1. General information
The TERENDO HUNGARY Kft. (Address: : 1156 Budapest, Páskomliget utca 31. 6. em. door 24.; Tax number: 32068953-2-42; Business registration Number: 01-09-405251;hereinafter referred to as: the Data Controller) respects the right of clients visiting the webpage to information self-determination and the rights to personal data of the persons visiting the website www.terendo.com (hereafter referred to as the “Website”). The data subjects, and its processing activities concerning personal data and sensitive data are in accordance with the provisions of the Hungarian Act on the Right of Information Self-Determination and Freedom of Information of 2011. CXII of 2011 (hereafter referred to as the Privacy Act) and other applicable rules and regulations.
This policy – in accordance with the provisions of Article 20 of the Privacy Act – provides information on what data the Data Controller records, for what purpose, on what basis, how and for how long it processes them, to whom it transmits them and who may have access to the data. This statement from the provisions of the aforementioned regulation shows how you can request clarification of the data processed, how you can request their blocking or deletion from the controller’s records, and what remedies you have in the event of a breach of your rights in relation to data processing.
By accepting this policy, the user expressly consents to the recording, , processing and transfer of their personal data by the Data Controller.
This statement does not apply to websites – under a different domain – that are accessible via a hyperlink from www.terendo.com. The Data Controller shall not be responsible for the content of these websites or for any processing or other activities carried out by the operators of these websites.
2. Purpose of the privacy policy
The Data Controller acknowledges that it is bound by the content of this legal statement.
It commits to ensure that all processing of data relating to its activities complies with the requirements set forth in this statement, in the applicable national legislation and acts of the European Union .
The Data Controller reserves the right to modify this policy at any time. The visitors of the website will be informed about all changes in due time. If you have any questions regarding the statement , please write to us and we will get back to you shortly.
The Data Controller is committed to protecting the personal data of its customers and partners, and attaches the highest importance to respecting the right to information self-determination of its clients. . The Data Controller handles personal data confidentially and takes all security, technical and organisational measures to ensure data security. The Data Controller describes its data management practices below.
3. Data Controller’s ‘s contact
Name of Data Controller : TERENDO HUNGARY Kft.
Address: : 1156 Budapest, Páskomliget utca 31. 6. em. door 24.
Tax number: 32068953-2-42
Business registration Number: 01-09-405251
E-mail: info@terendo.com
Recruitment licence number: BP/0701/079189-2/2022-1332
4. Scope of personal data processed
The Data Controller records and processes only personal data of the user (first and last name, company name, e-mail address and telephone number ) that the client voluntarily provides to the Data Controller through the contact form of the website or by placing an order via e-mail, and only if the user has consented to the recording, processing and transfer of data.
The submission of an enquiry or an order implies the completion of a form containing personal data and the acceptance of the provisions of this Privacy Policy. The submission of an enquiry or an order constitutes written as consent of the collection, processing and transfer of personal data by the Data Controller . The user is responsible for the accuracy of the data provided to the Data Controller..
4.1. Personal data provided for enquiries and offers:
The purpose of this is to show interest, to contact the company by providing your name, e-mail address, company name and telephone number. The enquiry or request can be made via the “contact us” form on the website or via e-mail or telephone.
In e case of enquiries on the phone or via e-mail, the customer’s phone number, company name and legal name will be recorded for future reference.
The enquiry also implies the filling of the form containing personal data and acceptance of the terms of this Privacy Policy. The consent given by the enquiry to the recording , processing and transfer of personal data by the Data Controller constitutes written consent.
The user is responsible for the accuracy of the data provided to the Data Controller.
4.2. Facebook page
On our Facebook page, which is operated for the purpose of online contact, comments, sharing opinions, advertising our business, reaching potential customers, the company also records personal data (name, comments) with the consent of the data subject.
4.3. Linkedin page
On our Linkedin page, operated for the purpose of contacting customers online, commenting on photos, expressing opinions , advertising the business, and reaching potential customers, the company also collects personal data (name, comments) with the consent of the data subject.
4.4. Personal data requested in case of an order
In case of an order , the Data Controller requests the following data: full legal name of the customer, e-mail address, phone number, and company name if available. The order constitutes written consent to the recording , processing and transmission of personal data provided by the Data Controller.
4.5. Personal data requested during the conclusion of a contract
Our company signs a contract with its customers to provide the legal background for collaboration, in which we ecord the company name, address , contact number and e-mail of our customers. .
4.6. Invoicing
Issuing invoices for a company: the company’s name, address, tax number shall be provided; in case of an invoice for an individual; the billing name and address must be provided.
4.7. Cookies
The purpose of cookies is to collect information about visitors and their devices; record visitors’ individual preferences, which are used, when making online transactions, so that they do not have to be re-entered. They facilitate the use of the website and provide a quality user experience. In order to get a personalised service, a small piece of data, called a cookie, is placed on the user’s computer and read back during a subsequent visit. If the browser sends back a previously saved cookie, the provider has the possibility to link the user’s current visit to previous visits, but only in relation to its own content.
