Data protection information

[vc_row][vc_column][vc_column_text]Privacy notice

a

www.liftoff.hu

website visitors and registered users.

TABLE OF CONTENTS

 

I.	GENERAL PROVISIONS
	1.1. Purpose of the Prospectus
	1.2. Scope of the Prospectus
	1.3. Contact details of the Guide
	1.4. Amendments to the Prospectus
	1.5. Governing legislation
	1.6. Definitions
	1.7. Genuineness and accuracy of personal data
	1.8. Data security
II.	CERTAIN DATA PROCESSING
	1) Data processing in connection with the Company's economic activities,
	2) Processing of data through the REGISTRATION, LOGIN, SUBSCRIPTION, SUBSCRIPTION menu of the Website,
	3) Processing of data by sending a "NEWSLETTER",
	4) data processing through the "CONTACT" section of the Website,
	5) the processing of personal data of contact persons of non-natural person business partners
	6) processing for billing purposes
III.	THE RIGHTS OF THE DATA SUBJECT
	3.1. Right to information
	3.2. Right of access
	3.3. Right to rectification and addition
	3.4 Right to erasure of personal data (right to be forgotten)
	3.5. Right to restriction of processing
	3.6. Right to object
	3.7 Right to data portability
	3.8. Right to lodge a complaint with a supervisory authority
	3.9 Right to an effective judicial remedy against the supervisory authority
	3.10. Right to an effective judicial remedy against the Company or the data processor
	3.11. Informing the Data Subject about the data breach
IV.	ASSERTING THE RIGHTS OF THE DATA SUBJECT, MAKING A REQUEST, CONTACTING THE COMPANY
V.	DATA PROCESSORS

 

 

 

 

1. GENERAL PROVISIONS

 

1.1. Purpose of the Prospectus

 

This privacy notice (hereinafter: Factsheet) aims to provide information on the MOMO Art and Service Company Limited Liability Company (head office: 1126 Budapest, Böszörményi út 18/A. 3. floor 1., Cg.: 01-06-738419, represented by Mónika Gyurity, managing director, tax number: 20919450-2-43, email address: info@liftoff.hu, website: www.liftoff.hu (Website), hereinafter referred to as: Company or Data Controller) on the data management practices followed and applied by the European Data Protection Supervisor.

 

1.2. Scope of the Prospectus

 

1.2.1. natural persons (hereinafter referred to as: Stakeholders) your personal data applies.

 

1.2.2. The Company's data management activities:

 

• Data processing in connection with the economic activities of the Company,
• Processing of data through the REGISTRATION, LOGIN, SUBSCRIPTION menu of the Website,
• Processing of data by sending a "NEWSLETTER",
• Data processing through the "CONTACT" section of the Website,
• the processing of personal data of contact persons of business partners who are not natural persons,
• processing for billing purposes

 

1.3. How to access the Guide

 

This Privacy Policy, in its current version, is available at all times at the Company's registered office as set out in Section 1.1 and at its premises at 4 Weiner Leo Street, 1066 Budapest, Hungary, in hard copy, and in electronic form on the Website under the "Privacy Policy" section.

 

1.4. Amendments to the Prospectus

 

The Company is entitled to amend the Prospectus unilaterally at any time, as necessary, without prior notice, with effect from the date of amendment. The Company shall inform the Data Subjects of the fact of the amendment using the contact details specified in Section 1.3.

 

1.5. Governing legislation

 

The data processing activities of the Company are governed by Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter: GDPR) shall prevail.

 

1.6. Definitions

 

Capitalised terms used in this Notice that are not specifically defined have the meaning given to them in the GDPR.

 

1.7. Genuineness and accuracy of personal data

 

The Data Subject is solely responsible for the truthfulness and accuracy of the personal data provided to the Company by any means. The Company shall not be liable for any omissions or any consequences resulting from the incorrectness of the data provided, and expressly excludes its liability in this respect.

