This Data Management Information Regulation regulates the data management of DP&U Design Kft, as the Data Controller, which may be related to personal data.
Name of data controller
Dpu.hu is operated by DP&U Design Kft. (Hereinafter: Data Manager). With this statement, the Data Controller hereby informs the visitors and users of the website about its data management practices, as well as about the organizational and technical measures taken to protect the data in its possession, as well as about the users’ legal remedies.
The use of our website and the use of our services is on a voluntary basis, so the processing of any personal data that may be required for this purpose will be provided to us on the basis of this consent;
Data Manager Data
Name of data controller: DP & U Design Kereskedelmi és Szolgáltató KFT
Headquarters: 1051 Budapest, Nádor u. 26. fsz. 4.
Postal address: 2233 Ecser Kálvária utca 27.
Tax number: 12131899-2-42
Company registration number: 01-09-467852
Contact person: Mrs. Erzsébet Uzonyiné Nagy
Hosting provider: https://megacp.com/
Here’s how to interpret terms that are important to you:
Data controller The legal entity determining the processing of personal data, in our case our Company.
Affected means the living natural persons about whom we store personal data, such as all current, past and future employees, contributors (customers, suppliers, partners, etc.) with whom our Company enters into any legal relationship and from whom we collect personal data.
EU European Union
GDPR, Info tv The EU General Data Protection Regulation, which entered into force on 25 May 2018, and Act CXII of 2011
Personal data Any information relating to an identified or identifiable natural person (data subject); identify a natural person who, directly or indirectly, in particular by an identifier such as name, number, location, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person identifiable, ie data relating to a living person who becomes identifiable from the data managed by our Company. Personal information can be factual (e.g., name, address or date of birth, place of birth, mother’s name) or based on opinion (e.g., performance appraisal). Other identifying data may be considered personal data, such as biometric identifiers (eg fingerprints) and location data.
Data Processing An activity that involves performing an operation on personal data. This includes obtaining, using, viewing, accessing, recording or storing, listing, segmenting, or any other operation or group of operations on the data, including organizing, modifying, retrieving, using, disclosing, deleting, or destroying the data. Data processing also includes the transfer of personal data to third parties.
We would like to inform you that our Company does not have a data protection officer.
Rules of data management:
This data management policy is valid from 02 January 2021 until revoked. If the data management policy is changed, the latest version will prevail, which will always be uploaded.
The Data Controller hereby informs its Visitors that it handles personal data in connection with this website only on the basis of the contents of this data protection information sheet.
With regard to the data provided during the messaging, the legal basis for data processing is the consent of the data subject – Article 6 (1) (a) of the GDPR Regulation or in special cases by law. By entering and sending your personal information on the contact tab, you expressly consent to the management of the information provided.
The material scope of this prospectus covers all the processes implemented during the operation of this website, during which Act CXII of 2011 on the right to information self-determination and freedom of information. (hereinafter: the Information Act), the processing of personal data specified in Section 3, Clause 2 of the
The Data Controller declares that it handles personal data only for the purpose of exercising a right or fulfilling an obligation created on the basis of an authorization. Personal data held by the Data Controller will not be used for private purposes, and the data management will always comply with the purpose limitation principle. If the purpose of the data processing has ceased or the data processing is unlawful, the data will be deleted immediately.
The Data Controller has taken possession of personal information about your business tiit shall be treated as such and retained accordingly. The Data Controller has designed the storage of the personal data in its possession in such a way that this data is inaccessible, not accessible, cannot be changed or destroyed by unauthorized persons.
The data controller will do everything in its power to ensure that the data is not accidentally damaged or destroyed. The above commitment is imposed by the Data Controller on the employees participating in the data management activity.
The Data Controller also undertakes to call on all third parties to whom the data is transferred or transferred with the consent of the Data Subject to comply with the data security requirement. In order to protect the interests of our customers, we do not disclose information about our customers by telephone.
We would like to inform you that our Company does not have a data protection officer.
The Data Controller reserves the right to involve a data processor in its data management in the future, of which it informs the Stakeholders by amending this Data Management Information.
The exact scope of data processed and the purpose of data management:
Name: The purpose of data management is to identify the individual
E-mail address: Used to communicate between the Data Controller and the sender of the message
Phone number: The contact details of the sender of the message to whom the Data Controller can contact about the message.
The text of the message is not required to contain additional personal information.
The purpose of data management is to facilitate and facilitate contact with the Data Controller, to record the data of the Data Subject and to facilitate the use of the services.
Duration of data management:
The Data Controller shall process the data for the period specified by law, but no later than until the withdrawal of the data subject’s consent.
Areas excluded from data management:
The Data Controller does not handle data that is not collected from the Data Subject. The Data Subject may only provide his / her personal data on the website or when using the contact details provided to the Data Controller on the website. If you do not provide your own personal data, the informant is obliged to obtain the consent of the Data Subject.
