WEINBERG

Privacy Policy

DATA PROTECTION NOTICE

WEINBERG ’93 ÉPÍTŐ Kft.

(hereinafter referred to as: Organization)

The Organization provides detailed information in this Data Protection Notice about the scope of personal data processed, the purpose of processing, its legal basis, duration, the rights of data subjects, and the ways these rights can be exercised.

The Organization is committed to the protection of personal data and pays special attention to lawful, fair, and transparent data processing in compliance with the relevant legal provisions, particularly as follows:

  • GDPR (EU) Regulation 2016/679,
  • Act CXII of 2011 on Informational Self-Determination and Freedom of Information (Infotv.),
  • Act CVIII of 2001 on Electronic Commerce Services,
  • Act XLVIII of 2008 on Economic Advertising Activities.
  1. Data Controller Information

Company Name: WEINBERG ’93 ÉPÍTŐ Kft.

Headquarters and Mailing Address: 3950 Sárospatak, Malomkőgyár u. 7.

Tax Number: 11069430-2-05

Company Registration Number: 05 09 002902

Contact:

  1. Scope of Processed Data, Purpose, Legal Basis, and Duration of Data Processing
Purpose Scope of Data Processed Legal Basis Duration of Processing
Contact and Inquiries Name, email address, phone number, content of the message Legitimate Interest (GDPR Article 6(1)(f)) 5 years from the closure of communication (civil law limitation period).
Request for Proposals, Contract Conclusion Name, company name, contact details (email, phone number), billing data, contract content Performance of Contract (GDPR Article 6(1)(b)) During the term of the contract and 8 years after its termination, as required by accounting rules.
Evaluation of Job Applications Name, contact details, personal data in CV, cover letter, date of application Consent (GDPR Article 6(1)(a)) 1 year for unsuccessful applications; for successful applications, for the legally required duration after termination of employment.
Operation of Website IP address, browsing data, device identifiers, time of visit, cookie settings Legitimate Interest (GDPR Article 6(1)(f)) Session cookies: until browser closure; persistent cookies: 2 years or until the request for deletion by the data subject.
Analytics and Marketing IP address, browsing data, device identifiers, visited pages, interaction data (e.g., Meta Pixel, Google Analytics) Consent (GDPR Article 6(1)(a)) Until the withdrawal of consent, but no longer than 26 months.
Newsletter Subscription Name, email address, date of consent Consent (GDPR Article 6(1)(a)) Until the withdrawal of consent.
Complaint Management, Legal Enforcement Name, contact details, content of complaint or legal claim, related documents Legitimate Interest (GDPR Article 6(1)(f)) 5 years from the resolution of the complaint (civil law limitation period).
Legal Obligations Billing data, contractual data, documents required by law Legal Obligation (GDPR Article 6(1)(c)) For the legally mandated retention period: e.g., 8 years for accounting records.
Operation of Surveillance System Image and motion capture of individuals Legitimate Interest (GDPR Article 6(1)(f)) Recordings are stored for 3 days and then automatically deleted.
  1. Source of Personal Data

The Organization collects personal data directly from the data subject only. The data subject provides personal data voluntarily and is responsible for its accuracy and truthfulness.

  1. Consequences of Non-Disclosure of Data

Providing data is voluntary, but in certain cases, failure to provide data may have consequences:

  • For contact purposes: The data subject cannot contact the Organization, and requests cannot be fulfilled.
  • For proposal requests: The proposal cannot be prepared.
  • For job applications: The Organization cannot evaluate the application, and the data subject cannot participate in the selection process.
  • For website functionalities: Rejecting cookies may result in limited functionality and a restricted browsing experience.
  1. Data Storage and Access

Storage of Data:

  • The Organization stores personal data in electronic form on encrypted servers and in paper form in locked, physically protected premises.
  • During electronic data processing, the Organization ensures encryption and performs regular backups.

Access to Data:

  • Only designated employees of the Organization and contracted data processors have access to personal data, limited to the extent necessary for fulfilling contractual obligations.
  • Access to personal data is restricted through strict access control measures.
  1. Transfer of Data

The Organization transfers personal data to third parties only in the following cases:

  1. For Contract Performance:

Data is transferred to data processors (e.g., accountants, IT service providers, recruitment agencies). Data processors may process data solely based on a contract with the Organization and in compliance with GDPR requirements.

  1. For Legal Obligations:

Data is disclosed to authorized authorities or courts upon official request.

  1. To Third Countries:

The Organization transfers data to servers located in the United States via external service providers (e.g., Google Analytics, Meta Pixel).

Such transfers occur only with the prior consent of the data subject.

The adequate level of data protection is ensured by the EU Standard Contractual Clauses (SCC) implemented by the service providers.

  1. Summary of Data Transfers and Data Processors
Recipient (Data Processor) Purpose Type of Data Location of Processing
Google Inc. (Google Analytics) Website traffic analysis IP address, browsing data United States (based on SCC)
Meta Platforms Inc. (Meta Pixel) Targeted advertising and conversion tracking IP address, browsing data United States (based on SCC)
Accounting Firm Fulfillment of contractual obligations Name, billing data Hungary
IT Service Provider System operation and security Stored personal data Hungary

 

  1. Rights of the Data Subject

8.1 Right of Access

The data subject has the right to request information about:

  • The purpose of data processing,
  • The scope of processed data,
  • The duration of data processing,
  • The recipients of the data or details regarding data transfers,
  • The source of the data, if not collected directly from the data subject,
  • The legal basis for data processing.

