Data Management Statement

1.1 Preamble

The scope of the Data Management Statement (information) covers the system available at the domain addresses listed in the footer, as well as the legal relationships of applications and networks connected to it. The current Document has been placed in the footer of the current Website, is available in several languages, is effective from the specified date and is valid until revoked. By using the Website, especially when placing an order, and by explicitly marking the relevant field, the User accepts that all regulations related to the use of the Website automatically apply to him. 

If the User accesses the Website Operated by the Company or uses related applications, reads their contents in any way, the User acknowledges that the contents of the Document are binding on him/her. The operator is entitled to unilaterally modify the content of the Document, which is not retroactive.

1.2 Data managers, operators

1.2.1 Hungarian motorway vignette Enternova Kft. (Company) sells driving rights (highway stickers) on toll road networks in Hungary in this system. As a result, everything related to the sale of highway stickers for the Hungarian road network is to be associated with the responsibility and authority of Enternova Kft. Hungarian road user fees must be handled separately from services related to the non-Hungarian toll road network, regardless of the fact that these separate services can be used here in the same system.

  • Enternova Kft. cannot be held responsible in the event that a legal dispute arises from the sale of non-Hungarian motorway vignette.
  • Enternova Kft. disclaims all liability arising from the sale of non-Hungarian highway stickers.

Data of Enternova Kft.:

  • 2116 Zsámbok Hunyadi Street 1.
  • Tax number: 24892955-2-13
  • Company registration number: 13 09 186967

Enternova Kft. can be reached through the support ticket system from the contact menu and the footer. When the given support ticket is opened, its content, if it falls under the jurisdiction of Enternova Kft., is automatically directed to it for processing.

1.2.2 Non-Hungarian motorway vignette

In this system, Network Line Ltd. (Company) sells driving rights (motorway stickers) on toll road networks not located in Hungary. As a result, everything related to the sale of highway stickers for the non-Hungarian road network is to be associated with the responsibility and authority of Network Line Ltd. Non-Hungarian road user fees must be managed separately from services related to the Hungarian toll road network, regardless of the fact that these separate services can be used here in the same system.

  • Network Line Ltd. cannot be held responsible in the event that a legal dispute arises from the sale of motorway vignette in Hungary.
  • Network Line Ltd. disclaims all liability arising from the sale of Hungarian highway stickers.

Data of Network Line Ltd.:

  • Hova Villas 1
  • BN3 3DH
  • Brighton & Hove
  • Tax number: 22013 28802

Network Line Ltd can be reached via the support ticket system from the contact menu and footer. When a given support ticket is opened, its content, if it falls under the jurisdiction of Network Line Ltd., is automatically directed to it for processing. 

1.2.4 Additional data controllers

Stripe Payment Processor
Cloudflare CDN Network
Kboss.hu Billing
SMS Processor
Google
APP Store IOS

1.3 Concept definitions

  • Website: an open system accessible through the domain addresses in the footer and the associated applications.
  • GDPR (General Data Protection Regulation): the new Data Protection Regulation of the European Union.
  • Data management: any operation or set of operations performed on personal data or data files in an automated or non-automated manner, such as the collection, recording, organization, segmentation, storage, conversion, or changing, querying, viewing, using, communicating, transmitting, distributing, or otherwise making available, coordinating, or connecting, limiting, deleting, or destroying.
  • Data manager, data processor: the natural or legal person, agency or any other body that manages personal data on behalf of the data manager and the purposes and means of personal data management independently or with others defines together. If the purposes and means of data management are determined by EU or member state law, the data controller or the special aspects regarding the designation of the data controller may also be defined by EU or member state law.
  • Operators, Companies: operators and owners of the Website.
  • Personal data: any information relating to an identified or identifiable natural person (data subject). A natural person can be identified directly or indirectly, in particular on the basis of an identifier such as a name, number, location data, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person identifiable.
  • Consent of the data subject: a voluntary, specific, and clear declaration of the will of the data subject based on adequate information, with which the data subject indicates by means of a statement or an unmistakable act of confirmation that he gives his consent to the for the express processing of personal data concerning.
  • Data protection incident: a breach of security which is the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data transmitted, stored or otherwise handled results in access.
  • Third party: the natural or legal person, agency or any other body that is not the same as the data subject, the data controller, the data processor or the persons who are the data controller or were authorized to handle personal data under the direct control of the data processor.
  • User: visitors, users, customers (affected persons) of the Website.

