Data Processing Information
for the visitors and registered users of the website http://www.napitender.hu
Introduction
The service provider/data controller processes the data of individuals registered on the website in order to provide them with appropriate services during the operation of the website.
The service provider fully complies with the legal regulations related to the processing of personal data, particularly the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council.
This privacy policy is based on the General Data Protection Regulation (EU) 2016/679 concerning the protection of natural persons with regard to the processing of personal data and the free movement of such data, taking into account the provisions of Act CXII of 2011 on the right to informational self-determination and freedom of information.
Name of the Service Provider/Data Controller:
Name/Company Name: Smart Tender Innovations Kft. (Smart Tender Innovations Szolgáltató Korlátolt Felelősségű Társaság)
Registered Office: 1116 Budapest, Fehérvári út 126-128. 6th floor
Tax Number: 32341595-1-43
NAIH Registration Number: –
Website Name, Address: Napitender.hu, https://napitender.hu/
Privacy Policy Available at: https://napitender.hu/adatkezelesi-tajekoztato/
Contact Details of the Data Controller:
Name/Company Name: Cserjési András/Smart Tender Innovations Kft.
Registered Office: 1116 Budapest, Fehérvári út 126-128. 6th floor
Mailing Address: 1116 Budapest, Fehérvári út 126-128. 6th floor
Email: cserjesi.andras@napitender.hu
Phone: +36 20 267 85 57
Definitions
- GDPR (General Data Protection Regulation): The new Data Protection Regulation of the European Union.
- Data Processing: Any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- Processor: A natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.
- Personal Data: Any information relating to an identified or identifiable natural person („data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
- Controller: The natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of the processing of personal data.
- Data Subject’s Consent: Any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
- Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise processed.
- Recipient: A natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not.
- Third Party: A natural or legal person, public authority, agency, or another body other than the data subject, controller, processor, or persons who, under the direct authority of the controller or processor, are authorized to process personal data.
__
Principles of Data Processing
The data controller declares that it processes personal data in accordance with the principles set out in this privacy policy and complies with applicable legal requirements, with particular attention to the following:
- Personal data must be processed lawfully, fairly, and in a transparent manner in relation to the data subject.
- Personal data must be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
- The processing of personal data must be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
- Personal data must be accurate and, where necessary, kept up to date. Inaccurate personal data must be erased or rectified without delay.
- Personal data must be kept in a form that permits the identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
- Personal data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.
- The principles of data protection apply to any information concerning an identified or identifiable natural person.
__
Important Data Processing Information
- Purpose of Data Processing: The purpose of data processing is to provide additional services to registered users of the website during its operation.
- Legal Basis of Data Processing: The legal basis for data processing is the data subject’s consent.
- Scope of Data Subjects: Registered users of the website.
- Duration of Data Processing and Data Erasure: The duration of data processing depends on the specific user purpose, but data must be erased immediately if the originally intended purpose has been achieved. The data subject may withdraw consent at any time by sending an email to the contact email address provided. If there are no legal obstacles to erasure, the data will be deleted.
- Persons Authorized to Access the Data: The data controller and its employees.
- Rights of the Data Subject: The data subject may request access to, rectification, erasure, or restriction of the processing of personal data relating to him or her and may object to the processing of such data, as well as exercise the right to data portability.
- Withdrawal of Consent: The data subject may withdraw consent to data processing at any time, but this does not affect the lawfulness of the data processing carried out based on consent before its withdrawal.
- Right to Lodge a Complaint: The data subject has the right to lodge a complaint with the supervisory authority.
- Data Provision Requirements: To use the benefits of registration and the services of the website, the provision of personal data is necessary. The data subject is not obliged to provide personal data, and failure to provide data does not result in any disadvantage. However, certain functions of the website cannot be used without registration.
__
Website Registration
- Purpose of Data Processing: To provide additional services and facilitate contact.
- Legal Basis of Data Processing: The user’s consent.
- Scope of Data Subjects: Registered users of the website.
- Duration of Data Processing: The data is processed until consent is withdrawn. The user may withdraw consent at any time by sending an email to the contact email address provided.
- Persons Authorized to Access the Data: The data controller and its employees.
- Storage Method of Data: Electronic.
- Modification or Deletion of Personal Data: Initiated via email, phone, or letter using the provided contact information.
__
Data Processing for Orders
- Purpose of Data Processing: To provide additional services, facilitate contact, and send confirmation emails. To fulfill your order, it is necessary to provide contact and billing information required for communication and invoicing.
