DATA PROTECTION NOTICE
We consider the trust of our customers extremely important, respect, protect and ensure the protection of their personal data and their rights of self-determination to the maximum extent. We handle our customers' data transparently, in accordance with the laws in force at all times. We only collect and process personal data in accordance with the law.
We can send system messages at any time without special consent, but we only send marketing content newsletters if you have given permission for this. We handle and store the processed data in the most secure way possible, we only pass it on to third parties with the consent of the data owner and within the framework of our legal obligations.
Pursuant to Regulation (EU) 2016/679 of the European Parliament and the Council (General Data Protection Regulation, GDPR), which entered into force on May 25, 2018, our data management guidelines have changed as follows.
Name of the data controller: Invespa Kft.
Headquarters and mailing address: 1054 Budapest Aulich utca 5. fsz.
Website: www.costadelsol.hu
The Company does not employ a data protection officer.
GLOSSARY - INTERPRETATION OF TERMS USED IN THE REGULATIONS
Personal data: any information relating to the natural person with which the data subject can be directly or indirectly identified. Such data are, for example, name, telephone number, e-mail address, place and time of birth, online identifier, location data. A photo or audio recording is also considered personal data.
Data processing consent: the clear, voluntary and definite consent of the data subject, expressed after adequate information, to the full or detailed processing of personal data concerning him.
Data management: the set of operations that we perform with data in an automated or non-automated manner, such as collecting, recording, modifying, storing, transforming, viewing, using, deleting, forwarding, distributing or destroying data, in fact all operations that we do with data we finish
Data controller: the natural or legal person, organization without legal personality, or public authority, determines the purposes and tools of personal data management independently or together with others, makes decisions regarding data management and its tools, implements them, or has them implemented by an authorized data processor.
Data processor: the natural or legal person, organization without legal personality, or public authority or other body that acts on behalf of the data controller and processes the data in the manner and with the means determined by the data controller.
Data protection incident: a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data transmitted, stored or otherwise handled.
Data transfer: the operation when the data manager allows access to the recorded data to a third party, or the data is forwarded to a third party in some way. Data transfer is necessary when the operation serving as the legal basis for data management can only be performed with the involvement of a third party.
Third party: a natural or legal person, or an organization without legal personality, who is not the same as the data owner, data processor or data manager.
The Company manages the range of personal data indicated in the scope of persons involved in data management, the purpose and duration of data management
Profiling: the Company does not use profiling data management. The Company uses cookies on its website:
According to European Union regulations, we must ask for your consent to use cookies, also known as cookies.
What are "cookies"?
Cookies are small, harmless files that are stored by your computer or browser when you visit a website. Cookies do not store personal data, they do not damage your files, they only store information about visiting the website.
What do we use cookies for?
We use cookies to make the website work as efficiently as possible. Cookies help us to recognize returning users on the basis of the data it stores, so we can collect data on the behavior of our users. We collect information that shows which country our users are from, which browser they used to visit our website, which operating system they use, which pages they view on our website and which functions they use. Cookies do not collect data suitable for identifying a specific person.
These cookies are provided by Google and are used through the Google Adwords system. These cookies are only sent to the visitor's computer when certain subpages are visited, so we only store the fact and time of visiting the given subpage, no other.
I. Legal basis for data management
Data management is necessary for the fulfillment of the contract or based on legislation. The provision of data is voluntary, the data subject is not obliged to give his consent to the data management, but at the same time he acknowledges that, in the absence of providing the data, the Company cannot start or continue the business relationship with him.
II. The range of persons involved in data management, the purpose and duration of data management
The data management covers the data of all stakeholders - partners / customers / principals
The Company manages personal data solely for the purpose of providing the services and payments specified in the commission contract to the affected parties (data is limited to a specific purpose).
The website is operated by: Invespa Kft., H-1054 Budapest Aulich utca 5.
Hosting provider: Websupport Magyarország Kft., H-1119 Budapest, Fehérvári út 97-99.
The Company manages the following data:
IN THE CASE OF AN ASSIGNMENT CONTRACT FOR THE PURPOSE OF REAL ESTATE SALE / RENT:
Private person's family name and surname, birth name, place and time of birth, type and number of personal identification documents, residential address, place of residence in the case of a foreign citizen, mother's name, nationality, tax number, social security number, email address, telephone number, geographic number of the property concerned, company - name, e-mail address, telephone number of a private individual representing an entrepreneur, name and seat of the principal of an individual entrepreneur, ID number of an individual entrepreneur, e-mail address, phone number.
Purpose and reason for data management: creation and fulfillment of the contract, then long-term contact
Duration of data management: 8 years after completion of an ad hoc order (accounting retention)
IN CASE OF VIEWING THE PROPERTY:
Surname and surname, place and time of birth of the individual viewing the property,
address, e-mail address, telephone number, ID card number.
Purpose and reason for data management: by signing the property viewing declaration, the confirmation that the interested individual has seen and viewed the presented property with the assistance of Flott Invest.
