Identity of the data controller
Name of the data controller: NOVOMATIC Hungária Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság
Short name of the data controller: NOVOMATIC Hungária Kft.
Data controller's company register number: 08-09-008355, kept in the Court of Registration of the Győr Tribunal
Data controller’s registered office: 9352 Veszkény (Novomatic park), Fő u. 186.
Data controller’s e-contact: dpo@novomatic.hu
Data Protection Officer: István Kapui
In connection with the data management implemented on the website by NOVOMATIC Hungária Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság (hereinafter: the Company or the Data Controller), we inform you about the following:
By creating this information and by making it available, the Company intends to ensure the exercise of the right to information of the data subject as defined in Article 12 of the GDPR.
The purpose of this information is to provide data subjects with adequate information about the data managed by the Company and the data processed by the data processor entrusted by it, its source, the purpose of the data management, its legal basis and duration, about the name, address and activities of the data processor possibly involved in the data processing, and, in the case of a transfer of the personal data of the data subject, the legal basis and the recipient of the transfer.
With this information notice, the Company intends to ensure the legal order of the operation of the registers, the enforcement of the constitutional principles of data protection and the requirements of data security, and to prevent unauthorized access to the data and their unauthorized alteration or disclosure.
The temporal scope of the information lasts from 19 May 2021 until revoked.
Essential concepts and definitions
GDPR: General Data Protection Regulation: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC
Infotv: Act CXII of 2011 on the right of individuals to control their personal information and the freedom of information
The conceptual framework of the Regulations is the same as the explanations of concepts defined in the GDPR and the Infotv.
Rules of data management
Since information self-determination is a fundamental right of every natural person enshrined in the Fundamental Law, during its proceedings the Company handles data only and exclusively on the basis of the provisions of the applicable legislation.
The Company processes personal data only for specific purposes, in order to exercise a right and fulfil an obligation, to the minimum extent and for the time necessary to achieve the purpose.
The Company handles personal data only on the basis of its legitimate interest, the prior consent of the data subject or on the basis of law or legal authorization.
Enforcing the rights of data subjects
The data subject may request information on the handling of his or her personal data, and can request the correction of his or her personal data or, with the exception of data processing ordered by law, the deletion or restriction of the processing of personal data by the Data Controller.
The data subject has the right to receive the personal data concerning him or her made available to the Data Controller in a structured, widely used, machine-readable form, and he or she has the right to transfer this data to another data controller.
Without undue delay, but in any case within one (1) month from the receipt of the request, the Data Controller will inform the data subject of the actions taken on the request. If necessary, taking into account the complexity of the request and the number of requests, this deadline may be extended by an additional two (2) months. The Data Controller shall inform the data subject about the extension of the deadline, with an indication of the reasons for the delay, within one (1) month of receipt of the request. If the data subject has submitted the request electronically, the information must be provided, if possible, by electronic means unless otherwise requested by the data subject.
The data subject has the right to information at any time about the data processed by the Data Controller, their origin as well as possible recipients of transmissions and the purpose of the data use. Information can be obtained upon a written request to the provided contact above. If all legal requirements for the processing of the data subjects request for access to his or her personal data have been met, the Data Controller shall comply and grant the relevant access to processed personal data within the aforementioned period of time.
Inaccurate data will be corrected by the data controller and measures must be taken to delete the processed personal data if the reasons set out in Article 17 of the GDPR exist. If all preconditions for implementing such request by the data subject have been met, the Data Controller shall comply and erase the relevant data within the aforementioned period of time.
The data subject may object to the handling of his/her personal data:
In accordance with the provisions of the GDPR, the data subject has the right - insofar as the processing of his/her personal data is not provided for by law - to object to the violation of the data subjects overriding confidentiality interests, which are worthy of protection.
If the Data Controller finds that the data subject’s objection is justified, the Data Controller shall discontinue the handling of data.
