Privacy Policy

Last modified: 15.01.2021.

 Thank You for choosing us! Our company protects and respects Your rights related to Your personal data.

 To comply with the above present privacy policy (hereinafter as: „Policy”) n accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter as: „GDPR”) contains all information regarding the processing of personal data provided to

 

Company name: HalloService Korlátolt Felelősségű Társaság

Registered seat: 4025 Debrecen, Simonffy utca 4-6., I. em. 123., Hungary

Company registration number: 09-09-029559

Tax number: 26236423-2-09

Registered by: Metropolitan Court of Debrecen as Company Registrar

Represented by: Zsolt Ficsor managing director individually

E-mail: info@gomontir.com

Phone number: +36 20 239 3489

(hereinafter as: “Service Provider”)

 

as developer of the application named GOmontir available for iOS and Android operating systems (hereinafter as: „Application”) by vehicle owners (hereinafter as: „User”) seeking for service assistance. The purpose of the Policy is to provide an accurate picture of why and how, and for how long, the Service Provider processes the personal data with which it becomes aware of regarding the Users through the Application or through other channels.

 

I.          A few data privacy related definitions to better understand the Policy

 

Personal data

means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

 

Processing

means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

 

Controller

means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by EU or Member State law;

 

Processor

means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

 

Third party

means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data;

 

Data forwarding

Means the disclosure of personal data to specific third parties;

 

Data subject

Everybody who shares his/her personal data with the Beneficiary through the Website or via other channels or whose personal data is processed by the Beneficiary otherwise. For example, You who reads this Policy;

 

Consent of the data subject

means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

 

Sensitive data

personal data referring to racial origin, nationality, political opinions or membership in any political party, religious or other beliefs, membership of an advocacy organization, sex life, personal data concerning health, pathological data;

 

Genetic data

means personal data relating to the inherited or acquired genetic characteristics of a natural person which give unique information about the physiology or the health of that natural person and which result, in particular, from an analysis of a biological sample from the natural person in question;

 

Biometric data

means personal data resulting from specific technical processing relating to the physical, physiological or behavioral characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopy data;

 

Personal data breach

means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed;

 

Most of the above definitions are the definitions used by the GDPR. The text of the GDPR is available at https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=HU The list is not full, should You have any questions, do not hesitate to contact us.

 

We would like to inform You that we do not process or request any sensitive, genetic or biometric data from You.

 

II.        Other definitions

 

Website

The home page of the Service Provider available at the domain www.gomontir.com

 

III.       In what cases do we process personal data?

 

In accordance with the principles laid down by Article 5 Section (1) of the GDPR the personal data of the User is processed in the following cases:

·         Browsing the Website

·         Registration

·         Using the service through the Application

·         Customer service

 

IV.       Which personal data, for what purpose and how long do we process?

 

In the cases detailed above the legal ground for processing shall be the following:

  • In accordance with article 6 Section (1) Point a) of the GDPR the freely given, specific, informed and unambiguous consent of the User (hereinafter as: „Consent”);
  • In accordance with article 6 Section (1) Point b) of the GDPR processing is necessary for the performance of a contract to which the User is party (hereinafter as: „Performance of Contract”);
  • In accordance with article 6 Section (1) Point c) of the GDPR processing is necessary for compliance with a legal obligation to which the controller is subject (hereinafter as: „Compliance”);
  • In accordance with article 6 Section (1) Point f) of the GDPR processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (hereinafter as: „Legitimate interest”);

 

IV.1.    Browsing the Website

 

Scope of date processed

Purpose of processing

Legal ground for processing

Naming the legitimate interest

Duration of processing

IP address of the User

Protection of the IT systems of Service Provider and securing the Website

Legitimate interest

Secure operation of the Website and the Service

30 days from visiting the Website as latest

 

The Website may be freely visited and browsed by the User without expressively providing any personal data to the Service Provider. However, when visiting the Website at any time, the User’s computer or mobile device sends a request to the Service Provider. It is like sending a letter to which You wish to get the content of the Website as an answer. The Service Provider can only answer this request if the User provides his/her address. This address is the User’s internet identifier address, IP address for short. The Service Provider sends the requested Website to this IP address. This is an automatic process, by typing the domain of the Website to the web browser or by clicking to a link published anywhere that is directing to the Website the User gives his/her consent to provide the IP address for this purpose and to be processed by the Service Provider. To make this „correspondence” smooth the servers of the Service Provider store the IP address of the User in log files.

