Privacy Policy

Data Protection Statement

A. GENERAL

The protection of your personal data and compliance with the appropriate legal obligations, including the EU Data Protection Regulation (GDPR), is of paramount importance to us. The processing of personal data always takes place with due regard to the GDPR and in accordance with national data protection provisions. Through this data protection statement, we would like to inform you about the content and purpose of the personal data collected and processed by us. In addition, we inform you (as the data subject) through this data protection statement about the rights to which you are entitled.

TrimagineLabs Kft., as data controller, has implemented comprehensive technical and organizational measures to ensure reliable protection of data processed within the framework of the website. Nevertheless, weak points may theoretically arise during data transmission between your device and our server, particularly if you communicate with our server from a device to which others also have access. If you have doubts regarding security, you may also obtain information in other ways, for example by telephone or in person at any of our representative offices.

B. DEFINITIONS

The basis of this data protection statement is provided by the provisions of the GDPR and the concepts defined therein. It is important to us that our data protection statement be easily readable and comprehensible for visitors as well as customers and business partners. To this end, you can read below a brief explanation of the concepts used in the data protection statement:

  1. Personal data

Personal data means any information relating to an identifiable natural person.

  1. Data subject

A data subject is any identifiable natural person whose personal data is processed by a responsible company.

  1. Data controller

The data controller is the company that collects the data of the data subject and decides on the purposes and means of data processing.

  1. Data processor

The data processor is the natural person or company whom the data controller involves in the data processing process.

  1. Recipient

The recipient is a natural or legal person or public authority to whom or to which personal data are disclosed.

  1. Third party

A third party is a natural or legal person or public authority which processes personal data on behalf of the data controller or data processor.

  1. Data processing

Data processing means every process carried out in connection with personal data, which extends from the recording of data, through their storage, to the restriction or deletion of data.

  1. Restriction of processing

Restriction of processing means the reduction of the use of personal data.

  1. Consent

Consent means any statement given by which the person concerned declares that they agree to the processing of personal data concerning them.

  1. Withdrawal

By withdrawal, the person concerned withdraws from the data controller the right to carry out data processing on the basis of their consent.

C. DATA CONTROLLER

TrimagineLabs Kft. qualifies as data controller within the meaning of Article 4(7) of the GDPR for the following websites:

  • trimaginelabs.com
  • ubercabinets.com
  • e-asztalos.hu
  • easztalos.hu

TrimagineLabs Kft. provides the electronic data processing programs and services necessary for conducting contract conclusion, and also processes the data of TrimagineLabs Kft.'s customers and suppliers.

Data processing agreements exist between certain companies of TrimagineLabs Kft. and TrimagineLabs Kft. within the meaning of Article 26 of the EU GDPR, which TrimagineLabs Kft. defines as the starting point for the data protection legal interests of data subjects.

You may contact TrimagineLabs Kft. through the following communication channels: by post:

Seller: TrimagineLabs Kft.

Address: 2220 Vecsés, Budai Nagy Antal utca 114.

by telephone: +36307488890

by e-mail: compliance@e-asztalos.hu

D. RECORDING OF DATA / VISITING THE WEBSITES

When visiting our websites, with each opening of the given website, numerous data and information are recorded, which are stored in the server log files. In this way, the following data, among others, are recorded:

  • the type and version of the browser,
  • the operating system of your computer,
  • the website from which you arrived at our site,
  • the pages opened on our web server,
  • the date and time of your visit,
  • your IP address,
  • your internet service provider.

During the use of such anonymously collected information, our company is theoretically unable to draw conclusions regarding the data subject. However, these data are absolutely necessary for the appropriate delivery of the content of our websites and their optimal display, as well as to be able to provide the necessary information to the authorities in the event of a hacker attack. The processing of these data therefore takes place on the part of our company, on the one hand statistically, and on the other hand in the form of technical measures to ensure data protection and the information security of this processing and your data.

E. PURPOSE OF DATA PROCESSING / LEGAL BASES

1. Conducting contract conclusion including opening an online customer account

When registering as a customer or supplier on any of our websites, and for the purpose of processing the associated purchase and service contract claims (delivery, settlement, warranty, etc.) and their processing, the following data are collected and processed:

  • company name, and the surname and first name of the contact person (and, where applicable, managers and owners)
  • community tax number and operating license number
  • address (street, postal code, locality)
  • e-mail address
  • telephone number

In addition, to create a customer account on our website, it is necessary to provide a password freely chosen by you, which is saved as login data together with your e-mail address.

The legal basis for the processing of these data is the contract concluded between you and our company, as well as the fulfilment of related legal obligations (e.g.: tax law requirements). If you do not provide the necessary data, the conclusion of the purchase or service contract and the opening of a customer account are not possible. In the case of a purchase or service contract concluded with our company, you can view your orders on our website and in the e-mail confirming the order.