1.4 Guidelines for data management and processing

The Data Controller declares that it processes personal data in accordance with the provisions of the current data management information and complies with the provisions of the relevant legislation, in particular with regard to the following:

  • Personal data must be handled legally and fairly, as well as in a transparent manner for the concerned User.
  • Personal data may only be collected for specific, clear and lawful purposes.
  • The purpose of processing personal data must be appropriate and relevant, and can only be to the extent necessary.
  • Personal data must be accurate and up-to-date. Inaccurate personal data must be deleted immediately.
  • Personal data must be stored in such a way that it allows the identification of the data subjects only for the necessary time. Personal data may be stored for a longer period of time only if the storage is for the purpose of archiving in the public interest or for statistical purposes.
  • The processing of personal data must be carried out in such a way that adequate security of personal data is ensured by applying appropriate technical or organizational measures, including protection against unauthorized or illegal processing, accidental loss, destruction or damage of data.
  • The principles of data protection must be applied to all information relating to identified or identifiable natural persons.
  • 1.5 The processed data and their legal basis

    The legal basis for data management is based on the consent of the data subject and the law below. Electronic commerce services and services related to the information society are some EU regulations on issues provide additional information.

    When visiting the Website, certain parameters of the visitors are automatically recorded.

    These logging parameters can be the following for the given User, depending on what the Website's program code can identify from them:

    • Entry time of visits, time spent on the website, activities performed during that time, exit time.
    • The visitor's browser type, resolution, language, operating system, computer device type.
    • Visitor IP address.

    The purpose of handling this data is quality assurance and website statistics. The duration of this data management: 5 years, unless the User provides otherwise.

    1.6 Managed data on the Website

    The scope of the processed data, the personal name, e-mail address, telephone number, billing name, billing address, tax number, vehicle registration number, country of origin (region) provided by the User. In the case of insurance matters, other personal data that are essential for the conclusion of the given insurance. These managed data are processed based on the Data Management Regulations of the given (Third Party) insurance company.

    The purpose of data management is: full use of the Website, creation of a contract for purchase, determination of its content, monitoring of its performance, invoicing of the resulting fees, and enforcement of related claims.

    In the case of the user's separate consent, the Website can process specific personal data of the User, for example for the purpose of sending newsletters or other direct marketing messages.

    1.6.1 Duration of data management, deadline for deleting data

    At the request of the data subject, the processed data must be deleted within 48 hours based on point 1.7, in other cases point 1.5 is applied. In the case of accounting receipts, the accounting receipts must be kept according to the decree of the Act on Accounting, which is also considered as the mandatory retention period for the data contained therein.

    1.7 Important data management information, data deletion request

    The duration of data management always depends on the specific user purpose. As an affected person, the User may object to the processing of his personal data. The User may request the deletion of the data ahead of time, if he can prove that he is entitled to have the data deleted. The request for data deletion can be submitted in writing, through the website's support ticket system. The Data Controller may request additional identification data if it is not clear that the person entitled to it is really requesting the deletion of the data.

    1.8 Newsletter, DM activity

    The operator declares that, based on the published information and descriptions, he fully complies with the relevant legal provisions. Pursuant to the Act on the Basic Conditions and Certain Limitations of Economic Advertising Activities, the User may expressly consent in advance to the Operator contacting him with his advertising offers and other mailings at the contact details provided, and to processing his personal data for the purpose of sending advertising offers. Scope of processed data: personal name, email address, phone number, date.

    Legal basis for data management: The User may unsubscribe from the sending of offers without limitation or justification. You can unsubscribe from the newsletter by clicking the "unsubscribe" link at the bottom of the sent newsletters, which may last until you subscribe again.

    The advertiser, the advertising service provider, and the advertiser of the advertisement keep a record of the personal data of the persons who gave the declaration of consent within the scope specified in the consent. The data recorded in this register, relating to the recipient of the advertisement, can only be handled in accordance with the provisions of the declaration of consent and until it is revoked.

    1.9 Rights related to data management

    The data subject can request information from the data controller about the management of his personal data, and can request the correction, deletion or blocking of his personal data. If the User has any questions about his/her processed data or requests information about his/her data, he/she can do so via the website's support ticket system. The legal basis for data transmission is the User's consent, as well as the European Union regulations on certain issues of electronic commerce services and services related to the information society.

    The data controller is obliged to plan and implement the data management operations in such a way as to ensure the protection of the privacy of the data subjects. As part of the data controller's or activity's scope, the data processor is obliged to ensure the security of the data, and is also obliged to take the technical and organizational measures and establish the procedural rules that are necessary to enforce the relevant regulations and other data and confidentiality rules.

    The data must be protected by appropriate measures, in particular against unauthorized access, modification, transmission, disclosure, deletion or destruction, as well as against accidental destruction and damage, as well as against becoming inaccessible due to changes in the technology used. In order to protect the data files managed electronically in the various registers, it is necessary to ensure that the data stored in the registers cannot be directly linked and assigned to the data subject, unless the law provides otherwise.

