In this section, you can inform yourself on all aspects of our Privacy Policy and Protection of Personal Data of clients and other visitors of the web resource.

For general information, we would like to point out that our processing and protection of personal data policy complies with the General Data Protection Regulation of the European Union (REGULATION (EU) 2016/679, EU General Data Protection Regulation, entered into force 24 May 2016, full text of the law), which obliges us to strictly observe the confidentiality of Your personal information and notify You fully about the purposes and methods of its usage.

  1. Basic concepts used in accordance with the EU GDPR law

1.1 “Personal Data” mean any information that relates to an identified or identifiable natural person (“data subject”). An identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier (such as name, identification number, location data, online identifier, or one or more factors characteristic of a physical, physiological, genetic, mental, economic, cultural or social identity of the natural person).

What does the concept of “personal data” mean:

  • FULL NAME;
  • home address;
  • email address such as “Firstname.Surname@company.com”;
  • passport or ID card number;
  • location data (such as the location data function on a mobile phone)
  • Internet Protocol (IP) address;
  • cookie file identifier;
  • advertisement identifier of your phone;
  • Your preferences for certain types of goods, services, etc.

Who are our data subjects:

  • our customers / clients;
  • all legal and natural persons who had orderd any Deskamtic.eu services;
  • participants of our forum;
  • subscribers to our news;

Also, every visitor to our website is a potential data subject

1.2 “Processing” – any operation or set of operations that are carried out with personal data, regardless of whether they are performed automatically or not. Examples of such operations are collecting, recording, organizing, structuring, storing, adapting or modifying, searching, using, disclosing by transmission, distribution or any other way of providing, aligning or combining, limiting, deleting or destroying;

1.3 “Controller“- a physical or legal person, agency or other body that independently determines the purposes and means of data processing.

In case that the purpose and method of such processing are determined by the legislation of the European Union or an EU Member State, the acting controller or specific criteria for his appointment may be determined by the legislation of the European Union or an individual EU Member State.

1.4 “Processor” – a natural or legal person, government agency, agency or other body that processes personal data on behalf of the controller;

1.5 “Recipient” is a natural or legal person, government agency, agency or other body that gains access to personal data, regardless of whether it is a third party or not.

However, public authorities that are authorized to receive personal data as part of a specific request in accordance with the legislation of the European Union or an EU member state should not be considered as recipients. The processing of data by these public authorities must be carried out in accordance with the data protection regulations in accordance with the purposes of the processing;

1.6 “Profiling” is any form of automated processing of personal data that involves the use of this information to evaluate certain personal information relating to an individual. In particular, for analyzing or predicting aspects related to the position and field of activity held by this individual, economic situation, state of health, personal preferences, interests, reliability, behavior of location or movement;

  1. Purposes of processing user data

We use our portal to digitally process your data for the following purposes:

2.1 Newsletter and Special Offers distribution – this feature includes both temporary discounts and exclusive offers.

2.2 A selection of advertising content based on the history of your search engine and keywords used by you on our web resource.

2.3 Conducting statistics on (1) regional trends, (2) determining popular goods / services.

In order to obtain the required amount of data, questionnaires are occasionally sent, additional windows are added for mandatory and optional filling when registering a client on the starimpex.biz web resource.

2.4 Gradual upgrade, improvement of our present as well as the development of new services based on user feedback and a history of behavior on our site.

  1. Distribution of personal data

Considering the nature of our cooperation with clients, personal information we receive is not disclosed to third parties!

In terms of processing personal data, the entire processing cycle takes place within STARIMPEX HUNGARY Kft. Acting as a controller and data processor, we do not cooperate with contractor companies for statistical or other engineering work with data. Instead, we either enter into contractual relationships with individual subcontractors or hire employees, which greatly reduces the likelihood of information leakage.

Your data can be disclosed to a third party only in two cases:

  • when selecting an advertising content, in accordance with paragraph 2.2. Privacy and Personal Data Protection Policy, within the framework of which the following user data can be taken for processing: name, login, history of clicks, searches and / or keywords;
  • in case of an official request by the authorized government agency of Hungary or the European Union, in accordance with Article 23 “Limitations”, paragraph 1, of the Law on the Protection of the European Union (EU) 2016/679 data.
  1. Confidentiality

In this section, you can learn in detail about the most important aspect of data protection – about the privacy principles of STARIMPEX HUNGARY Kft.

