Data Management and Privacy Policy

Data Subjects may request information about the processing of their personal data from Attrecto staff, and may withdraw or modify their consent at any time, without restriction or justification, free of charge. As of May 25, 2018, they are entitled to the right of access to and portability of their data. They may request the rectification, blocking, or deletion of their personal data, and may object to their processing in case of infringement. In these cases, they may enforce their claims before a civil court or request the assistance of the National Authority for Data Protection and Freedom of Information (NAIH) – registered office: 1055 Budapest, Falk Miksa utca 9-11, postal address: 1530 Bp. Pf.: 5, http://www.naih.hu – in accordance with the provisions of Act CXII of 2011 and the European Union’s General Data Protection Regulation (GDPR). Further information is available on the NAIH website.

The website www.wordpress-1486802-5661301.cloudwaysapps.com (hereinafter: the Website) is operated by Attrecto Zrt. (Company registration number: 08 10 001846, registered office: 9024 Győr, Wesselényi utca 6, tax number: 23717154-2-08 (hereinafter: the Service Provider). The editing and maintenance of the portal is carried out by Mashup Digital Kft. on behalf of Attrecto Zrt.

PURPOSE OF THE DATA PROTECTION NOTICE

The purpose of this data protection notice is to define the principles and rules for the processing of personal and other data provided by visitors to the www.wordpress-1486802-5661301.cloudwaysapps.com website during the use of the website, processed by the operator of the www.wordpress-1486802-5661301.cloudwaysapps.com domain and Attrecto Zrt. (hereinafter: Data Controller) in order to enforce the principles of data protection and the requirements of data security.

GENERAL PROVISIONS

The Data Controller processes personal data exclusively for legitimate purposes and to the extent necessary for the realization of the purpose, confidentially, accurately and up-to-date, preserving their integrity, in accordance with applicable legal regulations, ensures their security, and takes the necessary administrative, logical, physical security and organizational measures, and establishes those procedural rules that are necessary to enforce the relevant provisions of applicable legislation.

During data processing, the Data Controller maintains

  • Confidentiality: protects information so that only those who are authorized to do so have access to it;
  • Integrity: protects the accuracy and completeness of information and processing methods;
  • Availability: ensures that when the authorized user needs it, they can actually access the desired information, and the related tools are available.

The Data Controller undertakes to ensure that all data processing related to its activities complies with the requirements described in this data protection notice and the relevant applicable legislation.

LEGAL BACKGROUND

The Data Controller is obligated to comply with the legal requirements regarding the processing of personal data at all stages of data processing. The following legal provisions are primarily applicable to the data processing carried out by the Data Controller:

  • Act V of 2013 on the Civil Code (“Civil Code”)
  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR);
  • Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (“Data Protection Act”)

LEGAL BASIS, PURPOSE, SCOPE OF PERSONAL DATA PROCESSED, AND DURATION OF DATA PROCESSING CARRIED OUT ON THE WEBSITE

Information on the use of cookies

What is a cookie? The Data Controller uses so-called cookies when visiting the website. A cookie is an information package consisting of letters and numbers that the www.wordpress-1486802-5661301.cloudwaysapps.com website sends to your browser for the purpose of saving certain settings, facilitating the use of our website, and helping to collect some relevant, statistical information about visitors. Cookies do not contain personal information and are not suitable for identifying individual users. Cookies often contain a unique identifier – a secret, randomly generated number – that is stored on your device. Some cookies cease to exist after the website is closed, while others are stored on your computer for a longer period.

Legal background and legal basis of cookies: The legal background for data processing is provided by the provisions of Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (Info Act) and Act CVIII of 2001 on certain issues of electronic commerce services and information society services. The legal basis for data processing is your consent in accordance with Section 5(1)(a) of the Info Act.

Main characteristics of the cookies used by the website:

Cookie acceptance cookie: When arriving at the page, you accept the statement about storing cookies in the alert window. Lifespan: 365 days. Duration of data processing: 365 days

Intelligent offer cookie: Records the conditions for displaying intelligent offers (e.g., whether the visitor has been on the page before). Lifespan: 30 days. Duration of data processing: 30 days

Backend identifier cookie: Identifier of the backend server serving the page. Lifespan: until the browser is closed. Duration of data processing: until the browser is closed.

Google Analytics cookie: Google Analytics is a Google analytics tool that helps website and application owners get a more accurate picture of their visitors’ activities. When someone visits our page, the visitor’s cookie identifier is added to the visitor list, which can be used for later remarketing. The service may use cookies to collect and report information on statistical data regarding website usage without individually identifying visitors to Google.

Google uses cookies – such as NID and SID cookies – to customize ads seen in Google products, such as Google Search. For example, it uses these cookies to remember your most recent searches, your previous interactions with an advertiser’s ads or search results, and your visits to an advertiser’s website.

