Satill Web Kft (1211 Budapest, Mansfeld Péter u. 27., hereinafter: Satill Web Kft, service provider, data controller) as data controller undertakes to be bound by the contents of this legal statement. It undertakes to handle all data relating to its service in compliance with the provisions of this policy and the applicable law.
All data protection directives arising in connection with the online advertising page found under www.exportmarkets.com are continuously available on the www.exportmarkets.com website.
The Service Provider reserves the right to freely modify the contents hereof, duly informing users of the modifications.
The Data Controller provides Users with the possibility to ask unique questions not discussed in this data handling policy from the experts of the Data Controller. Even though the Service Provider is committed to providing the highest quality service, it does not assume liability for any damages that may arise from the usage of the system.
The Data Controller is committed to the protection of the personal data of its partners and users and values highly the informational autonomy rights of its clients. The Service Provider handles personal data confidentially and takes every safety, technical and organisational measure to guarantee the safety of data.
The Service Provider declares its data handling provisions below, presenting the expectations it has of itself and intends to follow as a data controller. Its data handling provisions are in compliance with the applicable law regarding data protection.
2.1 personal data: any data relating to any specific (identified or identifiable) natural person, any conclusion that can be drawn from such data regarding the person concerned. Personal data shall continue to be deemed as personal as long as its connection to the person concerned can be reconstructed. The person shall be viewed as identifiable especially if he/she can be - directly or indirectly - identified by name, identifying sign or any one or more factors relating to his/her physical, physiological, mental, economic, cultural or social identity;
2.2 consent: a voluntary, definite and duly informed statement of the wish of the person concerned, with which unequivocal consent is given to the personal data concerning the person to be handled - which may be full or limited to certain actions;
2.3 objection: the declaration of the person concerned with which he/she objects to the handling of his/her personal data and requests the termination of the data handling and the cancellation of the handled data;
2.4 data controller: any individual or organisation with or without legal personality that determines the purpose of the data handling, makes and executes decisions regarding the data handling (including the tool used) or has these executed by a data processor authorised by him/her/it;
2.5 data handling: any one or more actions completed with respect to the data, irrespective of the procedure used, including for example collecting, registering, recording, organising, storing, modifying, using, forwarding, publishing, coordinating or linking together, blocking, deleting, erasing and making further use of the data impossible. Taking photos, recording sound, image or any other physical feature on the basis of which and individual may be identified (e.g. finger or palm print, DNA sample, iris scan) are also considered as data handling;
2.6 data forwarding: if the data is made available to a specific third person;
2.7 publication: if the data is made available to anyone;
2.8 deletion of data: making the data unintelligible without the possibility of restoration;
2.9 data blocking: making it impossible for the data to be transmitted, reached, published, transformed, modified, eliminated, deleted, attached, coordinated or used permanently or for a certain period of time;
2.10 elimination of data: the complete physical destruction of the data or of the data carriers;
2.11 data processing: completing the technical tasks related to the data management processes, irrespective of the method and device used for the implementation of the tasks, or of the place of the application;
2.12 data processor: any individual or organisation with or without legal personality that performs personal data processing on behalf of the data controller;
2.13 third person: any individual or organisation with or without legal personality that is not identical with the concerned person, the data controller or the data processor;
2.14 third country: any country that is not a member of the European Economic Area.
3. Principles During Data Handling by the Service Provider
Personal data may be handled if
- the person concerned gives his/her consent or
- ordered by statute or - on the basis of authorisation by an act, in the specified area - by the decree of a local municipality.
For the consent of a minor or a legally incapacitated person the consent of a legal guardian is not necessary as such declarations are aimed at a registration that is generally concluded in large numbers and do not require special consideration (section (2) of § 12/C of the Ptk, the Hungarian Civil Code).
Personal data may only be handled for a specific purpose, in order to exercise a right or to fulfil an obligation. Every part of the data handling should fit such purpose.
Only such personal data may be handled that are essential for reaching the purpose of the data handling and are fit for achieving such purpose and only to the extent and for the time necessary for reaching the purpose.