 

1.8. Data security

 

The Company is committed to protecting the personal data of Data Subjects, and attaches great importance to respecting the right to informational self-determination of Data Subjects. The Company keeps personal data confidential and takes all security, technical and organisational measures to ensure the security of personal data.

 

1. SINGLE data processing

 

Details of each of the data processing activities carried out by the Company are set out in a separate table.

 

1. Data processing in connection with the economic activities of the Company

 

Data processing operations:	The Company operates the "Liftoff Coworking Office" (hereinafter referred to as: Office), which provides complex office services, including mailing address services (hereinafter referred to as: Services). A natural person using the Services (hereinafter: Contact) and the Company for the use of the Services (hereinafter: Treaty) is created. The processing of the Data Subject's personal data as set out in this table is indispensable for the conclusion and performance of this Contract. The Personal Data are provided by the Data Subject to the Company by filling in the Contract, which is a prerequisite for the conclusion of the Contract. Failure or incomplete provision of the data by the Data Subject shall result in the non-conclusion of the Contract between the Company and the Data Subject.
Scope of the data processed:	1. name
	2. place and date of birth
	3. mother's name at birth
	4. address
	5. telephone number
	6. email address
Purpose of the processing:	The creation and performance of the Contract between the Data Subject and the Company.
Legal basis for processing:	The processing is subject to the GDPR Article 6 (1) b) i.e. the processing is necessary for the establishment and performance of the Contract.
Duration of processing:	The Company will process the Data Subject's personal data during the contractual relationship, until the performance of the Contract and for a limited period of 5 years thereafter.
Rights of the Data Subject:	The rights set out in Chapter III of this Notice, except that the Data Subject shall not have the right to erasure and the right to object.
Enforcing the rights of the Data Subject:	According to Chapter IV of this Prospectus.

 

2. Processing of data through the REGISTRATION, LOGIN, SUBSCRIPTION menu of the Website

 

Data processing operations:	Under the REGISTRATION menu of the Website, the Data Subject creates an individual account by registering. During registration, the Data Subject provides the personal data set out in point 1. The Data Subject will receive an automatic confirmation of the registration by email. After registration, the Data Subject logs in to the individual account under LOGIN. When logging in, the Data Subject will provide again the personal data already provided during registration, as set out in point 2. After logging in, the Data Subject will book an appointment under the menu item BOOKING AN APPOINTMENT. The Data Subject will receive an automatic confirmation of the appointment booking by email.
Scope of the data processed:	1. Personal data provided during REGISTRATION:
	1. name2. email address 3. password 4. telephone number
	2. Personal data provided during the REGISTRATION process:
	1. email address2. password
	3. Personal data provided in the course of a DATE RECORD:
	1. date of booking
Purpose of the processing:	The purpose of the processing is the creation of an individual account, which is essential for booking an appointment. Registration, log-in and booking are pre-contractual steps or part of the performance of an existing contract.
Legal basis for processing:	Data processing under the GDPR Article 6 (1) b) i.e. the processing (registration, log-in, booking) is necessary to take steps at the request of the Data Subject prior to the conclusion of the contract or is necessary for the performance of a contract already concluded.
Duration of processing:	If no further logins are made by the Data Subject within a period of 5 years from the date of the Data Subject's registration, login or login and appointment booking (inactive period), the Company will delete the personal data on the day following the expiry of the 5-year inactive period. The period of processing is therefore a fixed period of time until the day after the 5-year inactive period.
Rights of the Data Subject:	The rights set out in Chapter III of this Notice, except that the Data Subject shall not have the right to erasure and the right to object.
Enforcing the rights of the Data Subject:	According to Chapter IV of this Prospectus.

