What is the purpose of this policy?

Pannónia Könyvvizsgáló Kft., as the Data Manager, handles personal data for several purposes and intends to do so by respecting the rights of the data subjects and fulfilling the legal obligation.

Pannónia Könyvvizsgáló Kft. also considers it important to present to the data subjects the handling of the personal data that came to its knowledge during its data management activities, its most important features.

Who handles Your personal data?
Your personal data are handled by Pannónia Könyvvizsgáló Kft.

Contacts:
Post address: 9027 Győr, Budai út 5/A
E-mail address: asszisztencia@pannoniakonyvvizsgalo.hu
Website: https://www.pannoniakonyvvizsgalo.hu/
Telephone: +36 20/745-55-41 (Molnár Imre, executive director)

Basic data of data handling:

Purpose of data handling
Ensuring the proper and high-quality operation of the website.

Legal basis of data managament
The consent of our client based on
GDPR Article 6. (1) a)

Handled data
IP address, date of visit, details of subpages visited, type of operating system and browser you are using

Duration
1 month

Affected by data handling
Visitors of the website

Purpose of data handling

Requesting an offer

Legal basis of data managament

Pre-contract data managament
GDPR Article 6.(1)  c)

Managed data
Name of the client, e-mail address, content of request

Duration
Until the offer is valid or, at the time of concluding the contract, until the contract is kept.

Affected by data handling
The client who requested the offer.

Purpose of data managament
Sending of newsletter
Keeping contact wiht the client, notification about new services and products.

Legal basis of data managament
The consent of our client based on
GDPR Article 6. (1) a)

Managed data
surname and first name, company name, e-mail address (telephone number)

Duration
until you unsubscribe from the newsletter

Affected by data handling
Subscribers of newsletter

In the case of consent-based data management, the Data Subject may withdraw his or her consent at any time and free of charge and the Data Controller will delete his data.

The provision of personal data is optional. If you do not provide your details, some of the convenience services on the website will not work or we will not be able to make an offer.

What are cookies and how do we use them?

Cookies are small data files that are transmitted to your computer via the website while using it and saved and stored by your internet browser. Most of the most commonly used Internet browsers (Chrome, Firefox, etc.) accept and allow the download and use of cookies by default, but it is up to you to refuse or disable them by changing your browser settings, and you are able to delete cookies that are already stored on your computer. For more information on the use of cookies, see the “help” menu item in each browser.

There are cookies that do not require your prior consent. Our website provides brief information about these when you start your first visit, such as authentication, multimedia player, load balancing, session cookies to help you customize the user interface, and user-centric security cookies.

If the data processing already starts with a visit to the site, the Data Controller will inform you about the cookies requiring consent and ask for your consent when starting the first visit.

The Data Controller does not use or allow cookies that allow third parties to collect data without your consent.

Acceptance of cookies is not mandatory, however, our Company is not responsible if, in the absence of cookies, our website may not function as expected.

You can read more about third party cookies in the following: https://www.google.com/policies/technologies/types/

You can read more about data protection here: https://www.google.com/analytics/learn/privacy.html?hl=hu

To whom we pass your data?
We do not pass on your personal data to third parties, natural persons. We will only release your data at the official request of an authority or official body with the appropriate legal basis.

What external service provider (data processor) do we use?
We do not use further data processors.

What principles we consider important when handling your data?

The processing of personal data is carried out in accordance with the applicable legal regulations.

The Data Controller handles only personal data specified in the context of individual data processing.

It protects the security of the personal data provided by all necessary technical and organizational measures.

It pays particular attention to ensuring the confidentiality, integrity and availability of personal data.

The Data Controller is responsible for the authenticity and accuracy of the personal data after they have been provided.

The terms used in this prospectus are governed by the EU General Data Protection Regulation (GDPR 2016/679) and Act CXII of 2011 on the right to information self-determination and freedom of information. interpreted in accordance with the terms defined in the interpretative provisions of the Act.

What rights do you have in relation to the personal data managed by the Data Controller?