The Google Analytics conversion tracking function uses cookies. It saves cookies on the user’s computer when the person clicks on an advertisement to track sales and other conversions resulting from the advertisement.

Some common applications of cookies are: selecting ads based on what is relevant to a specific user, improving campaign performance reports, and avoiding displaying ads that the user has already seen.

In addition to the reports on website usage statistics, Google Analytics can also be used – together with some of the advertising cookies described above – to display more relevant advertisements in Google products (such as Google Search) and across the internet.

RTB personalized retargeting cookies: May appear when browsing on other websites in the Google Display Network or when searching for terms related to their products or services for previous visitors or users.

Facebook Pixel: Measurement codes from the Facebook social network have also been placed on our site. When you visit our page, the remarketing tags establish a direct connection between the browser and the Facebook server. Facebook receives your data with your IP address. As a result, Facebook can associate our pages you have visited with your user account. We can use this information to display Facebook ads. We would like to point out that as a page service provider, we do not know the content of the transmitted data and its use by Facebook. For more information, please see Facebook’s privacy policy: https://www.facebook.com/about/privacy/. If you do not want Facebook to associate you with specific lists using Custom Audience targeting, you can disable the Custom Audience setting here. For more information about deleting cookies, please visit the following links:

Chrome: https://support.google.com/chrome/answer/95647?hl=en

Internet Explorer: https://support.microsoft.com/en-gb/windows/internet-explorer-help-23360e49-9cd3-4dda-ba52-705336cc0de2#ie=ie-11

Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox

FACEBOOK DATA DELETION INSTRUCTIONS

As per Facebook policy, we have to provide User Data Deletion Callback URL or Data Deletion Instructions URL.

To remove an app or website you’ve added:

  1. Click account in the top right of Facebook.
  2. Select Settings & privacy, then click Settings.
  3. Go to the ‘App or websites’ page, then next to the name of the app or website, click Remove.
  4. You may select these options:
    • Delete posts, videos or events [app or website] posted on your timeline.
    • Allow Facebook to notify [app or website] that your login connection was removed.
  5. Click Remove again to confirm.

SCOPE OF PERSONAL DATA PROCESSED

Data processing related to telephone or online contact

The Data Controller processes the following personal data after filling out the quote request form, according to the guidelines detailed below:

  • Name
  • Email address
  • Company name
  • Title
  • Phone number
  • IP address
  • Browser
  • User device
  • Cookie

Legal background and legal basis of data processing: The legal basis for data processing is the User’s voluntary consent to data processing; data collection is initiated by the User.

Purpose of data processing: The purpose of data processing is one-time information exchange, providing price quotes, and preparation and execution of orders.

Duration of data processing: 5 working days, but at most until the User’s question is fully answered or the order is completed.

Data processors involved: The processing of data provided during registration is carried out by the Data Controller.

Data processing related to newsletter subscription

The Data Controller processes the following personal data in connection with newsletter subscription:

  • Name

  • Email address

  • Company name

Legal basis of data processing: The legal basis for processing is the Data Subject’s voluntary consent pursuant to Article 6(1)(a) GDPR. Subscription to the newsletter is optional, and consent may be withdrawn at any time.

Purpose of data processing: To send email newsletters, updates and promotional communications related to the Data Controller’s services, events, and content.

Duration of data processing (retention period): Personal data are stored for 5 years from the date of subscription, or until consent is withdrawn, whichever occurs earlier.

Data processors involved: Newsletter distribution may be carried out using a third-party email marketing service provider acting as a data processor on behalf of the Data Controller. The Data Controller ensures that appropriate data processing agreements are in place.

Withdrawal of consent / unsubscribe: The Data Subject may withdraw consent at any time (e.g., via the unsubscribe link included in each newsletter) without affecting the lawfulness of processing based on consent before its withdrawal.

USER RIGHTS AND LEGAL REMEDIES

Right to transparent information

The User’s fundamental right is the right to appropriate, transparent information, which appears as an obligation for the data controller. The Data Controller informs the User about the circumstances of data processing and their rights in a concise, transparent, understandable, easily accessible format, in a clear and comprehensible manner. In case of a request for information, we will provide the information without undue delay, but no later than within 30 days.

Right of access and copying

The User is entitled to receive feedback from the data controller as to whether the processing of their personal data is in progress, and if such data processing is in progress, they are entitled to access the personal data and related information, especially regarding the source of the personal data, as well as whether the data has been transferred to a third party. The data controller provides the information within a maximum of one month from the submission of the request. The User may at any time request a copy of any personal data processed by the Data Controller, which the Data Processor is obliged to send to the User without delay.