 

3. Processing of data by sending a "NEWSLETTER"

(sending direct marketing and advertising enquiries)

 

Data processing operations:	Act XLVIII of 2008 on the Basic Conditions and Certain Restrictions of Economic Advertising Activities (hereinafter: Grtv.), the Company shall communicate advertising to the Data Subject as the recipient of the advertising by means of direct solicitation, in particular by electronic mail (hereinafter: Newsletter), if the Data Subject requests it and gives his or her prior, explicit and express consent.
Scope of the data processed:	1. name2. email address
Purpose of the processing:	Sending direct marketing and marketing enquiries by electronic mail (email) containing advertising content promoting the Company and its Services and informing about current offers.
Legal basis for processing:	The processing is subject to the GDPR Article 6 (1) a) on the legal basis set out in point (a), i.e. on the basis of the Data Subject's consent.
	Withdrawal of consent:The Data Subject has the right to withdraw his or her consent at any time. However, the withdrawal of consent shall not affect the lawfulness of the processing based on consent prior to its withdrawal. The Data Subject may withdraw consent by clicking on the "Unsubscribe" link in the Newsletter or by sending a free text request in writing to one of the Company's contact details specified in Chapter IV of this Policy. The withdrawal of consent shall become effective upon the Company's acknowledgement of the withdrawal.
Duration of processing:	The processing lasts until consent is withdrawn. Withdrawal of consent may be effected by unsubscribing from the Newsletter or by a free text request no later than 24 hours after the Company becomes aware of it.
Rights of the Data Subject:	The rights under Chapter III of this Notice.
Enforcing the rights of the Data Subject:	According to Chapter IV of this Prospectus.

 

4. Data processing through the "CONTACT" menu item

(Handling of inquiries to the Company)

 

Data processing operations:	Under the "CONTACT" menu, the Data Subject has the possibility to send an electronic message to the Company to contact/maintain contact. The Data Subject is the sender of the request.
Scope of personal data processed:	1. name2. email address Note 3
Purpose of the processing:	Dealing with enquiries received by the Company, answering questions, managing business activities, providing services, contacting/maintaining contact with the Company.
Legal basis for processing:	The processing is subject to the Article 6(1)(b) or (f) GDPR If the contact/maintenance is related to the conclusion of a contract between the Company and the Data Subject, the legal basis for the processing is Article 6 (1) (b) of the GDPR, i.e. the processing is necessary for the Company to be able to fulfil its obligations arising from the contract. Where the contact/maintenance is related to a purpose other than the above, the legal basis for processing is Article 6(1)(f) of the GDPR, i.e. processing is necessary for the purposes of the Company's legitimate interest in being able to contact the Data Subject for any other purpose.
Duration of processing:	The Company will store requests for 12 months from the date of receipt and then delete them, except for pending requests, which will be deleted 12 months after the case has been resolved.
Rights of the Data Subject:	The rights under Chapter III of this Notice, except that the Data Subject shall not have the right to erasure and the right to object in the case of a legal basis under Article 6(1)(b) of the GDPR, or the right to data portability in the case of a legal basis under Article 6(1)(f) of the GDPR.
Enforcing the rights of the Data Subject:	According to Chapter IV of this Prospectus.

 

5. A non-natural person isprocessing of personal data of business partners' contact persons

 

Description of the processing	The Company stores the data of its non-natural person business partners on paper and in an electronic database. The data of the business partner shall include the contact details of the natural person of the business partner (hereinafter: Contact) and contact details (phone number, email address). The Data Subject is the contact person of the business partner.
The personal data processed:	1. name2. telephone number 3. email address
Purpose of the processing:	The Company has a contractual relationship with its business partners. The purpose of the processing of the Data Subject's personal data is to take pre-contractual steps with business partners, to establish the contract, to perform the contract concluded, to manage the related administration, to maintain contact, to enforce any claims of the Company through the Data Subject towards the business partner.
Legal basis for processing:	The processing is subject to the Article 6(1)(f) GDPR i.e. the processing is necessary for the Company's legitimate interest to maintain contact with the business partner and to fulfil its obligations arising from the contract, which is only possible through the Data Subject designated by the business partner. The potentially protected right of the Data Subject may, on the other hand, be his right to privacy, but this right is outweighed by the Company's right and legitimate business interest to have the contract between the Company and the business partner performed. The Data Subject's right to privacy will not be infringed as it is highly likely that the contact details provided by the business partner will be provided to the Company. The protection of the right to privacy is further counterbalanced by the obligation of the Data Subject to fulfil his/her professional duties and to act in the interest of the business partner. The Company has carried out a balancing of interests test in relation to the above and has concluded that its processing under this point is lawful.
Duration of processing:	The Company will process the data of the business partner during the contractual relationship, until the performance of the contract and for a limited period of 5 years thereafter. Accordingly, the Data Subject's personal data will also be kept for the period specified above and for as long as the Data Subject has a legal relationship with the business partner.
Rights of the Data Subject:	The rights under Chapter III of this Notice, except that the Data Subject does not have the right to data portability.
Enforcing the rights of the Data Subject:	According to Chapter IV of this Prospectus.

