PRIVACY POLICY
1. THE PURPOSE OF THE DOCUMENT
We accept this Document for the purpose of providing all relevant information to the representatives of natural and legal persons (hereinafter: the Clients) using our services in a concise, transparent, comprehensible and easily accessible form, and to assist the Clients in the exercise of their rights under Section 4.
The legal basis of our duty to communicate information is Article 12 of Regulation 2016/679 of the European Parliament and Council (hereinafter: GDPR) applicable from 25 May 2018, and the Section 20 of the 2011 CXII. Regulation (hereinafter: Information Act) which deals with the right to information self-determination and freedom of information.
In the Privacy Policy, we may define you as “data subject”, or “contact person of our business partners” in the following.
2. DATA MANAGER INFORMATION
Name: MORESIMP Ltd.
Registered seat: 2161 Csomád, Templom utca 15.
Registry number: 13-09-214893
Tax number: 23089112-2-13
Electronic contact: info@moresimp.com
Registering authority: Metropolitan Court of Registration
3. DATA MANAGER ACTIVITIES
3.1. Processing concerning contact
It is possible to contact us through our availabilities located on the website. Also, by communicating with our business partners, we process the personal data of their contact person. The details of these processing are described hereunder.
3.1.1. Processed personal data and purpose of processing
personal data | purpose of processing |
name | identification of the Data subject, or the contact person of our business partner |
phone number | contacting and communication with the Data subject, or the contact person of our business partner |
e-mail address | contacting and communication with the Data subject, or the contact person of our business partner |
3.1.2. Legal basis of processing
If you contact us through our website, we process your personal data on your freely given consent that you provide in the moment of your connection by phone or email (article 6 (1) a) of GDPR).
If you, as the representative of our business partners provide your personal data to communicate with us, the legal basis of processing personal data is the legitimate interest of us and our business partners (section 6 paragraph 1 point f of GDPR). It is each Party’s legitimate interest to maintain an effective business communication and to perform the contract. Since it is the part of your scope of duty (representation of our business partners), in our view, processing your name and contact data doesn’t restrict disproportionately your privacy and freedom of self-determination.
3.1.3. Duration of the processing
If you contact us through our website, we process your personal data until the withdrawal of your consent. You have the right to withdraw your consent at any time via email. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
In relation to the processing of the personal data of our business partners’ contact persons, we process their personal data until the personal data are no longer necessary in relation to the purposes for which they were collected or as long as it is possible according to the relevant acts (pursuant to the Hungarian Civil Code, 5 years following the performance or the termination of the contract, or 8 years following invoicing, in accordance with the Hungarian accounting act).
Your personal data are collected manually, in electronic form.
3.1.5. Data protection contractual clause
Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons posed by the processing concerning communicating with our business partners, we, as data controllers, while performing the contracts concluded with our business partners, both at the time of the determination of the means for processing, and at the time of the processing itself, implement appropriate technical and organizational measures, which are designed to implement data-protection principles, such as data minimization, in an effective manner and to integrate the necessary safeguards into the processing in order to meet the requirements of GDPR.
3.2. Processing concerning newsletter
In order to provide relevant information to you, it is possible to subscribe our newsletter both in the registration form and on our website’s specific surface serving for this purpose. The details of such processing are described hereunder.
3.2.1. Processed personal data and purpose of processing
personal data | purpose of processing |
name | to address the user |
e-mail address | connecting the user by newsletter |
phone number | sending text messages to the user (optional) |
3.2.2. Legal basis of processing
Your consent (article 6 point (1) a of GDPR).
We process the personal data until the withdrawal of your consent. You can anytime unsubscribe our newsletter by clicking the “Unsubscribe” box.
Personal data are collected automatically and manually, in electronic form.
3.3. Processing concerning customer service
In order to answer your questions or to inspect the circumstances you requested a complaint for, we operate customer service.
3.3.1. Processed personal data and purpose of processing
personal data | purpose of processing |
name | identification of the user |
e-mail address | connecting with the user and providing information |
phone number | connecting with the user and providing information |
3.3.2. Legal basis of processing
We process the personal data we collect from you by legal obligations (article 6 point (1) c) of GDPR).
We process your personal data as long as the relevant consumer protection acts determine it.
Personal data are collected automatically and manually, in electronic and paper form.
3.4. Processing concerning invoicing
After the performing of the orders we – with regard to Act C of 2000 on accounting – make out a bill. The details of such processing are described hereunder.
