Data Management Information


Agroinform Media Limited Liability Company (hereinafter: Data Controller), like the website available under the domain name www.agroinform.hu (hereinafter: Website) hereby publishes information on data management related to the services available on the Website.

Users visiting the Website (hereinafter: User) accept all the conditions contained in this Data Management Information (hereinafter: Information), therefore we ask that before using the Website read this Information Sheet carefully.

1.) DATA OF THE DATA PROCESSOR

The manager of the data is Agroinform Media Limited Liability Company
Headquarters: 1149 Budapest, Angol u. 34.
E-mail address: ugyfelszolgalat@agroinform.hu
Telephone number: +36 20 477 5467
Name and contact information of data protection officer: dr. Gábor Keszey; gabor.keszey@drhathazi.hu

2.) INFORMATION REGARDING CERTAIN DATA MANAGEMENT

a. Registration

On the registration interface, the User has the opportunity to enter his data in order to be able to use the services of the Website. After completing the registration interface and sending the registration, the User will receive an activation link by e-mail. Registration can be activated within 48 hours by clicking on the link in the e-mail message. If the User has not yet activated his registration, the Service Provider will send a reminder e-mail after 24 hours. If the registration is not activated within 48 hours, the Data Controller will delete the created registration.

Scope of processed data (data marked with * is mandatory):

  • email address*;
  • password*;
  • name (last name, first name);
  • scope of activity;
  • cultivated area.

If the User has a Facebook profile, a Google account or an Apple ID, they can also register on the Website using these. In this case, the condition for registration is to log in with a Google, Apple or Facebook ID. When using the Google social site, the User's technical identifier for the social site (Google ID), when using the Facebook social site, the User's technical identifier for the social site (Facebook ID), when using an Apple profile, the User's technical identifier for the Apple account (Apple ID ) will be treated.

Purpose of data management: The purpose of data management is to identify the User and provide the services of the Website, in particular posting advertisements, creating a User account, and maintaining contact with Users.

Duration of data management: until the User requests the deletion of his data or withdraws his consent to the processing of his personal data.

Legal basis for data management: the express consent of the User (given by ticking the box available to accept this Information) is the European Parliament and the Council (EU) on the protection of natural persons with regard to the processing of personal data and the Regulation 2016/679 (April 27, 2016) on the free flow of such data and repealing Regulation 95/46/EC (hereinafter: GDPR) Article 6 (1) paragraph a) based on point.

b. User account

Scope of processed data:

After successful registration, the system creates the User's User account, which contains the data provided by the User during Registration, and the User has the opportunity to enter the following data, and the Data Controller manages the following data in relation to each service:

  • *name/company name;
  • phone number;
  • website;
  • city;
  • street, house number;
  • photo;
  • activity type (Farmer/Trader);
  • scope of activity;
  • size of cultivated area;
  • billing name;
  • invoicing settlement;
  • billing street, house number;
  • tax number (for a company);
  • online visibility;
  • Forum: User's forum comments, posts and their dates.

Purpose of data management: When using a user account, the User has the opportunity to post an ad, monitor his ads, post a comment in the forum, start a forum topic, share his opinion in the form of a machine opinion about devices and machines, modify the data he entered, such as the purpose of data management is to identify the User, to manage, modify and delete the data and advertisements stored in the User account, and to use the data to facilitate the posting of advertisements.
The User can indicate in the User account which data should be visibly public to other Users and which should not. The User may change the disclosure of the data at any time after Registration.

Duration of data management: Until the User requests the deletion of his data (User account) or withdraws his consent to the processing of his personal data. Deletion of the data does not affect the Data Controller's data retention obligation in connection with the purchase.

The legal basis for data management: the express consent of the User based on Article 6 (1) point a) of the GDPR.

c. Contact, customer service

Scope of processed data:

On the Website, on the interfaces provided for this purpose, the User has the opportunity to enter his data in order to contact the Data Controller, to receive information about the Data Controller's products and services, and to receive help with the order. When contacting us, it is possible to enter the following personal data (entering the data marked with * is mandatory):

  • full name*;
  • email address*;
  • phone number;
  • message/announcement*.

The purpose of data management: Providing information about the Data Manager's services and activities, contacting and maintaining contact with Users interested in the services provided by the Data Manager, informing Users, handling comments and error reports related to the Data Manager's activities.

Duration of data management: The Data Controller processes personal data for a maximum of 30 days from the end of bilateral communication between the Data Controller and the User, or until the User requests the deletion or withdrawal of their data your consent to the processing of your personal data.

The legal basis for data management: the consent of the User based on point a) of Article 6 (1) of the GDPR.

d. Post an ad

Scope of processed data:

Posting an ad is also possible without registration.
In order for the User to be able to post an ad on the Website, he can enter the following data on the dedicated interface (data marked with * is mandatory):

  • email address*;
  • name*;
  • phone number*;
  • activity type (Farmer/Trader)*;
  • city*;
  • website address;
  • in the case of a legal entity, the name and e-mail address of the contact person;
  • information about advertising*.

