DEAR VISITOR!
FORTIX Consulting Ltd. (hereinafter referred to as FORTIX) provides the following information about the use of personal data, as well as the use of guarantees guaranteeing the security of data used. The purpose of this notice is to provide clear, transparent information about the handling of personal data on www.fortix.hu.
We request you to read this information very carefully. Should you have any questions or comments concerning this data processing information or the management of personal data or concerning the interpretation of the legal regulations and the rules, please contact our Data Protection Officer.
Under the provisions of the General Data Protection Regulation (hereinafter GDPR) on the protection of natural persons regarding the processing of personal data and the free movement of such data and repealing Directive 95/46/EC we herewith advise you about the management of personal data and the following guarantees will be applied when processing personal data.
1 ORGANIZATIONAL INFORMATION
Data controller: FORTIX Consulting Kft.
Adress: 1061 Budapest, Liszt Ferenc tér 2. 4. em. 1.
E-mail adress: info@fortix.hu
Phone number: +36 1 781 4842
Website: www.fortix.hu
Data protection officer: dpo@fortix.hu
2 PROCESSED PERSONAL DATA
2.1 Newsletter
When signing up for a newsletter, personal information is provided voluntarily by the data subject.
Collected personal data | Purpose of data processing | Lawful basis for data processing | Retention period |
Name, e-mail adress | Sending electronic messages with direct marketing content, such as newsletters, advertising for the purpose of direct marketing | According to Article 6 (1) (a) of the GDPR data subject’s consent | Until withdrawal of consent * |
*You can withdraw your consent at any time (You may cancel your subscription or withdraw your consent by e-mail or by clicking on the link in the newsletter.) Withdrawal of consent shall not affect the lawfulness of any prior processing.
Registration for an event / training
Personal information is provided voluntarily by the data subject.
Collected personal data | Purpose of data processing | Lawful basis of data processing | Retention period |
Name, e-mail adress, adress | Identification | According to Article 6 (1) (b) of the GDPR preparing and signing a contract | 8 years |
Issue of a certificate | |||
Contact | |||
Issuing an invoice | According to Article 6 (1) (c) of the GDPR legal obligation: Act C of 2000 on Accounting |
2.2 Job application
Personal information is provided voluntarily by the data subject.
Collected personal data | Purpose of data processing | Lawful basis of data processing | Retention period |
Name | Identification | According to Article 6 (1) (b) of the GDPR preparing and signing a contract | Until withdrawal of consent*, but up to the time the position is filled. |
Contact details (e-mail, phone number) | Contact | ||
CV’s data (skills, work experience, education, photo) | Selection of candidate(s) to fill the post |
*You can withdraw your consent at any time (You may cancel your subscription or withdraw your consent by e-mail or by clicking on the link in the newsletter.) Withdrawal of consent shall not affect the lawfulness of any prior processing.
If you wish us to continue to keep your application for the purpose of filling a relevant vacancy in the future, we will keep your data for a further 6 months, subject to your consent, by replying to our letter.
2.3 Business cards
Personal information is provided voluntarily by the data subject (by handing over a business card):
Collected personal data | Purpose of data processing | Lawful basis of data processing | Retention period |
Business card’s data (Name, phone number, e-mail, adress, position) | Contact, building work relationships | According to Article 6 (1) (a) of the GDPR data subject’s consent | Until withdrawal of consent* |
* You can withdraw your consent at any time. Withdrawal of consent shall not affect the lawfulness of the data processing before the withdrawal.
2.4 Contact form
Processing the data of customers, business partners, interested parties by contacting them using the contact details published on the website or by using the contact form on the website.
Collected personal data | Purpose of data processing | Lawful basis of data processing | Retention period |
Name | According to Article 6 (1) (a) of the GDPR data subject’s consent | Until withdrawal of consent* | |
Contact details (E-mail, phone number, adress) | Contact | ||
Message |
* You can withdraw your consent at any time. Withdrawal of consent shall not affect the lawfulness of the data processing before the withdrawal.
2.5 Contracts, offers
Data processing of customers, business partners, contacts in the case of service contracts, offers, invoicing:
Collected personal data | Purpose of data processing | Lawful basis of data processing | Retention period |
Name | Identification | According to Article 6 (1) (f) of the GDPR legitimate interest | Until 8 years after the service is provided or until the data subject objects |
Contact details (E-mail, phone number, adress) | Contact, communication, sending contract / offer | ||
Invoice details | Issuing an invoice | According to Article 6 (1) (c) of the GDPR legal obligation: Act C of 2000 on Accounting | 8 years |
2.6 Cookies
Visitors of website:
Collected cookies | Purpose of data processing | Lawful basis of data processing | Retention period |
PHPSESSID | Cookies are essential for the proper functioning of the website | According to Article 6 (1) (f) of the GDPR legitimate interest | Until the end of the session |
2.7 Adult education contract
Collected personal data | Purpose of data processing | Lawful basis of data processing | Retention period |
Name, birth name, Mother’s name, birth date and place, adress, sex, e-mail, phone number, education level | Identification | According to Article 6 (1) (b) of the GDPR preparing and signing a contract | 8 years According to Article 6 (1) (c) of the GDPR legal obligation: Act C of 2000 on Accounting |
Issue of a certificate | |||
Contact | |||
Issuing an invoice | |||
Fill in the application form | |||
Preparing a contract |
2.8 Adult education statistics, provision of data
Képzéseinken résztvevő személy adatai tekintetében:
Collected personal data | Purpose of data processing | Lawful basis of data processing | Retention period |
Birth date, highest education, sex, postcode, employment status, number of qualifications, who bears the cost of the participant’s participation fee | Providing statistical data anonymously | According to Article 6 (1) (c) of the GDPR legal obligation: 288/2009 (Xll.l5) Government Decree | Until notification accepted |
3 DATA SHARED WITH
The personal data related to the data processing described above may only be known and processed by the employees of FORTIX Consulting Ltd. for the time and to the extent necessary for the performance of their duties. Further data processing is only possible on the basis of an express agreement to this effect between the Parties.
