Data management information
0. Funds
survinator.com acts as a controller and processor of personal data. The position of manager of personal data of survinator.com applies to the personal data of Users (registered members who have accepted the terms of use) and Questionnaire Fillers (natural persons who fill out questionnaires prepared in the system) visiting the survinator.com website (paragraph 0.1 of these regulations). With the personal data that the User has saved on the survinator.com server (the User prepares a questionnaire in which the respondents can even enter their personal data), survinator.com acts as a processor or only provides data storage for the User. The administrator of this personal data is the User himself (paragraph 0.2 of these regulations).
Automated individual decision-making (profiling): survinator.com does not perform profiling or automated individual decision-making.
0.1. survinator.com as the controller of personal data
survinator.com operates as a manager of the personal data of Users and Fillers visiting its website.
What personal data do we process?In order to fulfill the contract or legal obligations, survinator.com mainly processes the following personal data: e-mail, billing name, billing address, mailing name, mailing address.
Survinator.com also processes the data it obtains from Users and Fillers who use the survinator.com system or have visited the survinator.com website: cookies, log files (IP address or other online identifier).
How long do we process personal data?We process the User's personal data during the duration of the contractual relationship. We process personal data that are subject to special laws for the period prescribed by them.
Where do the personal data come from?Personal data is obtained directly from the data subjects during registration (contract conclusion) and when changing packages. We always inform the parties concerned what personal data is required for the agreement.
0.2. survinator.com as a processor of personal data
survinator.com provides storage space on its own server for the User's data used within survinator.com systems. The User's data may also include the personal data of the Questionnaire Fillers. We act as a processor in relation to the personal data stored by the User (respondents' personal data). The administrator of this personal data is the User himself.
Warning to the User:If you also collect personal data with the help of questionnaires, you become the controller of personal data and must comply with the data protection guidelines of the GDPR and related legislation. survinator.com is not responsible if the User violates the data protection rules.
Warning for Fillers and respondents:The use of the survinator.com system may also be determined by the User's guidelines and rules, if the User has one. If you provide your personal data to the User, please contact the User with any questions regarding the protection of personal data. We cannot be held responsible for the data protection and security rules used by the User, which may differ from these data protection guidelines.
What is the purpose of the processing and how do we handle the data?survinator.com does not perform any operations with the User's data, except for storing them on the survinator.com server. You will not modify, publish or transmit them to third parties (unless they are required by law to be made available to government authorities), unless otherwise provided in the agreement. The sole purpose of handling personal data is to store it and ensure its availability for the User.
What personal data do we process?We only process the personal data of the respondents that were saved to the survinator.com server using the questionnaires created on the survinator.com website, that is, the data that the respondents provided when filling out a questionnaire. These include: name, date of birth, gender, age, workplace, address, e-mail, phone number and the like.
How long do we process personal data?survinator.com processes personal data for the duration of the contract with the User. After the User terminates his account, all his data will be irrevocably deleted from our server.
1. The purpose of the data management information
The owner of survinator.com: Sándor Bíró, sole trader (tax number: 74450655-1-29, EV registration number: 22374322) (hereinafter: service provider, data controller) as a data controller, acknowledges the content of this legal notice as binding on him. It undertakes to ensure that all data management related to its activities meets the requirements set out in these regulations and in the applicable national legislation, as well as in the legal acts of the European Union.
The data protection guidelines arising in connection with the service provider's data management are continuously available at
survinator.com/en/privacy
The service provider reserves the right to change this information at any time. Of course, you will notify your audience of any changes in good time.
If you have any questions related to this announcement, please write to us and our colleague will answer your question.
The service provider is committed to protecting the personal data of its customers and partners, and considers it of utmost importance to respect its customers' right to informational self-determination. The service provider treats personal data confidentially and takes all security, technical and organizational measures that guarantee data security.
The service provider describes its data management practices below.
2. Data of the data controller
If you would like to contact the data controller, you can do so at info@survinator.com or +36 70 215 3708.
The service provider deletes all e-mails received, including personal data, no later than 1 year from the date of data communication.
Name: Sándor Bíró individual entrepreneur
Headquarters: 4032 Debrecen, Mikszáth Kálmán utca 11th floor: FS door: 2.
EV registration number: 22374322
Tax number: 74450655-1-29
Phone number: +36 70 215 3708
Email: info@survinator.com
2.1. Data Protection Officer
No data protection officer has been appointed.
3. Scope of managed personal data
3.1. Personal data to be provided during registration
Only the e-mail address is requested, it is mandatory.
3.2. Technical data
The service provider selects and operates the IT tools used for the management of personal data during the provision of the service in such a way that the managed data:
- available to those authorized to do so (availability);
- its authenticity and authentication are ensured (authenticity of data management);
- its immutability can be verified (data integrity);
- be protected against unauthorized access (data confidentiality).