Under no circumstances shall the controller collect specific data, ie personal data referring to racial or ethnic origin, political opinion, religious or philosophical beliefs or trade union membership, as well as genetic and biometric data for the unique identification of natural persons, health data and personal data concerning the sexual life or sexual orientation of natural persons.
Contact for complaints or other purposes:
The legal basis for data management is the express, unconditional and voluntary consent of the Data Subject given in the knowledge of this Data Management Information, and in the case of complaint handling, also the CLV of 1997 on consumer protection. Act 17 / B. § -the.
Personal data will be deleted simultaneously with the termination of the purpose of data processing or immediately at the request of the data subject, except for the data that the Data Controller is obliged to retain for the period specified in the legislation ordering mandatory data processing. In the case of complaint handling, the CLV of 1997 on consumer protection. Act 17 / B. §, the Data Controller is obliged to keep the minutes of the oral complaint, the written complaint and the answer to it for 5 (five) years.
With the contact details provided on www.dpu.hu, the Data Subject has the opportunity to contact the Data Controller in order to request a quote, submit a complaint or contact us for other purposes.
The provision of personal data in the case of a complaint is required by law, while in the case of a request for quotation or for other purposes it is based on the data subject’s own decision. In case of non-provision of data, it is impossible to exchange messages, keep in touch, prepare and send a response to the request or offer, and fully investigate the complaint.
Cookies (“cookies”) are short data files that are placed on a user’s computer by the website you are visiting. The purpose of the cookie is to make the given infocommunication and internet service easier and more convenient. There are many varieties, but they can generally be classified into two major groups. One is a temporary cookie that a website places on a user’s device only during a specific session (e.g., during the security authentication of an Internet bank), and the other type is a persistent cookie (e.g., a website’s language setting) that remains on the computer until the user deletes it. The European CommissionCookies [unless they are strictly necessary for the use of the service] may only be placed on the user’s device with the user’s permission.
Enforcement of the Data Subject’s rights:
The Data Subject may request that the Data Controller be unduly delayed.
The Data Controller shall, without undue delay, but no later than within one month from the receipt of the request, inform the Data Subject of the measures taken following the request. If necessary, taking into account the complexity of the application and the number of applications, this time limit may be extended by a further two months. The Data Controller shall inform the Data Subject of the extension of the deadline, indicating the reasons for the delay, within one month from the receipt of the request. If the data subject has submitted the request by electronic means, the information shall, as far as possible, be provided by electronic means, unless the data subject requests otherwise.
If the Data Controller does not take immediate action at the request of the Data Subject, without delay, but no later than within one month from the receipt of the request, inform the Data Subject of the reasons for non-action and that the Data Subject may lodge a complaint with a supervisory authority. .
At the request of the Data Subject, the information, information and action taken on the request shall be provided free of charge. If the Data Subject’s request is manifestly unfounded or, in particular due to its repetitive nature, excessive, the Data Controller may charge a fee of a reasonable marginal cost or refuse to comply with the request, taking into account the administrative costs of providing the requested information or action or taking the requested action. measure. The burden of proving that the request is manifestly unfounded or excessive is on the Data Controller.
The Data Controller undertakes to inform all recipients to whom or with whom the personal data have been communicated of the rectification, erasure or restriction of the processing of personal data, unless this proves impossible or requires a disproportionate effort. Upon request, the Data Controller shall inform the Data Subject of these recipients.
Access to personal data:
A natural person who can be directly or indirectly identified on the basis of personal data may request information on the processing of his or her personal data, as well as request the correction of his or her personal data, or the deletion or blocking of data processing required by law.
At the request of the Data Subject, the Data Controller shall provide information on whether the Data Controller continues to process his / her personal data and, if so, grant him / her access to the personal data, as well as inform him / her of the following information:
the purpose (s) of the data processing;
the types of personal data involved in the processing;
in the case of a transfer of the data subject’s personal data, the legal basis and recipient (s) of the transfer;
the planned duration of the data processing;
the rights of the Data Subject in relation to the rectification, erasure and restriction of the processing of personal data and the protest against the processing of personal data;
the possibility of recourse to the Authority;
the source of the data;
relevant information on profiling;
the names, addresses and data processing activities of the data processors.
Correct managed data:
The data subject may request the Data Controller to correct his or her inaccurate personal data or to supplement the incomplete data, taking into account the purpose of the data processing. The data controller shall carry out the correction without undue delay.
Delete managed data (right to forget):
The Data Subject shall delete personal data concerning him or her without cause, and the Data Controller shall delete personal data concerning him or her without undue delay if one of the following reasons exists:
(a) personal data are no longer required for the purpose for which they were collected or otherwise processed;
(b) the data subject withdraws his or her consent and there is no other legal basis for the processing;
(d) personal data have been processed unlawfully;
(e) personal data must be deleted in order to fulfill a legal obligation under Union or Member State law applicable to the controller;
If the Data Controller has disclosed (made available to a third party) personal data and is obliged to delete it in accordance with the above, taking into account the available technology and the costs of implementation, it must take reasonable steps and measures to inform the personal data concerned. data controllers that the Data Subject has requested them to delete the links to the personal data in question or a copy or duplicate of such personal data.