In addition, within the framework of the delivery process, your contact and address data are processed in an automated manner and, if necessary, are also transmitted to freight forwarders and, in the case of occasional direct deliveries, to our suppliers as auxiliaries used in performance.

2. Settlement, creditworthiness check & debt collection

For the settlement of purchases made through the website and the secure processing of payment, your personal data are transferred to SimplePay / OTP Mobil Kft., with which we have concluded a data processing contract.

Furthermore, during registration as a customer, the data provided by you are occasionally compared with the data of Opten Kft.'s credit information services for the purpose of checking your creditworthiness and within the framework of data processing contracts.

The legal basis for this is our company's legitimate economic interest in checking the financial situation of a potential business partner before developing a binding offer.

3. Customer service, direct marketing & newsletter

  1. As our customer, we also use the data provided by you during registration or lawfully obtained from third parties (in particular from address providers) to contact you, to inform you about new products or services, or to provide you with other information of interest to you (for customer service and direct advertising purposes). Contact and communication may also take place through instant messaging services. This includes the transmission of your name and telephone number to instant messaging services such as WhatsApp Inc. Furthermore, in certain cases, we also transmit your contact details to suppliers and manufacturers so that they can make their collections available to you free of charge. The legal basis for this is our company's legitimate economic interest in guaranteeing the long-term satisfaction of our customers and maintaining the relationship with them. We draw your attention to the fact that you may object to such contact at any time without giving reasons, for which it is necessary to contact the data controller (point C). Your general rights relating to data processing are contained in point I.
  2. In addition, as a customer, you have the opportunity on our company to subscribe to our newsletter independently and free of charge on the above-mentioned websites by providing the following data:
    • surname and first name
    • company name
    • e-mail address

The legal basis for the processing of these data is your voluntary consent given by ticking the relevant checkbox. You may withdraw this consent at any time by clicking on the unsubscribe link in the newsletter and by unsubscribing from the newsletter on the webpage that opens subsequently.

4. Registration as a supplier & other contact requests

On our websites, we provide potential suppliers and all visitors with the opportunity to contact us. To this end, we collect the following personal data through web forms:

  • company name or the name or surname and first name of a contact person
  • address
  • tax number
  • e-mail address
  • telephone number

The legal basis for this is our company's legitimate economic interest in communicating with potential suppliers and general enquirers. We draw your attention to the fact that you, as a potential customer, may object to such contact initiated by our company at any time without giving reasons in writing by letter sent to the e-mail address compliance@e-asztalos.hu, or as a general enquirer when contacting the data controller (point C).

F. DATA TRANSFER

1. To partners necessary for our operation

Our company may transfer personal data to one or more data processors, e.g. IT service providers, which also use the personal data exclusively for internal purposes determined by the data controller. We have concluded contracts with all data processors in question which guarantee that these service providers also comply with the provisions of the GDPR. Requests for legal enforcement submitted by data subjects to us are also transferred to the recipients of the data for the purpose of their enforcement pursuant to Article 19 of the GDPR, so that your rights are also enforced there.

With regard to the operation of our websites – including online stores and sending newsletters – we receive support from, among others, the following external service providers (data processors): Számlázz.hu Kft., OTP Mobil Kft. – as we wrote above – are connected to the purposes and security measures outlined in this data protection statement through written data processing contracts concluded with our company. At the request of the data subject, our company provides precise information on the circle of data processors processing the data subject's data.

2. Further recipients

Within the framework of the contractual relationship and in particular in connection with our performance obligation, your personal data may also be further transferred (as described above, possibly to carriers, insurance companies and insurance agents, experts, reviewers, lawyers, etc.). At your request, we will provide you with precise information about the transfer of your data or about our performance auxiliaries.

3. Can your data be transferred to another (non-EU) country?

  1. Yes, if the European Commission has deemed the third country concerned to have an adequate level of data protection or other adequate data protection safeguards are available (e.g. binding corporate data protection rules or the EU standard data protection clause).
  2. Your express consent is required for the transfer of data to a third country (Article 49(1)(a) GDPR). We hereby inform you of the possible risks of the planned data transfer and the lack of adequate data protection guarantees. On our websites, we use various cookies and similar technologies ("cookies"), with the help of which personal data are also processed by us and sometimes by third-party service providers. These third-party service providers include Google LLC, which has its registered seat in the United States and processes the data there. The USA has not received an adequate data protection classification from the European Court of Justice, so there is a particular risk that your data will be used by United States authorities for control and supervisory purposes and no legal remedy is available against this. Before using cookies and transferring your data to these companies, we therefore request your express consent (Article 6(1)(a) GDPR, compared with Article 49(1)(a) GDPR), during which we inform you in detail about the proper handling of data (in particular with regard to their purpose, the category of data and the duration of storage). You will find information about individual cookies in the "change cookie settings" section. You may modify your consent for the future at any time by customizing your preferences in the "change cookie settings" section of our website. In addition, we would like to draw your attention to the fact that our company is working to provide (further) adequate guarantees pursuant to Article 46 of the GDPR as an alternative legal basis for these data transfers.