3.4.1. Processed personal data and purpose of processing
personal data | purpose of processing |
name | confirmation of the accounting |
address | confirmation of the accounting |
Tax number | confirmation of the accounting |
3.4.2. Legal basis of processing
Processing is necessary for compliance with a legal obligation; with regard to section 6 paragraph 1 point f of GDPR, section 5 article 1 point b of Information Act and section 166 paragraph 1 to 3 of Act C of 2000.
3.4.3. Duration of the processing
8 years after accounting.
Personal data are collected manually, in electronic form
3.4.5. Provision of processing
Since we cannot perform our accounting obligations without knowing any information about you, the processing is a statutory requirement.
3.5. Processing concerning ordering
You can order any of our products shown in our website. The details of such processing are described hereunder.
3.5.1. Processed personal data and purpose of processing
personal data | purpose of processing |
name (first name, surname, title) | identification of the purchaser or its representative |
address | identification of the place of transportation |
phone number | connecting the purchaser or its representative and giving information about the services |
e-mail address | connecting the purchaser or its representative and giving information about the services |
3.5.2. Legal basis of processing
If the legal person purchaser’s representative provides his or her personal data for these purposes, the legal basis of processing personal data – with regard to the relevant authorial practice – is the legitimate interest of us and the purchaser company (section 6 paragraph 1 point f of GDPR). It is each party’s legitimate interest to maintain an effective business communication and to finalize the purchase. In our view – since it is the part of the representative’s scope of duty, and in case of the children’s and partner’s personal data, we need these pieces of information to make the gifts for the event – the processing of the mentioned personal data doesn’t restrict disproportionately the Data subject’s privacy and freedom of self-determination.
All the personal data you give us during the ordering of the available products are processed for the performance of the contract concluded between you and us (article 6 b) of GDPR).
3.5.3. Duration of the processing
Until the personal data are no longer necessary in relation to the purposes for which they were collected or as long as it is possible according to the relevant acts (8 years after accounting or 5 years following performance).
Personal data are collected automatically and manually, in electronic form.
3.5.5. Provision of processing
Since we cannot perform the order without knowing any information about you, the processing is a requirement necessary to enter into a contract.
3.6. Processing concerning registration
It is possible to register for various discounts (free product demonstration, free trial, discount, etc.) on our website.
The details of data processing relating thereto is indicated below:
3.6.1. Processed personal data and purpose of processing
personal data | purpose of processing |
name | identification of the user |
e-mail address | connecting with the user |
phone number | connecting with the user |
job title | identification of the user |
3.6.2. Legal basis of processing
We process the personal data we collect from you by legal obligations (with respect to Article 6, Paragraph 1, Point c) and Paragraph 2 of GDPR, Section 5, Subsection 1, Paragraph b) of the Information Act and Section 13/A, Subsection 1 of the Electronic Commerce Act).
The data processing is required for the performance of the contract (general terms and conditions) between the Visitor and us (Article 6, Paragraph 1, Point b) of GDPR).
We process the user’s personal data until the request for erasure. If the user does not use his/her account, then, with respect to the general rule of the statue of limitations of the Civil Code, we shall anonymize the profile following the lapse of 5 years after the last order. We shall regularly review the scope of the collected data of the users in order for the principle of accuracy to apply in all cases.
Personal data are collected in electronic form.
4. WHAT ARE YOUR RIGHTS?
You have the right to request free information about the details of the managed personal data and request rectification, erasure, blocking or restriction of handling in cases specified by law, as well as protest against the processing of such personal data. Requests for information and requests in this section can be addressed by our client to our contact details in section 2.
4.1. Right to access
You have the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the information featured in point 3. You have the right to access to the following information concerning the processing of your personal data: the purposes of the processing; the categories of personal data concerned; the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations; where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; the existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing; the right to lodge a complaint with a supervisory authority; the existence of automated decision-making, including profiling, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
4.2. Right to rectification
You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
4.3. Right to erasure
You have the right to obtain from us the erasure of personal data concerning you without undue delay and we shall have the obligation to erase personal data without undue delay if it is mandatory according to Article 17 of GDPR. The erasure of your personal data is obligatory for us in the following instances: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent on which the processing is based, and where there is no other legal ground for the processing; you object to the processing and there are no overriding legitimate grounds for the processing; the personal data have been unlawfully processed; the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
4.4. Right to be forgotten
If we made the personal data public and are obliged to erase your personal data, we inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
We do not make your personal data public.
4.5. Right to restrict data management
At the request of our client, we restrict data processing if the accuracy of personal data is disputed, or data processing is illegal or the client protests against data management or if we no longer need the personal information the Client has provided.