Data management of the novomatic.hu website
The www.novomatic.hu website is operated by:
NOVOMATIC AG
Address: Wiener Strasse 158, 2352 Gumpoldskirchen
Company registration number: FN 69548b
Telephone: +43 2252 606 0
E-mail: info@novomatic.com
Web: www.novomatic.com
The Company ensures an opportunity for visitors to obtain information about the Company, its individual products and services, and to contact the Company through its website - www.novomatic.hu. By filling out an electronic form, visitors can enter the relevant contact information. However, the data subject can only send the data if he or she accepts the Company’s data management rules. This can be done by checking a box, otherwise the visitor will not be able to send his or her message.
purpose of the data management: to facilitate contact with the Company
scope of the data managed: name, e-mail address, company name, address, telephone/fax number, message text
legal basis for the data management: consent of the data subject under Article 6(1)(a) of the GDPR
deadline for the data storage: until the issue for which the contact was established is settled (until the goal is achieved), but for a maximum of two years
data storage method: electronic
Data management during registration on the novomatic.hu website
The Company provides free registration for visitors to the website on www.novomatic.hu.
The purpose of registration is to make it easier and faster to contact registered users online and to ensure the use of other information services related to the operation of the website (e.g., documentation, data sheets, etc.).
purpose of the data management: establishing contact and providing other information services of the portal to registered users
scope of data managed: mandatory data: name, e-mail address, company name, user name, user password, optional data: address, academic degree, telephone number, fax number, address
legal basis for data processing: consent of the data subject under Article 6(1)(a) of the GDPR
deadline for the data storage: until the issue for which the contact was established is settled (until the goal is achieved), but for a maximum of two years, which may be longer if a legal act occurs after registration that requires a longer storage period.
data storage method: electronic
Management of technical data and cookies
Since natural persons may be associated with the online identifiers provided by the devices, applications, tools and protocols they use, such as IP addresses and cookie identifiers, this data, in combination with other information, is suitable and can be used to create a profile of natural persons and to identify that person.
Cookies are also suitable for remembering the settings, so the user does not have to re-enter them when visiting a new page: they remember the previously entered data, so they do not have to be re-typed, they analyse the use of the website to achieve that, as a result of the improvements made using the information obtained in this way, it should function as much as possible according to the user’s expectations, the user can easily find the information he or she is looking for and monitor the effectiveness of our advertisements.
If the Data Controller displays various content on the Website using external web services, it may result in the storage of some cookies that are not controlled by the Data Controller, therefore it has no influence on what data these websites or external domains collect. These cookies are described in the regulations for the given service. The user can set their web browser to accept all cookies, reject them all, or notify the user when a cookie arrives on their computer. The setting options are, as a rule, found in the “Options” or “Settings” menu of the browser. Detailed information provided in English at the www.aboutcookies.org website also helps with settings in different browsers.
Cookies required to use the website
Legal basis for the use of cookies:
The Company uses cookies in accordance with the provisions of Act CXII of 2011 and the GDPR. The legal basis is the consent of the data subject, which the data subject gives through the cookie ribbon. This is a consent that can be revoked at any time, all you have to do is reopen the cookie bar and click the “Reject Cookies” button without any inconvenience to the data subject or restricting the use of the website.
Required cookies:
When a visitor logs in to the Company’s website with his or her user name and password, a session cookie containing a unique identification number is stored on the device. This cookie is necessary for our website to ensure the proper login of the data subject, which means that this does not require the data subject’s consent in the cookie bar. A session cookie is used exclusively to protect the content from unauthorized access and thus it increases the security of the website. This cookie is automatically deleted as soon as you end the session, i.e., close the browser.
Cookies required for website statistics:
The Company uses the various data collected during the visits to the Company’s website for statistical evaluations. This data is only processed internally and is not passed on to third parties by the Company. This is done by the Company in order to continuously improve the website and meet the needs of the data subjects. To compile usage statistics the Company uses Matomo privacy-friendly analysis software (https://matomo.org). To this end, cookies are stored on your computer that identify your browser session and grant recurring access to our website. These cookies remain stored until the data subject withdraws their consent or deletes them manually.
