During the data management the Data Manager - SCINTILLA-TRIO Gyártó és Kereskedelmi Korlátolt Felelősségű Társaság - ensures the protection of individuals with regard to the processing of personal data and on the free flow of such data to comply with the 2016/679 Regulation of the EUROPEAN PARLIAMENT AND COUNCIL, which repeals the 95/46/EC (general data protection regulation).
In relation with the management of the data, the data management informs the visitors of this site (Users), about the data that it manages and about its principles and actions, and about the rights of the Users.
1. Data Manager
Company name: SCINTILLA-TRIO Gyártó és Kereskedelmi Korlátolt Felelősségű Társaság
Short name: SCINTILLA-TRIO Kft.
Location: H-1047 Budapest, Liszt Ferenc u. 8. B. lház. 1. em. 9.
Company registration number: 01 09 885982
VAT number: 13436252-2-41
Registry court: Fővárosi Törvényszék Cégbírósága
Mailing address and headquarters: 5100, Jászberény, Ipartelep út 9.
Telephone number: +36-70/850-7225
E-mail address: firstname.lastname@example.org
- “data manager”: that natural or legal person, public authority body, agency or any other authority, which defines the tools and purpose of the data managing alone or with other people; if the purpose and tools of the data managing is defined by a right of the Union or any member country, the data manager or the factors which are in relation with the choosing of the ata manager can be defined by the Union or the legislatives of any member country;
- ’’personal data”: any information related to the identified or identifiable natural person (“concerned”, in this document “Partner”); that natural person can be identified directly, or indirectly, especially with any identification, such as, name, number, location data, online identification or physical, physiological, genetic, mental, economical, cultural or social factors;
- “data management”: the actions made on personal data or records in an automated or non-automated way, such as, collecting, setting, organizing, proportioning, storing, changing, consulting, accessing, using, communication, forwarding, distribution, or publishing it in any other way, harmonization, restriction, removal, and annulment;
- “restriction of the data management”: putting a sign on the personal data, in order to restrict them in the future;
- “concerned”: any natural person that is and can be identified –directly or indirectly- by personal data;
- „partner”: those individuals and legal people who represent individuals and natural people, to whom the data manager provides service and with whom the data manager makes contract;
- “the contribution of the concerned”: expressing the will of the concerned based on concrete and suitable informing, with which, the concerned agrees with the managing of their personal data;
- “profiling”: the use of any form of the automated management of data, during which the personal data is used for the evaluation or forecast of the personal features, especially for the performance in the workplace, economic conditions, health, conditions, personal preferences, interest, reliability, behavior, location or movement;
- “data processor”: that natural or legal person, public authority, agency, or any other authority, that manages personal data in the name of the data manager;
- “addressed”: that natural or legal person, public authority, agency or any other authority, to whom the personal data is communicated, not depending on whether it is a third person or not;
- “data protection incident”: injury of safety that causes damage to the forwarded, stored, or in any other way handled data, such as, accidental or unlawful annulment, loss, changing, unauthorized communication or access;
3. DATA PROCESSING ACTIVITY
The Partner gives contribution to the data managing by voluntarily giving contact data to the Data manager (on namecard, partner datasheet, via e-mail or any other way). The Data manager publishes this Informative on its website. By this, the Partner learns and studies this Informative, and accepts, and informed contributes to the management of data for the purpose of the data management defined in this Informative and in the Regulation.
3.1 Data management during the making of partner contacts (business developing)
The managed data are: name, e-mail address, telephone number.
The plea of the data management, the voluntarily contribution of the Partner to the GDPR Article 6 (1) paragraph. The concerned Partner gives the contribution by voluntarily giving the contact data to the Data manager.
The purpose of the data management: the continuation of the communication in the quote phase, in order to help the process of the marketing. The duration of the data management lasts, until request for a declaration of invalidity of the concerned Partners. The Data manager informs the concerned Partners in an electronic way, defined in the Article 19 of the Data manager. If the request for a declaration of invalidity in extended to the e-mail address of the concerned Partner, after the informing the Data manager deletes the e-mail address, as well.