G. DATA SECURITY

We secure our websites and other systems against loss of your data by unauthorized persons, access to them, their modification and distribution through technical and organizational measures. We operate our data centers in accordance with current security standards, which include firewall and intrusion detection technologies as well as comprehensive physical controls and access restrictions. At the application level, we use modern authentication methods for user and administrator rights, just as we use daily backup of all data and their external archiving.

H. DURATION OF STORAGE

Our company processes and stores the personal data of data subjects only for the period necessary to achieve the intended storage purpose or prescribed by law.

If the purpose or legal basis of data processing ceases, we restrict or delete your personal data in accordance with the law according to our usual processes.

I. RIGHTS OF THE DATA SUBJECT

The comprehensive rights of data subjects within the meaning of the GDPR relate to the processing of personal data. For your information, you can read below a list of these rights:

  1. Right to prior information

The data subject must be informed, prior to the commencement of data processing or promptly after its commencement at the latest, of the basic information prescribed by law and related to data processing (purpose of data processing, legal basis, duration of data retention, etc.).

  1. Right of access

Every data subject has the right to receive feedback from our company as to whether it processes their personal data. If so, they receive information from us about the purpose of data processing, the categories of data processed and who has access to their data, the duration of data processing or the criteria for determining it, and their further data subject rights (points 3-9).

  1. Right to rectification

Every data subject has the right to request the immediate rectification or completion of inaccurate personal data concerning them.

  1. Right to erasure

Every data subject has the right to request the erasure of personal data concerning them from the data controller if:

  • the purposes of data processing have ceased,
  • data processing is unlawful because, for example, its legal basis no longer exists (expired contract, withdrawn consent),
  • the data subject has withdrawn their consent, or
  • the data subject objects to the data processing.

  1. Right to restriction of processing

According to this, data may only be stored; other data processing is only possible with the consent of the data subject or for the purpose of submitting a legal claim. The data subject is entitled to have the data controller restrict processing at their request if:

  • the data subject contests the accuracy of the data;
  • the data processing is unlawful and the data subject requests restriction instead of erasure of the data;
  • the data controller no longer needs the personal data, but the data subject requests their restriction for the submission, enforcement or protection of legal claims.

  1. Right to data portability

Every data subject has the right to receive the personal data provided by them personally in a structured, commonly used and machine-readable format, or to have them transmitted through the data controller to another data controller without hindrance, if the data processing is based on consent or contract and takes place in electronic form.

  1. Right to object

Every person affected by the processing of personal data has the right to object to the processing of personal data concerning them based on legitimate interest. In the event of an objection, our company shall cease further processing of personal data, unless we have compelling grounds for continuing data processing, and these grounds outweigh the interests, rights and privileges of the data subject, or serve the assertion, exercise or defense of legal claims.

  1. Right to withdraw consent

Every data subject has the right to withdraw their consent to the processing of personal data at any time.

  1. Right to lodge a complaint with the supervisory authority

Pursuant to Article 77 of the GDPR, you have the right to lodge a complaint with the competent supervisory authority if you believe that the processing of personal data concerning you violates the provisions of the GDPR.

Contact details of the data protection authority:

National Authority for Data Protection and Freedom of Information

Address: 1055 Budapest, Falk Miksa utca 9-11.

E-mail: ugyfelszolgalat@naih.hu

Mailing address: 1363 Budapest, P.O. Box: 9.

J. FURTHER DATA PROCESSING/TECHNOLOGIES WITHIN THE FRAMEWORK OF THE WEBSITES

The collection of your personal data takes place, on the one hand, when you expressly authorize our company to do so, and on the other hand, the recording of data, in particular technical data, takes place automatically when visiting our company's websites. Part of this data is collected to ensure the smooth operation of the websites. Other data serve analytical purposes. You can basically use the websites without having to provide personal data.

You can find further information about this and the technologies used by our company on the websites here:

About cookies

Cookies are small text files stored on your computer, tablet or smartphone when visiting a website with your browser. These files do not cause damage and serve only to identify the website visitor. The next time you visit our website with the same device, the information stored in the cookies is later returned either to our website ("first party cookie") or to another website to which the cookie belongs ("third party cookie").

You can set your browser so that cookie storage is generally prohibited, or you receive a question each time as to whether you consent to the creation of cookies. You can delete cookies at any time after their creation. The method for this can be found in your browser's help. The explanation for Firefox, Microsoft Internet Explorer and Google Chrome browsers can be found at this link: chrome://settings/cookies.

Necessary

Technically necessary cookies are used to ensure the technical operation of the website, so the website will be functional for you. The use is based on our legitimate interest in ensuring a technically smooth website. However, you can generally disable cookies in your browser.

Cookies and local storage

We use cookies to make our website as comfortable and functional as possible for you. Some of these cookies are stored on the device you use to access the site.

