PRIVACY POLICY

Thank you for visiting the website of our Company, ModulWood Zrt. (the "Company" or "Data Controller") and for your interest in our products. Your privacy is important to us.

THE AIM OF THE PRIVACY POLICY

In this privacy policy ("Privacy Policy") we explain how, for what purposes and on what legal basis we collect your personal data, what we do with your personal data, your rights in relation to the processing of your personal data and your rights to bring claims.

If you have any questions or comments about this Policy, before using the https://modulwood.hu website or submitting any information under this Policy, please contact us using one of the contact details above.

If you provide personal data to us using a third party service (e.g. through a social networking site), the processing of that data may also be governed by that service's own privacy policy and other terms of use. Our Company is not liable in this regard.

Please note that if your personal data is processed on the basis of your consent, you have the right to withdraw your consent at any time, as set out in this Policy.

IDENTIFICATION OF THE DATA CONTROLLER

  • Name: ModulWood Zártkörűen Működő Részvénytársaság
  • Registered office: Lovas út 1, 1012 Budapest, Hungary
  • Correspondence address: Lovas út 1, 1012 Budapest, Hungary
  • Registering authority: Fővárosi Törvényszék Cégbírósága
  • Registry number: 01-10-142042
  • VAT number: 32085398-2-41
  • Representative: András Katona, CEO
  • E-mail: info@modulwood.hu

As the Data Controller, we can determine the purposes for which personal data are processed, the decisions regarding the processing of personal data, and we may implement them, or engage a data processor to implement them.

DATA PROCESSORS

We hereby inform you that our Company engages a data processor for processing the data. Processors do not make decisions on their own and are only authorised to act on the basis of the written processing contract with our Company and the instructions they receive.

Data processors process personal data on behalf of our Company, so our Company only engages data processors that provide adequate guarantees that they have the technical and organisational measures in place to ensure compliance with the requirements of data protection legislation, thereby ensuring the security of the data. Once the processing has been carried out on behalf of our Company, the processor shall, at our Company's option, return or delete the personal data, unless the storage of the personal data is required by EU or Member State law applicable to the processor.

Data processors:

Microsoft

Hosting provider:

Cloudways Ltd. (https://www.cloudways.com/), a using the following services: DigitalOcean, LLC (https://www.digitalocean.com/)

DEFINITIONS

personal data: any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

processing: means any operation or set of operations which is performed upon personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

controller: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

processor: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

recipient: a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;

consent of the data subject: any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

personal data breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;

website: https://modulwood.hu

THE SCOPE OF THE DATA PROCESSED

The Controller is entitled to carry out the following processing activities in respect of personal data held by it with your consent or on the basis of another legal title. The Controller may not process the personal data provided for purposes other than those set out in this Privacy Policy.

The Data Controller does not verify the accuracy of the personal data provided to it, it is solely the person providing them who is responsible for them. By providing the email address, the data subject accepts responsibility for having exclusive access to the account associated with the email address.

If the data subject withdraws his/her consent to the processing, his/her personal data will be deleted without undue delay.

data processing related to visiting our website

When visiting our website, the following personal data is automatically recorded by our system with the help of the Google Analytics tool:

  • IP address,
  • the time of the visit,
  • its duration,
  • the list of pages visited,
  • the operating system used,
  • browser type,
  • screen resolution.

The data evaluated in the statistical analysis are not identified with specific individuals (i.e. the data are analysed in a mass, and in this sense completely anonymous, way.)

Detailed information on how Google Analytics works can be found at https://developers.google.com/...

In addition to the personal data in this section a., we will only process personal data if you provide us with such data, e.g. by registering, sending us an e-mail or requesting an offer, and even in such cases only, if we are permitted to do so on the basis of your consent or if it is allowed by legal regulations.

You are under no legal or contractual obligation to provide us with your personal data. However, certain features of our websites may depend on the provision of personal data. Failure to provide your personal data in these cases may result in the unavailability or limited availability of these features.

data processing related to pre-registration, appointment booking or request for an offer

If you pre-register via the Website, you consent to the processing of the following data:

  • e-mail address
  • name
  • telephone number
  • how you got in touch with ModulWood
  • the product specification given
  • your property details (if provided)

in case of providing an e-mail address

If you provide your e-mail address through the Website and request more detailed information or ask a specific question on the Contact tab, you consent to the processing of the following data:

  • e-mail address
  • telephone (if provided)
  • name (if provided)
  • the text indicated as a message, personal data if any

Providing an e-mail address implies the acceptance of the privacy policy.

Information sent during an e-mail contact

If you send a request to any of our e-mail addresses, you consent to the processing of the following data:

  • e-mail address
  • personal data (in particular natural person identification data, contact details) provided in the body of the e-mail

If you send a request to any of our company’s e-mail addresses, this will be understood as a consent to process the personal data provided in the e-mail and implies acceptance of this privacy policy.

Cookie information

Our Company places a small data packet (a "cookie") on the computer or mobile device of the visitor to the Website in order to provide a personalized service. For detailed information on the use of cookies on the Website, please refer to the document entitled Cookie Policy.

