Privacy Policy

PRIVACY POLICY: SERVICESELECTOR.COM

1. THE PURPOSE OF THE PRIVACY POLICy

The purpose of this privacy policy is to define the principles and rules for the handling of personal and other data provided by visitors of the website www.serviceselector.com during its use, that is managed by Online Service Selector Kft. (hereinafter referred to as “Data Controller”)  in order to enforce the data protection principles and data security requirements.

2. NAME AND CONTACT INFORMATION OF THE DATA CONTROLLER

● Name of Organisation: Online Service Selector Kft.
● Seat: 2084 Pilisszentiván, Szőlő u 39.
● Phone number: +36 20 414 5065
● Company registration number: 13 09 140320
● Tax number: 22935096-2-13
● E-mail: hello@selector.hu
● Website: www.serviceselector.com

3. GENERAL POLICIES

Data Controller manages personal data only for a legitimate purpose and to the extent necessary to achieve the purpose, in a confidential, accurate and up-to-date manner, preserving their integrity, in accordance with the legal provisions in force, while ensuring their security, and taking the necessary administrative, logical, physical security and organizational measures, as well as establishing the procedural rules necessary to enforce the relevant provisions of the legislation in force.

The Data Controller keeps the following during data management
- secrecy: protects the information so that only those who are entitled to it can access it;
- integrity: protects the accuracy and integrity of the information and the method of processing;
- availability: ensures that, when the  authorized users need it, they have access to the information they require and that the means to do so are available.

The Data Controller undertakes that all data management related to its activities complies with the provisions of this privacy policy and the relevant legislation in force.

4. LEGAL BACKGROUND:

The Data Controller is obliged to comply with the legislative requirements related to the management of personal data in each phase of data processing. The data processing performed by the Data Controller is primarily governed by the provisions laid down in the following legal acts:

- Act V of 2013 on the Civil Code (“Civil Code”)
- Regulation (EU) 2016/679 of the European Parliament and of the Council (27 April 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR)
- Act CXII of 2011 on information-related self-determination right and information freedom („Privacy act”)

5. REGULATORY BACKGROUND, LEGAL BASIS AND PURPOSE OF THE DATA PROCESSING PERFORMED ON THE WEBSITE, THE SCOPE OF PERSONAL DATA PROCESSED AND THE DURATION OF DATA PROCESSING

5.1 Information on the use of cookies

About cookies:
The Data Controller uses so called cookies during the course of visits to the website. Cookies are information packages consisting of letters and numbers which are sent by our website www.serviceselector.com to your browser in order to save certain settings, which help to make our website easier to use and also contributes in a sense by collecting some relevant information of statistical nature of our visitors. Cookies do not contain personal information and are not suitable for identifying individual users. Cookies often contain a unique identifier - a secret, randomly generated sequence of numbers - that your device stores. Some cookies expire after you close the website, and some are stored on your computer for a longer period of time.

The legal basis and regulatory background for cookies: The background for data processing is provided by the provision of Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (Infotv.) and by Act CVIII of 2001 on certain issues of electronic commerce activities and information society services. The legal basis for data processing is your explicit consent, pursuant to Section 5 (1) paragraph a.) of the Infotv.

Main characteristics of cookies used by the website:

Session cookie:
These cookies store the location of the visitor, the language of the browser, the currency of the payment.Its lifetime lasts until the browser is closed or up to 2 hours.
Duration of data processing: 2 hours

Referer cookies: They record what external page the visitor came to the website from.
Their lifetime lasts until the browser is closed.

Mobil version, design cookie: It detects the device used by the visitor and switches to full view on mobile.
Its  lifetime is 365 days.
Duration of data processing: 365 days

Cookie acceptance cookie: Upon arrival at the site, it accepts the statement about the storage of cookies in the warning window.
Its  lifetime is 365 days.
Duration of data processing: 365 days

Intelligent offer cookie:
It records the conditions for displaying smart offers (e.g. whether the visitor has already been to the site).
Its  lifetime is 30 days.
Duration of data processing: 30 days

Backend identifier cookie:
It identifies the backend server behind the page .
Their lifetime lasts until the browser is closed.
Duration of data processing: until the browser is closed.

