we inform you, as a visitor of our website, as well as a customer using our services, about the data management and data protection rules of our company.

What principles do we follow in our data management?

Our company follows the following basic principles in its data management:

we handle personal data legally and fairly, as well as transparently for you.

we only collect personal data for specific, clear and legitimate purposes and do not process them in a way that is incompatible with the purposes.

the personal data we collect and manage are appropriate and relevant for the purposes of data management, and are limited to what is necessary.

Our company takes all reasonable measures to ensure that the data we manage are accurate and, if necessary, up-to-date, and we delete or correct inaccurate personal data immediately.

we store personal data in such a way that you can only be identified for the time necessary to achieve the goals of personal data management.

by applying appropriate technical and organizational measures, we ensure adequate security of personal data against unauthorized or illegal processing, accidental loss, destruction or damage.

Our company your personal data

based on your prior information and voluntary consent and only to the extent necessary and in all cases for a specific purpose, i.e. we collect, record, systematize, store and use it.

in some cases, the handling of your data is based on legal regulations and is mandatory, in such cases we draw your attention to this fact.

and in certain cases, our Company or a third party has a legitimate interest in the management of your personal data, for example the operation, development and security of our website.

Who we are?

Company: Gerecse Gépészeti Kft.

The seat of our Company: 2800, Tatabánya, Cseri u. 3. 4/3.

Website: www.gerecse.co.hu

Post:                 2800, Tatabánya, Cseri u. 3. 4/3.

Phone:          +36 30 227 0636

E-mail:               info@gerecse.co.hu

TAX number:                 26547417-2-11

Registration number:      11 09 026455

Based on Article 37 of the GDPR, our company is not obliged to appoint a data protection officer.

Name, address and contact information of our company's storage service provider: NEBET.HU Kft., 2800 Tatabánya, Búzavirág utca 4.

In order to provide high-quality service to our customers, our company uses the following data processors when handling data:

NAME ACTIVITY NEBET.HU Kft., 2800 Tatabánya, Búzavirág utca 4. storage service

Data processors related to our newsletter service:

Our company does not send newsletters to its partners!

If we change the scope of our data processors, we will transfer the changes to this information sheet.

The data we manage:

Name of activity and purpose of data management

Legal basis

Managed data

Period

Registration number

Website visit

The aim is to ensure the proper and high-quality operation of the website,

checking and improving the quality of our services,

identification of malicious visitors attacking our website,

to measure attendance,

statistical purposes

The legitimate interest of our company is the IP address and the time of the visit

data of visited subpages,

the type of operating system and browser you are using

30 days

Contact, request for a quote, service notification via the forms on the website

Our goal is to give our visitors the opportunity to inquire about our products and report their service-related needs.

consent last name, first name date of birth (to prove the age of 16 or 18)

e-mail address

Phone number

the data are transmitted exclusively by the mail system, they are not entered into a database. They are removed from the mail system after 30 days

Administration, complaint

for comment,

to complaint

answering

· legal obligation

· full name · e-mail address

· telephone number

· mailing address

· other personal messages

· for 5 years·

If you have questions about data management, you can e-mail info@gerecse.co.hu or 2800, Tatabánya, Cseri u. 3. 4/3. you can request further information by e-mail, we will send you our answer without delay, within 15 days (but no later than 1 month) to the contact information you provided.

What are cookies and how do we manage them?

Cookies are small data files (hereinafter referred to as "cookies") that are transferred to your computer through the use of the website, saved and stored by your Internet browser. The majority of the most commonly used internet browsers (Chrome, Firefox, etc.) accept and enable the download and use of cookies as a default setting, but it depends on you whether you refuse or disable them by changing your browser settings, or you also the cookies already stored on your computer can delete it. The "help" menu item of each browser provides more information on the use of cookies.

There are cookies that do not require your prior consent. Our website provides brief information about these at the start of your first visit, such as authentication, multimedia player, load balancer, session cookies that help customize the user interface, and user-centric security cookies.

Our Company will inform you about cookies that require consent - if data management already starts when you visit the page - at the start of the first visit and we ask for your consent.

Our company does not use or allow cookies that allow third parties to collect data without your consent.

Acceptance of cookies is not mandatory, however, our Company does not assume responsibility if our website does not function as expected if cookies are not allowed.

What cookies do we use?

Type

Name

Contribution

Description

Target

Validity system

cookies are not required by the session cookie of the web application firewall, which is used to prevent abuse against cross-links

ensuring website operation end of browser session tracking cookie required for personalization remembering your settings increasing the efficiency of our service

30 days

You can read more about third-party cookies here https://www.google.com/policies/technologies/types/, and about data protection here https://www.google.com/analytics/learn/privacy.html ?hl=en you can read

What else do you need to know about our data management related to our website?

You voluntarily provide us with your personal data when you send messages or communicate with our Company, which is why we ask that you gradually ensure that your data is truthful, correct and accurate, because you are responsible for these. Incorrect, inaccurate or incomplete data can be an obstacle to the use of our services.

If you do not provide your own personal data, but someone else's, we assume that you have the necessary authorization.

You can withdraw your consent to data management at any time free of charge

by withdrawing consent to data management - in written form by e-mail

For technical reasons, we undertake to register the withdrawal of consent within 15 days, however, we would like to draw your attention to the fact that in order to fulfill our legal obligations or assert our legitimate interests, we may process certain data even after the withdrawal of consent.

In the event of the use of misleading personal data, or if one of our visitors commits a crime or attacks our Company's system, we will immediately delete the visitor's data at the same time as canceling their registration, and - if necessary - we will keep them for the duration of the establishment of civil liability or the conduct of criminal proceedings.