Personal data may only be handled if the consent is based on sufficient information. The person concerned must be informed - unequivocally, clearly and in detail - regarding every fact relating to the handling of his/her data, especially regarding the purpose and legal basis of the data handling, the persons entitled to perform data handling and data processing, the time of data handling and the persons who may become aware of the data. The information provided must also cover the rights and legal remedies in connection with the data handling in question.
The personal data must conform to the following requirements:
- they are collected in a fair and legal way;
- they are precise, comprehensive and if necessary, up to date;
- their method of storage ensures that the persons concerned are only identifiable until the time necessary for the purpose of data storing.
It is forbidden to use a general and uniform personal identification code that can be used without limitation.
Personal data may be forwarded and different data handlings may be linked if the person concerned has consented thereto or if it is allowed by the law and if the conditions of data handling are met for each piece of personal data. Personal data (including special data as well) may only be forwarded to a data handler or data processer outside the country - irrespective of the data carrier or of the method of data transmission - if the person concerned has given their express consent thereto or if this is allowed by the law and the appropriate protection of personal data is secured in such third country during the handling or processing of the data provided. Any data transmission to any member state of the European Economic Area shall be considered as data transmission within the area of Hungary.
4. Range of Personal Data, Purpose, Legal Title and Period of Data Handling
Within the service, all data handling relating to the person concerned is based on voluntary consent.
4.1 The data of visitors to the website: During the use of the portal, the Data Controller may record the internet, geological and visitation data of users - for technical purposes and to create statistics regarding user habits.
In order to customise the service, the service provider may place a small data package, a so-called cookie on the computer of the user.
The service provider may ensure as a technical co-operator that third persons, especially Google Inc., cooperating with the service provider during the visitation of the websites, record with cookies if the user has already visited the website of the service provider earlier and to display advertisements to the user on the basis of this.
4.2 Recording Data on the Website by External Service Providers
The exportmarkets.com website may contain links that are independent of the Data Controller, arrive from external servers and link to external servers. External service providers have no access to personal data, the Service Provider only provides access to aggregate data.
4.3 User Database
In the user database, the Service Provider handles the user’s e-mail address, the date of his/her registration and his/her internet and geological data at the time of registration. These data are essential for identification and for staying in touch. In addition, the database contains whether the user requested the newsletter or not. The Service Provider defines requesting data regarding newsletters in a separate point. Data may only be deleted from the user’s own user account. Deleting the user account terminates the data handling.
4.4. Data Handling Relating to Advertisements
When uploading advertisements, further personal data may be provided in addition to those listed in point 4.3, such as: address, telephone number, web page, other contact information, the visibility of which data can be customised by the user.
4.5. Newsletter and Other Notifications
The Service Provider informs users who requested newsletters in regular (usually) weekly newsletters. The contents of such newsletters may vary on the basis of the data provided by the users.
The system of the Data Controller occasionally sends notifications closely related to the service (system notifications).
In addition to the above, the system of the Service Provider may send other messages as well - contained in the service itself.
The Service Provider can be contacted using the form on the website or via e-mail. The Service Provider uses such messages only in accordance with their purposes and archives them after the case is finally settled.
4.7 Other Data Handlings
We will provide information regarding data handlings not listed herein when recording such data. We may request the copy of a photo ID when verifying the registration data (security data check). The security data check is a separate data handling, we provide additional information regarding the purpose and conditions of the data handling when requesting the data. We inform users that courts, prosecutors and investigating authorities may request the Service Provider to provide information, data or documents (§ 71 of the Code of Criminal Procedure).
The Data Controller only provides authorities with personal data in a quantity and to the extent essentially necessary for achieving the purpose of the request - if the authority has specified the precise purpose and range of the data requested.
5. Method of Storing Personal Data, Data Handling Safety
The servers of exportmarkets.com have been placed into an environment supervised by Amazon Web Services, Inc., the operator.
The Data Controller chooses and operates the information technology tools used for handling data and providing the service in a way that ensures that the handled data:
- is available to those who are authorised (availability);
- their credibility and certifying is ensured (data handling credibility);
- their integrity is verifiable (data integrity);
- they are protected against unauthorised access (data confidentiality).
The Service Provider shall ensure the protection of data handling safety with such technological, organisational and corporate measures that provide an adequate level of protection against the risks arising in connection with data handling.