- Legal Basis of Data Processing: The user’s consent. In the case of billing, the legal basis is a statutory requirement.
- Scope of Data Subjects: Registered users of the website.
- Duration of Data Processing: Data processing is based on legal requirements or until consent is withdrawn. The user may withdraw consent at any time by sending an email to the contact email address provided.
- Persons Authorized to Access the Data: The data controller and its employees.
- Storage Method of Data: Electronic.
- Modification or Deletion of Personal Data: Initiated via email, phone, or letter using the provided contact information.
__
Invoicing
- Purpose of Data Processing: To issue and send electronic invoices as email attachments.
- Legal Basis of Data Processing: Statutory mandatory data processing.
- Scope of Data Subjects: Customers of the service provider.
- Duration of Data Processing: Data processing is based on legal requirements or until consent is withdrawn. The user may withdraw consent at any time by sending an email to the contact email address provided.
- Persons Authorized to Access the Data: The data controller and its employees.
- Storage Method of Data: Electronic.
- Modification or Deletion of Invoicing Data: Initiated via email, phone, or letter using the provided contact information, but must comply with legal requirements.
__
Newsletter Subscription
- Purpose of Data Processing: To send professional newsletters, promotional emails, and other information, from which you can unsubscribe at any time without consequences. Even if your business ceases to exist or you leave the company, or someone provided us with your contact information, you can still unsubscribe without any repercussions.
- Legal Basis of Data Processing: The user’s consent. The user can provide prior and express consent to be contacted by the service provider with promotional offers, notifications, and other communications via the email address provided during registration.
- Duration of Data Processing: Data is processed until consent is withdrawn. The user may withdraw consent at any time by sending an email to the contact email address provided.
- Persons Authorized to Access the Data: The data controller and its employees.
- Storage Method of Data: Electronic.
- Modification or Deletion of Personal Data: Initiated via email, phone, or letter using the provided contact information.
__
Cookies (Cookie Files)
- Purpose of Data Processing: To provide additional services, identification, and tracking of visitors.
- Legal Basis of Data Processing: User consent is not required if the service provider strictly needs to use cookies.
- Data Scope: Unique identifier, time, configuration data.
- Persons Authorized to Access the Data: No personal data is processed by the data controller using cookies.
- Storage Method of Data: Electronic.
__
Social Media
- Purpose of Data Processing: To promote the website or related web pages.
- Legal Basis of Data Processing: The data subject’s voluntary consent.
- Duration of Data Processing: As per the regulations of the specific social media platform.
- Persons Authorized to Access the Data: As per the regulations of the specific social media platform.
- Storage Method of Data: Electronic.
__
Google Analytics
- Purpose of Data Processing: Google Analytics uses cookies to generate reports for its clients on the habits of users of the website.
- Legal Basis of Data Processing: Data is stored in encrypted format on Google’s servers, making it more difficult and preventing misuse of the data.
__
Data Processors
- Hosting Service Provider:
Name/Company Name: Microware Hungary Kft.
Registered Office: 1148 Budapest, Fogarasi út 3-5.
Phone: +36 – 1 – 432 – 3236
Email: domreg@microware.hu - Purpose of Data Processing: To ensure the operation of the website.
- Data Retention Period: Until the website ceases to operate or as per the contractual agreement between the website operator and the hosting service provider.
__
Your Rights Regarding Data Processing
- Right to Information: You may request information about what data we process, on what legal basis, for what purpose, from what source, and for how long. We will provide this information within 30 days to the email address you provide.
- Right to Rectification: You may request the correction of your data, which we will process within 30 days and notify you accordingly.
- Right to Erasure: You may request the deletion of your data, which we will process within 30 days and notify you accordingly.
- Right to Restrict Processing: You may request the restriction of your data processing, which will be in place as long as necessary. We will process this request within 30 days and notify you accordingly.
- Right to Object: You may object to the processing of your data, and we will review and decide on this request within 15 days, notifying you of the outcome.
__
Legal Basis of Data Processing
- Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation): Concerning the protection of natural persons with regard to the processing of personal data and the free movement of such data.
- Act CXII of 2011: On the right to informational self-determination and freedom of information.
For any further details, please refer to the downloadable documents provided on the website.
If you have any questions, feel free to contact us.
You can download documents here:
Data Protection and Data Processing Policy_GDPR