PRIVACY AND DATA PROTECTION POLICY

LEARNITECT DESIGN KFT. – https://learnitectdesign.com 

Learnitect Design Ltd. – hereinafter referred to as: the Data Controller or the Company – manages the data of visitors, registrants and customers of the https://learnitectdesign.com website – hereinafter collectively referred to as: Users – in the course of operating its websites. All personal data is collected and processed only in accordance with the law. We may send system messages without your consent, but direct marketing (DM) emails only with your consent. Your data will be stored as securely as possible and will only be disclosed to third parties with your consent. You can request information about your personal data or request its deletion by writing to office_kukac_learnitectdesign_pont_com.

Name, contact details of the controller

Company name: Learnitect Design Kft. / Learnitect Design Ltd.
VAT number: 32108334-1-07
Company registration number: 07-09-034044
Registered office: 2475 Kápolnásnyék, Petőfi Sándor út 1.
Website address: https://learnitectdesign.com
Email address: office_at_learnitectdesign_dot_com

Purpose of the Declaration

The purpose of this Privacy and Data Protection Policy (hereinafter referred to as the “Policy”) is to set out the data protection and data management principles and the data protection and data management policy of Learnitect Design Ltd. The Data Controller acknowledges that it is bound by the contents of this legal notice. It undertakes to ensure that any processing of data related to its activities complies with the requirements set out in this Notice and the applicable legislation. In the context of the processing of data, the Data Controller hereby informs Users of the personal data it processes on the Website, of its principles and practices regarding the processing of personal data and of the ways and means of exercising the rights of data subjects.

The Data Controller respects the privacy rights of the visitors of its website; the personal data collected will be treated confidentially, in accordance with data protection legislation and international recommendations, and in accordance with this privacy policy. The Data Controller reserves the right to modify this Privacy Policy at any time, and the Data Controller will inform the Users of the entry into force of such modifications, and the Data Subjects must accept the modifications in the manner provided by the Data Controller in order to continue using the Website. The principles and procedures set out in this Privacy Notice comply with Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (“the Information Act”) and Regulation (EU) 2016/679 of the European Parliament and of the Council of the European Union (“the Regulation”).

Scope, time and purpose of the personal data processed

By visiting the website and accepting this Policy, you consent to the processing of your data. The purposes of the processing of data with the consent of the User are: to provide services, to provide information on services, products and services, to document the adequacy of performance, to prove the conclusion of contracts and to fulfil legal obligations (e.g. issuing invoices). In the context of mandatory processing, the Data Controller shall comply with its legal obligations to process certain data required by law for the period of time specified by law for the scope of data that is mandatory for the Data Controller under the applicable legislation. The Controller shall not be liable for the accuracy of the data provided.

Technical data

For technical reasons, the Data Controller may automatically record the User’s IP address, the type of operating system and browser program used and other information when using the website. These data are continuously logged by the system but are not linked to the data provided during registration or use. Users do not have access to the data obtained in this way, only the Service Provider.

The Service Provider may record the data of the Internet pages from which the User accessed the Website and those visited on the Website, as well as the time and duration of the visit. The identity and profile of the data subject cannot be inferred from these data.

The computer of the visitors of the Website is identified by a so-called cookie.

The Data Controller uses technical data solely for the technical operation of the website and for statistical purposes.

Data provided during contact, registration and purchase of services and their processing

During registration, the User is required to provide the following personal data: email address, password, telephone number.

The Data Controller undertakes not to send e-mails to the e-mail addresses provided by the User during registration, except for e-mails and system messages related to the services used by the User.

The purpose of the processing in case of a contact page: to establish contact, the need and possibility of establishing cooperation, for which the User has demonstrated his/her consent by filling in the contact form. 

Legal basis for processing: consent of the data subject.

Duration of processing: until consent is withdrawn.

The purpose of the processing in case of registration: to provide the possibility to log in to the account linked to the website.