Cookies are small data packets that are exchanged between your browser and our web server whenever you visit our website. They do not cause damage and serve exclusively to identify website visitors and for security reasons. Cookies can only store information provided by your browser, e.g. information that you entered in your browser or that is accessible on the website. Cookies cannot execute code and cannot be used to access the terminal device.

When you next access our website with the same device, the information stored in cookies can either be sent back to us ("first party cookie") or to a third party's web application to which the cookie belongs ("third party cookie"). The stored and returned information enables individual web applications to recognize that you have already accessed and visited the website with the device's browser.

Cookies contain the following information:

  • Cookie name
  • Name of the server from which the cookie originates
  • Cookie identification number
  • Expiry date after which the cookie is automatically deleted

We classify cookies into the following categories based on their purpose and function:

  • Technically necessary cookies to ensure the technical operation and basic functions of our website. We use this type of cookies, for example, to maintain your settings while you browse our website; or they can ensure the preservation of important information during the session (e.g. login, shopping cart).
  • Statistical cookies, the purpose of which is to understand how visitors interact with our website, collect and analyze information only anonymously. In this way, we gain valuable insights for optimizing the website as well as our products and services.
  • Marketing cookies that provide targeted promotional and marketing activities for users on our website.
  • Unclassified cookies are cookies that we are trying to classify together with individual cookie providers. Depending on the storage period, we also divide cookies into session and persistent cookies. Session cookies store information that you use during the current browsing session. These cookies are automatically deleted when the browser is closed. No information remains on the device. Persistent cookies store information between two visits to the website. Based on this information, we recognize you as a returning visitor on the next visit, and the website responds accordingly. The lifetime of a persistent cookie is determined by the cookie provider.

The legal basis for the use of technically necessary cookies is our technically error-free operation of our website and Article 6(1)(f) of the GDPR. Your consent is required for the use of statistical and marketing cookies under Article 6(1)(a) of the GDPR. You may withdraw your consent to the future use of cookies at any time pursuant to Article 7(3) of the GDPR. Your consent is voluntary. If you do not give consent, no disadvantage arises from it. For further information about the cookies we actually use (specifically their purpose and lifetime), please refer to this Privacy Policy and the information about the cookies we use in our cookie banner.

You can also set your web browser so that it generally does not store cookies on your device or asks you each time you visit the site whether you accept the use of cookies. Already stored cookies can be deleted at any time. You can find the method for this in your browser's Help.

We would like to draw your attention to the fact that the general deactivation of cookies leads to operational restrictions on our website.

We also use so-called local storage functions (also known as "local data") on our website. This means that data is stored locally in the browser cache, which continues to exist and remains readable even after the browser is closed – as long as you do not delete the cache or the data is stored in the session storage.

Third parties cannot access data stored in local storage. If specific plug-ins or tools use local storage functions, the description of the respective plug-in or tool provides information about this.

If you do not want plug-ins or tools to use local storage functions, you can regulate this in the appropriate browser settings. We would like to draw attention to the fact that this may result in functional limitations.

Meta Pixel

Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, e-mail: privacy@facebook.com

Parent company: Meta Platforms, Inc, 1601 Willow Road, Menlo Park, CA 94025, USA

Purpose: Web analytics, tracking (conversion)

Category: Marketing

Recipient of data processing: EU, USA

Data processed:

Visitor data (e.g. IP address, location data), behavioral data (e.g. clicks, visit duration, conversion data), device data (e.g. browser type, operating system), e-commerce data (e.g. order ID, product information)

Scope of data subjects: Website visitors

Technology: JavaScript, cookies (details in cookie list), tracking codes (tracking pixel)

Legal basis: Consent (according to purpose)

Certificates: EU-U.S. Data Privacy Framework, Swiss-U.S. Data Privacy Framework, UK Extension to the EU-U.S. Data Privacy Framework

Website: https://www.facebook.com/business/tools/meta-pixel

Further information:

  • https://www.facebook.com/privacy/policy/
  • https://www.facebook.com/legal/terms

We use the Meta Pixel service, which is part of the Facebook social network, on our website to analyze, optimize and operate our online offer economically.

With the help of Meta Pixel, Meta is able to determine who visits our website as a target group for displaying personalized advertisements. Accordingly, we use Meta Pixel to display our advertisements exclusively to those users who have already shown interest in our online offer or have certain characteristics (e.g. interest in certain topics or products, which we determine based on the websites visited), which we transmit to Meta as so-called "custom audiences".

With the help of Meta Pixel, we also want to ensure that our Meta advertisements correspond to users' interests and are not disruptive. In addition, Meta Pixel enables us to measure the effectiveness of Meta advertisements for statistical and market research purposes, for example to determine whether users reached our website by clicking on a Meta advertisement (so-called "conversion").

