GDPR

GDPR

PRIVACY POLICY

 

Dear Partner!

             

Ajkai Elektronikai Zrt. (Ajka 8400, Gyár u. 35, tax number 25955251-2-19) hereby informs you that the provisions of the European Parliament and Council Regulation (GDPR) 2016/679, Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (Information Act), and the Act V/2013 promulgating the Civil Code (Civil Code) regulate the processing of personal data in detail. The main rules of data management are herewith explained to you.

 

The processing of personal data must be lawfully and fair. Individuals should be transparent about how their personal information are collected, how and for how long will these be used, how and by whom can these be monitored. Ajkai Elektronikai Zrt. as data controller manages the personal data of its business partners and, in the case of a legal entity, the contact persons of the legal entity in accordance with the above laws and the Data Protection and Privacy Policy available on its website.

 

  1. Interpretative provisions

processor

any natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller

processing

any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction

controller

Ajkai Elektronikai Zrt. and any natural or legal person, public authority, agency or any other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law

data breach

a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed

recipient

a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing

data subject

is the employee, the natural person whose personal data is being processed

GDPR

Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Regulation 95/46 / EC (General Data Protection Regulation)

third party

any natural or legal person, public authority, agency or any other body which is not equal to recipient, controller, processor or persons authorized to process personal data under the direct control of the controller or processor

Information Act

Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information

consent of the data subject

any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her

personal data

any information relating to an identified or identifiable natural person ("recipient"); identifiable by a natural person who, directly or indirectly can be especially identified of one or more factors such as name, number, position, online identification or physical, physiological, genetic, mental, economic, cultural or social factors

special categories of personal data

personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as genetic and biometric data relating to the individual identification of natural persons, health data and personal data relating to the sexual life or sexual orientation of natural persons

 

  1. Principles of our data management

 

Our company follows below principles in its data management:

-          we process your personal information in a lawfully, fair and transparent manner.

-          we collect personal information only for specified, explicit and legitimate purposes and do not process it an incompatible way with the purpose.

-          the personal data we collect and process are adequate and relevant to the purposes of the data processing and are limited only to what is necessary.

-          Our Company will take all reasonable steps to ensure that the information we process are accurate and, where necessary, kept up to date, and that inaccurate personal information are deleted or rectified without delay.

-          we store personal data in a form that allows you to identify yourself only for the time necessary to achieve the purposes for which the personal information is processed.

-          we provide appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing, accidental loss, destruction or damage.

 

Our company will keep your personal data

-          based on your prior informed and voluntary consent, and only to the extent necessary and in all cases they will be handled for a specific purpose, recorded, filed, stored and used.

-          in some cases, the processing of your data is required by law and is mandatory, in which case we will specifically bring this matter to your attention.

-          or, in certain cases, the Company or a third party has a legitimate interest in managing your personal data, such as the operation, development and security of our website.

 

  1. Objectives of our data management

 

Our company may handle your personal data for multiple purposes, depending on the nature of your relationship with us or the entity you represent.

The purposes of managing your personal data may include the following:

-          Planning and establishing business relationships, for example in the form of communication, business meetings.

-          Receiving or making quotes, business tenders, contracting.

-          Take steps to complete contracts, execute, document workflows such as order processing, delivery and receipt of products, services, settle financial obligations.

-          Evaluating and developing business relationships, for example through customer or supplier satisfaction surveys.

-          Maintaining and controlling safe working and stay conditions in our company in terms of property, labor and health protection.

-          Recruitment, selection of potential workforce, for example through the processing of CVs and cover letters for job postings, job interviews and work psychology research papers.

-          Organizing, conducting, documenting events, special events in the form of partner meetings, competitions and related photos, recordings.

-          Fulfillment of legal obligations, provision of official data.

-          Management and settlement of legal dispute, litigation.

 

 

  1. Scope of data processed

 

For the purposes of the data management detailed above, our company typically manages the following personal data:

-          Contact information such as: name, position, telephone number (landline and mobile), email address, fax and postal address.

-          Data and information generated or required in the course of business and other collaboration, such as: signatures, business claims, commitments, business transaction data, special identifiers (e.g., Chamber Identification Number).

-          Data required to conduct financial transactions, such as: tax identification number (for individuals), bank account number.

-          Information needed to supervise and coordinate safe and legal employment, such as information about safety training, exams, validity of medical fitness, business activity authorities, documents of the qualifications.

-          Investigate various incidental events (eg accidents, violations of our regulations).

-          Related data if you or the entity you represent may be affected by such events.

-          Certificates and documents attesting to education, professional qualifications.

-          Camera and photo shoots taken at events we have organized.

-          Publicly available business information, such as freely available information in company credit report, media.

 

 

  1. Website related data management

 

You can contact the Company and send a message at http://ajkaelektron.hu/kapcsolat.

Your name, phone number, and e-mail address are required to send the message. The message can be sent only if the interested party agrees to the management of the data provided. The sending of the message is only permitted if the person expressly declares by ticking the box following the link to the Privacy Policy and acknowledges that he / she has read and agrees with the Company's Privacy Policy and expressly contribute to the handling of his / her data.

Contribution must be given for each email.

The message will be forwarded to ajkaelektron@ajkaelektron.hu after contribution.

