Security & Privacy

1. Introduction

Optimonk International Zrt. (4028 Debrecen, Kassai út 129, hereinafter referred to as the service provider, data) as a controller, is bound to recognize the contents of this legal notice. It undertakes all activities related to data management meets the requirements defined in these Rules and the applicable legislation.

Optimonk International Zrt. reserves its right in this prospectus to change the law at any time. Of course, the public should be notified of any change in time.

If Users had any questions, which  is not clear in this notice, please write to us, and our colleague will answer your question.

Optimonk International Zrt. is committed to protect the user’s and its partners personal data, highlights the importance of respecting  clients’ right to informational self-determination. Optimonk International Zrt. takes the privacy of personal information and take any safety, technical and organizational measures to guarantee data security.

Optimonk International Zrt. privacy principles described below, describes the expectations that were formulated both for itself and for the  controller and observe. Privacy Principles are consistent with current legislation relating to data protection, in particular the following:

1992 year LXIII. Act – Protection of the public data (hereinafter referred to as the Data Protection);

1995 year CXIX. law – Handling name and address data for the purposes of research and direct marketing (Katv.);

2000 year  Act C – Law of Accounting; (Számv. TV.)

2001 CVIII. law – certain aspects of electronic commerce services and information society services; (Eker. TV.)

2008 year XLVIII. law – the basic conditions of economic advertising and its certain limitations (Grt.).

2. Definitions

2.1. Personal data: means any natural person specific (identified or identifiable) (relevant) associated with the data, conclusion can be deductible from this data. The personal data will retain its quality during the processing of data as the data connection can be restored. A person can be considered identifiable if he can be identified by name, identification number or by one or more factors specific to his physical, physiological, mental, economic, cultural or social identity – either directly or indirectly;

2.2 Approval: the definite and voluntary expression of the wish of the relevant person, which is based on appropriate information and with which he consents unambiguously to the management of personal data concerning him – either wholly or partly;

2.3. Protest: the statement of the relevant person, which criticizes the handling of personal data and calls for the elimination of data management and asks for managed data deletion;

2.4. Data processor: means any natural or legal person or entity without legal personality, who determines the purpose of managing the data, makes decisions on data processing (including the device used) and implement or enforce a contracted data processor;

2.5.Data handling: Regardless of the method used in the data operation or set of operations, such as collection, recording, organization, storage, alteration, use, transfer, disclosure, alignment, combination, blocking, erasure or destruction, as well as preventing further use of the data. Photographing data, voice or video shooting and recording of physical characteristics for identification purposes (such as fingerprints, palm prints, DNA samples and iris images) are also considered data handling;

2.6. Data transfer: means that data are made available for a defined third person;

2.7. Publicizing: means that data are made available for anybody;

2.8.Data deletion: is making data unrecognizable in such a way that the restoration is no longer possible;

2.9.Data blocking: making the transmission, knowledge, disclosure, modification, alteration, destruction, erasure, interconnection and coordination of data and making use of them  impossible for a fixed period or permanently;

2.10.Data destruction: the complete physical destruction of data or the media containing them;

2.11. Data procession: technical tasks related to data management operations, regardless of methods or means, the location of the application used to perform the operation;

2.12.Data prosessor: means any natural or legal person or entity without legal personality who or which processes personal data on behalf of the controller;

2.13.Third party: means any natural or legal person or organization without legal personality, which or who is not the data subject, the data controller or the data processor;

2.14.Third country means any State which is not an EEA state.

3. Principles in the management of data of Optimonk International Zrt.

Personal data may be processed only if
a) to the relevant consent or
b) the act or – on the authority of law, within the defined scope – a local government orders.

Incompetent and limited legal capacity of minors, the consent of the legal guardian’s statement is required, except for service parts, where the statement targets mass registration occurring in everyday life, and does not require any special consideration.

Personal data must be treated only for specified purposes practising rights and fulfillment of obligations. All stages of the data processing must be complied with this purpose.

Only such personal data can be processed which are essential for realization of the purpose of the processing, suitable for achieving the purpose, only to the extent and for the time necessary to achieve that purpose.
Personal data can only be processed to the consent based on adequate information.

The person concerned – unambiguously, comprehensively and detailed – must be informed of all the facts relating to the management of data, in particular the person authorized to carry the data management and legal basis of data management and data processing, data duration of treatment, and about who can learn the data. The information should include the rights and remedies relating to data management involved.

Personal data undergoing processing shall comply with the following requirements:

a) obtained and processed fairly and lawfully;
b) accurate, complete and up to date if necessary;
c) method of their storing makes possible the identification of the person concerned permitted for no longer than necessary for the purpose of storing the data.

It can be used without limitation, general and uniform personal identification is prohibited.

Personal data can be transferred and a variety of data management may be connected, if it is permitted by the person concerned or law, and if the conditions are met for each of the data processing of the personal data.