Legal basis for processing: consent of the data subject.

Duration of data processing: until the registration is cancelled by the User by email.

When purchasing a Service, the User is required to provide the following personal data: name, address, identification number (tax number in case of sole proprietor), email address, telephone number, contact email address, telephone number, username, password, and in case of a different mailing address, mailing address.

After providing the data, the Data Controller will notify the User by e-mail about the success of the purchase and the payment options.

The Data Controller undertakes not to send e-mails to the e-mail addresses provided by the User when purchasing services on the website, except for e-mails and system messages related to the services used by the User.

The purpose of data processing in the case of purchases: documenting the purchase, order and payment; issuing a financial receipt; service provider performance; communicating changes affecting the service, sending reminders (e.g. payment reminders, requesting other technical information necessary for the performance of the service).

Legal basis for processing: the data subject’s consent or a legal requirement (Accounting Act).

Duration of processing: in the case of mandatory processing based on law, 8 years, but no later than until the withdrawal of the User’s consent.

Newsletter

In connection with the sending of the newsletter, we process the following personal data:

  • name,
  • e-mail address.

The processing is based on the User’s voluntary, duly informed declaration, which includes the User’s explicit consent to the use of the personal data provided by the User when subscribing to the newsletter. The legal basis for processing is the voluntary consent of the data subject in accordance with Article 6(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation).

The User gives his/her consent to the processing of data concerning the sending of the newsletter by voluntarily providing the data in question when subscribing to the newsletter, by voluntarily ticking the box on the consent form.

The purpose of data processing is to ensure the sending of the newsletter to the e-mail address provided by the User. The Data Controller uses the data provided by the User for the sole purpose of sending the newsletter.

The Controller does not verify the personal data provided to it. The person providing the data shall be solely responsible for its accuracy. By providing an e-mail address, the User also assumes responsibility for ensuring that the e-mail address provided is used exclusively by the User. In view of this assumption of responsibility, any liability for access to the service from an e-mail address provided shall be borne solely by the User as the data subject who registered the e-mail address.

In the case of a newsletter, the Data Controller shall process the data provided by the User when subscribing to the newsletter until the User unsubscribes from the newsletter. In the event of unsubscription, the Data Controller shall no longer contact the User with the newsletter. The User may unsubscribe from the newsletter at any time free of charge and withdraw his/her consent.

The User has the right to request information about the personal data concerning the User processed by the Data Controller at any time and to modify them at any time.

Upon the User’s request, the Data Controller shall provide information about the data concerning the User processed by it, the data processed by it or by a data processor it has appointed, the source of the data, the purpose, legal basis and duration of the processing, and the name of the data processor, address and the activities of the data controller in relation to the processing, the circumstances of the personal data breach, its effects and the measures taken to remedy it and, in the case of the transfer of the User’s personal data, the legal basis and the recipient of the transfer, in writing within one month of the request.

The Data Controller, through its Data Protection Officer, shall keep a record of the personal data concerned, the number and categories of data subjects affected by the personal data breach, the date, circumstances, effects and measures taken to remedy the personal data breach, and other data required by law to be processed, for the purpose of monitoring the measures taken in relation to the personal data breach and informing the User.

If the User has provided third party data for the use of the service, the Data Controller is entitled to claim damages from the User. In such a case, the Data Controller shall provide all reasonable assistance to the competent authorities in order to establish the identity of the offending person.

Other data processing

Information about data processing not listed in this notice is provided at the time of collection. Courts, prosecutors, investigating authorities, law enforcement authorities, administrative authorities, the National Authority for Data Protection and Freedom of Information, or other bodies authorised by law may contact the Data Controller to provide information, disclose or transfer data or provide documents. To the authorities – if the authority has indicated the precise purpose and scope of the data – personal data shall be disclosed only to the extent and to the extent strictly necessary for the purpose of the request.