The service provider uses appropriate measures to protect the data against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as against accidental destruction.
The service provider ensures the security of data management with technical, organizational and organizational measures that provide a level of protection corresponding to the risks associated with data management.
The service provider keeps it during data management
- confidentiality: protects the information so that only those who are authorized to access it can access it;
- integrity: protects the accuracy and completeness of the information and the method of processing;
- availability: it ensures that when the authorized user needs it, he can really access the desired information and that the related tools are available.
3.3. Cookies
3.3.1. The task of cookies
- collect information about visitors and their devices;
- note the individual settings of the visitors, which will be used, e.g. when using online transactions, so you don't have to type them in again;
- facilitate the use of the website;
- provide a quality user experience.
In order to provide customized service, a small data package, so-called it places a cookie and reads it back during the next visit. If the browser returns a previously saved cookie, the cookie management service provider has the opportunity to connect the user's current visit with previous ones, but only with regard to its own content.
3.3.2. Session cookies are absolutely necessary
The purpose of these cookies is to enable visitors to fully and smoothly browse the survinator.com website, use its functions and the services available there. The validity period of this type of cookie lasts until the end of the session (browsing), when the browser is closed, this type of cookie is automatically deleted from the computer or other device used for browsing.
3.3.3. Cookies placed by third parties (analytics)
The survinator.com website also uses cookies from Google Analytics as a third party. By using the Google Analytics service for statistical purposes, the service provider collects information about how visitors use the website. The data is used for the purpose of developing the website and improving the user experience. These cookies also remain on the visitor's computer or other device used for browsing, in their browser, until they expire, or until the visitor deletes them. IP Anonymization is turned on, so it is considered personal we do not collect data.
3.4. Data related to online ordering
- Billing name (required)
- Billing address: postal code, town, street, house number (required)
- Post name (optional)
- Posting address: zip code, town, street, house number (optional)
3.5. Data related to online administration
Email address
3.6. Data related to the newsletter
We do not send newsletters. The system sends notifications about important account events, at the bottom of these messages you can find the Unsubscribe option, but this also involves the termination of your account.
4. Planned use and retention period of the managed data
| Name of data | Usage | Legal basis | Retention period |
|---|---|---|---|
| E-mail address | Identification, notification of important account events | Terms of use of the page | For the duration of the use of the service |
| Billing data | Preparation of accounting documents | According to legal requirements | For the period prescribed by the relevant law |
| Posting data | Posting of accounting receipts | According to legal requirements | Until the service is used |
5. The purpose, method and legal basis of data management
The data management of the service provider's activities is based on voluntary consent and legal authorization. In the case of data processing based on voluntary consent, the data subjects may withdraw their consent at any stage of the data processing.
In some cases, the management, storage, and transmission of a range of the provided data is made mandatory by law, of which we notify our customers separately.
We draw the attention of data providers to the service provider that if they do not provide their own personal data, the data provider is obliged to obtain the consent of the data subject.
The basic principles of data management are in accordance with the current legislation on data protection, in particular with the following:
- 2011. year CXII. Act - on the right to self-determination of information and freedom of information (Infotv.);
- Regulation (EU) 2016/679 of the European Parliament and of the Council (April 27, 2016) - on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, and 95/46/EC on the repeal of the Regulation (General Data Protection Regulation, GDPR);
- 2013. Act V of 2008 - on the Civil Code (Ptk.);
- 2000. Act C of 2008 - on accounting (Accounting Law);
- 2017. year LIII. Act - on the prevention and prevention of money laundering and terrorist financing (Pmt.);
- 2013. year CCXXXVII. Act - on credit institutions and financial enterprises (Hpt.).
6. Data transmission, data processing, the circle of those familiar with the data
| Data processor | Tax number | Activity performed |
|---|---|---|
| Benemiz Könyvelő Bt. | 12413485-1- 09 | Accounting Services |
| Hungarian Posta Zrt. | 10901232-2-44 | Postal Services |
| DigitalOcean | EU528002224 | Virtual server provider |
7. Your affected rights and legal remedies
The data subject may request information about the management of his personal data, as well as request the correction of his personal data, or - with the exception of mandatory data processing - deletion or withdrawal, he may exercise his right to data portability and protest in the manner indicated when the data was recorded, or at the above contact details of the data controller.
7.1. Right to information
The service provider takes appropriate measures in order to provide data subjects with all the information referred to in Articles 13 and 14 of the GDPR and Articles 15-22 regarding the processing of personal data. and provide all information pursuant to Article 34 in a concise, transparent, comprehensible and easily accessible form, clearly and comprehensibly worded.
