Privacy policy

Based on the provisions of Regulation 2016/679 of the European Parliament and of the Council (EU) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46/EC (hereinafter: the Regulation), Devertix IT Zrt. (hereinafter: the Organization), as data controller, hereby provides the following information.

The Data Controller acknowledges that it is bound by the contents of this legal notice and undertakes to ensure that any processing of data related to its activities complies with the requirements set out in this notice and in the applicable national legislation and European Union acts.

The data protection policy relating to the processing of the Organisation's data is available on https://devertix.com/ and https://devertix.hu/ on an ongoing basis.

The Organisation reserves the right to change this privacy policy at any time by giving its audience timely notice of any changes. This Privacy Policy shall enter into force upon its publication.

The legal bases for our processing are:

(a) the user's voluntary informed consent to the processing of personal data pursuant to Article 6(1)(a) of the GDPR (hereinafter: Consent);

b) processing is necessary for the performance of a contract to which the participant, as data subject, is a party (hereinafter referred to as "performance of the contract") pursuant to Article 6(1)(b) GDPR;

(c) processing is necessary for compliance with a legal obligation to which the controller is subject (such as the performance of an accounting or bookkeeping obligation - hereinafter referred to as "performance of a legal obligation")

The legal basis for the processing is set out below, separately for each category of data and for each purpose of processing, with reference to the list above.

I. Who processes and has access to your personal data?

The issuer of this notice is the Data Controller:

Company name: Devertix IT Zrt.

Address: 10. Kossuth Lajos street, Nagytarcsa 2142

Company registration number: 13-10-042525

Tax number: 32374856-2-13

Phone number: + 36204844393

E-mail address: adatvedelem@devertix.com

Website: https://devertix.com/, https://devertix.hu/

Company name: "ALVICOM" Kft.

Address: 26. Kandó K. street , Miskolc 3534

Company registration number: 05-09-005449

Tax numbe: 11444648-2-05

Phone number: + 36204844393

E-mail address: adatvedelem@devertix.com

Website: https://devertix.com/ , https://devertix.hu/

The concerned individuals may request information in writing or submit requests or complaints regarding the processing of their personal data at the following contact details:

  1. via e-mail to this address: adatvedelem@devertix.com
  2. via postal mail to the following address: 10. Kossuth Lajos street, Nagytarcsa 2142
Data Controllers

For the processing and storage of your data, we use various companies with whom we have concluded a data processing contract and to whom we transfer the data necessary for the purposes set out below. The following data processors process your data:

Provision of IT services:

For the maintenance and management of its website, the Organization uses data processors that provide IT services (hosting services) and, in this context, process the personal data provided on the website for the duration of the contract with them, and the operation they perform is the storage of personal data on the server.

These data processors are the following:

data processor

The controller shall inform each recipient to whom or with which the personal data have been disclosed of any rectification, erasure or restriction of processing, unless this proves impossible or involves a disproportionate effort. The controller shall inform the data subject, at his or her request, of these recipients.

Information on data transfers abroad:

Google LLC and its affiliates, LinkedIn and its affiliates are included in the European Commission's Article 45 GDPR Compliance Decision and Commission Implementing Decision 2016/1260 and the US - EU Privacy Shield List established on the basis thereof, i.e. transfers to these countries do not constitute transfers to third countries outside the European Union and do not require the specific consent of the data subjects and are permitted under Article 45 GDPR. These companies have undertaken to comply with the GDPR. Facebook Inc. and its member companies process data of natural persons from the territory of the European Union, including the amendments under Schrems II.

II. What personal data do we process, for how long, for what purposes and under what authority?

a) Consent-based data processing:

You are also deemed to have given your permission if you tick a box when you visit our website, if you make technical settings when using our information society services, or if you make any other statement or take any other action that constitutes your consent to the processing of your personal data in the context in which it is intended (for example, by continuing to use the website).

You may withdraw your consent at any time as detailed in Chapter IV.

b) Processing based on the performance of a contract:

Processing based on the performance of a contract

c) Sending a newsletter via e-mail:

c) Sending a newsletter via e-mail

The data marked with * are mandatory, without them it is not possible to subscribe to the newsletter.

d) Processing based on the fulfilment of a legal obligation:

In the case of processing based on a legal obligation, the scope of the data to be processed, the purpose of the processing, the duration of the storage of the data, the recipients are governed by the provisions of the underlying legislation, a list of which is provided in the previous section, integrated in the processing related to the conclusion of contracts and invoicing.

