+36 (66) 520 980 sales@loxtop.com

PRIVACY POLICY

Data Protection and Data Processing Information

Dear Visitor,

We would like to inform you that from 25th May 2018, based on the Directive 2016/679 of the European Parliament and Council (EU) (hereinafter referred to as: General Data Protection Regulation or GDPR) on the protection of personal data of natural persons and free flow of such data as well as the abrogation of the Directive 95/46/EC, regarding the regulation of data protection matters, all over Europe and in all sectors, this directive overrules effective legal provisions. Consequently, in Hungary, regarding data protection matters, the standard directive will not be 2011. CXII. Informative rights of self-determination and freedom of information but it will be GDPR.

Contents of this document:

  1. Basic Principles
  2. Key concepts
  3. Legal basis for data processing
  4. Scope of data handled
  5. Duration of data processing
  6. Method of data processing
  7. Storage of data
  8. Data processor
  9. Contacting
  10. Data processing on website
  11. Legal remedies
  12. Data Protection Authority procedures, notification of breaches
  13. Provision transposing into legislation
  14. Basic Principles

The most important aim of GDPR is to standardize member state regulations which have been different earlier, this way creating the possibility to make a system of regulations which is more standardized on European level, in all industrial and service providing sectors.

The most important objective of the legislative authority is to ensure a high level and effective protection of the rights of the parties affected regarding data processing, and, to motivate organizations doing data handling and data processing to operate accordingly and transparently (regarding data protection).

LoxTop LLC (hereinafter referred to as: The Enterprise) undertakes to meet all requirements laid down in this document and effective legal acts regarding the processing of data.

The Enterprise, for the protection of the data of its committed clients and partners, handles personal data confidentially and makes every security, technical and organizational measure to guarantee the security of these data.

2. Key concepts

  • Data Processor: a natural or legal person or an organization not containing a legal personality, who or what determines the target of data processing on its own or together with others, the tool used for data processing, and makes related decisions and executes measures or has some other data processor execute them.
  • Person concerned:  a natural person, identified or identifiable directly or indirectly by personal data;
  • Consent of person concerned:the person concerned states their will definitely voluntarily, specifically and based on sufficient information, of which the person concerned indicates through a statement or an act unambiguously showing confirmation that they give consent of the processing of their personal data as regard their persons;
  • Data files: all data processed in a filing system;
  • Data processing:carrying out technical tasks related to data procession operations, regardless of the methods and tools used for the completion of operations and the location of application, provided that the technical tasks are carried out on the data;
  • Data processor:a natural or legal person or organization not having a legal personality who or what, based on its contract made with the processor of data, including making contracts based on the directions of the directive, carries out the processing of the data;
  • Data processing:regardless of the applied procedure, any operation carried out on the data or all of these operations, therefore especially the collection, recording, registration, classification, storage, modification, usage, query, forwarding, publication, synchronization, linking, blockage, deletion and termination, and the prevention of further usage of the data;
  • Data forwarding:making the data available for a specified third person;
  • Publication:making the data available for anyone;
  • Deletion of data:making the data unidentifiable in a way that they cannot be restored any more;
  • Blockage of data:providing the data with identification marking, with the purpose of restricting its further processing permanently or for a specified period of time;
  • Destruction of data:the full physical destruction of the data storage unit containing the data;
  • Data protection incident: the illegal treatment or processing of dada, unauthorized access, publication, forwarding, deletion, damage or destruction;
  • IP address:in all networks which have communication based on a TCP/IP protocol, the server computers have an IP address, that is an identification number, which make it possible to identify the given computer through the network.   All computers linked to a network have an IP address, through which it can be identified;
  • Personal dada:data which can be linked to the person concerned – especially their name, ID sign, or knowledge regarding one or more of their physical, physiological, mental, economic, cultural or social identity – and consequences which can be drawn from the data, regarding the person concerned;
  • Natural person identification datafirst and last name of the person concerned, birth, mother’s name, place and date of birth;
  • Objection:a statement of the person concerned in which they disapprove of the processing of their personal data and request the termination of data processing and the deletion of the data processed;
  • cookie:  a file (usually a text file) which gets to the hard disk of the user through the browser, which distinctly identifies the user at the next visit;
  • National Data Protection and Freedom of Information Authority (Hungarian abbreviation: NAIH), its legal status and tasks are determined in §38. of the Info. Act (hereinafter referred to as: Authority)
  1. Legal basis of data processing

The Enterprise processes data from its partners and other persons concerned only within the framework of authorizations determined in prevailing legal provisions applicable to its activities.

