Privacy Policy

Introduction

The Coolfire Limited Company (registered office: 1097 Budapest, Illatos út 9, company registration number: Cg.01-09-912574) as a data controller (hereafter referred to as Data Manager), during the operation of www.coolfire.hu (“Prospectus”) for your personal information. Commits to the all data management related to this activity is in accordance with this Code and the applicable national law legislation and the legal acts of the European Union.

Data Privacy Guidelines for Data Management are available at www.coolfire.hu. The Data Controller reserves the right to change this Information at any time, of course, informing its audience of any changes made in due time. If you have any questions about our present announcement, please write to us and our colleagues will answer your questions.

The Data Controller is committed to protecting the privacy of its customers and partners, and it is of paramount importance to respecting the privacy of their clients’ information self-determination. The Data Handler manages the personal data in confidence and takes all security, technical and organizational measures that guarantee the security of the data.

As a Data Controller, the Data Administrator respects the privacy of all individuals for whom personal data is transferred and is committed to protecting them. Under Article 13 of the European Union General Data Protection Regulation (Decree 679/2016, ‘the GDPR’), it provides the following information:

I. Data Manager

Data Controller Name: Coolfire Limited Liability Company

Headquarters: 1097 Budapest, Illatos út 9.

Company registration number: Cg.01-09-912574

Registry authority: Fővárosi Törvényszék Cégbírósága

Tax number: 14628214-2-43.

Phone number: +36-20-283-9404

For privacy inquiries, contact us at the following e-mail address: info@coolfire.hu

II. General Provisions

2.1. The personal and material scope of the information

The material scope of the prospectus covers www.coolfire.com is concerned with data management natural persons (hereinafter referred to as ‘the data subject’ or ‘the data subject’).

2.2 Concepts

  • Data management: means personal data or data files in an automated or non-automated manner carried out any operation or operations, such as collecting, recording, organizing, dividing, storing, conversion or alteration, querying, inspecting, utilizing, transmitting, distributing or otherwise by way of disclosure, alignment or interconnection, restriction, deletion, or destruction;
  • Processor: means any natural or legal person, public authority, agency or any other body, which handles personal data on behalf of the controller;
  • Third party: means any natural or legal person, public authority, agency or any other body, which is not the same as the data subject, the data controller, the data processor, or the persons who are under the direct control of data controller or data processor, have been authorized to handle personal data;
  • Personal data: means any information relating to an identified or identifiable natural person (“concerned”); the natural person who can identify, directly or indirectly, in particular an identifier such as name, number, positioning data, online identifier or natural person, physiological, genetic, spiritual, economic, cultural or social identity of one or more factors;
  • IP Address: An IP address is a series of numbers that can uniquely identify the computers and mobile devices of affected Internet users. IP addresses can also geographically locate a visitor using that computer.

2.3. Principles

The Data Controller is responsible for:

  • treats personal data legally and fairly and treats it transparently (“lawfulness, fairness and transparency”);
  • collects personal data for a specific, unambiguous and legitimate purpose and not treat them in a way that is incompatible with these goals (“purpose limitation”);
  • the manageable personal data are appropriate and relevant to the purposes of data management and are limited to the need (“saving of the data”);
  • ensures that personal data is accurate and, if necessary, up-to-date and takes all reasonable steps to delete or correct inaccurate personal data for the purposes of data management (“accuracy”);
  • keeps personal data in a form that allows the identification of the data subjects only for the time needed to manage the personal data (“limited storage”);
  • personal data is handled in such a way as to ensure adequate security of personal data, including the protection against unauthorized, unlawful, unintentional, loss, destruction or damage of data (“integrity and confidentiality”) by means of appropriate technical or organizational measures.

2.4. Related Legislation

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / Data Protection Regulation);
  • 2011 CXII. law on information self-determination and freedom of information (Infotv.);
  • CVIII. Act on Electronic Commerce Services and Certain Issues of Information Society Services (Eker law);
  • Act C of 2003 on Electronic Communications (Eht.);
  • XLVIII of 2008. Act on the Fundamental Terms and Limitations of Economic Advertising (Grt.);
  • Act V of 2013 – Civil Code (Civil Code);
  • 1997 CLV. Act on Consumer Protection.