4.1 Considering that our work is based on procedural and organizational support for the activities of our clients, as well as on advertising services and products of our partners, the storage and non-disclosure of confidential information about our customers, partners and visitors to our resource plays a key role for us.

In connection with the foregoing, any data about the field of activity, plans, contacts, projects, competitors’ data and other undisclosed information from our customers and partners is considered by us as confidential data and is stored by us accordingly.

4.2 Confidential data can be disclosed by us only in the cases listed below:

  • при письменном согласии субъекта with the written consent of the subject´s data for the processing and disclosure of certain data for the purpose of advertising the services and / or goods of the subject. In this case, the data subject has the status of a partner or client of STARIMPEX, confirmed by a digital or paper format agreement.

Written confirmation of the consent of the  subject´s data for the disclosure of confidential information is a stored correspondence on the disclosure of a specific part or full amount of confidential data, containing the obvious consent of the subject.

  • in case of a official request by the authorized government agency of Hungary or the European Union, in accordance with Article 23 “Limitations”, paragraph 1, of the Law on the Protection of the European Union (EU) 2016/679 data.

In this case, the consent of the subject for the transfer of confidential information is not required, however, we undertake to notify the subject of this request at the first contact with the state structure submitting the request.

  1. Personal data archivation

5.1 According to Article 5 (1) and Preamble (39) of the European Union data protection law, the controller is obliged to provide substantial justification for the period of storage of personal data given by him, in order to avoid it´s abuse by the controller, processor or recipient.

In accordance with STARIMPEX HUNGARY Kft. Privacy and Data Protection Policy, users’ personal information is kept up to date by informing the user with an automated message every year.

The data is stored for three years from the date of termination of the contract with the STARIMPEX client, after which it undergoes a process of pseudonymization or anonymization..

5.2 Purposes of storing personal data:

  • Conducting statistics on the demand for individual services or goods, as well as keeping track of current trends;
  • Calculating the popularity of offered services / goods for the year ahead, based on the results of previous quarters / closings;
  • Tracking trends in the demand for a particular group of services or products;
  • Filtering and selection of the most popular advertising content, based on the history of the last five years..
  1. Data subject rights

According to the third (III) and fourth (IV) paragraphs of the General Data Protection Regulation of the European Union, the data subject has a wide range of rights in the management of it´s personal information and can give instructions to the controller / processor on their usage.

Below you can learn about the basic rights which You can use as a data subject.:

6.1 The right to be informed about the processes, purposes and methods of processing and using personal data, as well as about the existence of fundamental rights and the possibility of appeal of the data subject (Articles 13 and 14 of Law (EU) 2016/679).

The provision of this information must be guaranteed by the controller (Article 13, paragraph 2 of Act (EU) 2016/679).

The main provisions of this legal department:

6.1.1 The right to be informed about the processes, purposes and methods of processing and using personal data (Article 13, paragraph 1 of the law (EU) 2016/679).

For detailed information on our principles, namely with the purposes and methods of processing and use of your data, we advise to get informed about the articles 2-5 of Privacy Policy and Protection of Personal Data of our company.

6.1.2 The right to know about the existence of the fundamental rights of the subject such as the right to request the access and modification from the controller, deletion of personal data, processing restriction on data subject or complete refusal in the processing of it´s personal data, as well as the right to transfer the data.

6.1.3 The right to recall the consent for the subsequent processing and use of personal data, despite the initial consent of the subject. At the same time, this refusal does not affect the legality of the processing and usage of the already fulfilled personal data of the subject, for which the consent was given in the original form (Article 13, paragraph 2, section C of the law (EU) 2016/679).

6.1.4 The right to complain to the state supervisory authority, namely the Hungarian National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság), whose contact details can be found in the next chapter (7).

6.1.5 In the case of the controller intention of further processing of personal data for purposes other than those for which they were collected, the controller is obliged to inform in advance the subject of data about the new order and any change in its policy anyhow involving the use of the data subject.

6.2 The right of the subject to access his or her own personal data (Article 15 of the Law (EU) 2016/679), including the objectives and categories of its processing, recipients of information, provided period of the storage and the fundamental rights of the subject on the disposal of their data.

6.3 The right to make changes in personal data, within which the controller is obliged to correct the subject data as soon as possible after the relevant application subject (Article 16 of the Law (EU) 2016/679).

6.4 The right to destroy data or the “right to be forgotten“, according to which, if there is a relevant request from the subject and the presence of at least one of the circumstances listed below, the controller is obliged, depending on the application of the subject, to fully or partially ensure the destroyal of the subject’s data (Article 17 of Act (EU) 2016/679).

