Privacy Policy
Altair Electric Light Kft.
to the website altairkft.hu
I. CONTENTS OF THE INFORMATION
Altairkft.hu (hereinafter the Website) is operated by ALTAIR ELECTRIC LIGHT KFT. (hereinafter: Data Controller), hereby informs the visitors of the site and the Users (hereinafter: Data Subjects) of the data processing carried out through the Website and arising in connection with the services provided by the Data Controller in accordance with Regulation (EU) 2016/679 of the European Parliament and Council (2016) April 27) on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, as well as on the repeal of Directive 95/46/EC (General Data Protection Regulation) (hereinafter: GDPR, Regulation). The Data Controller considers it of utmost importance to respect the Data Subjects’ right to self-determination of information.
From the Website, Data Subjects can obtain information about the content published by the Data Controller (hereinafter: Service).
Data processing not listed in this information sheet will be provided separately when the data is collected.
II. CONCEPTS
The most important concepts and their interpretation in the information sheet:
Subject: natural person identified or identifiable on the basis of any information;
Personal data: any information relating to an identified or identifiable natural person (the Data Subject); a natural person can be identified directly or indirectly, in particular on the basis of an identifier such as name, number, location data, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person identifiable;
Data controller: the natural or legal person, public authority, agency or any other body that determines the purposes and means of processing personal data independently or together with others; if the purposes and means of data management are determined by EU or member state law, the data controller or the special aspects regarding the designation of the data controller may also be determined by EU or member state law;
Data management: any operation or set of operations performed on personal data or data files in an automated or non-automated manner, such as collection, recording, systematization, segmentation, storage, transformation or change, query, insight, use, communication, transmission, distribution or making accessible in any other way by item, coordination or connection, restriction, deletion or destruction;
Data transfer: making the data available to a specific third party;
For publicity
release: making the data available to anyone;
Data deletion: rendering the data unrecognizable in such a way that its recovery is no longer possible;
Data destruction: complete physical destruction of the data carrier containing the data;
Data file: the totality of the data managed in a register;
Third party: a natural or legal person, or an organization without legal personality, who is or is not the same as the Data Subject, the data manager, the data processor or the persons who perform operations aimed at processing personal data under the direct control of the data manager or data processor;
Data management
restriction: marking of stored personal data for the purpose of restricting their future processing;
Data processing: Performing technical tasks related to data management operations performed by the data controller, regardless of the method and tool used to perform the operations, as well as the location of application, provided that the technical task is performed on the data;
Data processor: the natural or legal person, public authority, agency or any other body that processes personal data on behalf of the data controller;
The affected
consent: the voluntary, specific and well-informed and clear declaration of the Data Subject’s will, with which the Data Subject indicates by means of a statement or an act clearly expressing the confirmation that he/she consents to the processing of personal data concerning him/her;
Data protection incident: a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to, personal data transmitted, stored or otherwise handled.
The terms used in this information are consistent
Regulation (EU) 2016/679 of the European Parliament and of the Council on the processing of personal data of natural persons
on the protection and free flow of such data, as well as on the repeal of Directive 95/46/EC (hereinafter GDPR, Regulation);
CXII of 2011 on the right to information self-determination and freedom of information. law (hereinafter: );
Act V of 2013 on the Civil Code (hereinafter );
With the terms of the recommendations of the National Data Protection and Freedom of Information Authority on the data protection requirements of prior information.
III. NAME OF DATA PROCESSOR AND PLACE OF DATA PROCESSING:
The operator of the website is ALTAIR ELECTRIC LIGHT KFT.
Headquarters: 2131 Göd, Ojtványos utca 2/b
Company registration number: 13 09 203941
E-mail address: altair@altairkft.hu
Place of data management: Hungary.
Represented by: Managing Director Zoltán Fecskó
ARC. CIRCUMSTANCES OF DATA MANAGEMENT, LEGAL BASIS, PURPOSE, CIRCUMSTANCES OF DATA MANAGEMENT
Data processing by the Data Controller
In the cases specified below, the data management performed by the Data Controller takes place according to the following criteria.
4.1 Newsletter
The data controller provides the opportunity for interested persons to receive news, advice, and articles via their e-mail address.
Stakeholders Type of personal data handled Purpose of data management Legal basis for data management Duration of data storage, date of deletion
Users who specifically subscribe to the newsletter.
· name,
· e-mail address.
Sending Altair Electric Light Kft.’s news, advice, articles, and offers to Stakeholders.
The Data Subject’s consent pursuant to Article 6 (1) of the GDPR. based on point a). Until consent is withdrawn.
