The present Data Processing Policy (hereinafter referred to as Policy) applies to the handling of personal data arising from the operation of the Data Controller’s website. The Data Controller pays particular attention to the protection of personal data, compliance with mandatory legal provisions and safe and fair data processing.
Name and contact details of the Data Controller
- Company name: Érchegyi Generál Kft.
- Head office: 2025 Visegrád, Széchenyi utca (street) 41.
- Contact person: Csaba Érchegyi
- Email: firstname.lastname@example.org
- Trade Registration Number: 13-09-168660
The present Policy is based on the following legislation in force:
- Act CXII of 2011 on Informational Self- Determination and Freedom of Information (hereinafter the Privacy Act)
- Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Information Society-Related Services (hereinafter the E-commerce Act);
- Act XLVIII of 2008 on the Essential Conditions of and Certain Limitations on Business Advertising (hereinafter the Advertising Act);
- Act C of 2003 on Electronic Communications (hereinafter the Electronic Communications Act);
- Act CXIX of 1995 on the management of data of name and address for the purpose of research and direct marketing
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
The Data Controller undertakes to comply with the provisions of this Policy and requests that visitors to the website and users registering for career advertisements in particular also accept and comply with the provisions of this Policy. The Data Controller reserves the right to amend this Policy, in which case such amendments enter into force upon publication at the following website: https://erchegyi.hu
The terms used in our policy have the following meanings:
Data subject: any natural person who is identified or directly or indirectly identifiable on the basis of the personal data;
Personal data: Data related to the data subject, in particular the name, identification, and the knowledge of one or more physical, physiological, mental, economic, cultural or social identities of the person concerned, as well as the deduction from the data to the person concerned;
Contribution: voluntary and decisive statement of the will of the data subject, based on appropriate information, and giving an unmistakable consent to the handling of his or her personal data, whether complete or extends only to certain operation.
Protest: the statement of the data subject with he or she is objecting to the handling of his / her personal data and requesting the termination of the data processing or the cancellation of the processed data;
Data controller: any natural or legal person, or any entity without legal personality, who alone or jointly with others determines the purpose of the processing of data, makes and implements decisions concerning data processing (including the device used), or executes with the data processor;
Data Processing: Regardless of the method used, any operation or aggregation of operations, especially such as collecting, capturing, recording, systematizing, storing, modifying, utilizing, retrieving, transmitting, publishing, aligning, linking, blocking, deleting and destroying any of the operations, or to prevent further use of the data, to take photographs, sound or images, and to record physical features capable of identifying the person;
Data transmission: making the data available to a specific third party.
Disclosure: making the data available to anyone.
Data erasure: making data unrecognizable in such a way that its recovery is no longer possible.
Data designation: providing the data with an identification mark in order to distinguish it;
Data blocking: the identification of the data with an identification mark with the purpose of limiting its further processing for a definite or specific period of time;
Data destruction: complete physical destruction of data carrier.
Data processing: performs technical tasks related to data processing operations, regardless of the method and device used to perform the operations and the location of the application, provided that the technical task is performed on the data record.
Data processor: a natural or legal person or an organization without legal person which, on the basis of a contract, including a contract concluded on the basis of a provision of law, processes data;
Data set: the total data managed in one register;
Third party: any natural or legal person, or any entity without legal personality, other than the data subject, the controller or the processor;
Privacy incident: the unlawful handling or processing of personal data, in particular unauthorized access, alteration, transmission, disclosure, deletion or destruction, and accidental destruction or damage.
- Legal background, legal basis and purpose of the data processing on the website, the scope of the processed personal data and the duration of the data processing
The website is visited by clicking on the website of Érchegyi Generál Kft. https://erchegyi.hu/.
1.1. Purpose of the data processing:
The Data Controller records visitor data in order to control the operation of the services, their efficiency, personalize the service and prevent abuse. Data generated during the analysis of log files will not be linked to other information by the Data Controller, and the Data Controller will not attempt to identify the visitor.
1.2. The legal basis of the data processing:
The consent of the data subject in accordance with point a) of subsection (1) of section 6 and subsection 4 of section 13/A of E-commerce Act.
1.3. Definition of data subjects:
Data subjects shall mean the visitors of the website https://erchegyi.hu.
1.4. Scope of the personal data processed
When using the Website, with the cookies placed on the User’s computer the start and end time of the User’s visit may be automatically recorded, as well as the IP address and, in some cases, depending on the settings of the User’s computer, the type of the browser, the operating system and its language, parameters of the user’s device, the settings specified by the user on the Website, the subpages visited and the time spent on them. The Operator will not link and is not able to link this data with personal data, you decide on the sharing of this with the express authorization given to us and the cookie settings specified in your browser.
