"Automation and Commerce!"
Privacy Policy
Effective January 15, 2020
Click here to download in pdf format.
I. The Data Controller (Service Provider)
Name of the service provider:
Quantum Automation Ltd.
Registered office and postal address:
2040 Budaörs, Gyár utca 2.
Company registration number:
13-09-190861
Tax number:
13672784213
His e-mail address:
Website address:
Call center:
+36 30 539 1501
Location and contact details for handling complaints:
2040 Budaörs,
Gyár utca 2. (Teller Ede krt. 111.)
+36 30 539 1501
Weekdays from 10:00 to 16:00
Hosting Provider Name:
wix.com
Hosting provider address:
II. Privacy Policy Applied by the Company
1. The Service Provider, as a data controller, undertakes that all data processing related to its activities complies with the requirements specified in these regulations and the applicable national legislation, as well as in the legal acts of the European Union.
2. Information related to the Service Provider's data management is continuously available in the footer of the home page of the www.quantumautomation.hu website operated by the Service Provider.
3. The Service Provider is entitled to unilaterally amend the Data Management Prospectus. In case of modification of the Data Management Information, the Service Provider will notify the user by publishing the changes on quantumautomation.hu. By using the Service after the change takes effect, you agree to
amended Privacy Notice.
4. The Service Provider is committed to the protection of the personal data of its customers and partners, and it is of paramount importance to respect the right of its customers to self-determination of information. The Service Provider treats personal data confidentially and takes all security, technical and organizational measures that guarantee the security of the data. The data management practices of the Service Provider are included in this data management information.
5. The data management principles of the Service Provider are in accordance with the applicable data protection legislation, in particular the following:
- 2011 CXII. Act on the Right to Self-Determination of Information and Freedom of Information (Infotv.);
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46 (General Data Protection Regulation, GDPR);
- Act V of 2013 - on the Civil Code (Civil Code);
- Act C of 2000 - on Accounting (Act on Accounting);
- 2007 CXXXVI. Act on the Prevention of Money Laundering and Terrorist Financing and
prevention (Pmt.);
- CVIII of 2001 law - electronic commerce services, as well as information
on certain issues of services related to society (Eker. Act);
- XLVIII of 2008 Act on the Basic Conditions and Certain Restrictions of Economic Advertising (Grt.).
6. The Service Provider uses personal data on the basis of the legal basis in the GDPR and only for the purpose.
7. The Service Provider undertakes to publish a clear, attention-grabbing and unambiguous communication informing them of the method, purpose and principles of data collection before recording, recording or processing any Personal Data of its users. In the case of mandatory data provision, the legislation ordering Data Management must also be indicated. The data subject must be informed of the purpose of the Data Management and who will handle and process the Personal Data.
8. In all cases where the Company intends to use the provided Personal Data for a purpose other than the purpose of the original data collection, it shall inform the user thereof and obtain his or her prior express consent, or provide him or her with the opportunity to prohibit the use.
III. Legal basis, purpose and scope of the processed data, duration of the data processing, persons entitled to access personal data
1. The data processing of the Service Provider is based on the following legal bases (Article 6 (1) GDPR):
(a) the data subject has consented to the processing of his or her personal data for one or more specific purposes (voluntary consent);
(b) processing is necessary for the performance of a contract to which the data subject is subject or in order to take steps at the request of the data subject prior to the conclusion of the contract (performance of the contract);
(c) processing is necessary for compliance with a legal obligation to which the controller is subject (legal obligation);
(d) processing is necessary for the protection of the legitimate interests of the controller or of a third party (legitimate interest).
2. In the case of data processing based on voluntary consent, data subjects may withdraw that consent at any stage of the data processing.
3. A minor who is incapable of acting and has limited legal capacity may not use the service through the system of the Service Provider.
4. In certain cases, the handling, storage and transmission of a set of provided data is required by law, of which we will notify the users separately.
5. We draw the attention of informants to the Service Provider that if they do not provide their own personal data, the informant is obliged to obtain the consent of the data subject.
6. Personal data may only be processed for specified purposes. At all stages of data processing, the purpose of data processing must be appropriate, and the collection and processing of data must be fair and lawful. Only personal data that is essential for the purpose of data processing and suitable for that purpose may be processed. Personal data may only be processed to the extent and for the time necessary to achieve the purpose. The Service Provider does not use personal data for purposes other than those indicated.
