PRIVACY POLICY

Short summary

We process personal data only in accordance with the operative legal regulations. We give you the opportunity to inform you about the data stored about you, and if requested delete them from our data base taking the relevant legal requirements into consideration. We only give data to a third party on the basis of legal obligation and consent. Within the framework of the Privacy Policy, we fulfill our legal obligation to inform you, as concerned, before the official start of data management, that we will treat you with your consent. In this notice we fulfill our obligation to inform you about the aim, legal basis, duration, possible data processing and about those rights and remedies which are available for you in relation to data management.

Who we are

NRG Plan Kft.

Headquarters: 6000 Kecskemét, Pákozdi csata utca 1. 8. em. 53. ajtó

Company registration number: 03-09-137158

Tax number: 32214817-2-03

Our website: https://nrgplan.eu

Hereinafter referred to as: data controller

Information about data management

The aim of the data management and scope of the managed data: In the course of this data management form, we will process the personal data listed below in order to inform you by email about GDPR and GDPR compliance information and to notify you of any studies or aids that may be useful to you in learning about and implementing GDPR.

We store the following data given by you: (Personal data – Data management aim)

  • Name - Data stored for contact purposes
  • Email address - Data stored for technical implementation of contact

Time of data management: 1 year after the last data submission.

Data controllers: There are plenty of documents and archives in the world of https://nrgplan.eu.

The data processors: We store data on the server of the website’s hosting provider. We forward data to the newsletter system to send eletronic information letters. We don’t give your data to third party besides the web hosting provider, exception is an official request.

Underage data subjects’/concerneds’ registration The website is made for people over 18, especially organisations, leaders and workers of concerns. We do not think it is reasonable to ask for date of birth to check the registered user’s age. As described in this Privavy Policy, please do not give us your data if you are under 18.

Place of data storage: We store data on the web server of the website (https://nrgplan.eu).

Your right, as data subject / concerned in relation to the data management: Regarding to your data management rights you can ask information, and you can ask for deleting or changing your data via email: info@nrgplan.eu

Data processors

Hosting provider

Data processor’s work: Hosting services

Data processor’s name and contact details:

Tárhely.Eu Szolgáltató Kft.
1097 Budapest, Könyves Kálmán körút 12-14.

+36 1 789-2-789

Aim of data management: to ensure the online availability of the website, and to store the persons’ data registered in the GDPR preparation club.

Data processed: the data given by the data subject / concerned (name, email) and all data of the website.

Concerned: visitors of the website.

Time interval of data management: 1 year after the last data submission.

Legal basis of data management: data subject / concerned’s approval.

Comments

After you send a comment not only data given in the form will be collected but the commenter’s IP address and the ID string of the browser to filter out unwanted content.

An impersonated string generated from the email address (it is called as hash) will be forwarded
to Gravatar service if it is used on the site. You can check the condition of the Gravatar service on: https://automattic.com/privacy/. After accepting the comment, the contect of our comment
and our profile picture will be appear publicly.

Media

If a registered user uploads a picture to the website, the EXIF’s must be avoided, which contain GPS data as well. The visitors of the website can download these picture and extract location data from them.

Cookies

After we write a comment on the website, the name, the email and the address of the website will be stored in the cookies. The storage of data is for convenience purposes, so these fields are not needed to be filled next time. Cookies expire after one year.

When you visit the sign-in site we set up temporary cookies to check the browser if it accepts cookies. These cookies do not contain personal data and will be deleted after closing the browser.

We create more cookies when signing-in the the website. These cookies save the sign-in informations and the editing interface display options. The sign-in cookies are valid for 2 days, the cookie storing the editing interface display options is valid for one year. If you mark the “Remember me” option, you will be signed in for two more weeks. When you sign-out, sign-in cookies will be removed.

In case we edit a post or site, our browser stores another cookie. This cookie doesn’t contain any personal data, it stores only the identification number of the post we edited. It will expire after one day.

