Privacy Policy
1. Purpose of the Privacy Policy
The goal of our Privacy Policy is to provide all necessary information about processing your personal data in a concise, transparent, intelligible and easily accessible form, using clear and plain language, and assist the Data subjects in exercising their rights under Section 4.
The legal basis of our duty to communicate information is Article 12 of Regulation 2016/679 of the European Parliament and Council (hereinafter referred to as: GDPR).
2. Data of the Data controller
Name: Birouinfo Web Srl
Website: 1001m2.ro
Email: [email protected]
Phone number: +36 30 455 7791
3. Data processing activities
3.1 Processing concerning connection
It is possible to connect us through the connection form located on the website. The details of such processing are described hereunder.
3.1.1. Processed personal data and purpose of processing
- name - name identification of the Data subject
- phone number - connecting the Data subject
- e-mail address - connecting the Data subject
3.1.2. Legal basis of processing
If the purchaser is the Data subject, processing is necessary to take steps at the request of the data subject prior to entering into the contract (section 6 paragraph 1 point b of GDPR).
If the purchaser’s representative provides his or her personal data for these purposes, the legal basis of processing personal data – with regard to the relevant authorial practice – is the legitimate interest of us and the purchaser company (section 6 paragraph 1 point f of GDPR). It is each party’s legitimate interest to maintain an effective business communication and to finalize the purchase. In our view – since it is the part of the representative’s scope of duty – the processing of the mentioned personal data doesn’t restrict disproportionately the Data subject’s privacy and freedom of self-determination.
3.1.3. Duration of the processing
We process the personal data until the withdrawal of your consent.
3.1.4. Mode of processing
Personal data are collected automatically, in electronic form.
3.2. Processing concerning forwarding offers
3.2.1. Description of processing
It is possible to search business offices or warehouses in our website and to make offers to the companies which operate these.
Within this service, we advertise our principal’s rooms for renting on our website, then collect and forward all the offers to the principal. Data subject can provide any information (such as name or contacts) in the offer that he or she can be identified by which means that – with regard to section 4 paragraph 2 of GDPR – personal data can be processed.
Since we don’t determine the purposes and means of the processing of personal data but act on behalf of our principal (controller), we are qualified as data processors according to section 4 paragraph 8 of GDPR. To comply with article 28 of GDPR, we are also obliged to enter into a data processing agreement with our principals.
3.2.2. Legal basis of processing
Processing is necessary to take steps at the request of the Data subject prior to entering into the contract with our principal (section 6 paragraph 1 point b of GDPR).
3.2.3. Duration of the processing
Having integrated all the offers, we automatically forward them to our principal (controller). If we don’t act like this, we store all the offers for 10 years after receiving them.
3.2.4. Mode of processing
Personal data are stored in electronic form.
3.3. Processing concerning registration
You can register on our website. The details of such processing are described hereunder:
3.3.1. Processed personal data and purpose of processing
- name - identification of the Data subject
- e-mail address - communication with the Data subject
- phone number - communication with the Data subject
- password - making technical measures
3.3.2. Legal basis of processing
We process your personal data on the effective e-commerce regulations in the country we operate (article 6 point (1) c) of GDPR).
3.3.3. Duration of the processing
We process the personal data until the withdrawal of your consent.
3.3.4. Mode of processing
We store your personal data in electronic form.
3.4. Processing concerning newsletter
In order to provide relevant information to you, it is possible to subscribe our newsletter. The details of such processing are described hereunder.
3.4.1. Processed personal data and purpose of processing
- name - to address the user
- e-mail address - connecting the user by newsletter
3.4.2. Legal basis of processing
Your consent (article 6 point (1) a of GDPR).
3.4.3. Duration of processing
We process the personal data until the withdrawal of your consent. You can anytime unsubscribe our newsletter by clicking the “Unsubscribe” box.
3.4.4. Mode of processing
Personal data are collected automatically and manually, in electronic form.
4. What are your rights?
4.1 Right to access:
You have the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the information featured in point 3.
4.2 Right to rectification
You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
4.3 Right to erasure:
You have the right to obtain from us the erasure of personal data concerning you without undue delay and we shall have the obligation to erase personal data without undue delay if it is mandatory according to Article 17 of GDPR.