4.6. Right to data portability
You have the right to receive the personal data concerning you, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us if is possible according to Article 20 of GDPR. Where technically feasible, you have the right to have the personal data transmitted directly from us to another controller.
4.7. Responding to requests
The application will be examined as soon as possible after its submission, but within a maximum of 30 days (in the case of an objection, within 15 days) and we make a decision on its validity and the applicant will be informed in writing. If we do not comply with our Client’s request, we will inform our Client of the factual and legal reasons for the rejection of the application.
4.8. Law enforcement
The protection of personal data is important to us, at the same time we respect our Client’s right to information self-determination and we strive to respond all requests in a fair manner and on time. With this in mind, we ask our Clients to contact us before any official and judicial claim is made to resolve any conflicts peacefully that erase with us. If the request does not lead to a result, our client can enforce the rights in court under Act V of 2013 on the Civil Code (the lawsuit may also be initiated before a court competent according to the residence of our Client) and in accordance with the provisions of the
Information Act, you can apply to the National Data Protection and Freedom of Information Authority (1125 Budapest, Szilágyi Erzsébet fasor 22/c.;
https://www.naih.hu/panaszuegyintezes-rendje.html, a továbbiakban: NAIH)
5. MEASURES AND NOTIFICATIONS
5.1. Informing Data subjects
We communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with Article 16, Article 17(1) and Article 18 of GDPR to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. We also inform you about those recipients on the request of yours.
5.2. Mode and deadline of notification
We provide information on action taken on a request under Articles 15 to 22 of GDPR to you without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. We inform you of any such extension within one month of receipt of the request, together with the reasons for the delay. Where you make the request by electronic form means, we provided the information by electronic means where possible, unless you request it otherwise.
If we do not take action on your request, we inform you without delay and at the latest within one month of receipt of the request of the reasons for not taking action and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy (see point 4.7.).
5.3. Monitoring
If we have reasonable doubts concerning the identity of the natural person making the request, we may request the provision of additional information necessary to confirm the identity of the data subject. This measure is necessary to prevent unauthorized access to personal data as defined in Article 5 (1) (f) of the GDPR.
5.4. Costs of measures and notifications
We provide you information and take the necessary measures free of charge. If your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested or we refuse to act on your request.
6. POSSIBLE RECIPIENTS
6.1. During the operation of our website
Details of the hosting provider of our website as the data processor:
Name: HumanoiT Kft.
Contact: https://humanoit.hu/kapcsolat
6.2. During sending newsletter
Newsletter software is used to send customized offers and helpful information for the Users signed up on our Website. The software is operated by the following data processor:
Name: Mailchimp
Contact: https://mailchimp.com/contact/
6.3. During paying orders
The order fee can be paid through the payment service provider’s interface. The interface is operated by the following data processor:
Name: OTP MOBIL Szolgáltató Kft.
Contact: https://simplepay.hu/kapcsolat
6.4. During invoicing
In connection with invoicing, our data processors get to know the personal data provided by Users for this purpose. The details of the data processors:
Name: Nemzeti Adó- és Vámhivatal
Contact: https://www.nav.gov.hu/nav/kapcsolat
Name: KBOSS.hu Kft.
Contact: https://www.szamlazz.hu/szamla/kapcsolat
6.5 Social media
Our website has several social media profile so that if you „like” us on Facebook or „follow” us on Instagram, we may learn all the personal data which is public on your profile.
7. COOKIES
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
Cookies can be used by web servers to identify and track users as they navigate different pages on a website and identify users returning to a website.
Existing cookies are owned by WordPress and its other plugins. You can find more information on the WordPress privacy policy page: https://wordpress.org/about/privacy.
We use Google Analytics to analyse the use of our website. We use Google Ads to display remarketing advertisements to our website visitors. Read more about Google’s privacy policy here: https://policies.google.com/privacy.
We run Facebook Pixel on our Website to be able to display remarketing ads to our website visitors on the Facebook platform. You can read more about Facebook Pixel cookies here: https://www.facebook.com/policies/cookies/.