Storage, protection and access to personal data

The Data Controller stores personal data on paper and by computer means, at the Data Controller’s headquarters, at its premises and on its own servers. Paper documents are kept locked by the Data Controller to ensure that only authorised persons have access to them. The Data Controller’s manager and his staff are the primary recipients of access to the data. As described in this notice, some data will be transferred to processors and other data controllers (e.g. accountant, ISZT) in order to achieve the purposes described in this notice.

In addition to the above, personal data concerning the User may only be transferred in cases provided for by law (e.g. in case of a request by a legally authorized authority) or on the basis of the User’s consent.

The Data Controller shall protect the processed data against unauthorised access, alteration, disclosure, deletion, damage or destruction. The controller shall keep a data protection register containing the scope of personal data processed by the controller, the number and type of persons affected by a possible data breach, the date, circumstances, effects and measures taken to remedy the data breach, and other data specified in the legislation requiring the processing.

Data security

The Data Controller shall take all necessary steps to ensure the security of the personal data provided by the User, both during network communication and during storage and retention of the data.

Access to personal data is strictly limited to prevent unauthorised access, unauthorised alteration or unauthorised use of personal data.

Data protection incident

A data breach is a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. The controller shall keep a record of the personal data breaches, indicating the facts relating to the personal data breach, its effects and the measures taken to remedy it. In the event of an incident, the Controller shall, unless it does not pose a risk to the rights and freedoms of natural persons, inform the User and the supervisory authority of the data protection incident without undue delay and within a maximum of 72 hours.

The User does not need to be informed if any of the following conditions are met: the Controller has implemented appropriate technical and organisational protection measures and these measures have been applied to the data affected by the personal data breach, in particular measures, such as the use of encryption, which render the data unintelligible to persons not authorised to access the personal data; the Controller has taken additional measures following the personal data breach to ensure that the rights and freedoms of the data subject, as referred to in Article 33 of the Regulation, are not affected; and the Data Controller has implemented appropriate technical and organisational measures to protect the data subject. the high risk referred to in Article 33(1) is no longer likely to materialise; the provision of information would require a disproportionate effort. In such cases, the data subjects shall be informed by means of publicly disclosed information or by a similar measure which ensures that the data subjects are informed in an equally effective manner.

User rights and enforcement

The User has the right to request information about the personal data concerning him/her processed by the Data Controller at any time and to modify them at any time. The User also has the right to request the deletion of his/her data by using the contact details provided in this section.

The User may request the Controller to inform him/her about the processing of his/her personal data, to rectify his/her personal data, to erase or block his/her personal data, except for mandatory processing, to restrict processing and to object to processing.

Users’ rights

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability

The data subject can exercise his or her rights by contacting:
 E-mail: office_kukac_learnitectdesign_point_com

 

The User may contact any of the above contact details for any questions or comments related to data management. The Data Controller shall provide the information in writing in an intelligible form and in the same manner as the request within the shortest possible time from the date of the request, but not later than 25 days. The User shall have the right to request the rectification or erasure of incorrectly recorded data at any time. He/she may send his/her request for rectification to the Data Controller by e-mail.

The User has the possibility to request the deletion of his/her personal data, which the Data Controller will comply with within 15 days at the latest. The deletion does not apply to data processing required by law (e.g. accounting regulations), which will be kept by the Data Controller for the necessary period.

At the User’s request, the Data Controller shall restrict the processing if the accuracy of the personal data is contested or the processing is unlawful, or in the event of the User’s objection to the processing or if the Data Controller no longer needs the personal data.

The User also has the right to receive personal data concerning him or her in a structured, commonly used, machine-readable format, and the right to transmit such data to another controller without hindrance from the Controller, provided that the necessary conditions are met.

The User may also assert his/her rights before the county court of the User’s domicile or, at his/her choice, the county court of the User’s domicile/seat (legal background: Section 22 (1) of Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information), www.naih.hu, ugyfelszolgalat@naih.hu, Tel.: +36-1/391-1400).