 

The identification and storing of IP addresses is necessary to protect the IT systems of the Service Provider and the Website as well. Protection against possible malicious activities against the Website is partly ensured by that the Service Provider is logging the operation of the Website and in this log, it lists the IP addresses from which requests to its servers were made. If the Service Provider detects an activity from an IP address that interferes with the secure operation of the Website, the address will be blacklisted. Any malicious activity is prevented and resolved through legal action. If nothing unordinary occurs, the Service Provider deletes the log files and the IP addresses. IP addresses stored in log files will not be used by the Service Provider for any other purpose and will be automatically deleted within 90 days and we keep it only if the User has performed any prohibited activity from that IP address. These activities are either listed above or other activities that violate local, state, national or international law.

 

IV.2.    Registration

 

The service provided through the Application is available free of charge however its use is subject to registration for which the providing of the following data is necessary.

 

Scope of data processed

Purpose of processing

Legal ground for processing

Duration of processing

Username of the User

Identifying the User

Performance of Contract

Until termination of the user account

Phone number of the User

Identifying the User

Performance of Contract

Until termination of the user account

E-mail address of the User

Identifying the User, keeping contact, data necessary to login user account

Performance of Contract

Until termination of the user account

Password set by the User

Data necessary to login user account

Performance of Contract

Until termination of the user account

 

Providing a username is required because the Application registers the User with this name and this name is displayed regarding the User to the service providers (mechanics / repair shops) through the Application, for example when the User gives a feedback of the service provider.

 

Providing the telephone number is necessary, because during the account registration the Service Provider performs two-factor identification and after the registration it sends a link to the User via SMS, with which the User may finalize the registration. In addition, the service providers (mechanics / repair shops) providing their services through the Application also contact the User on this telephone number.

 

Providing the e-mail address serves to identify the User and the User may also login to his / her account using the e-mail address provided at registration and also the Service Provider keeps contact with the User regarding the Application via that address.

 

Providing a password serves to protect the user account and for login to it. Please protect Your password to prevent unauthorized access to Your user account. The Service Provider is not responsible for the loss of the password by the User and the consequences thereof. Shall You lose Your password or detect unauthorized access to Your user account, please notify the Service Provider immediately.

 

IV.3.    Using the service through the Application

 

IV.3.1. Vehicle related data

 

In order for the User to use the services available through the Application, it is necessary to provide the data of the User's vehicle (passenger car / motorcycle). In connection with this, the Service Provider processes the following personal data:

 

Scope of data processed

Purpose of processing

Legal ground for processing

Duration of processing

License plate number of the User’s vehicle

Identifying the User, data necessary for providing the service

Performance of Contract

Until deletion of the registered vehicle but until termination of the user account as latest

Manufacturer of the User’s vehicle

Identifying the User, data necessary for providing the service

Performance of Contract

Until deletion of the registered vehicle but until termination of the user account as latest

Model of the User’s vehicle

Identifying the User, data necessary for providing the service

Performance of Contract

Until deletion of the registered vehicle but until termination of the user account as latest

Color of the User’s vehicle

Identifying the User, data necessary for providing the service

Performance of Contract

Until deletion of the registered vehicle but until termination of the user account as latest

 

Providing the above vehicle-related data is necessary in order for the User to be able to use the services of service providers (mechanics / repair shops) through the Application, as the above data is essential for the mechanic to use the vehicle data, for example to identify the User under these. In addition, for example, if the User seeks repair service, the Application will only offer a repair to the User that is able to provide assistance with the vehicle type or the indicated default.

 

IV.3.2. Use of emergency repair services

 

Scope of data processed

Purpose of processing

Legal ground for processing

Duration of processing

Data indicated in Section IV.3.1. related to the User’s vehicle

Identifying the User, data necessary for providing the service

Performance of Contract

Until the end of the repair work

Location data of the User

Identifying the User, data necessary for providing the service

Performance of Contract

Until the end of the repair work

Photo of the User’s vehicle

Data necessary for providing the service

Performance of Contract

Until the end of the repair work

 

The processing of vehicle data is necessary in order for the mechanic to be able to identify the User and provide the service to the User.

 

The User's location data is necessary for the mechanic to find the User based on the location data sent through the Application and to be able to provide the services to the User.

