(effective from 24.10.2019)
ENET Internet Research and Consulting Ltd. (hereinafter referred to as eNET, Company) processes personal data obtained or recorded in the course of its activities in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and those of Act CXII of 2011 on the Right to Self-Determination of Information and Freedom of Information, as follows.
Purpose and scope of the prospectus:
The purpose of this prospectus is to set out the data protection and management principles applied by eNET and its data protection and management policy, which eNET, as the data controller, recognizes as binding on itself.
ENET, as the data controller, informs data subjects about the general information on the processing of personal data by publishing this prospectus.
Unless otherwise specified, the prospectus does not cover data processing carried out in the course of official proceedings.
eNET Internet Research and Consulting Ltd.
Headquarters: 5 Ipar Street, Budapest 1095
Tel: (+36 1) 373-0779, 373-0780
Data protection officer: Viktória Deme, phone: +36 1 373 07 79, e-mail: firstname.lastname@example.org
What principles do we follow in our data management?
Our Company follows the following principles in its data management:
a) We process your personal data lawfully and in a fair way, and transparently for you.
b) Personal data are only collected for specified, explicit and legitimate purposes and will not be processed in a way incompatible with those purposes.
c) The personal data we collect and process is appropriate and relevant to the purposes of the data processing and is limited to what is necessary.
d) Our Company takes all reasonable steps to ensure that the data we process is accurate and, where necessary, up-to-date, and inaccurate personal data are deleted or corrected immediately.
e) We store personal data in such a way that you can only be identified for the time necessary to achieve the purposes for which the personal data are processed.
f) We ensure that personal data is adequately protected against unauthorized or unlawful processing, accidental loss, destruction or damage to personal data by applying appropriate technical and organizational measures.
The way our Company handles your personal information:
a) We handle, collect, record, organize, store and use data with your prior informed consent and only to the extent necessary and in all cases for the intended purpose.
b) In some cases, the processing of your data is based on legal regulations and is mandatory, in which case we draw your attention to this fact.
c) In certain cases, our Company or a third party has a legitimate interest in the processing of your personal data, such as the operation, development and security of our website.
Data management information about the use of our website:
Name of data management
|Scope of data processed|
|Data handled during your visit to our website||Information provided when using the website.|
Data we manage:
At present, our website is for information purposes only, we do not ask to provide personal information.
If you have any questions regarding data management, you can request further information by sending an e-mail to email@example.com or a letter to our postal address, and we will send you our answer to the contact details you have provided within 25 days at the latest.
Legal basis for data management:
Name of data management
Legal basis for data management
|Data handled during your visit to our website||Your consent.|
Purpose of data management:
Name of data management
|Purpose of data management|
|Data handled during your visit to our website.||Website operation.|
Time of data management:
Name of data management
Time of data management:
|Data processed during the visit to our website||With regard to the technical data collected during the visit to our website, the time required for the purpose and registration is currently not included in our website.|
Whose data we handle, stakeholders:
Names of data management
Stakeholders of data management:
|Data processed during the visit to our website||Natural persons visiting our website|
What are cookies and how do we handle them?
There are cookies that do not require your prior consent. Our website provides brief information about these when you start your first visit, such as authentication, a multimedia player, load balancing, session cookies to help you customize your user interface, and user-centric security cookies.
If the data processing starts already by visiting the site, our Company will inform you about the cookies that require consent at the beginning of the first visit, and we will ask for your consent.
Our Company does not use or allow cookies that allow third parties to collect data without your consent.
Acceptance of cookies is not mandatory; however, our Company is not responsible if, in the absence of cookies, our website may not function as expected.
Details about third party cookies can be found here https://www.google.com/policies/technologies/types/, and information about privacy can be read here: https://www.google.com/analytics/learn/privacy.html?hl=hu.
Additional data management information:
We may only transfer your data within the limits set by law, and in the case of our data processors, we ensure that your personal data may not be used for purposes contrary to your consent. Contributors and employees of our Company involved in data management and data processing are entitled to access your personal data to a predetermined extent, subject to the obligation of confidentiality.
Társaságunk külföldre a GDPR (V. fejezet) és az Infotv. vonatkozó rendelkezései alapján továbbíthat csak adatot.
A bíróság, az ügyészség és más hatóságok (pl. rendőrség, adóhivatal, Nemzeti Adatvédelmi és Információszabadság Hatóság) tájékoztatás adása, adatok közlése vagy iratok rendelkezésre bocsátása miatt megkereshetik Társaságunkat. Ezekben az esetekben adatszolgáltatási kötelezettségünket teljesítenünk kell, de csak a megkeresés céljának megvalósításához elengedhetetlenül szükséges mértékben.
Contributors and employees of our Company involved in data management and / or data processing are entitled to access your personal data to a predetermined extent, subject to the obligation of confidentiality.
We protect your personal information through appropriate technical and other measures and ensure the security and availability of your information, as well as protect it from unauthorized access, alteration, damage or disclosure, and any other unauthorized use.
As part of organizational measures, we control physical access to our buildings, train our employees on an ongoing basis, and keep paper-based documents secure. We use encryption, password protection and anti-virus software as part of our technical measures. However, please note that data transmission over the Internet is not considered to be a completely secure data transmission. Our Company makes every effort to make our processes as secure as possible, but we cannot take full responsibility for the transmission of data through our website, but we adhere to strict standards regarding the security of your data and the prevention of unauthorized access to the data we receive from our Company.
