Privacy policy

 

PRIVACY POLICY


  • Introduction

 

Syseleon Kft., the operator of the https://wellotools.com website, pays special attention to the protection of personal data and compliance with the provisions of the applicable data protection legislation, and treats personal data confidentially in accordance with the effective legislation, in particular the following legal regulations:

  1. Regulation (EU) 2016/679 Of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation or „GDPR”);
  2. Act CXII of 2011 on the right to information self-determination and freedom of information (Infotv.);
  3. Act V of 2013 on Hungarian Civil Code (Ptk.);
  4. Act CVIII of 2001 on certain issues of electronic commerce services and information society services (Eker. tv.);
  5. Act C of 2003 on Electronic Communications (Eht.);
  6. Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activity (Grt.).

 

The data processing rules relating to the website are constantly available at https://wellotools.com, with the website operator reserving the right to change this policy later, which changes will apply to all users from the date of publication.


  • Contact details of the Controller

 

Syseleon Kft.,

registered seat: 8000 Székesfehérvár, Sasvári utca 21., Hungary

e-mail: hello@wellotools.com

website: www.wellotools.com


  • Definitions

 

The terms used in this Privacy Policy, unless otherwise defined in the text of this Privacy Policy, correspond to the definitions in the GDPR Regulation.


  • Customer data processing

 

The recipients of the services provided through the operation of the website are primarily legal entities, therefore processing of personal data of natural persons occurs rarely. If this is the case, the following regulations applies to the personal data of the natural persons.


  • Use of service 

 

    • The purpose of data processing: To order the service based on the packages on the website, to issue an invoice in connection with it, to document the provision of services and payments, and to fulfill the accounting obligation.
    • Legal basis for data processing: Article 6 Subsection (1) point b.) and c.) of GDPR (performance of a contract and a legal obligation) and Hungarian Act on accounting Section 169 Subsection (2)
  • Scope of processed data:

During orders: data provided by the customer for the use of the service: name, email address; data provided by the customer for billing and payment (via own or other payment service provider): name, address, tax number

  • Duration of data processing: In connection with the orders considering the performance of the contract, with regard to the data necessary for the fulfillment of the accounting obligation of the Service provision, eight years pursuant to Hungarian Act on accounting Section 169 Subsection (2)
  • Data processors: Accountant: Andreotti Bt. (Registered seat: 1139 Budapest, Rozsnyai utca 31. 1. 5.), other external service providers used for the provision of the service: Amazon Web Services, MongoDB Atlas, Auth0, Mailgun, Stripe, Billingo, Webonic

 

  1. Server logging

 

The website has analytics software where visitor data is recorded (+ heat map + video recording). When you visit the website, the visitor data is automatically recorded (logged). Website’s operator will not link the generated data with other data during the analysis of the log files, they are for statistical purposes only.

 

The purpose of data processing: During the visit to the website, the operator checks the operation of the services by automatically recording the visitor data.

Legal basis for data processing: consent of the data subject, Ekertv. Section 13/A. Subsection (3)

Scope of processed data: the date of the visit, the address of the page visited, the IP address of the computer, the start and end time of the visit and, in some cases, depending on the computer settings, the type of browser and operating system, 

Duration of data processing: 30 days

Data processors: other external service providers used to provide the service: Amazon Web Services, MongoDB Atlas, Webonic


  • Cookie handling

 

Cookies are packets of information that the service provider’s web server sends to the user’s device via the browser when using the website. The main purpose of cookies is to record user data in order to analyze your activity in relation to the website. If the browser returns a previously saved cookie, the cookie service provider may, for statistical purposes, link the data saved during the user’s current visits with the previous ones, but only for its own content, in a form that cannot be uniquely identified.

 

The purpose of data processing: to identify the current session of the users, to store the data related to the layout specified during it

Legal basis for data processing: Article 5 Subsection (3) of Directive 2002/58 /EC

Scope of processed data: the page layout view set during a previous visit to the website

Duration of data processing: 3 months

External providers: Google Analytics


  • Sending newsletter, notification of promotions by e-mail

 

The purpose of data processing: to send e-mail newsletters, including commercial advertising, to those who have subscribed to it.

Legal basis for data processing: consent of the data subject, Ekertv. Section 13/A. Subsection (4), Grt. Section 6 Subsection (1) and (5)

Scope of processed data: e-mail address, name (company name),

Duration of data processing: until the withdrawal of the user’s consent

Data processors: Amazon Web Services, MongoDB Atlas


  • RIGHTS OF THE DATA SUBJECTS

 

    1. Right to information
    2. The data subject’s right of access
    3. Right to rectification
    4. Right to erasure (right to be forgotten)
    5. The right to restriction of processing
    6. The right to data portability
    7. The right to object
  • Rights related to automated decision-making and profiling


  • ENFORCEMENT OPTIONS

 

If you have any requests or questions regarding data processing, you can send your request electronically to hello@wellotools.com. We will send our answers without delay, but within 30 days the latest to the address you requested.

 

You can enforce the user’s right to protection of personal data in court.

 

In addition, you can contact the Hungarian National Authority for Data Protection and Freedom of Information, whose contact details are as follows:

Registered seat: 1055 Budapest, Falk Miksa utca 9-11.

Mailing address: 1363 Budapest, Pf. 9.

Phone: + 36-1-391-1400

Fax: + 36-1-391-1410

E-mail: ugyfelszolgalat@naih.hu 

Website: http://www.naih.hu 


  • OPERATOR OF THE WEBSITE AS A DATA PROCESSOR

 

Based on the services and orders used on the basis of the GTC on this website, the website operator, as a data processor, in connection with the personal data processed by users as data controllers, is obliged to:

 

  1. process personal data only on the basis of the written instructions of the data controller;
  2. ensure that persons authorized to process personal data are bound by an obligation of confidentiality or are subject to an appropriate obligation of confidentiality by law; 
  3. take the measures provided in Article 32 of the GDPR;
  4. respects the conditions for the use of an additional data processor referred to in Article 28 Subsection (2) and (4) of the GDPR;
  5. taking into account the nature of the processing, by taking appropriate technical and organizational measures, assist the controller, to the extent possible, in fulfilling his or her obligations to respond to requests relating to the exercise of the data subject’s rights;
  6. assist the data controller in complying with Articles 32-36 of the GDPR taking into account the nature of the processing and the information available to the processor;
  7. upon termination of the provision of the data processing service, at the discretion of the controller, delete or return all personal data to the controller and delete existing copies, unless EU or Member State law requires the storage of personal data;
  8. provide the controller with all information necessary to verify the fulfillment of the obligations stipulated in this point, and which allows and facilitates audits, including on-site inspections, performed by the controller or another auditor appointed by her.