III. What data do we collect about you automatically and how might this affect you?

(visitor data processing on the Organisation's website and information on the use of cookies)

Purpose of cookies used by the Service Provider:

a) Security: to support and enable security and to assist the Service Provider in detecting infringing behaviour.

b) Preferences, features and services: cookies are able to tell the Service Provider which language the User prefers, what the User's communication preferences are, help the User to fill in forms on the Website, making them easier to fill in.

c) Advertising: the Service Provider may use cookies to show the User relevant advertisements on and off the Website. Cookies may also be used to show whether Users who have seen an advertisement on the Website will subsequently visit the advertiser's website. Similarly, the Service Provider's business partners may use cookies to determine whether and how their advertisements have been served by the Service Provider on the Site and to send the Service Provider information about how the User behaves in relation to the advertisements. The Service Provider may also cooperate with a partner that displays an advertisement to the User on or off the Website after the User has visited the partner's website.

d) Performance, analytics and research: such cookies help the Service Provider to understand how the Website performs in different places. The Service Provider may also use cookies that evaluate, improve, research the Website, products, features, services, including when the User accesses the Website from other websites or devices such as the User's computer or mobile device.

Types of cookies used by the Service Provider:

a) analytics, tracking cookies;

b) session cookies, which only work for as long as the session (usually a particular visit to the Website or a browser session) lasts;

c) persistent cookies: they help to recognise the User as an existing User, making it easier to return to the Website without having to log in again. Once the User logs in, the persistent cookie remains in the User's browser and the Website can read it when the User returns to the Website.

The cookies used on the Service Provider's website and the data generated during the visit:

When using the website, the Service Provider's website may record and process the following data about the visitor and the device used for browsing:

a) the IP address used by the visitor

b) the browser type

c) the characteristics of the operating system of the browsing device (language set)

d) the date of the visit

e) the (sub)page, feature or service visited.

f) click.

This data is kept for a maximum of 90 days and may be used primarily to investigate security incidents.

Adobe Flash is another technology with equivalent functionality to cookies. Adobe Flash can store data on the User's device. However, not all browsers allow you to remove Adobe Flash cookies. The User can restrict or block Adobe Flash cookies via the Adobe website. If the User restricts/blocks them, some features of the Website may not be available.

Cookies used by third parties:

Trusted partners help the Organization to serve ads on and off the Website, and analytics organizations such as Google Analytics, Google Ads, LinkedIn Ads, Meta Ads may also place cookies on the User's device.

The Organization uses third party cookies in connection with the following accounts:


Control and management of cookies:

Most browsers allow Users to control the use of cookies through their settings. However, if the User restricts the use of cookies on the Website, this may degrade the User experience as it will no longer be personalised to the User. The User may also choose to stop saving personalised settings, such as login information.

If the User does not want the Organization to use cookies when visiting the Site, the User can opt-out of certain cookies by going to the settings menu. In order for the Organization to be aware that the User has disabled certain cookies, the Organization will place a disable cookie on the User's device so that the Organization will know that it cannot place cookies the next time the User visits the Site. If the User does not wish to receive cookies, the User may change the browser settings on his/her computer. If the User uses the Site without changing the browser settings, the Organization will consider that the User has consented to the sending of any cookies on the Site. The Website will not function properly without cookies.

For more information about cookies, including the types, management and deletion of cookies, please visit www.allaboutcookies.org or www.aboutcookies.org.

You can opt out of Google cookies by visiting the Google ads opt-out page.

You can also control and enable cookies in general by following the links below:

Accepting or authorising the use of cookies is not compulsory. You can reset your browser settings to reject all cookies or to indicate when a cookie is being sent. While most browsers automatically accept cookies by default, these can usually be changed to prevent automatic acceptance and will offer you the choice each time.

You can find out about the cookie settings of the most popular browsers by following the links below:


However, please note that some website features or services may not function properly without cookies.

IV. What rights do you have in relation to the processing of your personal data and how do we ensure that you exercise them?

a) Right of access: you can request information about what data we process, for what purpose, for how long, to whom we disclose it, and where it comes from.

b) Right of rectification: if your data changes or we have recorded it incorrectly, you can ask us to correct, rectify or clarify it.

c) Right to erasure: you may request that we erase your data that we have processed in the cases specified by law.

d) Right to restriction of processing: in the cases provided for by law, you may request that we restrict the processing of your personal data.

e) Right to data portability: you can request the portability of your data by filling in the data portability request form attached to this notice. By exercising this right, you can request that we disclose your data to you in the categories specified by law or, on the basis of a specific request and authorisation, directly to another organisation designated by you.