 

6. Processing for billing purposes

 

Data processing operations:	In the case of an invoice issued to the Data Subject, the Company shall carry out data processing. The processing for invoicing purposes is closely related to the processing related to the establishment and performance of the Contract and is part of it, but on a different legal basis.
The personal data processed:	Pursuant to § 169 and § 202 of Act CXXVII of 2017 on Value Added Tax:
	1. name
	2. address
	Based on § 167 of Act C of 2000 on Accounting:
	1. name
	2. address
Purpose of the processing:	Issuing invoices, keeping them, meeting tax and accounting obligations.
Legal basis for processing:	The processing is subject to the GDPR Article 6(1)(c) i.e. the processing is necessary to comply with a legal obligation (statutory tax and accounting obligations) to which the Company is subject.
Duration of processing:	The issued invoice as an accounting document shall be kept until the deadline pursuant to Section 169 of Act C of 2000 on Accounting (currently 8 years), until 31 December 2017 pursuant to Section 47 (3) and Section 164 of Act XCII of 2003 on the Rules of Taxation (old Act), and after 1 January 2018 until the tax statute of limitations pursuant to Section 78 (3) and Section 202 of Act CL of 2017 on the Rules of Taxation (new Act).
Rights of the Data Subject:	The rights under Chapter III of this Notice, except that the Data Subject shall not have the right to erasure, objection and data portability.
Enforcing the rights of the Data Subject:	According to Chapter IV of this Prospectus.

 

III. DATA SUBJECT'S RIGHTS

 

The Data Subject has the following rights in relation to the above processing.

 

3.1. Right to information

 

The Data Subject has the right to be informed of the facts relating to the processing of his or her personal data processed by the Company before the processing starts. In view of the fact that the Data Subject provides the Company with his or her personal data, the Company complies with its obligation to provide information pursuant to Article 13 of the GDPR by means of this Notice.

 

3.2.     Right of access (Article 15 GDPR)

 

The Data Subject has the right to request at any time information about the exact personal data processed by the Company. Upon request, the Company will also provide information on the purposes, legal basis, duration of the processing of the Data Subject's personal data, as well as on who is receiving or has received his/her data and for what purposes (including in particular recipients in third countries and international organisations, where applicable). The Data Subject is entitled to be informed at any time that he/she has the right to request the Company to rectify, erase or restrict the processing of personal data concerning him/her and to object to the processing of such personal data. The Data Subject shall at any time have the right to be informed that he or she may lodge a complaint with a supervisory authority. In the event that data is obtained by the Company from a source other than the Data Subject, the Data Subject may at any time request information about the source of the data(s). Where the Company transfers personal data to a third country or an international organisation, the Company will also inform the Data Subject of the appropriate safeguards for the transfer in accordance with Article 46 of the GDPR.

 

The Company shall provide the Data Subject with a first copy of the personal data processed free of charge. The Company may charge a reasonable fee for additional copies, based on administrative costs and proportionate to the volume of data, the amount of which shall be communicated to the Data Subject in advance. Where the Data Subject has submitted a request for information/access by electronic means, the Company shall provide the information to the Data Subject in a commonly used electronic format, unless the Data Subject requests otherwise. The right to request a copy shall not adversely affect the rights and freedoms of others.