Purpose of data management: Creation, definition, modification, registration and fulfillment of the contract created for the purpose of posting ads, enforcement of rights and obligations arising from the contract, display of the ad, contact with Users regarding the ad, the invoicing of possible fees related to the posting of advertisements, as well as the enforcement of related claims.
For posting marketplace ads, the so-called it is possible after "telephone authentication". As part of this, the User will either receive an identification code via SMS to the phone number provided by the User, which will be authenticated by sending it, or an employee of the Service Provider will contact the User for identification on the provided phone number.

Duration of data management: The data controller processes the data provided in connection with the posting of advertisements for 5 years after the termination of the contract concluded in order to fulfill the posting of advertisements pursuant to Act V of 2013 on the Civil Code 6:22. § 169 of the Accounting Act C (hereinafter: Accounting Act), the Data Controller shall store the name and address of the User on the accounting certificate for 8 years, exclusively it is kept for the purpose of fulfilling the accounting obligation, if the User has a payment obligation in connection with the posting of the advertisement.

Legal basis for data management: The legal basis for data management is the fulfillment of the contract between the User and the Data Controller, the enforcement of the rights and obligations arising from the contract based on Article 6 (1) point (e) of the GDPR. The legal basis for data management related to accounting documents is the statutory provision ordering mandatory data management, i.e. the Accounting Act. § 169.

If the posting of the ad is related to a legal entity, the legal basis for the processing of the contact's data by the Data Controller is the legitimate interest of the data controller based on Article 6 (1) point f) of the GDPR in relation to the contract between the User and the Data Controller and the fulfillment of the order. In the judgment of the Data Controller, the order cannot be fulfilled without handling the contact person's data. In order to ensure the right of the contact person to protect their personal data, the Data Controller uses the contact person's personal data exclusively for the purpose of maintaining contact with the User, provides him/her with adequate information on the circumstances of data management in all cases, and also ensures him/her the rights defined by the GDPR and contained in this Information.

Note: If the User also uses a paid service when posting an ad and the payment is made by bank card, in this context the Data Controller declares that in case of payment by bank card, it does not process any card data necessary for the payment transaction , collects, stores, does not have access to this data in any way. The data controller declares that the transaction data is provided by OTP Mobil Kft. (1093 Budapest, Közraktár utca 30-32.; ugyfelszolgalat@simple.hu; +36 1/20/30/70 3-666-611; a hereinafter: Service Provider) assumes no responsibility for the legality of its handling. The User can get information about the Service Provider's data management on the Service Provider's website and other contact details.

e. Registration for a conference, event

Scope of processed data:

On the interface provided for this purpose, the User has the opportunity to enter his data in order to register for a conference or event organized by the Data Controller (hereinafter: Conference). In order to apply, it is necessary to enter the following data:

  • full name*;
  • email address*;
  • billing address*.
  • In the case of a
  • company:
    • name*;
    • name and contact information (e-mail address, phone number)*;
    • tax number*.

Purpose of data management: recording applications, managing and registering the data of applying Users, completing applications, managing tasks related to payment of participation fees and invoicing, maintaining contact with Users in connection with the Conference.
The Data Controller draws the User's attention to the fact that in all cases, the User, as an employer, has the obligation and responsibility to inform the Contact Person indicated by him about the handling of his personal data for the purpose and under the conditions specified in this Notice

Duration of data management: For 5 (five) years after the Conference, the Data Controller processes the necessary data in order to enforce the claims and rights arising from the contract between the User and the Data Controller in accordance with Act V of 2013 on the Civil Code Act 6:22. pursuant to § 169 of Act C on Accounting (hereinafter: Accounting Act), and in order to fulfill the data controller's retention obligation, the Data Controller shall store the name and address of the User on the accounting certificate for 8 years, solely for the purpose of fulfilling the accounting obligation preserves.

Legal basis of data management: the legal basis of data management is the fulfillment of the contract between the User and the Data Controller, the enforcement of the rights and obligations arising from the contract based on Article 6 (1) point (e) of the GDPR.
In the case of a company, the legal basis for handling the contact person's data is the legitimate interest of the data controller in relation to the performance of the contract between the User and the Data Controller based on Article 6 (1) point f) of the GDPR. In the opinion of the Data Controller, registration for the Conference and ensuring participation cannot be completed without managing the Contact Person's data. In order to ensure the right of the Contact Person to protect his personal data, the Data Manager uses the Contact Person's personal data exclusively for the purpose of maintaining contact with the User, provides him with appropriate information about the circumstances of data management in all cases, and also ensures him the rights set forth in the GDPR and contained in this Information Sheet
The legal basis for data management related to accounting documents is the statutory provision ordering mandatory data management, i.e. the Accounting Act. § 169.

f. Information about trainings and events

Scope of processed data:

  • full name;
  • email address;

Purpose of data management: sending information about future events, conferences, and trainings organized by the Data Controller to Users who previously applied for a previous conference organized by the Data Controller on e. as defined in point.

