DATA PROCESSING INFORMATION - ANNEX 11 TO THE GDPR
STEEL-BUILDING Kft. as the operator of www.steelbuilding.hu hereby informs the visitors of its website how the Company processes the data of the users who are registered or not registered but request a quote (hereinafter: Users), what organisational and technical measures are implemented by the Company to protect such data, and what options are available for the Users for legal remedies.
Company name: STEEL-BUILDING KFT.
Registered office: 4233 BALKÁNY, BOCSKAI UTCA 18-22.
Company registration number: 15-09-072538
Tax no.: 13512635-2-15
Represented by: GÁBOR MIKLÓS KOVÁCS
Telephone number: +36-42-561-058
(hereinafter: Company or Controller)
Purpose and legal basis of data processing: The purpose of data processing is the request for quotation addressed to the Controller, by which the User requests information with regard to the services included in the Company’s website. Legal basis for data processing: the User’s consent.
Scope of processed data: Name, email address, telephone number of the User
Period of data processing Until the existence of the service or the withdrawal of the User’s consent.
Solely the personnel of the Controller and/or its collaborators shall have access to the personal data given by the Users and to the data automatically disclosed due to the technical operation. The Controller shall not transfer any personal data - except for its personnel and collaborators - to a third party. This shall not apply to any potential, mandatory data transfer required by law. The Controller, before fulfilling any data requests by the Authorities, shall check in respect of each data if the legal basis for data transfer exists and, if necessary, it shall seek the opinion of the National Authority for Data Protection and Freedom of Information. When you give your consent to the processing of your personal data, you also give consent to your data being transferred to the legal successor of the Controller. Upon your request the Controller will delete the User’s personal data before a handover to its legal successor.
The Controller shall make every effort to process and store data safely. The processed data are operated in a reliable, dedicated service environment with high availability.
We inform the Users that regardless of the protocol (email, web, ftp, etc.), electronic messages transmitted on the internet are vulnerable to network threats resulting in a dishonest activity, the contesting of the contract or the disclosure or amendment of the information. The Service Provider shall take every precaution that may be reasonably expected from it to offer protection against such threats. It shall monitor the systems to be able to register any security anomaly and provide evidence in the event of any security incidence. The monitoring of the system will also render it possible to check the effectiveness of the precautionary measures employed.
The persons concerned (hereinafter: Data Subjects) may request the Controller via the contact details provided in point 1 to provide information on the processing of their personal data, correct their personal data and delete or block their personal data - except for mandatory data processing.
Upon the request of the Data Subjects the Controller shall give information of the personal data of the Data Subjects processed or handled by it, the purpose, legal basis, period of data processing, the name, address and activity of the controller related to the data processing, furthermore, in the event of transferring the personal data of the Data Subject, it shall also inform him/her of the legal basis and the recipient of the transfer. Upon the request of the Data Subject the Controller shall provide information in writing within 30 days of receipt of the request. Such information provision is free of charge.
The Controller may refuse to provide information for the Data Subject solely in the cases specified in law. In the event of a refusal to provide information, the Controller shall inform the Data Subject in writing which section of the law was the basis for the refusal. In the event of a refusal to provide information, the Controller shall inform the Data Subject of his/her options for legal remedies.
If the personal data is incorrect and the correct personal data is available for the Controller, it shall be corrected by the Controller.
The personal data shall be deleted by the Controller if
The Controller shall block the personal data if it is requested by the Data Subject or if, based on the available information, it can be assumed that the deletion would infringe the legitimate interests of the Data Subject. The personal data thus blocked may only be processed until the purpose of data processing that excluded the deletion of personal data exists.
The Controller shall mark the personal data processed by it if the Data Subject disputes its correctness or accuracy but the correctness or accuracy of the personal data cannot be clearly established.
The Controller shall notify the Data Subject and all those to whom the personal data has been transferred for data processing of any correction, marking or deletion. Such notification may be omitted if this does not infringe the legitimate interests of the Data Subject with regard to the purpose data processing.
If the Controller does not fulfil the request of the Data Subject for correction, blocking or deletion, it shall inform the Data Subject of the factual and legal reasons for correction, blocking or deletion in writing within 30 days of receipt of the request. If the request for correction, deletion or blocking is refused, the Controller shall inform the Data Subject of the options for legal remedies.
The Data Subject may object to the processing of his/her personal data if
a) the processing (transfer) of personal data is solely required for fulfilling the legal obligation of the Controller or enforcing the legitimate interests of the Controller, data recipient or a third party, except for mandatory data processing;
b) the personal data is used or transmitted for obtaining direct business, public opinion polls or scientific research;
While simultaneously suspending data processing, STEEL-BUILDING Kft. shall investigate the objection within the shortest possible time but no later than within 15 days of the submission of the request, and shall inform the requester of the result in writing. If the objection is justified, the Controller shall terminate the data processing, including further data recording and data transfer. Furthermore, the Controller shall block the data and send notification with regard to the objection and the actions taken to all those for whom it has previously transmitted the personal data affected by of the objection and those who are obliged to take actions to enforce the right of objection.
If the person concerned does not agree with the decision made by the Controller, he/she may turn to the court within 30 days of the communication thereof. The Controller shall prove the lawfulness of the processing.
You can report any breach of law or its direct risk to the National Authority for Data Protection and Freedom of Information at the following address:
Nemzeti Adatvédelmi és Információszabadság Hatóság (Hungarian National Authority for Data Protection and Freedom of Information)
Mailing address: 1530 Budapest, Pf.: 5.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Telephone: +36 1 391-1400
Fax: +36 1 391-1410
The Controller reserves the right to amend its Data Processing Information. This may especially occur if the amendment is required as mandatory by applicable law. Amendment of data processing must not mean that the processing may depart from its original purpose. The Controller shall provide information on the amendment 15 days before the actual amendment.