 

3.3.     Right to rectify, supplement or amend (Article 16 GDPR)

 

The Data Subject has the right to request the Company to correct inaccurate or erroneously recorded personal data. If the data is incomplete, taking into account the purpose of the processing, the Data Subject may request that it be completed. If the data requested to be corrected or completed is data contained in an official identity and address document or other public register, the correction or completion shall also require the presentation of this document.

 

3.4. Right to erasure of personal data ("right to be forgotten") (Article 17 GDPR)

 

The Data Subject may at any time request the Company to erase his or her personal data, which the Company is obliged to comply with if one of the following grounds applies:

1. the personal data are no longer necessary for the purposes for which they were collected or otherwise processed by the Company;
2. the Data Subject has withdrawn the consent on which the processing is based and there is no other legal basis for the processing;
3. the Data Subject objects to the Company's processing based on the public interest or legitimate interest pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or objects to processing for direct marketing purposes pursuant to Article 21(2) of the GDPR;
4. the personal data were unlawfully processed by the Company;
5. personal data must be erased in order to comply with a legal obligation under Union or Member State law applicable to the Company;
6. the personal data were collected in connection with the provision of information society services referred to in Article 8(1) of the GDPR.

 

If the Company has disclosed the personal data and is obliged to delete it, it will take all reasonable steps to inform the other controllers of the obligation to delete the data.

 

You do not have to delete the data if the processing is necessary:

1. to exercise the right to freedom of expression and information;
2. to comply with an obligation under the law applicable to the Company (e.g. tax and accounting obligations) that requires the processing of personal data, or to carry out a task carried out in the public interest or in the exercise of official authority vested in the Company;
3. on grounds of public interest in the field of public health pursuant to Article 9(2)(h) and (i) and Article 9(3) of the GDPR;
4. for archiving purposes in the public interest, scientific and historical research purposes or statistical purposes in accordance with Article 89(1) of the GDPR, where the right of erasure would be likely to render such processing impossible or seriously jeopardise it; or
5. to bring, enforce or defend legal claims.

 

3.5. Right to restriction of processing (Article 18 GDPR)

 

The Data Subject may request the Company to restrict the processing of certain of his or her personal data if one of the following conditions is met:

1. the Data Subject contests the accuracy of the personal data, in which case the restriction applies for the period of time that allows the Company to verify the accuracy of the personal data;
2. the processing is unlawful and the Data Subject opposes the erasure of the data and requests instead the restriction of their use;
3. the Company no longer needs the personal data for the purposes of processing, but the Data Subject requires them for the establishment, exercise or defence of legal claims;
4. the Data Subject has objected to the processing on the basis of Article 21(1) of the GDPR and time is necessary to assess whether there are overriding legitimate grounds for the processing. In such a case, the restriction shall apply for the period until it is established whether there is an overriding legitimate ground for processing, i.e. whether the Company's legitimate grounds for retaining and processing the data override the Data Subject's legitimate grounds for deleting the data.

 

During the period of restriction, the data will be just store, it does not carry out any other processing operations, except(i) where the Data Subject consents to further processing, or (ii) where the processing is necessary for the establishment, exercise or defence of legal claims, or (iii) where it is necessary for the protection of the rights of another natural or legal person, or (iv) where the processing is necessary for an important public interest of the Union or of a Member State.

 

In the event of restriction of processing, the Company shall inform the Data Subject in advance of the lifting of the restriction in the form and manner in which the Data Subject has requested the restriction of processing.

 

The Company shall inform any recipient to whom or with which it has disclosed the personal data of the rectification, erasure or restriction of processing requested by the Data Subject and carried out by the Company, unless this proves impossible or involves a disproportionate effort. Upon the Data Subject's request, the Company shall inform the Data Subject of the identity of the recipients to whom it has communicated the data as set out above.

