Privacy Policy
Privacy Policy
Purpose of this Privacy Policy
The purpose of this Privacy Policy is to present in a transparent and detailed manner how Nethod Consulting and Engineering Services Ltd. (hereinafter: “Data Controller”) processes personal data in the course of its activities, and to inform data subjects of their rights and how to exercise them.
Legal Compliance
Data processing is carried out in accordance with Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information and Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).
Key Definitions
Data subject: any identified or
identifiable natural person to whom the personal data relates.
Personal data: any information
relating to the data subject.
Data Controller: the natural or
legal person who determines the purposes of personal data processing, makes and
implements decisions related to data processing.
Data Processor: the natural or
legal person or organisation without legal personality who processes personal
data on behalf of or under the instruction of the Data Controller.
Data Controller Details
Name: Nethod Consulting and Engineering Services Ltd.
Registered address: 1147 Budapest, Gyarmat u. 71/b
Company registration number: 01-09-405341
Tax number: 32071515-2-42
E-mail: info@nethod.hu
Website: https://www.nethod.hu
Principles of Personal Data Processing
We process personal data solely for clearly defined, lawful purposes, for the exercise of rights and fulfilment of obligations. Data processing at every stage is consistent with its purpose, and the collection and processing of data is fair and lawful.
We only process personal data that is essential for and appropriate to achieving the purpose of data processing. Personal data is processed only to the extent and for the duration necessary to achieve the purpose.
Categories of Data Processed
Name
Email address
Date of subscription
IP address (for technical logging, if required)
•Billing address, tax number (for legal entities), and other data required for invoicing (for use of services and invoice issuance, if required)
Password (encrypted)
Contact details (phone number, address, if required)
In the case of mandatory-notification training courses, data required by Act LXXVII of 2013 on Adult Education (for FAR data reporting)
Persons Authorised to Process and Access Data
The designated employees of Nethod Consulting and Engineering Services Ltd. are authorised to process and access the provided personal data.
Purpose of Data Processing
•Sending newsletters, professional content, event invitations, and promotional offers to subscribers by email.
•Creating user accounts and providing related services.
Processing service orders, fulfilling contracts, invoicing, and meeting statutory requirements related to performance
Legal Basis for Data Processing
The legal basis for data processing is the consent of the data subject: the freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, through a statement or by a clear affirmative action, signify their agreement to the processing of personal data relating to them.
Duration of Data Processing and Retention Period
Data is stored until the fulfilment of statutory obligations and the achievement of the data processing purpose, or until the withdrawal of consent. Thereafter, data is deleted or anonymised.
In the case of newsletter subscription, data is processed until the user unsubscribes from the newsletter or withdraws their consent. Unsubscription is possible at any time via the link at the bottom of any newsletter.
Documents related to the activities of Nethod Consulting and Engineering Services Ltd. and/or their data content recorded in IT systems that document economic events and therefore qualify as accounting records are stored for the retention period defined in the applicable tax and accounting regulations – which, under currently applicable statutory provisions, is 8 years.
In other cases, personal data is processed for as long as the purpose of data processing (exercise of contractual rights, facilitating contact and communication, fulfilment of services and obligations undertaken by the parties, enforcement of rights, fulfilment of data reporting obligations) exists.
Data Storage Method
Data is stored electronically on protected servers with password protection and other security measures. We ensure the storage and security of data in accordance with the current state of science and technology.
Data Security Measures
We ensure appropriate security of personal data through the application of suitable technical and organisational measures – in particular those designed to protect against unauthorised or unlawful processing and against accidental loss, destruction, or damage. We take all reasonably expected measures against unauthorised access to, alteration, disclosure, deletion, damage, destruction of personal data we process, as well as against the data becoming inaccessible due to changes in the technology applied.
Handling of Data Protection Incidents
In the event of a data protection incident (a breach of data security resulting in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed), the Data Controller shall, in compliance with legal requirements, report the incident to the National Authority for Data Protection and Freedom of Information (NAIH) without undue delay and, where feasible, no later than 72 hours after becoming aware of it, unless the incident is unlikely to result in a risk to the rights and freedoms of natural persons.
Data Transfers, Processors, and Third Parties
We engage the following data processors:
Hosting provider and operator of the Nethod Consulting and Engineering Services Ltd. website: Odoo S.A., registered address: Chaussée de Namur 40, 1367 Grand-Rosière, Belgium. Activity: providing the technical infrastructure for the website and newsletter sending services.