The data portability request can be viewed by clicking on the link below and downloaded by clicking on the "Download" button.

If you submit a request as described above, we will act in accordance with the law and will inform you within one month of the action we have taken on your request.

Please note that in the event of a request for erasure, the data processed by the Organisation for the purposes of legal and claims procedures listed above will be processed without any possibility of modification, except for the purpose of rectification, within the general 8-year limitation period of the Accounting Act for the purpose of legal and claims enforcement. The data will be anonymised after the legitimate interest has ceased to exist.

f) Right to withdraw consent: when we process your data on the basis of your consent, you have the right to withdraw your consent at any time, without prejudice to the lawfulness of our processing prior to the withdrawal of your consent.

g) Right to lodge a complaint: in the event of a breach of your rights in relation to our processing, you have the right to lodge a complaint with the competent supervisory authority:

National Authority for Data Protection and Freedom of Information

Website: http://naih.hu
Postal address: PO box 9., Budapest, 1363
E-mail address: ugyfelszolgalat@naih.hu

In addition to the above, you may also bring an action against the Organisation before the Budapest Court of Justice in the event of a breach of the protection of personal data.

h) Right to object.

If you object, we will no longer process your personal data.

V. How do we ensure the security of your data?

We have a comprehensive policy to ensure the security of the data and information we process, which is binding on all our partners.

Data security in IT infrastructure

Personal data is stored in our own IT environment, which is only accessible to a very limited number of people, based on access control rules. Our workstations are password-protected and the use of external media is limited and only allowed under secure conditions and after verification.

Regular and continuous protection against malicious software is provided on all the Organisation's IT equipment.

Data security in document management

Data security requirements are also observed in the management of documents and are laid down in a document management policy. We have detailed rules on the destruction, storage and publication of documents.

Physical data security

Paper documents containing personal data are kept in locked and secure cabinets, accessible only to specific staff.

VI. What do we do if we have a data breach?

In accordance with the law, we will notify the supervisory authority of the data protection incident within 72 hours of becoming aware of it and we will keep records of data protection incidents. In cases specified by law, we also inform the users concerned.

VII. When and how do we amend this privacy notice?

If the scope of the data processed or other circumstances of data processing change, this Privacy Notice will be amended and published on https://devertix.com within 30 days in accordance with the GDPR. In any case, please read the amendments to this privacy notice carefully as they contain important information about the processing of your personal data.

VII. When and how do we amend this privacy notice?
If the scope of the data processed or other circumstances of data processing change, this Privacy Notice will be amended and published on https://devertix.com within 30 days in accordance with the GDPR. In any case, please read the amendments to this privacy notice carefully as they contain important information about the processing of your personal data.

DATA PROTECTION NOTICE FOR EVENT-RELATED DATA PROCESSING

1. Purpose of this policy

The purpose of this notice is to provide information on the data protection and data management principles applied by Devertix IT Zrt.

The Data Controller processes the personal data of event registrants and participants, as well as the personal data of contact persons of exhibitors during the events.

2. Designation of the data controller

The publisher of this information is the Data Controller:

Company name: Devertix IT Zrt.
Registered office: 10. Kossuth Lajos street, Nagytarcsa,2142
Company registration number: 13-10-042525
Tax number: 32374856-2-13
Phone number: +36204844393
E-mail address: adatvedelem@devertix.com
Website: https://devertix.com/ , https://devertix.hu/


Company name: "ALVICOM" Kft.
Place of business: 26. Kandó K. street, Miskolc, 3534
Company registration number: 05-09-005449
Tax number: 11444648-2-05
Phone number: +36204844393
E-mail address: adatvedelem@devertix.com
Website: https://devertix.com/ , https://devertix.hu/

Company name: INGRAM MICRO Hungary Wholesale Trading Limited Liability Company
Registered office.
Company registration number: 01-09-684590
Tax number: 10586224-2-44
Telephone number: + 36204844393

Company name: Amazon Web Services EMEA SARL
Registered office: Luxembourg, 38 avenue John F. Kennedy 1855 Luxembourg
Community tax number: LU26888617
Phone number: + 36204844393
E-mail address: adatvedelem@devertix.com

[In this section, we inform the Data Subject that in all cases, your data will be processed exclusively by the controller who organises and hosts the event. When registering for the event, the Data Subject gives his/her explicit consent to the identity of the controller, so his/her data will be processed only by the controller listed in this point, and only by the controller to whom the Data Subject has given his/her explicit consent - on the registration form.]

