Privacy Policy

Data management information for the evacarbplast.hu website

1.Introduction

The operator of EVA CarbPlast Kft. (hereinafter: Website) EVA CarbPlast Kft. (hereinafter: Data Controller), as a data controller, describes its data management principles in this Data Protection Statement and Data Management Information Sheet (hereinafter: Data Protection Statement), which it acknowledges as binding on itself! The Data Controller takes all reasonable measures to ensure the security of the personal data of the Website visitors. The Data Controller manages and stores the personal data of Website visitors in the event that they contact the Data Controller via the Contact form on the Website or via the e-mail address provided on the page. The Website and the Data Controller intend to fully comply with the laws and regulations regarding the handling of personal data, as well as with Regulation (EU) 2016/679 of the European Parliament and Council! This data management information sheet on the protection of personal data of natural persons and the free flow of data was prepared on the basis of Regulation (EU) 2016/679 of the European Parliament and of the Council, taking into account the CXII of 2011. on the content of the law on the right to self-determination of information and freedom of information. In the concluded contracts, the purpose and method of data management can be changed if required, which is done in a separate point in the given contract under precisely formulated conditions. This information sheet provides you, the website visitor, with accurate and important information about your rights and options regarding your personal data. The visitor of the website receives this information on the first visit to the page, before starting to browse, and acknowledges its content and legal conditions as familiar and accepted! If you do not accept it, you have the right and opportunity not to provide your personal data, or to stop browsing the Website.

Name and contact details of data controller:

Name: EVA CarbPlast Kft.
Headquarters/Postal address: 4564. Nyírmada, Gárdonyi G. út hrsz. 031/11
Website contact: evacarbplast.hu
Tax number: 27186620-2-15
E-mail: gyori@carbonblack.hu
Telephone: +36-20-265-3085
Hosting provider: TRIAK Computing Trading and Service Kft.
Address: 3700. Kazincbarcika Akácfa út no. 7
Tax number: 11444600-2-05
Telephone: +36-48-313-121
E-mail: info@triak.hu

2. Definition of terms

(source: gdprinfo.eu)

Personal data:

any information relating to an identified or identifiable natural person ("data subject"); a natural person can be identified directly or indirectly, in particular on the basis of an identifier such as a name, number, location data, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person can be identified.

Data management:

any operation or set of operations performed on personal data or data files in an automated or non-automated manner, such as collection, recording, organization, segmentation, storage, transformation or change, query, insight, use, communication, transmission, distribution or otherwise by making available, coordinating or connecting, limiting, deleting or destroying.

Data controller:

the natural or legal person, public authority, agency or any other body that determines the purposes and means of processing personal data independently or together with others; if the purposes and means of data management are determined by EU or member state law, the data controller or the special aspects regarding the designation of the data controller may also be determined by EU or member state law.

Data processor:

the natural or legal person, public authority, agency or any other body that processes personal data on behalf of the data controller.

Registration system:

a file of personal data divided in any way – centralized, decentralized or functional or geographically – that is accessible based on specific criteria.

Data file:

the totality of the data managed in a register.

Data deletion:

rendering the data unrecognizable in such a way that its recovery is no longer possible.

Third party:

the natural or legal person, public authority, agency or any other body that is not the same as the data subject, the data controller, the data processor or the persons who have been authorized to process personal data under the direct control of the data controller or data processor.

Data subject:

a natural person entitled to dispose of the rights related to the protection of personal data. It may happen that a set of data can be linked to several natural persons at the same time. In this case, each person can only exercise their rights with regard to the data relating to them. The task of the data controller is to ensure that each person concerned can exercise these rights independently of, or even in connection with, the other. The data subject can assert his data protection rights through his representative, who can be, for example, a lawyer, close relative, spouse, etc. The agent must prove the fact of the assignment with an authentic private document.

Consent of the data subject:

the voluntary, concrete and clear declaration of the will of the data subject based on adequate information, with which the statement or confirmation of the data subject indicates through an unmistakably expressive act that he gives his consent to the processing of his personal data.