 

Taking a photo of the vehicle is optional, it is not obligatory to use the service, however, it may help the mechanic to find the User or to determine the nature of the problem.

 

IV.3.3. Repair Shop appointment service

 

Scope of data processed

Purpose of processing

Legal ground for processing

Duration of processing

Data indicated in Section IV.3.1. related to the User’s vehicle

Identifying the User, data necessary for providing the service

Performance of Contract

Until the end of the repair work

Date of appointment booked by the User

Identifying the User, data necessary for providing the service

Performance of Contract

Until the end of the repair work

 

IV.3.4. Feedback

 

Through the Application, both the User may give feedback of the mechanic / repair shop that provided the service for him / her, and also the mechanic / repair shop may give feedback of the User regarding the given transaction:

 

Scope of data processed

Purpose of processing

Legal ground for processing

Naming the legitimate interest

Duration of processing

Username of the User

Data required for the operation of the service, sending feedback about the service

Legitimate interest

Increasing trust in the service, ensuring the appropriate quality of the service

Until termination of the user account

Fee of the service used by the User

Data required for the operation of the service, sending feedback about the service

Legitimate interest

Increasing trust in the service, ensuring the appropriate quality of the service

Until termination of the user account

Date of using the service

Data required for the operation of the service, sending feedback about the service

Legitimate interest

Increasing trust in the service, ensuring the appropriate quality of the service

Until termination of the user account

Indication of the default regarding which the service was used

Data required for the operation of the service, sending feedback about the service

Legitimate interest

Increasing trust in the service, ensuring the appropriate quality of the service

Until termination of the user account

The rating of the User

Data required for the operation of the service, sending feedback about the service

Legitimate interest

Increasing trust in the service, ensuring the appropriate quality of the service

Until termination of the user account

The rating given by the User

Data required for the operation of the service, sending feedback about the service

Legitimate interest

Increasing trust in the service, ensuring the appropriate quality of the service

Until termination of the user account

 

IV.3.5. Sending invitation

 

Scope of data processed

Purpose of processing

Legal ground for processing

Naming the legitimate interest

Duration of processing

E-mail address of the person invited by the User

Sending the invitation

Legitimate interest

Promotion of the service, acquiring users

Until sending the invitation

Phone number of the person invited by the User

Sending the invitation

Legitimate interest

Promotion of the service, acquiring users

Until sending the invitation

 

The User may also invite third parties to use the service through the Application, who may use the Service at a discounted price with their invitation code, and the Service Provider may also provide discounts to the User based on the invitations sent. The Service Provider processes the e-mail address of the invited person under its legitimate interest, however, the consent to provide the e-mail address of the invited person is the User's obligation and responsibility.

 

IV.4.    Customer service

 

In order to provide technical support for the Users and to provide information for them and to help them exercising their rights the Service Provider maintain customer service which may be reached by the User via e-mail or phone.

 

IV.4.1.  In case of inquiries sent by e-mail:

 

If the User contacts us by e-mail at the address info@gomontir.com then in order to be able to fulfill requests with proper quality assurance the following personal data is processed.

 

Scope of data processed

Purpose of processing

Legal ground for processing

Duration of processing

First and last name of the User

Identifying the User, fulfillment of requests

Performance of Contract

Until objection against processing but for quality assurance by 31st December of the year in which the request was resolved.

E-mail address of the User

Identifying the User, fulfillment of requests

Performance of Contract

Until objection against processing but for quality assurance by 31st December of the year in which the request was resolved

The social media contact of the User possibly shared by the User in his/her e-mail „signature”

-

Performance of Contract

Until objection against processing but for quality assurance by 31st December of the year in which the request was resolved

 

The Service Provider will process the data indicated above as personal data only if the provided e-mail address contains the name of a natural person. If the provided e-mail address is general format (e.g. info@example.hu or finance@example.hu), the Service Provider processes the data, however, the data does not qualify as personal data.

 

IV.4.2. In case inquiries by phone

 

If the User contacts the Service Provider by phone or if the Service Provider calls the User back, then we draw the attention of the User that for quality assurance purposes and to fulfill the request the following data will be processed. We inform the Users that the phone conversation will not be recorded.