LEGAL BASIS FOR DATA PROCESSING

If you have given us your consent to process your personal data, this is the legal basis for the processing (Article 6 (1) (a) of the GDPR).

The legal basis for the processing of personal data for the establishment or performance of a contract with you is Article 6 (1) (b) of the GDPR.

Where the processing of your personal data is necessary for the performance of our legal obligations (e.g. for data retention), we are entitled to do so on the basis of Article 6 (1) (c) of the GDPR.

In addition, we process personal data for the purposes of our legitimate interests and the legitimate interests of third parties, on the basis of Article 6 (1) (f) of the GDPR. Such legitimate interests include maintaining the functionality of our IT systems, the (direct) marketing of our own and third party products and services (unless based on your consent) and the legally required documentation of business relationships. In balancing these interests at all times, we will take particular account of the type of personal data, the purposes of the processing, the circumstances of the processing and your interests in the confidentiality of your personal data.

THE PURPOSE OF DATA PROCESSING

The personal data collected during your visit to the Website (data under 2. a.) will be used by us only to operate the Website in the most convenient way for you and to protect our information technology systems from attacks and other unlawful activities.

If you provide us with personal data (data under 2.b-d), this data will be used for the following purposes:

  • to prepare and communicate to you (by e-mail and/or telephone) the information or offer you have requested,
  • to the extent necessary, to contact you (whether by e-mail or telephone), to provide customer service, and, where necessary, to process and settle business transactions; and
  • for additional purposes (e.g., to provide you with personalized content or advertising based on your user behaviour), if you have provided (and not withdrawn) your consent on the Website to the use of your data for marketing purposes.

In addition, we will use personal data where we are legally required to do so (e.g. storage to comply with data retention obligations imposed by commercial and tax law, for disclosure to public authorities or pursuant to a court order, e.g. to law enforcement authorities).

ADATKEZELÉS IDŐTARTAMA

The processing of all data under points 2 (b) to 2 (d) starts on the date on which the data subject provides the data and lasts until the consent is withdrawn, but not longer than 3 years from the date of sending the data, with the exception of the name and e-mail address of the data subject, which may be processed indefinitely (unless the data subject withdraws the consent).

The data under point 2 (a) will be deleted within [*][DT2] days after the visit of the Website.

If the data subject expressly consents, the period of data processing may be extended in accordance with the purpose of the processing.

THE USE OF SOCIAL MEDIA PLUG-INS

On our website we use the social plug-ins of WhatsApp, Facebook and Instagram. When you visit our website, the plug-in icon is deactivated, i.e. no data is transmitted to the operators of these service providers. If you click on the Facebook icon on our website, you will automatically be forwarded to the relevant social media platform of ModulWood. In doing so, a direct connection is established with the server of the respective provider.

If you have a user account at that service provider and you are logged in to your account when you activate the add-on icon, the network will be able to associate your visit to our website with your user account. If you wish to avoid this, please log out of the network before activating the extension icons.

If you activate a social plug-in, your personal data may be transferred to service providers in countries outside the European Economic Area that do not guarantee an "adequate level of protection" for the processing of personal data in accordance with EU regulations. Please take this into account before clicking on a link or activating a plug-in icon and thereby causing your data to be transferred.

THE PRINCIPLES OF DATA PROCESSING

The Data Controller shall endeavour and take appropriate measures to ensure that the personal data of the data subjects are:

  • processed lawfully, fairly and pursuant an appropriate legal base;
  • collected only for specified, explicit and legitimate purposes and not in a way incompatible with those purposes;
  • processed adequately and relevantly for the purposes for which they are processed and limited to the extent necessary (data minimisation);
  • accurate and, where necessary, kept up to date; where possible, inaccurate personal data should be erased or rectified without undue delay (accuracy);
  • stored in a form which permits identification of customers only for the time necessary to achieve the purposes for which the personal data are processed; personal data are stored for longer periods only for statistical purposes, subject to the implementation of appropriate technical and organisational measures (limited storage);
  • processed, by implementing appropriate technical or organisational measures, in such a way, as to ensure adequate security of personal data, including protection against unauthorised or unlawful processing, accidental loss, destruction or damage (integrity and confidentiality).

In any case, data subjects are obliged to provide the Controller with the relevant personal data in compliance with applicable law. In particular, the transfer of personal data must be subject to their informed consent or other legal basis (e.g. in the case of contact details, relatives). If the Data Controller becomes aware that a data subject's data have been disclosed without the data subject's consent or other appropriate legal basis, the Data Controller may delete the data without undue delay and the data subject shall be entitled to exercise the rights and remedies set out in this Policy.

The Controller shall not be liable for any damage, loss or injury resulting from the breach of the above obligation and the data subject's declaration.

THE RIGHTS OF THE DATA SUBJECT WITH REGARD TO THE PROCESSING ACTIVITIES

Right to request information (right of access)

You can contact us at any time in writing using the contact details provided in point 1 to request information about the following:

  • your personal data that we process,
  • the legal basis of processing,
  • its purpose,
  • its source,
  • its time scope; and
  • whether the Controller has given access to your personal data or transferred them to a third party.