III. THE PURPOSE, PERSONAL DATA, OBJECTIVES, DOMAIN AND DURATION OF DATA MANAGEMENT

The data management of Data Manager’s activities is based on voluntary consent or legal authorization. In the case of data processing based on a voluntary contribution, the data subjects may withdraw their consent at any stage in the processing of data. In some cases, a set of specified data handling, storing and forwarding are legal, and we will notify our audience separately. We are kindly advising the Data Handler to inform the data providers that, if they do not provide their personal information, the obligation of the data supplier is to obtain the consent of the person concerned.

3.1. Cookie management at www.coolfire.hu

In order to provide customized service, the Data Manager has a small data packet on the user’s computer, place a cookie and read it later. If the browser returns a previously saved cookie, the cookie operator can link the user’s current visit but only for its own content. Cookies can be deleted from your computer or disabled in your browser. To manage your cookies, you can usually use cookies, or cookies in the Tools / Preferences menu in the Privacy / History / Custom Settings menu tracking is possible. Possible consequences of failure to provide data: unavailability of the services of the website, inaccuracy of analytical measurements.

Usage supplier cookies: These “cookies” allow the www.coolfire.hu website to note how the user chooses the mode of operation (eg website uses Hungarian, German or English versions, selects the barrier-free version, how many hits are displayed in the search results list at one time, etc.).

Targeted ad cookies: The purpose of using “targeted ad cookies” is to select the ads most relevant to or relevant to the user and appear on our site. These cookies allow third-party service providers, including Google, to display targeted ads on other sites that the user uses, based on a user’s visit on a user’s site.

For more information on Google Advertising Privacy Policy, please visit this link: Google Advertising Privacy Policy

The website uses the “targeting and advertising cookies” of the following providers:

Web stats cookies: The Data Manager uses “web statistics cookies” to collect information about how users use the site. The purpose of using cookies is to improve the website’s user-friendliness. Using “cookies”, you can track how many people visit

the site and what content they are interested in.

Legal Basis for Data Management: GDPR Article 6. (a), the consent of the person concerned, and Eker. TV. 13 / A. (3) and GDPR Article 6 (1) (f).

Data managed: date, time, IP address, page of previously visited page, user operating system and browser data, time spent on the page. Data management duration: 30 days after viewing the site, except for session cookies that are automatically deleted by leaving the website or closing the browser.

3.2. Contact

If you are looking for the Data Manager for the services that you provide, you can contact us via the contact details provided in this Prospectus or on the website.

The purpose of data management: business continuity.

The legal basis for data handling is the consent of the data subject and the legitimate interest of the data controller: business continuity. Article 6 (1) (a) and (f) of the GDPR and Infotv. Article 5 (1).

The range of managed data is: name, e-mail address, company, phone number, date and time of signing, IP address, date and time of some interactions (openings, clicks, feedbacks, responses, unsubscriptions). Data Handling Duration: The Data Handler deletes all emails received with the sender’s name, e-mail address, date, time, and other personal data specified in the message, up to 90 days after the date of communication. If contact is considered a consumer complaint, it takes a data record and records the complaint with a copy for 5 years. TV. 17 / A. (7) of the Act.

We use the Google reCAPTCHA feature in the so-called “robots.” Google can provide information about data management with user control: https://www.google.com/intl/en/policies/

The Data Controller transmits the data to C-Host Ltd. (Nethely.hu); 1115 Budapest, Halmi utca 29, hosting provider.

3.3. Electronic Newsletter

The Data Manager will regularly inform customers and prospective customers of your products and promotions through newsletters. In the newsletter, subscribers will be informed about the products, actions of the Data Manager, and other useful information at intervals (e.g., monthly and half-yearly). Newsletters may also contain advertising messages.

The purpose of data management is to send electronic newsletters containing commercial advertisements to the interested parties, providing information on current information, events, and offers.

Legal Basis for Data Processing:

  • GDPR Article 6 (1)(a); the voluntary contribution of the concerned,
  • Infotv. Article 5 (1).

In any case, the Data Controller provides the opportunity to make any further use or consent of the data subject forbidden for this purpose at any time, without limitation and without justification, modify or withdraw it freely. The Data Operator is entitled to access the data of a non-natural person for these purposes until explicitly blocked.

A Contribution Statement can be made in any way that includes the name and email address of the declarant and the scope of the personal data that the contributor agrees to deal with and the voluntary disclosure of the consent with the appropriate information. Any interested party can make an express consent statement in any format.

The range of data to be handled is:

  • Email address,
  • Date and time of subscription,
  • IP address,
  • The date and time of certain interactions (openings, clicks, feedback, responses, unsubscriptions, etc.).

