INFORMATION ON THE RIGHTS OF NATURAL PERSON DATA SUBJECTS IN REGARD TO THE PROCESSING OF THEIR PERSONAL DATA
INTRODUCTION
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: Regulation) requires that the Controller shall take appropriate measures to provide any information relating to the processing of personal data to the data subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language, and that the Controller shall facilitate the exercise of data subject rights.
The obligation to provide data subjects with information prior to processing is also required by Act CXII of 2011 on the freedom of information.
The information below is intended to fulfill this legal obligation of our Company.
CHAPTER I
DATA CONTROLLER
The issuer of this information, which also acts as Controller:
Company name: Helpers Hungary Kft
Registered address: 1094 Budapest, Tompa utca 9. 5. em. 3.
Company registration number: 01-09-869492
Tax number: 13715065-2-43
Represented by: Ürögdi Barbara
Telephone number: +36-1-317-8570
Email address: info@helpers.hu
Website: helpers.hu
(hereinafter referred to as: Company)
CHAPTER II
NAME OF DATA PROCESSORS
‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller (Article 4(8) of the Regulation).
The use of a processor does not require the prior consent of the data subject but he or she must be informed. Accordingly, we provide the following information:
In order to run and manage its IT systems, our Company uses data processors, which provide IT services (hosting services, e-mail services, system administration, CRM services) and process the personal data provided on the website, via email or in any other way in relation to the services provided by our Company – during the period of our contract with them.
The list of processors includes the following parties:
Company name: Microsoft
Registered address: Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA
Type of service: Microsoft 365
Website: www.microsoft.com
Company name: Salesforce.com EMEA Limited
Registered address: Village 9, floor 26 Salesforce Tower, 110 Bishopsgate, London, UK, EC2N 4AY
Website: www.salesforce.com
Type of service: CRM
Company name: Monday.com
Registered address: 34 W 14th St. New York, NY 10011, USA
Website: www.monday.com; https://monday.com/l/privacy/privacy-policy/
Type of service: CRM
Company name: Netmarker Kft
Registered address: 1115 Bp. Csóka u. 3/a. I/55.
Company registration number: 01-09-876616
Tax number: 13851590-3-43
Telephone number: +36-20-6617407
Email address: support@netmarker.eu
Website: netmarker.eu
Type of service: Hosting service provider
Company name: IT Pioneer Kft.
Registered address: 1021 Budapest, Szerb Antal utca 8. 1. em. 1.
Company registration number: 01-09-986591
Tax number: 23960211-2-41
Email address: info@ddigital.hu
Website: ddigital.hu
Type of service: System administration
Company name: FormAssembly Inc.
Registered address: 885 S College Mall Rd, #399, Bloomington, IN 47401, USA
Website: formassembly.com; https://www.formassembly.com/privacy-policy/
Type of service: Form processing
Our Company uses a contracted external service provider for fulfilling its tax and accounting obligations, which also processes the personal data of natural persons who are in a contractual or payment relationship with our Company in order to comply with our tax and accounting obligations.
This processor is the following:
Company name: Helpers Finance Kft
Registered address: 1094 Budapest, Tompa utca 9. 5. em. 3.
Company registration number: 01-09-194335
Tax number: 25006948-2-43
Telephone number: +36-1-317-8570
CHAPTER III
PROCESSING DATA IN RELATION TO THE PROVISION OF SERVICES
Information on the use of cookies
(1) In accordance with common practice on the Internet, our Company uses cookies on its website. A cookie is a small data file with a series of characters that are placed on the visitor’s computer when he or she visits a website. When the visitor visits the website again, thanks to the cookie, it can recognize the visitor’s browser.
(2) Our Company’s website will store and process the following data of visitor and the device used for browsing:
• IP address of the visitor,
• type of the browser,
• settings of the operating system of the device used for browsing (language settings),
• date of visit,
• the (sub)page visited, the function or service used.
(3) It is not mandatory to accept and enable the use of cookies. You can reset your browser’s setting to reject any cookie or to notify you when a cookie is being sent to your machine. Although most browsers automatically accept cookies by default, this can in general be modified in order to prevent automatic acceptance and give you the chance to decide in very individual case.