Other data provided for the use of the Website is also processed with the voluntary consent of the user.
The start and end times of the User’s visit, IP address, the type of the browser and the operating system, language, User’s device parameters, settings specified by the user on the website, subpages visited and time spent on them.
1.5. Duration of the data processing
The session IDs are automatically deleted after leaving the website, however, another part of the cookies help the Operator to be aware of the User’s previous settings, data, information and other characteristics of his / her use of the Website, so this information should not be entered again at your next visit, and your settings will load automatically for a more enjoyable user experience. The expiration date of these cookies varies, but they typically remain on the User’s device until they are deleted by the User.
The operator is not responsible for any previous pages that have already been deleted but have been archived by internet search engines. These must be removed by the operator of the search site.
The data will be processed until the consent is revoked or, in the absence of revocation, as long as necessary in connection with the above activities, provided that the duration of the data processing does not exceed 10 (ten) years from the date of data collection. Personal data will be permanently deleted after the expiry of the above mentioned period, or after you have requested the deletion of the data, or in the event that the data controllers find that the personal data processed are incorrect and you fail or do not wish to provide the correct data.
However, you acknowledge that the data controller may retain your personal data to a limited extent in order to verify compliance with applicable legislation.
Data handled during registration on the career page
- Legal background of data processing: the provisions of the Privacy Act serve as legal background of data processing.
- The legal basis of the data processing: The legal background of the data processing is your consent in accordance with point of a) of subsection (1) of section 5 of Privacy Act.
- Purpose of the data processing: Érchegyi Generál Kft. handles the Personal Data in the field of job search of those who fill in the form, for the purpose of contacting them.
- Scope of the personal data processed: Information provided in advance by the data subjects authorized to send the information such as name, highest level of education, e-mail address, telephone number, and the candidate’s curriculum vitae
- Duration of the data processing: Érchegyi Generál Kft. handles the Personal Data provided to it by filling in the form until the end of the data processing purpose or the provision prohibiting the data processing concerned, but not later than for 5 years from the provision.
Additional data processing
If the Data Controller wishes to perform further data processing, it shall provide preliminary information on the essential circumstances of the data processing (legal background and legal basis of data processing, purpose of data processing, scope of data processed, duration of data processing). We inform you that the Data Controller must comply with the written data requests of the authorities based on legal authorization. The Data Controller shall keep records (what personal data, on what legal basis and when they were transmitted to which authority by the Data Controller) about data transmissions in accordance with subsections 2 and 3 of section 15 of E-commerce Act, the content of which the Data Controller provides on request, unless its disclosure is excluded by law.
Information on the use of data processors and their activities related to data processing
Data processing activities related to the operation and maintenance of the website
- Name of the data processor:Márton Varga
- Postal address of the data processor: 2120 Dunakeszi, Barátság út (street) 41.
- Email address of the data processor:
Márton Varga performs improvements and maintenance tasks on the website on the basis of a written contract concluded with the Data Controller. He is not authorized to access personal information.
Data processing intended for the storage of personal data
- Name of the data sub-processor: Tárhely.Eu Szolgáltató Kft. (Service provider Ltd.)
- Postal address of the data sub-processor: 1538 Budapest, mailbox 510
- Email address of the data sub-processor: email@example.com
Tárhely.Eu Szolgáltató Kft stores the data on its own servers leased by Tárhely.Eu Szolgáltató Kft. on the basis of a written contract concluded with the data controller. They are not authorized to access personal information.
The Data Controller uses so-called cookies (hereinafter cookies) when visiting the website. The cookies form a package consisting of alphanumerical information sent by the website of the Data Controller to the browser of the website visitors in order to save certain settings and facilitate the usage of the Data Controller’s website and help the Data Controller’s website to collect some relevant, statistical information about the visitors of the website. Cookies do not contain personal information and are not suitable for identifying an individual user. The purpose of cookie-related data management is to identify and distinguish the visitors, to identify the current session of the visitors, to store the data given during the visit, prevent data loss and to get information about the specification of the browser.
You can find more information about deleting cookies under the following links:
What types of cookies do we use?
This makes it easier for the users to browse the website of Érchegyi Generál Kft. and cookies help Érchegyi Generál Kft. to develop the website.
During the operation of the website of Érchegyi Generál Kft., the following types of cookies are used according to grouping:
Strictly necessary cookies
These cookies are essential for the use of the website of Érchegyi Generál Kft. Among other things, these cookies enable users to log in to restricted areas on the website of Érchegyi Generál Kft. This type of cookie cannot be disabled.