    During the automated processing of personal data, the data manager and the data processor ensure with additional measures:

    • Prevention of unauthorized data entry.
    • Preventing the use of automatic data processing systems by unauthorized persons using data transmission equipment.
    • The verifiability and ascertainability of which bodies the personal data has been or may be transmitted using data transmission equipment.
    • The verifiability and ascertainability of which personal data was entered into automatic data processing systems, when and by whom.
    • Restorability of the installed systems in the event of a malfunction and that a report is prepared on errors occurring during automated processing.

    When defining and applying measures for data security, the data manager and data processor must take into account the state of the art at all times. Among several possible data management solutions, the one that ensures a higher level of protection of personal data must be chosen, unless it would represent a disproportionate difficulty for the data controller.

    In order to verify the legality of the data transmission and to inform the data subject, the data controller maintains several automatic log records, which as a whole contain and make traceable the date of transmission of the personal data managed by it, the legal basis and recipient of the data transmission, the definition of the scope of the personal data transmitted, and the data processing requirements other data defined by law.

    If the data controller does not comply with the data subject's request for correction, blocking or deletion, within 30 days of receiving the request, the data controller shall notify the factual and legal reasons for rejecting the request for correction, blocking or deletion in writing. If the request for correction, deletion or blocking is rejected, the data controller will inform the data subject about the legal remedies.

    The data subject has the right to receive the personal data concerning him/her that he/she has made available to the data controller. The data subject has the right not to be covered by the scope of a decision based solely on automated data management that would have an adverse legal effect on him, unless this decision is necessary for the conclusion or performance of the contract between the data subject and the data controller as permitted by EU law, in addition to the establishment of appropriate protection measures, or the person concerned has expressly consented to this.

    2.1 Final Provisions

    The data provided by the User are stored by servers. Only operating staff have access to the data, and they are all responsible for the safe handling of the data.

    If you discover an error or omission in the current information, please notify us of this fact immediately. Our employees will do their best to handle the smallest User or visitor conflict and, if necessary, supplement or amend the current Data Management Statement.

    2.2 Rights related to data management

    • The right to request information:
      You can request information from us via the support ticket system about which of your data, on what legal basis, for what data management purpose, from what source and for how long. Upon your request, we will send information to the e-mail address provided in the request within 30 days at most.
    • The right to correction:
      You can ask us to change some of your data via the support ticket system. Upon your request, we will take care of this within 30 days at the most, and we will send information to the e-mail address provided in the request.
    • The right to deletion:
      You can ask us to delete your data via the support ticket system. At your request, we will do this within a maximum of 30 days, and we will send information to the e-mail address provided in the request.
    • The right to block:
      You can ask us to block your data via the support ticket system. The blocking lasts as long as the reason indicated by you makes it necessary to store the data. At your request, we will do this within a maximum of 30 days, and we will send information to the e-mail address provided in the request.
    • The right to object:
      You can object to data processing via the support ticket system. We will examine the objection within a maximum of 15 days from the submission of the application, we will make a decision on its validity, and we will inform you of the decision by e-mail.
    • Possibilities for legal enforcement related to data management:
      In the case of illegal data management you have experienced, notify us via the support ticket system, so it is possible to restore the legal status in a short time. For your sake, we will do everything possible to solve the given problem.

    If, in your opinion, the legal status cannot be restored, or the restoration does not meet your expectations, you can seek legal redress for your complaint via the following link: Europa.eu

    Legislation on which data management is based:

    • Regulation 2016/679 of the EU Parliament and Council (April 27, 2016) on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, and on the repeal of Regulation 95/46/EC (General Data Protection Regulation) .
    • CXII of 2011 Act on the right to self-determination of information and freedom of information.
    • LXVI of 1995 on the protection of public records, public archives and private archive material. law.
    • 335/2005 on the general requirements for document management of bodies performing public duties. (XII. 29.) Government decree.
    • CVIII of 2001 Act on certain issues of electronic commercial services and services related to the information society.
    • Act C of 2003 on electronic communications.
    • The service provider intends to fully comply with the legal requirements for the management of personal data, in particular with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council.

    This Data Management Notice was prepared on the basis of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of personal data of natural persons and the free flow of data, taking into account the CXII of 2011. on the content of the law on the right to self-determination of information and freedom of information.

    Data management questions and requests can be submitted through the support ticket system in the contact menu and footer of the website.

    etiket.hu I evignet24.com I evignet24.eu

    01/06/2023