PRIVACY NOTICE
Effective from January 1, 2024
For the visitors of the https://avanscript.com website
I./ The purpose of the Privacy Notice
The purpose of this Privacy Notice is to provide information about the processing and storage of the collected personal data,
in order to inform its partners (hereinafter referred to as the Data Provider) regarding data protection law,
from every significant aspect, in accordance with the applicable regulations of the European Parliament and the Council
Regulation (EU) 2016/679 (hereinafter referred to as GDPR), as well as the Act on Informational Self-Determination
Rights and Freedom of Information, Act CXII of 2011 (hereinafter referred to as:
Infotv.), this Privacy Notice sets out the principles and rules for the processing of personal and other data provided by clients during the use of services offered by AVANSCRIPT Limited Liability Company, thereby promoting compliance with these regulations.
The Service Provider / Data Controller processes the data of individuals visiting the website for the purpose of providing them with appropriate services.
II./ Data Controller Information
The operator of the https://avanscript.com website and the publisher of this Privacy Notice
Name: Avanscript Limited Liability Company
Registered office: 9022 Győr, Czuczor Gergely Street 13. 5. fl. 1. door
Mailing address: 9022 Győr, Czuczor Gergely Street 13. 5. fl. 1. door
Tax number: 32263677-2-08
Company registration number: 08 09 035764
Website name and address: www.avanscript.com
E-mail: hello@avanscript.com
Privacy Notice availability: https://avanscript.com/en/privacy-policy
III./ Definitions
Based on the GDPR (General Data Protection Regulation), the new Data Protection Regulation of the European Union
data processing: any operation or set of operations performed on personal data or sets of personal data, whether by automated means or not, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
data processor: a natural or legal person, public authority, agency, or any other body which processes personal data on behalf of the data controller.
personal data: any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
data controller: a natural or legal person, public authority, agency, or any other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
data subject’s consent: any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.
data breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed.
recipient: a natural or legal person, public authority, agency, or any other body to whom or with whom the personal data is disclosed, whether or not it is a third party. However, public authorities that may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities must comply with the applicable data protection rules according to the purposes of the processing.
third party: a natural or legal person, public authority, agency, or any other body other than the data subject, the data controller, the data processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
IV./ Principles of Personal Data Processing
This Privacy Policy is effective from January 1, 2024, and remains in force until it is revoked.
Personal data may only be processed for the purpose of exercising a right or fulfilling an obligation. Any use of personal data managed by the Data Controller for private purposes, whether directly or indirectly, is strictly prohibited.
Data processing must always comply with the principle of purpose limitation based on applicable regulations.
The Data Controller is responsible for the secure and lawful processing of the Data Provider’s personal data.
Data Controller. The Data Controller declares that personal data will be processed only for the
purposes permitted by law and collects them in accordance with legal requirements.
The Data Controller uses and processes personal data based on the Data Provider’s explicit consent and for specific purposes. As a general rule, the legal basis for data processing is the data subject’s consent, and in certain cases, it is based on legal provisions.
At the time of data collection, the Data Controller informs the Data Subject that the processing of their data is governed by the Privacy Notice.
Acceptance of the Privacy Notice confirms that the Privacy Notice has been read and constitutes consent to data processing.
AVANSCRIPT Ltd. processes personal data only for specific purposes, for the exercise of rights and the fulfillment of obligations, based on the prior consent of the data subject or on legal provisions or statutory authorization, and only to the minimum extent and for the duration necessary to achieve the purpose. Data processing must comply with its intended purpose at all stages, and if the purpose ceases or the processing becomes unlawful, the data will be deleted.
Purpose of data processing: contacting.
The Data Controller undertakes to inform the Data Subject, prior to data collection, of the purpose and legal basis of the data processing in every case.
In connection with potential legal enforcement, the Data Subject is entitled, under the EU GDPR, to the right to information (Articles 13 and 14), the right of access (Article 15), the right to rectification (Article 16), the right to erasure (Article 17), the right to restriction of processing (Article 18), and the right to data portability (Article 20).
