Privacy policy

Purpose of this privacy notice

The Quadrum Investitio Zrt. (address, hereinafter, provider, data controller) as data controller, acknowledges that it is bound by the contents of this legal notice. It undertakes to ensure that any processing of data relating to its activities complies with the requirements set out in this policy and in the applicable national legislation and European Union acts.

The privacy policy relating to the data processing activities of the Data Controller is continuously available at http://www.smartestorage.com page.

The Data Controller reserves the right to change this information at any time. It will of course inform its audience of any changes in due time.

If you have any questions about this communication, please contact us and we will answer them.

The Data Controller is committed to protecting the personal data of its customers and partners, and attaches great importance to respecting the right to information self-determination of its customers. The Data Controller handles personal data confidentially and takes all security, technical and organisational measures to ensure the security of the data.

The Data Controller describes its data management practices below.

Data of the data controller

If you would like to contact our Company, please contact info@smartestorage.com the controller using the contact details.

The Data Controller shall delete all e-mails received by it, together with the name and e-mail address, after a maximum of 5 years from the date of the communication.                                                  

Name: Quadrum Investitio Zrt.
Address: 1146 Budapest, Erzsebet kiralyne utja 1/c.
Company registration number: 01 10 049197
Name of the registering court: the Commercial Court of the Metropolitan General Court
Tax number: 25868122242
E-mail: info@smartestorage.com

Data Protection Officer
Name: Vágó Balázs
Mobile: +36 30 791 40 64

Scope of personal data processed

Personal data processed in connection with subscribing to newsletters, sending newsletters and contacting us via the website:

  • name
  • e-mail address

Technical data

The Data Controller shall select and operate the IT tools used to process personal data in the course of providing the service in such a way that the processed data:

  • accessible to authorised persons (availability);
  • authenticity and verification (authenticity of processing);
  • can be verified to be unchanged (data integrity);
  • be protected against unauthorised access (data confidentiality).

The Data Controller shall take appropriate measures to protect the data against unauthorised access, alteration, disclosure, disclosure, erasure or destruction and against accidental destruction.

The Data Controller shall ensure the security of data processing by technical, organisational and organisational measures that provide a level of protection appropriate to the risks associated with the processing.

In the course of processing, the Data Controller shall retain

  • confidentiality: it protects information so that only those who are entitled to it have access to it;
  • integrity: protects the accuracy and completeness of the information and the method of processing;
  • availability: making sure that when an authorised user needs it, he or she can actually access the information he or she wants and that the means to do so are available.

Cookies

What cookies do

  • collect information about visitors and their devices;
  • remember your visitors' individual preferences, which are used, for example, when making an online transaction, so you don't have to re-enter them;
  • make the website easier to use;
  • provide a quality user experience.

In order to provide a personalised service, a small piece of data called a cookie is placed on the user's computer and read back during a subsequent visit. When the browser returns a previously saved cookie, the cookie provider has the possibility to link the user's current visit to previous visits, but only in relation to its own content.

Duration of processing

The retention period of a cookie, more information is available here:

Google general cookie notice: https://www.google.com/policies/technologies/types/
Google Analytics information: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=hu
Facebook information: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

Legal background and legal basis for cookies:

The legal basis for processing is your consent pursuant to Article 6(1)(a) of the Regulation.

Main features of the cookies used by the website:

 Cookies strictly necessary for operation:These cookies are essential for the use of the website and allow you to use the basic functions of the website. Without them, many of the site's features will not be available to you. The lifetime of these types of cookies is limited to the duration of the session.

A felhasználói élmény javítását szolgáló cookie-k: Ezek a cookie-k információkat gyűjtenek a felhasználó weboldalhasználatáról, például, hogy mely oldalakat látogatja leggyakrabban, vagy milyen hibaüzenetet kap a weboldalról. Ezek a cookie-k nem gyűjtenek a látogatót azonosító információkat, vagyis teljesen általános, névtelen információkkal dolgoznak. Az ezekből nyert adatokat a weboldal teljesítményének javítására használjuk. Ezen típusú cookie-k élettartama kizárólag a munkamenet idejére korlátozódik.

Third-party cookies (analytics)

Google Adwords cookie When someone visits our site, the visitor's cookie ID is added to our remarketing list. Google uses cookies - such as NID and SID cookies - to personalise the ads you see in Google products, such as Google Search. It uses such cookies, for example, to remember your recent searches, your previous interactions with advertisements from individual advertisers or search results, and your visits to advertisers' websites. The AdWords conversion tracking feature uses cookies. To track ad sales and other conversions, cookies are saved on a user's computer when they click on an ad. Some common uses of cookies include: selecting ads based on what is relevant for a particular user, improving campaign performance reporting, and avoiding displaying ads that the user has already viewed.

