| Partner Hub Informatikai Zártkörűen Működő Részvénytársaság PRIVACY POLICY Please read this Prospectus carefully to understand how we handle your personal data and your privacy rights. As data controller, Partner Hub Zrt. respects the privacy of all persons that provides personal data to Partner HUB Zrt. Partner HUB Zrt is committed to protect these personal data. Pursuant to Article 13 of the General Data Protection Regulation of the European Union (Decree No 679/2016, hereinafter “GDPR”) Partner HUB Zrt provides the following information: |
| Details of Data Controller: Name: Partner Hub Zrt. Registered seat: 1117 Budapest, Budafoki street 187-189. Company registry no: 01-10-048387 Websites: www.konnyen.hu, www.enszamlazom.hu, http://www.charlie-india.org Phone: +36-20-5396527 E-mail: info@partnerhub.hu Requests regarding data protection: if you have any questions or concerns regarding data processing, you may send your request by mail or electronically to the addresses above. We will send replies without delay, but within a maximum of 30 days, to the address you requested. Data processing: Employees and officers of Partner Hub Zrt. The place of processing is the registered seat of Partner Hub Zrt., or another location, as per a separate contractual agreement Data transmitted outside Hungary: no data transfer outside Hungary (except for charlieindia.org website analytics) Data processing objectives: The Data Controller shall process data for the following purposes in accordance with the law: In connection with the performance of the duties set forth in the deed of incorporation, the data of employees and contractors and service users shall be processed for the purpose of fulfilling legal obligations and maintaining customer relations as follows: the. processing of employee data,pre-contractual and post-contractual communication with clients,website visitor data,contacting us through our website,publicly available online invoicing service registration and contracting |
| Legal bases for processing personal data: We process your personal data only to the extent necessary to perform our service. We will generally process your personal data only with your consent. The exception applies in cases where it is not possible to obtain prior consent for factual reasons or when statutory permission permits the processing of your personal data. The following are the legal bases for the use of your personal data: (a) issue of an invoice complying with Hungarian accounting and tax legislation: Legal basis: Article 6 (1) (c) of the GDPR; (b) Keeping contacts: legal basis: Article 6 (1) (f) of the GDPR. In case of data of partners’ employees and employees the legal basis of data processing and the weighing of interests. The data controller has a legitimate interest in: business continuity; (c) processing of employee data: Article 6 (1) (b), (c) of the GDPR; (d) processing contractual partner data: legal basis Article 6 (1) (b) of the GDPR; (e) legal basis for the website visit: Article 6 (1) (f) of the GDPR; (f) on-line website registration legal basis: Article 6 (1) (a) of the GDPR; |
| Duration of data processing: Invoices are kept for at least eight years. The documents on which the invoice is based are kept for eight years. Retention period of employment documents: 50 years. Data retained for keeping contacts will be retained for a maximum of one year after the connection has been established. Retention of contract performance data: five years. website visit data Your personal data will be deleted or blocked as soon as the purpose of the data processing is no longer valid. Beyond that date, personal data may only be stored if required by European or national regulations or laws. The data shall be blocked or deleted when the retention period set out in those laws expires, unless the retention of data is necessary for the conclusion or performance of the contract. |
| Data subject rights: As a Data Controller, we will make every effort to comply with your rights (pursuant to Chapter III of the GDPR) (information, access, rectification and erasure, data portability) within the time limit set by law at the written request of the data subject. In relation to your personal data, the data subject has the following rights by law: Information and access rights (access to data, whether data are processed); Upon your written request, the Data Controller shall provide you within 30 days with written information on your personal data managed by the Data Controller, the purpose of the data processing, its legal basis, its duration, the name and address of the data processor (s). Data rectification: You have the right to ask our company to correct any information that you believe is inaccurate (outdated or incorrect). You also have the right to request our company to provide any information you consider incomplete. Right of erasure of data (consent-based data processing only): You may, in writing, request that some or all of your personal information be modified and deleted. The controller will provide feedback on these requests within 8 days. Erasure of personal data is only possible if you withdraw your consent for data processing (your subscriber contract expires) and there is no other legal basis for data processing. Restriction