The Data Controller may refuse to provide information to the User only in the cases and for the reasons specified in the Information Act and the Regulation. In such a case, the Data Controller shall inform the data subject in writing of the provision of the Information Act or the Regulation on the basis of which the information was refused. In the event of refusal to provide information, the Data Controller shall inform the data subject of the legal remedies available.

If the User has provided third party data during registration for the use of the service, the Data Controller shall in such case provide all reasonable assistance to the competent authorities in order to establish the identity of the offending person.

Cookie policy

We use cookies on our websites. Cookies are only used by the Data Controller to know whether you have visited the website before and, if so, which pages you have visited and which of our services may be of most interest to you. You have the option to refuse these cookies through your browser settings, however, in this case you may not be able to use all the services of the Website. Our website uses cookies to keep a record of your display preferences, such as font size settings, browser type and version, operating system, referring URL (previously visited site), IP address of the computer used to access the site, and the date and time of your visit, whether or not you have consented to our website using cookies, and patterns of visits and user behaviour that allow us to improve our website and services.

This data is collected for internal and statistical purposes only.

Our website may use the following cookie:

  • Temporary cookies strictly necessary for the operation: these temporary data are only stored in the cookie file until the end of the browsing session. They are essential for the proper functioning of certain functions of our website.
  • Cookies to improve the user experience: they collect information about a user’s use of the website, such as which pages they visit most often or what error messages they receive from the website. These cookies do not collect any information that identifies the visitor, i.e. they are completely generic and anonymous. We use the information they provide to improve the performance of the website. The lifetime of these types of cookies is limited to the duration of the session.

Third-party cookies:

– Google Analytics

_utma; _utmb; _utmv; _utmz; _utmx: These cookies collect anonymous information about how visitors use our website, which we use to improve usability. It is not possible to identify the User personally. For more information: www.google.hu/intl/hu/policies/privacy/

– Facebook.com

datr; lsd; reg_ext_ref; reg_fb_gate; reg_fb_ref; wd: You can share the content of our website with your friends on the Facebook community page. This service may leave cookies on your computer over which we have no control. Facebook remarketing code allows the Data Controller to display various promotions to the user. It is not possible to identify the User.

– Twitter.com (X.com)

__utma; __utmb; __utmc; __utmv; __utmz; _twitter_sess; external_referer; guest_id; k; original_referer: you can share the content of our website with your friends on the Twitter community. This service may leave cookies on your computer over which we have no control. This cookie may contain cookies that may not allow us to identify the user.

– accounts.google.com

GALX; GAPS; GoogleAccountsLocale_session: you can share the content of our website with your friends on the Google social networking site. This service may leave cookies on your computer over which we have no control. These cookies may not allow us to identify you personally.

– Google Adwords

NID and SID cookies: the Site uses Google Adwords remarketing tracking codes. The remarketing code uses cookies to tag visitors. Site users have the option to disable these cookies. It is not possible to identify the User.

Other provisions

The Data Controller will review this notice annually. The Service Provider reserves the right to unilaterally amend this Privacy Policy without prior notice to the User. The Data Controller shall also revise this Notice in the event of a material change in the law or a material change in its data protection and data management processes and procedures. In such cases, the Data Controller shall amend this Notice accordingly and publish it on its website, drawing attention to the changes. Our website is not responsible for the data management practices of other external websites. The Controller does not control the personal data provided to it. The person providing the data is solely responsible for the correctness of the data provided. Any Data Subject who provides an e-mail address is also responsible for ensuring that the e-mail address provided is the only one from which he/she will receive services.

This Policy is effective from 10 August 2024.

Learnitect Design Ltd.

 
 

Impressum
Legal Notice
Privacy and Data Protection Policy

Podcast

 
 
 
 
Contact us!

@ 2024 Copyright Learnitect Design Ltd.