3. Scope of the personal data processed

In connection with the organisation of the event, we may process the following personal data:

-Title,
-name,
-title,
-institution,
-e-mail address,
-telephone number,
-special needs (barrier-free transport, food allergies)
-photo or video recording.


We process the following personal data for the purposes of processing under point 4.5 of this notice:

- Name,
- e-mail address,
- telephone number.


If there are any changes or modifications to the data processed by the Data Controller during the processing period, please notify us immediately using one of the contact details above.

4. Legal basis, purposes and methods of processing

Event organisation

4.1. Processing is based on your voluntary and duly informed declaration, which, by completing the registration, includes your explicit consent to the use of your personal data provided during the event registration.

The legal basis for the processing (title, name, position, institution, e-mail address, telephone number) is the voluntary consent of the data subject in accordance with Article 6(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation). You may withdraw your consent at any time by sending an e-mail to adatvedelem@devertix.com. Providing the above data is mandatory, without them you will not be able to participate in the event.

The legal basis for the processing of data in the event of a special request is that the Data Controller also provides meals during the event. By sending an e-mail to adatvedelem@devertix.com you have the right to inform the Data Controller of any food allergies you may have. The Data Controller will only process your name and the type of food allergy in order to avoid serving you certain foods.

If you arrive at the event in a wheelchair, the Data Controller will provide wheelchair access. The legal basis for the processing is your explicit consent pursuant to Article 9 (2) (a) of the GDPR, which you can give by sending an e-mail to adatvedelem@devertix.com. The provision of this information is optional. You may withdraw your consent at any time by sending an e-mail to adatvedelem@devertix.com.

Access to the health data shall be granted to the Data Controller or to internal staff of the Data Controller whose access to and processing of the data is related to their professional duties. You give your consent when registering for a specific event by voluntarily providing the data in question by completing the registration.

4.2. The purpose of the processing is the organisation of conferences, workshops, training courses and information events on tenders related to the dissemination of the activities of the Data Controller, including follow-up activities related to the events, and the provision of adequate food or accessible transport in case of special needs. Follow-up of events will be done by means of an e-mail enquiry, to which a response is voluntary. The data provided by you will be used by the Data Controller for the specific purpose of the event.

Most of the events organised by the Data Controller are photographed and videoed, some of which are published on the organisation's website and social networking pages. The recordings of natural persons are considered personal data and therefore their processing requires the consent of the data subject. Naturally, the Data Subject has the possibility to object to the publication of the recordings. Such a request should be sent to the Data Controller at the e-mail address adatvedelem@devertix.com.

4.3. The Data Controller shall not use or make use of the personal data provided for purposes other than those described in Section 4.2. Unless otherwise required by law, the disclosure of your personal data to third parties shall only be possible with your prior explicit consent.

4.4. The Controller does not control the personal data provided to it. The person providing the data shall be solely responsible for the accuracy of the data provided. By providing your e-mail address, you also accept responsibility for the fact that you are the only one who uses the services from the e-mail address provided. With regard to this assumption of responsibility, any liability in connection with feedback or access from an e-mail address is borne solely by you as the data subject who registered the e-mail address.

4.5. When registering for an event, you have the opportunity to voluntarily request to be notified of similar events organised by the Data Controller. The notification will be sent by e-mail to the contact details you provide. You can do this by sending a reply to adatvedelem@devertix.com when registering for the event and the related processing will therefore be based on your voluntary and duly informed declaration. The Data Controller will process your name and email address in this case. The legal basis for the processing is the data subject's voluntary consent pursuant to Article 6(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation). You may withdraw your consent at any time by sending an e-mail to adatvedelem@devertix.com.

5. Period of data processing

The processing of the personal data you have provided will continue until the end of the peer review following the realisation of the event or, if you have consented to the Data Controller sending you notifications of similar events, until the withdrawal of your consent as provided for in point 4.5.

6. Who can access the data, data transfer, data processing

The data may be accessed primarily by the Data Controller or by the Data Controller's internal employees whose access and processing of the data is related to their job duties. If, for organisational reasons, data is transferred to a third party for an event, you will be informed separately by the Data Controller.

The Data Controller may grant access to image and sound recordings made during events for marketing purposes to the data processor it uses and to visitors to its social networking sites, in particular, but not exclusively, facebook, instragram, linkedlIN, youtube.

