Privacy Policy

I acknowledge the following personal data stored in the user account of W.R.F. KFT. (9200 Mosonmagyaróvár, Április u. 2.) in the user database of icct2020.com will be handed over to OTP Mobil Ltd. (1143 Budapest, Hungária körút 17-19.) and is trusted as data processor. The data transferred by the data controller are the following:
– name
– e-mail address
– phone number
– billing address
– shipping address

The nature and purpose of the data processing activity performed by the data processor in the SimplePay Privacy Policy can be found at the following link:
http://simplepay.hu/vasarlo-aff

We handle and protect your personal data with the utmost care. In this privacy policy we show how we process data and how we respect your rights to access, correction, transfer, withdrawal, opposition and removal.

In the course of its operations, the Service Provider carries out the data management activities contained in this information, which is why it considers it important to present the processing of the personal data to the persons concerned, its most important characteristics and circumstances.

Terms used in this prospectus shall be used in Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Regulation 95/46 / EC ( hereinafter referred to as "GDPR"), as well as Act CXII of 2011 on Information Self-Determination and Freedom of Information. shall be interpreted in accordance with the definitions set forth in Act IV (hereinafter: Info tv.I. Rights of the data subjects and conditions for their enforcement.

Who manages your personal information?

Data and contact info of the Data Controller (service provider)
Name of the Data Controller: W.R.F. KFT.
Corporate seat: 9200 Mosonmagyaróvár, Április u. 2.
Postal address: 9200 Mosonmagyaróvár, Április u. 2.
Data Protection Officer: Tarján Emőke
Call centre: 0036305281918
E-mail address of the call centre: info@icct2020.com

Place and contact info of handling of complaints: 9200 Mosonmagyaróvár, Április u. 2.

 

What principles does the Service Provider consider important when handling personal data?

In the course of its data management activities, the Service Provider respects the personal rights of the data subjects, in the course of which its personal data are processed in compliance with the
applicable legal regulations. In this regard, it warrants the enforcement of the General DataProtection Regulation as well as Info TV and the specific legislation governing specific data processing. In order to provide the service, only personal data that are relevant and relevant to the purposes of the processing, will be processed for the time necessary to achieve the purposes of the processing, and the security of the personal data provided shall be protected by to ensure the confidentiality, integrity and availability of personal information. The Service Provider shall be responsible for the accurate management of the personal data provided by you with the same content after the personal data have been provided.3. categories of persons affected
Persons using the services defined below are affected by this data processing activity.

To whom is your personal data transferred?

The Service Provider may contact a public authority (in particular, a law enforcement agency, investigating authority, prosecutor, court, other administrative authority, the National Data Protection and Freedom of Information Authority) or other data controller for the purpose of disclosing, accessing and transmitting personal data it handles. Provided the requesting authority
specifies in its request the information requested, the purpose and legal basis of the request and the execution of the request is not contrary to law, the personal data strictly necessary for the purpose of the request shall be provided.
Except in the above cases and without your consent, personal data will not be transferred to any
other controller.

4. Legal grounds for data management Personal data can be managed if

a) the data subject has given his consent to the processing of his personal data for one or more specific purposes;

b) processing is necessary for the performance of a contract to which the data subject is a party, or in order to take action at the request of the data subject prior to the conclusion of the contract;

c) the processing is necessary for compliance with a legal obligation to which the controller is subject;

d) the processing is necessary for the protection of the vital interests of the data subject or another natural person;

e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

f) the processing is necessary to safeguard the legitimate interests of the controller or of a third party, unless those interests are overridden by the interests or fundamental rights and freedoms of  he data subject which require the protection of personal data, in particular if the data subject is a child.

 

The data subject shall have the right to withdraw his or her consent at any time. Withdrawal of the consent shall not affect the legality of the consent based data management prior to the withdrawal. The data subject must be informed before consent is given. Withdrawal of consent should be possible in the same simple manner as the withdrawal of consent. Where personal data have been collected on the basis of the consent of the data subject, the Service Provider shall, unless otherwise provided by law-

a) to fulfill its legal obligation, or

b) for the purpose of pursuing a legitimate interest of one’s own or that of a third party in so far as the exercise of that interest is proportionate to the restriction of the right to the protection of
personal data, without further specific consent or after withdrawal of the data subject;s consent.

5. What rights do you have with regard to the personal data managed by the Service Provider?

The data subject has the following rights with respect to data management under the GDPR Regulation; the deadline for completion is one month after receipt of the request or request:

● the right to information and access, where the data subject has the right to receive feedback from the controller that his or her personal data are being processed and, if so, to have access
to the personal data and the personal data of the data subject; the categories of data, the purposes of the processing, the categories of recipients or recipients to whom the personal data have been or will be communicated,where appropriate, the intended period for which the personal data will be stored or, where this is not possible, the criteria for determining this period and the right of the data subject to request the rectification, erasure or restriction of processing of personal data concerning him or her, and the right to lodge a complaint with a supervisory authority.

● the right of rectification, whereby the data subject has the right to rectify any personal data relating to him without undue delay and, taking into account the purpose of the processing, the data subject is entitled to request, inter alia, a supplementary statement extension.

● the right of deletion, which entitles the data subject to delete, without undue delay, upon request, the personal data relating to him or her which are processed on the basis of consent.