Legal basis for data management: the legitimate interest of the Data Controller, which is based on point f) of Article 6 (1) of the GDPR. In order to comply with the referenced provision, the Data Controller carried out the interest assessment test, as a result of which he established the following:

  • According to its judgment, the data controller has a legitimate interest in sending information about the conferences and events organized by it to the Users (to the e-mail address provided by them);
  • The purpose of data management is to inform Users about conferences, trainings and events organized by the Data Controller.
  • The User's right to the protection of his personal data and private life is proportionally limited by the legitimate interest of the Data Controller defined in this point, and the data management based on the legitimate interest. From the point of view of its legitimate interest and data management, the data controller has examined all the tools and options that can be taken into account in order to achieve the desired - and stated in this Information - goal and has deemed that the sending of the information can be considered the least restrictive solution possible and thus meets the necessity and proportionality requirement. In order to do this
    • e-mails are only sent to each User on a limited basis;
    • According to the Data Controller's judgment, the User also has an interest in the information specified in the electronic mail sent by the Data Controller reaching the User, as he or she can be informed about events, conferences and trainings of interest to him or the company he represents;
    • in many cases, the User does not apply as an individual to the events organized by the Data Controller, but in the name and in the interest of the company he represents, or as an individual entrepreneur, primary producer. The purpose of the Data Controller is to ensure that the information reaches the companies represented by the persons registered for the Conference in the course of its activities affected by this data management, and that individual entrepreneurs and primary producers also use the provided e-mail address in connection with their economic activities.
    • The data controller complies with the legal obligations in all cases;
    • The Data Controller ensures the Users under all circumstances to object to the use of their personal data for this purpose and to exercise the additional rights specified in this Notice;
    • The data manager will immediately delete his data from the relevant database following the User's objection to this and will no longer send him information.

Based on the above, in the opinion of the Data Controller, the sending of information about events, conferences, and trainings meets the legal and official requirements for data management based on legitimate interests.

Duration of data management: as long as it is necessary to fulfill the purpose of data management, or as long as the User requests the deletion of his data (especially the e-mail address) or objects to the use of his data for such purposes. The User can unsubscribe from the information letters at any time by using the "Unsubscribe" option of the letter, or object to the data management at any time with a statement in writing or by e-mail. In such a case, the Data Controller will immediately delete the unsubscribing User's data from the relevant database and will no longer use it for the purposes specified in this point, however, if it is processed legally for other purposes, the data will not be permanently deleted.

Right to object: The User has the right to object at any time for reasons related to his own situation against the processing of his personal data arising from the legitimate interests of the Data Controller. In this case, the Data Controller may no longer process the personal data for the given data management purpose, unless the Data Controller proves that the data processing is justified by compelling legitimate reasons that take priority over the interests, rights and freedoms of the User, or which are legal requirements are related to its presentation, validation or protection.
Based on the above, the User has the right to object at any time to the processing of his personal data for the purposes specified in this point. If the User objects to the processing of personal data, the Data Controller will no longer process the personal data for this purpose.

g. Sign up for free online training, webinar

Scope of processed data:

On the interface provided for this purpose, the User has the opportunity to enter his data in order to register for online training and webinars organized by the Data Controller and thereby subscribe to the Data Controller's newsletter. In order to apply, it is necessary to enter the following personal data:

  • full name*;
  • email address*;
  • phone number;
  • position;
  • company name*.

The Data Controller draws the attention of the Users to the fact that when participating in the online webinar, the User's name may be visible to other Users. If the User does not want the user name entered on the given platform to appear during the webinar, he can change the visibility of his data and the displayed name in the platform settings.

Purpose of data management: marketing contact (sending electronic newsletters, advertising messages about offers, services, products, actions, promotions and sweepstakes related to the Data Controller and its activities) with the User participating in the training, webinar, using the e -e-mail address, sending materials and questionnaires related to the training and webinar, as well as ensuring participation in the online training and webinar.

Duration of data management: until the User requests the deletion of his data or withdraws his consent to the processing of his personal data. The User can unsubscribe from information letters at any time by using the "Unsubscribe" option of the letter, or withdraw his consent at any time by means of a written or e-mail statement. In such a case, the Data Controller will immediately delete the unsubscribing User's data from the relevant database and will no longer use it for the purposes specified in this point, however, if it is processed legally for other purposes, the data will not be permanently deleted.

Legal basis for data management: the express consent of the User (given by ticking the box available for accepting this Information) based on Article 6, Paragraph 1, Point a) of the GDPR.

h. System message

Scope of processed data:

  • full name;
  • email address;

Purpose of data management: in relation to the services of the Data Controller and the operation of the Website, in many cases the User may send information via e-mail, the content of which cannot be considered as a marketing request (hereinafter: System Message). In a System Message, the Data Controller informs the User, for example, about information related to posting advertisements and other services, maintenance related to the Website or services, changes related to the User account.