If you request information on any of the above issues, we are obliged to provide you with written information within a maximum of 30 days, using the contact details you have provided.

In case of an eventual a refusal to provide information, the Data Controller will inform the data subject within 30 days of the reason for the refusal.

Right to rectification

By contacting us using the contact details provided in section 1, you may request, in writing, that we amend any of your personal data (e.g. when you change your email address). We will comply with your request within a maximum of 30 (thirty) days and will notify you in writing using the contact details provided by you.

Right to erasure

By contacting us using the contact details provided in section 1, you may request in writing the erasure of your personal data, for example if you wish to withdraw your consent or if you consider that the processing of any of your personal data is unlawful.

We may refuse your request for erasure, if we are required by law to continue to process your personal data. If there is no such obligation, we will comply with your request within a maximum of 30 days, and will notify you in writing using the contact details you have provided.

The Controller must delete the personal data in the following cases:

  • if the legally established time limit for processing has expired;
  • the personal data are no longer necessary for the purposes for which they were collected or otherwise processed,
  • the data subject has withdrawn his or her consent to the processing (in the case of processing based on consent);
  • the data subject objects to the processing of personal data;
  • the data subject objects to processing based on legitimate interest as a legal ground for processing and there is no overriding legitimate ground for processing,
  • the data processing is unlawful and in breach of the applicable law,
  • the personal data must be erased in order to comply with a legal obligation applicable to the Controller under European Union or Hungarian law,
  • if ordered so by a court or a public authority.

Right to blocking

By contacting us using the contact details provided in section 1, you may request in writing the blocking of your personal data. The blocking will last as long as the reason you have given makes it necessary to store the data.

You may request the blocking of your data, for example, if you consider that the processing of your personal data is unlawful, but you need for some reason (e.g. you are initiating legal or administrative proceedings) to prevent the deletion of your personal data. In this case, we will continue to store the blocked personal data until the court or authority requests it and only then will we delete it.

Right to object

By contacting us using the contact details provided in section 1, you may object in writing the processing of your personal data if we use or transfer it to a third party without your consent for purposes other than those for which it was originally processed.

Right to restriction of processing

The data subject has the right to obtain from the Data Controller, at his or her request, the restriction of processing instead of a rectification or erasure of personal data, if one of the following conditions is met:

  • the data subject contests the accuracy of the personal data, in which case the restriction applies for the period of time necessary to allow the controller to verify the accuracy of the personal data;
  • the processing is unlawful and the data subject opposes the erasure of the data and requests instead the restriction of their use;
  • the controller no longer needs the personal data for the purposes of the processing but the data subject requires them for the establishment, exercise or defence of legal claims; or
  • the data subject has objected to the processing; in this case, the restriction shall apply for a period of time until it is established whether the legitimate grounds of the controller override the legitimate grounds of the data subject.

If the processing is restricted, such personal data, except for storage, may be processed only with the consent of the data subject or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for important public interests of the European Union or of a Member State of the European Union.

The Data Controller shall inform the data subject at whose request the processing has been restricted in advance of the lifting of the restriction.

DATA SECURITY MEASURES

We take technical and organisational security measures to protect the data we process from manipulation, loss, destruction and access by unauthorised persons. Our security measures are continuously improved in line with technological developments.

We also protect the personal data we process by restricting access to information. For example, only those persons are granted access to the data who need to have such access in order to achieve the above-mentioned purposes.

ENFORCEMENT IN RELATION TO DATA PROCESSING

If you consider that the processing of your personal data infringes the data protection legislation in force, you have the right to lodge a complaint with the National Authority for Data Protection and Freedom of Information. You also have the right to launch a court proceeding before the competent court.

National Authority for Data Protection and Freedom of Information

Contact details:

Registered office: 1055 Budapest, Falk Miksa utca 9-11.

Correspondence: 1363 Budapest, Pf. 9.

E-mail: ugyfelszolgalat@naih.hu

Telephone: +36 (1) 391-1400

Fax: +36 (1) 391-1410

Website: <a href="

" class="redactor-autoparser-object"><a href="http://www.naih.hu

" class="redactor-autoparser-object">www.naih.hu

Initiation of a court proceeding

The Regional Court has jurisdiction to hear the case. You can also choose to bring the case before the Regional Court of your place of residence. You can find a list of Regional Courts and their jurisdiction on the following pages:

MODIFICATION OF THE PROVACY POLICY

The Data Controller reserves the right to amend this Policy unilaterally, with effect from the date of the amendment, subject to the restrictions set out in the applicable legislation and, where necessary, by giving the data subjects adequate prior notice.

In communicating with the data subjects in relation to this Policy or data protection issues, or otherwise in contacting the data subjects, the Data Controller may use the contact details of the data subjects available to the Data Controller for contact and communication purposes.

Date: 8 April 2024, Budapest, Hungary.

ModulWood Zrt. - as Data Controller

represented by: András Katona CEO

[DT1]To be specified with the developers.

[DT2] time of the server log removal

Building has never been easier. And more stress-free.

Design your house in a few steps with our configurator, sit back and let MODULWOOD do the rest.

Have questions? Schedule a discovery call