Personal data need not be deleted if data processing is necessary:
for the purpose of exercising the right to freedom of expression and information;
for the purpose of fulfilling an obligation under Union or Member State law governing the processing of personal data or performing a task carried out in the public interest or in the exercise of official authority vested in the controller;
on grounds of public interest in the field of public health;
for the purposes of archiving in the public interest, for scientific and historical research purposes or for statistical purposes, where the right of erasure would be likely to make such processing impossible or seriously jeopardize; obsession
to file, enforce or defend legal claims.
Restrictions on data management:
The Data Subject has the right to restrict the data processing at the request of the Data Controller instead of correcting or deleting the personal data, if one of the following is met:
the Data Subject disputes the accuracy of the personal data, in which case the restriction applies to the period of time that allows the controller to verify the accuracy of the personal data;
the processing is unlawful and the Data Subject opposes the deletion of the data and instead requests that their use be restricted;
the Data Controller no longer needs the personal data for the purpose of data processing, but the Data Subject requests them in order to submit, enforce or protect legal claims; obsession
the Data Subject protested against the data processing; in this case, the restriction shall apply for the period until it is determined whether the legitimate reasons of the controller take precedence over the legitimate reasons of the Data Subject.
Where processing is restricted, such personal data may be processed, with the exception of storage, only with the consent of the data subject or for the purpose of bringing, enforcing or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State.
The Data Controller shall inform the Data Subject, at whose request the data processing has been restricted, in advance of the lifting of the data processing restriction.
Right to protest:
The Data Subject may object to the processing of his / her personal data if the data processing
necessary for the performance of a task in the public interest or in the exercise of a public authority conferred on the Data Controller;
necessary to enforce the legitimate interests of the Data Controller or a third party.
In the event of the data subject’s objection, the Data Controller may no longer process the personal data unless he or she proves that the processing is justified by overriding legitimate reasons which take precedence over the data subject’s interests, rights and freedoms or .
If the processing of personal data is for the direct acquisition of business, the data subject has the right to object at any time to the processing of personal data concerning him or her for this purpose. If the Data Subject objects to the processing of personal data for the purpose of direct business acquisition, the personal data may no longer be processed for this purpose.
The Data Controller will make every effort to ensure that the personal data is processed in accordance with the law, however, if the Data Subject feels that this has not been complied with, he / she has the opportunity to write to the Data Controller at any of the above contact details.
If the Data Subject feels that his or her right to the protection of personal data has been violated, he or she may seek redress from the competent authorities in accordance with the applicable law:
National Data Protection and Freedom of Information Authority
address: 1125 Budapest, Szilágyi Erzsébet avenue 22 / C.,
postal address: 1530 Budapest, Pf. 5.,
e-mail address: email@example.com,
telephone number: (+36 1) 391-1400,
fax number: (+36 1) 391-1410.)
The Data Controller or the Data Processor shall be obliged to prove that the data processing complies with the requirements for the processing of personal data specified in legislation or a binding legal act of the European Union.
Final and mixed provisions:
In matters not specified in this prospectus, the Infotvt rules apply.
The Data Controller reserves the right to change this information. This may be the case, in particular, if the range of services is expanded, modified, narrowed or explicitly made mandatory by law. A change in data management does not mean that personal data is treated for purposes other than those for which it was intended. The Data Controller shall publish the relevant information on its website 15 days prior to the change.
Our data management partners, data processors
In order to fulfill our legal obligations, some data may need to be transferred. At this point, we will inform you where to transfer certain personal data.
National Tax and Customs Office 1132 Budapest, Váci út 48 / c-d.
Informative Hungary Limited Liability Company, accounting firm
If you require more detailed information, please contact our company at the contact details provided above so that we can answer your questions correctly.
January 02, 2021
2) DP&U Design Kft – as the operator of the www.dpu.hu website – makes every effort to ensure that all information provided on the website is accurate and timely. However, neither expressly nor implicitly warranties of the information provided through this website or its completeness, and reserves the right to make changes and corrections at any time without notice or to limit the website or the information provided on it in whole or in part cancel.
3) DP&U Design Kft does not guarantee the continuity and error-free access to the website. The Data Controller shall not be liable for any damages or costs incurred in connection with the website, its use or unusability, improper operation, malfunction, computer virus, system error or other similar reasons.
1) The www.dpu.hu website, all visual, audio and textual content on them, as well as their arrangement are protected by copyright and trademark, and are the intellectual property of the Data Controller and its contracted partners. Only the Data Controller or its contracted partners are entitled to use them and to authorize each use. All rights reserved by copyright and trademark owners.
2) Unauthorized use has criminal and civil consequences.