Duration of data management: 5 years from the date of signing the declaration, or until revocation. In this case, the data management consent cannot be revoked within one year from the date of signing the declaration, citing the legitimate interests of the data controller.
IN THE CASE OF A MESSAGE SENT THROUGH THE WEBSITE:
Name, e-mail address, telephone number of individuals
Purpose and reason for data management: answering the question contained in the sent message, fulfilling the request.
Duration of data management: as long as the case management makes it necessary, or until withdrawal.
IN CASE OF REGISTRATION ON SOCIAL MEDIA SURFACES:
(facebook, youtube, instagram, pinterest) the voluntarily registered name and public profile picture of individuals who like the pages and are registered on them.
Purpose and reason for data management: provision of information and contact to all stakeholders who voluntarily registered on social media sites and "liked" the company's website, provision of information, contact.
Duration of data management: the data subject can find out about the source of the data, its management, the method of transfer and its legal basis on the given social media page. Data management takes place on social networking sites, so the duration and method of data management, as well as the options for deleting and modifying data, are governed by the regulations of the respective social networking site.
IN CASE OF A COMPLAINT OR REPORT:
Name, address, ID of the individual submitting the liability claim/complaint
the name and number of your identity cards.
- Purpose and reason for data management: assessment of the claim/complaint based on legal procedure.
- Duration of data management: 5 years from the sending of the answer
IN CASE OF ADMINISTRATION CONTINUED AS AUTHORIZED:
Personal data of authorized persons: name, address, name and number of identification cards of a person acting on behalf of and on behalf of the person concerned in a business-related matter
Purpose and reason for data management: management of the data subject's case based on voluntary consent.
Duration of data management: 5 years from the end of the case
Provision of the data is a condition for the provision of the service included in the contract by the Enterprise, in the absence of such provision, or in the event of a subsequent request for their deletion, the service cannot be used. Provision of other data is voluntary, withdrawal of consent to data management does not affect the legitimacy of previous data management.
III. Scope of data controllers
Employees/trustees of Invespa Kft. are considered persons entitled to data management.
IV. Data transmission, data processing
The Company transmits data in real estate matters (if the offer is accepted by the seller, to the lawyer editing the document). The Company also uses a data processor - an accountant to perform accounting tasks, and in some cases, a courier company if necessary.
V. Rights of data subjects related to data management
Right to information: at the request of the data subject, the data controller is obliged to provide information of an appropriate size, language, simple language and easy to find information about the essential aspects of data management (who, what, why, how, from where, for how long).
Right to access: the individual may request information on whether data processing is taking place concerning him and, if so, which data are being processed and how.
Right to rectification: the data subject can indicate that the processed data is inaccurate and can request that what be displayed instead.
Right to be forgotten: the data owner has the right to request the erasure of his personal data from the data controller, if the data controller is not prevented from deleting the data subject's data by other legal obligations, and the basis for data management has ceased, within a reasonable time limit, but not more than 25 days delete. If the data controller has allowed third parties access to the data they wish to delete, they must inform all those to whom they disclosed the relevant data to delete all references and personal data stored with them.
The right to restrict data processing: in certain cases, the person affected by the processing of personal data may request the processing of personal data to be restricted - for example, in an unclear, legal dispute situation, or when data processing is no longer necessary, but the data subject still wants it.
Right to data portability: the data subject can request to receive the data processed about him in a segmented, widely used, machine-readable format, and he is also entitled to transmit this data to another data controller without the original data controller hindering this.
Right to object: the data subject has the right to object at any time to the processing of his personal data for a specific reason, in cases where the data subject has not given his consent to the processing of his data, and this is not justified by the legal obligation of the data controller.
Right to withdraw consent: the data subject has the right to withdraw his consent at any time. Withdrawal of consent does not affect the legality of data processing based on consent prior to withdrawal.
The data subject may request the exercise of his rights related to his data by means of a statement addressed to the data controller orally, in writing, by postal address, e-mail address, website - preferably in the forum through which the data was lawfully sent to the data controller.
VI. Complaint handling and redress
If you have a complaint regarding the handling of your data, please contact us, preferably in writing, at the e-mail address info@flottinvest.hu. We will do our best to investigate your complaint as soon as possible, but within the maximum of 25 days available to us.
If you still have a complaint after this, or if you are not satisfied with our procedure, you can contact the court or the National Data Protection and Freedom of Information Authority at the following contact details:
Postal address: 15 Budapest, Pf:5.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.
Phone: +36 1 391 1400 Fax: +36 1 391 1410
Email: ugyfelszolgalat@naih.hu
URL: www.naih.hu
The circumstances and legal environment of data management may change, and the Company may decide at any time to supplement its ongoing data management with a new data management purpose, therefore it reserves the right to amend this Information Notice at any time. The information that is always current is available on the Enterprise tomorrow.
February 8, 2024