Baracsi-Paletta 97. Kft.
5400 Mezőtúr, Szolnoki út 44.
+36 56 353 435
iroda@baracsi-paletta.hu
OPENING HOURS
Monday - Friday: 6:00 - 16:00

PRIVACY POLICY

Baracsi-Paletta 97. Ipari Szolgáltató Korlátolt Felelősségű Társaság (registered office: 5400 Mezőtúr, Szolnoki út 44 .; company registration number: 16-09-004347; tax number: 11500755-2-16; hereinafter: the “Company”) this data management information (the hereinafter referred to as the “Information") to ensure the protection of individuals with regard to the processing of personal data and the free movement of such data, as well as Directive 95/46 / EC in the General Data Protection Regulation on the repeal of Regulation CXII on the right to information self-determination and freedom of information (hereinafter: “GDPR”); the exercise of the right to information of the data subject specified in the Act (hereinafter: “Information Act”).

The material scope of the Prospectus covers all processes carried out at all organizational units of the Company, during which personal data is processed. The Prospectus shall remain in force until revoked. The Company reserves the right to amend this Prospectus by providing a notice on the website of the amended Prospectus.

I. Data controller

Data handler:  Baracsi-Paletta 97. Ipari Szolgáltató Korlátolt Felelősségű Társaság Registered
office: 5400 Mezőtúr, Szolnoki út 44.
Company registration number: 16-09-004347
Tax number: 11500755-2-16
Telephone number: +36 (56) 353435
Email address: iroda@baracsi-paletta.hu

II. General concepts

(a)  data subject: a  natural person identified or identifiable on the basis of any information, a natural person who, directly or indirectly, in particular an identifier such as name, identification number, location data, online identifier or , identifiable by one or more factors relating to its economic, cultural or social identity);

(b) "  personal data"  shall mean any information relating to an identified or identifiable natural person (data subject), such as the name of the data subject, his or her identification mark and one or more physical, physiological, mental, economic, cultural or social identities; knowledge and the conclusion to be drawn from the data on the data subject);

(c) "  specific data" shall mean  all data belonging to specific categories of personal data, ie personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as genetic data, biometric data for the unique identification of natural persons, health data and personal data relating to the sexual life or sexual orientation of natural persons;

(d) "  controller" shall mean  any natural or legal person, or any entity without legal personality, who, individually or jointly with others, determines the purpose for which the data are processed, by law or by a binding act of the European Union; make and implement decisions on the device or with the data controller;

(e) "  data management" means  any operation or set of operations, irrespective of the procedure used, in particular collecting, recording, recording, organizing, storing, altering, using, retrieving, transmitting, disclosing, reconciling or linking, blocking, deleting and destroying , and to prevent further use of the data, the taking of photographs, sound or images and the recording of physical characteristics capable of identifying the person (eg fingerprints or palm prints, DNA samples, irises);

(f) "  processor" shall mean  any natural or legal person, or any entity without legal personality, who processes personal data on behalf of or under the authority of a controller, within the limits and under the conditions laid down by law or by a binding act of the European Union;

(g) "  data protection incident" means  a breach of data security which results in the accidental or unlawful destruction, loss, alteration, unauthorized transfer or disclosure of, or unauthorized access to, personal data which have been transmitted, stored or otherwise handled.

Other cited legal acts :
–  Szvmt .:  Act CXXXIII of 2005 on the rules of personal and property protection and private investigation. Law
–  Accounting Act .:  Act C of 2000 on Accounting

III. The Company’s data management

3.1. Visit the website

It is not necessary to provide personal data to view the information published by the Company on the website http://www.baracsi-paletta.hu/. The Company uses Google Analytics cookies to analyze visitor preferences in order to ensure the user-friendliness of the website. For example, you use cookies to record the following information: the number of visitors to the website and subpages, the duration of the visit, the order in which the pages are viewed, the keywords used to access the website, the type of browser used to access the website, and the geographical location of the computer. The Company does not collect personal data about visitors to the website. The cookies used on the website only record the anonymous IP address of the visitor’s computer and do not collect any personal data or information on the basis of which a real person could be identified. The Company does not process any personal information other than the visitor’s anonymized IP address in connection with this activity.