 

Scope of data processed

Purpose of processing

Legal ground for processing

Duration of processing

First and last name of the User

Identifying the User, fulfillment of requests

Performance of Contract

Until objection against processing but for quality assurance by 31st December of the year in which the request was resolved

Phone number of the User

Identifying the User, fulfillment of requests

Performance of Contract

Until objection against processing but for quality assurance by 31st December of the year in which the request was resolved

 

We kindly request the Users to not share any additional personal information in addition to the above especially if it is not requested by us. Unsolicited data will be immediately and irrevocably deleted and at the same time we also exclude any liability regarding data that we became aware of this way.

 

V.        What are cookies and why we use them?

 

Cookies are data packages that are sent by our webservers to Your computer automatically, where they are stored – depending on the type of the cookie – for a definite period of time.

 

Cookies do not hold any security risk to Your computer or not cause any malfunction.

 

In order to ensure the smooth operation of the Website, certain cookies (known as session cookies) are automatically installed on Your computer when You visit the Website. The purpose of such cookies is to ensure the security of the Website, to preserve the data recorded on our online forms, to display multimedia content and to balance the traffic on the Website. Personal data collected through the use of these cookies (in particular the IP address of Your computer) will be processed for our legitimate interest in the safe and smooth operation of the Website for the duration of Your stay on our Website. Closing Your browser will automatically delete them from Your computer.

 

With Your consent given on the Website, the following types of cookies may be installed on Your computer for the following purposes:

 

•   Cookies for web analytical measurements and for statistical purposes (e.g. Google Analytics). These are important to us because we are provided with information about the specific characteristics of our visitors (IP address, city, type of device, browser, operating system You are using, and what sub-pages You have visited on our site). We use these data anonymized for statistics and reports to improve the Website our marketing strategy.

 

•   Remarketing cookies (such as Google AdWords) allow us to analyze how You use our site and, consequently, to display personalized content to You, including advertising on online platforms outside our site (e.g. other websites or social media).

 

In addition, we distinguish between session-specific cookies and persistent cookies. A cookie valid for a single session only survives until the Data subject closes the browser. Permanent cookies continue to live and are not automatically deleted when You close Your browser. Why do they stay there and what's good about it? Well, such persistent cookies, for example, help to make the site run faster and remembering things that the Data subject has set for himself/herself on the Website.

 

You can manage cookies in Your browser’s settings. How these settings are set depends on the type of Your browser.

 

You may find information on cookie settings for the most popular browsers on the following link:

 

·       Google Chrome: https://support.google.com/chrome/answer/95647?hl=hu-hu&p=cpn_cookies

·       Firefox:  https://support.mozilla.org/hu/kb/sutik-informacio-amelyet-weboldalak-tarolnak-szami

·       Internet Explorer: https://support.microsoft.com/hu-hu/help/17442/windows-internet-explorer-delete-manage-cookies

·       Safari: https://support.apple.com/hu-hu/HT201265

 

VI.       Where and how data is processed?

 

We store personal data on paper or electronically. If the data is stored on paper (for example, in the case of contractual data), it will take place in a secure location to which access will be restricted among the Service Provider’s employees.

 

To store the data electronically and to operate the Application, the Service Provider uses the Google Cloud and Google Plaster hosting service, the service provider of which is as follows:

 

·       Company name: Google Ireland Ltd

·       Registered seat: Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

·       Registration number: 368047

·       Represented by: Elizabeth Margaret Cunningham director

·       Phone: +353 1 436 1000

·       Location of servers: Dublin, Ireland

            (hereinafter as: “Google”)

 

Google processes EU related data within the territory of the European Union through its servers located in Dublin, Ireland. Google may not access, modify, delete, use or otherwise manipulate the User related data stored on the server provided by Google. If, for any reason, Google processes personal data outside the European Union, it will provide adequate protection in accordance with the provisions of the GDPR as a result of being subject to the SCC code of conduct. Learn more at https://policies.google.com/privacy/frameworks 

 

Google provides the protection of data on multiple levels, such as physically protecting data storage servers, which are secured and supervised by security guards and technicians, it restricts access to server rooms by its employees and by providing uninterruptible power supply and other state-of-the-art infrastructure, restricting access to data, continuously monitoring its system, encryption and firewall protection. The Google Privacy Policy is available at https://policies.google.com/privacy

 

The Service Provider shall take all necessary technical and organizational measures and precautions to protect personal data and their quality, including restricting access to personal data among its employees, ensuring continuous provision of physical electronic and procedural protection that complies with personal data. so that, among other things, the servers run in a confined space, computing devices are password and firewall protected.