Data protection incident:

a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data transmitted, stored or otherwise handled.

Supervisory authority:

an independent public authority established by a Member State in accordance with Article 51.

Recipient:

the natural or legal person, public authority, agency or any other body to whom the personal data is communicated, regardless of whether it is a third party. Public authorities that have access to personal data in accordance with EU or Member State law in the context of an individual investigation are not considered recipients; the handling of said data by these public authorities must comply with the applicable data protection rules in accordance with the purposes of the data management.

Electronic commercial service:

a service related to the information society, the purpose of which is a tradable movable thing that can be taken into possession - including money and securities, as well as natural forces that can be used in the way of the thing -, service, real estate, right of property value (hereinafter together: goods) business-like sale, purchase, exchange or use in any other way.

GDPR (General Data Protection Regulation):

the new Data Protection Regulation of the European Union.

3. The range of Users

Any natural person who uses the services of the Website or fills out a Contact Form, identified or - directly or indirectly - identified on the basis of personal data.

4. Data management information

The purpose of data: management is to provide contact, information and additional services. Legal basis for data management: the consent of the person concerned. The range of persons involved in data management: visitors who send data on the website's contact form or by e-mail, or partners who may later enter into a contract. Duration of data management and deletion of data: The duration of data management for data sent via the Contact Form is basically 2 years. If the user wishes to have his data deleted at an earlier date, he can do so at any time by sending a request to gyori@carbonblack.hu. In the case of any employment contract, the data management lasts until the end of the operation of the Website and the business. An exception to this is if the contracted Partner requests the deletion of this data in writing. The following persons are entitled to access the data: the data controller or, in the case of an investigation the authority. The User can initiate the modification or deletion of their data at any time. You can also withdraw your data management consent, which, however, does not affect the legality of data storage before the withdrawal. The person concerned may use the right to submit a complaint to the supervisory authority. While using the Website, the User is not obliged to provide his personal data. The site works to its full potential even in the absence of data provision, but it is already necessary to fill out the contact registration form. The following personal data are processed through the Website: Surname, first name, company name or contact name in the case of a company, E-mail address, Telephone number (optional). The handling of the contractual Partners' data may differ from this, but it must be recorded in the created contract in any case.

5. Data transfer

The Data Controller does not sell, rent or in any way make available personal data or information about the User to other companies or individuals. The Data Controller ensures the appropriate security of the data in the manner expected of it, and takes the technical and organizational measures that guarantee the enforcement of data protection rules and principles and promote the security of personal data.

6. Legislation on which data management is based

  • REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (April 27, 2016) on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, and on the repeal of Regulation 95/46/EC ( general data protection regulation).
  • CXII of 2011. Act on the right to self-determination of information and freedom of information.
  • LXVI of 1995 on the protection of public documents, public archives and private archive material. law.
  • 335/2005 on the general requirements for document management of bodies performing public duties. (XII. 29.) Government decree.
  • CVIII of 2001 Act on certain issues of electronic commercial services and services related to the information society.
  • Act C of 2003 on electronic communications.

7. Summary of data management and possibility of legal enforcement

The legal basis for processing data can be consent or the conclusion of a contract. Only I (Gábor Győri) manage the data requested on the contact form. I store the data on the data management backup storage, which protects the data with appropriate security measures. I will not disclose the data to third parties, unless I am required to do so by law! To access the data, to correct or delete the data, or to limit the processing of the data, you must contact the data manager. You can exercise your data protection rights according to the rules set by the European Union. If I have violated any of your rights according to the GDPR regulation, you have the right to file a complaint with the authority.

Contact details of the data protection authority:
National Data Protection and Freedom of Information Authority
e-mail: ugyfelszolgalat@naih.hu
address: 1055 Budapest, Falk Miksa utca 9-11
telephone number:
+36 (30) 683-5969
+36 (30) 549-6838
+36 (1) 391 1400