Personal data (including special data) from the country – regardless of the medium or the method of data – data management and data processing to a third country to be transmitted if the person concerned has explicitly consented to or permitted by law, and in the third country of the transmitted data adequate level of protection of personal data provided in the treatment or processing. Data transfer to the EEA States shall be considered as data transfer within the territory of the Republic of Hungary.

4. The scope of personal data, the purpose of processing, title and duration

Management activities of Optimonk International Zrt. based on voluntary consent. However, in some cases laws make it mandatory the treatment of a range of specified data, storage, transmission, about which we inform the public.

Optimonk International Zrt. draws the informants attention that if they provide personal data not their personal, the data transmission is obliged to obtain the consent of the person concerned.

4.1. Data of visitors to the site

Objective of data management: During the visit of the portal Optimonk International Zrt. captures the visitor information in order to fulfill a service control function, and prevent abuses.

The legal basis of data management: the consent of the person concerned, the 2001 year CVIII Law 13 / A § (3) concerning certain aspects of the e-commerce services and information society services.

The range of managed data: date and time of the visit, the visiting user’s computer’s IP address, browser type, the viewed and the previously visited website address.

Duration of data management: 3650 days after the visit of the site.

The html code present portal contains is independent from the Optimonk International Zrt., contains links arriving from an showing to an external server. Provider of these service links due to direct connection to their server has the ability to gather user data.

External servers support independent testing and auditing of website traffic and analytics data (Google Analytics). The management of the acquired data controllers can provide detailed information.

The service provider or designated third-party service provider places a small data packet so-called. cookie (cookies) to the user’s computer, and read them back. If your browser returns a previously saved cookie cookie management service has the possibility to link the user’s saved data during actual visit previously saved ones but only in respect of their contents.

The user can delete the cookie from his computer or disable the use of cookies in his browser. Cookies are usually treated in the Tools / Options menu in the browsers under the Privacy settings, under the name of cookie or cake designation is available here.

The following page uses Google Adwords remarketing codes. The reason for this to find visitors with remarketing ads through websites in the Google Display Network. Remarketing code uses cookies to label visitors. Visitors to the site can disable these cookies when they visit the Google Ads Preferences Manager and follow the instructions there. Then they will not appear personalized offers from the Optimonk International Zrt.

External service providers use so called web beacons to measure user behavior and advertising services in connection with the purpose of collecting information. Web beacons function similarly to cookies, but they are not possible to disable in the browser.

4.2. Registration and purchase

Subscriptions are only possible after registration.
Objective of data management: to identify and differentiate users from each other, to provide users more personalized service, eligibility to use certain services, to prepare user statistics, to manage orders, purchases, to fulfill and exercise obligations and rights of contracts, to fulfill the accounting requirement, to send newsletter.
The legal basis of data management: the voluntary consent of the person concerned certain aspects of the electronic commerce services as well as certain aspects of information society services on the basis of the 2001. year CVIII Law 13 / A and the 2008. year Act XLVIII Act § 6 (5) on essential advertising and marketing conditions and certain limitations.

The range of managed data: username, password, first and last name, e-mail addresses, phone numbers, fax numbers, company name, newsletter sign-up contribution, the date and time of registration, the date and time of the order, the order details.

The deadline to delete the data: ten years from the last login, for the specific contributions given to sending a newsletter is the withdrawal of consent. The accounting documents shall be kept for eight years due to 2000. year Act C on Accounting Law § 169 (2)

Data transmission: for online payment the transaction ID, the amount of purchase, the date and time of the transaction will be forwarded to the responsible CIB Bank Zrt. Personal data can be modified on the Data menu. The deletion of personal data – contacts, published in paragraph 6 of this prospectus may be requested – with the exception of accounting documents.

4.3. Newsletter

Objective of data management: sending newsletter e-mail containing business advertisement for those interested, informing on the current news, products.

The legal basis of data management: on the voluntary consent of the person concerned and 2008. year XLVIII Law Act § 6 (5) on conditions and certain basic limitations of economic advertising.

The range of managed data: identification number, name, email address, date, time.

Deadline of data deletion: until the withdrawal of the consent statement.

The prohibition of newsletters and transmission, deletion and modification of personal data can be asked for by clicking on the link provided in the newsletter or on the address provided in this information sent out by post in section 6.

4.4. The customer service correspondence

If you have a question, a problem while using our services you can contact with the editors of service in the given way in the Customer Service section.

Optimonk International Zrt. deletes incoming letters, with the sender’s name and email address together with voluntarily provided other personal information, five years after from the date of handling the case.

4.5. Other data processing

Data management issues not listed in this leaflet are given information about at data collection.

We inform our clients that the court, the prosecutor, the investigating authority, misdemeanor authority, the public authority, the Privacy Commissioner or other bodies on the authority of the laws may contact the data handler for the purpose of giving information of other authorities, giving data publication, provision of documents or information.

Optimonk International Zrt. – if the authority has set out the exact purpose and scope of data – personal data is given for the authorities only to the extent to, which is indispensable for achieving the purpose of the request.