7. Electronic newsletter
Purpose of data management: Sending e-mail newsletters, including advertisements, to those interested. If the user subscribes to the newsletter, the Service Provider may send him a newsletter at a frequency of his own choice. As far as possible, the Service Provider strives to offer a relevant product of interest to the User based on the place of residence, previous purchases and other data collected in the field of profiling.
Legal basis for data processing: voluntary consent of the data subject, Article 6 (1) GDPR. the dot.
The scope of the data managed: name, e-mail address, postal code, telephone number, and data collected during profiling.
Deadline for deleting the data: The provided data will be handled by the Service Provider until the User prohibits the use of the data for such purposes by unsubscribing. You can unsubscribe from the newsletter by clicking the Unsubscribe link at the bottom of the newsletter. Personal data will be deleted within 10 working days of receiving the request.
Possible consequences of failure to provide data: the User will not receive any notifications.
8. Cookie handling
A cookie is a packet of alphanumeric information sent by a web server that is stored on a user's computer and stored for a predetermined period of time. The use of cookies allows you to query certain information about the visitor and to monitor your internet usage. Cookies help to keep track of the interests, internet usage habits and website visit history of the affected User in order to optimize the User's shopping experience. Because cookies act as a kind of tag with which the website can recognize the visitor returning to the page, their application can also store a valid username and password on the given page. If the
browser returns a previously saved cookie, the cookie provider has the option to link the user's current visit to the previous ones, but only for their own content. The information sent by cookies makes it easier for Internet browsers to recognize them, so that Users can receive relevant and “personalized” content. Cookies make browsing more convenient, including online data security needs and relevant advertising. With the help of cookies, the Service Provider may also compile anonymous (anonymous) statistics about the habits of page visitors, so
we can further customize the look and content of the page. The Service Provider's website uses two types of cookies:
- Temporary cookies - session-id cookies that are essential for the use of the site. Their use is essential for navigating the website, for the functions of the website to work. Without acceptance, the website or parts of it will not be displayed, and browsing will be blocked.
- Persistent cookies, which, depending on the web search settings, last longer or until then on the device
remain until deleted by the User. Within these, we can talk about internal or external cookies.
If the Service Provider's web server installs the cookie and the data is transferred to its own database, we are talking about an internal cookie. If the cookie is installed by the Service Provider's web server, but the data is transferred to an external service provider, we are talking about an external cookie. Such external cookies are also cookies from third parties that are placed by third parties in the User's browser (Google Analytics, Facebook Pixel). These are placed in the browser if the website you are visiting is used by a third party
services provided by the party. The purpose of persistent cookies is to ensure the highest possible level of performance of the given site in order to increase the user experience.
When you visit the website, you will find a cookie warning on the login page
With the push button, the User can give his consent for the permanent cookies to be stored on the User's computer and accessed by the Service Provider.
The User may use the browser to set and block cookie activity. Cookies can usually be managed in your browser's Tools / Settings menu under Privacy / History / Custom Settings under the name cookie, cookie or trace. However, please note that in the latter case, without the use of cookies, the User may not be able to use all the services of the website.
Legal basis for data processing: voluntary consent of the data subject, Article 6 (1) GDPR. the dot.
The scope of the managed data: identification number, date, time, and the previously visited page.
Duration of data management: temporary cookies are stored until the user closes all browsers of that type. Persistent cookies are stored on the user's computer for 1 year or until they are deleted by the User.
Possible consequences of failure to provide data: incomplete use of the website's services, failure of payment transactions, inaccuracy of analytical measurements.
9. Statistical data
The data may be used by the data controller for statistical purposes. The use of the data in a statistically aggregated form shall not contain the name of the user concerned or any other personally identifiable information in any form.
10. Data to be technically recorded during the operation of the system The data to be technically recorded is the data of the User's login computer, which is
generated during the use of the service and which are logged by the data management system as an automatic result of technical processes (eg IP address, session ID). Due to the operation of the Internet, the system automatically logs the data to be recorded without the use of the Internet, without the User's express statement or action. The Internet will not work without these automatic server-client communications. This data may not be linked to other personal data of the User, except in cases required by law. Only the Data Controller has access to the data.
