1 Introduction and general information
1.1 This privacy statement (hereinafter referred to as: Privacy Statement) sets forth its data protection practice regarding the use of the website available at the URL http://www.pressenger.com/ (hereinafter referred to as: Service), owned and operated by Pressenger Korlátolt Felelősségű Társaság (registered office: 9700 Szombathely, Petőfi Sándor utca 1/D, company registration number: Cg.18-09-112386, VAT number: 25086122-2-18, hereinafter referred to as: Pressenger Kft, or Controller), and explains how the personal data required to use the messaging system operated as part of the Service are processed. Pressenger Kft considers the provisions of this Privacy Statement as binding.
1.2 Pressenger Kft only collects and processes personal data made available to it by the user of the website (the person initiating the contact) expressly, voluntarily, and freely. Pressenger Kft attaches special importance to respecting the rights of its clients to informational self-determination, as a service provider and Controller, it is committed to protecting the personal data of its partners and users. Pressenger Kft processes the obtained personal data confidentially, and takes every security, technical and organisational measure to guarantee the security of data.
1.3 This Privacy Statement, as amended from time to time, are continuously available at the homepage www.pressenger.com, and can be viewed or obtained at Pressenger Kft’s registered office.
1.4 Please note that the court, the public prosecutor, investigative authorities, infringement authorities, public administration authorities, the national data protection ombudsman, and other bodies based on laws and regulations may contact the Controller for information, the disclosure and hand-over of data, and for the provision of documents. Provided the authority has specified the precise purpose and scope of data, Pressenger Kft may only hand over personal data to the authority in the quantity and to the extent that is absolutely necessary to achieve the goals behind the contact with the Controller.
1.5 Pressenger Kft processes its clients’ personal data to run its business, to the necessary extent to conclude and fulfil agreements (e.g. requesting bids, surveying demand), for marketing purposes, and to enforce claims arising from such agreements, and for the necessary duration but for no longer than is needed to achieve the processing objective. Pressenger Kftdoes not transfer the data it processes to any third parties.
1.6 Pressenger Kft shall not be held responsible if any personal data is made public due to hardware or software failure, and for any and all damage caused relating to registration sites and their inoperability, inappropriate or misuse of such sites, and resulting from computer viruses, line or system failures, delays in data transfer, and by the unauthorised alteration of the data and information available at registration sites.
1.7 The fundamental principles of processing applied by Pressenger Kft are consistent with effective laws and regulations on data protection, in particular with those listed below:
- Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as: General Data Protection Regulation or GDPR).
- Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (hereinafter referred to as: Information Act);
- Act CVIII of 2001 on certain aspects of Electronic Commerce and Information Society Services (E-commerce Act);
- Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Business Advertising Activity (Business Advertising Act).
- Act C of 2003 on Electronic Communications (E-Communications Act).
- Act C of 2000 on Accounting (hereinafter referred to as: Accounting Act), and
- Act LXIII of 1992 on the protection of personal data and the disclosure of information of public interest.
- Act VI of 1998 on the promulgation of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, concluded on 28 January 1981.
2 Controller contact details
Company name: Pressenger Korlátolt Felelősségű Társaság
Address of registered office: 9700 Szombathely, Petőfi Sándor utca 1/D
Company registration number: Cg. 18-09-112386
Court of Registration: Regional Court of Szombathely
Statistical code: 25086122-6201-113-18
VAT number: 25086122-2-18
Telephone number: +36 70 635 1232
The registered office, place of business and contact details of the service provider providing storage space of the Controller’s website, including its email address, must also be indicated (if such service provider is not the same as the Controller):
Company name: AMAZON WEB SERVICES
Address of registered office: 38 AVENUE JOHN F. KENNEDY, L-1855 LUXEMBOURG
Telephone number: https://aws.amazon.com/contact-us/
Controller: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data (unless specified otherwise in this Privacy Statement, Pressenger Kft shall be the Controller);
processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
processor: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller;
recipient: a natural or legal person, public authority, agency or another body, to which the personal data processed by the Controller are disclosed by the Controller;
data subject: a natural person whose personal data is used by the Controller (processes such data, including, among others, clients and those interested);
consent of the data subject: any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
supervisory authority or alternatively NAIH: National Authority for Data Protection and Freedom of Information;
electronic promotional message (eDM, newsletter): electronic message containing exclusively advertisements, acquisition and advertising materials, which is sent by the Controller simultaneously to several data subjects to their respective e-mail addresses they provided;
test message: electronic text message containing exclusively advertisements, acquisition and advertising materials, which is sent by the Controller simultaneously to several data subjects to their respective mobile telephone numbers they provided;
profiling: any form of automated or not automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;
personal data: any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, e-mail address, postal address, billing address, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
special categories of personal data: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and genetic and biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation;
client: a person or entity inquiring about the Controller’s products and services personally, on the website, by telephone or by any other means, and a person or entity concluding an agreement, or entering into a legal relationship with the Controller.
