Privacy Policy

The management of PRENET-ING Ltd. is committed to protecting the personal data of natural persons as well as ensuring the secure handling of confidential and strictly confidential business data. This Privacy Policy sets out the data protection and data management principles and rights applied by PRENET-ING Ltd., which the company acknowledges as binding upon itself.

Please read this Privacy Policy carefully, and if you have any questions (whether regarding interpretation or of any other nature), please contact us using one of the contact details provided under the DATA CONTROLLER section.

We also welcome your suggestions on how our information regarding the handling and protection of your personal data can be made broader, clearer, more accessible, transparent, and understandable for you and other data subjects.

The principles of PRENET-ING Ltd.'s data management are in line with the applicable data protection legislation, in particular the following:

• Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR)
• Act CXII of 2011 on Informational Self-Determination and Freedom of Information (Info Act)
• Act V of 2013 on the Civil Code

• Data Controller: PRENET-ING Ltd.
• Representative of the Data Controller: Zsolt Németh, Managing Director
• Contact details / Registered office of the Data Controller: 2040 Budaörs, Fodros u. 47/B.
• E-mail address: info(at)prenet-ing(dot)hu
• Website of this Privacy Policy: www.prenet-ing.hu

If the data processing is based on your voluntary consent, you may withdraw your consent at any time.

During the process of contacting us, you provide us with the data you consider necessary based on your voluntary decision and consent, for which the legal basis of processing is your consent.

We aim to process as little personal data as possible; therefore, we expressly ask you to provide only the most necessary personal data (those that allow your identification).

      1. Contact

1.1. Purpose of processing: Contact
1.2. Legal basis: GDPR Article 6 (1) (a): consent of the data subject
1.3. Scope of processed data:

• Name / Company name
• E-mail address
• Phone number
• Mailing address

1.4. Retention period:

• Immediately after withdrawal of consent (within 2 working days at the latest),
• Following regular review, if processing is no longer necessary (maximum 1 year).

       2. Requesting a Quote

2.1. Purpose of processing: Requesting a quote
2.2. Legal basis: GDPR Article 6 (1) (a): consent of the data subject
2.3. Scope of processed data:

• Name / Company name
• E-mail address
• Phone number
• Address (residence, registered office, mailing address)

2.4. Retention period:

• Immediately after withdrawal of consent (within 2 working days at the latest),
• Following regular review, if processing is no longer necessary (maximum 1 year).

       3. Sending a Quote

3.1. Purpose of processing: Sending a quote
3.2. Legal basis: GDPR Article 6 (1) (b) and (f): processing necessary for the performance of a contract and for the legitimate interests of the Data Controller
3.3. Scope of processed data:

• Name / Company name
• E-mail address
• Phone number
• Address (residence, registered office, mailing address)

3.4. Retention period:

• Up to 5 years (statutory limitation period),
• Up to 8 years following the termination of the contract.

  4. Contract Establishment and Fulfilment

4.1. Purpose of processing: Establishment and performance of a contract
4.2. Legal basis: GDPR Article 6 (1) (b): processing necessary for the performance of a contract
4.3. Scope of processed data:

• Name / Company name
• Residence / Registered office
• Birth name, mother's name, place and date of birth
• Company registration number
• Tax number
• Bank account number
• Name of authorized representative
• E-mail address
• Phone number

4.4. Retention period: 8 years following the termination of the contract

If we do not have the minimum data required for making contact, we will not be able to get in touch with you. As a result, we will not be able to respond to the reason you contacted our Company, nor will we be able to handle your inquiry.

Data: Personal data
(e.g., name, e-mail address, phone number, mailing address)

Deletion deadline: Immediately after the withdrawal of your consent (within 2 working days at the latest), or following regular review, if processing is no longer necessary (maximum 1 year).

As a data subject, you have the right to request access to your personal data, their rectification, erasure, or restriction of processing, as well as to object to their processing. You also have the right to exercise your right to data portability.

Within one month of receiving your request, you will be informed of the measures taken based on your request. If necessary, taking into account the complexity of the request and the number of requests, this deadline may be extended by a further two months. In such a case, you will be informed of the extension of the deadline and the reasons for the delay within one month of receipt of the request. If you submit your request electronically, the information will also be provided electronically unless you request otherwise. If no action is taken following your request, you will still be informed within one month of the reasons for not taking action, as well as of your right to lodge a complaint with a supervisory authority and to seek judicial remedy.

The requested information and communication will be provided free of charge. If the request is clearly unfounded or – in particular due to its repetitive nature – excessive, a reasonable fee may be charged for the administrative costs incurred in providing the requested information or communication or in taking the requested action, or in exceptional cases, the request may be refused.