In the case of an inactive account, the data will be deleted by the Data Controller after 5 years from the last login.
The Data Subject has the right to withdraw his consent to data management at any time. Withdrawal of consent does not affect the legality of data processing based on consent prior to withdrawal.
The Data Controller is not responsible for the correctness and adequacy of the data provided by the Users.
4.2 Contact
If the Data Subjects have comments, questions, problems, or complaints regarding the Service, they can contact the Data Controller via the interface created on the website, by e-mail, or by telephone.
Stakeholders Type of personal data processed Purpose of data management Legal basis for data management Duration of data storage, date of deletion
Persons communicating comments, questions, or problems via the interface. · name,
· e-mail address,
· topic,
· other data provided voluntarily.
Answering the question, solving the problem, retrievability. Improving customer experience. The Data Subject’s consent pursuant to Article 6 (1) of the GDPR. based on point a). After a maximum of 1 year from the date of data disclosure, or until the consent of the data subject is revoked
Persons reporting a question or problem by email. · name of person sending e-mail,
· His e-mail address,
· other data voluntarily provided by e-mail.
Answering the question, solving the problem, retrievability. Improving customer experience. The Data Subject’s consent pursuant to Article 6 (1) of the GDPR. based on point a). After a maximum of 1 year from the date of data disclosure, or until the consent of the data subject is revoked.
Persons reporting a question or problem via e-mail by phone. · person’s name,
· your phone number,
· other data provided voluntarily.
Answering the question, solving the problem, retrievability. Improving customer experience. The Data Subject’s consent pursuant to Article 6 (1) of the GDPR. based on point a). After a maximum of 1 year from the date of data disclosure, or until the consent of the data subject is revoked
The Data Subject has the right to withdraw his consent to data management at any time. Withdrawal of consent does not affect the legality of data processing based on consent prior to withdrawal.
4.9 Personal data generated when visiting the Website (cookies):
Stakeholders Type of personal data handled Purpose of data management Legal basis for data management Duration of data storage, date of deletion
All Data Subjects visiting the website.
· Date,
· time,
· IP address of the user’s computer,
· the address of the visited page,
· data related to the user’s operating system and browser.
When visiting the website, the Data Controller records visitor data in order to check the operation of the service and prevent abuse.
User identification and visitor tracking.
The Data Subject’s consent pursuant to Article 6 (1) of the GDPR. based on point a). unless the sole purpose of the use of cookies is the transmission of communications via an electronic communication network or the Data Controller absolutely needs it to provide a service related to the information society specifically requested by the subscriber or user. In the case of session cookies, the duration of data management lasts until the end of the website visit, while in other cases it lasts a maximum of 365 days.
The Data Subject is entitled to withdraw their consent to data management
cancels it. Withdrawal of consent does not affect the legality of data processing based on consent prior to withdrawal.
The Data Subject has the option to delete cookies under the settings of the Data Protection menu item in the Tools/Settings menu of their browser.
V. RECEIPT OF DATA PROCESSORS
In order to manage and store data, the Data Controller cooperates with the following Data Processors.
Name: Microware Hungary Kft.
Address: 1148 Budapest, Fogarasi út 3-5.
Contact: domreg@microware.hu
Data processing activity
VI. DATA TRANSFER
During data management, the Data Controller transmits data to the Data Processors listed in Chapter V. Data is not transferred to third countries during data processing.
VII. RIGHTS OF THE PERSON
The Data Subjects have the opportunity to exercise all rights related to the legal basis of the data management case. Requests submitted by the Data Subject in connection with the exercise of individual rights can be made in writing:
by post to: 2131 Göd Ojtványos utca 2/b, or
electronically to the e-mail address altair@altairkft.hu.
The Data Controller shall inform the Data Subject without undue delay, but at the latest within one month of the receipt of the request, of the measures taken following the request sent to the Data Controller for the purpose of exercising the given rights. If necessary, taking into account the complexity of the application and the number of applications, this deadline can be extended by another two months.
The Data Controller shall inform the Data Subject of the extension of the deadline, indicating the reasons for the delay, within one month of receiving the request. If the Data Subject submitted the request electronically, the information will be provided electronically, unless the Data Subject requests otherwise.
7.1 Right to information is right to access
The data subject has the right to get to know his personal data stored by the Data Controller and the information related to their management, to request it at any time, to check what data the Data Controller keeps on him, and he is also entitled to receive access to the personal data.
7.2 Right of correction and addition
The Data Subject may request the correction of inaccurate personal data concerning him or her and the addition of incomplete data.