The Data Controller ensures that data subjects are able to exercise their rights under the GDPR Regulation. A request for the exercise of these rights may not be refused by the Data Controller unless he or she proves that the data subject cannot be identified. It is therefore necessary for the data subject to identify himself in order to comply with his request.

The Data Controller is obliged to fulfill the request without delay, but within a maximum of 1 month from the receipt, and to inform the data subject about possible obstacles or delays in execution. In that case, the time limit may be extended by a further 2 months, provided that the person concerned is informed of the extension and the reasons for it within 1 month.

The data subject shall respond to the data subject’s request in the form in which it was received. The data subject has the option of submitting his / her application electronically, in which case he / she will also receive the reply electronically, unless he / she expressly provides otherwise.

In order to ensure the rights of the data subject, the rights set out in this prospectus can be exercised free of charge, therefore the controller does not charge a fee, unless the request is manifestly unfounded or, in particular, excessive due to its repetitive nature.

If and to the extent that the requested action or information is excessive or manifestly unfounded, the controller may charge a reasonable amount for compliance (in particular to cover the increased administrative costs of excessive requests) or refuse to act on the request.

In such a case, the controller has a duty to state reasons to the data subject.

In accordance with the law, data subjects may exercise the following rights:

a.) During the entire period of data processing, the data subject is entitled to request information and access to the personal data managed by the data controller and the characteristics of the data processing, in particular:

– the identity and contact details of the data controller and his / her contact person, if the data controller employs a data protection officer, his / her contact details

– the purpose, legal basis and duration of the data processing,

– the name and address of the data processor, its activities related to data management, if the data processor is used

– the legal basis and the recipient of the transfer, if any

– any data protection incident that may have occurred

b.) The data subject has the right to request the correction of his / her personal data: If the data of the customer have changed or are inaccurate, the data controller will modify them at his / her request at any time during the processing of the personal data. You can request this request through our contact details.

c.) In the case of data processing based on the data subject’s consent, the data subject may at any time withdraw his or her consent and request that the data controller delete his or her data, if the data processing has no further legal basis.

The personal data of the Data Subject shall also be deleted if the processing of the data is unlawful, the purpose of the data processing has ceased or the specified term for storage of the data has expired; or ordered by a court or the National Authority for Data Protection and Freedom of Information.

d.) The Data Controller restricts the processing of personal data if the data subject so requests.

The data subject may request that his or her data be restricted in the following cases

– if you dispute the accuracy of your data, in this case the restriction applies to the period of time that allows the controller to check the accuracy of the personal data

– if the processing is unlawful and the data subject opposes the deletion of his data and instead requests that they be restricted

– the controller no longer needs personal data for the purpose of data processing, but the data subject requests them in order to submit, enforce or protect his or her legal claim

– the data subject objects to the processing, in which case the restriction shall apply for as long as it is established whether the legitimate reasons of the controller take precedence over the legitimate reasons of the data subject

e.) the data subject may object to the processing of his or her personal data if the processing of his or her data is managed by the data controller on the basis of a legal basis necessary for the enforcement of his or her own or a third party’s legitimate interests. In that case, the personal data may not be further processed by the controller unless it demonstrates that the processing is justified by overriding legitimate reasons which take precedence over the data subject’s interests, rights and freedoms or which relate to the submission, enforcement or defense of legal claims.

f.) If the data processing is based on consent or is necessary for the performance of a contract and the data processing is automated, ie the data of the data subjects are processed by machine register, the data subject is entitled to have the personal data provided to him used in a machine-readable format. Furthermore, they should be transferred to another data controller without being hindered by that data controller. (Right of the data subject to data portability)

Remedies available to the data subject.
In the event of an alleged breach of the law relating to the processing of your personal data, you may lodge a complaint with the National Data Protection and Freedom of Information Authority or apply to the competent court.

Contacts of National Data Protection and Freedom of Information Authority:

1125 Budapest, Szilágyi Erzsébet fasor 22/C. Tel./fax: +36 (1) 391-1400

E-mail: ugyfelszolgalat@naih.hu
Web: http://naih.hu