Privacy policy

Privacy policy

1. Purpose of the data management information

The GET Ltd. (H-8640, Fonyód, Béke u. 4., Hereinafter referred to as Service Provider) as a controller, recognizes itself bound by the contents of this legal notice. Undertakes to ensure that all activities related to data management complies with the present regulations and the applicable national legislation and specific legal acts of the European Union requirements.

The data protection guidelines arising in connection with the data management of the Service Provider are available at  www.getgroup.co.hu/en/privacy policy at all times.

The Service Provider reserves the right to change this information at any time. Of course, we will notify our audience in a timely manner of any changes.

If you have questions related to this document, please contact us at adatvedelem@getgroup.co.hu, and our colleagues will answer any questions. The Service Provider is committed to the protection of the personal data of its customers and partners, and it is of paramount importance to respect the right of its customers to information self-determination. The Service Provider treats personal data confidentially and takes all security, technical and organizational measures that guarantee the security of the data.

The Service Provider describes its data management practices below.

2. The controller data

If you contact our Company, you can contact the data controller at www.getgroup.co.hu (hereinafter the Website) and adatvedelem@getgroup.co.hu.

The Service Provider deletes all e-mails received by the data controller within 10 working days at the written initiative of the user. This request can be reported to adatvedelem@getgroup.co.hu.

The data controller is GET Kft. 

Registered office / postal address: H-8640 Fonyód, Béke u. 4.; tax number: HU13375542

Representative: Gábor Molnár managing director

Contact: info@getgroup.co.hu  

Court of Registry: Court of Registration of Kaposvár Court of Registration 

Company registration number: 14-09-306150

3. Scope of personal data processed

3 .1. Personal data arising from documents sent during the submission of the advertised job application

The data provided for the purposes specified in the following section is processed with the voluntary consent of the user. 

• Scope of data managed:

– Name      

– Birth name

-Place and date of Birth

-Address   

– e-mail address

– Phone number

– qualification   

• Scope of potentially managed special data:

– first-level occupational medical fitness opinion – if tied to a job

– moral certificate – if tied to a job      

The data controller is not responsible for the inaccuracy of the data provided by the user.

3.2. Customers’ data management

• Scope of data managed:

–          Company name/Name

–          Address

–          Delivery address

–          Tax nr/ Registration nr.

–          Phone number

–          e-mail address

–          Contact person’s name

• Scope of potentially managed special data:

–          payment morale

3.3. Person under 16’s data management

If the data manager has acquired the data of persons under the age of 16, they must be deleted with immediate action.

3. 4. Technical data

The Service Provider selects and operates the IT tools used for the management of personal data during the provision of the service in such a way that the managed data:

• accessible to those entitled to it (availability);
• authenticity and authentication are ensured (authenticity of data management);
• its invariability can be justified (data integrity);
• be protected against unauthorized access (data confidentiality).

The Service Provider protects the data with appropriate measures against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as accidental destruction.

The Service Provider shall ensure the protection of the security of data management with technical, organizational and organizational measures that provide a level of protection appropriate to the risks arising in connection with data management.

The Service Provider retains it during data management

• confidentiality: protects information so that only those who have the right authorization to do so can access it;
• integrity: protects the accuracy and completeness of the information and the method of processing;
• availability: ensures that when an authorized user needs it, they can actually access the information they want and have the tools to do so.

3.5. Cookies

3.5.1. The task of cookies

• collect information about visitors and their devices;
• observe individual preferences of visitors, which will be used for example the data provided during registration, so there is no need to re-type them;
• facilitate the use of the website;
• provide a quality user experience.

In order to provide customized service, a small data packet, the so-called cookie is saved on the users’ device, which will be read again during a subsequent visit. If the browser returns a previously saved cookie, the cookie provider has the option to link the user’s current visit to the previous ones, but only for their own content.

3.5.2. Necessary session cookies

The purpose of these cookies is for visitors to fully and seamlessly browse the Website, use its features and the available services. These types of cookies last until the end of the session (browsing), and when the user closes the browser, these types of cookies are automatically deleted from their computer or other device used for browsing.

3.5.3. Placed by third-party cookies (analysis)

The Website also uses Google Analytics as a third-party cookie. Google Analytics using statistical purposes of the Website collects information about the visitors how to use the web pages. Use the data to improve the website and improve the user experience. These cookies also remain on the visitor’s computer or other device used for browsing, in its browser or until the visitor deletes them until they expire.