The following information will be collected and evaluated when you visit the Company’s websites:
- Viewed pages (e.g., www.beispiel.de/index.html)
- Browser type and version (e.g., Internet Explorer 6.0)
- Browser language
- Operating system used (e.g., Windows 10)
- Internal resolution of the browser window
- Screen resolution
- JavaScript activation
- Extensions (Java, Flash, Real, QuickTime ...)
- Cookies on / off
- Colour Depth
- Previously visited page, including parameters (e.g.: search engine with search terms)
- IP address to identify the country of origin and service provider
- Timestamp
- Clicks
Data transmission
The Data Controller transfers personal data to a third party only if the data subject has explicitly consented to it, knowing the scope of the data transmitted and the recipient of the data transmission, or if the data transfer is authorized by law. The Data Controller documents data transfers in all cases and keeps a record of the data transfers.
Data Processing
The Data Controller is entitled to use a data processor to perform its activities. Data processors do not make independent decisions, they are only contracted by the Data Controller and are entitled to act according to the instructions received. The Data Controller monitors the work of the data processors. Data processors are only entitled to use additional data processors with the consent of the Data Controller.
Data processors used by the Data Controller:
NOVOMATIC AG
Address: Wiener Strasse 158, 2352 Gumpoldskirchen
Company registration number: FN 69548b
Telephone: +43 2252 606 0
E-mail: info@novomatic.com
Web: www.novomatic.com
Purpose of data processing: Hosting and servicing the website, processing of personal data provided by the data subject on the website in order for the website to function properly.
Duration of data processing: It lasts until the termination of the agreement between the Service Provider.
The legal basis of the data processing: the legitimate interest of the Data Controller, Article 6(1)(f) of the GDPR.
Based on the written contract concluded with the Data Controller, from time to time the Data Processor maintains the Website and backs up its database for security reasons.
Data security and getting to know the data
The Data Controller will ensure the security of the data, take the technical and organizational measures and establish procedural rules necessary to enforce the applicable legislation, data and confidentiality rules. The Data Controller will protect the data with appropriate measures against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as accidental destruction and damage, and also against becoming inaccessible due to changes in the technology used.
The Data Controller must keep records of the data managed by it in accordance with the applicable legislation, ensuring that the data can be accessed only by those employees and other persons acting in the Data Controller’s interests (data processors) who need it for their jobs and in order to perform their duties.
Client contacts
- Should the data subject have any questions or problems while using the services of the Data Controller, he or she may contact the data controller in the ways provided on the website (telephone, e-mail, social networking sites, etc.).
- No later than two years after the communication, the Data Controller must delete the received e-mails, messages, data provided by phone, Facebook, etc. together with the name and e-mail address of the interested party, as well as other personal data provided voluntarily.
- Upon an exceptional official request, or in case of contacting other bodies based on the authorization of law, the Service Provider is obliged to provide information, communicate and hand over data and to make documents available.
- In these cases, the Service Provider will provide the inquirer with personal data only to the extent and in the volume that is absolutely necessary to achieve the purpose of the request, provided that the inquirer has indicated the exact purpose and scope of the data.
Possibility of enforcement of rights related to data management
In accordance with the provisions of the GDPR and national legislation, the data subject has the right to lodge a complaint with the Data Protection Authority if it is believed that the processing of personal data is in violation of the GDPR or national legislation:
National Authority for Data Protection and Freedom of Information
Postal address: 1530 Budapest, POB: 5.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Telephone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
E-mail: ugyfelszolgalat@naih.hu
Web: https://www.naih.hu
Issues not defined in this information
Issues not specified in this information shall be governed by Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and the rules of Act CXII of 2011 on the right to information self-determination and freedom of information (Infotv).