| Cookie | Domain | Description | Duration | Type |
| wcml_client_currency | passman.co | WordPress multilingual plugin filters the currency set by the user on the front-end | 2 days | Other |
| wcml_client_currency_language | passman.co | WordPress multilingual plugin sets this cookie to store information about the client’s preferred currency and language | 2 days | Other |
| wp-wpml_current_language | passman.co | WordPress multilingual plugin sets this cookie to store the current language/language settings. | session | Functional |
| test_cookie | .doubleclick.net | doubleclick.net sets this cookie to determine if the user’s browser supports cookies. | 15 minutes | Advertisement |
| _hjSessionUser_* | .passman.co | Hotjar sets this cookie to ensure data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar User ID, which is unique to that site. | 1 year | Analytics |
| _hjFirstSeen | .passman.co | Hotjar sets this cookie to identify a new user’s first session. It stores the true/false value, indicating whether it was the first time Hotjar saw this user. | 1 hour | Analytics |
| _hjIncludedInSessionSample_1822147 | .passman.co | Hotjar sets this cookie to track user behavior and interactions on the website | 1 hour | Other |
| _hjSession_* | .passman.co | Hotjar sets this cookie to ensure data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar User ID, which is unique to that site. | 1 hour | Analytics |
| _hjAbsoluteSessionInProgress | .passman.co | Hotjar sets this cookie to detect a user’s first pageview session, which is a True/False flag set by the cookie. | 1 hour | Functional |
| _ga | .passman.co | Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. | 1 year 1 month 4 days | Analytics |
| _gid | .passman.co | Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website’s performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously. | 1 day | Analytics |
| _gat_gtag_UA_* | .passman.co | Google Analytics sets this cookie to store a unique user ID. | 1 minute | Analytics |
| _ga_* | .passman.co | Google Analytics sets this cookie to store and count page views. | 1 year 1 month 4 days | Analytics |
| li_sugr | .linkedin.com | LinkedIn sets this cookie to collect user behaviour data to optimise the website and make advertisements on the website more relevant. | 3 months | Advertisement |
| bcookie | .linkedin.com | LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs. | 1 year | Advertisement |
| lidc | .linkedin.com | LinkedIn sets the lidc cookie to facilitate data center selection. | 1 day | Functional |
| UserMatchHistory | .linkedin.com | LinkedIn sets this cookie for LinkedIn Ads ID syncing. | 1 month | Functional |
| AnalyticsSyncHistory | .linkedin.com | Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie. | 1 month | Analytics |
| _fbp | .passman.co | Facebook sets this cookie to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising after visiting the website. | 3 months | Analytics |
| bscookie | .www.linkedin.com | LinkedIn sets this cookie to store performed actions on the website. | 1 year | Advertisement |
| li_gc | .linkedin.com | Linkedin set this cookie for storing visitor’s consent regarding using cookies for non-essential purposes. | 6 months | Functional |
| _hjRecordingEnabled | passman.co | Hotjar sets this cookie when a Recording starts and is read when the recording module is initialized, to see if the user is already in a recording in a particular session. | session | Analytics |
Most browsers allow you to refuse to accept cookies; for example:
- in Internet Explorer, you can block cookies using the cookie handling override settings available by clicking “Tools”, “Internet Options”, “Privacy” and then “Advanced”;
- in Firefox, you can block all cookies by clicking “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and
- in Chrome, you can block all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Privacy and security” and “Third-party cookies”, and then selecting “Block third-party cookies”.
Blocking all cookies will have a negative impact upon the usability of many websites.
If you block cookies, you will not be able to use all the features on our website.
You can delete cookies already stored on your computer; for example:
(a) in Internet Explorer, you must manually delete cookie files (you can find instructions for doing so at http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11);
(b) in Firefox, you can delete cookies by clicking “Tools”, “Options” and “Privacy”, then selecting “Use custom settings for history” from the drop-down menu, clicking “Show Cookies”, and then clicking “Remove All Cookies”; and
(c) in Chrome, you can delete all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Privacy and security” and “Clear browsing data”, and then selecting “Cookies and other site and plug-in data” before clicking “Clear data”.
Deleting cookies will have a negative impact on the usability of many websites.
Detailed information on deleting and blocking cookies can be found at www.AllAboutCookies.org.
8. OTHER PROVISIONS
8.1. Processing for different purpose
If we intend to further process the personal data for a purpose other than that for which the personal data were collected, we provide the you prior to that further processing with information on that other purpose and with any relevant further information.
8.2. Data protection
We secure your personal information from unauthorized access, use or disclosure. We secure the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. When personal information (such as connection data) is transmitted to other Web sites, it is protected through the use of encryption.
8.3. Record of processing
To comply with section 30 of GDPR, we maintain a record of processing activities under our responsibility.
8.4. Data breaches
Data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. In case of data breach, we act according to section 33 and 34 of GDPR.
8.5. Changes to our Privacy Policy
We will occasionally update this Privacy Policy to reflect feedback. We encourage you to periodically review this Policy to be informed of how we are protecting your information. Effective: 08/07/2019
Moresimp Kft.
Controller