 

  1. What are cookies and how we treat them?

 

Cookies are small data files ("cookies") that are sent to your computer by the use of the website through the website and stored and stored by your internet browser. Most commonly used web browsers (Chrome, Firefox, etc.) accept and allow the download and use of cookies by default, but it is up to you to refuse or disable them by changing your browser settings, the already stored cookies on your computer can be deleted.

 

 

Website visitors are monitored using free data analysis software called Google Analytics. To do this, the Google Analytics tracking code can be found in the source code of the web page.

The analytics software generates visitor statistics based on visitor IP addresses and user IDs.

The scope of the data being managed: IP adress | userID

Data management will continue until the consent statement is withdrawn, i.e. until you opt out. The processing time for data management for web analytics is 14 months.

 

For purposes of data management, the data will be transferred to the following Data Processors.

The collected data used for web analytics will be passed to the next service provider:

Google LLC

1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Our company does not use or allow cookies that allow third parties to collect data without your contribution.

Acceptance of cookies is not obligatory, however, our Company is not responsible if our website may not function as expected without the permission of cookies.

 

  1. Other data management rules

 

We can only transfer your data within the limits set by law and, in case of our data processors, by providing in their contractual terms that they may not use your personal data for purposes contrary to your contribution.

Our company does not transfer data abroad.

The court, the prosecution service and other authorities (eg police, tax office, National Authority for Data Protection and Freedom of Information) may contact our Company for information, disclosure or documentation. In these cases, we must meet our reporting obligations, but only to the extent necessary to achieve the purpose of the request.

Contributors and employees of our Company who are involved in the processing of data are entitled to know your personal data to the extent determined in advance, subject to the obligation of confidentiality.

We protect your personal information by appropriate technical and other arrangements, and ensure the security, availability, and protection against unauthorized access, alteration, damage or disclosure and any other unauthorized use.

As part of organizational arrangements, we control physical access in our buildings, continuously train our employees, and keep paper documents secure. Technical measures include encryption, password protection and anti-virus software. However, please note that the transmission of data over the Internet is not considered to be a fully secure transmission.

 

While we make every effort to ensure that the processes are as secure as possible, we cannot take full responsibility for the transmission of data through our website, but we do strictly enforce the data we receive to our company to protect your information and prevent unauthorized access.

 

 

  1. Rights of the data subject

 

About data management you can

-          request information,

-          request the rectification, modification or addition of personal data we hold,

-          object to data processing and request the deletion and blocking of your data (except for compulsory data processing),

-          have legal remedies before the courts,

-          complain or initiate proceedings with the supervisory authority (https://naih.hu/panaszuegyintezes-rendje.html).

Supervisory Authority: National Authority for Data Protection and Freedom of Information (https://naih.hu/panaszuegyintezes-rendje.html).

Headquarter: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.

Postal address: 1530 Budapest, Pf.: 5.

Telephone: +36 (1) 391-1400

Fax: +36 (1) 391-1410

E-mail:ugyfelszolgalat@naih.hu

Web page: https://naih.hu/

 

At your request, we will provide information about the data we or our trusted data processor process, or their source, the purpose and legal basis and the duration, if this is not possible, about the criteria for determining this period, the name and address of our data processors and their data processing activities, the circumstances, effects, and arrangements taken to prevent and avert them, and by the transfer of your personal data we provide the legal basis and recipient.

After submitting your request we will provide you with the information within the shortest time (but not more than 1 month). The information is free of charge unless you have already requested information from us for the same set of data in the current year. We will reimburse you for any costs you have already if your data has been unlawfully processed or a request for information has led to a correction. We can only refuse to provide information in cases specified by law, by stating the place of the law and by informing you of the possibility of legal remedy or of recourse to the Authority.

 

Our Company will notify you of the rectification, blocking, marking and deletion of your personal data and notify all those to whom you have previously transferred the data for the purposes of data processing, unless the non-notification does not prejudice your legitimate interest.

If your request for rectification, blocking or deletion is not fulfilled, we will reject it in writing or electronically within the shortest period of time after receipt of the request (but not later than 1 month) with your consent and inform you of the possibility of judicial remedy and of the possibility of appealing to the Authority.

If you object to the processing of your personal data, we will investigate the complaint as soon as possible after submitting your request (but not later than one month) and inform you in writing of our decision. If we have decided that your objection is warranted, we will terminate your data processing, including further data collection and transfer, and block the data, and notify all those to whom we have previously transferred the personal data affected by the objection and who are obliged to take action to enforce the right of objection.

We will refuse to comply with the request if we prove that the processing of your data is justified by compelling legitimate reasons, which take precedence over your interests, rights and freedoms, or that are related to the filing, enforcement or defense of legal claims. If you disagree with our decision or fail to meet the deadline, you can bring the matter to court within 30 days of the notification date of the decision or of the last day of the deadline.

The examination of data protection proceeding falls within the jurisdiction of the Tribunal and, at the option of the data subject, may be brought before the tribunal of the place of residence or place of habitation of the data subject. A foreign national may also complain to the supervisory authority of the place of residence.

 

Before contacting the supervisory authority or the court, we kindly ask you to contact our Company in order to settle the matter and resolve the issue as quickly as possible.