Legal basis for data management: the legitimate interest of the Data Controller, which is based on point f) of Article 6 (1) of the GDPR. In order to comply with the referenced provision, the Data Controller carried out the interest assessment test, as a result of which he established the following:

  • According to its judgment, the Data Controller has a legitimate interest in sending System Messages to Users (to the e-mail address provided by them);
  • The purpose of data management is to inform Users about the Data Manager's services, information about the Website, maintenance related to the Website or services, changes related to the User account in the framework of a System Message;
  • The User's right to the protection of his personal data and private life is proportionally limited by the legitimate interest of the Data Controller defined in this point, and the data management based on the legitimate interest. From the point of view of its legitimate interest and data management, the Data Controller has examined all the tools and options that can be taken into account in order to achieve the desired - and stated in this Information - goal and has deemed that the sending of the System Message can be considered the least restrictive solution possible and thus meets the necessity and proportionality requirement. In order to do this
    • System messages are sent to all Users only on limited occasions and in justified cases;
    • according to the Data Controller's opinion, the User also has an interest in the information specified in the System Message reaching the User, since having this information allows him to use the Data Controller's services efficiently and satisfactorily, as well as to be informed of changes in a timely manner;
    • The data controller complies with the legal obligations in all cases;
    • In all circumstances, the Data Controller ensures the Users to object to the use of their personal data for this purpose and to exercise the additional rights specified in this Notice;
    • After the User's objection to this, the Data Controller will immediately delete his data from the relevant database and will no longer send him a system message.

Based on the above, in the judgment of the Data Controller, the sending of the System Message complies with the legal and official requirements for data management based on legitimate interests.

Duration of data management: as long as it is necessary to fulfill the purpose of data management, or as long as the User objects to the use of his data for such purposes. The User can unsubscribe from the System Messages at any time by using the "Unsubscribe" option in the letter, or object to the data management at any time by making a statement in writing or by e-mail. In such a case, the Data Controller will immediately delete the relevant data of the unsubscribing User from the relevant database, however, if it is processed legally for other purposes, the data will not be permanently deleted.

Right to object: The User has the right to object at any time for reasons related to his own situation against the processing of his personal data arising from the legitimate interests of the Data Controller. In this case, the Data Controller may no longer process the personal data, unless the Data Controller proves that the data processing is justified by compelling legitimate reasons which take precedence over the interests, rights and freedoms of the User, or which are used to present, enforce or defend legal claims. are connected.
Based on the above, the User has the right to object at any time to the processing of his/her personal data for the purpose of sending a System Message. If the User objects to the processing of personal data, the Data Controller will no longer process the personal data for this purpose.

i. Newsletter subscription

Scope of processed data:

The User has the option to subscribe to the Data Controller's newsletter on the website's dedicated interface, as well as during Registration or the User account, during which the Data Controller manages the following personal data:

  • full name*;
  • email address*;
  • preference.

Purpose of data management: sending electronic newsletters and advertising messages about the offers, services, products, promotions, promotions and sweepstakes related to the Data Controller and its activities, as well as the offers of the Data Controller's partners, to the e-mail address provided by the User . If the User has indicated at the time of registration the topic on which he wishes to receive a newsletter, the Data Controller will send the newsletter according to his preference.

Duration of data management: Until the User requests the deletion of his data or withdraws his consent to the processing of his personal data. The User can unsubscribe from the newsletter at any time by using the "Unsubscribe" option of the newsletter or by making a statement in writing or by e-mail, which means withdrawal of consent. In such a case, the Data Controller will immediately delete all data of the unsubscribing User from the newsletter database, however, if it is processed legally for other purposes, the data will not be permanently deleted.

Legal basis for data management: the express consent of the User (given by ticking the box available for accepting this Information) based on Article 6, Paragraph 1, Point a) of the GDPR.

j. Push messages

Scope of processed data:

After opening the Website, the Data Controller requests permission to send Browser Push messages. In doing so, the Company manages the following data:

  • Browser identifier hash code

The purpose of the data management: based on the User's specific consent to this end, to contact the User for marketing purposes, to send a unique offer and content.

Duration of data management: Until the User requests the deletion of his data or withdraws his consent to the processing of his personal data.

The legal basis for data management: the express consent of the User based on Article 6 (1) point a) of the GDPR.

k. Agroinform eMagazin in email

Scope of processed data:

The Data Controller also uses the full name and e-mail address of Users who are registered on the Website or who have placed an advertisement through the Website, for sending Agroinform eMagazin according to the conditions written in this Information.

Purpose of data management: Sending Agroinform eMagazine containing news, interesting facts and information related to the activities of the Data Controller and the agricultural sector to the e-mail address provided by the User.

Legal basis for data management: the legitimate interest of the Data Controller, which is based on point f) of Article 6 (1) of the GDPR. In order to comply with the referenced provision, the Data Controller carried out the interest assessment test, as a result of which he established the following:

  • The data controller - in its opinion - has a legitimate interest in sending the Agroinform eMagazine to the Users (to the e-mail address provided by them);
  • The purpose of data management is to send Agroinform eMagazine containing news, interesting facts and information related to the Data Controller's activities and the agricultural sector in order to inform Users;
  • The User's right to the protection of his personal data and private life is proportionally limited by the legitimate interest of the Data Controller defined in this point, and the data management based on the legitimate interest. From the point of view of the legitimate interest and data management, the data controller has examined all the tools and options that can be taken into account in order to achieve the desired - and stated in this Information - goal and has deemed that the sending out of the Agroinform eMagazin can be considered the least restrictive solution possible and thus meets the need and requirement of proportionality. In order to do this
    • Agroinform eMagazine is sent to each User only on a limited basis (once a month);
    • according to the Data Controller's opinion, the User also has an interest in receiving useful information about the Data Controller's activities and the operation of the agricultural sector and being informed about changes, news and offers easily and in a timely manner;
    • The data controller complies with the legal obligations in all cases;
    • The Data Controller ensures the Users under all circumstances to object to the use of their personal data for this purpose and to exercise the additional rights specified in this Notice;
    • After the User's objection to this, the Data Controller will immediately delete his data from the relevant database and will no longer send him Agroinform eMagazine.

