Data management declaration
You, as the visitor of our site and as the customer of our services find our data management and data protection policies in our data management declaration.
- What principles we follow during our data management activities?
- Who are we?
- What are the cookies and how do we handle them?
- What do you need to know about our website related data management rules?
- Other data management related questions
- What are your rights and remedies?
What principles we follow during our data management activities?
Our company follows the below principles during its data management activities:
- we manage your personal information in a legal and fair way, transparently for you.
- we collect the personal data only for specific, clear and legitimate purposes and do not manage them in a way that is incompatible with the intended purposes.
- personal data collected and processed by us are appropriate and relevant to the purposes of our data management and are limited to what is needed.
- our Company makes all reasonable efforts to ensure that the information we manage is accurate and, if necessary, up-to-date, and inaccurate personal data is deleted or corrected immediately.
- we store your personal information in a special format that ensures that your identity can only be identified for the period necessary for the specified personal data management purposes
- we ensure the security of personal data against unauthorized or unlawful handling, accidental loss, destruction or damage by providing adequate technical and organizational measures.
Our company handles your personal data in accordance with the below rules:
- we handle, collect, record, manage, store and apply your personal data based on your advance approval following the preliminary information and only to the extent necessary related to the intended purpose.
- we specially inform you about the fact if management of your personal data is mandatory based on legal regulations.
- in some cases, our Company or a third party has a legitimate interest in managing your personal information, such as the operation, development and security of our website.
Who we are?
- Name: ZALAPACK 96 Kft.
- Head office: 8900 Zalaegerszeg, Gazdaság utca 32.
- Web page: http://zalapack.com/
- Email address: email@example.com
- Tax number: 11355421220
- Company registration number: 20 09 062655
Our company applies the following data processors to provide high quality service to our customers regarding data management:
|assembly||web page management, web hosting|
Data we manage:
|Description of the activity and purpose of the data management||Legal basis||Managed data||Period|
|Visiting web sites
The goal is to ensure the proper and high quality of the site, to check and improve the quality of our services, to identify malicious visitors who attack our site, and to measure attendance of our web site.
|Legitimate interest of our company||IP address, date of visit, details of visited pages, type of operating system and browser you are using||1 month|
comment, complaint to reply
|Legal obligation||name, e-mail address||5 years|
We ask our visitors to provide their personal data only in the above mentioned cases.
If you have any questions regarding our data management, then please contact us via e-mail on the e-mail address: firstname.lastname@example.org or via post on postal address: 8900 Zalaegerszeg, Gazdaság utca 32. We answer your questions within 3 days (maximum within 1 month).
What are the cookies and how do we handle them?
There are cookies that do not require your prior consent. Our web site provides brief information about these cookies at your first visit – they are authentication, multimedia player, load balancing, user interface customization and user-oriented security cookies.
Our company informs you about the cookies, that requires your prior consent – as the data collection starts immediately at visiting the webpage at the start of the first visit of our webpage, and asks for your approval.
Our company does not use or allow cookies that allow third parties to collect data without your consent.
Acceptance of cookies is not mandatory, but our Company accepts no liability if our website may not function as expected in the absence of accepting the cookies.
What kind of cookies we apply?
|system cookies||not required||a web application firewall session cookie designed to prevent misleading cross-references||ensure proper operation of the web site||closing the browser session|
What do you need to know about our website related data management rules?
You voluntarily provide your personal information to us when registering, or contacting to our Company and therefore, we ask you to pay attention to the truthfulness, correctness and accuracy of your personal information as you are responsible for them. Incorrect, inaccurate or incomplete data may be an obstacle to using our services.
If you provide the personal information of an other person, then we assume that you have the authority to do so.
You may withdraw your consent for data management at any time free of charge by
- deleting your registration,
- withdrawing your consent for the data processing, or
- withdrawing or blocking your consent for data management and usage that you provided at signing up.
Registration of the withdrawal of consent – for technical reasons – we undertake with a 3-days deadline, but please note that we may be able to manage some of your data even after the withdrawal of the consent in order to enforce our legal obligation or to enforce our legitimate interests.
In the event of fraudulent use of personal data, or if a visitor commits a criminal case or attacks our system, then we cancel the registration of that visitor together with deleting his/her personal information with immediate effect but we store them if necessary during the civil court process or criminal proceedings.
Other data management related questions
Your personal data may only be transmitted under statutory terms. The special contractual conditions between our company and our data processors ensure that our data processors are not allowed to use your personal information for any purposes differ from your consent. See Section 2 for more information.
Our company does not transmit data abroad.
The court, the prosecutor’s office and other authorities (eg police, tax office, Hungarian National Authority for Data Protection and Freedom of Information) may contact our Company for information, disclosure of data or documents. In these special cases, we have to fulfil our reporting obligations, but only to the extent strictly necessary to comply the purpose of the request.