Users' activities are stored by one or more cookies. These cookies enable Meta to link user data (e.g. IP address, user ID) with Facebook account data. The data collected in this way are processed anonymously, are not visible to us, and can only be used for advertising purposes. Users can prevent this linking by logging out of their Facebook account before performing any activity.

Users can configure the types of advertisements displayed on Facebook on the page created by Meta for this purpose at the following link:

https://www.facebook.com/settings?tab=ads

The settings are platform-independent, meaning they apply to all devices, whether desktop computers or mobile devices.

Further details can be found at the links provided above. We recommend checking them regularly, as Meta may update its services and privacy policies from time to time. More information about rights and contact options can be found in the general section of our data protection statement.

Google Analytics

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, e-mail: support-de@google.com

Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Purpose: Web analytics, performance measurement, conversion tracking, collection of statistical data Category: Statistics

Recipient of data processing: EU, USA

Data processed: IP address, website visit details, user data

Scope of data subjects: Website visitors

Technology: JavaScript call, cookies (details in cookie list), fingerprint-based identification, local storage Legal basis: Consent (according to purpose)

Certificates: EU-U.S. Data Privacy Framework, Swiss-U.S. Data Privacy Framework, UK Extension to the EU-U.S. Data Privacy Framework

Further information:

  • https://policies.google.com/privacy
  • https://safety.google/intl/de/principles/
  • https://business.safety.google/adsprocessorterms/
  • Data center locations: https://www.google.com/about/datacenters/locations/

We use the functions of the Google Analytics web analytics service on our website to analyze user behavior and optimize our website. With the help of reports provided by Google, we analyze the performance of our website and the effectiveness of our campaigns.

Google Analytics uses cookies that enable us to analyze the use of the website. Cookie details (name, purpose, storage duration) can be found in the cookie list published by us.

Google Analytics may also use local storage. This is an alternative to cookies for storing the client ID, which enables user behavior to be tracked without setting cookies.

Information such as browser type/version, operating system, pages visited, hostname of the accessing computer (IP address), time of server request is usually transmitted to and stored on one of Google's servers. For this purpose, we have concluded a contract with Google.

Google analyzes this data on our behalf, prepares reports on website activities, and provides other services related to website and internet use.

We use Google Analytics with IP anonymization by default. This means that Google shortens the user's IP address within member states of the European Union or in other contracting states of the European Economic Area. Only in exceptional cases is the full IP address transmitted to one of Google's servers in the USA, where it is shortened. According to Google's information, the IP address transmitted within the framework of Google Analytics is not merged with other Google data.

During a website visit, data recording takes place in the form of the following events:

  • Page views, user's click path
  • First visit to the website
  • Pages visited
  • Session start
  • Interaction with the website
  • User behavior (e.g. clicks, scrolling, duration, bounce rate)
  • File downloads
  • Viewed/clicked advertisements
  • Video interactions
  • Internal search queries

Furthermore, the following are recorded:

  • Approximate geographic location (region)
  • Date and time of visit
  • IP address (in shortened form)
  • Technical information about the browser or devices used (e.g. language setting, screen resolution)
  • Internet service provider
  • Referrer URL (the website or advertising source from which the visitor arrived)

It is important to note that Google may also process this data for its own purposes, such as profiling – over which we have no influence.

We immediately delete website usage data upon expiry of the retention period set by us. Google Analytics sets a default retention period of 2 months for user and event data, up to a maximum of 14 months. This also applies to conversion data. Further available setting options (only for Google Analytics 360): 26, 38, or 50 months. We always choose the shortest duration appropriate to the purpose. You can request the currently set retention period from us at any time.

Expired data is automatically deleted monthly.

Further details are available at the links above. We recommend checking them regularly, as Google Analytics features and privacy policies may be updated from time to time. Further information about rights and contact can be found in the general section of our data protection statement.

Google Fonts

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA), https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active

Purpose: Integration of fonts

Category: Statistics Recipients: EU, USA (possibly)

Data processed: IP address, language settings, screen resolution, browser version and name

Data subjects: Website visitors

Technology: JavaScript Call

Legal basis: Consent-voluntary consent, Data Privacy Framework Website: www.google.com

Further information: https://developers.google.com/fonts/faq https://policies.google.com/privacy https://www.google.com/about/datacenters/inside/locations/

For the consistent display of fonts, our website uses web fonts provided by Google.

To display web fonts, the browser you are using must connect to a Google server. This informs Google that our website has been accessed from your IP address. Google also saves the IP address of the browser of the device used to access our website. If your browser does not support Web Fonts, a standard font will be displayed on your device. With each retrieval of Google Fonts, your IP address is automatically transmitted to one of Google's servers, along with additional information such as your language settings, display resolution, and your browser's name and version. From the collected usage data, Google can determine the popularity of individual fonts. Google publishes these results on its internal analytics pages (e.g. on Google Analytics).

