Legal notices

Biorobotok Informatikai és Adatfeldolgozási Kft. (headquarters: 1221 Budapest, Tanító utca 24.; company registration number: 01-09-977142; VAT number: 23766000-2-43; hereunder: Service Provider) in the course of operating the website obu.utdij.hu/english (hereunder: Website) manages the data of the visitors of the Website and the registered users using the Website and its services (hereunder: collectively Person Concerned).

Regarding the data management process the Service Provider hereby informs the Persons Concerned on the personal data managed by Service Provider on the Website, on principles and practice followed by itself in the context of managing personal data, furthermore on modes and possibilities how Persons Concerned can exercise these rights.

By visiting the Website and in case of purchasing (order) by ticking the separate acceptance checkbox the Person Concerned accepts the terms stated in present Privacy Policy and gives his/her consent to the data management processes specified below.

The Service Provider expressly draws the attention to the fact that present Privacy Policy concerns only the management of personal data treated by him on the Website; the rules of data management during the fulfilment of toll declaration and fleet tracking services provided by the Service Provider are included in the relevant regulations (GTC) and/or in individual agreements.

1. Definitions

  • Person Concerned: any natural person who has been identified or – directly or indirectly – can be identified on the basis of defined specific personal data;
  • Personal data: any kind of information that can be associated with the Person Concerned – especially the name and the identification number of the Person Concerned as well one or more physical, physiological, mental, economic, cultural or social mark – as well as the conclusion relating to the Person Concerned that can be concluded;
  • Contribution: the voluntary and firm declaration of the will of the Person Concerned, based on appropriate information, with which he/she gives his/her unambiguous consent to handle his/her personal information, this concerns both the fully and the partial managament of personal data that are linked only to certain operations;
  • Objection: the declaration of the person concerned, with which he/she objects to the management of his/her personal data, therefore asks for the cancellation of the management or for the deletion of his/her data;
  • Data Manager: the natural or legal person, or unincorporated body which alone or jointly with others determines the purposes of the processing of data, makes decisions regarding data processing (including the tools) and implements such decisions itself or engages a data processor to execute them;
  • Data management: any or all operations performed on the data irrespective of the applied procedure, thus, in particular, their collection, recording, registering, sorting, storage, modification, use, query, forwarding, publication, harmonisation or connection, blocking, deletion and destruction as well as prevention of the additional use of the data, taking photos, making audio and video records as well as recording physical parameters suitable for the identification of the person (such as fingerprints or palm prints, DNA sample, iris image);
  • Data processing: fulfilment of technical tasks related to data management operation, irrespective of the method and instruments used for the execution of such operations and the place where it takes place, provided that such technical operations are carried out on the data;
  • Data processor: a natural person or legal entity or an organisation without legal entity, who or which performs personal data processing on behalf of the contract concluded with the data manager- including the conclusion of contract based on a provision of law;
  • disclosure by transmission: making data available to a specific third party;
  • public disclosure: making data available to the general public;
  • erasure of data: the destruction or elimination of data sufficient to make them irretrievable;
  • Blocking of data: the marking of stored data with the aim of limiting their processing in future permanently or for a predetermined period
  • Destruction of data: the complete physical destruction of the medium containing data;
  • Third party: any natural or legal person or unincorporated organization other than the Person Concerned subject, the data manager controller or the data processor.

2. PURPOSE OF DATA MANAGEMENT

Supplier shall control and store data provided by Data Subject under the principle of target-specific data processing and for the sole purposes of providing service available on the Website, managing contacts and identifying the user.

The purpose of the automatically recorded data is making statistics and making technical improvements on the IT system. Supplier shall and may not use the given data for purposes other than the ones set above. Handing data over to third persons and authorities–unless a legally binding law provides otherwise–may occur with the prior express consent of Data Subject.

In any cases when Supplier intends to use the data provided for a purpose other than the original, he shall notify Data Subject and acquires his/her express consent or provides an opportunity to prohibit such use.

3. LEGAL BASIS OF DATA MANAGEMENT

Processing of data shall be governed by Hungarian law, based on, in particular, section 5, paragraph 1, subsection a) of Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (hereinafter referred as: DPA) as well as on the voluntary, definite, clear and expressed consent of the users, and on Act CVIII of 2001 on Electronic Commerce and on Information Society Services.

