Privacy Statement

in which we inform you, as a visitor to our website and as a recipient of our services, about our company’s privacy and data protection policies. 

  • What principles do we follow in our data management?

Our company follows the following principles in its data management:

(a) we process your personal data in a lawful, fair and transparent manner.

  1. b) we collect personal data only for specified, explicit and legitimate purposes and do not process them in a way incompatible with those purposes.

(c) the personal data we collect and process are appropriate and relevant for the purposes of data management and are limited to what is necessary.

  1. d) our company will take all reasonable steps to ensure that the data we process is accurate and, where necessary, kept up to date, and that inaccurate personal data is immediately deleted or rectified.
  2. e) personal data are stored in a form that permits identification of you only for the time necessary to achieve the purposes for which the personal data are processed.

(f) ensuring, by appropriate technical and organizational measures, that personal data is adequately protected from unauthorized or unlawful access, accidental loss, destruction or damage.

Our company will keep your personal information

  1. a) based on your prior notice and voluntary consent, and only to the extent necessary and in all cases, will it be handled, i.e. collected, recorded, systemized, stored and used.
  2. b) in some cases, the processing of your data is required by law and is mandatory, in which case we will specifically bring this to your attention.
  3. c) or, in certain cases, the company or a third party has a legitimate interest in the handling of your personal data, such as the operation, development and security of our website.

 

  1. Who are we?

Our company’s headquarters: 56 Fóti út, Budapest 1047

Our company’s website: https://srs.hu

Our postal address: 56 Fóti út, Budapest 1047

Our phone number: +36 1 399 5700

Our email address: info@srs.hu

Our tax number: 13918835-2-41

Our company’s registration number: 01-09-879820

Our Company is not required to appoint a Data Protection Officer under Article 37 of the GDPR.

The data we manage:

SRS Informatika Kft.

H-1047

FÓTI ÚT 56

BUDAPEST

+36 1 399 5700

RETAIL@SRS.HU

Copyright 2015 SRS Informatika Kft.

  1. What are cookies and how do we handle them?

Cookies are small data files (“cookies”) that are sent to your computer through the website by the use of the website, as well as saved and stored by your internet browser. Most commonly used web browsers (Chrome, Firefox, etc.) accept and allow the download and use of cookies by default, but it is up to you to refuse or disable them by changing your browser settings. You can delete cookies already stored on your computer. For more information on how to use cookies, see the “Help” menu item in each browser.

There are cookies that do not require your prior consent. These pages provide brief information about these at the start of your first visit, such as authentication, multimedia player, load balancing, user interface customization session cookies, and user-centric security cookies.

Our consent will be notified to you when consent is given for the cookies that require your consent, as long as data processing begins when you visit this site.

Our company does not use or allow cookies that allow third parties to collect data without your consent.

Acceptance of cookies is not mandatory; however, our company is not responsible if our website may not function as expected without the permission of cookies.

What kind of cookies do we use?

You can find more information about third party cookies here and about data protection here.

What do you need to know about the data management related to our website?

You voluntarily provide personal information to us through registration or contact with our Company, which is why we ask you to gradually pay attention to the authenticity, correctness and accuracy of your information, because you are responsible for them. Incorrect, inaccurate or incomplete data may be an obstacle to using our services.

If you provide personal information of someone other than yourself, we will assume that you have the necessary authority to do so.

You can withdraw your consent to data management at any time free of charge by

– cancelling the registration,

– withdrawing consent to data management

– withdrawing or blocking consent to the processing or use of any data that must be completed during registration.

For technical reasons, we undertake to register the withdrawal of consent for a period of… days, however, we draw your attention to the fact that we may process certain data even after the withdrawal of consent in order to fulfil our legal obligation or enforce our legitimate interests.

In case of the use of misleading personal data, or if one of our visitors commits a criminal offense or attacks our company’s system, we will immediately delete or, if necessary, retain their data for the duration of civil liability or criminal proceedings.

  1. What do you need to know about our data management for direct marketing and newsletter purposes?

You can consent to the use of your personal data for marketing purposes by making a statement during registration or by later modifying your personal data stored on the newsletter and / or direct marketing registration interface (i.e. by clearly stating your intention to consent). In this case – until the consent is revoked – we also process your data for the purpose of direct marketing and / or newsletter sending and we send you advertising and other items, as well as information and offers and / or newsletters (Section 6 of the Act of Commercial Advertising).

You can give your consent to direct marketing and the newsletter together or separately, or withdraw it free of charge and at any time.

Cancellation of the registration will in all cases be considered as withdrawal of consent. Withdrawal of consent to data management for direct marketing and / or newsletter purposes is not to be construed as withdrawal of data management consent for our website. How is this? What and on what basis will we retain if you have withdrawn consent for the newsletter? In the case of consents, each consent is for a specific purpose, so registering on the website and subscribing to the newsletter are two separate purposes, two separate databases, the two cannot be linked.

We undertake to register the withdrawal or cancellation of individual consents within 14 days for technical reasons.

  1. What do you need to know about prize games?

Our company can organize prize games as a promotional campaign, the ad hoc conditions of which are contained in a separate regulation. The rules of the current promotion can always be found on the opening page of our website, in a link placed in a central location.