5. The method of personal data storage and security of data management

The computer systems and other retentions can be found at the head office of Optimonk International Zrt., its data processors and servers run by Amazon Web Services.

Optimonk International Zrt. chooses and operates IT tools during personal information management that the managed data be:
a) available for the authorized persons (availability);
b) the credibility and validation provided (data management credibility);
c) unalteration can be justified (data integrity);
d) protected from unauthorized access (data confidentiality)

Optimonk International Zrt. shall ensure the protection of data security management with a technical, organizational and structural measures that provides adequate level of protection in relation to the data management risks.

Optimonk International Zrt. retains:
a) confidentiality: to protect the information that is only accessible to authorized persons;
b) integrity: to protect accuracy and completeness of the information and of the method of processing;
c) availability: making sure when the authorized user needs it, really be able to access the information and the tools be available in this regard through the treatment of data.

The computer system and network of Optimonk International Zrt. and its partners are protected against computer-assisted fraud, espionage, sabotage, vandalism, fire and flood, as well as computer viruses, computer break-ins and against attacks leading to refusal of services. The operator shall ensure the security of server-level and application-level security procedures.

We inform our users that electronic messages sent on the Internet are vulnerable, independently of the protocol (e-mail, web, ftp, etc) to network threats that lead to fraudulent activity, contract dispute or disclosure or modification of the information. The service provider takes all reasonable precautions against such threats. The systems are monitored to record any security differences, and to provide proof of all security events. The system monitoring also allows monitoring the effectiveness of the applied security measures.

6. The data and availability of the data handler

Name: Optimonk International Zrt.
Headquarters: 129 Kassai Rd, Debrecen, 4028
Company registration number: 09-10-000583
Name of the registry court Hajdu Bihar County Court, as the Court of Registry
Tax number: 26335498-2-09

Privacy Registration Number: Request is done, getting is in process.

7. The data and availability of data processor

Name: Pipedrive Inc.
Headquarters: 261 Hamilton Ave Suite 301 Palo Alto California 94301 USA

Name: Rocket Science Group
Headquarters: 512 Means Street, Suite 404, Atlanta, GA 30318

8. Legal redress options

The person concerned may request information about the processing of personal data, and can ask for correction of personal information, and – except for data processing provided by the law – the deletion of data collection the way expressed at data collection.

To request, Optimonk International Zrt. as data handler provides information about the data handled by it or the data that are processed by a data processor contracted by it, about the purpose of data management, the legal basis and duration, the processor’s name, address (seat) and the activities related to data management, and about whom and for what purpose the data were received. The data handler gives the information in the shortest time from the filing of the application, but not later than within 30 days in writing, in an intelligible form. This information is free of charge if the person concerned has not handed in an information request from the same area, the data in the current year. Otherwise, Optimonk International Zrt. charges a fee.

Optimonk International Zrt. deletes the personal data when handling is illegal, the question calls for the purpose of processing has been eliminated, or the deadline for storing the data specified in the Act has expired, the Privacy Commissioner or the court ordered.

Optimonk International Zrt. informs the person concerned and all those about the correction or deletion of the data subject, who had the data transferred for data management. The notification shall be ignored if the purpose of data management having regard to the legitimate interests of the person concerned is not affected.

Protest against the handling of personal data is concerned, if
a) the processing of personal data (transmission) only requires the controller or the data importer’s right or legitimate interest if it is ordered by law to manage the data;
b) the use or transmission of personal data for direct marketing, poll or scientific research;
c) the practice of the right to protest is otherwise permitted by law.

Optimonk International Zrt. – suspending data handling simultaneously – examines the objection as soon as possible after the handing in, but not later than 15 days, and informs the petitioner about the result in writing. If the protest is justified, the data handler removes and blocks data – including additional data collection and data forwarding -, and informs all for whom the personal data concerned by the objection about the action made on the basis of measures was forwarded before and who are required to take action to enforce the right to object.

If the person concerned does not agree with the decision taken by the data controller, he can go to court against it – within 30 days of being notified.

Optimonk International Zrt. can not delete the data of the persons concerned if the data processing was ordered by law. The data, however, can not be transmitted to the data recipient, if the data handler agreed with the objection or the court noted the objection justified.

In case of violation of his rights the person concerned can go to court against the data handler. The court shall give priority to the matter.

Optimonk International Zrt. compensates for unlawful processing of data of the person concerned or for the damage caused by the breach of the requirements of technical data protection. The controller shall be exempted from liability if the injury falls outside the scope of data management and unavoidable cause.

It does not compensate for the damage to the extent if it originates from the willful or grossly negligent behavior of the aggrieved party.

A legal redress option, a complaint may be lodged at the office of the Privacy Commissioner:

Name: Office of the Privacy Commissioner
Location: 22 Nádor St, Budapest, 1051
Address: PO Box 40, Budapest, 1387
Phone: 06 / 1 / 475-7186, 475-7100
Fax: 06 / 1 / 269-3541