 

Notwithstanding the above, the Service Provider shall not be liable for any damage, destruction or unauthorized access to the data in the event of technical error, natural disaster, terrorist or criminal act.

 

VII.      What rights do You have related to processing of Your personal data?

 

Request for information (right to access): You may request information about the processing of Your personal data at any time, either in person, at our registered seat address, in writing by sending a registered letter or by email to info@gomontir.com

 

Pursuant to Article 15 Section (1) of the GDPR, a request may include information on the data processed, their source, purpose, legal ground, duration, name and address of any processor, processing activities and Your rights in relation to processing. In the case of data transfer, to whom and for what purpose Your data have been or will be transferred.

 

A request for information is considered authentic by us if You are clearly identified by it. If the request is sent by e-mail or post, only the e-mail sent from Your registered e-mail address will be considered as authentic, and we will only be able to send information to the postal address registered by us. Unless You voluntarily verify Your identity otherwise, we will not be able to send information to an e-mail address or postal address that is not registered in our records in order to protect Your privacy.

 

Rectification: You may at any time request the rectification, modification or amendment of Your data in the same manner described above. We can also do this only on the basis of a request from a credible source presented when submitting the request.

 

Restriction: You may request that we restrict the processing of our personal information in particular if:

 

a) You argue the accuracy of the personal data we process. In this case, the limitation refers to the period during which the accuracy of the data is checked.

b) Although the legal ground for processing dos does not stand for us, but You are requesting us in writing to keep them for the purpose of filing, asserting or defending any legal claim You may have

 

Objection: If we process Your personal data on the ground of legitimate interest, You may at any time object to the processing of Your personal data. In such cases, we will review the legality of the objection and, if it is well established, we terminate the processing of data and notify anyone to whom the personal data subject to the objection may have been previously transmitted.

 

Deletion (“Right to be forgotten”): You may request the deletion of Your personal data at any time for any of the reasons set out in Article 17 Section (1) of the GDPR.

 

We may refuse deletion if the processing of Your personal data is required by law or if it is necessary to enforce our legal claims. We will always inform You about the refusal of the request for deletion. Once it is deleted, the data cannot be recovered.

 

Transfer of Personal Data (Portability): You may at any time request us to transfer the data processed in connection with You in a structured, widely used, machine-readable format to You or to another controller.

 

We kindly ask You to not exercise the above rights improperly, but only if it has a real ground or if any of the conditions set out in the GDPR actually exist.

 

VIII.    How can You withdraw Your consent if the ground for processing is based on consent?

 

If under present Policy the legal ground of processing is the data subject's i.e. the User's consent, then the User has the right to withdraw this consent. Depending on the purpose of processing there are many ways to do it. You may withdraw Your consent given at browsing at any time, free of charge and without limitation by revisiting the Website and clicking on the pop-up window. In addition, if You do not have the possibility to withdraw Your consent this way, you may withdraw it by sending a message to info@gomontir.com or in case of newsletter subscription by clicking on the "Unsubscribe" button at the bottom of the email or by sending a letter to the Service Provider's headquarters address.

 

Please note that the withdrawal of consent does not affect the legality of the processing prior to the withdrawal.

 

IX.    Data processor, data forwarding

 

Your personal information will be kept confidential and will not be disclosed to any third party except as set forth below.

 

IX.1. Correspondence (e-mail)

 

The Service Provider uses Gmail by Google to manage correspondence by e-mail regarding which further information was provided in Section VI.

 

IX.2. Data forwarding related to sending messages

 

The Service Provider may also send text messages to the User to the telephone number provided during registration in connection with the service - if the User has downloaded the application - using an application called WhatsApp. In this case, the User's telephone number will be forwarded to the operator of the WhatsApp application, the contact details of which are as follows:

 

  • Company name: WhatsApp Ireland Limited
  • Registered seat: 4 Grand Canal Square, Grand Canal Harbour Dublin Ireland
  • Registration number: IE607470
  • E-mail: DPO-inquiries@support.whatsapp.com

(hereinafter as: „WhatsApp”)

 

WhatsApp’s privacy policy is available at https://www.whatsapp.com/legal/updates/privacy-policy/?lang=en

IX.3.    Data forwarding related to the use of the service

 

In case of using the service available through the Application, the Service Provider may transmit the data of the User specified in Section IV. to the mechanic / repair shop chosen by the User, whose name and contact details will become available to the User during the selection process, even before the transmission of the data.