The circumstances that allow the usage of this right:

  • personal data are not required for the purposes for which they were collected or processed; for example, personal data are subject to destroyal or anonymization / pseudonymization due to the termination of the contract between the subject and STARIMPEX HUNGARY Kft;
  • withdrawal of consent by the date subject for the subsequent processing of his or her personal data, as described in paragraph 6.1.3. of our Policy;
  • the entry into force of the right to refuse the processing described in Article of Law  21(EU) 2016/679 (clause 6.7. of our Policy);
  • illegal processing of personal data;
  • personal data are subject to destroyal in order to comply with a legal obligation in the legislation of the European Union or its Member State to which the controller is complied.

Circumstances excluding the “right to be forgotten”:

  • a legal obligation according to which data subjects’ processing is required by a Member State of the EU or perform tasks for the benefit of society and the state;
  • data activation for public and scientific purposes, as well as in accordance with clause 5.2. our policy;
  • creation, exercise or defense of defense of law suit

6.5 The right to limitation of processing (Article 18 of the Law (EU) 2016/679).

This article gives the data subject the opportunity to instruct the controller on limiting the data processing in the following situations:

  • the accuracy of the personal data is disputed by the subject, allowing the controller to conduct a data examination within a specific period of time;
  • the processing is illegal and the data subject opposes the deleting of personal data and instead of it requests the restriction of their use;
  • the controller no longer needs the personal data for the purposes of processing, but the data subject requires them to establish, exercise or defend their legal requirements;
  • the subject exercised his right to refuse the processing of data, mentioned in article 21 of law (EU) 2016/679, summarized in clause 6.7. our Privacy and Personal Data Protection Policy.

6.6 The right to data portability, according to which the data subject has the right to personal data relating to him, which he had previously provided to a controller in a structured, widely used, and a computer-readable format and has the right to transfer the data to another controller without any intervention by the controller, who had originally processed the personal data of the subject (Article 20 of Act (EU) 2016/679)

6.7 Right to refuse the processing and use of personal data (Article 21 of Law (EU) 2016/679), including the following scenarios:

6.7.1 the data subject has the right to refuse the processing of his personal data (including profiling based on the personal information of the subject) due to personal reasons, based on paragraphs (e) or (f) of Article 6 (1). The controller no longer has to process personal data, unless he provides legal grounds for processing which shift the interests, rights and freedoms of the data subject to the background, as well as establishing, exercising or defending legal requirements;

6.7.2 in the case of using the data for direct marketing purposes, the subject has the right to suspend this process at any time by a written statement expressing his desire to the controller, to which the controller is obliged to respond positively;

6.7.3 If personal data are processed for the purpose of scientific or historical research, as well as for statistical purposes, in accordance with Article 89 (1), the data subject based on his or her particular situation, has the right to refuse the processing of the related personal data, unless the processing is necessary for the performance of tasks for the common good and scientific interest.

6.8 Automated individual decisions, including on profiling. Accordingly, the data subject has the right not to follow a decision based solely on automatic processing (incl. Profiling), which has a legal effect on it or similarly significantly affects it (Article 22 of the Law (EU GDPR 2016/679 )).

This right can be performed, with the exception of the following cases:

  • If an automated solution is necessary for the conclusion or execution of a contract between the data subject and the data controller;
  • If the automated solution is authorized by the legislation of the European Union or a Member State of the EU to which the controller is subject and which also establishes appropriate measures for the data subject´s rights, freedoms and legitimate interests protection;
  • If the automated decision is based on the unambiguous consent of the data subject.
  1. Information about the controller and the state supervisory authority of Hungary

6.1 Data of the controller, who is also the processor of personal data:

Full Company Name:  STARIMPEX HUNGARY KFT.
VAT number:  14266155-2-42
Registration Address:  1071 Budapest, Damjanich u. 26/a
Company contact for questions related to personal data:  office@starimpex.hu

 

6.2 Hungarian State Supervisory Authority contact information: 

Nemzeti Adatvédelmi és Információszabadság Hatóság / National Authority for Data Protection and Freedom of Information

 

H-1125 Budapest, Szilágyi Erzsébet fasor 22/C.

Tel.: +36 -1-391-1400

Fax: +36-1-391-1410

E-mail: privacy@naih.hu

Link: https://www.naih.hu/