Loginet Systems LLC
Headquarters: 1221 Budapest, Vihar utca 5/D 4.floor.15
Tax identification number: 14461862-2-43
Company identification number: 01-09-904847
- Data Manager definition
- Personal data managed by the Data Manager
- Other data managed by the Data Manager
- Purpose of data management
- Principles of data management and Data Managers
- User rights and their enforcement
- Requesting information
- Disclosure of public interest data
- Duration of data management
- Data security
- Data storage
- Enforcement of rights, contact
- The documenting and informing of the principles determined by and adhered to by Loginet as the Data Manager;
- the determination of the type of gathered personal data;
- provides information on the mode of data collection and the utilization of data collected;
- provide guidance to Users’ rights relating to data management.
This DPP applies to all procedures relating to the management of personal data provided to Loginet’s https://mcomapp.com/ website by Users.
This DPP also applies to those procedures (more information in the third subsection of the fifth point of this DPP) where a User steps into contact with Loginet or Loginet contacts a User regarding services.
The content of this DPP is legitimate as of 1 August 2018.
Version number of this DPP: 1.0
In using this DPP:
User: that natural person which utilizes services and within this framework provides personal information listed in point 5.
Personal Data: any induction derived from a data, or derivable from that data, associated with a certifiable (identified, or indirectly/directly identifiable) natural person’s (henceforth: User). The personal data retains its status up until the connection with the User is verifiable. A User is verifiable when they can be identified based on name, an identification mark, or any physical, physiological, mental, economic, culture or social characteristic.
Data Manager: that natural or legal person, or rather organization without legal personality, that either independently or with others, determines the purposes of data management, makes decisions and realizes them relating to data management (including the device used), or realizes decisions with a data processor in their responsibility.
Data management: regardless of procedures of the application, any operation or the whole of operations performed on data, especially procedures of data collection, recording, capture, classification, storage, change, utilization, retrieval, forwarding, disclosure, coordination or connection, BLOCK, deletion and destruction; as well as the prevention of the data’s further use, the creation of photographs, sound recordings and image recordings, and the capture of physical identifiers (eg. Fingerprints, palm prints, DNA samples, retinal images).
Data Processor: that natural or legal person, or rather organization without legal personality, that based on a contract with the Data Manager—including contracts made based on legislation—completes the processing of data.
Data processing: the completion of technical tasks relating to data management operations, independent of the method and equipment used to perform the operation and the place of employment, provided that the technical tasks are completed on the data.
4. Data Manager definition
The Data Manager, the owner of the https://mcomapp.com/ website, primarily provides IT services, and in reaching this main service ensures connection on the https://mcomapp.com/ website.
5. Personal data managed by the Data Manager
If the User visits, the Data Manager’s system automatically captures the User’s IP address.
The Data Manager may collect the following data based on the User’s decision to step into contact through the website (eg. Requesting an offer, requesting a demo, general contact): name, telephone number, email address, introduction.
If the User steps into contact with Loginet, or Loginet contacts the User, the following information may be collected: personal data which the User provides when he or she steps into contact with Loginet regarding services over telephone, email, postal mail, or social media communications (eg. Name, username, contact information).
6. Other data managed by the Data Manager
In the interest of properly serving the User, the Data Manager places cookies on the User’s computer. A cookies is a small piece of data with individual identifiers, stored in the User’s computer or mobile device so that the device utilized by the User may be recognized whenever that given website is visited. The purpose of a cookie is to ensure the best performance by the website to improve the User’s experience. The User may delete cookies from their device or adjust the browser settings to prohibit cookies. By prohibiting cookies the User concedes that the website’s performance is not at full value.
Loginet uses the Google Analytics service to track the pages’ statistics and user demographic data, interest and online user activity. Google ensures the possibility to control the use of the analytical service. The User may find the Google Analytics opt-out browser option here: https://tools.google.com/dlpage/gaoptout
7. Purpose of data management
The Data Manager may manage data for any of the purposes listed below. The Data Manager will not use personal data for any other purposes than those listed below:
- online content services;
- identifying the User, maintaining contact with the User;
- Generating statistics, evaluations;
- developing the IT system;
- protecting User rights;
- processing the legitimate interests of the Data Manager.
8. Principles of data management and Data Managers
The Data Manager will only use personal data according to the purposes listed in this policy’s 5th and 6th sections, specifically
- with the consent of the User, or
- based on a lawful (as authorized by law in the proper scope) or local government’s ruling.
The User may only consent to data management provided he or she was thoroughly and clearly informed, which the Data Manager must ensure.
Before the start of data management, the User must be informed that his or her consent to data management is a BASIS or requirement. Before the start of data management, the User must be thoroughly and clearly informed of all facts relating to the data management, especially the purposes and lawful basis of data management, the individuals eligible for data management and processing, the duration of data management, whether the User’s data is managed according to this policy’s 6th point, and of who may have access to his or her information. The information expands to the rights and legal counsel possibilities of the User’s data management.
The Data Manager does not check the personal data provided. The provider of personal data assumes all responsibility for the data itself provided.
9. User rights and their enforcement
The User may request information on the management of his or her personal data anytime in writing by sending a registered letter to the provided address or sending an email to the firstname.lastname@example.org email address. The Data Manager considers the information-request letter as legitimate if the identity of the User is clearly determinable based off the contents of the letter sent.