3.2 Data management during the contractual relationship
The managed data are: name, e-mail address, telephone number, title
The plea of the data management: according to GDPR article 6, (1) (a) paragraph, the concerned Partners give their contribution by giving their contact data to the Data manager. Without contribution, according to the GDPR article 6, (1) paragraph (b) there is necessary data management for making a contract to which the Partner is concerned.
The purpose of data management: keeping contact, and other data management for the fulfilling of the contracts.
The duration of the data management, and the due date of the removal of the data: We store the data, until the end of the contractual relationship, and in order to validate the inquiries rooted from these relationships. If any concerned Partner, or a represented legal person asks, according to the statement of consent of the Partner, the Data manager is entitled to manage the personal data (name, e-mail address, telephone number) longer as it is stated above, until the cancellation of the concerned Partner.
3.3. Data management for maintaining relationships
The managed data are: name of the contact person, title, e-mail address, telephone number
The plea of the data management: the voluntary contribution of the Partner according to the 6th article, (1) paragraph (a) part.
Aim of the data management: after the ending of the contractual relationship, maintaining the business relationship.
The duration of the data management, due date of the removal of the data: until the request of declaration of invalidity of the Partner. The Data manager informs the concerned Partners about the deleting of the data, in an electronic way according to the 19th article of the GDPR of the Data manager. If the request for a declaration of invalidity in extended to the e-mail address of the concerned Partner, after the informing the Data manager deletes the e-mail address, as well.
According to the 3.1 and 3.3, the Partners can cancel their contribution to the data management, in this case the Data manager removes the personal data of the concerned Partners. The Partners can cancel their contribution in a written way (via e-mail or postal way) at the contact data defined in the 1. part.
4. RIGHTS OF THE PARTNERS
4.1. Informing and access to the personal data
The Partner is entitled to learn about the personal data that is stored about them by the Data manager and also are entitled to check and access these data. The Partners have to sent their inquiry in a written way (electronic or postal), and the Data manager also sents these data in an electronic or postal way, the Data manager does not give oral information regarding any personal data.
In case of exercising the right of the access, the information is extended to these data:
- defining the managed data: name, e-mail address, telephone number, personal data on the interleaf of the contract,
- purpose, date and plea of the managed data,
- data forwarding: to whom were or will be the data forwarded,
- assigning the source of the data.
The Data manager provides the paper/electronic copy of the personal data for the Partner free of charge.
If the Partners do not agree with the data management, with the rightfulness of the data, according to the 4. part, can ask the correction, completing, removal, restriction of the data management, can protest against the managing of the personal data, and can initiate a proceeding according to the 5. part.
4.2. Right to the correction, completing of the managed data
For the inquiry of the Partners, the Data manager corrects the inaccurate data that has been assigned by Partners. The Data manager informs every concerned addressed about the correction, completing, by which the personal data was communicated, except if it is impossible or needs disproportional effort.
The Data manager informs the concerned Partner about the data of the addressed, if the Partners requested it in a written way.
4.3. Right of the restriction of the data management
The Data manager restricts the data management for the written request of the concerned Partner, if
- the Partner doubts the correctness of the personal data, in this case the restriction lasts until the Data manager checks the correctness of the personal data,
- the data management is unlawful and the Partner is against the removing of the data, and asks for the restriction of the data management,
- the Data manager does not need the personal data for the purpose of the data management, but the Partner needs it for the presentation, validation or protection of the legal inquiries,
- the Partners protest against the managing of data, in this case the restriction lasts until it is found out whether the lawful reasons of the Data manager are in priority against the legal reasons of the Partner.
The Data manager informs the concerned Partner to whose request the data management was restricted, about the reconstruction
4.4. Right of removal
For the request of the concerned Partner, the Data manager removes the personal data of the concerned Partner, for these reasons:
- the personal data is not necessary for the original purpose, for which, they have been collected by the Data manager,
- the concerned Partners cancel their contribution for the data management, and there is no other plea for the data management,
- the Partners protest against the data management because of their own conditions, and there is not any lawful reason for the data management,
- the Data manager manages the data unlawfully,
- the personal data is collected because it is directly connected to information technology related services, that are provided for children.
