.e. by expressly stating your intention to consent), you consent to the use of your personal data for marketing purposes. In this case - until the consent is withdrawn - your data will also be processed for the purpose of newsletter sending and a newsletter will be forwarded to you (Section 6 of Act XLVIII of 2008 on the basic conditions and certain restrictions of commercial advertising).
You may withdraw your consent to the newsletter free of charge and at any time.
A statement of this kind will in all cases be considered a withdrawal of consent. However, the withdrawal of consent to data processing for newsletter purposes is not considered as a withdrawal of consent to data processing in respect of our website at the same time. Why is this so? In the case of consents, each consent is for a specific purpose, so on our website e.g. call for proposals and newsletter subscriptions are two separate purposes, two separate databases, the two cannot be linked.
We undertake to register the withdrawal or cancellation of individual consents with a 30-day deadline because of technical reasons.
6. Registration related data management
In order to use the full service of our website, registration is required, for which we manage the name, e-mail address and company name of the data subject. The purpose of the personal data processing is to cooperate with partners, keep in touch, perform the services provided by the website. The legal basis of the personal data processing is the consent of the data subject. We store the processed data until the data subject withdraws his/her consent.
7. Other data management questions
We may only share your information under statutory terms and conditions. In terms of our data managers, we ensure that your personal information will not be used for any other motive, besides those which you have already agreed to, by abiding the terms and regulations of a contract. For further information consult point 2.
Our company does not transmit data abroad.
The court, the prosecutor’s office and other authorities (for example, the police, tax office, the National Authority for Data Protection and Freedom of Information) may contact our company for information, disclosure of data or other documents. In such cases, we are obliged to disclose this information, but only to the extent that is necessary for the fulfilment of the authority’s request.
Contributors and employees working as part of our data management team, are subject to confidentiality and they are entitled to know certain details about your personal information.
We protect your personal information with the appropriate technical, and various other measures. We also ensure the security and availability of your data, as well as protecting your information from being altered, damaged, disclosed or accessed and used by unauthorized individuals.
As part of our protection measures, we verify all access to our buildings, we regularly train our employees and we safely file and store our hard-copy documents on the premises. As part of our technical measures, we also utilise encryption, password protection services and an anti-virus software. However, we would like to remind you that transmitting any data via the internet is not considered a completely secure method for sharing information. As a company, we try our best to make these communications as safe as possible, but we cannot take full responsibility for the transfer of your personal data via our website. However, the information our company receives will be handled in such a way that it complies rigorously to regulations so that we protect your data and prevent any unauthorised access.
To help our security measures, we ask you to please write down your username and password in a safe place and please, do not share your password with anyone.
8. What are your rights and legal remedies?
Regarding your data management, you may…
- request information about it,
- ask for us to correct, modify, and supplement your information,
- object to data handling, and request for us to delete or block your data (except for mandatory data handling),
- have legal remedies in court,
- file a complaint with the supervisory authority or initiate a procedure (https://naih.hu/panaszuegyintezes-rendje.html).
Supervisory Authority: National Authority for Data Protection and Freedom of Information
- Headquarter: 1055 Budapest, Falk Miksa utca (street) 9-11.
- Postal address: 1374 Budapest, Pf. (PO Box.) 603.
- Telephone number: +36 (1) 391-1400
- Fax: +36 (1) 391-1410
- E-mail: firstname.lastname@example.org
- Website: https://naih.hu/
At your request, we will provide you with information regarding the management of your data by our company, or by other authorised individuals (according to Article 12 (5) of Decree 7/A), specifically about…
- your data,
- the source of this data
- the purpose, legal basis of the data management,
- the duration, or if this is not possible, then the aspects of the possible duration period
- the names, addresses and data handling duties of our data managers
- the circumstances and effects of data management incidents, and the measures that have been taken to prevent them,
- if your personal information is transferred, the legal basis and addressee of the transfer.
We will notify you within 15 calendar days (but not more than 1 month) of submitting your request. The information we provide you with is free of charge, unless you have already submitted a request for the same data, within the same year. We will refund you the fee if we have handled your data unlawfully, or if your request for information has been amended. Your request for more information may only be denied in statutory cases, by informing you about the law, as well as the judicial legal remedies and any additional information about contacting authorities.
Our company will notify you, and any other parties who have been previously forwarded your information, of any data amendments, terminations, indications and deletions regarding your personal data. An exception to this is if our failure to notify you, and the parties concerned, does not violate your legal interest in any way.
In the event that we fail to complete your request for amendments, terminations and deletions, we will send you a notice for why we are rejecting your request and provide you with further information about judicial legal remedies and how you can get in contact with the authorities within 15 calendar days (but not more than 1 month) following the receipt of the request, either in a writing or with your permission, an electronic copy.
Should you object to the handling of your personal information, we will examine your objection and inform you of our decision in writing without delay within within 15 calendar days (but not more than 1 month) of receiving your request. Should we decide that your objection is valid, we will end your cooperation and terminate the handling of your data (including any subsequent data collection and data transfer). Additionally, we will inform any other parties, who have been transferred your personal information, of your objection and their requirement to respect your legal right to object.
We have the right to refuse the validity of your request if we can prove that your data processing is an integral part of our legitimate legal obligations. Such is the case for legal conditions that prevail over your personal interests, rights, and freedom and those which are related to the submission, enforcement or defence of legal claims. Should you disagree with our decision, or if we miss the deadline regarding your cases’ decision, you may contact the court for a duration of 30 days once the decision’s deadline has passed.
The processing of data protection claims falls under the jurisdiction of the court. Depending on the wishes of the individual concerned, the case may be initiated at the local, or district court. Foreign nationals may also contact their local court with any queries.
We ask you to please contact our company, using the following e-mail address, email@example.com , before contacting the supervisory authority or the court with any queries, in order to resolve any problems as quickly as possible.
- Which main governing laws apply to our activities?
- a) Regulation No. 2016/679 of the European Parliament and Council, regarding the Management of Personal Data of Natural Persons (GDPR).
- b) Act CVII of 2011, regarding the Right to Informational Self-Determination and Freedom of Information.
- c) Act V of 2013, regarding the Civil Code.
- d) Act CVII of 2001, regarding Certain Issues of Electronic Commerce Activities and Information Society Services.
- e) Act C of 2003, regarding Electronic Communications.
- f) Act CLV of 1997, regarding Consumer Protection Law.
- g) Act CLXV of 2013, regarding Complains and Whistleblowing
- h) Act XLVIII of 2008, regarding the Basic Requirements and Certain Restrictions of Commercial Advertising Activities.
Budapest, 12. October, 2020