You can find information about the cookie settings of the most popular web browsers by clicking on the links below
• Google Chrome: https://support.google.com/accounts/answer/61416?hl=hu
• Firefox: https://support.mozilla.org/hu/kb/sutik-engedelyezese-es-tiltasa-amit-weboldak-haszn
• Microsoft Internet Explorer 11: http://windows.microsoft.com/hu-hu/internet-explorer/delete-manage-cookies#ie=ie-11
• Microsoft Internet Explorer 10: http://windows.microsoft.com/hu-hu/internet-explorer/delete-manage-cookies#ie=ie-10-win-7
• Microsoft Internet Explorer 9: http://windows.microsoft.com/hu-hu/internet-explorer/delete-manage-cookies#ie=ie-9
• Microsoft Internet Explorer 8: http://windows.microsoft.com/hu-hu/internet-explorer/delete-manage-cookies#ie=ie-8
• Microsoft Edge: http://windows.microsoft.com/hu-hu/windows-10/edge-privacy-faq
• Safari: https://support.apple.com/hu-hu/HT201265
Furthermore, please note that certain functions or services of the website may not work properly with cookies disabled.
(4) The cookies used on the website by themselves cannot establish the identity of the user.
(5) The cookies used on the Company’s website:
i). Strictly (technically) necessary session cookies
These cookies enable the visitor to browse the website and use its functions and the services provided via the website smoothly and fully, including especially keeping track of the User’s movements on the website during a specific visit. These cookies are retained only for the period of the current visit and once the session is over and the browser is closed, these cookies are automatically deleted from your computer.
The legal basis of this type of processing is Article 13/A (3) of Act CVIII of 2001 on certain issues of electronic trading services and information society services.
The purposes of processing: to ensure the proper operation of the website.
ii). Consent based cookies:
These cookies enable the Company to remember the selections made by the user on the website. The visitor may object to this kind of processing at any time before or during the use of the service. These data may not be linked to the identification data of the user and may not be disclosed to a third person without the consent of the user.
ii.1. Functional cookies:
The purposes of processing: To increase the effectiveness of the service and user experience as well as to make the use of the website more convenient.
The period of processing is 6 months.
Scope of processed data: ZOPIM, ADDTOANY
ii.2. Performance cookies:
Google Analytics cookies – more information on these here:
Google Adwords cookies – more information on these here:
Facebook cookies – more information on these here:
(1) A natural person registering for the newsletter service on the website can give his or her consent to processing by ticking the relevant checkbox. The data subject can unsubscribe from the newsletter at any time by clicking on the “Unsubscribe” option in the newsletter or by writing or sending an email to us, which means that the consent is revoked. In this case, we immediately delete every piece of data other than the email address of the relevant person and the fact that he or she has unsubscribed from this service.
(2) The categories of processed data: name of the natural person (first name and last name), email address, country of origin, place of residence (country), service group.
(3) The purposes of processing personal data:
(4) The legal basis of processing: consent of the data subject.
(5) The recipients of personal data who have access to the eDm database within and outside of the company: the employees of the Company who perform customer service and marketing duties; the employees of the Company’s IT service provider as data processor for the purpose of providing hosting services.
(6) The period for which the personal data will be stored: until the newsletter service is provided or the data subject revokes their consent (requests erasure).
(1) A natural person completing the online form for requesting contact on the website can give his or her consent to processing by ticking the relevant checkbox.
(2) The categories of processed data (may vary depending on the type of service): name of the natural person (first name and last name), phone number, email address, copy of passport and/or visa, date of birth, marital status, travel information.
(3) The purposes of processing personal data:
(4) The legal basis of processing: consent of the data subject or the response to the data subject’s request.
(5) The recipients of personal data who have access to the client database within and outside of the company: the employees of the Company who perform customer service and marketing duties; the employees of the Company’s IT service provider as data processor for the purpose of providing hosting services.
The period for which the personal data will be stored: 6 months or until the data subject revokes their consent (requests erasure).