All data are considered personal data which can be linked to the person concerned.

Data may be received by the Enterprise basically for the following reasons:

  • Based on measures of legal provisions of data processing connected to the creation of contractual relationships (for example the accounting law for the issuing of invoices);
  • If data processing is provided for by law,
  • The voluntary, informed, explicit and definite consent of the person concerned, with which they give a consent for the processing of their data by the Enterprise, according to the principles of this Policy (for example to be able to get commercial offers).

The Enterprise carries on its activities based on the following legal provisions during data processing:

  • Year 2011. Act CXII. On rights of informative self-determination and freedom of information
  • Year 2005. Act CXXXIII. On the regulations of protection of property and individuals as well as those of private detective activities
  • Year 2013. V. On Civil Code
  • Year 2000. C. On accounting
  • Year 1997. Act CLV. On consumer protection
  • Year 1995. Act CXVII. On personal revenue tax
  • Year 1993. Act XCIII. On occupational safety
  • Year 2012. Act I. On labor code
  • Year 2001. Act CVIII. On certain matters regarding electronic commercial services and services related to information society
  1. Scope of data handled

Data handled by the Enterprise: company name, contact person/name of person concerned, their corporate/business telephone numbers, their corporate/business e-mail addresses, their corporate/business mailing addresses, date and time of contacting the party, IP address of the computer of the person concerned, data related to their browser and the address of the website visited.

Data processing operations carried out on the data are basically with the aim of communication (such as offers or making of invoices). There is no automatic profiling.

  1. Duration of data processing

Data provided to the Enterprise are entitled to be stored with the purposes laid down in this informative document and until the withdrawal of consent of the person concerned, or until it is given in the relevant legal provision.

6. Method of data processing

The Enterprise processes data electronically and/or on hard copy, manually.

7. Storage of data

The Enterprise ensures the safe storage of the data according to the measures of legal provisions at all times.

The data retention locations and computerized systems are found at its premises as well as related servers.

The Enterprise selects and operates applied IT tools during the processing of personal data through the process of service providing so that the data processed are:

  • Available for the persons authorized;
  • Their accuracy and authorization is ensured;
  • Their unchanged quality can be verified;
  • They are protected against unauthorized access.
  1. Data processor

The Enterprise does not apply external data processor or cloud provider, personal data treated by them are processed by themselves. Data are to be accessed by government organizations or entities (such as the tax authority checking online invoices).

  1. Contacting

Data to be provided by the Partner at requests for quotation or other business contacting, for example:

  • Name
  • Company name
  • e-mail address,
  • Invoicing address (billing name, street, street address, city, postal code),
  • Telephone number
  1. Data processing on website

The website of the Enterprise (www.loxtop.com) and the information provided by them can be accessed by any visitor. During the visit to the website the hosting service provider registers visitor data to control the operation of the service and to prevent misuse and to ensure normal operation. The aim of registration is collecting information regarding the usage of the website, and the preparation of visitor and internet usage stats and analyses. External service providers place cookies on user computers so that they are able to link actual visits by users to earlier ones. The user is able to reject the usage of cookies in a popup window.

  1. Legal remedies

The person concerned can ask for information on the processing of their personal data, and may ask for the correction of their personal data, and – except for compulsory data processing – the deletion or blocking of their persona data in a way that is indicated at the collecting of the data.

The data processor has 30 days to delete, block, and correct the personal data. Provided the data processor does not complete the request of the person concerned to correct, block or delete data, it provides the reasons for rejection in writing within 30 days.

The Enterprise informs the person concerned and everyone that they forwarded the data earlier with the purpose of data processing, about correction, blocking, marking or deletion. The Enterprise does not inform if this does not infringe the legitimate interests of the person concerned, concerning data processing purposes.

