Privacy Policy
These data management conditions apply to electronic services provided by Rollsped Kft. (e-mail address: szucs.sandor@rollsped.hu phone number: +36 30 943 1701, hereinafter: Service Provider) and on this website (https://rollsped.hu) contain the data protection rights of the buyer User.
The Service Provider acknowledges the content of these regulations (hereinafter: Regulations) as binding on itself, and undertakes to ensure that all data processing related to its activities complies with the applicable laws.
The Service Provider reserves the right to change these regulations, and will notify the User of any changes in good time (no later than 14 days before the change takes effect).
The Service Provider informs the User that CXII of 2011 on the right to informational self-determination and freedom of information. any amendment to the Act (hereinafter: Data Protection Act) will automatically, without any further action, appropriately amend these regulations, which amendment shall enter into force upon the publication of the corresponding amendment to the law in the Magyar Közlöny (or the date of entry into force specified therein).
The relevant provisions of the Data Protection Act shall apply to matters not included in these regulations.
1. Concept definitions
1.1 The Service Provider informs the User that the following terms are defined and included in § 3 of the Data Protection Act.
1.2 Personal data: data that can be associated with the data subject - in particular the data subject's name, identification mark, and one or more pieces of information characteristic of the data subject's physical, physiological, mental, economic, cultural or social identity - as well as conclusions about the data subject that can be drawn from the data.
1.3 Consent: the voluntary and decisive declaration of the data subject's will, which is based on adequate information, and with which she gives her unequivocal consent to the processing of her personal data - in full or covering certain operations.
1.4 Objection: the statement of the data subject objecting to the processing of their personal data and requesting the termination of data processing or the deletion of processed data.
1.5 Data controller: the natural or legal person or organization without legal personality who, independently or together with others, determines the purpose of data management, makes and implements decisions regarding data management (including the device used), or has them implemented by the data processor commissioned by it.
1.6 Data management: regardless of the procedure used, any operation or set of operations performed on the data. Collecting, recording, recording, organizing, storing, changing, using, querying, transmitting, disclosing, harmonizing or connecting, locking, deleting and destroying such data, as well as preventing further use of the data, taking photographs, audio or video recordings, as well as the recording of physical characteristics suitable for identifying the person (e.g. fingerprint or palm print, DNA sample, iris image).
1.7 Data transmission: making the data available to a specific third party.
1.8 Disclosure: making the data available to anyone.
1.9 Data deletion: making data unrecognizable in such a way that their recovery is no longer possible.
1.10 Data blocking: providing the data with an identification mark for the purpose of limiting its further processing permanently or for a specified period of time.
1.11 Data destruction: complete physical destruction of the data carrier containing the data.
1.12 Data processing: performing technical tasks related to data management operations, regardless of the method and tool used to perform the operations, as well as the place of application, provided that the technical task is performed on the data.
1.13 Data processor: a natural or legal person, or an organization without legal personality, who processes data on the basis of the contract with the data controller - including the conclusion of a contract based on the provisions of the law.
1.14 Third party: a natural or legal person, or an organization without legal personality, who is not the same as the data subject, data controller or data processor.
1.15. Third country: any state that is not an EEA state.
2. Data management principles of the Service Provider
2.1. Personal data can be processed if the data subject consents to it.
2.2. Personal data may only be processed for a specific purpose, in order to exercise a right and fulfill an obligation. Data management must meet the purpose at all stages.
2.3. Only such personal data can be processed that is essential for the realization of the purpose of data management, is suitable for achieving the purpose, and only to the extent and for the time necessary for the realization of the purpose.
2.4. Personal data may only be processed with appropriate informed consent.
2.5. The data subject must be informed - clearly, clearly and in detail - about all the facts related to the management of his data, including in particular the purpose and legal basis of the data management, the person entitled to the data management and data processing, the duration of the data management, and who can see the data. The information must also cover the data subject's rights and legal remedies.
2.6. The processed personal data must meet the following requirements: their collection and processing must be fair and legal, they must be accurate, complete and, if necessary, timely, and their storage method must be suitable so that the data subject can only be identified for the time necessary for the purpose of storage.
2.7. Personal data may be processed even if obtaining the data subject's consent would be impossible or disproportionately expensive, and the processing of personal data is necessary for the purpose of fulfilling a legal obligation to the data controller, or is necessary for the purpose of asserting the legitimate interest of the data controller or a third party, and the enforcement of this interest is based on the personal data is proportionate to the limitation of the right to protection.
2.8 If the personal data has been collected with the consent of the data subject, the data manager shall, unless otherwise provided by law, use the collected data for the purpose of fulfilling the relevant legal obligation, or for the purpose of enforcing the legitimate interest of the data manager or a third party, if the enforcement of this interest is the right to the protection of personal data is proportional to its limitation without further separate consent, and can be processed even after the consent of the data subject has been withdrawn.
2.9. Personal data can be transferred, and different data processing can be linked, if the data subject has consented to it, or if the law allows it, and if the conditions for data processing are met for each individual piece of personal data.