During the data handling, the Service Provider safeguards
- confidentiality: protects the information so that only authorised persons have access;
- integrity: protects the preciseness and comprehensiveness of the information and the method of processing;
- availability: ensures that authorised users can access the required information when needed and all related tools are available as well.
The information technology system and network of Satill Web are protected against computer fraud, spying, sabotage, vandalism, fire and flood, computer viruses, computer hacks and attacks leading to lack of service. The operator ensures safety with server level and application level protection procedures. We inform users that regardless of protocol (e-mail, web, ftp, etc), the electronic messages sent on the internet are vulnerable to network threats that lead to immoral activities, to contract disputes or to discovering or modifying information. The service provider makes every reasonable effort to provide protection from such threats. The systems are monitored in order to record every security anomaly and to provide evidence in the case of every security event. In addition, system monitoring allows for the efficiency of the employed safety measures to be monitored as well.
6. Data, Contact Details of the Data Controller
Name: Satill Web Kft.
Address: 1211 Budapest, Mansfeld Péter u.27.
Corporate registration number: 01-09-996147
Tax number: 24219738-2-43
7. Data Processor
The user database is handled and the uploaded advertisements are stored by Satill Web Kft as data processor.
8. Data Forwarding
The Operator occasionally forwards data to Coface for verification and examination.
The range of forwarded data: company name and address
Purpose of data forwarding: company certification and qualification
9. Legal Remedies
Persons concerned may request information regarding the handling of his/her personal data and may request the correction or - with the exceptions specified by the law - deletion of his/her personal data in the way specified when registering or via the client service desk.
If requested, Satill Web Kft as data controller provides information regarding the data handled by it or processed by the processor authorised by it, the purpose, legal basis, term of the data handling, the name, address (seat) of the data processor and its activities in connection with the data handling and regarding who and for what purpose receive or received the data. The data controller provides its clear and written answer within the shortest time possible, but no later than within 30 days from the submission of the request. The information is provided free of charge if the applicant has not already submitted a previous request in the same field to the same data controller. In other cases Satill Web Kft will have its costs reimbursed.
Satill Web Kft deletes personal data if
- their handling is illegal,
- this is requested by a person concerned,
- the purpose of data handling no longer exists,
- the statutory deadline for storing the data has expired,
- ordered to do so by a court or by the data protection supervisor.
Satill Web Kft notifies the person concerned of the correction or deletion and also all persons to whom the data was earlier forwarded for the purpose of data handling. Such notification can be omitted if this is not against the lawful interest of a person concerned, with regard to the purpose of the data handling.
The person concerned may object to the handling of his/her personal data if
- the handling (forwarding) of personal data is only necessary for enforcing any right or lawful interest of the data controller or the recipient of the data unless the data handling is prescribed by the law;
- the usage or forwarding of personal data is for the purpose of direct business recruitment, opinion polling or scientific research;
- if the law otherwise provides the possibility of objections.
Satill Web Kft - suspends the data handling and - evaluates the objection within the shortest time possible, but no later than 15 days following the submission of the objection and informs the applicant of the outcome thereof in writing. If the objection was justified, the data controller terminates the data handling - including any further recording or forwarding of data - and blocks the data, subsequently informing everyone of the objection and the measure taken on its basis who have earlier received the data being the subject of the objection and who are obliged to take steps to ensure the right of objection. If the person concerned does not agree with the data controller’s decision, he/she may file an appeal with a court - within 30 days of being informed of the decision.
Satill Web Kft may not delete the data of the person concerned if the data handling is prescribed by the law. However, the data may not be forwarded to the data receiver if the data controller agrees with the objection or a court has confirmed the legality of the objection.
Any person concerned may file a petition with a court against the data controller if his/her rights have been violated. The Operator is exempt from any liability if the damage caused by the data handling was due to an unavoidable cause or the negligence of the user.
Complaints or demands for damages can be filed with court or with the National Authority for Data Protection and Freedom of Information:
Seat: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Postal address: 1534 Budapest, Pf.: 834
Telephone: +36 (1) 391-1400
Facsimile: +36 (1) 391-1410