  1. Data Protection Authority procedures, notification of breaches

The breach of judicial confidentiality or the rights of the person concerned, and remarks, you can make a statement at the following contact details or can apply to authorities listed below:

  • Courthouse Gyula: 5700 Gyula, Béke sugárút 38.
  • National Data Protection and Freedom of Information Authority: 1530 Budapest, Szilágyi Erzsébet fasor 22/C
  • LoxTop LLC 1114 Budapest, Bartók Béla út 75. II/2.

14. Provision transposing into legislation

    This Privacy Policy is published on the website of LoxTop LLC (www.loxtop.com).

    The Enterprise may at any time unilaterally amend this Privacy Policy. Current policy is available at the website of the Enterprise.

    Powered by  GDPR Cookie Compliance
    Privacy Policy
    Privacy Policy

    Dear Visitor,

    We would like to inform you that as of May 25th, 2018, the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) concerning the data protection of personal information of natural persons and the transfer of such data supersedes regulation 95/46/EK and all similar data protection laws throughout Europe. As a result, in Hungary, the previous law CXII of 2011 on the right to self-management of information and about information freedom (Infotv) will no longer be the governing regulation, being replaced by the GDPR instead.

     

    Contents of this notice:

    1. Basic principles

    2. Definitions

    3. Legal basis for data handling

    4. Types of data handled

    5. Duration of data handling

    6. Method of data handling

    7. Storage of data

    8. Data processor

    9. Contact

    10. Data collected by website

    11. Legal remedies

    12. Legal proceedings and reporting of incidents

    13. Updates to the privacy policy

     

    1. Basic principles

    The most important goal of the GDPR is to unify the various privacy regulations of EU member countries by creating a unified system of rules of treating data in every industrial and service sector.

    The most important objective of the legislator is to ensure the effective protection of the rights of data subjects, as well as ensuring the transparent operation of data controllers and data processors as regards privacy protection.

    LoxTop Kft (hereinafter: Company) is committed to handling data in accordance with data handling rules set out by law and as described in the present privacy policy.

    The Company is committed to protecting the data of its clients and partners. It handles personal data confidentially, and takes all security, technical, and organizational steps to guarantee the security of this data.

     

    2. Definitions

    • Data controller: the natural or legal person or organization without legal personhood which makes decisions about, determines and implements the goals of handling the data and the tools used to handle the data, or has another party implement these decisions;
    • Data subject: any natural person who is identified or – directly or indirectly – can be identified by personal data;
    • Consent of the data subject: the data subject’s voluntary, specific, clear, suitably informed statement of agreement, with which the data subject declares or through their actions unambiguously confirms their agreement to the handling of their personal data;
    • Data store: all data contained in a system;
    • Data processing: performing technical tasks related to the data processing operations, irrespective of the methods and means used to perform the operations and the location the processing takes place, provided that the technical task is performed on the data;
    • Data processor: any natural or legal person, or any entity without legal personhood, who or which carries out the processing of data on the basis of a contract with a data controller, including as required by law;
    • Data handling: any operation or set of operations, in particular collection, recording, filing, organizing, storing, altering, using, querying, transmitting, publishing, collating or linking, blocking, deleting or destroying any data or preventing further use of the data;
    • Data forwarding: making the data available to a specific third party;
    • Disclosure: making the data available to anyone;
    • Data deletion: making data unrecognizable in such a way that it is no longer possible to recover it;
    • Data locking: based on an identifier, locking data to limit its further processing indefinitely or for a certain period of time;
    • Data destruction: the complete physical destruction of the data carrier (storage devices) containing the data;
    • Data protection incident: unlawful processing of personal data, unauthorized access, disclosure, transfer, deletion, damage or destruction;
    • IP address: In all networks where communication is performed through the TCP / IP protocol, the servers have an IP address, which is an identifier number allowing the machines to be identified over the network. Each computer on a network has an IP address through which it can be identified;
    • Personal data: data which can be related to the data subject, in particular the data subject’s name, identifier, knowledge of one or more physical, physiological, mental, economic, cultural or social identities, and the conclusions that can be drawn from the data;
    • Natural identity data: surname and first name, birth name, mother’s name, place and date of birth of the data subject;
    • Objection: a statement by the data subject that they object to the processing of their personal data and request the termination of the data processing or the deletion of the data processed;
    • Cookies: an information file (usually plain text) that is sent to the user’s hard drive via its browser and which can identify the user upon their subsequent visit;
    • National Authority for Data Protection and Freedom of Information: Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH), whose legal authority and tasks are defined by Info tv. § 38 (hereinafter: Authority).