The Partners are not entitled to validate their right to removal, if the data management is necessary
- for the purpose of exercising right to freedom of opinion and informing,,
- for the public interest related to the field of public health,
- or the purpose of archiving of public interest, for the purpose of scientific and historical research, or for statistics, if exercising the right to removal would make the data management impossible or would endanger it,
- for the presentation, validation and protection of legal inquiries.
4.5. Right for data portability
The right is only restricted to the data given by the Partner, there is no possibility to the portability of other data.
The concerned Partners can (their own personal data from the system of the Data manager):
- get their own personal data from the system of the Data manager in written form
- are entitled to forward their data to other Data manager,
- if it is technically possible by the system of the Data manager, the Partners can ask for the forwarding of their own data to another Data manager.
If the Partners exercise their right to the data portability, this do not hurt their rights.
The right to the exercising the right of the data portability, if the data management is done in an automated way, because of this, it is not extended to the paper files.
Only the request for data portability can be fulfilled which are submitted in a written way (e-mail or postal). For the fulfilling, it is necessary to be proven that really the concerned Partners want to exercise their right of the data portability. Because of this, the Partners have to give those personal data by which the data manger can identify the claimer by comparing their data with the data which is in the system.
By exercising these rights, the Partners can claim the portability of every data that they gave to the Data manager. The exercising of this right is not equal to the removing of these data from the system of the Data manager, so that the Partners are still stored in the system, unless, the Partners cancel their contribution or they ask for the removal of their data.
If the Partner claims that by exercising their right to data portability, the personal data is not correct, their claim have to be fulfilled.
4.6. Protesting against the managing of the personal data
The Partners can protest in a written form (in e-mail or postal way) by the contact data given in the 1. part.
4.7. Due date of fulfilling the request.
The Data manager informs the Partners about the measures about the request in 1 month after the receiving according to the 4.1-4.6 point. If the Partner applied the request in an electronic way, the Data manager will fulfil it electronically, unless, the Partners ask it, in another way.
5. OPTIONS FOR THE ENFORCEMENT OF THE RIGHTS
The Partners can enforce their rights in a written way, via e-mail or a postal way, according to the contact data of the 1st part.
These rights cannot be enforced on telephone.
The Partners cannot enforce their rights if the Data manager proves that it cannot identify the Partners.
If the requests of the Partners are unfounded or exaggerated (especially if it is repeated), the Data manager can ask for a fee, or can deny the request. This have to be proven by the Data manager. If the Data manager has doubt of the identity of the Partners, can ask for a proof for the confirmation of the identity of the concerned Partner.
The Partner can have a remedy, complain, at the Nemzeti Adatvédelmi és Információszabadság Hatóság (location: 1125 Budapest Szilágyi Erzsébet fasor 22/C., mailing address: 1530 Budapest, Pf.: 5., Telephone: +36 (1) 391-1400). (www.naih.hu; email@example.com).
6. MANAGING OF THE DATA PROTECTION INCIDENTS
A data protection incident is the injury of the safety, that can cause the accidental or unlawful annulment, loss, changing, or the unlawful access of, or unlawful publication of the forwarded, stored or otherwise managed personal data. The data management keeps records, which contains the managed data, the number of the impacted, the data of the incident, its conditions, the actions done for the prevention of the incident. In case of an accident, if it does not risk the rights and freedom the natural people, the Data manager has to inform the Users and the supervisory authorities about the incident of the data protection in up to 72 hours.
7. DATA SECURITY
The data management does everything to ensure the safety of the data, ensures the proper level of security against misappropriation, destruction, removal, disclosure, loss or access by any unauthorised individual, or any other type of compromise. Also, the Data manager ensures that if these data are forwarded, then, the receivers also have to keep these data protected.
8. OTHER PROVISIONS