Tevékenység: a weboldal és hírlevélküldés technikai hátterének biztosítása a
Newsletters
Newsletter sending service provider: MailerLite Limited, registered address: Ground Floor, 71 Lower Baggot Street, Dublin 2, Ireland. Activity: sending newsletters and conducting related statistical measurements.
Statistics
Accounting service provider of Nethod Consulting and Engineering Services Ltd. Activity: bookkeeping, payroll, and tax-related tasks.
Marketing agency of Nethod Consulting and Engineering Services Ltd. Activity: planning and executing marketing campaigns.
Partners may only process data for the specified purpose and for the necessary duration. We may engage additional partners for personal data processing in order to provide our services.
Personal data is not transferred to third parties.
Rights of the Data Subject
As a data subject, you have the right to:
receive information about facts related to data processing prior to the commencement of processing;
have the Data Controller provide you with your personal data and information related to their processing upon request;
have the Data Controller rectify or supplement your personal data upon request;
have the Data Controller restrict the processing of your personal data upon request;
have the Data Controller erase your personal data upon request.
Contact
For data protection enquiries, you can contact us at the following email address: info@nethod.hu
Legal Remedies
If you believe that your personal data has been processed in a manner that infringes your rights, you may initiate proceedings before the competent data protection authority: National Authority for Data Protection and Freedom of Information (NAIH); 1055 Budapest, Falk Miksa utca 9-11.; phone: 1-391-1400; email: ugyfelszolgalat@naih.hu; website: http://naih.hu/.
In the event of a violation of your rights, you may also bring proceedings against Nethod Consulting and Engineering Services Ltd. before a court. The data subject may, at their choice, also bring the action before the court having jurisdiction over their place of residence or habitual residence.
Supplements
Trainings, Workshops, and Individual Consultations
When registering for our trainings, workshops, or individual consultations, we request personal data from you, such as your email address.
Purpose of data processing: The primary purpose of processing the personal data of partners participating in our trainings, workshops, or consultations is to organise the sessions safely and in compliance with statutory requirements, and to ensure appropriate communication with our clients.
The personal data you provide is processed in accordance with the Privacy Policy above, with the following additions:
The personal data provided will be treated confidentially and will not be disclosed to third parties.
Your email address is used for conducting the workshop, training, or consultation and serves to communicate notifications, information, questions, and answers related to the session. By accepting this Privacy Policy, you acknowledge that during an online training, course, webinar, or other online programme, other participants may see your name, email address, and profile picture.
Your email address may be used for marketing purposes, such as sending newsletters and notifications about future workshops and similar events. If you do not consent to this, you may unsubscribe at any time via email.
Mandatory-Notification Training Courses
When registering for training courses subject to mandatory notification (issuing a FAR certificate), we request additional personal data from you beyond those listed above.
Purpose of data processing: The primary purpose of processing the personal data of partners participating in our training courses is to organise the training safely and in compliance with statutory requirements, to fulfil FAR data reporting obligations, and to ensure appropriate communication with our clients.
The personal data you provide is processed in accordance with the Privacy Policy above; however, in the case of mandatory-notification training courses, we must also comply with the data processing obligations of the Adult Education Act – Act LXXVII of 2013, Section 21 – and accordingly, data processing and retention is modified and supplemented as follows:
As a training provider, we process the natural personal identification data and educational identification number, electronic correspondence address, position, and highest level of education of the person participating in the training, as well as data related to the training, for the purposes of preparing and concluding the Contract, preparing documents arising during performance of the Contract, maintaining contact, conducting the training, and fulfilling notification and data reporting obligations.
Under the Adult Education Act, this data may be used for statistical purposes and may be transferred in anonymised form for statistical use; furthermore, it may be transferred free of charge to the Hungarian Central Statistical Office in a form allowing individual identification for statistical purposes.
Data is processed until the last day of the eighth year from the conclusion of the adult education contract.
Your email address is used for conducting the training and serves to communicate notifications, information, questions, and answers related to the training. By accepting this Privacy Policy, you acknowledge that during an online training, other participants may see your name, email address, and profile picture.
Your email address may be used for marketing purposes, such as sending newsletters and notifications about future training courses and similar events. If you do not consent to this, you may unsubscribe at any time via email.
Thank you for participating in our events!
We always comply with data protection legislation when processing personal data. Your data is stored securely and we take all necessary measures to protect it. For further information regarding the processing of your personal data, please do not hesitate to contact us.