Supplier does not verify the personal data given to him. The Person Concerned, as a contracting party, shall have sole responsibility for the authenticity of given data.

4. Denomination of Service Provider as Data Manager

  • Name: Biorobotok Informatikai és Adatfeldolgozási Kft.
  • Headquarters: 1221 Budapest, Tanító utca 24.
  • Mailing address: 1221 Budapest, Tanító utca 24.
  • Company registration number: 01-09-977142
  • Name of Registering Court: Fővárosi Törvényszék Cégbírósága
  • VAT number: 23766000-2-43
  • E-mail address: info@utdij.hu

5. Duration of data management

5.1. Data provided for the purpose of processing the order

Processing of personal data provided compulsively in the course of order shall end at the request of Person Concerned. Data deletion can be initiated at any time via email or postal mail. In such case the time limit for the deletion shall be no longer than 5 working days following receipt of the request.

5.2. Technical data

The system logs stored information for 10 years reckoned from the date of logging, except for the date of the last visit which shall be automatically overwritten by the system.

6. Scale of personal data management

6.1. Required data for order

During the process of ordering necessary for purchasing on the Website, the Person Concerned is required to provide the following data:

  • Name of the company or the individual
  • E-mail address
  • Phone number (mobile phone)
  • Name of the recipient
  • Headquarters / place of residence
  • Delivery address

The Person Concerned may also provide the following data in the course of ordering necessary for purchasing on the Website:

  • Tax number

The Person Concerned must provide the following information in the course of filling out the contact form for contacting us on the Website:

  • Name
  • E-mail address
  • Phone number

6.2. Technical Data

The data of the computer of Person Concerned used to login shall be considered as technical, which are generated by visiting the Website and which are automatically registered by Service Provider’s system in the course of the technical processes. These are, in particular, the date and time of the visit, IP address and web browser type of the computer of Person Concerned, the address of the viewed and last visited website.

The system stores automatically recorded information without the separate declaration or action of Person Concerned, when (s)he visits or leaves the Website. Such data shall not be connected to other personal user data, unless set forth by law. Only Service Provider shall access the data.

Service Provider may collect data on the activity of Person Concerned, which may be linked neither with other data provided by Person Concerned during the order nor data created through accessing other websites or services.

The html code of the Website may contain hyperlinks coming from or pointing to an external server, which are independent from Service Provider. The service providers of such hyperlinks may collect user data as a reason of directly connecting to their servers.

External servers help the independent measuring and auditing of the Website’s visitor information and other web analytics (Google Analytics). Data Managers are able to give detailed information to the Person Concerned on the managing of data.

Contact information: www.google.com/analytics/

6.3. Cookies

For the purpose of giving a personalized service, Service Provider respectively the designated external service providers place a small data package called ’cookie’ on the computer of Person Concerned. In case the browser returns a cookie stored earlier, the service provider managing the cookie may connect data saved during the current visit to the Website of the Person Concerned with previously saved data, but exclusively in respect of his own content.

The ’Help’ function found in most browsers’ menu bar contains information about the options of Person Concerned how hogyan tudja letiltani a cookie-kat,

  • to ban cookies,
  • to accept new cookies,
  • to direct his/her browser to set a new cookie or
  • to turn off other cookies.

In case Person Concerned requests Google Analytics to stop measuring the above mentioned data in the described way and for the described purpose, (s)he shall install the relevant blocking add-on.

7. THE SCOPE OF THE PERSONS GETTING TO KNOW THE DATA, DATA TRANSER,DATA PROCESSING

The Service Provider and his internal colleagues shall primarily have the right to information regarding data, who shall neither disclose nor transmit them to third parties without the consent of the Person Concerned.

The Service Provider shall not delegate the task of Data Processor to third party.

In addition to the above, transmission of personal data related to Person Concerned is possible exclusively in cases set forth by law, or with the consent of Person Concerned.

The following data of Persons Concerned are transmitted by the Service Provider to the GLS General Logistics Systems Hungary CsomagLogisztikai Kft. (headquarters: 2351 Alsónémedi, GLS Európa u. 2.; business registration number: 13-09-111755; VAT number: 12369410-2-44) in the course of the ordering process on the Website for delivering the ordered products through a courier service:

  • Company name or name of the individual
  • Delivery address
  • Phone number (mobile number)

By placing the order, the Person Concerned gives its consent to data transmission.