What do you need to know about our data processing for the purpose of the newsletter?

Our company does not send newsletters to its partners, so we do not store your data in any form for this purpose.

Other data management issues

Your data can only be forwarded within the framework defined by law, and in the case of our data processors, we ensure by stipulating contractual conditions that they cannot use your personal data for purposes contrary to your consent. More information can be found in point 2.

Our company does not transfer data abroad.

Courts, prosecutors and other authorities (e.g. police, tax office, National Data Protection and Freedom of Information Authority) may contact our Company to provide information, provide data or make documents available. In these cases, we must fulfill our obligation to provide data, but only to the extent that is absolutely necessary to achieve the purpose of the request.

Our company's contributors and employees involved in data management and/or data processing are entitled to access your personal data to a predetermined extent - under the burden of confidentiality.

We protect your personal data with appropriate technical and other measures, as well as ensure the security and availability of the data, as well as protect them from unauthorized access, alteration, damage, disclosure and any other unauthorized use.

As part of organizational measures, we check physical access in our buildings, we continuously educate our employees and keep paper-based documents locked away with appropriate protection. As part of the technical measures, we use encryption, password protection and anti-virus software. However, we draw your attention to the fact that data transmission via the Internet cannot be considered a fully secure data transmission. Our company does everything to make the processes as secure as possible, however, we cannot assume full responsibility for data transmission through our website, but we adhere to strict regulations regarding the data received by our company in order to protect your data and prevent illegal access.

Regarding security issues, we ask for your help in carefully keeping your existing access password to our website and not sharing this password with anyone.

What are your rights and remedies?

You about data management

you can request information

you can request the correction, modification or addition of your personal data managed by us,

you can object to data processing and request the deletion and blocking of your data (with the exception of mandatory data processing),

can take legal action in court,

you can file a complaint with the supervisory authority or initiate a procedure (https://naih.hu/panaszuegyintezes-rendje.html).

Supervisory Authority: Nemzeti Adatvédelmi és Információszabadság Hatóság

1125 Budapest, Szilágyi Erzsébet fasor 22/c.

Post: 1530 Budapest, Pf.: 5.

Phone: +36 (1) 391-1400

Fax: +36 (1) 391-1410

E-mail:ugyfelszolgalat@naih.hu

Website:https://naih.hu/

Upon your request, we provide information about the data you manage or process by us - or by our commissioned data processor

about your data,

about their source,

the purpose and legal basis of data management,

duration, and if this is not possible, the criteria for determining this duration,

about the name and address of our data processors and their activities related to data management,

about the circumstances and effects of data protection incidents and the measures we have taken to prevent and eliminate them, and

in the case of forwarding your personal data, about the legal basis of the data transfer and the recipient.

We will provide our information as soon as possible, within 15 days (but no later than 1 month) from the submission of the application. The information is free of charge, unless you have already submitted an information request to us for the same data area in the current year. The reimbursement you have already paid will be refunded in the event that the data was handled unlawfully or the request for information led to a correction. Information can only be refused in cases provided for by law by indicating the legal place, as well as by providing information about the possibility of judicial remedy or turning to the Authority.

Our company will notify you, as well as all those to whom it previously forwarded the data for the purpose of data management, of the correction, blocking, marking and deletion of personal data, unless the failure to notify does not harm your legitimate interests.

If we do not comply with your request for correction, blocking or deletion, within 15 days (but no later than 1 month) after receiving the request, we will communicate the reasons for our refusal in writing or - with your consent - electronically, and inform you of the legal remedy in court, as well as the appeal to the Authority about the possibility.

If you object to the processing of your personal data, we will examine the objection as soon as possible - 15 days - from the date of submission of the request (but no later than 1 month) and we will inform you of our decision in writing. If we have decided that your protest is well-founded, in that case we will terminate the data management - including further data collection and transmission - and block the data, as well as notify all those to whom the personal data affected by the protest have been notified of the protest and the measures taken based on it previously forwarded, and who are obliged to take action to enforce the right to protest.

We will refuse to comply with the request if we prove that the data processing is justified by compelling legitimate reasons that take precedence over your interests, rights and freedoms, or that are related to the presentation, enforcement or defense of legal claims. If you do not agree with our decision, or if we miss the deadline, you can go to court within 30 days from the notification of the decision or the last day of the deadline.

Adjudication of data protection lawsuits falls under the jurisdiction of the court, the lawsuit can be initiated - at the choice of the data subject - before the court of the residence or place of residence of the data subject. A foreign citizen can also file a complaint with the competent supervisory authority according to his place of residence.

We ask that you contact our company before filing your complaint with the supervisory authority or the court - in order to negotiate and resolve the problem as quickly as possible.

 What are the main governing laws for our activities?

Regulation (EU) 2016/679 of the European Parliament and of the Council on the processing of personal data of natural persons (GDPR)

CXII of 2011 on the right to information self-determination and freedom of information. law - (Info tv.)

Act V of 2013 on the Civil Code (Ptk.)

CVIII of 2001 on certain issues of electronic commercial services and services related to the information society. law - (Eker tv.)

Act C of 2003 on electronic communications - (Ehtv)

CLV of 1997 on consumer protection. law (Fogiv tv.)

CLXV of 2013 on complaints and notifications of public interest. law. (Pktv.)

XLVIII of 2008 on the basic conditions and certain limitations of economic advertising activity. law (Grtv.)

Modification of data management information

Our company reserves the right to amend this Data Management Information, of which it will inform the affected parties in an appropriate manner. Information related to data management is published on the website www.gerecse.co.hu/data-protection