All recipients (to whom the data have been disclosed) will be informed of any rectification, erasure, or restriction of processing carried out by us, unless this proves impossible or requires disproportionate effort. Upon your request, we will inform you about these recipients.

As a data subject, you have the right to be provided with and to access the information concerning your personal data as defined in the GDPR. This Privacy Policy serves this purpose.

You may also obtain information through the contact details provided in the DATA CONTROLLER section.

As a data subject, you have the right to obtain information (feedback) on how and in what form your personal data are processed. If any of your personal data are being processed, you have the right to access the following information:

• the purposes of the processing of your data;
• the categories of your processed data;
• the recipients of the data, i.e., with whom the data have been or will be shared;
• the period of storage of the data (and the basis on which this period was determined);
• your rights: you may request rectification, erasure, or restriction of the processing of your data, or object to their processing;
• which supervisory authority you may lodge a complaint with;
• if the personal data were not obtained directly from you, the source of the data (i.e., from whom they were obtained);
• if automated decision-making (including profiling) takes place, you may also request information about that.

Upon request, we will provide you with a copy of your personal data. You may also request the copy electronically, in which case—after identification—you will receive it electronically, unless you request it in another format. For any additional copies requested, we may charge a reasonable fee based on administrative costs.

The information and copy will be provided within one month of receipt of your request.

You have the right to request the correction of inaccurate, incorrect, or false personal data concerning you, as well as to have incomplete information completed.

You have the right to request that your personal data be erased without undue delay. This is possible if:

• your personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
• your data are processed solely on the basis of your consent, and you withdraw that consent;
• you object to the processing of your data and we have no legitimate grounds for continuing the processing;
• your data are processed unlawfully (i.e., we have no legal basis);
• we are under a legal obligation to erase your data.

However, data cannot be erased if processing is necessary: for exercising the right to freedom of expression and information; for compliance with a legal obligation under EU or Hungarian law; for reasons of public interest or public health; for purposes of archiving in the public interest, scientific or historical research, or statistical purposes (where erasure would likely make such processing impossible or seriously jeopardize it); or for the establishment, exercise, or defense of legal claims.

Where processing is restricted, your personal data may, with the exception of storage, only be processed with your consent, or for the establishment, exercise, or defense of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or of the State of Hungary.

You may request the restriction of processing if:

• you contest the accuracy of your data: the restriction will last until we are able to verify the accuracy of the data;
• the processing is unlawful, and you do not request the erasure of your data but only the restriction of their use;
• we no longer need to process your data, but you require them for the establishment, exercise, or defense of legal claims.

You will be informed in advance before the restriction of processing is lifted.

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, machine-readable format, and to transmit those data to another data controller.

You have the right to object at any time to the processing of your personal data. In such a case, we may no longer process your personal data unless we can demonstrate compelling legitimate grounds (e.g., legal obligations, regulatory requirements) which override your interests, rights, and freedoms, or which relate to the establishment, exercise, or defense of legal claims.

If the processing of your data is based solely on your consent and we have no other legal basis for processing your personal data (e.g., legal obligation, regulatory requirement), you have the right to withdraw your consent. However, this does not affect the lawfulness of processing carried out prior to the withdrawal.

Automated decision-making and profiling are not carried out by our company.

If you have any concerns regarding our data processing, please contact the Managing Director of our company through the contact details provided in the DATA CONTROLLER section, or notify us via any of the contact options listed there.

Right to turn to court: In case your rights are violated, you may bring an action before a court against our company as the data controller. The court will proceed with the case as a matter of priority.

Data protection authority procedure: You may also lodge a complaint with the National Authority for Data Protection and Freedom of Information (NAIH).

• Registered office: 1125 Budapest, Szilágyi Erzsébet fasor 22/C
• Mailing address: 1530 Budapest, P.O. Box 5
• Telephone: +36/1-391-1400
• Fax: +36/1-391-1410
• E-mail: ugyfelszolgalat@naih.hu
• Website: https://naih.hu

The IT system of PRENET-ING Ltd., where your data are stored, is located at its registered office.

During the processing of personal data, PRENET-ING Ltd. applies organizational and security measures to prevent, to the extent possible, any unauthorized access to personal data.

These organizational and security measures include protecting our IT system against viruses, data loss, unauthorized access, and damage. We take all generally expected measures to protect your personal data during the use of the internet and the transmission of your messages; however, we cannot provide full protection against dishonest or unlawful activities. Therefore, we kindly ask you to exercise caution when providing and transmitting your data.