4.7.1 Necessary session cookies
The purpose of these cookies is to allow visitors to browse the website, use its functions and services fully and smoothly. This type of cookie is valid until the end of the session (browsing) and is automatically deleted from the computer or other browsing devices when the browser is closed.
4.7.2 Cookies placed by third parties (analytics)
The Data Controller also uses Google Analytics as a third party cookie on its website. Google Analytics is used for statistical purposes to collect information about how visitors use the websites. The data is used to improve the website and the user experience. These cookies will also remain on the visitor’s computer or other browsing device, until they expire or are deleted by the visitor.
4.7.3. Additional information
When you visit the Website, the Website server automatically stores certain data for system administration, statistical or security purposes. This data includes the user’s Internet service provider, sometimes the user’s IP address, the version number of the user’s browser , the type of operating system, the pages that the user visits on the website and the search terms used to access the website. These data are only informative about the number of website visitors and the computers used to access the website ebsite and do not constitute personal data. The data will only be used anonymously. .
4.8 Technical data
The Data Controller r shall select and operate the IT tools used to process personal data in the course of providing the service in such a way that the data processed are: accessible to those authorised to access them (availability); authentic and verifiable (authenticity of processing); verifiable as unalterable (data integrity); and protected against unauthorised access (data confidentiality).
The Data Controller shall take appropriate measures to protect the data against unauthorised access, alteration, disclosure, erasure or destruction. The Data Controller shall ensure the security of data processing by technical, organisational measures that provide the level of protection appropriate to the risks associated with the processing. The Data Controller shall, in the course of processing, preserve confidentiality: protect information so that only those who are entitled to have access to it can do so; integrity: protect the accuracy and completeness of the information and the method of processing; availability: ensure that the information can be accessed and it is available when the authorised user needs it.
5. Purpose of data processing
The Data Controller works with the user’s personal data for the purpose of contacting the user and facilitating the billing and managing of the agreement stated in the contract, and for the purposes of any claims concerning the user.
6. Legal basis of processing
The legal basis of data processing by the Data Controller is the user’s interest or placing of an order, the user’s express written consent and acceptance of this Privacy Policy. Personal data provided by users to the Data Controller shall not be processed by the Data Controller beyond the limits set by law or in a manner exceeding the consent of the user, nor shall they be disclosed to third parties – unless the processing, use or disclosure of data is required by law, public authority or court order.
7. Data security
The data controller shall take all necessary precautions to protect the data, i.e., to prevent the loss, unauthorised disclosure, transmission, use, disclosure, alteration, deletion or destruction of the data and unauthorised access to the data.
8. Duration of data management
- Contact form (name, email address, company name, phone number) – until the termination of the business relationship
- Newsletter subscription (name, email address) – until unsubscription
- Facebook, Linkedin page (name, comments) – until page deletion, withdrawal of page by the data subject, cancellation by the data subject
- Billing information (name, address, tax number, company name) – for the required time period clarified by law
- Business partners’ data (name, e-mail address, phone number, company name) – until the business relationship is established, or is requested for elimination
- Google Analytics traffic data – valid for 2 years
In all other cases, the Data Controller will store and process personal data for 5 (five) calendar years from the date of the enquiry/order or until the withdrawal of consent by the user concerned.
9. Physical storage locations of the data
Your personal data (i.e. the data that can be associated with your person) may be processed by the company in the following ways: on the one hand, technical data relating to the computer, browser program, Internet address and pages visited are automatically generated in our computer system in connection with the maintenance of the Internet connection, and on the other hand, you may provide your name, contact details or other data if you wish to contact us personally when using the website.
Data collected during the operation of the system: the data on the computer of the person concerned , which are generated during the process and which are recorded by the system are the automatic results of technical processes.
The data is automatically collected by the system at the time of log-in or log-outwithout any specific declaration or action by the data subject. This data cannot be linked to other personal user data, except in cases clarified by law.
10. Transfer of data, processing of data, access to data
The Data Controller uses data processors to perform certain tasks.
10.1 Storage service:
The storage provider of the site under the domain www.terendo.com:
Name: Websupport Magyarország Kft.
Address: H-1132 – Budapest – Victor Hugo utca. 18-22.
Tax number: 25138205-2-41
Company registration number: 01-09-381419
The Data Controller uses Google mail service.
10.2. Ability to transfer data
The Data Controller transfers the user’s data to its contractual subcontractors, if necessary, or to the extent necessary, in which case the Data Controller will ensure, by means of contractual clauses, that its contractual subcontractors process the user’s personal data lawfully and in accordance with the purposes for which the data are processed. In this case, the purpose of the transfer is to enable the administration of the services ordered by the user and to enable the user to pursue any claims involving him. . Any transfer of the user’s personal data will be carried out by the Data Controller in full accordance with the applicable legal provisions.
10.3 Persons entitled to access the data
The recording, processing and transmission of data shall be carried out by the Data Controller or its agents. No person other than the above mentioned individuals , including employees and agents of the companies to which the personal data of the user are disclosed pursuant to this Privacy Policy, may have access to the personal data, and such persons shall keep the data they have access to confidential and shall not use them for any purpose other than the purpose for which they were disclosed.