 

IX.4.    Data forwarding related to enforcement of claims

 

If the Service Provider wishes to enforce any legitimate claim, it may forward documents that contain personal data. The Service Provider is entitled to transmit personal data to a legal representative, authority or court for the purpose of claim enforcement.

 

X.        What third-party social media plug-ins may be found on our Website?

 

To receive feedback on the contents we share on the Website and to share them we use social media sites meaning we use the services (plugins) of third-party providers. The plugins are only active when You specifically click on the button to allow them to contact social media sites. The plugins of the following two social media sites can be found on our website: Facebook, Instagram, Youtube, Google Play, Apple AppStore

 

If You are logged in to any of these sites it may occur that Your visit on the site will be attached to Your personal profile. If you click on the specific button, your browser will forward the relevant information directly to that social media site and store them there.

 

Information about the scope and purpose of the data collected, further processing of Your data and use of Your data by the social media provider, and Your rights regarding personal data can be found in privacy statements of the social media providers, which are available at:

 

Facebook: https://www.facebook.com/policy.php

Instagram: https://help.instagram.com/519522125107875

Youtube: https://policies.google.com/privacy

Google Play: https://policies.google.com/privacy

Appstore: https://www.apple.com/legal/privacy/hu/

 

XI.       To whom and in what cases are we required to disclose personal data?

We may be requested to disclose personal data we process to authorities upon request. Our company cannot be held liable for any such transfer or any resulting consequences. We will always inform You about the transfer.

 

XII.     What are the responsibilities with regard to the personal data You provide?

When You provide us Your personal data, You are responsible for ensuring that the information and contributions You make are true and correct.

We ask You to provide us third-party data only if specifically authorized to do so by the third party. Our company assumes no liability for any resulting claims.

If a third-party object the processing of personal data by credibly verifying its identity, we will immediately delete third-party data without notifying You. Please only provide third-party personal data only if you have informed the third party of the availability of this Policy.

We kindly request You to do not provide us with additional personal data in addition to the data specified in Section IV. above. If You provide the Service Provider with any personal information in addition to the data requested by the Service Provider in any way, the Service Provider will immediately make it unrecognizable and irrevocably deletes them and exclude its liability for data voluntarily provided by the User to the Service Provider without the Service Provider 's request.

 

XIII.    Management of Personal data breach

 Any personal data breach that may occur will be reported to the supervisory authority within 72 hours from becoming known to us in accordance with the law, and we will also maintain records of any breach that may occur. In the cases specified by law, we also inform the Sponsors concerned.

 XIV.    Data Protection Officer (DPO)

 Pursuant to Article 37 of the GDPR appointment of a DPO is mandatory if:

a) the processing is carried out by a public authority or body, except for courts acting in their judicial capacity;

b) the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale; or

c) the core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant to Article 9 and personal data relating to criminal convictions and offences referred to in Article 10.

With respect to that the Service Provider is not subject to any of the clauses above and because there is no other compelling reason to appoint a DPO we are not appointing anyone for this position.

 XV.      Amendment of the Privacy Policy

 If the scope of the processed data, the legal ground of the processing or other circumstances change, this Policy will be amended and published in accordance with the provisions of the GDPR and the User will be notified of such change given that the changes will become effective from the 5th business day following the date of publication. Please be sure to read the Policy changes carefully as they contain important information about the processing of Your personal data.

 

XVI.    To whom You can turn to for information regarding Your personal data or to exercise Your rights?

 

If You have any questions, please contact us by email at info@gomontir.com and by phone at +36 20 2393489 or by post at the address 4025 Debrecen, Simonffy utca 4-6., I. em. 123., Hungary

The User is entitled to exercise his / her rights related to the processing of personal data against the Service Provider as controller. If You wish to exercise Your rights, You must notify the Service Provider first.

If You feel that Your rights have been violated, You can complain to the National Authority for Privacy and Freedom of Information:

 

Name: National Authority for Privacy and Freedom of Information

Address: 1055 Budapest, Falk Miksa utca 9-11., Hungary

Mailing address: 1363 Budapest, PO box: 9., Hungary

Phone: +36 1 391 1400

E-mail: ugyfelszolgalat@naih.hu

Website: http://www.naih.hu