Information about setting cookies for the most commonly used browsers can be found at the following links:

Embedded contents from other websites

The posts available on the website may use embedded content (like videos, images, articles, etc.) from an external source. The embedded contents from an external source behave exactly like if we would have visited another website.

These websites may collect data about visitors, use cookies or tracking codes from a third party, check the customers’ behaviour with the embedded content, if we have an account and we are signed in.

Google Analytics

We use the statistical system of Google called Google Analytics, which provides site statistic and site analytic services. When you visit our website, Google Analytics will save a cookie to your computer. It helps to collect statistical data about the using of the website to make activity measurements, from which it makes a statistical analysis for the owners of the websites. The IP address transmitted by the user’s browser is not shared with other data within Google Analytics, so it is not used for identification. In case you do not want to be apart of the Google Analytics’ analysis, you can turn off the storing of cookies in your browser’s setup, and you can block Google to process your data about your use of the website and IP address as well. You have to install the program from this link: https://tools.google.com/dlpage/gaoptout?hl=en

Who do we share the user data with

If you request to reset your password, then the IP-address will be in the email.

How long do we store personal data

After you leave a comment, the comment and its metadata will stay in the system for an indefinite period of time. The aim is to make any of the next comments known and accepted by us, so that they will not be added to the list of posts to be moderated.

The registered user’s (if there are any) personal data will be stored in their personal account, too. Each user can check, edit or delete their personal data (except for changing their profile name). The system administrators can check and edit these informations as well.

What are the user’s rights about their own data

If you have a registered account on the website or when you write post, you may be asked to send your personal data in an exported file that contains all the informations which were previously provided to us by the user. You can ask to delete any personal data given to us earlier. This does not apply to data that we are obligated to keep for administrative, legal or security reasons.

For your request we give you information about your personal data management, you can request to correct, delete, lock, forward your personal data. If the data management is due to mandatory legal regulation, we cannot delete your data for your request. We keep a register to manage data protection incidents, where the following informations are held: scope of concerned personal data, scope and number of persons involved in the data protection incident, the date and the impact analysis of the data protection incident, and the compensation for the incident, and other mandatory data.

In case you submit an application we give information about the process of data management within a maximum of 25 days. The information is free of charge. In case your request is not legal, we will inform you within 25 days, and we will inform you about the remedies.

Data stored in this Privacy Policy or in other not specified contacts, we are going to delete after a maximum of 2 years after the data management. We are obliged to give information to official bodies, authorities, and to give information regarding the aim of the request.

Where do we forward data to

Comments sent by visitors can be controlled by an automatic spam filtering service.

Data and information security

During planning the data management processes we make sure to protect the data of the data subject / concerned and to protect the privacy. We take care of those actions and procedures which were made mandatory by the data protection and information security regulations in the Information Act, in the EU GDPR and other operative regulations.

We think the following security questions are extremely important:

  • unauthorized access
  • data corruption
  • data loss
  • data erasure
  • data transmission
  • create a proper technical environment
  • educate the workers about data protection
  • keep the expected security actions and expect it from the data processor

Legal remedy

If you wish to make a complaint about data management, you can do it at the Hungarian National Authority for Data Protection and Freedom of Information (NAIH).

Hungarian National Authority for Data Protection and Freedom of Information

1055 Budapest, Falk Miksa utca 9-11.

Mailing address: 1363 Budapest, Postafiók: 9.

Phone: +36 -1-391-1400

Fax: +36-1-391-1410

Email: ugyfelszolgalat@naih.hu

Judicial enforcement

If you wish to make a judicial enforcement regarding the data management, you have to initiate a lawsuit. The court has authority to hear the case. The case may be held at the jurisdiction of permanent or temporary residence chosen by the data subject / concerned.

Compensation

In case we manage your data illicit or we violate your personality rights you can demand compensation. The data controller is free from paying for damage and compensation fees if the data controller can verify that the damage or personal injury was caused by an unavoidable cause outside the scope of data management, or if the damage or personal injury was caused by the negligence of the data subject / concerned.