The person affected by the processing of their personal data may request information about the processing of their data, and may also request the rectification or, except in cases defined by law, the deletion of their personal data via the email address hello@avanscript.com.
The Data Controller undertakes not to disclose personal data to any third party under any circumstances. By providing the data, the Data Provider guarantees that the data submitted is accurate and complete, and the person providing the personal data is responsible for their accuracy and completeness.
The Data Controller draws the Data Provider’s attention to the fact that if they provide data not belonging to themselves, it is the Data Controller’s obligation to obtain the Data Subject’s personal consent.
In the case of minors under the age of 16, the processing of their personal data
may only be carried out if and to the extent that consent is given or authorized by the child’s
parent or the person exercising parental authority over the child, or if such consent has been granted, and
authorized it.
The legal basis for data processing is voluntary consent, voluntary subscription, or statutory authorization.
In the case of data processing based on voluntary consent, data subjects may withdraw their consent at any stage of the processing.
The data is stored until the User unsubscribes.
The Data Controller declares that it processes personal data in accordance with the provisions of the Privacy Notice and complies with the relevant legal regulations, with particular attention to the following:
Personal data must be processed lawfully, fairly, and in a transparent manner for the data subject.
V./ Purpose of the Data Controller’s Data Collection Activities
The purpose of data processing is to enable the service provider / data controller to offer appropriate additional services to visitors during the operation of the website and to establish the possibility of contact.
The legal basis for data processing is the consent of the data subjects.
The data subjects involved in the processing are the visitors of the website.
VI./ Data Security Measures
The Data Controller ensures the security of personal data and declares that the data is
stored in the most secure manner. The method of data storage: electronic and paper-based.
Recorded personal data is stored only on a secure server, in a password-protected database
only.
The newsletter service provider’s IP address: https://mailchimp.com The Data Controller uses Mailchimp
accepts no liability for any damages arising from the use of the Mailchimp service.
The website hosting provider: https://dotroll.com
Operator name: DotRoll Information Technology Limited Liability Company
Company registration number: 01-09-882068
Tax number: 13962982-2-42
Postal address: 1148 Budapest, Fogarasi út 3-5.
Incoming email messages and website visits are transmitted during automatic data processing on a mail server with HTTPS encryption. Details regarding the GDPR compliance and data protection of DotRoll Information Technology Limited Liability Company can be found here:
https://dotroll.com/wp-content/uploads/2020/01/adatkezelesi-szabalyzat.pdf
VII./ Categories of Processed Personal Data
The Data Provider’s name, email address, phone number.
In addition, Google Analytics collects data on the devices used by website visitors to access the website’s services, as well as the visitors’ names, ages, the time of the visit, and its location.
VIII./ Rights and Remedies of the Data Providers
A) The right to information and access:
The Data Provider has the right to request and receive information from the Data Controller about whether their personal data is being processed by the Data Controller, and how the Data Controller stores personal data related to the Data Provider.
The Data Provider may request access to, correction, or deletion of their data in writing at the email address provided above.
(You can request information from us through the provided contact details regarding which of your data we process, on what legal basis, for what data processing purpose, from what source, and for how long. Upon your request, we will provide you with the requested information promptly, but no later than within 30 days, to the email address you provided.)
The Data Controller, according to legal requirements, is obligated to modify the data within a maximum of 30 days.
B) The right to rectification:
The Data Provider has the right to request that the Data Controller, without undue delay,
correct any inaccurate, incomplete, or possibly wrongly collected personal data concerning them. In addition, the Data Provider may also modify their own data. Considering the purpose of data processing, the Data Provider has the right to request the completion of incomplete personal data or, in the case of newsletter subscription, may modify the data themselves.
(You can request through the provided contact details that we modify any of your data. Upon your request, we will take action promptly, but no later than within 30 days, and send the information to the email address you provided.)
C) The right to restriction of processing.