● the right to limitation of data processing, whereby the data subject has the right to request, at his / her request, a data processing restriction where the data subject disputes the accuracy of the
personal data or is unlawful and objects to the deletion of the data; the controller no longer needs the personal data for the purpose of processing the data, but the data subject requires them to make, assert or defend a legal claim, or if the data subject has objected to the processing, in which case the restriction applies until it is established that whether the data controller legitimate reasons take precedence over the legitimate interests of the data subject.

● the right to limitation of data processing, whereby the data subject has the right to request, at his / her request, a data processing restriction where the data subject disputes the accuracy of the personal data or is unlawful and objects to the deletion of the data; the controller no longer needs the personal data for the purpose of processing the data, but the data subject requires them to make, assert or defend a legal claim, or if the data subject has objected to the processing, in which case the restriction applies until it is established that whether the data controller legitimate reasons take precedence over the legitimate interests of the data subject.

● the right to object, in which case the data subject shall have the right to object at any time to the processing of his or her personal data for reasons relating to his or her situation, where such processing is necessary to safeguard the legitimate interests of the controller or a third party. The Service Provider shall not terminate the data management on the basis of the protest if the data processing is justified by compelling legitimate reasons, which take precedence over the interests, rights and freedoms of the data subject or related to the filing, enforcement or protection of legal claims.

Note This privacy policy is based on Article 13 of the General Data Protection Regulation and sets out the rights and obligations of the company with regard to external persons whose personal data it processes, mainly in the context of the sale and marketing of goods and services

Interpretative provisions

● Regulation, GDPR means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data;

● Infotv means Act CXII of 2011 on Informational Self-determination and Freedom of Information;

● Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

● Sensitive data means personal data relating to racial or ethnic origin, political opinion or preferred party, religion or beliefs, trade union membership, sex life, health status, addiction or criminal data.

● Genetic data means personal data relating to the inherited or acquired genetic characteristics of a natural person which give unique information about the physiology or the health of that natural person and which result, in particular, from an analysis of a biological sample from the natural person in question;

● Biometric data means personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopic data;

● Data concerning health means personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status;

● Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

● Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

● Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

● Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients;

● Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;

● Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

● Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, reliability, behaviour, location or movements;

● Personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;

● Authority: Hungarian National Authority for Data Protection and Freedom of Information,

● Individual cases of data management1. Requests for marketing purposes

Purpose of data management

The purpose of providing the service is data processing in case of registration and marketing requests, newsletter sending is to continue using the website interface, providing the service, sending electronic messages (emails) containing advertisements and personalized ads.

Duration of data management

Until the registration / service is in place or the consent of the data subject is withdrawn (request for cancellation). Legal basis for data management The voluntary consent of Info tv.. 5 (1) (a) and Article 6 (1) (a) of the GDPR.

Scope of managed data

Name, email address, of the affected persons, or your phone number if you wish to provide it separately. Information on the use of cookies on the website The www.icct2020.com  website uses so-called cookies in connection with the use of the site. A cookie-alphanumeric information packet sent by the website to your browser in order to save certain settings, to facilitate the use of the website and to collect some relevant statistical information.

1. Types of cookies
Cookies can be "permanent" or "temporary" cookies. The persistent cookie is stored by the browser for a specified period of time (or until it is deleted), but the temporary cookie is not stored by the browser and is automatically deleted when you close the browser. Strictly necessary cookies are essential for the use of the website and allow the basic functionality of the website to be used. Otherwise, many features of this website will not be available to you. Cookies are used to improve the user experience by collecting information about the use of the website by users, such as which sites they most frequently visit or error messages they receive from the site. The information obtained from these will be used to improve the performance of the website. If you do not want to allow cookies, you can disable it in your browser settings. However, please note that if you disable cookies, some elements of some services may be partially or not used at all.

2. Disable cookies
If you do not consent to the setting of a cookie, you can do so by setting it in your browser.3. Legal background for cookies and legal basis for their use Article 6 of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Regulation 95/46 / EC Pursuant to paragraph 1 (a), your consent to the processing of your personal data is created by you and can be revoked at any time, without prejudice to the lawfulness of the processing of your data prior to such revocation.

Possibilities of the  user to exercise its rights

The user may seek the help of Hungarian National Authority for Data Protection and Freedom of Information if his or her inherent rights are violated or in cases stipulated by the Regulation and the user is entitled to file a lawsuit to the competent superior court within the geographical area in which the he or she resides or within the geographical area in which his or her usual residence is – subject to his or her choice:

Name: Hungarian National Authority for Data Protection and Freedom of Information
Postal address: 1530 Budapest, Pf.: 5.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.
Telephone: +36 (1) 391-1400
Facsimile: +36 (1) 391-1410
Web: naih.hu
E-mail: ugyfelszolgalat@naih.hu

AMENDMENTS OF THE the right to information and access, where the data subject has the right to receive feedback

The Data Controller preserves the rights to amend or update this policy any time without prior notification and to publish the updated version on its website. Amendments only apply to Personal data that are collected after the disclosure of the amended version. The Policy in effect from time to time is available at the following link: www.icct2020.com

Please, check our Policy regularly to follow the amendments and to obtain information whether you are subject to the amendments.

Latest update: 25.11.2019