ABOUT THE RIGHTS OF THE CONCERNED NATURAL PERSON
IN RELATION TO THE PROCESSING OF THEIR PERSONAL DATA
About the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing the 95/46/EK directive: THE EUROPEAN PARLIAMENT AND THE COUNCIL (EU) 2016/679 REGULATION (hereinafter referred to as the “Regulation”) requires the data Controller to take appropriate measures to provide the data subject with concise, transparent, intelligible and easily accessible information in a clear and plain language regarding the processing of their personal data, and to facilitate the exercise of the data subject’s rights.
The obligation to inform the data subject in advance is also provided for in Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information. The following information is provided to comply with this legal obligation.
The information shall be published on the company’s website or sent to the person concerned upon request.
IDENTIFICATION OF THE DATA CONTROLLER
The publisher of this information is the Data Controller:
Company name: Wozify Engineering Group Ltd.
Registered office: 42 Berda József Street, 1043 Budapest, Hungary
(Hereinafter referred to as the “Company”)
Contact details of the Data Controller:
IDENTIFICATION OF DATA PROCESSORS
Data Processor: the natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller (Regulation Article 4(8)).
The data subject’s prior consent is not required for the use of a data processor, but information must be provided. Accordingly, we provide the following information:
Name of IT hosting provider data processor
Registered office: 101 Avenue of the Americas, 2nd Floor New York, NY 10013
Other IT service providers
Google LLC (nem minősül 3. országba továbbításnak a EU-U.S. Privacy Shield Framework-ben való részvétel miatt)
Address: 1600 Amphitheatre Parkway, Mountain View, California 94043
Microsoft Corporation (does not qualify as a transfer to a third country due to its participation in the EU-U.S. Privacy Shield Framework)
Address: One Microsoft Way, Redmond, WA 98052-7329, USA
Name of data processor performing postal, courier, and logistics tasks
COMPANY NAME: Magyar Posta Zrt.
REGISTERED OFFICE: 2-6 Dunavirág Street, Budapest 1138, Hungary
EMAIL ADDRESS: firstname.lastname@example.org
PHONE NUMBER: +36 (1) 767 8282
ENSURING THE LAWFULNESS OF DATA PROCESSING
Data processing based on the consent of the data subject
1.1. If the Company intends to carry out data processing based on the consent of the data subject, the consent of the data subject to the processing of their personal data must be obtained with the content and information specified in the data request form in the data processing policy.
1.2. Consent may also be given by the data subject by ticking a box on the Company’s website during viewing, by performing technical settings for this purpose during the use of information society services, or by any other statement or action that clearly indicates the data subject’s consent to the intended processing of their personal data in the given context. Silence, pre-ticked boxes or inactivity are not considered as consent.
1.3. The consent shall extend to all data processing activities carried out for the same purpose or purposes. If the data processing serves several purposes at the same time, the consent shall be given for all data processing purposes.
1.4. If the data subject provides consent through a written statement that also relates to other matters, such as the conclusion of a sales or service contract, the request for consent shall be presented in a way that is clearly distinguishable from those other matters, in an understandable and easily accessible form, in clear and plain language. Any part of such a statement containing the data subject’s consent that violates the Regulation shall have no binding force.
1.5. The Company may not make the conclusion or performance of a contract dependent on the provision of consent for the processing of personal data that is not necessary for the performance of the contract.
1.6. The withdrawal of consent must be made possible in the same easy way as giving consent.
1.7. If personal data has been collected with the consent of the data subject, the data controller may process the collected data for the purpose of fulfilling their legal obligation without further separate consent, as long as there is no provision to the contrary, and even after the withdrawal of the data subject’s consent.
Data processing based on legal obligation
2.1. In case of data processing based on legal obligation, the scope of processable data, the purpose of data processing, the duration of data storage, and the addressees shall be determined by the provisions of the underlying legislation.
2.2. Data processing based on the fulfillment of legal obligation is independent of the consent of the data subject, as the processing is determined by law. In this case, the data subject must be informed before the start of data processing that the processing is mandatory, and the data subject must be clearly and comprehensively informed about all the facts related to the processing of their data, in particular the purpose and legal basis of data processing, the person authorized to process and access the data, the duration of data processing, whether the data controller processes the personal data of the data subject based on their legal obligation, and who may have access to the data. The information must also cover the data subject’s rights and remedies related to data processing. In case of mandatory data processing, the information may be provided by reference to the relevant legislative provisions containing the above-mentioned information.