The Data Provider may request the restriction of processing of their personal data if any of the following conditions are met:
The Data Provider disputes the accuracy of the personal data, in which case the
restriction applies for the period necessary to verify the accuracy of the personal
data;
The processing is unlawful, and the Data Provider opposes the deletion of the data,
The Data Controller no longer needs the personal data for the purposes of processing,
but the Data Provider requires them for the establishment, exercise, or defense of legal claims,
for the establishment, exercise, or defense of legal claims; or
The Data Provider objects to the processing of the data; in this case, the restriction applies for the period necessary to
The restriction applies for the period necessary to determine whether the Data Controller has a legitimate
reason that overrides the legitimate interests of the Data Provider.
D) The right to data portability
The Data Provider has the right to receive their personal data, which they have provided to the Data Controller,
in a structured, commonly used, and machine-readable format,
and to transmit those data to another data controller,
provided that the processing is based on consent or a contract, and the processing is carried out by automated means.
E) The right to erasure (“right to be forgotten”):
The Data Provider has the right to request the Data Controller to erase their personal data,
personal data. The Data Provider may request the deletion of personal data by email,
and may initiate it towards the Data Controller. In the case of a deletion request, the Data Controller will examine the exact legal basis for the data processing on www.avanscript.com (whether there is any legal basis other than consent), and if the conditions for deletion are met, the data will be erased.
The Data Provider has the right to request the deletion of their personal data if any of the following conditions apply:
the deletion of their data upon request:
personal data is no longer necessary for the purposes for which it was collected,
or the data has been processed in another way;
the data subject withdraws the consent on which the processing is based, and there is no other legal basis for the processing;
the processing has no other legal basis;
the data subject objects to the processing, and there are no overriding legitimate grounds
for the processing;
the personal data has been processed unlawfully;
the personal data must be erased to fulfill a legal obligation
imposed on the data controller.
The deletion of data cannot be requested if the processing is necessary for the exercise of the freedom of expression and the right to information;
athe performance of a legal obligation under Union or Member State law applicable to the data controller, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller,
a task carried out in the exercise of official authority vested in the data controller or in the exercise of public authority granted to the data controller,
for the purpose of carrying out the task.
for reasons of public health, or for archiving, scientific, and historical
research purposes or statistical purposes, based on public interest;
or for the establishment, exercise, or defense of legal claims.
The Data Controller will inform the Data Provider
stating the reason for the rejection of the deletion. Personal data will be deleted only if
after the fulfillment of the request for deletion, the previously deleted data cannot be restored.
If you request the deletion of personal data, the Data Controller has the right to retain further data
if necessary for legal obligations or other legitimate grounds.
(You can request the deletion of your data from us through the provided contact details. Upon your request, we will proceed with the deletion promptly, but no later than within 30 days, and send the information to the email address you provided.)
F) The right to object
The Data Provider has the right to object to the processing of their personal data if the processing:
is based on the public interest or the exercise of official authority vested in the Data Controller,
is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller,
is necessary for the exercise of legitimate interests pursued by the Data Controller
or a third party,
is carried out for direct marketing purposes, including profiling,
is carried out for scientific and historical research purposes or for statistical purposes.
In the case of an objection, the Data Controller may no longer process the personal data, unless
there are overriding legitimate grounds for the processing, which take precedence over the interests, rights, and freedoms of the data subject.
or those related to the establishment, exercise, or defense of legal claims. If the Data Controller is unable to comply with the request of the Data Provider, they must inform the Data Provider
within 30 days.
(You can object to the processing of your data through the provided contact details. We will examine the objection as soon as possible, but no later than within 15 days from the submission of the request, make a decision regarding its validity, and inform you of the decision via email.)
G) The right to restriction of processing
You can request the restriction of your data through the provided contact details. The restriction will last as long as the reason you provided necessitates the storage of the data. Upon your request, we will proceed promptly, but no later than within 30 days, and send the information to the email address you provided.
H) The right to remedy
You can file a complaint with the National Authority for Data Protection and Freedom of Information in the case of unlawful data processing you have experienced.
Please notify us, so we can restore the lawful state within a short period. We will do everything in our power to resolve the issue in your best interest.