 

3.6. Protestthe right to (Article 21 GDPR)

 

The Data Subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of his or her personal data on grounds of public interest or necessary for the purposes of the legitimate interests pursued by the Company or a third party (Article 6(1)(e) and (f) GDPR), including profiling based on the aforementioned provisions. In such a case, the Company may no longer process the personal data unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of legal claims.

 

The Data Subject has the right to object at any time to the processing of personal data concerning the Data Subject for the purposes of direct marketing, including profiling (if used by the Company, but duly informed), where it is related to direct marketing. In case of objection, the personal data will no longer be processed by the Company for direct marketing purposes.

 

In the case of processing for statistical purposes, the Data Subject has the right to object, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her for such purposes, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

 

3.7 Right to data portability (Article 20 GDPR)

 

In view of the fact that the Company also stores the Data Subject's data in an electronic database, the Data Subject has the right to receive the personal data concerning him/her provided to the Company in a structured, commonly used, machine-readable format and to transmit such data to another controller without the Company's hindrance. The right to data portability applies to Data Subjects whose processing is based on their consent (Article 6(1)(a) or 9(2)(a) GDPR) or on the performance of a contract (Article 6(1)(b) GDPR). Where the Data Subject requests the direct transfer of personal data between controllers, the Company will indicate whether this is technically feasible.

 

3.8. Right to lodge a complaint with a supervisory authority (Article 77 GDPR)

 

Without prejudice to any other administrative or judicial remedies, the Data Subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement, if the Data Subject considers that the processing of personal data relating to him or her infringes the provisions of the GDPR.

In Hungary the supervisory authority is the Hungarian National Authority for Data Protection and Freedom of Information (1024 Budapest, Szilágyi Erzsébet fasor 22/C., e-mail: ugyfelszolgalat@naih.hu, +36-1-3911400, President: dr. Attila Péterfalvi, www.naih.hu).

 

The supervisory authority with which the Data Subject has lodged the complaint is obliged to inform the Data Subject as a customer of the procedural developments concerning the complaint and its outcome, including the right of the Data Subject to seek judicial remedy under Article 78 of the GDPR.

 

3.9 Right to an effective judicial remedy against the supervisory authority (Article 78 GDPR)

 

Without prejudice to other administrative or non-judicial remedies, the Data Subject shall have the right to an effective judicial remedy against a legally binding decision of the supervisory authority (in Hungary, the National Authority for Data Protection and Freedom of Information) concerning him or her. Without prejudice to any other administrative or non-judicial remedies, the Data Subject shall have the right to an effective judicial remedy if the supervisory authority competent pursuant to Articles 55 or 56 of the GDPR does not deal with the complaint or does not inform the Data Subject within three months of the procedural developments concerning the complaint lodged pursuant to Article 77 or of the outcome of the complaint. Proceedings against the supervisory authority must be brought before the courts of the Member State where the supervisory authority is established (in Hungary, the Administrative and Labour Court of Budapest has jurisdiction and competence to bring proceedings against the National Authority for Data Protection and Freedom of Information).

 

3.10.     The right to an effective judicial remedy against the Company or the data processor (Article 79 GDPR)

 

Without prejudice to the available administrative or non-judicial remedies, including the right to lodge a complaint with a supervisory authority under point 4.8, the Data Subject has the right to bring a legal action before a court if he or she considers that the Company has not processed his or her personal data in accordance with the GDPR and has therefore infringed his or her rights under the GDPR.

 

The proceedings must be brought before the courts of the Member State where the Company is established, i.e. Hungary. Proceedings may also be brought before the courts of the Member State of the Data Subject's habitual residence (if different from Hungary).

 

3.11. The Contact information about the data breach (Article 34 GDPR)

 

If the personal data breach is likely to result in a high risk to the rights and freedoms of the Data Subject, the Company will inform the Data Subject of the personal data breach without undue delay. Such notification shall clearly and prominently describe the nature of the personal data breach and shall include at least the following information and measures:

1. the name and contact details of the Data Protection Officer or other contact person who can provide further information;
2. explain the likely consequences of the data breach;
3. describe the measures taken or envisaged by the controller to remedy the personal data breach, including, where appropriate, measures to mitigate any adverse consequences of the personal data breach.