3.5.4. Social media ADD-ons

Plug-ins on the Portal are disabled by default. These extensions are also cookies. Extensions are only enabled if the Data Subject clicks on the button for this purpose (eg. they like an article, pin an image, or start following the Service Provider’s Facebook page with the “like” button on the page). By enabling the plug-in, i.e., by pressing the “like button”, the Data Subject will establish a link with the social site, ie clearly state that he / she consents to the transfer of his / her data to Facebook / Twitter / Linked-in / Pinterest / Instagram. If the Target is logged in to Facebook / Twitter / Linked-in / Pinterest / Instagram, they may find that the social network is associated with a visit to the affected community account. If the Data Subject clicks on one of the above-mentioned social media buttons, your browser will transmit the relevant information directly to that social network and store it there. Information on the scope and purpose of data collection, further processing and use of their data by Facebook / Twitter / Linked-in / Pinterest / Instagram, your rights and settings to protect your personal data can be found in the privacy statement of the respective social media. The user of the website acknowledges that they have consented to the processing of their data by Google by using the website
 
 

4. Intended use / purpose of the processed data, legal basis and retention period

5. Data Management Guidelines

5.1. General data management guidelines

The data management of the Service Provider’s activities is based on voluntary consent and legal authorization. In the case of data processing based on voluntary consent, data subjects may withdraw their consent at any stage of the data processing.

In some cases, the handling, storage and transmission of a given set of data is required by law, of which we notify our customers separately.

We draw the attention of informants to the Service Provider that if they do not provide their own personal data, the informant is obliged to obtain the consent of the data subject.

Its data management principles are in line with existing data protection legislation, in particular:

• 2011 CXII. Act on the Right to Information Self-Determination and Freedom of Information (Infotv .);
• The European Parliament and the Council (EU) No 2016/679 (April 27 2016) – the natural persons to personal data handling in respect of breaks Teno protection and for this free flow of information, and Regulation 95/46 / EC and repealing (General Data Protection Regulation, GDPR);
• Act V of 2013 – on the Civil Code (Civil Code); Act C of 2000 – on Accounting (Act on Accounting);   
• 2017 LIII. law – Prevention of money laundering and terrorist financing and the prevention (AML.);
• 2013 CCXXXVII. Law – a credit from financial companies and from (the Act.).

6. Physical storage locations for data

Location of physical storage of data:

GET Kft.

Address: 8640 Fonyód, Béke u. 4.

Company registration nr.: 14-09-306150. 

On the servers of GET Kft., from which backups are made for data security. Furthermore, in paper and electronic form, the availability of which is subject to authorization.

Data storage time:

– After the evaluation of the application, the data carriers containing the personal data of unsuccessful applicants must be returned to the applicant within 4 months, upon request, or the applicant’s personal data must be destroyed in the absence of consent for use in further applications. If consent is given, the retention period is 4 months.

– The specified period of time according to the applicable laws and regulations.

7. Data transmission, data processing, the circle of those who get to know the data

User data can only be accessed by the data controller and the employees working with the data controller. The Service Provider may use a data processor for the performance of tasks arising in the course of its activities (accounting, declaration).

8. Rights and enforcement options of the data subject

The data subject may request information on the processing of his / her personal data, as well as request the correction or deletion of personal data, with the exception of mandatory data processing, exercise his / her right to carry data and protest in the manner indicated at the time of data collection.

8.1. Information on rights

The Service shall take appropriate measures to ensure that the people concerned to personal data treatment, for the GDPR 13th and the 14th article mentioned all information and the 15-22. and Article 34 shall be provided in a concise, transparent, comprehensible and easily accessible form, in a clear and comprehensible manner.

8.2. The data subject ‘s right of access

The data subject has the right to receive feedback from the data controller as to whether the processing of his or her personal data is in progress and, if such data processing is in progress, he or she has the right to access the personal data and the following information: purposes of data processing; the categories of personal data concerned; the recipients or categories of recipients to whom the personal data have been or will be communicated, including in particular recipients in third countries or international organizations; the intended duration of the storage of personal data; the right to rectify, erase or restrict data processing and to protest; the right to lodge a complaint with the supervisory authority; information on data sources; the fact of automated decision-making, including profiling, and comprehensible information on the logic used and the significance of such data management and the expected consequences for the data subject. The controller shall provide the information no later than one month after the submission of the request. 