If, in your assessment, the lawful state cannot be restored, please notify the authority using the following contact details:
Name: National Authority for Data Protection and Freedom of Information
Registered office: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.
Mailing address: 1530 Budapest, P.O. Box 5.
Phone number: +36 1 391 1400
Fax: +36 1 391 1410
Email: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu
IX./ Duration of Data Processing, Data Deletion, and Rectification
The duration of data processing always depends on the specific user purpose, but the data must be deleted promptly once the original purpose has been fulfilled.
The data subject may withdraw their consent to data processing at any time by sending an email to the contact email address. If there is no legal obstacle to deletion, the data will be deleted. The data controller and its employees are authorized to access the data.
The data subject may request access to their personal data from the data controller, as well as its correction, deletion, or restriction of processing. The data subject may withdraw their consent to data processing at any time, but this does not affect the lawfulness of data processing carried out based on consent prior to its withdrawal. The data subject has the right to file a complaint with the supervisory authority.
The data subject has the right to request the data controller to rectify or complete any inaccurate personal data concerning them without undue delay.
The data subject has the right to request the data controller to erase any inaccurate personal data concerning them without undue delay, and the data controller is obligated to delete the personal data of the data subject without undue delay if there is no other legal basis for the processing. The modification or deletion of personal data can be initiated via email, phone, or letter through the contact details provided above.
X./ Technical Data Processing Related to the Use and Operation of the Website
A) Cookies
A cookie is a file that is placed on the computer or another device used for browsing when visiting a website
and is stored on the device when the visitor visits a website. Cookies serve various functions, and
they have multiple purposes and can be used for various objectives, such as:
collecting information about the visitor and their device,
remembering the visitor’s individual settings, which may be used for purposes such as
during online transactions, so that the visitor does not need to re-enter them;
facilitating the use of the website,
they can be used for purposes on the website and on other websites, such as
optimizing advertising content,
providing a high-quality user experience.
B) Strictly necessary, session cookies
The purpose of these cookies is to ensure that visitors can browse the website fully and seamlessly,
use its features and access the services available on the website. The cookies are essential for the proper functioning of the website and do not collect personal information.
session cookies are technically essential; without them, the website cannot function properly.
would functionally operate. The validity of these types of cookies lasts for the duration of the session,
and expires at the end of the browsing session, meaning the data processing is limited to a single visit, and the cookies are deleted once the session ends.
by closing the browser, this type of cookie is automatically deleted from the computer, and the session data is no longer stored,
or from any other device used for browsing.
The Data Controller primarily uses so-called session cookies, which are stored in the browser
and are immediately deleted upon closing. These text-based files
do not contain personal data.
C) Cookies placed by third parties
The website uses the following cookies:
The https://avanscript.com website uses Google Analytics and Facebook as third-party cookie providers,
and third-party cookies. By using the Google Analytics statistical service, the website collects data on how visitors interact with the site,
The Data Controller collects information about how visitors use the website,
which is used for the development of the website and for improving the user experience,
for the purpose of enhancing the website and improving the user experience.
You can learn more about Google Analytics cookies here:
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
By using the Facebook remarketing tracking code, the website collects information about how visitors interact with the site,
regarding which subpages the visitors have accessed on the website. These cookies
remain visible on the visitor’s computer or other device used for browsing until their expiration, or
remain in the browser until the visitor deletes them.
The information about Facebook cookies can be found here:
https://hu-hu.facebook.com/policies/cookies/
D) Enabling and Disabling Cookies
By accessing the https://avanscript.com website, if the Data Provider has given their consent,
the settings of the browser being used allow it, or if the Data Provider accepts the use of cookies upon the website’s initial visit,
during their first visit, explicitly approves that the website may automatically save
information from the visitor’s computer or any other device used for browsing.
(tablets, smartphones, etc.), and for this purpose, the website may store cookies or other similar
technologies on the device.
XI./ Legal Regulations Underlying Data Processing
Our company provides custom software development and digital solutions that can streamline your business processes.