of data processing: Access to personal data is restricted to those employees and subcontractors of the controller who need to process that data for the controller. You may limit the handling of your data to: 1) prohibiting the use of personal data for direct marketing purposes; 2) transferring your personal data to a third party service provider or prohibiting it The right to object to processing personal data: If your personal data is required for the performance of a contract or for the performance of preliminary contractual measures, the early erasure of your personal data is only possible if the deletion is not contrary to your contractual or legal obligations. Data Portability / Request for Copy: You may request the personal data processed by us in writing. The Data Controller will provide you with a copy of your personal data in a popularly used, machine-readable format. For any additional copies you request, the Controller will charge a fee based on administrative costs. |
| Websites Enszamlazom.hu and konnyen.hu are operated in accordance with the provisions of this policy. Through these websites, Partner HUB provides a public online invoicing service. On http://www.charlieindia.org, you may only access information about Partner HUB Zrt’s products or contact Partner HUB Zrt. Website visitor data Purpose of data processing: While browsing the website, the web hosting provider records the data of the visitors for the purpose of continuous operation, maintenance, protection, development and avoidance of abuse using cookies. Stakeholder Category: Visitor of the website Legal basis for data processing: Consent of the data subject, the data controller’s legitimate interest Personal Data Category: IP address of the data subject, date and time of the visit, data related to the affected operating system and browser, and pages visited Recipient categories: http://www.charlieindia.org is operated by wordpress.com and collects data as follows: https://automattic.com/privacy-notice/, https://automattic.com/cookies/ Contacting us using the contact form on the website Purpose of data processing: Contact, Request for information, providing information Stakeholder Category: Visitor of the website Legal basis for data processing: Consent of the data subject Personal data category: IP address, name, e-mail address, message text, and other personal data voluntarily provided by the data subject Recipient categories: data controller, data processor Public online invoicing service registration and using of the service Purpose of data processing: To ensure the use of the service, the conclusion of the service contract. Legal basis for data processing: Consent of the data subject Category of personal data: IP address, name, address, email address, tax number, telephone number, billing address information, bank account number of the data subject, and other personal data voluntarily provided by the data subject Technical and organizational measures: Encrypted connection, Login name and password, Registration activation email. A password reminder is only available at the email address you provided at registration or modified by the data subject thereafter. In special cases (eg change of ownership), a password reminder can also be requested at the email address provided in the business directory. Recipient categories: data controller, data processor, accountant Duration of data processing: – For non-confirmed registrations, a maximum of 90 days from the date of registration – In case of confirmed registration, the subscription expires on + 365 days or prior to the written request of the data subject Conclusion of a service contract other than the public online invoicing service Purpose of data processing: To ensure the use of the service, the conclusion of the contract. Legal basis for data processing: Consent of the data subject, the data controller’s legitimate interest Personal Data Category: Data subject, name, address, e-mail address, tax number, telephone number, billing address details, bank account numbers, and other personal information provided voluntarily by the data subject Recipient categories: data controller, data processor, accountant Processing employee data Purpose of data processing: to ensure business. Legal basis for data processing: Contribution of the data subject, maintenance of business Personal Data Category: Data subject, name, address, e-mail address, tax number, telephone number, bank account numbers, and other personal data voluntarily provided by the data subject Recipient categories: data controller, data processor, accountant |
| Legal remedies information: You have the right to file a complaint with the supervisory authority (National Data Protection and Freedom of Information Authority, http://naih.hu, telephone: +36 (1) 391-1400, postal address: 1530 Budapest, PO Box 5, e-mail: ugyfelszolgalat@naih.hu). If you are a foreign national, you can also complain to the supervisory authority of your place of residence or work. Litigation: Data protection lawsuits fall within the jurisdiction of the Court of Justice. Upon the choice of the data subject, the lawsuit may be instituted before the court in the place where the data subject is domiciled or habitually resident. |
| Dated: Budapest, 5 June, 2023 |