Website Privacy Policy
Regulation (EU) 2016/679 of the European Parliament and of the Council – “GDPR” – On the protection of natural persons with regard to the processing of personal data and on the free movement of such data – Version: 1.0
Effective from: May 20, 2018
Prepared by:
Attila Körmöci
Sales Manager
Reviewed and approved by:
Orsolya Viktor
Managing Director
1. DATA CONTROLLER
The purpose of this Privacy Policy is to inform data subjects (natural persons) clearly and concisely about the processing of their personal data, in accordance with the EU General Data Protection Regulation (Regulation 2016/679 – “GDPR”) and the Hungarian Information Act (Act CXII of 2011).
Balance Tax and Administrative Services Ltd. (hereinafter: the Data Controller) acknowledges as binding the rules contained in this policy, developed in compliance with applicable legal regulations.
The privacy policy related to data processing on the website available at https://balancekft.hu/ can be accessed at https://balancekft.hu/adatkezelesi-tajekoztatok.
Data Controller details:
Name: Balance Adó- és Ügyviteli Szolgáltató Kft.
Address: HU-1119 Budapest, Fehérvári út 44.
Phone: +36 1 209 6448
E-mail: info@balancekft.hu
Representative: Orsolya Viktor, Managing Director
Tax number: 10377064-2-43
Company registration number: Cg. 01-09-068180
Hosting provider: Futureweb.hu
The Data Controller ensures that data processing related to the operation of its website and services complies with all current EU and Hungarian regulations.
The Data Controller reserves the right to amend this policy but commits to publishing and making it publicly available.
2. SCOPE OF DATA PROCESSED
General information
On the website, the Data Controller stores:
personal data voluntarily provided with consent, or data necessary for the fulfillment of legal obligations/contracts.
The purpose of this data processing is to complete customer orders and maintain client communication.
Types of personal data: name, phone number, mailing and e-mail address, and in case of address difference – billing data.
In case of an order or client relationship, personal data (name and address) are stored for 8 years in accordance with accounting and tax laws (Act C of 2000). Other personal data are deleted 1 year after the last purchase.
3. DATA PROCESSORS
3.1. Attila Körmöci – Data Processor
Data transferred: name, delivery address, residence, phone number
Purpose: contact, marketing purposes
Retention: 8 years (according to Accounting Act), phone number – 3 days after contact
Legal basis: contract performance
3.2. Luca Csipkés – Data Processor
Data transferred: name, residence, phone number
Purpose: debt collection
Retention: until the claim expires
Legal basis: legitimate interest of the Data Controller
4. PRIOR INFORMATION FOR DATA SUBJECTS
Data subjects are informed in a concise, transparent, and detailed manner about all facts related to data processing — especially its purpose, legal basis, the person authorized for data processing, duration, and who may access the data.
Information also includes the data subject’s rights and possible legal remedies.
5. PURPOSE, LEGAL BASIS, AND DURATION OF DATA PROCESSING
All personal data processing is based on voluntary consent or legal obligation.
5.1. Website visitors’ data
The Data Controller records users’ IP addresses, the time of visit, and the address of visited pages for technical reasons and to compile user statistics. These are statistical data only and cannot identify the individual visitor.
Data are stored for a maximum of one month.
Legal basis: voluntary consent of the user.
Cookies are used to ensure personalized service. By using the website, the user accepts that cookies may be placed on their device. Cookies may also be used by third parties (e.g., Google Inc.) to display personalized ads.
Users can delete cookies or disable them in their browser settings. For Google ads, cookie settings can be managed at: http://www.google.hu/privacy_ads.html.
5.2. Contact forms, order forms, and client correspondence
Data processed: name, address, phone number, e-mail address.
Messages are used only for their intended purpose. If no business relationship is established, data are stored for up to 30 days after receipt.
If a business relationship is established, data are stored according to accounting and tax regulations — 8 years for invoicing data (Act C of 2000, Section 169(2)).
5.3. Other data processing
For any data processing not specified here, detailed information and consent are obtained before data collection begins.
6. DATA STORAGE AND SECURITY
The website servers are located at http://www.....hu/
6.1. Data Security
The Data Controller ensures:
Integrity and confidentiality: information is accessible only to authorized persons and remains accurate and complete;
Availability: information is accessible when needed.
All reasonable measures are taken to protect data against network threats or unauthorized access. System monitoring is applied to detect and document security incidents and to verify the effectiveness of protective measures.
6.2. Data Storage
The Data Controller’s software and IT systems are selected and operated to ensure that data are:
accessible to authorized users,
authentic and verifiable,
unchanged (data integrity),
protected from unauthorized access (confidentiality).
Technical and organizational measures are implemented to ensure an adequate level of security corresponding to the risks of data processing.
7. DATA TRANSFER
The Data Controller may transfer personal data required for order fulfillment to its sales and/or service partners as permitted by law.
8. LEGAL REMEDIES
8.1. Information
Data subjects may request information at any time regarding their personal data, its processing, purpose, legal basis, duration, storage location, and security measures.
Requests are answered in writing, clearly, within 30 days.
Information is free of charge unless the same request is submitted repeatedly within the same year; in such cases, a cost-based fee may apply.
8.2. Deletion
Personal data are deleted if processing is unlawful, the data subject requests it, the purpose has ceased, the legal retention period expired, or deletion is ordered by court or authority.
The Data Controller notifies affected parties of correction or deletion unless this would violate the data subject’s legitimate interests.
8.3. Objection
Data subjects may object to data processing if:
it is based solely on the controller’s or recipient’s legitimate interest,
data are used for direct marketing, public opinion polling, or scientific research,
or if permitted by law.
The Data Controller will examine the objection within 15 days and inform the applicant in writing of the result.
If justified, processing is terminated, data are blocked, and all recipients are notified.
If the data subject disagrees with the decision, they may turn to court within 30 days.
8.4. Authorities and judicial remedies
Complaints may be submitted to:
National Authority for Data Protection and Freedom of Information (NAIH)
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Postal address: 1534 Budapest, Pf. 834
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
E-mail: ugyfelszolgalat@naih.hu
If the data subject’s rights are violated, they may also bring the case before a court. The competent court is determined according to the rules of judicial jurisdiction.