8. USER RIGHTS AND ENFORCEMENT ACTIONS

8.1. Right to information

The Person Concerned has the right to request information at any time about personal data managed by Service Provider concerning him/her.

Based on a request by the Person Concerned, Service Provider must inform the Person Concerned about the data managed by Service Provider related to the Person Concerned, the purpose, legal basis and period of data processing, furthermore, to whom and for what purpose Service Provider provides or has provided data of the Person Concerned. Service Provider must respond to the request for information in writing, within no more than 30 days reckoned from the submission of the request. Person Concerned may contact the Service Proder’s colleague concerning any question or comment in relation to data management through any availabilities specified in the point 8.3.

8.2. The Person Concerned may request the deletion, correction, locking

The Person Concerned is entitled to request at any time the correction or the deletion of his/her data not correctly recorded by using one of the following contact information. The Service Provider shall delete the data within 5 working days reckoned from receipt the request, in this case those information can not be restored again. The deletion does not concern data handlings that are necessary based on provisons of law (e.g. accounting principles), those data are preserved by the Service Provider for the period necessary.

In addition, the Person Concerned may request the data manager to lock his/her personal data. If requested by the Person Concerned, the Service Provider clocks the personal information, or if on the basis of the available information it is presumable that such deletion might hurt the legitimate interest of the concerned person. The personal data, locked in this way, can exclusively be treated so far until the purpose of the data management, excluding the deletion of the data, exists.

Both the concerned party and those who earlier received the data for the purpose of data management must be notified of any corrections, lockings and deletions. Such notification can be omitted if this doesn’t violate the concerned party’s legitimate interests regarding the purpose of data management.

If data manager doesn’t fulfill the concerned party’s request for correction, locking or deletion, they shall disclose the factual and legal reasons of refusing the request for correction, locking or deletion in writing, within 30 days after receiving such request.

8.3. The Person Concerned has the right to object to the handling of his/her personal data

The Person Concerned is entitled to object to the handling of his/her personal data. The Service Provider investigates the objection as soon as possible after the submission of the application, but at latest within 15 days, takes the decision whether the application is justified or not and shall inform the applicant of its decision in writing.

The Person Concerned can exercie his/her rights by using one of the following contact details:

  • Name: Biorobotok Informatikai és Adatfeldolgozási Kft.
  • Headquarters: 1221 Budapest, Tanító utca 24.
  • Mailing address: 1221 Budapest, Tanító utca 24.
  • Company registration number: 01-09-977142
  • Name of Registering Court: Fővárosi Törvényszék Cégbírósága
  • VAT number: 23766000-2-43
  • E-mail address: info@utdij.hu

8.4. Due to the Hungarian laws (Act CXII of 2011 and Act V of 2013 on the Civil Code) Person Concerned shall

1. lodge a complaint with the National Authority for Data Protection and Freedom of Information (22/c Szilágyi Erzsébet fasor Budapest 1125) or

2. assert his/her rights before courts

Supplier is entitled to claim damages in case Person Concerned provided third party’s data in the course of making a purchase, or caused damages in any manner during the usage of the Website. In such cases, Supplier provides all cooperation and support for the responsible authorities to establish the identity of the infringer.

9. USING E-MAIL ADDRESSES

The Supplier pays particular attention to the legality of managed electronic addresses, therefore the Supplier shall use them only in the following ways (information or advertisement) to send e-mails.

E-mail addresses are managed primarily to identify the Person Cocerned, to keep contact when using services, e-mails are sent only to fulfil these activities.

10. Data security

Service Provider is obliged to ensure the security of the data and to take the technical and organizational measures to ensure that the recorded data stored or handled are protected, and makes every effort in order to prevent their destruction, unauthorized use and unauthorized change. He also commits himself to calls for any third party to whom the data may be forwarded or transferred, for the fulfillment of its obligations in this respect.

11. Other provisions

The Service Provider reserves the right to unilaterally modify present Privacy Policy with prior notice to the Persons Concerned through internal e-mail system. The modification shall enter into force on the 30. day following the notification. Following the entry into force of the modification, by visiting the Website the Person Concerned declares his/her acceptance to the terms of the modified Privacy Policy by conduct.