7. Data subject's rights and means of redress

7.1. You have the right to request information about your personal data processed by the Data Controller at any time and to modify them at any time by sending an e-mail to the contact details in point 7.3.

7.2.Upon your request, the Data Controller shall provide you with information about the data concerning you that it processes, the data processed by it or by a data processor it has appointed, the source of the data, the purpose, legal basis and duration of the processing, as well as the name, address and activities of the data processor in relation to the processing, the circumstances of the personal data breach, its effects and the measures taken to remedy it, and, in the case of a transfer of the Data Subject's personal data, the legal basis and the recipient of the transfer, in writing within one month of the request.

The Controller, through its Data Protection Officer, shall keep a record of the personal data concerned, the number and categories of data subjects affected by the personal data breach, the date, circumstances, effects and measures taken to remedy the personal data breach, and other information required by law providing for the processing, for the purpose of monitoring the measures taken in relation to the personal data breach and informing you.

7.3. You can exercise your rights by contacting us at the following contact details: E-mail address: adatvedelem@devertix.com
You may contact the Data Protection Officer of the Controller with any questions or comments regarding the processing of your personal data using the contact details provided in this section.

7.4 You have the right to request the rectification or erasure of your incorrectly recorded data at any time. The Data Controller shall correct or delete the data within three calendar days of receipt of the request sent to adatvedelem@devertix.com.

If the Data Controller does not comply with the Data Subject's request for rectification or erasure, it shall, within one month of receipt of the request, communicate in writing the factual and legal grounds for refusing the request for erasure.

The Data Subject may object to the processing of his or her personal data. The controller shall examine the objection within the shortest possible time from the date of the request, but not later than one month, decide whether it is justified and inform the applicant in writing of its decision.

7.5. The Data Subject may lodge a complaint with the National Authority for Data Protection and Freedom of Information ( 9-11. Falk Miksa street, Budapest1055 ; www.naih.hu, postal address: PO box 9., Budapest,1363 ).

7.6 If you have provided third party data for the use of the service, the Data Controller is entitled to claim damages from you. In such a case, the Data Controller shall provide all reasonable assistance to the competent authorities in order to establish the identity of the offending person.

8. Other provisions

8.1 In all cases where the Data Controller intends to use the data provided for a purpose other than that for which it was originally collected, the Data Controller shall inform you thereof and obtain your prior explicit consent or provide you with the opportunity to prohibit such use.

8.2 The Data Controller undertakes to ensure the security of the data, to take technical measures to ensure that the data recorded, stored or processed are protected and to take all necessary steps to prevent their destruction, unauthorised use or unauthorised alteration. It also undertakes to require any third parties to whom it may transfer or disclose the data to comply with its obligations in this respect.

8.3 The Data Controller reserves the right to unilaterally modify the rules and notices on data processing, subject to notification on its website.

DATA PROTECTION NOTICE

On the processing of CVs sent to the Data Controller

The Data Controller hereby informs all applicants and data subjects that it respects the personal rights of applicants and data subjects and that it will act in accordance with the provisions of this information notice (hereinafter referred to as the "Notice") when processing their data.

1. Purpose of the information notice

The purpose of this information notice is to provide information on the data protection and data management principles applied by Devertix IT Zrt. (hereinafter referred to as "Data Controller1") and "ALVICOM" Ltd. (hereinafter referred to as "Data Controller2") (hereinafter referred to as "Data Controller1" and "Data Controller2") (hereinafter referred to as "Data Controller") in relation to the processing of CVs submitted by candidates for specific job vacancies advertised by them and by candidates for non-specific job vacancies (hereinafter referred to as "Candidate").

2. Name of the Data Controller

The publisher of this information and the Data Controller1:

Company name: Devertix IT Zrt.
Headquarters.
Company registration number: 13-10-042525
Tax number: 32374856-2-13
Phone number: +36204844393
E-mail: adatvedelem@devertix.com
Website: https://devertix.com/, https://devertix.hu


The publisher of this information is the Data Controller2:

Company name: "ALVICOM" Ltd.
Address: 3534 Miskolc, Kandó K. street 26.
Company registration number: 05-09-005449
Tax number: 11444648-2-05
Phone number: +36204844393
E-mail address: adatvedelem@devertix.com
Website: https://devertix.com/, https://devertix.hu


3. Scope of personal data processed

3.1. Identification and contact details

-Name;
-Age/date of birth;
-Gender;
-Photo;
-Nationality/place of birth;
-Contact details;
-Other information you have shared


3.2 Information about studies and jobs

-Data related to studies;
-Data on previous jobs;
-Current job;
-Skills and languages spoken;
-Details of the reference person;
-Details of remuneration and benefit claim;


3.3. Information provided by a third party

Reference data


3.4. Specific data

Health data (personal data relating to physical, mental, health conditions)


3.5 Criminal personal data

Data on criminal record


3.6.Automatically collected information, data

The Service Provider's website may record and process the following data about the visitor or the device used for browsing the website for the purpose of investigating a security incident:

the IP address used by the visitor browser type characteristics of the operating system of the browsing device (language set) time of visit the (sub)page, function or service visited click.