11. Rights of the data subject
The user has the right to request clarification and information in connection with the processing of personal data at any time during the processing of personal data, and the right to request the correction of personal data from the Data Controller. Furthermore, the user shall have the right to withdraw his/her consent to the processing of his/her personal data at any time in the future except for mandatory processing, to request the blocking of his/her personal data and/or specific data (restriction of processing for a definite or limited period of time) or the elimination of the data from the Controller’s records. Such requests should be sent by e-mail to info@terendo.com.
The user also has the right to withdraw his/her consent to the use of his/her data for marketing purposes and the right to unsubscribe at any time from the newsletters sent to the user by the Data Controller, using the link in the newsletters.
In the event of a breach of his/her rights in relation to the processing of his/her personal data, the user may seek legal advice in front of an ordinary court in Hungary in order to enforce his/her rights in accordance with the provisions of the Privacy Act.
11.1 Right to information
The Data Controller shall take appropriate measures to provide data subjects with all the information referred to in Articles 13 and 14 of the GDPR and each piece of information referred to in Articles 15 to 22 and 34 of the GDPR concerning the processing of personal data in a concise, transparent, intelligible and easily accessible form, using clear and plain language.
11.2 Right of access of the data subject
The data subject shall have the right to obtain from the controller feedback as to whether or not his or her personal data are being processed and, where such processing is taking place, the right to access to the personal data and the following information: the purposes of the processing; the categories of personal data concerned; the recipients or categories of recipients to whom or with which the personal data have been or will be disclosed, including in particular recipients in third countries or international organisations; the envisaged period of storage of the personal data; the right to rectification, erasure or restriction of processing and the right to object; the right to lodge a complaint with a supervisory authority; information on the data sources; the fact of automated decision-making, including profiling, and clear information on the logic used and the significance of such processing and its likely consequences for the data subject. The controller shall provide the information within a maximum of one month from the date of the request.
11.3 Right of rectification
The data subject may request the correction of inaccurate personal data in relation with him or her processed by the controller.
11.4 Right to erasure
The data subject shall have the right, upon request, to obtain from the Controller the erasure of personal data in relation with him or her without undue delay where one of the following grounds applies:
- the personal data are no longer necessary for the purposes they were collected or they were processed otherwise;
- the data subject withdraws the consent on the basis of which the processing was carried out and there is no other legal basis for the processing;
- the data subject objects to the processing and there are no overriding legitimate grounds for the processing;
- the personal data have been unlawfully processed;
- the personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject;
- the personal data have been collected in connection with the provision of information society services.
The erasure of the data may not be initiated if the processing is necessary: for the exercise of the right to freedom of expression and information; for compliance with an obligation under Union or Member State law to process personal data or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; for public health purposes or for archiving, scientific or historical research purposes or statistical purposes in the public interest; or for the establishment, exercise or defence of legal claims.
11.5 Right to restriction of processing
At the request of the data subject, the Controller shall restrict processing if one of the following conditions apply:
- the data subject contests the accuracy of the personal data, in which case the restriction shall apply for a period of time which allows the accuracy of the personal data to be verified;
- the processing is unlawful and the data subject opposes the erasure of the data and requests instead the restriction of their use;
- the controller no longer needs the personal data for the purposes of the processing, but the data subject requires them for the establishment, exercise or defence of legal claims;
- or the data subject has objected to the processing; in this case, the restriction shall apply for a period of time until it is established whether the legitimate grounds of the controller override the egitimate grounds of the data subject.
Where processing is subject to restriction, personal data other than storaging may be processed only with the consent of the data subject or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for important public interests of the Union or of a Member State.
11.6 Right to data portability
The data subject has the right to receive personal data relating to him or her which he or she has provided to the Controller in a structured, commonly used, digitally-readable format and to transmit such data to another Controller.
11.7 Right to protest
The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to processing of his or her personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, or necessary for the purposes of the legitimate interests pursued by the controller or by a third party, including profiling based on those provisions. In the event of an objection, the controller may no longer process the personal data, unless there are compelling legitimate grounds for doing so which override the interests, rights and freedom of the data subject or for the establishment, exercise or defence of legal claims.
11.8 Automated decision-making in individual cases, including profiling
The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.
11.9 Right of Withdrawal
The data subject has the right to withdraw his or her consent at any time.
11.10 Right to apply to the courts
The data subject may take legal action against the Controller in the event of a breach of his or her rights.
11.11 Data protection official procedure
A complaint may be lodged with the National Authority for Data Protection and Freedom of Information:
Name: Nemzeti Adatvédelmi és Információszabadság Hatóság
Address: 1055. Budapest Falk Miksa utca 9-11.
Postal address: 1363 Budapest, Pf.: 9.
Phone: 0613911400
Fax: 0613911410
E-mail: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu
Office
Short name: NAIH
KR ID:429616918
12. Additional questions
The Data Controller acknowledges that it is bound by the above Privacy Policy and undertakes to ensure that its processing of data in relation to its services complies with this Privacy Policy.
If you have any further questions after reading the statement above, please do not hesitate to contact us at info@terendo.com