Google Analytics cookie: When someone visits our site, the visitor's cookie ID is added to the visitor list, which can be used for later remarketing.
Google uses cookies like NID and SID to help customize ads on Google properties, like Google Search. They use such cookies, for example, to remember your most recent searches, your previous interactions with an advertiser’s ads or search results, and your visits to an advertiser’s website.

The conversion tracking function of Analytics uses cookies. It stores cookies on a user's computer to track sales and other conversions resulting from an ad when the person clicks on that.

Some common applications of cookies are to select advertising based on what’s relevant to a user; to improve reporting on campaign performance; and to avoid showing ads the user has already seen. Google Analytics is Google’s analytics tool that helps website and app owners to understand how their visitors engage with their properties. It may use a set of cookies to collect information and report site usage statistics without personally identifying individual visitors to Google. The main cookie used by Google Analytics is the ‘_ga’ cookie. In addition to reporting site usage statistics, data collected on Google properties by Google Analytics may also be used, together with some of the advertising cookies described above, to help show more relevant ads on Google properties (like Google Search) and across the web.

RTB personalized retargeting cookies: They may appear to previous visitors or users when they browse other sites on the Google Display Network or search for terms related to its products or services.

Facebook Pixel: Measurement codes of Facebook social network have also been placed on our site. When you visit our site, the remarketing tags establish a direct connection between the browser and the Facebook server. Facebook receives data with your IP address. As a result, Facebook can associate our pages visited by you  with your user account. We may use this information to display Facebook ads. Please note that as the provider of the site, we do not know the content of the data transmitted and your Facebook usage. For more information, see Facebook's privacy policy:
https://www.facebook.com/about/privacy/. If you don't want Facebook to associate you with Custom Audiences targeting to specific lists, you can deselect Custom Audiences here. You may not accept the use of cookies, in which case some features will not be available to you. You may find more information about deleting cookies at the following links:

Internet Explorer: http://windows.microsoft.com/en-us/internet-explorer/delete-managecookies#ie=ie-11
Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-yourcomputer
Chrome: https://support.google.com/chrome/answer/95647?hl=en

5.4  The scope of personal data processed
Data Controller manages the following data according to the guidelines detailed below:
Name,  e-mail address, telephone number, IP address, browser, user device, cookie

5.7 Data processing related to telephone or online contact
The legal basis and regulatory background for data processing:
The legal basis for data processing is the User’s voluntarily given consent to it, the recording of the data is initiated by the User.

The purpose of data processing:
The purpose of data processing is a one-time exchange of information.

The scope of data processed:
The personal data that is processed is the User's name, telephone number and e-mail address. Any interested party who initiates contact is involved in the data management.

The duration of data processing:
5 working days, or at most until the proposed question is answered to its full extent.

Involved data processors:
Data provided during registration is managed by the Data Controller.

5.8 Data processing related to job application‍‍
The legal basis and regulatory background for data processing:
The legal basis for data processing is the User’s voluntarily given consent to it, the recording of the data is initiated by the User.

The purpose of data processing:
The purpose of data processing is the User’s application for the advertised position.

The scope of data processed:
The personal data that is processed is the User's name and e-mail address. Any interested party who initiates contact is involved in the data management.

The duration of data processing:
5 years

Involved data processors:
Data provided is managed by the Data Controller.

6. MODIFICATION OF CONTRIBUTIONS

Users may withdraw their consent to data processing:

6.1 Modification of cookie contributions
You may find more information about deleting cookies at the following links:
Internet Explorer: http://windows.microsoft.com/en-us/internet-explorer/delete-managecookies#ie=ie-11
Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-yourcomputer
Chrome: https://support.google.com/chrome/answer/95647?hl=en

7. USE OF DATA PROCESSOR AND ACTIVITIES RELATED TO DATA PROCESSING

7.1 Data processor in connection with online marketing activities
- Name of the data processing company: Facebook Ireland Limited
- Seat: 4 Grand Canal Square, Grand Canal Harbour
- Tax number: IE9692928F
- Name of the data processing company: Google
- Seat: Dublin Barrow Str. 4
- Tax number: IE6388047V

Scope of personal data involved: IP address, cookie

7.2 Data processing related to the technical maintenance of the website
Storage service:
- Name of the data processing company: Webflow, Inc.
- Seat: 398 11th Street, 2nd Floor, San Francisco, CA 94103
- Tax number: 1031385-06-151

Scope of personal data involved: IP address

Data Controller has a contractual obligation with all data processors in accordance with legal requirements, which ensures that personal data may be processed only on the data controller's written instructions, the data processor undertakes an obligation of confidentiality, guarantees the data processor's IT and other security conditions upon request the data processor provides all necessary information to the data controller.