Thanks to Google Fonts, we can use fonts on our website without having to upload them to our server. Google Fonts is an important element for maintaining the excellent quality of our website. All Google fonts are automatically optimized for the Internet. This reduces data traffic and is particularly advantageous for use on mobile devices. When visiting our website, the small file size enables faster loading. In addition, Google Fonts fonts are secure web fonts supported by all major browsers.

Google stores CSS requests to devices on its servers for one day. This enables us to use the fonts with the help of a Google stylesheet. Google stores the font files for one year. To delete the data prematurely, contact Google customer service (https://support.google.com).

Google Maps

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA)

Purpose: Integration of map services

Category: Statistics

Recipients: EU, USA

Data processed: IP address, website visit data, user data

Data subjects: Users

Technology: JavaScript Call, cookies

Legal basis: Consent-voluntary consent, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active

Website: https://www.google.com

Further information:

https://policies.google.com/privacy

https://safety.google/intl/en/principles/

https://business.safety.google/adsprocessorterms/

The exact location of Google's data centers can be found here: https://www.google.com/about/datacenters/inside/locations/

Our website uses the Google Maps service for better display of geographic information about locations to users.

Google Maps is an online map service that makes geographic information readable through a terminal device. Among other things, it can be used to display directions or integrate map sections of a location into a website.

When Google Maps is called up, the browser establishes a connection to Google's servers. From this, Google knows that our website was accessed from the user's IP address. By using Google Maps, Google can collect and process data on the use of the service.

To provide this service, Google processes, among other things, the search terms entered and the latitude and longitude coordinates according to IP address. When using the Google Maps route planner function, the specified starting address is also saved. This data processing, which is beyond our control, is carried out exclusively by Google.

We would like to point out that when running this service, Google sets a cookie called NID on your device. Without this cookie, Google Maps does not currently enable us to use this service. The NID cookie contains information about user behavior, which Google uses to optimize its own services and display personalized advertisements.

In the server logs, Google anonymizes the data by deleting part of the IP address and deleting cookie information after 9 and 18 months, respectively.

Location and activity data are retained for 3 or 18 months and then deleted. Users can also manually delete their history at any time through a Google account. To completely prevent tracking of their location, the user must disable the "Web and app activity" option in their Google account.

Google Marketing Platform / Google Ad Manager

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA)

Purpose: Display of personalized advertisements, conversion tracking, remarketing, measurement of campaign performance

Category: Marketing

Recipients: EU, USA

Data processed: IP address, website visit details, user data

Data subjects: Users

Technology: JavaScript Call, cookies Legal basis: Consent-voluntary consent, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active

Website: https://www.google.com

Further information:

https://policies.google.com/privacy

https://safety.google/intl/de/principles/

https://business.safety.google/adsprocessorterms/

The exact location of Google's data centers can be found here: https://www.google.com/about/datacenters/inside/locations/

On this website, we use the Google Ads service to advertise our products and services. Google Ads is Google's internal online advertising system.

It is important for us to know whether an interested visitor ultimately becomes our customer. This measurement is made possible by so-called conversion tracking. We also want to be able to reach our visitors again later in a targeted manner. We achieve this through so-called remarketing (retargeting).

Google Ads serves both conversion tracking and remarketing, meaning we see what happens after someone clicks on one of our advertisements. Cookies are used for this service to work, and in some cases visitors are added to marketing lists so that we only target them with certain advertising campaigns.

This is done with a pseudonymous identification number (pID), which is received by the user's browser associated with the user. Through the pID, the service recognizes which advertisements have already been displayed to a user and which of these they opened. From this data, Google can identify the websites visited by the user so that it can display advertisements across multiple websites.

Our goal is to target visitors with our website's offer through the use of Google Ads who are genuinely interested in it. With data from conversion tracking, we can measure the benefits of individual advertising measures and optimize our website for our visitors. Conversion can be measured using cookies.

Google transmits the formed information to a server located in the USA for evaluation and stores it there. Google only transmits data to third parties due to legal regulations or within the framework of outsourced data processing. Google does not in any case combine a user's data with other data collected by Google.

Google reCAPTCHA

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA)

Purpose: Protection against abuse, prevention of spam messages

Category: Technically necessary

Recipients: EU, USA

Data processed: IP address, website visit data

Data subjects: User

Technology: JavaScript Call, cookies, local storage

Legal basis: Legitimate interest, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active

Website: https://www.google.com

Further information:

https://policies.google.com/privacy

https://developers.google.com/recaptcha/

https://policies.google.com/privacy

https://safety.google/intl/en/principles/

https://business.safety.google/adsprocessorterms/

The exact location of Google's data centers can be found here: https://www.google.com/about/datacenters/locations/

On our website, we use the Google reCAPTCHA service to prevent abuse by non-human visitors (bots) and unsolicited messages (spam).