2.10. Personal data (including special data) may be transferred from the country - regardless of the data carrier or the method of data transfer - to a data controller or data processor in a third country if the data subject has expressly consented to it or if it is permitted by law, and in the third country the transferred an adequate level of protection of personal data is ensured during data management and processing. Data transfer to the EEA states must be considered as data transfer within the territory of the Republic of Hungary.
3. Scope of personal data, purpose of data management, legal title
3.1. The service provider's data management activities are based on voluntary consent, with the exception of mandatory data management prescribed by law.
3.2. The legal basis for data management: the legitimate interest of the Service Provider to fulfill the terms of the contract, i.e. to ensure contact with the User
3.3. Legal basis for data management: the consent of the concerned User and the corresponding provisions of the Data Protection Act.
3.4. Scope of managed data: User's name, contact information (email address, telephone number), message regarding the use of the service.
3.5. Duration of data management: 1 year from the date of the User's last connection
3.6. The Service Provider informs the User that the court, the prosecutor, the investigative authority, the infringement authority, the public administrative authority, the competent commissioner, or based on the authorization of the law, may contact the Data Controller in order to provide information, communicate and transfer data, or make documents available to other bodies.
4. Data management associated with contact
4.1. Legal background and legal basis of data management: The background of data management is the CXII of 2011 on the right to self-determination of information and freedom of information. are the provisions of the Act (Infotv.). The legal basis for data management is Infotv. Your consent in accordance with § 4 (1) point a).
4.2. Purpose of data management: The purpose of data management is to be able to answer your question for you.
4.3. Scope of the processed data: When contacting us, it is necessary to provide name and contact information (e-mail address, optionally telephone number).
4.4. Duration of data management: Messages sent during contact are processed and stored for a maximum of one year after the last exchange of correspondence, but you have the opportunity to request the deletion of personal data provided during contact at any time.
5. Method of storing personal data, security of data management
5.1. The data is recorded electronically!
5.2. The Service Provider selects and operates the IT tools used to manage personal data in such a way that the managed data is: accessible to those authorized to do so (availability); its authenticity and authentication are ensured (authenticity of data management); its immutability can be verified (data integrity); be protected against unauthorized access (data confidentiality).
5.3. The Service Provider ensures the protection of the security of data management with technical, organizational and organizational measures that provide a level of protection corresponding to the risks associated with data management.
5.4. During data management, the Service Provider preserves: confidentiality, i.e. protects the information so that only those who are authorized to do so can access it; integrity: protects the accuracy and completeness of the information and the method of processing; availability: it ensures that when the authorized user needs it, he can really access the desired information and that the related tools are available.
5.5. The IT system and network of the Service Provider and its partners are both protected against computer-supported fraud, espionage, sabotage, vandalism, fire and flood, as well as computer viruses, computer intrusions and denial-of-service attacks. The operator ensures security with server-level and application-level protection procedures.
6. Data and contact details of the data controller
Name: Sándor Szűcs-Szabó
Headquarters: 6100 Kiskunfélegyháza, Majsai út 21/c.
Phone number: +36 30 943 1701
E-mail: szucs.sandor@rollsped.hu
7. Remedy
7.1. The data subject may request information about the management of his personal data, as well as request the correction of his personal data or, with the exception of data management prescribed by law, the deletion of his personal data in the manner indicated at the time of data collection.
7.2. At the request of the data subject, the Service Provider provides information about the data it manages or processes by the processor commissioned by it, the purpose, legal basis, duration of the data processing, the name, address (headquarters) of the data processor and its activities related to data processing, as well as who and for what purpose receive or have received the data. The Service Provider shall provide the information in writing in an understandable form as soon as possible, but no later than 30 days after the submission of the request. The information is free.
7.3. The Service Provider deletes personal data if its processing is illegal, the data subject requests it, the purpose of the data processing has ceased, or the statutory period for storing the data has expired, it was ordered by the court or the competent commissioner.
7.4. The Service Provider will notify the data subject of the correction and deletion, as well as all those to whom the data was previously transmitted for the purpose of data management. The notification is omitted if this does not violate the legitimate interest of the data subject in view of the purpose of the data management.
7.5. The data subject may object to the processing of his personal data if the processing (forwarding) of the personal data is necessary solely for the enforcement of the rights or legitimate interests of the Data Controller or the data recipient, unless the data processing is mandated by law; the exercise of the right to protest is otherwise permitted by law.
7.6. The Service Provider will examine the objection as soon as possible, but no later than 15 days after the submission of the request, with the simultaneous suspension of data management, and will inform the applicant in writing of the result. If the objection is justified, the Data Controller shall terminate the data management - including further data collection and transmission - and block the data, as well as notify all those to whom the personal data affected by the objection was previously transmitted, and those who are obliged to take measures to enforce the right to protest.
7.7. If the data subject does not agree with the decision made by the Data Controller, he may appeal to the court within 30 days of its notification. Competent District Court - in civil law cases Data protection incident, misuse of personal data: Name: National Data Protection and Freedom of Information Authority Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c. Phone: 06-1-391-1400 Fax: 06-1-391-1410 E-mail: ugyfelszolgalat@naih.hu Website: naih.hu