Based on the above, in the judgment of the Data Controller, the sending of the Agroinform eMagazin meets the legal and official requirements for data management based on legitimate interests.

Duration of data management: as long as it is necessary to fulfill the purpose of data management, or as long as the User objects to the use of his data for such purposes. The User can unsubscribe from the Agroinform eMagazin at any time by using the "Unsubscribe" option in the letter, or object to data processing at any time by making a statement in writing or by e-mail. In such a case, the Data Controller will immediately delete all data of the unsubscribing User from the relevant database, however, if it is processed legally for other purposes, the data will not be permanently deleted.

Right to object: The User has the right to object at any time for reasons related to his own situation against the processing of his personal data arising from the legitimate interests of the Data Controller. In this case, the Data Controller may no longer process the personal data, unless the Data Controller proves that the data processing is justified by compelling legitimate reasons that take precedence over your interests, rights and freedoms, or that are necessary for the presentation, enforcement or defense of legal claims are connected.
Based on the above, the User has the right to object at any time to the processing of his personal data for the purpose of sending Agroinform eMagazin. If the User objects to the processing of personal data, the Data Controller will no longer process the personal data for this purpose.

l. Satisfaction measurement

Scope of processed data:

  • full name;
  • email address;
  • answers to the questions on the questionnaire.

The purpose of data management is: to assess User satisfaction with the Data Manager and the Website services, to evaluate the feedback in order to improve the Data Manager's services. In order to assess satisfaction, the Data Controller sends a questionnaire by electronic mail to the Users using the service to the e-mail address provided by them.

Legal basis for data management: the legitimate interest of the Data Controller, which is based on point f) of Article 6 (1) of the GDPR. In order to comply with the referenced provision, the Data Controller carried out the interest assessment test, as a result of which he established the following:

  • According to its judgment, the Data Controller has a legitimate interest in the development of its services and, for this purpose, in assessing the satisfaction of the Users who use its services;
  • The purpose of data management is to assess User satisfaction with the services of the Data Controller and the Website, and to evaluate feedback in order to improve the Data Controller's services;
  • The User's right to the protection of his personal data and private life is proportionally limited by the legitimate interest of the Data Controller defined in this point, and the data management based on the legitimate interest. From the point of view of its legitimate interest and data management, the data controller has examined all the tools and options that can be taken into account in order to achieve the desired - and stated in this Information - goal and has deemed that sending the satisfaction survey questionnaire by e-mail can be considered the least restrictive solution possible. and thus meets the requirement of necessity and proportionality. In order to do this
    • e-mails aimed at measuring satisfaction will only be sent to each affected User on a limited basis, only within 1 month after using the service;
    • According to the Data Controller's opinion, it is also in the User's interest that the Data Controller applies the satisfaction measurement, since the User can thus participate in the development of the Data Controller's services, which the User also uses, and their satisfaction can also be improved based on the results of the satisfaction measurement, the according to the conclusions drawn from it;
    • The data controller complies with the legal obligations in all cases;
    • In all circumstances, the Data Controller ensures the Users to object to the use of their personal data for this purpose and to exercise the additional rights specified in this Notice;
    • The data controller shall immediately delete the User's data from the relevant database following the User's objection to this and shall no longer send the User an inquiry related to the satisfaction assessment.

Based on the above, in the opinion of the Data Controller, sending an electronic mail related to the satisfaction assessment meets the legal and official requirements for data management based on legitimate interests.

Duration of data management: as long as it is necessary to fulfill the purpose of data management, or as long as the User objects to the use of his data for such purposes. The User can unsubscribe from the letters containing the satisfaction survey at any time by using the "Unsubscribe" option in the letter, or object to the data management at any time by making a statement in writing or by e-mail. In such a case, the Data Controller will immediately delete the relevant data of the unsubscribing User from the relevant database, however, if it is processed legally for other purposes, the data will not be permanently deleted.

Right to object: The User has the right to object at any time for reasons related to his own situation against the processing of his personal data arising from the legitimate interests of the Data Controller. In this case, the Data Controller may no longer process the personal data, unless the Data Controller proves that the data processing is justified by compelling legitimate reasons that take precedence over your interests, rights and freedoms, or that are necessary for the presentation, enforcement or defense of legal claims are connected.
Based on the above, the User has the right to object at any time to the handling of his personal data for the purpose of measuring satisfaction. If the User objects to the processing of personal data, the Data Controller will no longer process the personal data for this purpose.

m. Online ads

The Data Controller provides an interface for online advertisements for business purposes. To serve online ads, it uses the services of a media advertising platform seller (Sales Contact Kft.; 1082 Budapest, Futó utca 47-53. V. floor; hereinafter: Media advertising platform seller). In the course of this activity, the Media Advertising Platform seller may collect data and place cookies on the Website in order to personalize and/or optimize the ads. The data protection information of the seller of the Media advertising interface is available on the page below.