When reCAPTCHA starts, the browser establishes a connection to Google's servers. From this, Google knows that our website was accessed from the user's IP address.

reCAPTCHA serves to check whether the data is being entered on our website by a person or an automated program. For this purpose, reCAPTCHA analyzes the user's behavior based on various characteristics. The analysis starts automatically as soon as the user opens our website. For the analysis, reCAPTCHA evaluates various information.

To our knowledge, Google processes the following data:

  • the address of the page from which the visitor arrived
  • IP address
  • Information about the operating system
  • Cookies
  • Mouse and keyboard use
  • Date and language settings
  • All JavaScript objects
  • Screen resolution

The data collected during the analysis is transmitted to Google, who uses it. The reCAPTCHA analyses run entirely in the background.

Google uses cookies to process the service. These cookies need a unique identifier for tracking. According to Google's statement, it does not combine the IP address with data from other Google services, unless the user is logged into their Google account while using the reCAPTCHA plug-in. In addition, reCAPTCHA also uses local storage on the user's device to store data.

Google Tag Manager

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA)

Purpose: Launcher tools and plugins

Category: Technically necessary

Recipients: EU, USA (possibly)

Data processed: IP address

Data subjects: User

Technology: JavaScript Call

Legal basis: Legitimate interest, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active

Website:

https://www.google.com

Further information:

https://policies.google.com/privacy

https://safety.google/intl/en/principles/

https://business.safety.google/adsprocessorterms/

The exact location of Google's data centers can be found here: https://www.google.com/about/datacenters/locations/

Our website also uses the Google Tag Manager service.

The Tag Manager service enables us to manage the tags of our website through one interface. In this way, we can place code snippets, such as tracking codes or conversion pixels, on websites without disrupting the source code. In this process, Tag Manager only forwards the data but does not collect or store it. Tag Manager itself is a cookie-free domain that does not process personal data, as it serves exclusively to manage other services of our online offer.

When Google Tag Manager starts, the browser establishes a connection to Google's servers. These servers are primarily located in the USA, and through them Google learns that our website was accessed from a user's IP address.

Tag Manager ensures the management of other tags, which can collect data. However, Tag Manager does not access this data. In the event of deactivation at the domain or cookie level, it will remain in effect for all tracking tags placed with Tag Manager.

Hosting service

When storing our website, we store all data related to its operation. This is indispensable for our website to function. The legal basis for the processing of this data is accordingly our legitimate interest in optimizing our website, in accordance with Article 6(1)(f) of the GDPR. In order to provide access to our website, we use the services of hosting providers, to whom we transmit this data within the framework of outsourced data processing, in accordance with Article 28 of the GDPR.

Contact

On our website, we offer various opportunities to contact us. When you contact us, we use the data you provide to process and handle your inquiry in the performance of pre-contractual rights and obligations. In order to handle and answer your question, it is necessary for us to process your data; otherwise, we cannot, or can only partially, answer your inquiry.

We may also store your data in a customer and interested party database, invoking our legitimate interest – for direct business acquisition purposes.

We delete your inquiry and contact details when we have definitively answered your question and there is no legally prescribed retention obligation for further storage of this data (e.g. in the case of a subsequent contractual relationship). This generally occurs when no further contact takes place between you and us for three consecutive years.

Microsoft Advertising

Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

Purpose: Analysis of users, conversion measurement

Category: Statistics

Recipient: USA

Data processed: IP address, website visit data

Data subjects: Users

Technology: JavaScript call, cookies

Legal basis: Consent-voluntary consent, EU-U.S. Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active

Website:

https://microsoft.com/

Further information:

https://privacy.microsoft.com/en-us/

https://learn.microsoft.com/en-us/compliance/regulatory/offering-eu-model-clauses https://help.ads.microsoft.com/#apex/3/en/53056/2 Opt-out option: https://account.microsoft.com/privacy/ad-settings/signedout

We use the Microsoft Advertising (formerly Bing Ads) service to analyze and optimize the economical operation of our website.

Microsoft Advertising places cookies on users' devices that analyze the behavior of our website's users. This assumes that the user arrived at our website through an advertisement from Microsoft Advertising. This provides us with information about how many users in total clicked on such an advertisement, were redirected to our site, and previously visited a specific target page (so-called "conversion measurement"). We do not save IP addresses or disclose personal data about the identity of our users.

Microsoft operates its own servers worldwide. Most of them are located in the USA. Microsoft stores the data for as long as necessary to provide its services or products or for legal purposes.

Server log files

For technical reasons, in particular to ensure a functional and secure website, we also process technically necessary data related to accessing our website in so-called server log files, which your browser automatically sends to us.

The access data we process includes the following:

  • The name of the website currently being visited
  • The type (and version) of browser you are using
  • The operating system you are using
  • The page visited before accessing our website (referrer URL)
  • The time of your request to the server
  • The amount of data transmitted
  • The host name (IP address) of the computer used to access the page

This data cannot be traced back to a natural person and is used exclusively for conducting statistical analyses, as well as for operating, developing, optimizing and maintaining the security of our website. We only transmit this data to our website operator. We do not link or combine the data with other data sources. In the event of suspected unlawful use of our website, we reserve the right to retrospectively examine the data. The legal basis for this data processing is our legitimate interest in maintaining a technically error-free and optimal website, in accordance with Article 6(1)(f) of the GDPR.