Right to rectification and modification

Users are entitled to rectify and modify the data they have provided by sending an email to info@wordpress-1486802-5661301.cloudwaysapps.com.

Right to be forgotten, right to erasure

The data controller is obliged to erase personal data relating to the User without undue delay if one of the following reasons exists:

  • Personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
  • The storage period specified by the data controller has expired;
  • The User withdraws consent on which the processing is based, and there is no other legal basis for the processing;
  • The User objects to the processing, and there are no overriding legitimate grounds for the processing;
  • The personal data have been unlawfully processed.

The Data Controller will comply with your request sent to the email address info@wordpress-1486802-5661301.cloudwaysapps.com within 15 days at the latest.

The right to erasure does not extend to cases where the Data Controller is obliged by law to continue storing the data, or to cases where, in accordance with Section 21(1) of the Info Act, the Data Controller is entitled to continue processing the personal data (such as in connection with invoicing). The right to be forgotten and erased also does not apply to the extent necessary for the establishment, exercise, or defense of legal claims.

During erasure, the data controller is obliged to inform the involved data processors of the erasure obligation.

Right to object

The User has the right to object at any time, on grounds relating to their particular situation, to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller, or necessary for the purposes of the legitimate interests pursued by the data controller or by a third party, including profiling based on those provisions. In case of objection, the data controller may not further process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the User, or for the establishment, exercise, or defense of legal claims.

The Data Controller examines the objection as soon as possible after the submission of the request to the email address info@wordpress-1486802-5661301.cloudwaysapps.com, but no later than within 15 days, decides on its merits, and informs you of its decision in writing. If the data controller does not fulfill the User’s request for rectification, blocking, or erasure, it will communicate in writing or, with the User’s consent, electronically the factual and legal reasons for the rejection of the request for rectification, blocking, or erasure within 25 days of receiving the request.

Right to restriction of processing

In case of restriction, personal data may only be stored; other data processing can only take place with the User’s consent, for the purpose of asserting a legal claim, or in the public interest.

The user has the right to request the data controller to restrict processing if one of the following applies:

  • The processing is unlawful, and the User opposes the erasure of the data and requests the restriction of their use instead;
  • The data controller no longer needs the personal data for the purposes of processing, but the User requires them for the establishment, exercise, or defense of legal claims;
  • The User has objected to the processing; in this case, the restriction applies for the period during which it is determined whether the legitimate grounds of the data controller override the legitimate grounds of the User.

The Data Controller does not permit automated decision-making or profiling to be carried out by its data processors either, except in cases where the User has separately consented to this in writing.

PERSONAL DATA AT TRAINING SESSIONS AND PROFESSIONAL TRAINING COURSES

We need to collect certain personal data when operating our training programs. We do this on the one hand to identify participants and provide them with relevant information during courses and conferences, and on the other hand because we are obliged to do so by laws regulating adult education.

Adult education regulations require us to collect and forward the following data to the central Adult Education Data Service System:

  • The participant’s current and birth full name
  • The participant’s mother’s maiden name
  • The participant’s highest completed education
  • Information about the participant’s birth (country, location, date)
  • The participant’s email address
  • Citizenship data (especially if not a Hungarian citizen and has no Hungarian address)

We are required by law to keep this data for eight years. The data retention period starts from the creation of the training documentation or the conclusion of the adult education contract. The latter often comes into existence through implied conduct, i.e., by ordering the training.

Please note that providing the above information is not optional but a legal obligation. If someone is unwilling to provide this information, we cannot register them for our training courses, as we would not be able to fulfill our legal obligations.

DATA SECURITY

The Data Controller makes every effort to ensure the security of the personal data of users processed by it – both during network communication and during data storage and retention. However, the Operator excludes all liability related to data processing that is related to the operation of servers and hosting for the Service, and assigns all responsibility related to server and hosting operation to the Hosting Provider and Maintainer.

Although the Data Controller implements industry-standard security measures to ensure this, the Data Controller does not guarantee that the personal data related to the activities of individual users within the framework of the Service or displayed within the Service will be processed exclusively in the ways specified in this privacy policy. Third parties, or even other Users, may be able to illegally intercept or spy out messages or data that are protected by legal provisions protecting privacy and personal rights. In addition, the User may also provide their personal data to third parties, who may use it for illegal purposes or in an illegal manner.

Users bear sole responsibility for the use of their personal data, including all activities related to the use of their email address. However, if the User discloses this data to a third party, they may lose the ability to control the data processed by the Data Controller and other data controllers and processors within the framework of the Service and may also become personally obligated to legally binding transactions. In such cases, it is recommended to modify the data in question immediately.