     

    3. Legal basis for data handling

    The Company handles personal data only as allowed by the laws in effect regarding its activities, as regards both its partners and data subjects.

    Personal data is all data which can be associated with the person of a data subject.

    The following are the main ways in which the Company comes to handle personal data:

    • data handling used to establish a contractual relationship on a legal basis (for example for issuing invoices in accordance with accounting laws);
    • if the data handling is required by law,
    • the data subject’s voluntary, informed, express and definite agreement, with which they agree to the treatment of their data by the Company in accordance with the present privacy policy (for example for marketing purposes).

     

    The Company’s data handling is regulated by the following laws:

    • 2011, CXII., law on the right to self-determination and freedom of information
    • 2005, CXXXIII., law on the rules of personal and property protection and private investigation
    • 2013, V., law of the civil code
    • 2000, C., law on accounting
    • 1997, CLV., law on consumer protection
    • 1995, CXVII., law on personal income tax
    • 1993, XCIII., law on work safety
    • 2012, I. law on the labor code
    • 2001, CVIII., law on certain issues of electronic commerce services and information society services

     

    4. Types of data handled

    Information handled by the Company: company name, contact / data subject name, business / business phone numbers, company / business email addresses, company / business mailing addresses, contact date and time, IP address of a data subject, browser information and titles of pages visited.

    Data processing operations are performed primarily for communication purposes (e.g. sending offers, invoicing). No profiles of data subjects are automatically built.

     

    5. Duration of data handling

    The Company is entitled to retain the data provided to it for the purpose specified in this policy until the consent of the data subject is withdrawn, or as required by law.

     

    6. Method of data handling

    The Company manages the data electronically and / or on paper, manually

     

    7. Storage of data

    The Company shall ensure the secure storage of data in accordance with the legal provisions in all cases.

    The Company’s IT systems and other data storage locations are located on its premises and on servers.

    In the course of providing its services, the company selects and operates the IT tools used to manage personal information such that:

    • it is available to authorized parties;
    • its authenticity is assured;
    • its integrity is assured;
    • it is protected against unauthorized access.

     

    8. Data processor

    The Company does not use an external data processor or cloud service provider; it processes the personal data it handles by itself. Data may only be accessed by government agencies or organizations as required by law (such as NAV online accounting verification).

     

    9. Contact

    The Partner’s contact information given when sending offers or for other business contact, for example:

    • Name
    • Company name
    • e-mail address,
    • billing address (billing name, street name, house number, city, postal code),
    • telephone number

     

    10. Data collected by website

    Any external visitor can access the information the Company publishes on its web site at www.loxtop.com. When visiting this web site, the website hosting provider records the visitor data in order to check the operation of the service, to prevent abuse and to ensure its proper operation. The purpose of recording this data is to collect information on the use of the website, to compile statistics and analysis of visits and internet usage. External service providers use “cookies” on a user’s computer, which can be used to link the user’s current visit to previous ones. A user may refuse a cookie request at any time in a popup window on the website.

     

    11. Legal remedies

    The data subject may request information on the processing of their personal data and may request the rectification or deletion or locking of their personal data (except for data processing required by law), as indicated at the time of data collection.

    The data controller has 30 days to delete, lock, or correct personal data upon request. If the controller does not comply with the data subject’s request for correction, blocking or deletion, it shall give written reasons for such refusal within 30 days.

    The Company shall notify the data subject of correction, blocking, deletion, as well as of any person to whom the data have previously been transmitted for data handling purposes. Notification is not required where, with regard to the purposes for which the data are processed, this does not harm the data subject’s legitimate interest.

     

    12. Legal proceedings and reporting of incidents

    In case of any violation of the rights of the data subject, or for any other comments, a statement can be made to the following:

    • Gyulai District Court: 5700 Gyula, Béke sugárút 38.
    • Nemzeti Adatvédelmi és Információszabadság Hatóság (National Data Protection and Freedom of Information Authority): 1530 Budapest, Szilágyi Erzsébet fasor 22/C
    • LoxTop Kft 1114 Budapest, Bartók Béla út 75. II/2.

     

    13. Updates to the privacy policy

    LoxTop Kft publishes this privacy policy on its web site

      • .

