The purpose of this document is to provide information on the facts and information related to the processing of the data of the users (hereinafter referred to as “User(s)” or “Data Subject(s)”) of website www.forego.hu (hereinafter referred to as “Website”) performed on the Website, before the start of data processing.
We hereby inform you that any personal data provided by you will be processed by FoReGo Magyarország Kft (seat: Kagyló u. 1-3., Budakeszi 2092, Hungary; company registration number: 13-09-102819; registering authority: Company Registry Court of Budapest Environ Regional Court; represented by: Miklós János Kalocsa; hereinafter referred to as “Data Controller”) in a confidential manner, in accordance with the applicable provisions of the regulations on data protection and this document.
Data Processing Activities Performed on the Website
Website Visitor Information – Server Log Files
The storage and use of the data registered in the log file during the use of the Website will only be performed for the sake of technical purposes (analyzing the secure operation of the servers; controlling subsequently; detecting, preventing and investigating any attack against the Website) and statistical purposes. For this purpose, the internet service provider of the Website automatically records and saves the information of the so-called Server Log Files, which information is automatically forwarded to us by your browser. This affects your IP address, your browser and language settings, your operation system, your internet service provider, your date/time settings, and the URL addresses of the currently opened and previously visited websites. The Data Controller will not connect the data rows generated like this with any information from other sources which is suitable for personal identification. For the case when we learn about any specific suspicion in connection with the unauthorized use of the Website, we reserve the right for assessing such data subsequently.
Duration of data processing: 7 days. Data is only stored for a longer period if the storage is necessary to investigate any attack against the Website.
Legal basis of data processing: legitimate interests of the Data Controller (achieving the above objectives).
Contacts
If you have any further question, or if you wish to learn more about the Data Controller or the product and services of the Data Controller, you may contact the Data Controller by completing the form appearing when you use the Website.
Scope of processed data: company name, company address (postcode, town, street, number), contact person name, company email, company phone number
Purpose of data processing: answering the questions asked by the User, providing the requested information
Legal basis of data processing: voluntary consent of the Data Subject
Duration of data processing: the provided personal data will be deleted after the question is answered, or no later than 30 days after providing the requested information.
Request for quotation
The Users may request a personalized quote when they use the Website.
Scope of processed data: company name, company address (postcode, town, street, number), contact person name, company email, company phone number
Purpose of data processing: preparing quotations personalized for the request for quotation, contacting and staying in contact with the User for the sake of delivering the quote, answering any question of the User.
Legal basis of data processing: data processing is required for the completion of a contract where one of the parties is the Data Subject, or for taking the measures requested by the Data Subject before the conclusion of the contract.
Duration of data processing: the data provided in the request for quotation will be processed by the Data Controller until the achievement of the purpose; in other words, it will be processed until the end of the process of the request for quotation with the concerned User, or until the completion of the contract concluded on the basis of the quotation, or until the end of the retention period prescribed by statutory provisions in the latter case.
Data processing for marketing communication purposes
The Users may subscribe for the newsletter of the Data Controller when they use the Website. The subscription for the newsletter is voluntary. By subscription, the User explicitly agrees to send informational and explicitly marketing purpose content to the email address provided by it. The User may cancel the subscription anytime.
Scope of processed data: first name, last name, email
Purpose of data processing: recommending the products or services of the Data Controller; sending its advertisements; providing information on actual news, products, reductions or new functions by the means of an electronic newsletter.
Legal basis of data processing: voluntary consent of the Data Subject
Duration of data processing: Until the cancellation of the subscription for the newsletter.
Use of data processors
For the purposes defined above, the Data Controller uses the following data processors:
Name and contact details of data processor:
RackForest Kft
Sáfrány utca 6., Budapest 1116, Hungary
VAT number: 14671858-2-43
Phone: +36 70 398 1166, / email: info@rackforest.hu, / web: www.rackforest.hu
Name and contact details of data processor:
MiniCRM Zrt
Madách Imre út 13-14., Budapest 1075, Hungary
VAT number: 23982273-2-42
Phone: +36 1 999-0402 / email: help@minicrm.hu / web: www.minicrm.hu
Activity related to data processing: sending newsletters
Data forwarding
The data will not be provided for any third person.
Data safety
The Data Controller and the data protectors will process the personal data provided by the Users in a confidential manner and in compliance with the applicable provisions on data protection, especially including the provisions of Act CXII of 2011 on Informational Self-Determination and Freedom of Information, Act VI of 1998 on the Ratification of Strasbourg Convention of 28 January 1981 for the Protection of Individuals with regard to Automatic Processing of Personal Data, and Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
For the purpose of safe data processing, the Data Controller takes all the IT measures and other measures promoting safe data processing related to data storing, data processing or data forwarding, and also ensures such measures. By the reasonable means, the Data Controller ensures the protection of the personal data processed by it against unauthorized access, modification, disclosure, erasure, damage or destruction, and also ensures the technical conditions necessary for the above.