7.3 Right to erasure
If one of the following reasons exists, the Data Subject is entitled to have the Data Controller delete the personal data relating to him without undue delay at his request:
the personal data are no longer needed for the purpose for which they were collected or otherwise processed by the Data Controller;
the Data Subject withdraws his consent, which is the basis of the data management, and there is no other legal basis for the data management;
the Data Subject objects to the data processing for reasons related to his own situation, and there is no legitimate reason for the data processing;
the Data Subject objects to the processing of his/her personal data for the purpose of direct business acquisition, including profiling, if it is related to direct business acquisition;
personal data is handled illegally by the Data Controller;
the collection of personal data took place in connection with the offering of information society-related services offered directly to children.
7.4 Right to restriction of data processing
At the Data Subject’s request, the Data Controller restricts data processing if one of the following conditions is met:
the Data Subject disputes the accuracy of the personal data, in which case the restriction applies to the period that allows checking the accuracy of the personal data;
the data processing is illegal and the Data Subject opposes the deletion of the data and instead requests the restriction of its use;
the data controller no longer needs the personal data for the purpose of data management, but the Data Subject requires them to submit, enforce or defend legal claims; obsession
the Data Subject objected to data processing; in this case, the restriction applies to the period until it is determined whether the data controller’s legitimate reasons take precedence over the data subject’s legitimate reasons.
If data management is subject to restrictions, personal data may only be processed with the consent of the Data Subject, with the exception of storage, or to submit, enforce or defend legal claims, or to protect the rights of another natural or legal person, or in the important public interest of the Union or a member state. The Data Controller informs the Data Subject in advance of the lifting of the restrictions on data management.
7.5 Right to data portability
The Data Subject has the right to receive the personal data concerning him/her provided to the Data Controller in a segmented, widely used, machine-readable format, and to transmit this data to another data controller, if the data processing is based on consent or a contract and the data processing is automated is happening.
7.6 Automated decision-making in individual cases, including profiling
The Data Subject has the right not to be covered by the scope of a decision based solely on automated data management, including profiling, which would have legal effects on him or affect him to a similar extent.
The data subject cannot enforce the rights listed in this chapter if the Data Controller proves that it is not in a position to identify the data subject. If the data subject’s request is clearly unfounded or excessive (especially considering the repetitive nature), the Data Controller may charge a reasonable fee for fulfilling the request or refuse to take action. The Data Controller is responsible for proving this. If the Data Controller has doubts about the identity of the natural person submitting the request, it may request the provision of additional information necessary to confirm the identity of the requester.
VIII. ENFORCEMENT OPTIONS
The rights of the data subject can be exercised in a request sent by e-mail or by post, according to III. through the contact details given in the chapter. If the Data Controller does not take measures following the Data Subject’s request, it shall inform the Data Subject without delay, but no later than one month from the receipt of the request, of the reasons for the failure to take action, and that the data subject may submit a complaint to:
you can submit a complaint to the National Data Protection and Freedom of Information Authority (address: 1055 Budapest, Falk Miksa utca 9-11.; postal address: 1363 Budapest, Pf.: 9.; ugyfelszolgalat@naih.hu;naih.hu) or
You can assert your rights in court under Infotv., GDPR, and Civil Code. Based on:
IX. MANAGEMENT OF DATA PROTECTION INCIDENTS
The Data Controller keeps a register for the purpose of checking the measures related to the data protection incident, informing the supervisory authority, and informing the Data Subject, which includes the range of personal data Affected by the incident, the range and number of Data Subjects, the date, circumstances, effects of the incident, and the measures taken to prevent it. If the Data Controller considers that a specific incident is likely to pose a risk to the rights and freedoms of the Data Subjects, it shall inform the supervisory authority of the data protection incident without undue delay, but within 72 hours at most. If the Data Controller considers that the given incident is likely to pose a high risk to the rights and freedoms of the Data Subjects, it shall inform the Data Subjects of the data protection incident without undue delay.
X. DATA SECURITY
The Data Controller undertakes to ensure the security of the data, and to take the technical measures to ensure that the recorded, stored and managed data are protected, and to do everything possible to prevent their destruction, unauthorized use and unauthorized alteration. You also undertake to call on all third parties to whom you may forward or transfer the data to fulfill their obligations in this regard.
XI. OTHER PROVISIONS
The Data Controller reserves the right to unilaterally amend this Data Management Information Sheet with prior notification to the Data Subjects via the website. After the amendment enters into force, the Data Subject accepts the contents of the amended Data Management Information Sheet by referring to it. Please read the amendments to the data management information carefully in all cases, because they contain important information about the management of your personal data.
This Data Management Notice is valid from February 28, 2021.