8.3. Right of rectification

The data subject may request the correction of inaccurate personal data processed by the Service Provider and the supplementation of incomplete data.

8.4. Right of cancellation / forgetting

The data subject is entitled to delete the personal data concerning him / her without undue delay at his / her request if one of the following reasons exists: personal data are no longer required for the purpose for which they were collected or otherwise processed;

• personal data are no longer required for the purpose for which they were collected or otherwise processed;
• the data subject withdraws the consent on which the data processing is based and there is no other legal basis for the data processing;
• personal data have been processed unlawfully;
• personal data must be deleted in order to fulfil a legal obligation under EU or Member State law applicable to the controller;
• personal data were collected in connection with the provision of information society services.

Deletion of data may not be initiated if the processing is necessary: ​​for the purpose of exercising the right to freedom of expression and information; for the purpose of fulfilling an obligation under Union or Member State law governing the processing of personal data or performing a task carried out in the public interest or in the exercise of official authority vested in the controller; in the field of public health, or for archival, scientific and historical research or statistical purposes, in the public interest; or to bring, assert or defend legal claims. 

8.5. A guide for data management restrictions on rights

At the request of the data subject, the Service Provider restricts data management if one of the following conditions is met:

• the data subject disputes the accuracy of the personal data, in which case the restriction shall apply for a period which allows the accuracy of the personal data to be verified;
• the processing is unlawful and the data subject opposes the deletion of the data and instead requests that their use be restricted;
• the controller no longer needs the personal data for the purpose of data processing, but the data subject requests them in order to make, enforce or protect legal claims; obsession
• the data subject has objected to the processing; this case the limitation that the period applies until it is determined whether the data controller will be given priority legitimate grounds for legitimate reasons to the affected eye.

Where processing is restricted, personal data may be processed, with the exception of storage, only with the consent of the data subject or for the purpose of bringing, enforcing or protecting legal claims, protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State.

8.6. Right to data storage

The data subject is entitled to the relevant personal data which it has made available to the data controller articulated a broad range of used machine -readable format will receive, and those of the data to another data controller forward.

Automated individual decision-making matters, including the profiling

The question is entitled to, it does not spread out it is so, only automated data management – effect on the decision, which would have considerably likewise his or her effect on him – including the profiling can also be affected.

8.7. Right to protest

The data subject is entitled to for reasons of their own situation at any time object to your personal data in the context of public interest or conferred on the controller public authority exercising the task to implement the necessary data management, or the data controller or a third-party contract management is required to validate legitimate interests, including profiling based on those provisions is. Protest in case the controller of personal data did not manage further, except where justified by compelling legitimate grounds, which take precedence over the interests, rights and freedoms of the data subject, or which may distribute, exercise or defence of legal claims related.

8.8. Automated decision-making in individual cases, including profiling

The data subject has the right not to be subject to the scope of decision-making based solely on automated data management, including profiling, which would have legal effects on him or affect him to a similar extent.

8. 9. Right of withdrawal

The data subject has the right to withdraw his or her consent at any time.

8.10. Right to apply to the courts

In the event of a breach of his rights, the data subject may take legal action against the data controller. The court is acting out of turn in the case.

8. 11. Data protection authority procedure

Complaints can be lodged with the National Data Protection and Freedom of Information Authority:
Name: National Data Protection and Freedom of Information Authority
Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22 / C.
Mailing address: 1530 Budapest, Pf .: 5.
Phone: 0613911400
Fax: 0613911410
E-mail: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu

9. Other provisions

Information on data processing not listed in this prospectus will be provided at the time of data collection.

We inform our clients that the court, the prosecutor, the investigating authority, the infringement authority, the administrative authority, the National Data Protection and Freedom of Information Authority, the Magyar Nemzeti Bank, or other bodies authorized by law, provide information, disclose data, hand over documents or documents they may contact the controller to make it available.

The Service to the authorities – personal – when the Authority has indicated the exact purpose and scope of data data only so much and so much to it, which is a request purpose is essential to implement.

10. Amendments to the Prospectus

The Data Controller reserves the right to amend this Data Management Information and publish it on www.getgroup.co.hu by unilateral decision.