The following information is placed/collected by cookies: unique log-in information, session ID (in order that the site can remember your settings during the session), server affinity and authentication data (to establish and maintain a connection with the most appropriate servers).
We use strictly necessary cookies for the duration of each session (“session identification cookies” or “session cookies”).
Session identification cookies
A cookie used during a session is intended to store information about the user’s settings or changes in the settings as well. Session management allows information about the users to be stored on the server (user name, purchase items, etc.) The session information is temporary and will be deleted after the user leaves the website by logging out of the session identification cookies, or by closing the browser.
By changing the function of the cookie in your browser, you can reject or disable the use of these cookies. The “help” button which is to be found in most browsers’ toolbox, contains information about how to disable accepting new cookies, how to be notified when new cookies might be installed and how to turn off already existing cookies. However, if you refuse or disable the use of these cookies, you will not be able to use the Program as these cookies are essential to the operation of the program.
These cookies identify and count the number of visitors and show how visitors move around while using the website. This can help to improve the operation of the website, for instance we help visitors to find easily what they are searching for.
As an external service provider, Google Analytics helps in the independent measure of the website traffic and other web analytics data. Google Analytics is a web analytics service owned by Google Inc. Google Analytics uses a so-called tracking cookie to identify visitors, and with the help of these cookies it creates analyses and evaluations of the user’s behaviour for the owner and the operator of the Website / Webplayer / Application. Google Analytics does not record any IP data that would allow the Data Subject to be identified beyond reasonable doubt.
These cookies help to recognise the user when visiting the website again. This way, the content can be personalized, a user can be called by name and the user’s settings can be saved.
Cookies and tracking technologies used on the website of Érchegyi Generál Kft
|Type of cookie||Expiry date||Purpose|
|_ ga||2 years||Cookie used for embedding Google maps|
You can disable cookies with your web browser settings. However, if you disable all cookies (including essential cookies) in your browser, you may not be able to access some or all of our Website.
- Data security measures
The Data Controller declares that he has taken appropriate security measures to protect personal data against unauthorized access, alteration, transmission, disclosure, deletion, destruction, accidental destruction and damage, as well as inaccessibility due to changes in the technology used.
- Rights of the data subject
3.1. You have the following rights during data processing:
– right to information: You may request information from the Data Controller regarding the processing of your personal data during the period of data processing. The Data Controller shall inform you as soon as possible in writing, in a comprehensible form, after the submission of the request within a maximum period of 30 days, of the processed data, the purpose, legal basis, duration of the data processing and furthermore if the data has been transmitted, who and with what purpose they have received the data.
– right to rectify the data: you may, within the period of data processing, request the
Data controller to correct your personal data. Data Controller shall comply with your request within 5 working days at the latest.
– right to erasure: You have to right to request the erasure of personal data and the Data Controller shall fulfil your request within 5 working days at the latest. The right of erasure shall not extend to that when the Data Controller is obliged by law to further store the data, or not even to the case when in accordance with subsection (5) of section 6 of Privacy Act, the Data Controller is entitled to further process personal data.
– right to data blocking: You may request the Data Controller to block your personal data if the permanent deletion of data may harm the legitimate interest of the data subject. Personal data blocked this way may only be processed for as long as the purpose which precluded the deletion of the personal data exists.
-the right to object: You may object to the processing of your personal data, (i) if the processing or transfer of personal data is necessary only for the fulfilment of a legal obligation to the Data Controller or the legitimate interest of the Data Controller, data recipient or third party, except in case of mandatory data processing and in case of subsection (5) of section 6 of Privacy Act, and (ii) if the use or transfer of personal data is made for the purpose of direct business acquisition, public opinion polling or scientific research without your consent. The Data Controller will examine the objection as soon as possible, but within a maximum period of 30 days from the submission of the request and will make a decision on the merits of the request and will inform you about the decision in writing.
3.2. Legal remedies
The data subject may exercise the data processing rights listed above via e-mail sent to the Data Controller’s e-mail address or registered office, from the data subject’s identifiable e-mail address, or by post in a letter signed by the data subject. The declaration for the exercise of rights of the data subject is valid with a clear indication of the data processing in question.
If the data subject does not agree with the decision made by the Data Controller, he or she may appeal against it to the court within 30 days of its notification. Remedies and complaints can be lodged with the National Data Protection and Freedom of Information Authority:
Name: Hungarian National Authority for Data Protection and Freedom of Information
Postal address: 1125 Budapest, Szilágyi Erzsébet fasor (avenue) 22/C.
Telephone: +36 (1) 391-1400