Google Analytics cookie: Google Analytics is Google's analytics tool that helps website and app owners to get a more accurate picture of their visitors' activities. The service may use cookies to collect information and report statistics about website usage without individually identifying visitors to Google. The main cookie used by Google Analytics is the "__ga" cookie. In addition to generating reports from website usage statistics, Google Analytics, together with some of the advertising cookies described above, can also be used to display more relevant ads in Google products (such as Google Search) and across the web.

Remarketing cookies: May appear to previous visitors or users when browsing other sites on the Google Display Network or searching for terms related to your products or services

Workmenet cake: These cookies store the location of the visitor, the language of the browser, the currency of the payment, and their lifetime is the closing of the browser or up to 2 hours.

Mobil version, design cookie: Detects the device the visitor is using and switches to full view on mobile. Lifetime 365 days.

Cookie elfogadás cookie: Az oldalra érkezéskor a figyelmeztető ablakban elfogadja a cookiek tárolásáról szóló nyilatkozatot. Élettartama 365 nap.

Facebook pixel (Facebook cookie) A Facebook account is code that allows the website to report conversions, create audiences and provide the site owner with detailed analytics on how visitors use the site. The Facebook pixel is used to display personalised offers and ads to website visitors on Facebook. You can read Facebook's privacy policy here: https://www.facebook.com/privacy/explanation

If you do not accept the use of cookies, certain features will not be available to you. For more information on how to delete cookies, please click on the links below:

Data related to contacting you via the website

An itemised list of the personal data requested when filling in the contact form on the website:

  • name
  • e-mail address

Purpose, method and legal basis of processing

General data processing policy

The data processing of the Data Controller's activities is based on voluntary consent or on legal authorisation. In the case of processing based on voluntary consent, data subjects may withdraw their consent at any time during the processing.

In certain cases, the processing, storage and transmission of some of the data provided is required by law, and we will notify our customers of this separately.

The attention of the Data Controller is drawn to the fact that if the data subject does not provide his or her own personal data, the data subject is obliged to obtain the consent of the data subject.

Its data management principles comply with the applicable data protection legislation, in particular:

  • Act CXII on the Right to Informational Self-Determination and Freedom of Information (Infotv.); 
  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46/EC (General Data Protection Regulation, GDPR);
  • Act V - on the Civil Code (Civil Code);
  • Act C on Accounting (Accounting Act);
  • Act LIII on the Prevention and Combating of Money Laundering and Terrorist Financing (Pmt.);
  • Act CCXXXVII - on Credit Institutions and Financial Undertakings (Hpt.).

Physical storage locations of data

Your personal data (i.e. data that can be linked to you personally) may be processed by us in the following ways: on the one hand, technical data relating to the computer, browser program, Internet address and pages visited in connection with the Internet connection are automatically generated in our computer system, and on the other hand, you may provide us with your name, contact details or other data if you wish to contact us personally when using the website.

Data transfers, data processing, data subjects

Itemised list of companies that transmit, store and know the data. List the details and contact details of these companies. (e.g. accounting, invoicing, delivery of goods, crm system, online payment, etc..)

Name of the data processor: Quadrum Investitio Zrt.
The location of the data processor: 1146 Budapest, Erzsebet kiralyne utja 1/c.
E-mail address of the data processor: info@smartestorage.com

Name of the data processor: Namecheap Legal Department
The location of the data processor: 4600 East Washington Street, Suite 305, Phoenix, AZ 85034
E-mail address of the data processor: legal@namecheap.com

Your rights and means of redress

During the period of processing, you have the following rights under the Regulation:

  • the right to withdraw consent
  • access to personal data and information on data management
  • right to rectification
  • restriction of processing,
  • right to erasure
  • right to protest
  • the right to portability.

If you wish to exercise your rights, this will involve identifying yourself and the Data Controller will need to communicate with you as necessary. For this purpose, identification will require the provision of personal data (but identification may only be based on data that the Controller already holds about you) and your complaints about the processing will be available on the Controller's email account within the time period specified in this Notice in relation to complaints. If you have been a customer of ours and would like to be identified for the purposes of complaint handling or warranty handling, please also provide your order ID for identification purposes. We can use this to identify you as a customer.

The Data Controller shall respond to complaints about data processing within 30 days at the latest.

Right to information

The controller shall take appropriate measures to provide data subjects with all the information referred to in Articles 13 and 14 of the GDPR and each of the disclosures referred to in Articles 15 to 22 and 34 of the GDPR concerning the processing of personal data in a concise, transparent, intelligible and easily accessible form, in clear and plain language.

