+36 20 665 2844 raklap@hungaroraklap.hu 2360 Gyál, Bem József u. 18. 1238 Budapest, Szentlőrinci út
MagyarEnglish
Main menu
MagyarEnglish
+36 20 665 2844 raklap@hungaroraklap.hu 2360 Gyál, Bem József u. 18.
Request a Quote
Privacy policy

Privacy policy

Data Protection Information of HR PALETT Kft.

Introduction

HR PALETT Kft. informs those requesting offers on its website about its data handling practices and the users' options for legal remedies. As a data controller, HR PALETT Kft. undertakes to ensure that its data handling services comply with the requirements set forth in applicable laws.

Data Controller Information

  • Name: HR PALETT Kft.
  • Headquarters: 2360 Gyál, Bem József Street 18.
  • Company Registration Number: 13-09-173296
  • Tax Number: 25101782-2-13
  • Email: raklap@hungaroraklap.hu
  • Phone Number: 06206652844
  • Website: www.hungaroraklap.hu

If you have any questions regarding the handling of personal data, please contact us by phone at 06206652844 or by email at raklap@hungaroraklap.hu.

Legal Basis for Data Processing

For marketing activities (e.g., requesting offers, visiting pages, callback forms), we may need your name, email address, and phone number to contact you. We store these data until you request their deletion.

The legal basis for processing personal data necessary for contract fulfillment (purchases, orders, etc.) is the fulfillment of the contract. These data are mandatory during system registration. The basis for processing non-mandatory data is your consent.

With general data processing consent, you agree to receive marketing emails.

Purpose and Duration of Data Processing

The general purpose of data processing by HR PALETT Kft. is:

  • Identifying and registering customers,
  • Informing customers and ensuring marketing activities,
  • Maintaining financial records,
  • Preparing statistics and analyses,
  • Determining eligibility for discounted purchases and assigning discounts to eligible customers,
  • Continuously improving services and preparing new ones.

We store personal data in our database based on the principle of purpose limitation until your consent is withdrawn or upon specific request for deletion.

Marketing Activities

Within our marketing activities, HR PALETT Kft.:

  • Conducts statistical analyses to improve services and justify actions,
  • Creates target groups from its customer base interested in specific services or promotions,
  • Sends newsletters and advertisements via email.

Data Transfer Abroad

HR PALETT Kft. does not transfer personal data abroad but reserves the right to move its virtual servers to the cloud if necessary. More details can be found in the section on servers.

Scope of Processed Data

We detail the personal data we process below, along with the purpose of processing. We keep records of the data provided by our customers and derived values from them.

Data Processing Partners

We do not provide our customers' personal data to other companies.

Form-based Data Requests

In some cases, we request data from customers through our website. The data provided are received by our staff via email.

Location of Data Processing

The location of HR PALETT Kft.'s data processing is its headquarters.

Data Generated During Website Visits

Like all web servers on the internet, our servers automatically store certain data when visiting our websites, which may qualify as personal data. When visiting our websites, our servers store typical data for troubleshooting, improving services, and detecting intrusion attempts:

  • Time of visit,
  • Title of the visited page,
  • Referring page (from which the visitor arrived),
  • Visitor's IP address,
  • Visitor's browser header (user agent), which includes the operating system and browser type/version.

Rights of the Data Subjects

  • Right to Information
  • Right to Rectification
  • Right to Erasure (Right to be Forgotten)
  • Right to Data Portability
  • Right to Objection

Links to Social Media Providers and Social Media Browser Extensions

The website of the Data Controller contains simple links to Facebook and YouTube. Data is only transmitted to these social media operators when you click on the respective icon (e.g., the "f" icon for Facebook). When you click on the icon, the page of the social media operator opens in a pop-up window. On these pages, you can share information about our products in accordance with the social media operator's policies.

Rights of the Data Subjects and Legal Remedies

In addition to the rights mentioned above regarding the use of recordings, data subjects can exercise the following rights in connection with data processing as described in this notice:

Right to Information and Access to Personal Data:

The data subject is entitled to receive feedback from the Data Controller regarding whether their personal data are being processed and, if so, to access the personal data and the following information:

a) Purposes of the processing;
b) Categories of personal data;
c) Recipients or categories of recipients to whom the personal data have been or will be disclosed, including in particular recipients in third countries or international organizations;
d) Where possible, the intended period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
e) The right to request from the Data Controller rectification, erasure, or restriction of processing of personal data concerning them, and to object to such processing;
f) The right to lodge a complaint with a supervisory authority;
g) Where the data were not collected from the data subject, any available information as to their source;
h) The existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

If personal data are transferred to a third country or to an international organization, the data subject is entitled to be informed of the appropriate safeguards relating to the transfer.