In order to provide high-quality service to our customers, our Company uses the following data processors:
|Kermann Technical Development and Consulting Ltd.||48 Röppentyű Street, Budapest 1139||IT services|
|HAVAS AUDIT Auditing Limited Liability Company||8 Kálvin Square, Nyíregyháza, 4400||auditor|
|Hajtás Pajtás Ltd.||20 Vörösmarty Street, Budapest 1074||delivery service|
If we change the scope of our data processors, the changes will be reflected in this prospectus.
What are your rights and remedies in relation to your data processing?
Right to information and access:
Through our Company’s contact information, you can request the following information from eNET in writing:
- what kind of personal data
- on what legal basis
- for what purpose
- from what source
- how long it is processed
- do we still process your personal data
- to whom, when, for what reason and to which personal data we have provided access or to whom your personal data was transferred.
In addition, you may request a copy of your personal information stored with our Company.
ENET will, upon your request for written information, provide the requested information within a maximum of 30 days in a response letter to the contact details provided in the request. We will also send you our reply electronically to your request sent electronically. If you would like to receive our response in a different way, please indicate this in your request.
We may refuse to provide information only in cases provided for by law, indicating the specific act and providing information on the possibility of legal redress or submitting an appeal to the Authority.
Right to rectification
Through the contact details of our Company, you can request in writing the modification or clarification of any of your personal information.
ENET will, upon your written request, provide the information to be modified without delay, but within a maximum of 30 days, and will notify you of this in the response letter provided in the request. We will also send you our reply electronically to your request sent electronically. If you would like to receive our response in a different way, please indicate this in your request.
Right to deletion of data
You can request the deletion of your personal data in writing through the contact details of our Company.
If the Company is required by law to further store your personal information, we will reject your request for deletion. If we do not have such a legal obligation, your data will be deleted without delay, but within a maximum of 30 days, and you will be notified in the reply letter sent to you at the contact details provided in the letter of request. We will also send you our reply electronically to your request sent electronically. If you would like to receive our response in a different way, please indicate this in your request.
Right to restrict data processing
You can request a restriction on the processing of your personal data in writing through the contact details of our Company. Restrictions on data processing mean that our Company may only store your personal data, we may only perform other data processing activities with the consent of the person requesting the restriction for the purpose of submitting a legal claim or in the public interest.
You can request a data restriction if:
- In your opinion, your information is inaccurate,
- You think your data has been handled illegally by eNET, but you do not want the data deleted,
- You require data management to enforce or protect your legal claim, but eNET no longer needs this data.
ENET will, upon your written request, comply with your request for data restriction without delay, but within a maximum of 30 days, and will notify you of this in a response letter sent to the contact details provided in the request. We will also send you our reply electronically to your request sent electronically. If you would like to receive our response in a different way, please indicate this in your request.
Right to withdraw consent
Through the contact details of our Company, you may withdraw your consent to data management in writing at any time during the data processing period. In the event of withdrawal of consent, the management of eNET carried out prior to withdrawal shall remain lawful.
ENET will, upon your written request, comply with your request for revocation of data processing without delay, but within a maximum of 30 days, and will notify you of this in a response letter sent to the contact details provided in the request. We will also send you a reply to your request electronically. If you would like to receive our response in a different way, please indicate this in your request.
Common rules for rectification, deletion, restriction and withdrawal
Our Company will notify you of the rectification, restriction and deletion of personal data, as well as all those to whom you have previously transferred your data for data processing purposes, unless failure to do so would not harm your legitimate interests.
If we do not comply with your request for rectification, restriction or deletion, we will inform you of the reasons for our refusal in writing or, with your consent, electronically as soon as possible after receipt of the request, and will inform you of the possibility of legal remedy and of submitting an appeal to the Authority.
If you object to the processing of your personal data, we will examine the objection as soon as possible after the application has been submitted (but no later than within 25 days) and will inform you in writing of our decision. If we have determined that your objection is well-founded, we will terminate the processing of data, including further data collection and transfer, and will notify all persons to whom we have previously transferred the personal data concerned of the objection and the action taken on it, and who are obliged to take action to enforce the right to object.
We will refuse to comply with your request if we prove that the processing is justified for compelling legitimate reasons which take precedence over your interests, rights and freedoms or which relate to the submission, enforcement or defence of legal claims. If you do not agree with our decision, or if we miss the deadline, you can go to court within 30 days of being notified of the decision or of the last day of the deadline.
If, in your opinion, our Company’s data processing has not complied with the legal requirements, you may request the eNET Data Protection Officer to take action, or you may take legal action.
In addition, by filing a complaint with the National Data Protection and Freedom of Information Authority (NAIH), you may initiate an investigation with a claim that your rights related to the processing of your personal data have been violated or are in imminent danger.
Contact details of the National Data Protection and Freedom of Information Authority:
National Data Protection and Freedom of Information Authority
Headquarters: 22/C Szilágyi Erzsébet fasor, Budapest 1125
Postal address: P.O.B.: 5, Budapest 1530
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
Before contacting the supervisory authority or going to court, please contact our Company for a consultation and to resolve any issues as quickly as possible.
Data protection lawsuits fall within the jurisdiction of the tribunal, which may, at the option of the data subject, be adjudicated in the court of the data subject’s domicile or of the place of residence. A foreign national may lodge a complaint with the competent supervisory authority according to his or her usual place of residence or employment.
What are the main laws governing our business?
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR)
- Act CXII of 2011 on the right to information self-determination and freedom of information
- Act V of 2013 on the Civil Code
- Act CVIII of 2001 on certain issues in electronic commerce services and information society services
- Act C of 2003 on electronic communications
- the CLV Act 1997 on consumer protection
- Act CLXV of 2013 on complaints and notices of public interest.
- Act XLVIII of 2008 on the basic conditions and certain restrictions of commercial advertising
Modification of the data management information