7.2. The data subject's right to access
The data subject has the right to receive feedback from the data controller as to whether his personal data is being processed, and if such data processing is in progress, he is entitled to access the personal data and the following information: the purposes of the data processing; categories of personal data concerned; the recipients or categories of recipients to whom or to whom the personal data has been or will be communicated, including in particular recipients in third countries and international organizations; the planned period of storage of personal data; the right to rectification, deletion or limitation of data processing and the right to protest; the right to submit a complaint to the supervisory authority; information about data sources; the fact of automated decision-making, including profiling, as well as comprehensible information about the applied logic and the significance of such data management and the expected consequences for the data subject. The data controller shall provide the information within a maximum of one month from the submission of the request.
7.3. Right of rectification
The data subject can request the correction of inaccurate personal data concerning him/her managed by the service provider and the addition of incomplete data.
7.4. Right to erasure
If one of the following reasons exists, the data subject has the right to request that the service provider delete his personal data without undue delay:
- personal data are no longer needed for the purpose for which they were collected or otherwise processed;
- the data subject withdraws his consent, which is the basis of the data management, and there is no other legal basis for the data management;
- the data subject objects to data processing and there is no overriding legal reason for data processing;
- personal data were handled illegally;
- personal data must be deleted in order to fulfill the legal obligation prescribed by EU or Member State law applicable to the data controller;
- the collection of personal data took place in connection with the offering of services related to the information society.
Deletion of data cannot be initiated if data management is necessary: for the purpose of exercising the right to freedom of expression and information; for the purpose of fulfilling the obligation under the EU or Member State law applicable to the data controller requiring the processing of personal data, or for the execution of a task performed in the public interest or in the context of the exercise of public authority conferred on the data controller; affecting the field of public health, or for archival, scientific and historical research purposes or for statistical purposes, on the basis of public interest; or to submit, assert or defend legal claims.
7.5. The right to restrict data processing
At the request of the data subject, the service provider restricts data processing if one of the following conditions is met:
- the data subject disputes the accuracy of the personal data, in this case the restriction applies to the period that allows checking the accuracy of the personal data;
- the data management is illegal and the data subject opposes the deletion of the data and instead requests the restriction of their use;
- the data controller no longer needs the personal data for the purpose of data management, but the data subject requires them to present, enforce or defend legal claims; or
- the data subject objected to data processing; in this case, the limitation applies to the period until it is established whether the legitimate reasons of the data controller take precedence over the legitimate reasons of the data subject.
If data management is subject to restrictions, personal data, with the exception of storage, will only be processed with the consent of the data subject, either for the presentation, enforcement or protection of legal claims, or for the protection of the rights of another natural or legal person, or for the purposes of the Union or a member state can be handled in the public interest.
7.6. Right to data portability
The data subject has the right to receive the personal data concerning him/her provided to the data controller in a segmented, widely used, machine-readable format, and to forward this data to another data controller.
7.7. Right to protest
The data subject has the right to object at any time for reasons related to his own situation against the processing of his personal data necessary for the execution of a task carried out in the public interest or in the context of the exercise of a public authority vested in the data controller, or for the enforcement of the legitimate interests of the data controller or a third party, including the aforementioned also profiling based on provisions. In the event of a protest, the data controller may no longer process the personal data, unless it is justified by compelling legitimate reasons that take precedence over the interests, rights and freedoms of the data subject, or that are related to the submission, enforcement or defense of legal claims.
7.8. Automated decision-making in individual cases, including profiling
The person concerned has the right not to be covered by a decision based solely on automated data management, including profiling, which would have legal effects on him or affect him to a similar extent.
7.9. Right of withdrawal
The data subject has the right to withdraw his consent at any time.
7.10. Right to go to court
In the event of a violation of their rights, the data subject may apply to court against the data controller. The court acts out of turn in the case.
7.11. Data protection official procedure
You can file a complaint with the National Data Protection and Freedom of Information Authority:
Name: National Data Protection and Freedom of Information
Authority Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.
Mailing address: 1530 Budapest, Pf.: 5.
Phone: 0613911400
Fax: 0613911410
E-mail: ugyfelszolgalat@naih.hu
Website: https://www.naih.hu
8. Other provisions
We provide information on data management not listed in this information when the data is collected.
We inform our customers that the court, the prosecutor, the investigative authority, the infringement authority, the public administrative authority, the National Data Protection and Freedom of Information Authority, the Hungarian National Bank, or other bodies based on the authorization of the law, provide information, communicate data, transfer , or they can contact the data controller to provide documents.
The service provider will only release personal data to the authorities - if the authority has specified the exact purpose and the scope of the data - to the extent and to the extent that is absolutely necessary to fulfill the purpose of the request.