Users consent to the transmission of data to all of the above listed processors under the conditions detailed above.

8. USER RIGHTS AND POSSIBILITIES OF ENFORCEMENT

8.1 Right to transparent information‍
User has the fundamental right to appropriate, transparent information, which is an obligation of the Data Controller. Data Controller informs the User in a concise, transparent, easily accessible format, in a clear and comprehensible manner about the circumstances of the data management and the rights to which he/she is entitled. If information is requested, we will provide the information without undue delay, but within a maximum of 30 days.

8.2 Right to access
User has the right to receive feedback from the Data Controller as to whether the processing of his/her personal data is in progress, and if such data processing is in progress, he/she has the right to access personal data and related information, particularly with regard to the source of personal data and whether the data have been transferred to a third party. Data Controller provides the information within a maximum of one month after the request has been submitted.

User may request a copy of any personal data managed by the Data Controller at any time, which the Data Processor is obliged to send to the User immediately.

8.3 Right to data portability
User has the right to receive the personal data he/she has provided to the data controller, in a structured, widely used and machine-readable format and has the right to transmit such data to another data controller. The Data Controller will comply with the request sent to the e-mail address hello@selector.hu within a maximum of 15 days at the latest.

8.4 Right to rectification and modification
Users are entitled to rectify and modify the data provided by them in an e-mail sent to hello@selector.hu.

8.5 Right to erasure (‘right to be forgotten’)
Data Controller is obliged to delete User’s personal data without undue delay if one of the following reasons exists:- personal data is no longer required for the purpose for which they were collected or otherwise processed;- the storage period set by Data Controller has expired;- User withdraws consent on which the processing is based and there is no other legal basis for the data processing;- User objects to the data processing and there is no prior legitimate reason for the data processing;- personal data was processed unlawfully.

The Data Controller will comply with the request sent to the e-mail address hello@selector.hu within a maximum of 15 days at the latest.
The right of erasure does not extend if the Data Controller is obliged by law to further store the data, or if the Data Controller is entitled to further process personal data in accordance with Section 6 (5) of the Info Act (for example in connection with invoicing). Furthermore, the right to be forgotten and the right to erasure does not apply to the extent necessary to  bring, assert or defend legal claims.
In case of deletion, Data Controller is obliged to notify data processors involved of their obligation of deletion.

8.6 Right to protest
User has the right to object at any time, for reasons related to his situation, to the processing of his personal data in the public interest or in the exercise of public authority conferred on the Data Controller or to the processing necessary for the legitimate interest of the Data Controller or of a third party, including profiling based on the previously mentioned provisions. In the event of objection, Data Controller may not further process the personal data, unless it is justified by compelling legitimate reasons which take precedence over the interests, rights and freedoms of the User or which are related to the submission, enforcement or protection of legal claims.

Data Controller examines the protest within the shortest time from the submission of the request sent to the e-mail address hello@selector.hu, but within a maximum of 15 days, makes a decision on its merits and informs you of the decision in writing. If the data controller does not comply with the User's request for rectification, blocking or erasure, the data controller indicates the factual and legal reasons for rejecting the request for rectification, blocking or deletion in writing or electronically with the consent of the User within 25 days after receiving the request.

8.7 Right to restriction of data processing
In case of restriction, personal data may only be stored, other data processing may take place only with the consent of the User, for the purpose of submitting a legal claim, or in the public interest.

User has the right to restrict data processing by Data Controller upon request if one of the following applies:
- data processing is unlawful and User objects to the erasure of the data and requests the restriction on their use instead;
- the data controller no longer needs the personal data for the purpose of data processing, but the User requests them in order to submit, enforce or defend legal claims;
- the User protested against the data processing; in this case, the restriction applies for the period until it is determined whether the legitimate reasons of the data controller take precedence over the legitimate reasons of the User.

8.8 Automated decision-making in individual cases, including profiling
Data Controller does not use or perform profiling, automated decision-making and automatic mechanism.

Data Controller does not allow its data processors to perform automated decision-making or profiling either, only if the User has specifically agreed to this in writing.