The Data Controller shall provide a copy of the personal data undergoing processing. For any further copies requested by the data subject, the Data Controller may charge a reasonable fee based on administrative costs. If the data subject submits the request electronically, the information shall be provided in a widely used electronic format, unless otherwise requested by the data subject.

The right to obtain a copy shall not adversely affect the rights and freedoms of others.

These rights can be exercised through the contact details provided above.

Right to Rectification: The Data Controller shall correct inaccurate personal data concerning the data subject without undue delay at their request. Considering the purposes of the processing, the data subject is entitled to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to Erasure: The data subject has the right to obtain from the Data Controller the erasure of personal data concerning them without undue delay where one of the following grounds applies:

a) The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
b) The data subject withdraws consent on which the processing is based, and there is no other legal ground for the processing;
c) The data subject objects to the processing and there are no overriding legitimate grounds for the processing, or the processing is for direct marketing;
d) The personal data have been unlawfully processed;
e) The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the Data Controller is subject;
f) The personal data have been collected in relation to the offer of information society services.

Deletion of Data Cannot Be Initiated If Data Processing Is Necessary:
Data cannot be deleted if data processing is necessary for:
a) Exercising the right to freedom of expression and information;
b) Compliance with a legal obligation which requires processing by Union or Member State law to which the Data Controller is subject, or for the performance of a task carried out in the public interest;
c) Preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment, or the management of health or social care systems and services, on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the obligations of professional secrecy under Union or Member State law or rules established by national competent bodies, or by another person also subject to an obligation of secrecy under Union or Member State law or rules established by national competent bodies;
d) Reasons of public interest in the area of public health, such as protecting against serious cross-border health threats or ensuring high standards of quality and safety of health care and medicinal products or medical devices, and this is based on Union or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject, in particular professional secrecy;
e) Public interest in the area of public health, and such processing is carried out by or under the responsibility of a professional subject to the obligation of professional secrecy under Union or Member State law or rules established by national competent bodies, or by another person also subject to an obligation of secrecy under Union or Member State law or rules established by national competent bodies;
f) Archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, in so far as the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
g) The establishment, exercise or defense of legal claims.

Right to Restriction of Processing:
At the request of the data subject, the Data Controller shall restrict processing if one of the following conditions applies:
a) The data subject contests the accuracy of the personal data, in which case the restriction applies for a period enabling the Data Controller to verify the accuracy of the personal data;
b) The processing is unlawful and the data subject opposes erasure of the personal data and requests the restriction of their use instead;
c) The Data Controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims; or
e) The data subject has objected to processing pending the verification whether the legitimate grounds of the Data Controller override those of the data subject.

Where processing has been restricted under the above conditions, such personal data shall, with the exception of storage, only be processed with the data subject's consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

The Data Controller shall inform the data subject who has obtained restriction of processing pursuant to the above conditions before lifting the restriction.

Right to Data Portability:

The data subject has the right to receive the personal data concerning them, which they have provided to the Data Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Data Controller to which the personal data have been provided, where:
a) The processing is based on consent or on a contract; and
b) The processing is carried out by automated means.

In exercising the right to data portability, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible.

The exercise of the right to data portability shall not adversely affect the right to erasure. This right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller.

The right to data portability shall not adversely affect the rights and freedoms of others.

Right to Object:
The data subject is entitled to object, on grounds relating to their particular situation, at any time to the processing of personal data concerning them which is based on the public interest or in the exercise of official authority vested in the Data Controller, or on the legitimate interests of the Data Controller or of a third party, including profiling based on those provisions. In this case, the Data Controller shall no longer process the personal data unless the Data Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

If personal data are processed for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning them for such marketing, which includes profiling to the extent that it is related to such direct marketing. If the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.

In the case of processing for scientific or historical research purposes or statistical purposes, the data subject has the right to object to the processing of personal data concerning them on grounds relating to their particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

Right to Withdraw Consent:
The data subject has the right to withdraw their consent at any time if the Data Controller's processing is based on consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Procedure in Case of a Request from the Data Subject:

The Data Controller shall provide information on the action taken on a request under the rights outlined in this notice without undue delay and in any event within one month of receipt of the request. This period may be extended by two further months if necessary, taking into account the complexity and number of the requests.

