Effective Date: 28th of March, 2021
The operator of the website, www.cum2camtrans.com (here an after referred to as ‘Website’) published the following Privacy Policy and the Company as Data Controller is bound by there to.
- The purpose of this Policy
- As the User navigates through and interact with the Website, the Company may use automatic data collection technologies to collection certain information about the User’s equipment, browsing actions and patterns to improve the Website and to deliver a better and more personalized service. The Company hereby informs the Users about types of data the Company may collect from the User or what the User provide when he/she visits the Website, the Company’s principles and practices for data processing, the purpose of the data processing, the legal basis of data processing, the duration of data processing, the sources of the data process and the rights and enforcement of these rights of the Users.
- The Company respects the individual rights of the Users, and the Company shall process the personal data on the basis of this Policy. The Company declares that the decisions on the purposes and means of processing are taken in Hungary in which case the legal regulations of Hungary are applicable, the Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (hereinafter referred to as: ‘Act’), the Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as: ‘GDPR’), furthermore with the recommendation of the National Authority for Data Protection and Freedom of Information (hereinafter referred to as: ‘Authority’).
- The processed personal data and the purpose of the data processing
- The Company may collect several types of information about the Users of the Website, including information
- Information about the User’s computer or mobile device, the internet connection, including the User’s IP address, operating system, and browser type,
- information the Users voluntarily supply to the Company by submitting information through the “Contact Us” form,
- information collected through cookies.
- The purpose of the data processing is to provide personalised services, to monitor and analyse trends, usage, and activities in connection with the Website and for marketing or advertising purposes, and to personalize the Website content, features or advertisements.
- The following data of the User will be transmitted to a recommender system to analyse the data of the User and to provide suggestions for the User on the basis of his/her preferences: user ID, IP address, browser type, language settings, user agent, date of registration, location, user behaviour.
- In all stages of data processing operation, the purpose of data processing is satisfied. The personal data is processed to the extent and for the duration necessary to achieve its purpose.
- The Company may collect several types of information about the Users of the Website, including information
- Legal basis of data processing
- The personal data is processed under the Section 5 Subsection (1) b) of the Act and under the Article 6 Point (1) a) of GDPR, when the data subject has given his/her consent.
- By accepting the use of cookies, the User accepts the Policy of the Company, and gives his/her consent to the processing.
- The User will only access the Website if (1) he/she is at least 18-years old and (2) has reached the age of majority where he/she lives. The Company prohibits all persons who do not meet the age requirements from accessing the Website. Minors must not access the Website or use its services. The Company does not knowingly collect any information about children, minors, or anyone under the age of majority.
- The duration of data processing
- The personal data shall be erased from the register of the Company, if the legal basis of data processing is not established. The User shall have the right to obtain the erasure of his/her personal data from the register of the Company at any time.
- The Users shall have the right to request the erasure of personal data concerning him or her by sending a postal mail to the registered address of the Company or by electronic form. The Company shall erase the personal data without undue delay and in any event within 25 days of receipt of the request.
- The Data Controller and Data Processors
- The Data Controller: site’s owner.
- Data Processor shall mean an operator that is engaged under contract in the processing of personal data on behalf of the Company:
- Advertisement network:
Traffic Stars Limited, Arch. Makariou III Avenue, 132, SAGRO BUILDING, 3021, Limassol, Cyprus Duodecad IT Services Luxembourg S.à r.l , 44 Avenue John F. Kennedy, 1855 Luxembourg
- Advertisement network:
- The Company may disclose the User’s personal information to comply with any court order, law, or legal process, including responding to any government or regulatory request.
- Data security requirement
- The Company shall carry out data processing operations and select the technical devices to ensure full respect for the right to privacy of the User, and to protect the personal data from unauthorized access, to protect the accuracy of the data, and to protect the personal data from alteration, except the process of the Data Controller.
- The Company shall take all necessary measures to ensure the computer system security, in particular, to protect the personal data from unauthorized access.
- The Company shall process the personal data exclusively for the operation of the Website and for statistical purposes.
- Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the Data Controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:
(a) the pseudonymisation and encryption of personal data;
(b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
(c) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
(d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
- Information the Company Collects through Automatic Data Collection Technologies
- As you navigate through and interact with the Website, the Company may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns.
- The technologies the Company uses for this automatic data collection may include:
- Cookies.
A cookie is a small file placed on the hard drive of your computer. Your browser stores cookies in a manner associated with each website you visit. The Company uses cookies to enable its servers to recognize your browser and tells the Company how and when you visit the Website and use the services. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of the Website. Unless you have adjusted your browser setting so that it will refuse cookies, the Company’s system will issue cookies when you direct your browser to the Website. If you want to learn more about cookies, please visit www.allaboutcookies.org.
The types of cookies:
Session cookie:
Also called a transient cookie, which is collected during the usage of the website and is erased automatically when the User closes the web browser. The session cookie is essential for the using and operating the Website. Session cookies do not collect information about the User by which the User could be identified. - Web Beacons. Pages of the Website (and the Company’s emails) may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages (or opened an email) and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity). If you want to learn more about web beacons, please visit www.allaboutcookies.org/web-beacons/ .
- Cookies.
- The Company does not collect personal information automatically, but it may tie this information to personal information about you that the Company collects from other sources or you provide to the Company.