 

The Data Subject need not be informed of a personal data breach if any of the following conditions are met:

1. the Company has implemented appropriate technical and organisational protection measures and these measures have been applied to the data affected by the personal data breach, in particular measures such as the use of encryption, which render the data unintelligible to persons not authorised to access the personal data;
2. the Company has taken additional measures following the personal data breach to ensure that the high risk to the rights and freedoms of the data subject is no longer likely to materialise;
3. information would require a disproportionate effort.

 

In the above cases, the Data Subject shall be informed by means of publicly disclosed information or by means of a similar measure which ensures that the Data Subject is informed in a similarly effective manner.

 

1. ENFORCE THE RIGHTS OF THE DATA SUBJECT,

PRESENTING YOUR APPLICATION, CONTACTING THE COMPANY

 

4.1 The Company requests that the Data Subject, in the event of asserting his or her rights, send his or her request, if possible, i) in writing by post, ii) in person to the Company's registered office or iii) by e-mail to the Company's e-mail address.

 

company name:                  MOMO Art and Service Company Limited Liability Company

head office: 1126 Budapest, Böszörményi út 18/A. 3. floor 1.

Cg.: 01-06-738419

represented by: Mónika Gyurity, Managing Director

Tax number: 20919450-2-43

email address:              info@liftoff.hu

Website:                   www.liftoff.hu

telephone: + 36 30 625 8709

 

4.2 If there is any doubt about the identity of the Data Subject or if the data provided are insufficient for identification, the Company is entitled to request from the Data Subject additional identification data necessary and appropriate to confirm the identity.

 

4.3 If the person making the request cannot prove his/her identity beyond reasonable doubt and thus cannot be identified, the Company may refuse to process the request.

 

4.4 The Company shall inform the Data Subject of the measures taken in response to the request without undue delay, but in any event within one month of receipt of the request. If necessary, taking into account the complexity of the request and the number of requests, this time limit may be extended by a further two months. The Company shall inform the Data Subject of the extension of the time limit within one month of receipt of the request, stating the reasons for the delay.

 

4.5 If the Data Subject has submitted the request electronically, the information shall be provided electronically where possible, unless the Data Subject requests otherwise.

 

4.6 If the Company fails to take action on the Data Subject's request, it shall inform the Data Subject without delay, but no later than one month from the date of receipt of the request, of the reasons for the failure to take action and of the possibility for the Data Subject to lodge a complaint with a supervisory authority and exercise his/her right to judicial remedy.

 

4.7 The Company shall provide the information pursuant to Articles 13 and 14 of the GDPR and the information and action pursuant to Articles 15 to 22 and 34 free of charge. If a request is manifestly unfounded or excessive, in particular because of its repetitive nature, taking into account the administrative costs of providing the requested information or information or of taking the requested action, the Company shall:

 

1. a) charge a reasonable fee; or
2. (b) refuse to act on the request.

 

1. DATA PROCESSORS

 

The Company uses the following data processor:

 

Rackforest Informatikai Kereskedelmi Szolgáltató és Tanácsadó Korlátolt Felelősségű Társaság (registered office: 1132 Budapest, Victor Hugo u. 18-22., tax number: 14671858-2-41, represented by Atiyeh Nabil, Managing Director, phone: + 36 70 362 4785, email: info@rackforest.com), which provides server services to the Company.

 

Budapest, 1 September 2019.[/vc_column_text][vc_column_text css=”.vc_custom_1559557399503{padding-top: 40px !important;}”]

If you would like to request information about the processing of data you have previously provided, please contact us using the form below:

 

 

[contact-form-7 id="2385″ title="data controller"][/vc_column_text][/vc_column][/vc_row]