The Data Controller shall inform the data subject of any such extension within one month of receipt of the request, together with the reasons for the delay. Where the data subject makes the request by electronic form means, the information shall be provided by electronic means where possible, unless otherwise requested by the data subject.

If the Data Controller does not take action on the request of the data subject, the Data Controller shall inform the data subject without delay and at the latest within one month of receipt of the request of the reasons for not taking action and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.

The Data Controller shall provide the requested information and communication free of charge. However, if the data subject's request is manifestly unfounded or excessive, in particular because of its repetitive character, the Data Controller may either charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested, or refuse to act on the request.

The Data Controller shall communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with the above to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The Data Controller shall inform the data subject about those recipients if the data subject requests it.

Personal Data of Children and Third Parties

Minors under the age of 16 may not provide personal data about themselves unless they have obtained permission from a parent or guardian. By providing personal data to the Data Controller, you declare and warrant that you have acted in accordance with the above and that your legal capacity to provide information is not limited.

If you are not legally authorized to provide personal data, you must obtain the consent of the relevant third parties (e.g., legal representative, guardian, or another person such as a consumer on whose behalf you act) or provide another legal basis for the data provision. You must consider whether the provision of specific personal data requires the consent of a third party. The Data Controller may not be in personal contact with you, so it is your responsibility to ensure compliance with this point, and the Data Controller shall not be liable in this regard. However, the Data Controller is always entitled to verify whether an appropriate legal basis exists for the processing of personal data. For example, if you act on behalf of a third party (e.g., a consumer), we are entitled to request your authorization and/or the data subject's appropriate data processing consent for the specific case.

The Data Controller will delete any personal data that have been provided without authorization. The Data Controller ensures that if it becomes aware of such data, they will not be transmitted to others or used by the Data Controller. Please notify us immediately through one of our contact details if you become aware that a child has provided personal data about themselves or a third party has provided data about you without authorization.

Use of Cookies on the Website

Web analytics services also use cookies to help analyze the use of online platforms. The data subject, by providing separate and explicit consent on the online platforms, allows information created by cookies about the use of the online platform to be transmitted to Google Analytics and Google Adwords servers in the United States. Other cookies processed are stored on servers within the European Union. By providing consent on the website, the user consents to the collection and analysis of their data in the manner and for the purposes specified above. This information is used to evaluate and analyze the use of online platforms by the data subject, to compile reports on activities performed on the platforms, and to provide other services related to activities and internet use. More information can be found in the cookie policy.

Data Processing

The Data Controller uses the data processor specified in this notice to perform its activities. The data processor does not make independent decisions and is only authorized to act in accordance with the contract and instructions received from the Data Controller. The Data Controller monitors the work of the data processor. The data processor may engage another data processor only with the prior written consent of the Data Controller.

Data Processor
| Data Processor | Access to Which Personal Data? | How Can the Data Be Used (Activity Performed for the Data Controller)? | How Long Can the Data Be Stored? |

Legal Remedies

If you believe that HR PALETT Kft. or any of its employees has violated your rights related to the protection of personal data, please contact HR PALETT Kft. through one of our contact details listed at the beginning of this notice to resolve the issue promptly.
If you believe that HR PALETT Kft. has not taken adequate steps regarding your issue, you have the option to turn to the court against the Data Controller. The court will handle the case out of turn. It is the responsibility of the Data Controller to prove that the data processing complies with legal requirements. The case falls within the jurisdiction of the court. The lawsuit can be initiated at the court of the data subject's place of residence or stay, as chosen by the data subject.

National Authority for Data Protection and Freedom of Information

  • Postal Address: 1534 Budapest, Pf.: 834
  • Address: 1125 Budapest, Szilágyi Erzsébet Avenue 22/C.
  • Phone: 06-1/391-1400
  • Fax: 36-1/391-1410
  • Email: ugyfelszolgalat@naih.hu
  • Website: www.naih.hu
  • President: Dr. Péterfalvi Attila

Provision of HR PALETT Kft.

The Data Controller reserves the right to modify its data protection statement as necessary. This may occur if the range of services expands, the technical system changes, or it is required by law. However, such modifications shall not involve processing personal data for purposes other than those originally intended.