4 Specific processing operations of Pressenger Kft
4.1 Processing the personal data of the visitors of the website www.pressenger.com
Data subjects affected by processing: the visitors of the website www.pressenger.com who initiate contact with Pressenger Kft under the ‘Contact us’ menu by voluntarily providing their personal data.
Fact, scope of data processed, and objective of processing:
|Personal Data||Objective of processing||Legal basis|
|Full name (last name and first names)||Making contact, making price quotes, preparation of concluding an agreement, concluding, performing an agreement, and enforcing claims arising from an agreement||Article 6, par. (1), points a) and b), and Sections 13/A (1) – (3) of the e-Commerce Act|
|Company name||Making contact, making price quotes, preparation of concluding an agreement, concluding, performing an agreement, and enforcing claims arising from an agreement|
|E-mail address||Making and maintaining contact|
|Telephone number||Making and maintaining contact|
Duration of processing, deadline to delete data: If any of the conditions included in Article 17 (1) of the GDPR are met, processing shall be carried out until the data subject’s erasure request or until his or her sconsent is withdrawn. Pursuant to Article 19 of the GDPR, the Controller informs the data subject electronically about the erasure of any personal data provided by the data subject. If the data subject’s erasure request includes the e-mail address provided by the data subject, the Controller erases also the e-mail address after informing the data subject.
The recipients of the processed personal data: personal data may be processed by the Controller’s staff authorised to do so pursuant to this Privacy Statement.
Rights of the data subject relating to processing, including his or her right to lodge a complaint: see Section 7.
4.2 Data processing relating to the cookies used by the website www.pressenger.com
The cookies used by the website www.pressenger.com are explained in detail in the tables below.
- A) Cookies essential for the operation of websites:
|Name of cookie||Lifespan of cookie||Function and purpose of processing of cookie|
|devicePixelRatio||Browser default (1 year)||Used to make the site responsive to the visitor’s screen size.|
|wordpress_test_cookie||Session||Tests that the browser accepts cookies.|
|trac_form_token||Session||Used as a security token for cross-site request forgery protection.|
|trac_session||90 days||Used to keep anonymous session information.|
|camptix_client_stats||1 year||Used to track unique visitors to tickets page on a WordCamp site|
|tk_ai||Browser default||Used for tracking|
- B) Other cookies:
|Name of cookie||Duration||Purpose|
|_ga||2 years||Google Analytics – Used to distinguish users.|
|_gat_gtag_UA_54594654_1||1 minute||Google Analytics – Used to throttle request rate.|
|_gid||24 hours||Google Analytics – Used to distinguish users.|
|_hjAbsoluteSessionInProgress||30 Minutes||Hotjar – This cookie is used to detect the first pageview session of a user. This is a True/False flag set by the cookie.|
|_hjFirstSeen||1 session||Hotjar – This is set to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions.|
|_hjIncludedInPageviewSample||30 minutes||Hotjar – This cookie is set to let Hotjar know whether that visitor is included in the data sampling defined by your site’s pageview limit.|
|_hjid||365 days||Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behaviour in subsequent visits to the same site will be attributed to the same user ID.|
Scope of data processed: we process visitors’ data in connection with their use and browsing of the website by placing and reading back cookies, and the information relating thereto, and we also process demographic and statistical data. For the specification of the individual data, please consult the tables above.
Legal basis of processing: in the case of the cookies listed in Table A) the legal basis of processing is the legal provisions pursuant to Section 13/A (3) of the e-Commerce Act, and Article 5 par. (3) of the Directive 2002/58/EC. In the case of the cookies listed in Table B) the legal basis of processing is the consent of the data subject pursuant to Section 155 (4) of the e-Communications Act, which we request and record when the visitor first lands on the website.
Duration of processing: for the duration of processing for the individual cookies, please consult the Table above. Some of the cookies we use, typically ones preventing the loss of data in a given work session, are session cookies with a temporary lifespan that are deleted when they session is ended, i.e. when the browser is closed. However, we also use persistent cookies that will be stored in the visitor’s computer for longer than the session. The persistent cookies we use are in place to support repeated visits to the website, and will not be deleted automatically when the browser closes. Persistent cookies are stored for a specific period of time, and most of the time they are deleted after 7 days, or when the user changes the browser settings to delete them.
Recipients of the processed data: Pressenger Kft
Additional information relating to cookies placed by third parties: if the visitor also uses the services of third parties (e.g. Google and Facebook) when visiting our website, the cookies on the website, connected to the services of such third parties, may result in such third parties (e.g. Google and Facebook) collecting further personal data about the visitor that they may process as part of the personal profile they store about the user, and may use such data to transmit targeted marketing and advertising messages. Such third parties are responsible for the lawfulness of such activities. For more information on data processing by Google, please visit websites
4.3 Client correspondence and requests for quotes relating to the Service
If you have any questions or problems whilst using the Controller’s Services as a client, you can contact Pressenger Kft as follows:
By post: 9700 Szombathely, Petőfi Sándor utca 1/D
Telephone number: +36 70 635 1232
When a user requests a quote through the website www.pressenger.com, the data provided by the user will be recorded in the server owned by Pressenger Kft, operating the website.