8.2 Right to Rectification

The data subject may request the correction or supplementation of inaccurate or incomplete personal data.

8.3 Right to Erasure (“Right to be Forgotten”)

The data subject may request the deletion of personal data if:

  • The data is no longer necessary for the original purpose,
  • The data subject withdraws their consent,
  • The processing is unlawful,
  • Deletion is required to comply with a legal obligation.

8.4 Right to Restriction of Processing

The data subject may request the restriction of their data processing if:

  • The accuracy of the data is contested (until verified),
  • The processing is unlawful, but the data subject does not request deletion,
  • The Organization no longer needs the data, but the data subject requires it for legal claims,
  • The data subject has objected to processing (pending verification).

8.5 Right to Data Portability

The data subject has the right to receive their provided data in a structured, machine-readable format and request its transfer to another data controller.

8.6 Right to Object

The data subject may object at any time to:

  • Processing based on legitimate interest,
  • Processing for direct marketing purposes.

The Organization will review the objection within 15 days and inform the data subject of its decision in writing.

  1. Use of Cookies on the Organization’s Website

9.1 What Are Cookies?

Cookies are small text files stored on a user’s device during website visits. Cookies aim to provide a more convenient and personalized browsing experience, analyze website traffic, and facilitate marketing goals.

9.2 Types of Cookies

The Organization uses the following types of cookies:

  • Necessary Cookies: Ensure the basic operation of the website.
  • Performance Cookies: Measure website traffic and performance (e.g., Google Analytics).
  • Functional Cookies: Store user settings (e.g., language preferences).
  • Marketing Cookies: Analyze user behavior and display personalized advertisements.

9.3 Third-Party Cookies

The Organization’s website may utilize cookies provided by third-party service providers. These cookies are applied only with the user’s prior consent, granted via the cookie management interface displayed upon visiting the website.

9.4 Named Third-Party Services:

  1. Google Analytics (Web Analytics)
    • Purpose: Measure website traffic and analyze performance.
    • Controller: Google Inc.
    • Duration: Depends on the cookie lifespan (typically 2 years).
    • More Info: https://policies.google.com/privacy.
  2. Meta Pixel (Meta Pixel)
    • Purpose: Track visitor activities, measure conversions, and display targeted ads on Meta (Facebook, Instagram) platforms.
    • Controller: Meta Platforms, Inc.
    • Data Types: IP address, visited pages, browsing data, device identifiers.
    • Duration: Depends on the cookie lifespan (typically 90 days).
    • More Info: https://www.facebook.com/policy.php.

Meta Pixel usage involves data processing based on the visitor’s prior consent, which can be accepted or rejected in the cookie notification pop-up window.

  1. Google Ads (AdWords)
    • Purpose: Conversion tracking and advertisement effectiveness analysis.
    • Controller: Google Inc.
    • Data Types: IP address, click data.
    • Duration: 30 days.
    • More Info: https://policies.google.com/privacy.

9.5 Cookie Management Settings

Upon visiting the website, users can:

  • Accept or reject optional cookies via the cookie management bar.
  • Modify settings at any time by clicking the “Cookie Settings” button.

Additionally, users can configure their browsers to limit or disable cookie usage. Previously stored cookies can be deleted anytime in the browser settings.

9.6 Data Subject Rights Regarding Cookies

The data subject may at any time:

  • Object to the use of cookies.
  • Withdraw consent via the “Cookie Settings” interface.
  • Contact the Organization with further questions at info@weinberg.hu.
  1. Legal Remedies

10.1 Filing Complaints with the Organization

The data subject may contact the Organization regarding any questions or complaints via:

  • Email: info@weinberg.hu
  • Postal Address: 3950 Sárospatak, Malomkőgyár u. 7.
  • Phone: +36 47 511 040

10.2 Filing Complaints with the Supervisory Authority

If the data subject believes that data processing violates their rights, they may file a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH):

  • Address: 1055 Budapest, Falk Miksa utca 9-11.
  • Mailing Address: 1363 Budapest, Pf. 9.
  • Phone: +36 1 391 1400
  • Email: ugyfelszolgalat@naih.hu
  • Website: https://www.naih.hu

10.3 Judicial Proceedings

If the data subject’s rights are violated, they may initiate court proceedings at the competent court based on their residence or domicile. Courts handle such cases as a priority.

  1. Data Security Measures

The Organization implements the following measures to protect personal data:

  • Encrypted data storage and transmission.
  • Restricted access rights.
  • Two-factor authentication.
  • Regular security updates and backups.
  • Physical protection (locked server rooms, access control systems).
  1. Amendments to the Data Protection Notice

The Organization reserves the right to amend this Notice at any time. Amendments will be communicated to data subjects via the website or direct notifications.

Issued: Sárospatak, 19 December 2024

WEINBERG ’93 ÉPÍTŐ Kft.

 

BUILD Together!

Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.