The Data Manager will respond in writing to the User’s submitted query within 30 days upon receiving in a clear and understandable mode informing the User on the manner of managing and processing data, their sources, the purposes of data management, the lawful basis, the duration, as well as (if the data is forwarded) those receiving the data and the lawful basis of this.
Information may be requested free of charge once per calendar year. More information may result in an extra expense, except if the information request leads to an adjustment or if the data management proves to be illicit.
A User’s request for information may only be refused in the situations described in the rules. If the request for information must be refused, Loginet will notify the User in writing that the refusal was based on information within the provisions of this policy. If the request must be refused, Loginet will inform the User of any possibilities of legal counsel or through the National Authority for Data Protection and Freedom of Information. The User may request information on who had access to his or her data and for what purpose.
If the personal data does not correspond with reality, and the personal data corresponding to reality must be adjusted, the data must be corrected. The data must be marked if the User is arguing its inaccuracy or incorrectness, but the accuracy or correctness cannot be cearly determined.
Personal data must be deleted if
- its management was illicit;
- the User has requested this and it is not indispensably required for any contractual rights or obligations;
- it is incorrect or deficient and it cannot be legally corrected, provided the deletion is not prevented by the rule;
- the purpose of the data management has ended or the duration of the data’s storage has ended as according to the allotted time in the policy;
- it is ordered by the National Authority for Data Protection and Freedom of Information
Instead of deletion, personal data may be locked, if the User requests this or if the information in question may hurt the User’s lawful interests if deleted. Personal data locked in this manner may continue to be managed up until the data is still needed for its purposes of data management that prevent the deletion of the information. All those with access to the information for purposes of data management and the User must be informed of any adjustments, locks and deletions. (The notification may be dispensed if regarding the purposes of data management, the User’s legal interests are not damaged.) If the User’s request to adjust, lock or delete data cannot be completed, then the User must be informed of this rejection of his or her request within 30 days of receiving the request, as well as the legal and factual reasoning. In this case, the User must be informed of any legal counsel or further possibilities with the help of the aforementioned National Authority.
The disclosure of any data managed within the Loginet system is forbidden—except if the User consents to this or if it is ordered by law. Aggregated statistics connected to any Loginet employees, contractors, subcontractors, representatives, and clients (also based off personal data) may be disclosed provided that no individual may be recognized based off the content of that data. Before disclosing data, it is the responsibility of that individual tasked with disclosing data, of ensuring that no natural person can be identified based off this data.
Disclosure of public interest data
Any request from Loginet to disclose data from an outside organization or individual—without legal warrant-- must be authorized by Users in writing authorizing Loginet to do so. The User may preemptively provide this type of authority which specifies a given duration, purpose and type of organization requesting. Regardless of the User’s authorization, requests must still be processed through the determined authorities.
10. Duration of data management
Automatically captured IP addresses are stored for 7 days following the day of capture.
When a User sends an email request, the Data Manager deletes that email address 90 days after the close of the User’s query—unless, it is in the Data Manager’s legitimate interest to preserve the personal data for the purpose of data management, they may keep that data until the expiration of that interest.
The management of personal data provided by the User is called until the User requests for that data to be deleted. In this case, the personal data is deleted from the Data Manager’s system.
If personal data is illicitly or deceptively used, or a crime is committed against the User, or rather in the case of an attack on the Data Manager, the User’s data is deleted without delay—at the same time, in the case of a suspected crime or suspected civil liability, the personal data should be preserved until the appropriate course of action is completed.
Data recorded automatically and technically according to the system is stored for the needed duration from the point of that data’s generation, ensuring the security of the system. The Data Manager ensures, that automatically captured data may not be connected to other personal data—with the exception of legal order or warrant to do otherwise.
If a court of law or authority orders the deletion of personal data, the Data Manager will adhere. Instead of deletion, the Data Manager may control the use of the personal data (in addition to informing the User) if the User requests this or if it is possible that the deletion of said personal data may damage the legal interests of the User. The Data Manager does not delete the personal data while the purpose of data management is still valid, that purpose which prevented the deletion of the personal data.
11. Data security
The Data Manager ensures the security of the personal data, and takes the appropriate technical and organizational measures, and creates those procedural rules that ensure the security of any captured, stored or managed data; as well as preventing the accidental loss, illicit destruction, illicit access, illicit usage, illicit alteration and illicit dissemination of personal data. In order to comply with this responsibility, the Data Manager will call every third party with access to personal data.
Loginet utilizes computerized security mechanisms, as well as physical identifiers and barriers in its building to ensure the security of the data. Only those employees have access to data for whom it is required.
12. Data storage
Loginet stores its data so that no unauthorized persons may have access to it The mode of storage occurs primarily with IT mechanisms and modes. These IT mechanisms ensure the proper procedure for deletion of information.
The electronic data carriers are only dispensable when the information stored on them has been properly deleted. If the deletion is not possible (eg. Ruined SIM card) then the device must be physically destroyed.
The destruction of any written agreements must be done with a shredder.
14. Enforcement of rights, contact
If the User has any questions regarding how Loginet captures, stores or uses personal data he or she may contact the individual responsible for Loginet’s Data Protection services at the email@example.com email address.
The User may contact the National Authority for Data Protection and Freedom of Information with any complaints regarding data management (address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.; telephone: +36-1-391-1400; email: firstname.lastname@example.org; website: www.naih.hu).