PERSONAL DATA PROTECTION PRINCIPLES of Glissonic Kft.
These personal data protection principles (hereinafter the “Principles”) determine the rules for personal data protection in the company and the business terms and conditions of Glissonic Kft., registered office: Vérhalom utca 18, 1023 Budapest, Hungary (Hereinafter the “Company” or the “Controller”). The Company ensures the protection of your personal data in accordance with valid and effective legislation, which, from 25 May 2018, primarily means Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “GDPR”).
The Company may amend and modify Principles at any time, by placing a revised version at the website https://www.glissonic.com/ (hereinafter the “Website”) and such change and modification will come into effect as of the date of such placement.
Controller’s Contact Details
The Company is the Controller of the personal data in accordance with Article 4(7) of the GDPR.
Please send all communications concerning Personal data protection or notifications of breaches of rights through the Controller’s e-mail address: instrument@glissonic.com or to the postal address: Vérhalom utca 18, 1023 Budapest, Hungary
The Controller has not appointed a personal data protection officer in the meaning of Article 37 of the GDPR.
Personal Data that the Controller Processes
Personal data is understood to mean all information about an identified or identifiable natural person. An identifiable natural person is a natural person that can be directly or indirectly identified, in particular by reference to a certain identifier, for example name, identification number, location data, network ID or one or more special elements of the physical, physiological, genetic, mental, economic, cultural or social identity of such natural person.
In the event of the use of the Website, the Controller records your IP address and standard data, such as the type of your browser and links to other websites that you have browsed at the Website. This information serves for monitoring and prevention of fraud, diagnosis of problems and processing of statistical data, which is anonymous and does not contain your personal data.
Cookies and internet beacons help the Controller operate the Website. You can find a more detailed definition of them, their types and the purposes of their use by the Controller in the Principles below.
Purposes of Personal Data Processing
The Controller processes your personal data for the following purposes:
- Pre-contractual negotiations;
- Performance of contractual relationship;
- Sending of business communications, offers of products and services, and events organised by the Controller and performance of other marketing activities;
- Sending of offers of employment;
- Performance of the Controller’s statutory duties;
- Improvements in the quality of services provided by the Controller and improvements in the use of the Website.
The period for which personal data is processed
For the period specified by law:
- Pre-contractual negotiations: for the period specified by law;
- Performance of contractual relationship: for the period specified by law;
For a maximum of 5 years or until you opt out
- Sending of business communications, offers of products and services, and events organised by the Controller and performance of other marketing activities;
- Sending of offers of employment;
- Performance of the Controller’s statutory duties;
- Improvements in the quality of services provided by the Controller and improvements in the use of the Website.
Processing Personal Data for Performance of Contract
In this case your personal data are processed in accordance with Article 6(1)(b) of the GDPR – the provision of personal data is a necessary requirement for discharge of a contract or taking measures adopted before the conclusion of a contract at the request of a data subject. Without the provision of personal data, it is not possible to conduct pre contractual negotiations, conclude a contract or perform it by the Controller.
Granting of Consent
One of the statutory reasons for personal data processing is the granting of your consent to personal data processing in the sense of Article 6(1)(a) of the GDPR. The Controller requests the granting of consent to the processing of your personal data, in particular, when:
- Sending business communications, offers of products and services, and events organised by the Controller, and performance of other marketing activities;
- Using cookies for social media and cookies for marketing and advertising.
You have the right to withdraw the consent granted to the Controller for the processing of your personal data at any time, by sending an e-mail to the Controller’s e-mail address: nstrument@glissonic.com stating your first name and surname, so that you can be identified. Withdrawing the consent does not affect the lawfulness of processing which is based on the consent that was granted before it was withdrawn.
Protection of Legitimate Interests
Your personal data can also be processed in accordance with Article 6(1)(f) of the GDPR—processing is necessary for the purposes of legitimate interests pursued by the Controller or a third party.
Provision of Personal Data to Third Parties
Personal data are provided to third parties cooperating with the Controller as a part of the provision of services and procuring marketing services. Such third parties need access to your data, so that they can perform their activities and they are obligated, when processing your personal data, to comply with the principles of personal data processing set by the GDPR. The current list of third parties is available on request.
Without your consent, the Controller will not provide your personal data to third parties other than those specified above and will not share them with any other persons or unrelated companies, with the exception of the following cases:
- Compliance with legal regulations or as a response to the requirements of legal regulations;
- Protection of the rights and property of the Controller, its representatives, users and other persons, in particular for the purpose of enforcing their contracts, the principles and user conditions and, in urgent cases, protection of the Controller’s own security, users of its services or any other person;
- In connection with any merger, sale of assets of the Company, financing or acquisition of all or part of the enterprise of the Controller by another company or in the course of such process.
The Controller will not hand over your personal data without your consent to a third country or international organisation, if it is not necessary for the performance of a contract between you and the Controller or if such duty does not ensue for the Controller from the law.
Without your consent, the Controller will not provide personal data gathered using the Website to third parties for direct marketing purposes.
Rights of Data Subject
As a data subject whose personal data are processed, you have the rights specified below, which you can exercise at any time. They are:
- The right to access your personal data (i.e., the right to obtain information about whether your data are processed and, if they are, you have the right to obtain access to them);
- The right to rectification of personal data (i.e., to request rectification if you find out that the Controller is processing inaccurate and/or untruthful data);
- The right to request an explanation (i.e., if you have the suspicion that the processing of personal data is interfering with the protection of your personal and private life or if processing is occurring in conflict with legal regulations);
- The right to restrict personal data processing (i.e., the right to request a temporary restriction of the processing of your personal data);
- The right to the erasure of your personal data (i.e., in the event that your data are no longer needed for the purposes for which they were processed);
- The right to object to personal data processing (the Controller is obligated to prove that there is a serious, legitimate reason for personal data processing that outweighs your interests, or rights and freedoms);
- The right to data portability (i.e., the right to request that a third party receives your data);
- The right to withdraw the consent at any time to processing of your personal data; withdrawing the consent does not affect the lawfulness of processing based on consent that was granted before it was withdrawn;
- The right to make a complaint to the Nemzeti Adatvédelmi és Infotmációszabadság Hatóság (i.e., in the event you think your right to personal data protection was breached).
Security Measures and Sharing of Personal Data
The Controller keeps your personal data in accordance with the highest security standards, through a wide range of security measures, including encryption and verification tools, in order to prevent unauthorised access, changing, publication or destruction of your personal data. Your personal data are protected by firewalls and are accessible only to a limited number of persons that are obligated to keep such data secret.
Cookies
Cookies are short text files that are created by a web server and stored on your device via an Internet browser (Internet Explorer, Firefox, Chrome, etc.). It is used so that later, when you return to the Website, the browser sends the stored cookie back and the server receives all the information it previously stored on you.
In connection with the operation of the Website the Controller uses several types of cookies.
Effective date: 17. September 2023