(1) The Company shall process the following personal data of natural persons entering into a business relationship with the Company as customers or suppliers on the basis of its legal obligations for the purposes of entering into, performing and terminating contracts and providing a contractual discount, as specified in applicable laws and regulations: name, name at birth, date of birth, mother’s maiden name, address, tax identification number, number of private entrepreneur’s card, number of primary producer’s card, identity card number, registered address, site address, phone number, email address, website address, bank account number, customer number (client number, order number), online identifier (list of customers and suppliers, list of regular customers). This processing is considered lawful even if it is necessary in order to take steps at the request of the data subject prior to entering into a contract. The recipients of the personal data: the employees and data processors of the Company performing customer service, taxing and accounting duties. The period of processing personal data: 5 years after the relevant contract is terminated.
(1) The categories of personal data that may be processed: name, address, phone number, email address, online ID of the natural person.
(2) The purposes of processing personal data: to perform the contract made with the Company’s partner as a legal entity and maintain a business relationship; its legal basis: the Company’s legitimate interest.
(3) The recipients or categories of recipients of the personal data: the employees of the Company performing customer services duties.
(4) The period for which the personal data will be stored: 5 years after the business relationship and the assignment of the data subject as representative cease.
(1) The Controller may process the personal data of the Data Subject that may include various pieces of sensitive information for the provision of its services.
(2) The categories of personal data our Company processes may vary depending on the type of service. Processing related to the each of the services provided:
(3) The purposes of processing personal data:
(4) The legal basis of processing: consent of the data subject; performance of the contract; express consent by applying for a job.
(5) The employees of the Company’s IT service provider as a data processor.
The period for which the personal data will be stored: 12 months or until the data subject revokes their consent (requests erasure).
CHAPTER V
PROCESSING BASED ON A LEGAL OBLIGATION
(1) The Company shall process the relevant personal data of natural persons entering into a business relationship with the Company as customers or suppliers on the basis of it legal obligations for the purposes of fulfilling its tax and accounting obligations as specified in applicable laws and regulations. The processed data include, in particular, the following: tax number, name, address, taxing status on the basis of Articles 169 and 202 of Act CXXVII of 2017 on Value Added Tax; name, address, name of person or organization that ordered the performance of the business operation, name of the person signing the payment order and the name of the person certifying performance of the operation, as well as the signature of the controller, depending on the particular organization; signature of the recipient on the payment receipt and signature of the payer on the counter receipt; number of the private entrepreneur’s card, number of the primary producer’s card, tax identification number.
(2) The period for which the personal data will be stored: 8 years after the legal relationship establishing the legal basis of processing ceases.
(3) The recipients of the personal data: the employees and data processors of the Company performing taxing, accounting, pay roll and social security duties.
CHAPTER VI
INFORMATION ABOUT YOUR RIGHTS IN RELATION TO PROCESSING YOUR PERSONAL DATA
In the interest of clarity and transparency, in this chapter we will give a brief overview of your rights in relation to processing your data.
Right of information
The data subject shall have the right to receive information about the facts and data relating to processing prior to processing.
Right of access
The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the related information as specified in the Regulation.
Right to rectification
The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erasure (‘right to be forgotten’)
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the grounds specified in the Regulation applies:
Right to restriction of processing
The data subject shall have the right to obtain from the controller restriction of processing where the conditions specified in the Regulation are fulfilled.
Notification obligation regarding rectification or erasure of personal data or restriction of processing
The Controller shall communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom or to which the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The Controller shall inform the data subject about those recipients if the data subject requests it.
Right to data portability
Subject to the conditions specified in the Regulation, the data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another Controller without hindrance from the Controller to which the personal data have been provided.
Communication of a personal data breach to the data subject
When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the Controller shall communicate the personal data breach to the data subject without undue delay.
Right to lodge a complaint with a supervisory authority (right to administrative remedy)
Every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes this Regulation.
CHAPTER VII
SUBMISSION OF REQUESTS IN CONNECTION WITH DATA PROCESSING ACTIONS TAKEN BY THE CONTROLLER
Helpers Hungary Kft, 28 September 2021.
© 2004 – 2021