The access data is deleted shortly after it has achieved its purpose (usually within a few days), unless it needs to be stored for evidentiary purposes. In such cases, the data is retained until the final resolution of the incident.

SSL encryption

When visiting our website, we apply the widely used SSL procedure (Secure Socket Layer), together with the highest level of encryption supported by your browser. You can determine whether a specific page of our website is transmitted in encrypted form from the "closed" appearance of the key or lock symbol in the lower status bar of your browser. The legal basis for the use of this encryption procedure is our legitimate interest in using appropriate encryption techniques, in accordance with Article 6(1)(f) of the GDPR.

In addition, we also apply appropriate technical and organizational security measures, in accordance with Article 32 of the GDPR, to protect your data against accidental or intentional manipulation, partial or total loss, destruction, or unauthorized access by third parties. We continuously develop our security measures in line with technological developments and keep them up to date.

Vimeo

Provider: Vimeo.com, Inc, 330 West 34th Street New York, New York 10001, USA, Representative in the EU: RA Robert Niedermeier, DATA BUSINESS SERVICES GmbH & Co KG-Germany.

Purpose: Integration of video content, collection of statistical data

Category: Statistics

Recipient: USA

Data processed: IP address, website visit details, user data

Data subjects: Users

Technology: JavaScript Call, cookies

Legal basis: Consent-voluntary consent

Website: https://www.vimeo.com

Further information:

https://vimeo.com/privacy

ATTENTION! Within the framework of this service, data transfer to the USA takes place, or this cannot be excluded. We would like to draw your attention to the fact that on July 10, 2023, the European Commission adopted an adequacy decision regarding the EU-U.S. Data Privacy Framework (Data Privacy Framework). Accordingly, U.S. organizations or companies (as data importers) that have been registered on a public list within the framework of the Data Privacy Framework's self-certification option provide an adequate level of protection for data transfer. You can find information about whether the given provider of this service has already been certified here:

https://www.dataprivacyframework.gov/s/participant-search

Videos from the Vimeo platform can also be found on our website.

If you open pages of our online offer that have the Vimeo plugin, a connection is established with Vimeo's servers and the plugin appears. This transmits your IP address and data about the web pages you visited to Vimeo's server. In addition, Vimeo also stores information about which website the user uses the Vimeo service on and what actions they perform on our website. These actions include, among other things, the session duration, the bounce rate, or which button on the website with the embedded Vimeo function the user clicked. Vimeo can track and store these activities through the use of cookies and similar technologies.

If you are logged in as a Vimeo member during this process, Vimeo also associates this information with your personal user account. When using the plugin, for example if you click on a button that starts a video, this information is also associated with your user account. To prevent this association, log out of your Vimeo account before using our website.

Vimeo uses this information to develop its own service and to communicate with users to determine its targeted advertising measures.

Vimeo stores the data until there is no longer an economic interest in storing it.

Youtube

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA)

Purpose: Integration of video content, collection of statistical data

Category: Statistics

Recipients: EU, USA

Data processed: IP address, website visit data, user data

Data subjects: Users

Technology: JavaScript Call, cookies, device fingerprinting, local storage

Legal basis: Consent-voluntary consent, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active

Website: https://www.youtube.com

Further information:

https://www.youtube.com/intl/ALL_at/howyoutubeworks/user-settings/privacy/ https://policies.google.com/privacy https://safety.google/intl/en/principles/ https://support.google.com/youtube/answer/10364219?hl=en

We use the YouTube service to embed videos on our website.

We have activated enhanced privacy mode on YouTube. According to YouTube's statement, in this mode YouTube does not save information about visitors to our website before they view a video. However, enhanced privacy mode does not exclude the disclosure of data to YouTube partners.

When starting a YouTube video, a connection is established with YouTube's servers. This informs YouTube about the pages you visited. If you are logged into your YouTube account, you enable YouTube to directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your account.

After starting a video, YouTube may also place various cookies on your terminal device or use similar technologies (e.g. device fingerprinting). YouTube also uses local storage of your terminal device. Through this, YouTube obtains information about visitors to this website. This information serves, among other things, to collect statistics about videos, improve user experience and prevent fraud attempts.

K. TOPICALITY OF THE DATA PROTECTION STATEMENT, INFORMATION

As a result of further developments and on the basis of changed legal provisions, it may be necessary to modify the data protection statement from time to time. You can view and print the current data protection statement at any time on this page.

If you have any further questions regarding the collection, processing or use of your personal data by our company, please feel free to contact us at the following e-mail address: compliance@e-asztalos.hu

Data Processing Policy

Effective: from November 1, 2025 until revocation