Log files are automatically and technically recorded during the operation of the system
stored in the system for a reasonable period of time to ensure its operation.
11. Correspondence of the Service Provider (email)
If you contact our Company, you will find it in this prospectus or on the website
contact the Service Provider. The Service Provider will delete all e-mails received by it, together with the sender's name, e-mail address, date, time data and other personal data provided in the message, after a maximum of five years from the communication.
12. Web analytics measurements
As an external service provider, Google Analytics helps you measure your website traffic and other web analytics data independently. Detailed information on the handling of measurement data can be found at the following link:
http://www.google.com/analytics .
Google Analytics data is provided by the Service Provider for statistical purposes only
to optimize the operation of the page.
13. Other data processing
Information on data processing not listed in this prospectus will be provided at the time of data collection. We inform our clients that the court, the prosecutor, the investigating authority, the infringement authority, the administrative authority, the National Data Protection and Freedom of Information Authority, the Magyar Nemzeti Bank, or other bodies may provide information, disclose data, transfer documents or documents they may contact the Service Provider to make it available. The Service Provider may provide personal data to the authorities only if and to the extent that the authority has indicated the exact purpose and scope of the data.
to the extent necessary to achieve the purpose of the request.
14. The Data Controller does not check the personal data provided to him. The person who provided the data is solely responsible for the accuracy of the information provided. By providing an e-mail address to any user, you are solely responsible for ensuring that you are the only one using the e-mail address provided. In view of this responsibility, all responsibility for logging in to a given email address rests solely with the user who registered that email address. If the user does not provide his / her personal data, he / she is obliged to obtain the consent of the data subject.
III. Transmission of data, name of Data Processors
By using the service, the User agrees that the Service Provider may transmit the data to the following partners. Legal basis for the transfer: performance of the contract, GDPR 6.
Article 1 (1) point b).
- A Quantum Automation Ltd. employees who professionally assist in the implementation of the necessary project.
ARC. Rights of data subjects
1. The data subject may request information on the processing of his / her personal data, as well as request the correction or deletion or revocation of his / her personal data, except for mandatory data processing, exercise his / her right to written contacts.
A change in personal data or a request for the deletion of personal data may be communicated in a written statement expressed in a private document with full probative value sent to the registered e-mail address or by post. Some personal information may also be modified by modifying the personal profile page.
2. Right to information: The Service Provider shall take appropriate measures to ensure that all information referred to in Articles 13 and 14 of the GDPR and Articles 15 to 22 of the GDPR is provided to data subjects. and Article 34 shall be provided in a concise, transparent, comprehensible and easily accessible form, in a clear and comprehensible manner. The right to information can be exercised in writing through the contact details described in Section I of this Privacy Policy. The affected
information may be provided orally upon request, after proof of identity.
3. The data subject's right of access: The data subject has the right to receive feedback from the controller as to whether the processing of his or her personal data is in progress and, if such processing is in progress, the right to access the personal data and the following information :
- the purposes of data management;
- the categories of personal data concerned;
- the recipients or categories of recipients to whom the personal data have been or will be communicated, including in particular third country recipients or international organizations;
- the intended duration of the storage of personal data;
- the right to rectify, erase or restrict data processing and to protest;
- the right to lodge a complaint with the supervisory authority;
- information on data sources;
- the fact of automated decision-making, including profiling, and the logic used
understandable information on the significance of such data processing and the expected consequences for the data subject.
A request for information sent by e-mail - unless the data subject otherwise identifies himself / herself in relation to credit - is considered authentic by the Data Controller only if it is sent from the User's registered e-mail address. The request for information must be sent by e-mail to info@quantumautomation.hu.
4. In the event of a transfer of personal data to a third country or to an international organization, the data subject shall be entitled to be informed of the appropriate guarantees regarding the transfer.
5. The Service Provider shall make a copy of the personal data subject to data processing available to the data subject. For additional copies requested by the data subject, the controller may charge a reasonable fee based on administrative costs. At the request of the data subject, the Service Provider shall provide the information in electronic form. The controller shall provide the information no later than one month after the submission of the request.
6. Right of rectification: The data subject may request the rectification of inaccurate personal data handled by the Service Provider and the supplementation of incomplete data. If the personal data does not correspond to reality and the personal data corresponding to reality is the data controller
personal data shall be rectified by the controller.