EXCLUSION OF DATA CONTROLLER’S LIABILITY

If the Data Controller becomes aware that the User has provided personal data of another person in a manner that violates the Notice, the rights of any third party, or otherwise the law while using the Service, uses publicly accessible or illegally obtained personal or other data within the Service in a manner that violates the rights of third parties or the law, or has otherwise violated the provisions contained in this privacy policy, or has caused damage during the use of the Service, the Data Controller will take the necessary legal measures to recover the damage caused and to hold the perpetrator legally accountable. In such cases, the Data Controller provides all possible assistance to the acting authorities for the purpose of identifying the offender’s identity and holding them accountable.

DATA PROTECTION INCIDENT, DATA PROTECTION LOG

The Data Controller is obliged to inform the competent Authority and those affected by the data protection incident simultaneously about any data protection incident as soon as possible after becoming aware of it, but no later than within 72 hours. The Data Controller makes every effort with the tools at its disposal to reduce the data protection and other damages caused to those affected as a result of the incident.

The Data Controller is obliged to ensure that similar incidents cannot occur in the future. The Data Controller keeps a so-called data protection log of all cases related to data protection – inquiries from data subjects related to data protection, potential data protection incidents – and provides information about its contents regarding the given data subject upon request.

RECOURSE TO COURT

In case of infringement of their rights, the User may take legal action against the Data Controller. The court will handle the case as a matter of priority. The case falls within the jurisdiction of the regional court. The proceedings may be instituted before the regional court of the Data Controller’s registered office or, at the User’s choice, the regional court of the User’s place of residence or stay.

If the Data Controller causes damage to another person by unlawfully processing the User’s data or violating data security requirements, it is obliged to compensate for it. If the Data Controller violates the User’s personality rights by unlawfully processing the User’s data or violating data security requirements, the User may claim compensation for pain and suffering from the Data Controller.

The Data Controller shall be exempted from liability for the damage caused and the obligation to pay compensation for pain and suffering if it proves that the damage or the violation of the User’s personality rights was caused by an unavoidable cause outside the scope of data processing.

The damage need not be compensated and compensation for pain and suffering may not be claimed to the extent that the damage or the violation of rights caused by the violation of personality rights resulted from the intentional or grossly negligent conduct of the User.

ADMINISTRATIVE PROCEDURE, COMPLAINT

If you believe that the Data Controller has violated any legal provision relating to data processing or has not fulfilled any of your requests, then you can initiate an investigation procedure of the National Authority for Data Protection and Freedom of Information to terminate the presumed unlawful data processing, or you can also request information from the competent Authority:

  • Name: National Authority for Data Protection and Freedom of Information (NAIH)
  • Registered office: 111055 Budapest, Falk Miksa utca 9-11.
  • Postal address: 1530 Budapest, Pf.: 5.
  • Correspondence address: 1530 Budapest, Pf.: 5.
  • Phone: +36 (1) 391-1400
  • Fax: +36 (1) 391-1410
  • Email: ugyfelszolgalat@naih.hu
  • Website: http://naih.hu

OTHER PROVISIONS

We provide detailed information about data processing not listed in this notice when the data is collected. The Data Controller provides personal data to the authorities – if the authority has specified the exact purpose and scope of the data – only to the extent and amount that is essential for the realization of the purpose of the request.

The information on the website is provided for information purposes only and under no circumstances constitutes advice, recommendation, or offer; they cannot serve as the basis for any decision or measure.

MODIFICATION OF THE DATA PROCESSING NOTICE

Data protection guidelines related to the Data Controller’s data processing are continuously available at www.wordpress-1486802-5661301.cloudwaysapps.com. The Data Controller reserves the right to change this notice at any time.

MORE ABOUT COPYRIGHT

Attrecto Zrt. reserves the right to review, modify if necessary, and update the content published on the website at any time. The entire content found on the www.wordpress-1486802-5661301.cloudwaysapps.com website is the intellectual property of Attrecto Zrt. (“Author”). The Author, as the owner of the copyright, reserves all rights regarding the distribution and copying of the entire content.

Legal possibilities for content use: Quoting with reference From the writings on www.wordpress-1486802-5661301.cloudwaysapps.com, the title of the given article and the first sentence of the article (lead) can be freely quoted. The rest of the article can be viewed with an online, i.e., clickable hyperlink on the www.wordpress-1486802-5661301.cloudwaysapps.com website. The reference can be a text or even a graphic link.

Secondary publication, with written permission If you wish to use a complete article, content, photo, or graphic in either print or electronic media, or for any other business purpose, please indicate your intention to us at the email address info@wordpress-1486802-5661301.cloudwaysapps.com so that we can give written permission for republication.

If you have any comments regarding the above, please feel free to contact us at the email address info@wordpress-1486802-5661301.cloudwaysapps.com. Also at this address, you can report any problems or abuses related to the website.

Human-Centred AI Assistants for Real-World Business Impact