    The Company reserves the right to unilaterally modify the present privacy policy. The latest version of the policy is always available on the Company’s web site.

    Effective as of: May 25th, 2018.

    Date: May 22nd, 2018, Békéscsaba.

     

     

    Copyright

    The A LoxTop Kft. website (hereinafter LoxTop) can be freely accessed without giving any kind of private information. By using the web site, visitors agree to the below, and the privacy policy rules listed above.

    The source code of the website and the logo, brand name, images, graphics, videos, text content, data and information appearing on the website are protected by trademark and copyright. Trademark and copyrights belong to LoxTop and all rights are reserved. Therefore it is prohibited to use, copy, reproduce, reverse engineer, distribute, store, or transfer in any form all or part of the content of any part of the web site without the prior written consent of LoxTop. The trademarks, logos and trademarks of third parties appearing on this site are the property of their respective owners:

     

    LoxTop hereby provides the following uses:

    • You may refer to (link) the web site if you name it and use its address at loxtop.com
    • For your own personal use you may freely download store or print www.loxtop.com pages from your own computer.
    • For other uses the permission of the copyright owner is required.

     

    The information and data displayed on www.loxtop.com are for informational purposes only. LoxTop is not responsible for any business decisions made based on the information contained on this website. LoxTop assumes no responsibility for the completeness of the data on this site, or for any damages resulting from the use, improper operation, viruses, malfunctions, or communications or system errors on this site.

    LoxTop reserves the right to modify or refactor its websites at any time without notice, and to limit or block their availability. LoxTop does not warrant that access to the Web sites will be continuous or error-free. LoxTop expressly disclaims any liability for damages resulting from the use of this website or any information, documentation, or related information, direct or indirect, for malfunctioning, incomplete or misunderstanding arising in relation to the use of the website.

    The LoxTop web site may contain connection points (hyperlinks) that provide an automatic connection to other web sites. These linked websites may be owned and operated by third parties. LoxTop is not responsible for the content created, transmitted, stored, made available by third parties to which LoxTop’s websites are linked or referenced. Links to other sites are provided solely for the convenience of the users of the Website.

    Like almost every website company, www.loxtop.com uses cookies on its websites. By using the LoxTop Website, you agree that the use of cookies and other tracking technologies in accordance with this policy. A cookie is a small alphanumeric file that is automatically downloaded to online devices (computers, notebooks, smart phones, tablets) when a visitor visits certain web pages. Cookies allow the site to recognize the visitor’s device, so that the web server stores information about the visit. Today, all modern websites use such cookies. Data captured with this technology cannot be linked to other personal data, and in no way can the identity of the user be identified. Such technical data collection is intended solely for statistical purposes related to the operation and performance of the website, and for the purpose of improving the website and services. This kind of data collection, data analysis, visit tracking is provided and performed by GoogleAnalytics and GoogleAdwords platforms. These cookies are provided by Google and are used through Google Adwords, Analytics, Search, and in some cases through a third party (Joomla) system. If you do not consent to the use of cookies and other tracking technologies, please configure your browser accordingly (disable cookies), or please do not visit or use this website. For more information about how cookies work and how to use them, see: Cookie Policy.

    The operation and communication of this website is ensured by an authenticated and secure 128 bit TLS / SSL encrypted connection technology. The data traffic (including sub-pages) generated between the user’s computer and the data handler’s web server when accessing the Website and personal data provided on the Website are routed through the Internet using a standard encryption procedure using a uniquely generated encryption key. The technology used makes unauthorized access to data, data theft, and interception of data traffic difficult, and secures the use of the website.

    The Data Controller pays special attention to the stability and security of its IT system and keeping them free of viruses, to the tools that it uses on its website and email systems, the prevention of malicious programs and the prevention of unauthorized access to its systems. For these purposes it runs a virus scanner and a firewall, and runs its web server in a modern, secure server under controlled conditions with no unauthorized virtual and physical access. Despite these efforts, it is impossible to guarantee complete coverage against viruses at all times, so we recommend that the user also run a virus scanner on their device and check our emails, which are the user’s responsibility. The data handler cannot be held responsible for any damage or inconvenience caused by a virus or other malware, or malfunctioning or downtime of systems or devices, but will make every effort to remedy any errors as soon as possible.