4 AUTOMATED DECISION MAKING AND PROFILING
Please note that no automatized decision making, or profiling will be performed based on the data you supply.
5 DATA TRANSFER
5.1 DATA PROCESSORS
In order to provide our services to you, we work with subcontractors and partners, so the following organisations may also be involved in processing your data. There is no joint processing.
Data processor | Purpose of data processing |
Számlázz.hu (KBOSS.hu Kft., 1031 Budapest, Záhony street 7/c) | Billing |
BB Seven Solution Ltd. (1203 Budapest, Eötvös street 28. ground floor. 2.) | Accounting tasks |
EZIT Ltd. (1132 Budapest, Victor Hugo str. 18-22) | Website management |
MailChimp (512 Means St Suite 404 Atlanta, GA 30318 USA) | Newsletter service |
MailerLite Limited (38 Mount Street Upper, Dublin 2, D02 PR89 Ireland) | Newsletter service |
6 INFORMATION SECURITY
Please be informed that we process your data confidentially, we do not disclose them to any third party without informing you or obtaining your prior consent, or without legal authorization. To meet data security requirements our Company – with proper organizational and technical measures – ensures fair and transparent data management, takes care of the protection and security of your data, particularly against unauthorized access and handling, alteration, transfer, public disclosure, destruction, and incidental destruction (loss) and injuries (damages).
The necessary security and high availability is ensured by the hosting of our servers in a modern server farm. We use modern border protection tools and technological procedures to maintain data security. To ensure that only authorised persons have access to data, we use encrypted channels – VPN, multi-factor authentication – in all cases.
7 YOUR RIGHTS
7.1 Right to request information
As a data subject, you can ask us for information via the contact details provided above that FORTIX
• what personal data,
• on what legal reason,
• for what purpose,
• from what source,
• for how long is controlled, and
• to whom, when, under what legislation FORTIX granted access or forwarded your personal data.
You may request a copy of the personal data processed by FORTIX under Article 15 of the GDPR. We may charge an administrative fee for the provision of additional copy or copies, the amount of which and the method of payment will be provided in advance to the contact details provided by you for this purpose.
7.2 Right to rectification
You can request that FORTIX change any of your personal information (for example, you can change your mailing address at any time). FORTIX will complete the request within a maximum of one month and will notify you of this at the contact details you have provided.
7.3 Right to erasure
FORTIX shall delete your personal data in accordance with the provisions of Article 17 (1) to (2) of the GDPR, if and in the manner that the conditions set out therein are met. As a data subject, you can also initiate the deletion of your personal data managed by FORTIX. Your request for cancellation will be rejected by FORTIX if we have an obligation to further process and store your personal data, such as the retention period required by law. If there is no such obligation, FORTIX will fulfill the request immediately, but not later than within one month, and will notify you of the contact details provided for this purpose.
7.4 Right to restriction of processing
If the conditions set out in Article 18 of the GDPR are met, you can request that your personal data be blocked by the FORTIX (by clearly indicating the limited nature of the data processing and ensuring that it is treated separately from other data). The consequence of blocking is that personal data, with the exception of storage, may only be processed in accordance with the conditions permitted by law. The lock shall be maintained by the FORTIX for the period specified in Article 18 (1) of the GDPR. For example, if you dispute the accuracy of your personal information, then in that case the restriction applies to the period of time that allows FORTIX to verify the accuracy of that personal information FORTIX will inform you in advance about the unlocking.
7.5 Right to data portability
You may request that FORTIX send the personal data in a structured, widely used, machine-readable format to the contact details provided for this purpose. You has the right to transfer this data to another data controller and may request FORTIX to transfer the data directly to the other data controller if this is technically feasible.
7.6 Right to object
You may object to the processing of your data under the provisions of Article 21 of the GDPR, subject to the conditions set out therein. In the event of an objection, FORTIX will no longer process your personal data, except in the cases provided for in Article 21 (1) of the GDPR. If personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for this purpose, including profiling, insofar as it relates to direct business acquisition. If you object to the processing of your data may no longer be processed for that purpose.
7.7 Complaints and Remedies
You may request legal remedy regarding the processing of your data, you may file a complaint with the Data Protection Officer or at the supervisory authority if you suspect that the processing of your data violates the related legal regulation, and you may also file a petition to the court.
Supervisory authority (NAIH):
Nemzeti Adatvédelmi és Információszabadság Hatóság / Hungarian National Authority for Data Protection and Freedom of Information
H- 1055 Budapest, Falk Miksa utca 9-11.
Email: ugyfelszolgalat@naih.hu
Website: https://www.naih.hu/
Please note that this Notice is intended to provide you with clear and transparent information about the processing of personal.