7. Right of cancellation: If the data subject has any of the following reasons, the Service Provider has the right to delete the personal data concerning him / her without undue delay upon his / her request:
- personal data are no longer required for the purpose for which they were collected or otherwise processed;
- the data subject withdraws his or her consent on which the processing is based and there is no other legal basis for the processing;
- the data subject objects to the processing and there is no overriding legitimate reason for the processing;
- personal data have been processed unlawfully;
- personal data must be deleted in order to comply with a legal obligation under EU or Member State law applicable to the controller;
- personal data were collected in connection with the provision of information society services.
Once the request to delete or modify personal data has been fulfilled, the previous (deleted) data can no longer be recovered.
8. Deletion of data shall not be initiated if the processing is necessary for one of the following reasons:
it is necessary to fulfill the obligation under EU or Member State law applicable to the data controller, which prescribes the processing of personal data, and to submit, enforce or protect the legal claims of the Service Provider.
9. Right to restrict data processing: At the request of the data subject, the Service Provider restricts data processing if one of the following conditions is met:
- the data subject disputes the accuracy of the personal data, in which case the restriction shall apply for a period which allows the accuracy of the personal data to be verified;
- the processing is unlawful and the data subject opposes the deletion of the data and instead requests that their use be restricted;
- the data controller no longer needs the personal data for the purpose of data processing, but the data subject requests them in order to submit, enforce or protect legal claims; obsession
- the data subject has objected to the processing; in that case, the restriction shall apply for as long as it is established whether the legitimate reasons of the controller take precedence over the legitimate reasons of the data subject.
10. If the processing is subject to restrictions, personal data may be processed, with the exception of storage, only with the consent of the data subject or for the purpose of making, enforcing or protecting legal claims or protecting the rights of another natural or legal person. The Service Provider shall inform the data subject in advance of the lifting of the data management restriction.
11. Right to carry data: The data subject has the right to receive personal data concerning him or her made available to the data controller in a structured, widely used machine-readable format and to transfer this data to another data controller.
12. Right of objection: The data subject has the right to object at any time, for reasons related to his or her situation, to the processing of his or her personal data necessary for the legitimate interests of the controller or a third party, including profiling based on these provisions. In the event of an objection, the controller may not further process the personal data, unless justified by compelling legitimate reasons which take precedence over the interests, rights and freedoms of the data subject or which relate to the submission, enforcement or protection of legal claims. If personal
data is processed for the direct acquisition of a business, the data subject shall have the right to object at any time to the processing of personal data concerning him for that purpose, including profiling, in so far as it relates to the direct acquisition of a business. In the event of an objection to the processing of personal data for the purpose of direct business acquisition, the data may not be processed for this purpose.
13. Automated decision-making in individual cases, including profiling: The data subject has the right to be excluded from the scope of a decision based solely on automated data processing, including profiling, which would have legal effect or similar effect on him or her. The above authority does not apply if the data management
- necessary for the conclusion or performance of a contract between the data subject and the controller;
- is governed by Union or Member State law applicable to the controller, which also lays down appropriate measures to protect the rights and freedoms and legitimate interests of the data subject; obsession
- is based on the express consent of the data subject.
14. Right of withdrawal: The data subject has the right to withdraw his or her consent at any time. Withdrawal of consent shall not affect the lawfulness of the data processing prior to withdrawal.
15. Procedural rules: The Service Provider shall, without undue delay, but in any case within one month from the receipt of the request, inform the data subject in accordance with Articles 15-22 of the GDPR. on the action taken in response to a request under Article. If necessary, taking into account the complexity of the application and the number of applications, this period may be extended by a further two months. The Service Provider shall inform the data subject of the extension of the deadline within one month from the receipt of the request, indicating the reasons for the delay. If the application was submitted by electronic means, the information shall be provided
shall be provided by electronic means, unless otherwise requested by the data subject.
16. If the Service Provider does not take action following the request of the data subject, it shall inform the data subject without delay, but no later than within one month from the receipt of the request, of the reasons for non-action and of submitting a complaint to a supervisory authority. with the right.