- Third-party Use of Cookies and Other Tracking Technologies
- Some content or applications, including advertisements, on the Website are served by third parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use the Website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
- The Company does not control third-party tracking technologies or how third parties’ use them. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
- Social Networks and Third-Party Plug-ins
- The Website may include plugins from social networks and other third parties. An example of a plugin is the Facebook® “Like” button. Where legally permitted, these plugins may communicate with and send information to the party that provided the plugin, even if you do not click on the plugin. This information may include your IP address, information about your browser and device, and the address of the webpage you are visiting on the Website. Loading, using, or clicking the plugins may also place, read, and transmit cookies. These cookies may contain a unique identifier the social network or third-party assigns you. The loading, functionality, and your use of the plugins are governed by the privacy policy and terms of the party that provided the plugin.
- Links to Other Websites
- The Website contains links to other websites. Please be aware that the Company is not responsible for the content or privacy practices of those other websites. The Company encourages its customers to be aware when they leave the Website and to read the privacy statements of any other website that collects personally identifiable information.
- Blocking the Cookies
- The User could control and block the cookies or web beacons on his/her browser. This depends on the type of browser but generally the User can block the cookies by clicking on the main ‘Menu’ button, then ‘Options’, under ‘Settings’ and then ‘Privacy’, where the User can set the type of tracking function which is blocked or allowed on his/her computer.
- Rights of the Users; Enforcement
- Right of access
User shall have the right to obtain from the Data Controller the following information: the purposes of the processing; the categories of personal data concerned; the recipients or categories of recipient to whom the personal data have been or will be disclosed; the envisaged period for which the personal data will be stored; the rights of the User, the right to lodge a complaint with a supervisory authority. The User shall request the Company to provide information concerning the data processing at any time in writing or in electronic form. Data Controller should be obliged to respond to requests from the User without undue delay and at least within 25 days and to give reasons where the Data Controller does not intend to comply with any such requests. The Data Controller shall also inform the User of the possibilities for lodging a complaint with the Authority. - Right to rectification
User shall have the right to obtain from the Company without undue delay the rectification of inaccurate personal data concerning him or her. The Company shall rectify the data and should be obliged to respond to the requests from the User without undue delay and at the latest within 25 days in writing or in electronic form. If the Company does not take action on the request of the User, the Company shall inform the User without delay and at the latest within one month of receipt of the request of the reasons for not taking action and on the possibility of lodging a complaint with the Authority and seeking a judicial remedy. - Right to restriction of processing
User shall have the right to obtain from the Data Controller restriction of processing where one of the following applies:
(a) the accuracy of the personal data is contested by the User, for a period enabling the Data Controller to verify the accuracy of the personal data;
(b) the processing is unlawful and the User opposes the erasure of the personal data and requests the restriction of their use instead;
(c) the Data Controller no longer needs the personal data for the purposes of the processing, but they are required by the User for the establishment, exercise or defence of legal claims.
Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with the User’s consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person.
The Company shall provide information on action taken on a request for rectification to the User without undue delay and in any event within one month of receipt of the request. If the Company does not take action on the request of the User, the Company shall inform the User without delay and at the latest within one month of receipt of the request of the reasons for not taking action and on the possibility of lodging a complaint with the Authority and seeking a judicial remedy. - Right to erasure
User shall have the right to obtain from the Data Controller the erasure of personal data concerning him or her without undue delay and the Data Controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
(a) the personal data have been unlawfully processed;
(b) User withdraws consent on which the processing is based or requests the erasure of personal data, and where there is no other legal ground for the processing;
(c) the personal data have to be erased for compliance with a legal obligation in Union or or erasures is ordered by the Authority or by court;
(d) User objects to the processing and there are no overriding legitimate grounds for the processing.
The Company shall provide information on action taken on a request for erasure to the User without undue delay and in any event within one month of receipt of the request. If the Company does not take action on the request of the User, the Company shall inform the User without delay and at the latest within one month of receipt of the request of the reasons for not taking action and on the possibility of lodging a complaint with the Authority and seeking a judicial remedy. - Supervisory authority
In case of violation of his/her rights, User has the right to lodge a complaint with the Authority.
The supervisory authority:
National Authority for Data Protection and Freedom of Information
HUNGARY-1125 Budapest, Szilágyi Erzsébet fasor 22/C.
Postal address: 1530 Budapest, Pf. 5.
Phone number: +36 -1-391-1400
Fax number: +36-1-391-1410
E-mail address: ugyfelszolgalat@naih.hu - Judicial remedy
User is entitled to seek remedies in case of violation of his/her rights. The competent court is the regional court. The lawsuit could be brought – according to the choice of the User – before the court in the residence or the place of stay of the User.
- Right of access
- Personal Data Breach
- In the case of a personal data breach, the Company shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the Authority, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the Authority is not made within 72 hours, it shall be accompanied by reasons for the delay.
- When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the Data Controller shall communicate the personal data breach to the User without undue delay.
- Miscellaneous
- The Company reserves the right to modify the Privacy Policy. This can take place if the Company modifies the scope of services or if it is required by law. The modification of the Privacy Policy shall not change the purpose of the data processing. The updated version of the Privacy Policy shall be available on the Website.
- The User is liable for any damage caused by the him or her during the use of the Website, or if the User provided third party data on the registration form. In such cases, the Company is entitled to enforce the damages from the User and the Company shall provide all necessary assistance to the competent authority in order to identify the violator.
The Privacy Policy shall come into force on the date: 28th of March, 2021.