9. DATA SECURITY

Data Controller does everything possible to ensure the security of the personal data of users - during network communication and during the storage and preservation of the data, as well. However, the Operator excludes any liability regarding data management related to the operation of storage for servers and Service, and transfers all responsibility related to the server and storage operations to the Storage Provider and the Maintainer.

Although Data Controller implements security measures in accordance with industry standards to ensure this, Data Controller does not guarantee that the personal data of individual users related to the activities performed within the Service or displayed within the Service will be processed only in the manner specified in this privacy statement. Third parties, or even other Users, may be able to illegally eavesdrop on or scan messages or data that are protected by legal provisions regarding data protection and privacy. In addition, the User may disclose his/her personal data to third parties, who may use it for illegal purposes or in an illegal manner.

Users are solely responsible for the use of their personal data, including all activities related to the use of the e-mail address. If the User nevertheless discloses these data to a third party, he/she may lose the possibility of disposing of his/her data managed by the Data Controller and other data controllers and data processors within the framework of the Service and may become a personal obligor of legally binding transactions. In this case, it is recommended to change the data immediately.

10. DISCLAIMER OF THE DATA CONTROLLER'S LIABILITY

If the Data Controller becomes aware that the User provides the personal data of another person during the use of the Service in a manner that violates the rights of a third party or otherwise violates the law, he uses publicly available or illegally obtained personal or other data within the Service or otherwise violates the provisions of this privacy policy or has caused damage during the use of the Service, the Data Controller takes the necessary legal measures to compensate for the damage caused and to bring the perpetrator to justice. In such cases, the Data Controller provides all possible assistance to the prosecuting authorities in order to identify and prosecute the infringer.

11. DATA BREACH INCIDENT, DATA BREACH LOG

The Data Controller is obliged to inform the competent Authority and those involved in the incident of any data protection incident as soon as possible after becoming aware of it, but no later than within 72 hours. Data Controller use its best endeavors to reduce the damages caused to the data subjects as a result of the incident.Data Controller is obliged to ensure that similar incidents do not occur in the future. Data Controller keeps a data breach log of all data protection cases - data protection-related inquiries of data subjects, possible data protection incidents -, the content of which is provided to the data subject upon request.

12. GOING TO COURT

In case of breach of User’s rights, User may turn to the court against the Data Controller. The court proceeds out of court. The trial falls within the jurisdiction of regional courts. The lawsuit may also be initiated at court of the seat of the data controller or, according to the choice of the User, of the place of his/her residence or stay.Data Controller is obliged to compensate the damages caused to any party as a result of unlawful processing the User's data or violating the data security requirement. If the Data Controller violates the User's right to privacy by unlawfully processing the User's data or violating the data security requirements, the User may claim the Data Controller to pay for the aggravated damages.Data Controller is exempt from liability for the damage caused and from the obligation to pay the aggravated damages if Data Controller proves that the damage or the violation of the User's right to privacy was the result of any unavoidable reason outside the scope of data processing.No compensation shall be paid and damages cannot be claimed if the damage or the violation of the right to privacy resulted from the  intentional or serious negligence of the User.

13. OFFICIAL PROCEDURE, COMPLAINT

If you believe that the Data Controller has violated any legal provision on data processing or has not complied with any of your requests, you may initiate the investigation procedure of the National Data Protection and Freedom of Information Authority, or you may also request information from the competent Authority in order to terminate the unlawful data processing:

- Name: Nemzeti Adatvédelmi és Információs Hatóság
- Seat: 1125 Budapest Szilágyi Erzsébet fasor 22/c.
- Postal address: 1530 Budapest, PO Box: 5
- Telephone: +36 (1) 391-1400
- Fax: +36 (1) 391-1410
- E-mail: ugyfelszolgalat@naih.hu
-Website: http://naih.hu

14. OTHER PROVISIONS

Detailed information on data processing not listed in this privacy policy is provided when the data is collected. Data Controller shall provide personal data to the authorities, provided that the authority has indicated the exact purpose and scope of the data, only to the extent strictly necessary for the purpose of the request.

15. MODIFICATION OF THE PRIVACY POLICY

The privacy policy guidelines regarding the data protection provided by Data Controller are available at www.serviceselector.com at all times. Data Controller reserves the right to modify this current privacy policy anytime.

Budapest, 1 July 2019