3.2. Request for quotation data management

The Company is entitled to handle the personal data of the interested parties, which is necessary for the performance of the service to be provided to the interested parties. In order to fulfill the request for quotation, the Company manages the name, e-mail address and telephone number of the contracting authority.

a)  Purpose  of data management : the purpose of data management is solely to provide information about the Company’s products and services to the interested party, with the aim of concluding a contract between the data subject and the Company at a later date.

(b)   Legal basis for data processing : the legal basis for data processing is the consent of the data subject [Article 6 (1) GDPR. (a)] and the legitimate interest of the Company [Article 6 (1) GDPR. (f)] and the conclusion and performance of the contract between the data subject and the Company [Article 6 (1) GDPR. b)].

c)  Duration  of data processing : the duration of data processing lasts until the data subject’s consent is withdrawn.

3.3. Contract data management

The Company is entitled to handle the personal data of its customers, which are related to the bidding and contract between the customer and the Company, including its creation, registration and performance. The scope of the managed data: the data provided in the request for quotation, order, contract, contact information, as well as the data required for the issuance of documents.

a)  Purpose  of data processing : the purpose of data processing is solely for the purpose of concluding, performing, amending or terminating the contract.

(b)   Legal basis for data processing : the legal basis for data processing is the consent of the data subject [Article 6 (1) GDPR. (a)] and the legitimate interest of the data subject and of the Company [Article 6 (1) GDPR. (f)] and the conclusion of a contract between the data subject and the Company [Article 6 (1) GDPR. b)].

c)  Duration  of data management : the duration of data management is 8 (eight) years after the performance of the contract, according to the Szvt. in accordance with the legal provisions on the retention of documents

3.4. Management of job advertisers’ data

The Company handles the personal data contained in “flying in” and targeted CVs and other attached documents received directly or through a labor intermediary. Scope of data processed: personal data provided by the data subject in the CVs and other attached documents.

a)  Purpose  of data processing : the purpose of data processing is to inform the data subject about the most suitable job opportunities for his / her education and interests, to agree on a date with the data subject and to carry out the selection procedure.

(b)   Legal basis for data processing : the legal basis for data processing is the voluntary consent of the data subject [Article 6 (1) GDPR. (a)], which gives the consent of the data subject by sending his / her CV and related documents.

c)  Duration  of data management : the duration of data management is the duration of the employment relationship in case of a successful application, in case of an unsuccessful application the application material of the unsuccessful applicants will be deleted after the selection.

3.5. Data management related to camera surveillance

A Társaság a székhelyen kamera-piktogrammal vagy figyelemfelhívó tájékoztatással jelzett területeken (megfigyelt területek) elektronikus megfigyelő- és rögzítő rendszert üzemeltet. A kamerarendszer az üzem külső részét (a parkolókat és az udvart), valamint az üzem belső részét ellenőrzi. A kamerás megfigyelőrendszer a megfigyelt területre belépő személyek képmását és cselekvését rögzíti. A kamerás megfigyelőrendszer hangot nem rögzít. A kamerák aktuális képének és a felvételeknek a megtekintésére az adatkezelők arra jogosultsággal rendelkező munkavállalói jogosultak. A kamerarendszert a Társaság működteti, ahhoz szolgáltatót nem vesz igénybe, így kizárólag a Társaság minősül adatkezelőnek. A kezelt adatok köre: az érintett képmása.

a)  Purpose  of data processing : the purpose of data processing is to protect property and persons in the building, to protect business secrets, and to prove the security of possible abuses, infringements and the safekeeping of hazardous materials.

b)  Legal basis  for data processing : the legal basis for data processing is based on the voluntary consent of the data subject (access to the building) [Article 6 (1) GDPR. a)], on the other hand, the Szvmt. 30-31. § provided by law.

c)  Duration  of data processing : the duration of data processing is 3 (three) working days from the making of the recording (Section 31 (2) of the Act), after which the recordings will be deleted automatically.

ARC. The scope of access to the data

Personal data may be disclosed to employees of the Company with access rights related to the relevant data management purpose, or to persons and organizations performing data processing or outsourced activities on the basis of service contracts for our company, to the extent specified by our company and to the extent necessary to perform their activities.