Duration of Data Handling:

Until the consent statement is withdrawn.

The affected party may, without limitation and justification, modify or withdraw the declaration that contributes to the data handler at the Data Manager. You can do this by following the customer’s request:

  • At the customer service of the company personally by completing and signing a statement,
  • The completed and signed declaration by post to the registered office of the Company (1097 Budapest, Illatos út 9),
  • Through our telephone support team at +36-20-283-9404,
  • By unsubscribing via the “unsubscribe option” link at the bottom of the email received electronically,
  • Via email at info@coolfire.hu.

Counterfeiting by customers should not apply to business correspondence and information activities arising from the normal course of business, information, and provision of information about the client’s contract.

The Data Controller transmits the data to C-Host Ltd. (Nethely.hu); 1115 Budapest, Halmi utca 29 hosting provider.

The Data Controller does not provide third parties with any advertising purpose or make personal data available.

3.4. Further Data Management

Data management not listed in this information is provided when data is included.

IV. Storage of Personal Data, Safety of Data Management

Data management computer systems and other data retention locations are located at the head office and data processors.

The Data Controller selects and manages the IT tools used to manage personal data and provide the service so that the data processed:

  • a) Has been granted access to (availability),
  • b) Credibility and authentication (authenticity of data management),
  • c) Can be verified (data integrity),
  • d) Unauthorized access (confidentiality of data).

The Data Controller protects the data by appropriate measures, in particular against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as accidental destruction, damage, and any unavailability of the technology used. The Data Controller ensures, by means of an appropriate technical solution, that the stored data—unless permitted by law—cannot be directly linked and assigned to the data subject in order to protect electronically managed files in their various registers.

In view of the technical state of the art, the Data Controller provides technical, organizational, and organizational measures to protect the security of the data management that is related to the data handling risks, ensuring an adequate level of protection.

The Data Manager retains the data handling:

  • a) Confidentiality: It protects the information so that it can only be accessed by those who are entitled to it;
  • b) Integrity: It protects the accuracy and completeness of information and processing methods;
  • c) Availability: Ensures that when the eligible user needs it, the necessary information and tools are available;
  • d) The Data Management and Partner’s IT system and network are protected against computer-aided fraud, espionage, sabotage, vandalism, fire and flood, as well as computer viruses, computer burglaries, and denial-of-service attacks. The operator provides security with server-level and application-level security procedures.

Important Notice:

Electronic mails transmitted over the Internet are vulnerable to network threats that lead to unfair practices, controversy, or disclosure or modification of information. To protect against such threats, the Data Controller will take all precautionary measures it may have. Systems are monitored to capture all security dangers and provide evidence of any security incident. The system monitoring also allows checking the effectiveness of the precautions applied.

Privacy Incident Notifications:

In the event of a privacy incident, the Data Controller shall, without undue delay and, if possible, 72 hours after the data protection incident becomes known, notify the competent supervisory authority under Article 55 unless the data protection incident is unlikely to pose a risk to natural persons’ rights and freedoms. If the notification is not filed within 72 hours, the reasons for proving the delay must also be enclosed.

If the privacy incident is likely to pose a high risk to the rights and freedoms of natural persons, the Data Controller shall inform the data subject of the data protection incident without undue delay. The person concerned shall not be informed if any of the following conditions are met:

  • The Data Operator has implemented appropriate technical and organizational protection measures and applies these measures to data covered by the data protection incident, such as using encryption to access personal data, making it inaccessible to unauthorized persons;
  • The Data Controller has taken further measures following the data protection incident to ensure that high risk for the rights and freedoms of the person concerned is no longer likely to be realized;
  • The information would require disproportionate effort. In such cases, the data subject shall be informed by means of publicly disclosed information or a similar measure shall be taken to ensure that such information is equally effective.

If the Data Controller has not yet informed the data subject of the privacy incident, the supervisory authority may, after considering whether the privacy incident is likely to pose a high risk, inform the data subject.

External Links and Social Media Warning:

The site may include links to or from websites of our partner networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that they have their own privacy policies, and we are not responsible for these policies. Please review these policies before sharing any personal information with these websites.

Keep in mind that any content published on any of our social media platforms is visible to the public. Please be cautious about providing certain personal information, such as financial or address information.

We will not be responsible for any actions taken by others if you publish personal information on a social media platform, especially if you also suggest not sharing such information.