3.7. Cookie used by the Data Controller

The Data Controller uses cookies to enhance the user experience.

Please note that you can refuse the use of cookies at any time, however, not all browsers allow you to remove Adobe Flash cookies. You can restrict or block Adobe Flash cookies via the Adobe website.Please note that if you restrict/block them, some features of the Website may not be available.

Please note that you can opt-out of Google cookies by visiting the Google ads opt-out page.

3.8. Third party cookie

The Data Controller uses third party cookies in relation to the following accounts:

https://www.facebook.com/
https://www.google.com/
https://www.linkedin.com/
Applicants are informed that the applicability of the cookie management/authorisation provisions set out in section 3.7 to this section is linked to the management of cookies authorised to third parties. If the Applicant prohibits the use of cookies by a third party, the cookies used by the third party will not be processed due to lack of data.

Please note that the above list of categories of personal data we collect is not exhaustive.

4. How data is collected

-By sending an electronic mail;
-By filling in an application form;
-As part of the registration process;
-Automatically collected data, through the use of your own and others' cookies;
-Through data collection transferred to a third party (e.g. Linkedln, job search portal).


5. Legal basis, purpose and duration of processing

5.1 The Data Controller processes the Candidate's CV for the purpose of filling employment positions.

5.2 The legal basis for the processing is the consent of the Candidate, which is given to the Data Controller by sending his/her CV electronically or by giving his/her explicit consent.

5.3 The Data Controller shall process the Candidate's CV from the date of sending it until the date of the decision to fill the position, but not later than 6 months from the date of receipt of the CV.

5.4. The Data Controller shall, upon the request of the Candidate, arrange for the correction of the data within 3 working days of receipt of the request.

5.5 The Data Controller informs the Candidate that, upon his/her request, the Data Controller will delete the CV and personal data of the Candidate sent by the Candidate without delay, but not later than 3 working days from the receipt of the request.

In the event of termination of the legal basis for processing, the Controller shall delete the data of the Candidate without undue delay, but not later than 3 working days after the legal basis has been terminated.

5.6 The Data Controller shall inform the Applicant that he/she may refuse the deletion of the data in the event that the processing is necessary for the assertion of claims or legal claims.

5.7 In case of deletion of the personal data of the Applicant, if the Data Controller has transferred the Applicant's data to a third party, the Data Controller shall notify the third party of the deletion in the subject of the request for deletion. In this case, the Data Controller shall request the third party to delete the data of the Applicant.

6. Scope of persons having access to the data, data transmission, data processing

The Data Controller and its internal staff are entitled to access and process the data, whose access and processing of the data is related to their job duties.

7. Data subject's rights and means of redress

7.1.The data subject may request information about the data processed by the Data Controller, the purpose, method and legal basis of data processing, data protection incidents, and may initiate the modification, deletion and rectification of his/her data.

7.2.The applicant is entitled to exercise his/her rights through the following contact details:

Electronic mail address: adatvedelem@devertix.com

7.3 We inform you that you can lodge a complaint with the National Authority for Data Protection and Freedom of Information (1055 Budapest, Falk Miksa utca 9-11.; www.naih.hu).

7.4 Please be informed that our Data Protection Officer is available to answer your questions and comments.

8. Other provisions

8.1 The Data Controller undertakes to inform the Applicant concerned in advance in case of processing for purposes other than the purpose for which the data was originally collected. Following the notification, the Applicant may give his/her consent to the processing for a different purpose. In the absence of consent, the Controller shall not be entitled to process the data for a different purpose.

8.2 The Data Controller shall ensure that the data are secure and shall take all necessary measures to prevent their destruction, unauthorised use and unauthorised alteration.

8.3 The Controller undertakes to require any third party to whom it transfers or discloses the data to comply with its obligations.

8.4 The Data Controller reserves the right to unilaterally modify the rules and notices on data management by notifying the relevant parties on its website.

Budapest, 08 May 2024.