Right of access of the data subject

You have the right to receive feedback from the Data Controller as to whether or not your personal data is being processed and, if it is being processed, you have the right to:

  • a kezelt személyes adatokhoz hozzáférést kapjon és
  • a következő információkról az Adatkezelő tájékoztassa:
  • az adatkezelés céljai;
  • az Önről kezelt személyes adatok kategóriái;
  • információ azon címzettekről vagy címzettek kategóriáiról, akikkel, illetve amelyekkel a személyes adatokat Adatkezelő közölte vagy közölni fogja;
  • a személyes adatok tárolásának tervezett időtartama, vagy ha ez nem lehetséges, ezen időtartam meghatározásának szempontjai;
  • az Ön azon joga, hogy kérelmezheti az Adatkezelőtől az Önre vonatkozó személyes adatok helyesbítését, törlését vagy kezelésének korlátozását, és jogos érdeken alapuló adatkezelés esetén tiltakozhat az ilyen személyes adatok kezelése ellen;
  • the right to lodge a complaint with a supervisory authority;
  • if the data was not collected from you, any available information about its source;
  • the fact of automated decision-making (if such a process is used), including profiling, and, at least in these cases, clear information about the logic used and the significance and likely consequences for you of such processing.

The purpose of exercising the right may be to ascertain and verify the lawfulness of the processing, and therefore, in the event of repeated requests for information, the Data Controller may charge reasonable compensation for the provision of information.

Access to personal data is provided by the Data Controller by sending you the personal data and information processed by email after you have identified yourself. If you are registered, we will provide access so that you can view and verify the personal data we process about you by logging into your account.

Please indicate in your request whether you want access to your personal data or information on data management.

Right of rectification

You have the right to have inaccurate personal data relating to you corrected by the Data Controller without delay upon your request.

Right to erasure

If one of the following grounds applies, the data subject shall have the right to obtain from the Data Controller, upon his or her request, the erasure of personal data concerning him or her without undue delay:

  • the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
  • the data subject withdraws the consent on which the processing is based and there is no other legal basis for the processing;
  • the data subject objects to the processing and there are no overriding legitimate grounds for the processing;
  • the personal data have been unlawfully processed;
  • personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject;
  • personal data are collected in connection with the provision of information society services.

The erasure of data may not be initiated if the processing is necessary: for the exercise of the right to freedom of expression and information; for compliance with an obligation under Union or Member State law to process personal data or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; for public health purposes or for archiving, scientific or historical research purposes or statistical purposes in the public interest; or for the establishment, exercise or defence of legal claims.

Right to restriction of processing

At the request of the data subject, the Controller shall restrict processing if one of the following conditions is met:

  • the data subject contests the accuracy of the personal data, in which case the restriction is limited to the period
  • which allows the accuracy of personal data to be verified;
  • the data processing is unlawful and the data subject opposes the erasure of the data and instead requests the restriction of their use;
  • the controller no longer needs the personal data for the purposes of processing, but the data subject requires them for the establishment, exercise or defence of legal claims; or
  • the data subject has objected to the processing; in this case, the restriction applies for the period until it is established whether the legitimate grounds of the controller override those of the data subject.

 Where processing is restricted, personal data, except for storage, may be processed only with the consent of the data subject or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or of an important public interest of the Union or of a Member State.

Right to data retention

If the processing is automated or if the processing is based on your voluntary consent, you have the right to request the Data Controller to receive the data you have provided to the Data Controller, which the Data Controller will make available to you in xml, JSON or csv format, and if technically feasible, you may request that the Data Controller transfer the data in this format to another data controller.

Right to object

The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to processing of his or her personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, or necessary for the purposes of the legitimate interests pursued by the controller or by a third party, including profiling based on those provisions. In the event of an objection, the controller may no longer process the personal data, unless there are compelling legitimate grounds for doing so which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

 Automated decision-making on individual cases, including profiling

The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

Right of withdrawal

The data subject has the right to withdraw his or her consent at any time.

Right to apply to the courts

The data subject may take the controller to court if his or her rights are infringed. The court shall rule on the case out of turn.

Data Protection Authority procedure

You can lodge a complaint with the National Authority for Data Protection and Freedom of Information:

  • Name: National Authority for Data Protection and Freedom of Information
  • Address: 1125 Budapest, Szilagyi Erzsebet fasor 22/C. Mailing address: 1530 Budapest, Pf.: 5.
  • Mobile: 0613911400
  • Fax: 0613911410
  • E-mail: ugyfelszolgalat@naih.hu Website: http://www.naih.hu

Other provisions

Information on data processing not listed in this notice is provided at the time of collection.

We inform our customers that the court, the prosecutor, the investigating authority, the law enforcement authority, the administrative authority, the National Authority for Data Protection and Freedom of Information, the National Bank of Hungary, or other bodies authorised by law may contact the data controller to provide information, to disclose or transfer data, or to provide documents.

The Data Controller shall disclose personal data to public authorities only to the extent and to the extent strictly necessary for the purpose of the request, provided that the public authority has indicated the precise purpose and scope of the data.

This document contains all relevant information on data management in relation to the operation of the webshop in accordance with the General Data Protection Regulation of the European Union 2016/679 (hereinafter referred to as the GDPR) and the Act of 2011 CXII of the Hungarian Parliament and of the Council of 2011 (hereinafter referred to as the Infotv.).