Detailed information on the use of cookies used by the Data Controller is contained in the Data Controller's cookie information, which is available at the link below.

n. Ad Monitoring

Scope of processed data:

The User has the option to sign up for the Data Controller's ad monitoring service on the Website's dedicated interface, during which the Data Controller manages the following personal data:

  • full name*;
  • email address*.

The purpose of data management is: to send information about the advertisements available on the Website to the e-mail address provided by the User in accordance with the interests indicated by the User.

Duration of data management: Until the User requests the deletion of his data or withdraws his consent to the processing of his personal data. The User can unsubscribe from the ad monitoring email at any time by using the "Unsubscribe" option in the e-mail, or by making a statement in writing or by e-mail, which means withdrawal of consent. In such a case, the Data Controller will immediately delete all data of the unsubscribing User from the relevant database, however, if it is processed legally for other purposes, the data will not be permanently deleted.

Legal basis for data management: the express consent of the User (given by ticking the box available for accepting this Information) based on Article 6, Paragraph 1, Point a) of the GDPR.

p. Agroinform gift product request

Scope of processed data:

On the interface for this, the User has the opportunity to enter his data in order to claim the Data Controller's gift products. During the application, it is possible to enter the following personal data:

  • full name*;
  • email address*;
  • phone number;
  • product name*;
  • shipping address*;
  • note.

The purpose of data management is: delivering the product selected by the User to the User, maintaining contact with the User.

Duration of data management: until the User requests the deletion of his data or withdraws his consent to the processing of his personal data. If the User requests the deletion of their data or withdraws their consent prior to the successful completion of the delivery, the Data Controller cannot fulfill the product request.

Legal basis for data management: the express consent of the User (given by ticking the box available for accepting this Information) based on Article 6, Paragraph 1, Point a) of the GDPR.

p. During complaint handling

Scope of processed data:

  • in the case of a written complaint:
    • name;
    • mail address or electronic mail address;
    • object and content of the complaint.
  • in the case of a verbal complaint or a verbal complaint made over the phone, if the complaint was not remedied immediately, the Data Controller will record a report containing the following information:
    • name;
    • residential address;
    • place, time, method, subject and content of complaint;
    • unique identification number of the complaint.

Purpose of data management: to document the person of the complainant, the exact time of the complaint and the content of the complaint, as well as the information provided by the Data Controller regarding the complaint, for the purpose of processing and tracing complaints received by the Data Controller verbally, by telephone, in writing and by electronic mail .

Legal basis for data management: CLV of 1997 on consumer protection. Act 17/B. § a.

Duration of data management: CLV of 1997 on consumer protection. Act 17/B. pursuant to §, the minutes of the oral complaint, the written complaint and the response to it must be kept by the Data Controller for 3 (three) years.

q. Automatically collected data

The data of the User's logged-in computer or mobile device, which are generated during the use of the Website and which are recorded by the Data Controller's system as an automatic result of technical processes, in particular the Internet Protocol (IP) address, browser type, language setting, operating system system, Internet Service Provider (ISP) and time stamp.
The data that is recorded automatically is automatically logged by the Website without a separate declaration or action by the User upon entry or exit. These data cannot be combined with other personal user data - except in cases made mandatory by law. Only the Data Controller has access to the data.

Only persons over the age of 18 are entitled to enter data on the Website. Users may only provide their own personal data on the Website. If they do not provide their own personal data, it is the responsibility of the data provider to obtain the consent of the data subject.

3.) PERSONS AUTHORIZED TO KNOW THE PERSONAL DATA, DATA PROCESSING

According to the current legislation, the Data Controller and the Data Processors used by it are entitled to access personal data.

Data processing is carried out by the following data processors acting on behalf of the Data Controller:

  • Naxonet Bt. Storage provider (2400 Dunaújváros, Nap utca 2. fszt 4.) - server service provision
  • Audit-Labtech Kft (4026 Debrecen, Bem tér 14. 1. em. 4.) – provision of bookkeeping and accounting tasks
  • MiniCRM Zrt. (1075 Budapest, Madách Imre út 13-14.) – storage of user data
  • Google Ireland Limited (Gordon House, Barrow Street, Dublin 4.Dublin, D04 E5W5) – mail system operation
  • KBOSS.hu Kft. (1031 Budapest, Záhony utca 7.) – issue of invoice
  • Magyar Posta Zrt. (1138 Budapest, Dunavirág utca 2.) – postal services
  • Sanchar Software (Pushange) (head office: 7732 Maywood Crest Dr, West Palm Beach FL 33412, United States; e-mail: care@pushengage.com) - Provision of technical background related to Browser Push messages

The Data Controller reserves the right to involve additional data processors in the data management in the future, of which it will inform the Users by amending this Notice.

In the absence of an express legal provision, the Data Controller will only transfer personal identification data to third parties with the express consent of the User in question.