4.4 Right to be forgotten:
If we made the personal data public and are obliged to erase your personal data, we inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data
4.5 Right to restriction of processing:
You have the right to obtain from us restriction of processing if is obligatory according to Article 18 of GDPR.
4.6 Right to data portability
You have the right to receive the personal data concerning you, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us if is possible according to Article 20 of GDPR.
4.7 Right to complain:
You have the right to appeal to the Hungarian courts and to make a complaint to the Hungarian Supervisory Authority (Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.; https://www.naih.hu/panaszuegyintezes-rendje.html).
5. Measures and notification
5.1. Informing Data subjects
We communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with Article 16, Article 17(1) and Article 18 of GDPR to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. We also inform the data subject about those recipients if you request it.
5.2. Mode and deadline of notification
We provide information on action taken on a request under Articles 15 to 22 of GDPR to you without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. We inform you of any such extension within one month of receipt of the request, together with the reasons for the delay. Where you make the request by electronic form means, we provided the information by electronic means where possible, unless you request it otherwise.
If we do not take action on your request, we inform you without delay and at the latest within one month of receipt of the request of the reasons for not taking action and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy (see point 4.7.).
5.3. Monitoring
If we have reasonable doubts concerning the identity of the natural person making the request, we may request the provision of additional information necessary to confirm the identity of the data subject.
5.4. Costs of measures and notifications
We provide you information and take the necessary measures free of charge.
If your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested or we refuse to act on your requests.
6.Possible recipients
6.1 During the operation of our website
Our website’s hosting provider (data processor) can have access to the personal data you provide while using the website. The data processor’s data are the following:
Name: Bence Fedor
Connection: Service Provider
6.2 Social media
Our website has several social media profile so that if you „like” us on Facebook or „follow” us on Twitter, we may learn all the personal data which is public on your profile.
6.3 Accounting
The Hungarian national tax authority is entitled to learn all information concerning accounting.
Name: Nemzeti Adó- és Vámhivatal
Connection: https://www.nav.gov.hu/nav/kapcsolat
7. Cookies
7.1. Cookies in general
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
Cookies can be used by web servers to identify and track users as they navigate different pages on a website and identify users returning to a website.
7.2. Our cookies
The names of the cookies that we use on our website, and the purposes for which they are used, are set out below:
- Session cookies – required for the proper operation of the website and its various features
- Cookiebar – cookies related to the cookie consent script
- Google Analytics – cookies for Google’s web analytics tool
- Tawk.to – cookies for our chatbot
7.3. Blocking cookies
Most browsers allow you to refuse to accept cookies; for example:
- in Internet Explorer (version 11) you can block cookies using the cookie handling override settings available by clicking "Tools", "Internet Options", "Privacy" and then "Advanced";
- in Firefox (version 39) you can block all cookies by clicking "Tools", "Options", "Privacy", selecting "Use custom settings for history" from the drop-down menu, and unticking "Accept cookies from sites"; and
- in Chrome (version 44), you can block all cookies by accessing the "Customise and control" menu, and clicking "Settings", "Show advanced settings" and "Content settings", and then selecting "Block sites from setting any data" under the "Cookies" heading.
Blocking all cookies will have a negative impact upon the usability of many websites.
If you block cookies, you will not be able to use all the features on our website.
8. Other provisions
8.1. Processing for different purpose
If we intend to further process the personal data for a purpose other than that for which the personal data were collected, we provide the you prior to that further processing with information on that other purpose and with any relevant further information.
8.2. Data protection
We secure your personal information from unauthorized access, use or disclosure. We secure the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure.
8.3. Record of processing
To comply with section 30 of GDPR, we maintain a record of processing activities under our responsibility.
8.4. Data breaches
Data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. In case of data breach, we act according to section 33 and 34 of GDPR.
8.5. Changes to our Privacy Policy
We will occasionally update this Privacy Policy to reflect feedback. We encourage you to periodically review this Policy to be informed of how we are protecting your information.
Effective: May 24, 2018
Birouinfo Web Srl
Controller