During the data processing, the Company uses the services of the following data processors within the framework of the relevant service contracts.

a)  HostLogic Számítástechnikai Szolgáltató Zártkörűen Működő Részvénytársaság  (registered office: 1134 Budapest, Váci út 35 .; tax number: 24190239-2-41)

The above company carries out electronic data processing activities with regard to the development and operation of the Company’s corporate governance system.

b)  Ádám Farkas sole proprietor  (registered office: 5420 Túrkeve, TOMPA UTCA 9 .; tax number: 68809995-1-36)

The above sole proprietor carries out electronic data processing activities with regard to the operation and maintenance of the Company’s website and IT system.

c)  DELTHA Rendszerház Korlátolt Felelősségű Társaság  (registered office: 8900 Zalaegerszeg, Ola út 20. I. em. 2 .; tax number: 11357478-2-20)

The above company provides the Company’s accounting and payroll software, within the framework of which it performs electronic data processing activities.

d)  i-Cell Informatics Development and Service Limited Liability Company  (registered office: 1143 Budapest, Hungária köz 5 .; tax number: 11756420-2-42)

The above company provides the Company’s vehicle tracking software, thus performing electronic data processing activities for the Company’s drivers.

V. Rights with regard to data processing and their enforcement

5.1. Right to request information and access

The data subject may request information from the Company in writing so that the Company informs:
a) what personal data,
b) on what legal basis,
c) for what data processing purpose,
d) from what source,
e) for how long,
f) to whom, when, under what law, who provided access to your personal data or to whom you transferred your personal data.

The Company shall fulfill the request of the data subject within a maximum of 15 (fifteen) days, by e-mail or post sent to the contact details provided by the data subject.

Prior to the fulfillment of the request, the Company may request the data subject to specify its content and to specify the requested information and data management activities.

If the data subject’s right of access under this section adversely affects the rights and freedoms of others, in particular the trade secrets or intellectual property of others, the Company shall be entitled to refuse the data subject’s request to the extent necessary and proportionate.

In the event that the data subject requests the above information in several copies, the controller shall be entitled to charge a fee that is proportionate and reasonable to the administrative costs of making the additional copies.

If the personal data indicated by the data subject is not handled by the Company, it is also obliged to inform the data subject in writing.

5.2. Right to rectification

The data subject may request in writing that the Company amend his or her personal data that is inaccurate, incorrect or incomplete. In this case, the Company shall clarify or correct the indicated personal data without delay, but no later than within 5 (five) days, or, if it is compatible with the purpose of data processing, with additional personal data provided by the data subject or with a statement attached to the personal data processed by the data subject. complements. The Company shall notify the data subject by e-mail or post to the contact details provided by the data subject.

The Company is released from the obligation to correct if
a) accurate, correct or complete personal data is not available and is not provided to the Company by the data subject, or
b) the veracity of the personal data provided by the data subject is beyond doubt. cannot be determined.

5.3. Right of cancellation

The data subject may request the deletion of his personal data from the Company in writing. The data subject must submit his / her request for deletion in writing and must indicate which personal data he / she intends to delete for what reason.

The request for cancellation will be rejected by the Company if a legal obligation obliges the Company to further store personal data. If the Company has no such obligation, the Company shall comply with the data subject’s request within a maximum of 15 (fifteen) days and shall notify the data subject by e-mail or post sent to the contact details provided by the data subject.

5.4. Right to lock

The data subject may request in writing that his / her personal data be blocked by the Company. The blocking lasts as long as the reason given by the data subject necessitates the storage of the data. The data subject may request the blocking of data, for example, if he or she believes that his or her personal data has been processed unlawfully by the Company, but it is necessary for the official or court proceedings initiated by the data subject not to delete his or her personal data. In this case, the Company will continue to store the personal data until the request of the authority or the court, after which the data will be deleted and the data subject will be notified by e-mail or post to the contact details provided by him.