Scope of persons authorized to learn the data: Only the employees of the Data Controller and the data processors required to learn the data for the sake of the completion of their tasks are authorized to access the personal data provided by the Users.
Your rights
You are entitled to receive feedback anytime on whether your personal data is currently processed or not; and whether your are entitled to gain access to the personal data and the following information or not, if your personal data is currently processed:
Upon your request, the Data Processor will provide you with a copy of the personal data subject to the data processing.
You are entitled to request the rectification or completion of the incorrect personal data anytime, and the Data Controller is obliged to fulfil your request without undue delay.
You are also entitled to withdraw your consent anytime. You may withdraw your consent by cancelling your subscription for the newsletter by using the proper link, or by sending your request to withdraw your consent to the Data Controller in accordance with the provisions of this Point. If you cancel your subscription for the newsletter or withdraw your consent, the Data Controller erases your personal data from its database within 30 days after your withdrawal.
The withdrawal of your consent does not affect the legality of data protection performed before your withdrawal based on consent.
Upon the request of the Data Subject, the Data Controller shall be obliged to delete the personal data concerning the Data Subject without undue delay if
– the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
– the data subject withdraws consent on which the processing is based, and where there is no other legal ground for the processing;
– the personal data is processed for direct marketing purposes, the data subject objects to the processing, and there are no overriding legitimate grounds for the processing;
– the personal data have been unlawfully processed;
– the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
Where the Data Controller has made the personal data public and is obliged pursuant to this Point to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
The above provision or erasure shall not apply to the extent that processing is necessary:
Upon the request of the Data Subject, the Data Controller shall be obliged to restrict the data processing if
– the accuracy of the personal data is contested by the Data Subject, for a period enabling the controller to verify the accuracy of the personal data;
– the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
– the Data Controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims; or
– the personal data is processed for direct marketing purposes, the data subject objects to the processing; in this case pending the verification whether the legitimate grounds of the Data Controller override the legitimate grounds of the Data Subject.
Where processing has been restricted on the basis of the above, such personal data shall, with the exception of storage, only be processed with the Data Subject’s consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. A data subject who has obtained restriction of processing shall be informed by the controller before the restriction of processing is lifted.
The Data Subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a Data Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Data Controller to which the personal data have been provided, and to have the personal data transmitted directly from one controller to another, where technically feasible.
The request may be issued at the following addresses: Kagyló u. 1-3, Budakeszi 2092, Hungary (post mail), info@forego.hu (email).
For identification purposes, it is required to provide correct personal data each time.
The Data Controller provider the Data Subject with information on the measures taken based on the request of the Data Subject for exercising rights without undue delay, but no later than 30 days after receiving the request.
If the Data Subject has submitted the request electronically, the information shall also be provided electronically if possible, unless otherwise demanded by the Data Subject.
The Data Controller shall notify the Data Subject, and each party who received the information for data processing, on any rectification, restriction or erasure.
If the Data Controller does not take any measure upon the request of the Data Subject, the Data Subject shall be notified on the reasons of the lack of measures, and on the fact that the Data Subject is entitled to make a complaint at a supervisory authority or to exercise his or her rights at a court. Such notifications shall be made without undue delay, but no later than 30 days after receiving the request.
The User is also entitled to object against the processing of his or her personal data anytime for a reason related to his or her own situation, provided that the data processing is based on legitimate interests. In such case, the Data Controller is no longer entitled to process the personal data, unless the Data Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of legal claims.
Where personal data are processed for direct marketing purposes, the Data Subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
The Data Controller, by concurrently suspending the data processing, shall assess the request as soon as possible after the issuance of the request, but within 30 days, and the Data Subject shall be informed on the results of the assessment in writing. If the objection of the requester is reasonable, the Data Controller shall stop the data processing (including further data recording and data forwarding) and restrict the data, and it shall notify each party who received the data subject to the objection earlier on the objection and the measures taken on the basis of the objection, and each party who is obliged to take measures for the sake of the enforcement of the right for objection.
In case of any violation of its rights detailed above, the User may turn to a court or the National Authority for Data Protection and Freedom of Information.
National Authority for Data Protection and Freedom of Information
Address: Szilágyi Erzsébet fasor 22/c, Budapest 1125, Hungary
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
website: http://www.naih.hu
email: ugyfelszolgalat@naih.hu
The Data Controller reserves the right for the modification of the provisions of this document unilaterally, provided that the Users are notified on such modifications in advance. By using the service after the day when the modification has entered into force, the User accepts the modified provisions on data protection.
Done in Budapest on 13 June 2018