4.) RIGHTS OF THE USER

Access to personal data

At the request of the User, the Data Controller provides information on whether the Data Controller continues data processing with regard to his personal data, and if so, gives him access to the personal data, as well as informs him of the following information:

  • purpose(s) of data management;
  • types of personal data involved in data management;
  • in the case of transferring the User's personal data, the legal basis and recipient(s) of the data transfer;
  • planned duration of data management;
  • the rights of the User in connection with the correction, deletion and restriction of processing of personal data, as well as objections to the processing of personal data;
  • the possibility of contacting the Authority;
  • the source of the data;
  • essential information related to profiling;
  • about the name, address and activities related to data management of the data processors.

The Data Controller provides the User with a copy of the personal data subject to data management free of charge. For additional copies requested by the User, the Data Controller may charge a reasonable fee based on administrative costs. If the User submitted the request electronically, the information must be provided in a widely used electronic format, unless the data subject requests otherwise.

The Data Controller is obliged to provide the information at the User's request in an understandable form without undue delay, but at the latest within one month of the submission of the request. The user can submit his request for access to the contact details specified in point 1.

Correcting processed data

The User may apply to the Data Controller (at the contact details specified in point 1) for the correction of inaccurate personal data or the addition of incomplete data, taking into account the purpose of the data management. The data controller will carry out the correction without undue delay.

Deletion of processed data (right to be forgotten), blocking

The User may request that the Data Controller delete the personal data concerning him without undue delay, and the Data Controller is obliged to delete the personal data concerning the data subject without undue delay if one of the following reasons exists:

  1. the personal data are no longer needed for the purpose for which they were collected or otherwise processed;
  2. the User withdraws his consent and there is no other legal basis for data management;
  3. the User objects to the handling of his personal data;
  4. personal data was handled illegally;
  5. personal data must be deleted in order to fulfill the legal obligation prescribed by EU or Member State law applicable to the data controller;
  6. the collection of personal data based on consent took place in connection with the offering of information society-related services to children.

If the Data Controller has disclosed (made available to a third party) the personal data and is obliged to delete it based on the above, it must take the reasonably expected steps and measures, taking into account the available technology and the implementation costs, in order to inform the data controllers handling the personal data concerned, that the User has requested from them the deletion of the links to the personal data in question or the copy or duplicate of these personal data.

Personal data do not need to be deleted if data management is necessary:

  • for the purpose of exercising the right to freedom of expression and information;
  • for the purpose of fulfilling an obligation under the EU or Member State law applicable to the data controller requiring the processing of personal data, or for the execution of a task performed in the public interest or in the context of the exercise of a public authority vested in the data controller;
  • on the basis of the public interest affecting the field of public health;
  • for the purpose of archiving in the public interest, for scientific and historical research purposes or for statistical purposes, if the right to erasure would likely make this data management impossible or seriously jeopardize it; or
  • for presenting, validating and defending legal claims.

Restriction of data management

The User has the right to request that the Data Controller limit the data processing instead of correcting or deleting the personal data, if one of the following is met:

  • the User disputes the accuracy of the personal data, in which case the limitation applies to the period that allows the data controller to check the accuracy of the personal data;
  • the data management is illegal and the User opposes the deletion of the data and instead requests the restriction of their use;
  • The Data Controller no longer needs the personal data for the purpose of data management, but the User requires them to present, enforce or defend legal claims; or
  • the User objected to data processing; in this case, the restriction applies to the period until it is determined whether the legitimate reasons of the data controller take precedence over the legitimate reasons of the data subject.

If data management is subject to restrictions, such personal data, with the exception of storage, will only be processed with the consent of the User, or for the presentation, enforcement or defense of legal claims, or for the protection of the rights of another natural or legal person, or in the important public interest of the Union or a member state can be handled.

The Data Controller informs the User, at whose request the data processing was restricted, about the lifting of the data processing restriction in advance.

Notification obligation related to the correction or deletion of personal data or the limitation of data management

The Data Controller informs all recipients of the correction, deletion or restriction of personal data to whom or to whom the personal data was communicated, unless this proves to be impossible or requires a disproportionately large amount of effort. Upon the User's request, the data controller will inform the User about these recipients.

Right to data portability

The User has the right to receive the personal data concerning him/her provided to the Data Controller in a segmented, widely used, machine-readable format, and to forward this data to another data controller. If requested by the User, the Data Manager exports the processed data in PDF and/or CSV format.

Right to object

The User may object to the processing of his personal data if the data processing

  • necessary for the execution of a task carried out in the public interest or in the context of the exercise of a public authority delegated to the Data Controller;
  • necessary to enforce the legitimate interests of the Data Controller or a third party;
  • based on profiling.

If the User objects, the Data Controller may no longer process the personal data, unless it proves that the data processing is justified by compelling legitimate reasons that take priority over the interests, rights and freedoms of the User, or that are used to submit or enforce legal claims or related to its protection.

If the processing of personal data takes place for the purpose of obtaining direct business or related profiling, the User has the right to object at any time to the processing of his personal data for this purpose. If the User objects to the processing of personal data for the purpose of direct business acquisition, then the personal data may no longer be processed for this purpose.