5.5. Right to restrict data processing

The data subject may request in writing that the processing of his or her personal data be restricted by the Company. During the period of the restriction, the Company or the data processor commissioned or acting on the basis of the personal data affected by the restriction may perform other data processing operations in addition to storage only for the purpose of enforcing the legitimate interest of the data subject or as defined by law. Restrictions on data processing may be requested by the data subject if and for as long as: (
a) the data subject disputes the accuracy, correctness or completeness of the personal data processed by the Company or the processor and for the duration of the clarification of the existing doubt),
b) to delete the data it would be, but on the basis of the written statement and the Company’s relevant information at its disposal reasonably be assumed to delete data would prejudice the legitimate interests of the data subject (a legitimate interest justifying the cancellation dispense existence of duration),
c) if the data erasure would be appropriate, but in proceedings carried out by or with the participation of a public authority, it is necessary to retain the data as evidence (until the investigation or procedure is concluded).

In the event of a restriction, personal data may be processed, with the exception of storage, only with the consent of the data subject or for the purpose of bringing, enforcing or protecting legal claims or protecting the rights of another natural or legal person or in an important public interest.

The Company informs the data subject in advance about the lifting of the data management restriction.

The Company shall immediately inform the persons to whom the data subject has communicated his / her personal data, provided that this is not impossible or does not require a disproportionate effort from the Company, after the fulfillment of his / her request to exercise the right of restriction of the data subject. Upon request, the Company shall inform the data subject of these addressees.

5.6. Right of appeal

5.6.1. Dispute settlement with a company

The data subject may submit their protests and requests related to the processing of their personal data to the Company orally (in person) or in writing (by a document delivered in person or by other means, or by post or e-mail) at the contact details indicated in point I, the name of the Data Controller.

5.6.2. Right to complain

If you have not been able to satisfactorily resolve your protests, complaints or requests regarding your personal data with the Company, or at any time you consider that there has been an infringement or imminent threat of a breach of your personal data, you are entitled to report to the National Data Protection and Freedom of Information Authority. .

Contact details of the National Authority for Data Protection and Freedom of Information
Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22 / c. Mailing address: 1530 Budapest, Pf. 5
Phone: +36 (1) 3911400
Fax: +36 (1) 3911410
E-mail: ugyfelszolgalat@naih.hu
Web: naih.hu

5.6.3. Right to go to court (right of action)

Irrespective of the right to complain, the data subject may apply to a court if the GDPR or the Infotv. rights granted by the

A lawsuit may be filed against the Company as a data controller with a domestic location in a Hungarian court.

The person concerned may also bring an action before the court of his place of residence. The contact details of the courts in Hungary can be found at the following link: http://birosag.hu/torvenyszekek

VI. Other information

6.1. Enforcement of personal data rights after the death of the data subject

Within five years after the death of the data subject, the rights of the deceased in his or her life are entitled to be exercised by a person authorized by the data subject by an administrative order or a statement made to the data controller (in a public document or in a private document of full probative value). If the data subject has not made such a declaration, the rights of the deceased in life may be asserted by a close relative of the deceased within five years after the death of the data subject (in case of several close relatives, .

6.2. Special provisions for camera recordings

6.2.1. Right to request information

The data subject may request information on what is shown on the recording in connection with the data subject within 3 (three) working days from the beginning of the recording. The application must indicate where and when the recording was made and what the data subject can be identified about. The Company will fulfill the request within 15 (fifteen) days.

6.2.2. Right to lock

Within 3 (three) working days from the beginning of the recording, the data subject may request, by proving his / her right or legitimate interest, that the data shall not be destroyed or deleted by the data controllers (blocking). The application must indicate where and when the recording was made, what the data subject can be identified about and for what reason he or she requests the blocking. Simultaneously with the blocking, it is expedient for the data subject to initiate the necessary official and court proceedings, as the recordings are issued by the Company only upon official, court request.

6.2.3. Right of access

The data subject may, within 3 (three) working days from the creation of the recording, request to have access to the recordings made about him or her. It is necessary to indicate in the application where and when the recording was made, what the data subject can be identified about, and on what day he or she wishes to see the recording. The Company can provide insight on weekdays from Monday to Friday, from 9 am to 3 pm.


Notice: ob_end_flush(): failed to send buffer of zlib output compression (0) in /home/baracsipaletta/public_html/wp-includes/functions.php on line 5109

Notice: ob_end_flush(): failed to send buffer of zlib output compression (0) in /home/baracsipaletta/public_html/wp-content/plugins/cookie-law-info/public/modules/script-blocker/script-blocker.php on line 490