17. The Service Provider provides the requested information and information free of charge. If the data subject's request is clearly unfounded or, in particular due to its repetitive nature, excessive, the Service Provider may charge a reasonable fee or refuse to act on the request, taking into account the administrative costs of providing the requested information or information or taking the requested action.
18. The Service Provider shall inform all recipients of any rectification, erasure or restriction of data processing with whom or with whom the personal data has been communicated, unless this proves impossible or requires a disproportionate effort. Upon request, the Service Provider shall inform the data subject about these recipients.
19. The Service Provider shall make a copy of the personal data subject to data processing available to the data subject. The Service Provider may charge a reasonable fee based on administrative costs for additional copies requested by the data subject. If the data subject has submitted the request electronically, the information shall be provided in electronic format, unless otherwise requested by the data subject.
20. Compensation and damages: Any person who has suffered material or non-material damage as a result of a breach of the Data Protection Regulation is entitled to compensation from the controller or processor for the damage suffered. The data processor shall be liable for damages caused by the data processing only if it has not complied with the obligations specified in the law, which are specifically incumbent on the data processors, or if the data controller's legal instructions have not been complied with.
left or acted contrary to them. Where several controllers or processors or both controllers and processors are involved in the same processing and are liable for damages caused by the processing, each controller or processor shall be jointly and severally liable for all damages. The controller or processor shall be released from liability if it proves that it is not liable in any way for the event giving rise to the damage.
V. Enforcement options:
1. If you have any questions or comments, please contact the Service Provider at the contact details detailed in point I of this Data Management Information.
2. Right to go to court: If the data subject is violated, the data subject may take legal action against the data controller.
3. Data protection authority procedure: Complaints can be lodged with the National Data Protection and Freedom of Information Authority:
Name: National Data Protection and Freedom of Information Authority
Headquarters: 1125 Budapest, Szilágyi Erzsébet avenue 22 / C.
Mailing address: 1530 Budapest, Pf .: 5.
Phone: 06 1 391 1400
Fax: 06 1 391 1410
E-mail: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu
VI. ANNEX I
Definitions used in this Privacy Notice
1.personal data: any information relating to an identified or identifiable natural person ("data subject"); identify a natural person who, directly or indirectly, in particular by reference to one or more factors such as name, number, location, online identifier or physical, physiological, genetic, mental, economic, cultural or social identity of the natural person identifiable;
2.data management: any operation or set of operations on personal data or files, whether automated or non-automated, such as collecting, recording, organizing, segmenting, storing, transforming or altering, retrieving, viewing, using, transmitting, distributing or otherwise harmonization or interconnection, restriction, deletion,
or destruction;
3.restriction of data processing: marking of stored personal data in order to limit their future processing;
4.profiling: any form of automated processing of personal data in which personal data are evaluated for the purpose of assessing certain personal characteristics of a natural person, in particular his performance, economic situation, state of health, personal preferences, interests, reliability, behavior, location or movement used to analyze or predict related characteristics;
5.data controller: the legal person who determines the purposes and means of the processing of personal data, independently or together with others;
6.data processor: the legal person who processes personal data on behalf of the controller;
7.recipient: any natural or legal person, public authority, agency or any other body to whom personal data are disclosed, whether a third party or not;
8.third party: any natural or legal person, public authority, agency or any other body other than the data subject, the controller, the processor or persons who are authorized to process personal data under the direct control of the controller or processor they got;
9. consent of the data subject: a voluntary, specific and well-informed and unambiguous statement of the will of the data subject to indicate his or her consent to the processing of personal data concerning him or her by means of a statement or unambiguous statement of consent;
10.data processing: the performance of technical tasks related to data management operations, regardless of the method and means used to perform the operations and the place of application, provided that the technical task is performed on the data;
11.data deletion: making data unrecognizable in such a way that it is no longer possible to recover it;
12. "EEA State" means a Member State of the European Union and another State party to the Agreement on the European Economic Area, and a State of which the European Union and its Member States and a State not party to the Agreement on the European Economic Area are nationals; Enjoys the same status as a national of a State party to the Agreement on the European Economic Area;
13.affected: any natural person identified or identifiable, directly or indirectly, on the basis of personal data;
14.user: the natural person who registers on the Service Provider's website or browses without registration;
15.third country: any State that is not an EEA State;
16.Disclosure: making personal data available to anyone;