Measure of the Data Controller in connection with the User's request

The Data Controller shall inform the User without undue delay, but no later than one month from the receipt of the request, of the measures taken following the request for access, correction, deletion, restriction, objection, and data portability. If necessary, taking into account the complexity of the application and the number of applications, this deadline can be extended by another two months. The Data Controller shall inform the User of the extension of the deadline, indicating the reasons for the delay, within one month of receiving the request. If the User submitted the request electronically, the information must be provided electronically, if possible, unless the data subject requests otherwise.

If the Data Controller does not take measures following the User's request, it shall inform the User without delay, but at the latest within one month of the receipt of the request, of the reasons for the failure to take action, as well as of the fact that the User may file a complaint with a supervisory authority and take legal action with his right to appeal.

In the case of the User's request, the information, the information and the action taken based on the request must be provided free of charge. If the User's request is clearly unfounded or - especially due to its repetitive nature - excessive, the Data Controller, taking into account the administrative costs associated with providing the requested information or information or taking the requested action, may charge a reasonable fee or refuse to take action based on the request. The Data Controller bears the burden of proving that the request is clearly unfounded or exaggerated.

5.) DATA SECURITY

The Data Controller undertakes to ensure the security of the data, to take the technical and organizational measures and to establish the procedural rules that ensure that the recorded, stored and managed data are protected and prevent their destruction. , unauthorized use and unauthorized modification. It also undertakes to call on all third parties to whom the data is forwarded or transferred based on the consent of the Users to comply with the requirement of data security.

The data controller ensures that no unauthorized person can access, disclose, transmit, modify, or delete the processed data. Only the Data Controller and its employees, as well as the Data Processor used by the Data Controller can see the processed data, the Data Controller will not transfer them to third parties who do not have the right to access the data.

The data controller will do everything possible to ensure that the data is not accidentally damaged or destroyed. The above commitment is required by the Data Controller for its employees participating in data management activities.

The User acknowledges and accepts that in the case of entering personal data on the Website - despite the fact that the Data Controller has modern security tools to prevent unauthorized access to the data or their investigation - data protection cannot be fully guaranteed on the Internet. In the event of unauthorized access or knowledge of data occurring despite our efforts, the Data Manager is not responsible for this type of data acquisition or unauthorized access or for any damage caused to the User as a result of these reasons. In addition, the User may also provide his personal data to third parties, who may use it for illegal purposes or in a way.

Under no circumstances does the data controller collect special data, i.e. data related to racial origin, belonging to a national and ethnic minority, political opinion or party affiliation, religious or other worldview beliefs, interest-representative organization membership, health status , they refer to pathological passion, sexual life, and a criminal record.

6.) MANAGEMENT AND REPORTING OF DATA PROTECTION INCIDENTS

A data protection incident is any event that involves the unlawful handling or processing of personal data managed, forwarded, stored or processed by the Data Controller, including unauthorized or accidental access, alteration, communication, deletion, loss or destruction, as well as result in its accidental destruction and damage.

The Data Controller must notify the NAIH of the data protection incident without undue delay, but no later than 72 hours after becoming aware of the data protection incident, unless the Data Controller can prove that the data protection incident is likely to pose no risk to natural persons regarding your rights and freedoms. If the notification cannot be made within 72 hours, the reason for the delay must be indicated, and the required information can be provided in detail without further undue delay. The notification to the NAIH contains at least the following information:

  • the nature of the data protection incident, the number and category of data subjects and personal data;
  • Name and contact information of data controller;
  • probable consequences resulting from the data protection incident;
  • measures taken or planned to manage, prevent, remedy the data protection incident.

The Data Controller informs the data subjects about the data protection incident via the Data Controller's website within 72 hours after the detection of the data protection incident. The information must contain at least the data specified in this section.

The Data Controller keeps a record of data protection incidents in order to check the measures related to the data protection incident and to inform the affected parties. The register contains the following data:

  • scope of personal data concerned;
  • scope and number of those involved;
  • date of the data protection incident;
  • circumstances and effects of the data protection incident;
  • measures taken to prevent the data protection incident.

Data in the register is kept by the Data Controller for 5 years from the detection of the data protection incident.

7.) LEGAL ENFORCEMENT OPTIONS

The Data Controller does everything to ensure that personal data is handled in accordance with the law, however, if the User feels that this has not been done, he has the option to write to the contact details specified in point 1.

If the User feels that his right to the protection of personal data has been violated, he may seek legal redress from the competent authorities according to the applicable laws.

  • National Data Protection and Freedom of Information Authority (address: 1055 Budapest, Falk Miksa utca 9-11; ugyfelszolgalat@naih.hu; www.naih.hu)
  • at court.

8.) OTHER PROVISIONS

This Information is governed by Hungarian law, especially CXII of 2011 on the right to self-determination of information and freedom of information. Act, and CVIII of 2001 on certain issues of electronic commercial services and services related to the information society. Act and the provisions of the GDPR apply.

Budapest, March 14, 2024

All rights reserved.
© 2024 Agroinform Media Ltd.

[bezárás x]