Pressenger Kft deletes incoming e-mails, together with the sender’s name and e-mail address, and all other, voluntarily provided personal data, in no later than 5 years from the transaction.
5 Storing personal data, security of processing
5.1 The computer systems and other data storage places of Pressenger Kft are found in the systems of the hosting provider indicated in Section 2.
5.2 Pressenger Kft is familiar with and complies with the data security requirements set forth in Article 32 of the GDPR, and has, furthermore, its own internal rules of procedure to handle incidents of personal data breach.
5.3 To process personal data, Pressenger Kft selects and operates the IT tools used in the course of the services to make sure that
- a) data is accessible for authorised parties (availability);
- b) the credibility and verification of the data are ensured (credibility of processing);
- c) it can be verified the data is unchanged (data integrity);
- d) data is protected against unauthorised access (data confidentiality).
5.4 Pressenger Kft takes technical, organisational and organisational measures to protect the security of data processing; these measures are commensurate with the risks related to the processing.
5.5 During the processing, Pressenger Kft shall safeguard:
- a) secrecy: protecting information to make sure that only authorised persons have access to it;
- b) integrity: protecting the accuracy and completeness of information and the method of processing;
- c) availability: making sure that, whenever needed by the authorised user, the data shall indeed be accessible and the related tools shall be available.
5.6 The IT system and network of Pressenger Kft and its partners are protected against computer-aided fraud, espionage, sabotage, vandalism, fire and flood, computer viruses, hacking, and attacks resulting in a refusal to perform services. The operator shall ensure security by having server-level and application-level protection procedures in place.
5.7 We inform our users that regardless of the protocols used (email, web, ftp, etc.) electronic messages sent through the internet are exposed to network threats, which lead to unfair activity, contract disputes or the disclosure and modification of information. The Controller shall do its utmost to take preventive measures against such threats. It monitors the systems in order to record any security anomalies, and to have evidence regarding every security event. Monitoring the system also allows the control of the efficiency of the precautions taken.
6 Rights of the data subject, legal remedies
We explained the specific rights the data subject has with regard to individual cases of data processing, and how such right can be exercised under Section 4. Please find below a summary of the rights and legal remedy options the data subject generally has.
6.1 The data subject shall have the right to be informed in an accurate and intelligible way about the processing of his or her personal data. This Privacy Statement was prepared with due consideration of this. Such information must be given without undue delay, but no later than within 30 days.
6.2 The data subject shall have the right to obtain from the Controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data, and to obtain a copy electronically.
6.3 In certain cases the data subject has the right to be forgotten (to erasure). The data subject may, however, exercise this right primarily if the legal ground for the processing is the consent of the data subject, and there is no other legal ground for the processing. This right may not be exercised in the case of other legal grounds. The data subject may withdraw his or her consent at any time without giving justification.
6.4 The data subject may, in certain cases, request the restriction of processing. Such cases may include ones when the accuracy of the personal data is contested by the data subject, and where the data subject objects to processing carried out for a legitimate interest, pending a decision about his or her objection.
6.5 The data subject may request to have personal data concerning him or her rectified.
6.6 If the processing is based on the data subject’s consent, and the fulfilment of a contract, the data subject has the right to data portability. The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a Controller, in a structured, commonly used and machine-readable format, and have the right to transmit those data to another controller without hindrance from the Controller to which the personal data have been provided. The data subject may also request that his or her personal data be transmitted to another controller. Exercising this right, however, shall not adversely affect the rights and freedoms of others.
6.7 The data subject may object to processing based on a legitimate interest. In this case personal data may no longer be processed, unless there are compelling legitimate grounds for the processing which override the rights of the data subject, or which are related to the establishment, exercise or defence of legal claims.
6.8 The data subject shall have special rights in the case automated decision-making, including profiling. The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.
6.9 How to communicate your comments, questions or complaints
In addition to (in the absence of) the data protection officer, you can send any questions, requests and objections in connection with the processing of your personal data in writing or by e-mail to our representative to either of the addresses below:
Address: Pressenger Kft. (registered office: 9700 Szombathely, Petőfi Sándor utca 1/D)
6.10 Judicial remedy
The data subject may initiate an investigation by contacting the National Authority for Data Protection and Freedom of Information (postal address: 1530 Budapest, Pf.: 5, telephone: +36 (1) 391-1400, e-mail: email@example.com, website: www.naih.hu) on the grounds that they suffered the impairment of their rights whilst their personal data were processed, or this directly threatens to be the case, and if their rights were violated, they may take the matter to court.
Budapest, 27 February 2021