  1. Other questions regarding data management

We may only transfer your data within the limits set by law, and in the case of our data processors, we ensure, by stipulating contractual terms, that they may not use your personal data for purposes contrary to your consent. See section 2 for more information.

Our company does not transfer data abroad.

The court, the public prosecutor and other authorities (e.g. police, tax office, National Data Protection and Freedom of Information Authority) may contact our company for information, disclosure or provision of documents. In these cases, we must comply with our obligation to provide information, but only to the extent strictly necessary to achieve the purpose of the request.

Contributors and employees participating in the data management of our company are entitled to get to know your personal data to a predetermined extent, subject to the obligation of confidentiality.

We will protect your personal information through appropriate technical and other measures, as well as ensure the security and availability of the information, and protect it from unauthorized access, alteration, damage or disclosure, and any other unauthorized use.

As part of organizational measures, we control physical access in our buildings, continuously train our employees and keep paper-based documents closed with adequate protection. As part of the technical measures, we use encryption, password protection and anti-virus software. However, please note that data transmission over the Internet cannot be considered as a completely secure data transmission. Our company makes every effort to make our processes as secure as possible, however, we cannot take full responsibility for the transmission of data through our website, but we adhere to strict standards regarding the data we receive to protect your data and prevent unauthorized access.

With regard to security issues, we ask you to help us to carefully preserve your existing access password to our website and not to share this password with anyone.

  1. What are your right and remedies?

You can do the following regarding data management

– request information,

– may request the correction, modification or supplementation of your personal data processed by us,

– object to the data processing and request the deletion and blocking of your data (with the exception of mandatory data processing),

– have recourse to the courts,

– you can file a complaint or initiate proceedings with the supervisory authority (https://naih.hu/panaszuegyintezes-rendje.html).

Supervisor Authority: National Data Protection and Freedom of Information Authority

– Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22 / c.

– Mailing address: 1530 Budapest, mailbox: 5

– Telephone: +36 (1) 391-1400

– Fax: +36 (1) 391-1410

– E-mail: ugyfelszolgalat@naih.hu

– Website: https://naih.hu/

At your request, we will provide information

– on your data processed by us or our authorized data processor.

– their source,

– the purpose and legal basis of the data processing,

– its duration and, if that is not possible, the criteria for determining that duration,

– the names and addresses of our data processors and their activities related to data management,

– the circumstances, effects of data protection incidents and the measures we have taken to resolve or prevent them, and

– in the case of the transfer of your personal data, the legal basis and the recipient of the transfer.

We will provide our information within the shortest time from the selection of the application, within 3 days (within a maximum of 1 month). The information is free of charge unless you wish to include identification data for a current year. Reimbursement of the cost you produce with a return filter will make it easier if consumers have been treated illegally or a request for information has led to a correction. The information is only about court contracts, when, together with an indication of the place of the law and the possibilities of judicial redress, they come to the Authority to be informed.

Our company will notify you of the rectification, blocking, marking and deletion of personal data, as well as all those to whom the data has previously been transmitted for data processing purposes, unless failure to notify does not harm your legitimate interests.

If we do not comply with your request for rectification, blocking or cancellation, we will provide the reasons for our refusal in writing or, with your consent, electronically within 3 days (but not more than 1 month) of receipt of the request and inform you of the legal remedy and furthermore of the possibility of turning to the Authority. 

If you object to the processing of your personal data, we will investigate the objection as soon as possible, within 3 days (but not more than 1 month) of submitting the request, and will inform you in writing of our decision. If we have determined that your objection is well-founded, we will terminate the processing of data, including further data collection and data transfer, and block the data, and will notify all persons to whom the personal data were transmitted about the objection and who are required to take action to enforce the right of objection.

We will refuse to comply with your request if we can prove that the processing is justified by overriding legitimate reasons which take precedence over your interests, rights and freedoms or which relate to the submission, enforcement or defense of legal claims. If you do not agree with our decision, or if we miss the deadline, you can go to court within 30 days after being notified of the decision or the last day of the deadline.

Data protection lawsuits fall within the jurisdiction of the tribunal, which may, at the option of the data subject, be sued in the court of the data subject’s domicile or residence. A foreign national may also lodge a complaint with the competent supervisory authority of his or her place of residence.

Please contact our company before submitting your complaint to the supervisory authority or court in order to consult and resolve the problem as quickly as possible.

  1. What are the main laws governing our activities?

– Regulation (EU) 2016/679 of the European Parliament and of the European Council on the processing of personal data by natural persons (GDPR)

– Act CXII of 2011 on the right to information self-determination and freedom of information – (Information Act)

– Act V of 2013 on the Civil Code (Civil Code)

– Act CVIII of 2001 on certain aspects of electronic commerce services and information society services – (Electronic Commercial Act)

– Act C of 2003 on Electronic Communications – (Electronic Communication Act)

– Act CLV 1997 on consumer protection. Act (Consumer Protection Act)

– Act CLXV of 2013 on Complaints and Notices of Public Interest (Civil Code)

– Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activity (Economic advertising Law)

  1. Modification of data management information

Our company reserves the right to amend this Privacy Statement, of which it shall inform the parties concerned accordingly. Information related to data management is published on the website https://srs.hu/en/privacy-statement/.

22nd May, 2018