Contributors and employees participating in the data management and/or data processing of our Company are entitled to know your personal data to the predetermined extent, subject to the obligation of confidentiality.
We protect your personal information with appropriate technical and other measures, and ensure the security and availability of the data, and furthermore we protect the data against the unauthorized access, alteration, damage, disclosure and against any other unauthorized use.
We control the physical access to our buildings, educate our employees, and the keep paper-based documents safe. We use encryption, password protection and anti-virus software as technical measures. However, we draw your attention to the fact that data transmission through the Internet is not considered a fully secured data transfer method. Our company does its utmost to make our processes as safe as possible, but we can not take full responsibility for the data transfer via our web site, although we follow strict regulations regarding the management of the data received by our Company to protect the security of your data and to prevent any unauthorized access.
For security reasons please keep your access password to our website private and share it with no one else.
What are your rights and remedies?
You are entitled to
- require information regarding our data management,
- require correction, modification, completion of your personal data managed by our company,
- object to the data handling and require cancellation or blocking your personal data (excluding mandatory data handling),
- require effective remedy before a tribunal,
- file a complaint a with the supervisory authority or initiate a procedure (https://naih.hu/panaszuegyintezes-rendje.html).
Supervisory Authority: Hungarian National Authority for Data Protection and Freedom of Information
- Head office: 1125 Budapest, Szilágyi Erzsébet fasor 22 / c.
- Postal address: 1530 Budapest, Pf .: 5.
- Phone: +36 (1) 391-1400
- Fax: +36 (1) 391-1410
- E-mail: email@example.com
- Website: https://naih.hu/
At your request, we provide information about:
- your data,
- source of your data,
- purpose and legal basis of managing your data,
- period of managing your data or methods of specifying the period of managing your data if period of data management can not be specified,
- name and address of our data processing partners, and their data processing related activities,
- the circumstances and effects of data protection incidents and the measures implemented to prevent the future incidents, and
- the legal basis and addressee of transferring your personal data in case of any data transfer
regarding the data that are managed or processed by our company or by our authorized data processing partner.
We provide the requested information within the shortest period of 3 days (within a maximum of 1 month) after the request submitted. Providing information is free of charge except when in the current year you have already submitted an application referring to the same scope of data. We return the service fee to you if we processed your data in an unlawful manner or your request for information led to the correction of the data.
We may refuse your request to provide information only in cases stipulated by law, referring to the legal basis together with the notification about the opportunity of seeking legal remedies from the Authority.
Our Company informs you and those about the correction, blocking, marking or deletion of the personal data to whom the data have been previously transferred for processing except when the lack of notification does not infringe your legal interest.
If we fail to fulfil your application for correction, blocking or deletion within the shortest period of 3 days (within a maximum of 1 month) after the request submitted we inform you in written or – with your permission – through electronic means about the reasons of the rejection and furthermore we inform you about the applicable legal remedies by court and the Authority.
If you have any objections against processing your personal data, then we examine your objection within the shortest period of 3 days (within a maximum of 1 month) after the request submitted and we notify you about our decision in writing. If we find that your objection is well established, we terminate the data processing – including further data recording and transferring – and block the data and inform those about the objection to whom the affected data was transferred and who are liable to take action in order to exercise the right of objection.
We refuse to fulfil your application if we prove that the data processing is justified by compulsory legal reasons which have priority over your interests, rights, and freedom, or which have connected to proposal, validation or protection of legal interests. If you do not agree with our decision or if we fail to meet the deadline then you can initiate a court procedure within 30 days after the disclosure of the decision or after the deadline.
Judgement in data protection related lawsuits falls into the jurisdiction of the district courts, the lawsuit can be initiated – according to the decision of the people concerned – also before the district court located at the residence of the affected person. Foreign citizens may file a complaint to the competent supervisory authority of his/her residence.
We ask you to contact us – for consultation and for quicker resolution of the problem occurred – before turning to the supervisory authority or to the court with your complaint.
What are the major guiding rules for our activity?
- Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data (GDPR)
- Act CXII of 2011 on Informational Self-Determination and Freedom of Information – (Info tv.)
- the Act V of 2013 on the Civil Code (Civil Code)
- Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Information Society Services – (Eker tv.)
- Act C of 2003 on Electronic Communications (Ehtv.)
- Act CLV of 1997 on Consumer Protection (Fogyv. tv.)
- Act CLXV of 2013 on Complaints and Public Interest Disclosures (Pktv).
- Act XLVIII of 2008 on Essential Conditions of and Certain Limitations to Business Advertising (Grtv.)
25 May 2018.