Data processing based on legitimate interest
3.1. The Company or a third party’s legitimate interest can provide a legal basis for data processing, provided that the interests, fundamental rights, and freedoms of the data subject do not take precedence. The reasonable expectations of the data subject based on their relationship with the data controller must be taken into account, such as the processing of personal data for communication or even direct marketing purposes, which can be considered as based on legitimate interest.
Data processing based on contractual interest
4.1. Data processing may also be based on contractual interest if it is necessary for the performance of a contract in which the data subject is a party or for taking steps at the request of the data subject prior to entering into a contract.
Data processing based on the protection of vital interests of the data subject or other natural persons
5.1. The protection of the life or other vital interests of the data subject or other natural persons may also serve as a legal basis for data processing. Such a case arises in the case of a natural person if they use healthcare services or if data processing is carried out to stop the spread of epidemics.
Promoting the rights of data subjects
6.1. The Company is obliged to ensure the exercise of the data subject’s rights in all data processing.
General information about cookies
2.1. A cookie is a data that a visited website sends to the visitor’s browser (in name-value pairs) to store and later allow the website to load its content. The cookie can have a validity period that can be until the browser is closed or even unlimited. In subsequent HTTP(S) requests, the browser sends this data to the server, thus modifying the data on the user’s computer.
2.2. Modern website services inherently require cookies, whose function is to identify a user (e.g., that they have logged into the site) and manage them accordingly in the future, even if they return later. The danger is that not all users are aware of this, and it may be used to track users by the website operator or other service providers whose content is embedded in the site (e.g., Facebook, Google Analytics), creating a profile about them. In this case, the content of the cookie can be considered personal data.
2.3. Types of cookies:
2.3.1. Technically necessary session cookies: Without these, the website simply would not function properly. These cookies are necessary for user identification, such as managing whether the user is logged in, what items are in their shopping cart, and so on. This is typically a stored session ID, the rest of the data is stored on the server, which is more secure. If the session cookie value is not generated properly, there is a risk of session hijacking attacks, which is why it is essential that these values are generated correctly. Other terminologies refer to all cookies that are deleted when the browser is closed as session cookies (a session is a browser usage from startup to logout).
2.3.2. Functionality cookies: These are cookies that remember user choices, such as how the user wants to view the website. These types of cookies essentially mean the settings data stored in the cookie.
2.3.3. Performance cookies: Although they have little to do with “performance,” these cookies are generally called cookies that collect information about the user’s behavior, time spent on the visited web page, clicks, and so on. Typically, these are third-party applications (such as Google Analytics, AdWords, or Yandex.ru cookies). They are used to create a user profile.
You can find out more about Google Analytics cookies here:
You can find out about Google AdWords cookies here:
2.4. Accepting and enabling cookies is not mandatory. You can reset your browser settings to reject all cookies or to notify you when a cookie is being sent. Most browsers automatically accept cookies by default, but these settings can usually be changed to prevent automatic acceptance.
You can find information about cookie settings of the most popular browsers on the following links:
• Google Chrome: https://support.google.com/accounts/answer/61416?hl=hu
• Firefox: https://support.mozilla.org/hu/kb/sutik-engedelyezese-es-tiltasa-amit-weboldak-haszn
• Microsoft Internet Explorer 11: http://windows.microsoft.com/hu-hu/internet-explorer/delete-manage-cookies#ie=ie-11
• Microsoft Internet Explorer 10: http://windows.microsoft.com/hu-hu/internet-explorer/delete-manage-cookies#ie=ie-10-win-7
• Microsoft Internet Explorer 9: http://windows.microsoft.com/hu-hu/internet-explorer/delete-manage-cookies#ie=ie-9
• Microsoft Internet Explorer 8: http://windows.microsoft.com/hu-hu/internet-explorer/delete-manage-cookies#ie=ie-8
• Microsoft Edge: http://windows.microsoft.com/hu-hu/windows-10/edge-privacy-faq