This Privacy Statement and Data Processing Information lays down the data protection principles and data processing rules applied by Idea Fortis Translation and Interpreting Services. The https://ideafortis.hu/ website is operated by CG-Systems Kft. (www.cg-systems.hu)
In this Privacy Statement and Data Processing Information, Idea Fortis Translation and Interpreting Services considers the following legal regulations and binding acts of the European Union:
- Act CXII of 2011 on Informational Self-Determination and Freedom of Information,
- Regulation (EU) No 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation),
- Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Information Society Services,
- Act XLVII of 2008 on the Prohibition of Unfair Business-to-Consumer Commercial Practices,
Basic Principles of Data Processing
In conducting its activities, Idea Fortis Translation and Interpreting Services shall respect the following basic principles in Article 5 of the General Data Protection Regulation:
- data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
- data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (‘purpose limitation’);
- data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
- data shall be accurate and, where necessary, kept up to date; we shall take every reasonable step to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);
- data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (‘storage limitation’);
- data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
Information under Articles 13-14 of the General Data Protection Regulation
1. The Controller and its contact details
Idea Fortis Fordító- és Tolmácsiroda (H-1143 Budapest, Stefánia út 18. 2/9., company registration number: 01-09-948695, tax identification number: 23007455-2-42, phone number: +36 1 300 4553; +36 20 273 2565, email: firstname.lastname@example.org, website: www.ideafortis.hu), hereinafter referred to as: Controller
2. Processing data of data subjects
2.1. Data subjects and processed data:
a) Idea Fortis Translation and Interpreting Services shall process the following personal data in providing its translation services—including the request for quotation form on the www.ideafortis.hu website:
i. name, contact, billing details and other data of any natural person (including sole proprietors, small-scale agricultural producers, solicitors, etc.), as required for contract fulfilment;
ii. any personal data in the text provided by any natural person for translation;
iii. any personal data in the text provided by any legal person (including any court, public prosecutor’s office, investigative authority) for translation;
b) Idea Fortis Translation and Interpreting Services shall process the following personal data in providing its interpreting services:
i. name, contact, billing details and other data of any natural person (including sole proprietors, small-scale agricultural producers, solicitors, etc.), as required for contract fulfilment.
The client shall be the controller of any personal data not pertaining to the client in the text provided for translation. Regarding such data, the client shall be responsible for the lawfulness of processing (forwarding to Idea Fortis Translation and Interpreting Services).
2.2. Purposes of processing
Controller shall process the data of data subjects, defined in Clause 2.1, for the following purposes:
a) processing the translation demand (request for quotation) of the client, making of the translation ordered;
b) billing and collecting the order value;
c) fulfilling taxation, accounting and other legal requirements pertaining to the request for quotation and the order;
d) enforcement of legal claims pertaining to the request for quotation and the order;
e) translation quality improvement at the Controller. To this end, the Controller shall use the translation memory produced in the translation process related to the order of the client, and the finished translation—without data enabling identification—for text analysis to perform future orders;
f) sending newsletters and messages for sourcing new business.
2.3. Legal grounds for processing:
In providing its translation and interpreting services, the Controller shall process any personal data on the following legal grounds:
a) consent of the data subject [Article 6(1)(a) of the GDPR];
b) preparing and performing the contract [Article 6(1)(b)];
c) performing a legal obligation to which the Controller is subject [Article 6(1)(c)];
d) legitimate interest of the Controller [Article 6(1)(f)];
2.3.1 Controller shall process personal data (name, email address) of the data subject for sending electronic newsletters at his/her expressed, voluntary consent. Denial of consent shall not imply any disadvantages for the data subject. Controller shall process data voluntarily provided by the data subject to send newsletters until withdrawal of the consent.
2.3.2. Controller shall process personal data of the data subject, specified in Clause 2.1, to process requests for quotation and perform orders—including the enforcement of legal claims associated with such requests for quotation and orders—prepare contracts and perform contracts. To prepare and perform the contract, it is obligatory to provide the data specified in Clause 2.1; without them, Controller shall not be in the position to respond to a request for quotation or make the translation. Controller shall maintain data under this legal title for 8 years after contract completion or sending the quotation for a request for quotation which does not develop into a contract at the end.
2.3.3. Controller shall process, amongst others, the following data for the legal title of performing a legal obligation
a) invoicing data required by the relevant legal regulations, for the period specified in Point (b);
b) according to the provisions of the Accounting Act, Controller shall keep accounting documents directly and indirectly supporting accounting data (including but not limited to general ledgers, analytic and detailed records); hence data therein, readably and retrievably, according to accounting records, for a period of 8 years at least;
c) if the Controller is appointed as an expert in any criminal procedure, then they shall maintain any personal data in the text the court, prosecutor’s office, the investigative authority sends for translation in compliance with the provisions of the Criminal Proceedings Act, and keep them for 5 years after the end of the specific expert activity;
d) if the Controller is appointed under the Code of Civil Procedure, then they shall maintain any personal data in the text the court, prosecutor’s office, the investigative authority sends for translation in compliance with the provisions of the Code of Civil Procedure, and keep them for 5 years after the end of the specific expert activity;
Since recording, storing data subject to mandatory processing, reporting thereon, under a separate legal regulation, or any other form of processing personal data is a legal obligation of the Controller; hence, failing to report data might imply a denial to contract or perform a contract.
2.3.4. Under the legal title of lawful interest, the Controller shall have the right to use the contact details of clients (natural persons) for direct sourcing of new business, sending printed mail, and to perform profiling by way of querying the available data of those who have not made a statement prohibiting the sourcing of business. Data subjects may at any time object to the use of their personal data for sourcing new business; if they object, then Controller shall cease to use personal data for the direct acquisition of business. Controller shall always draw the attention of the data subject to the right of objection whenever they get in contact with each other.
2.4. Automated decision-making, profiling
Controller shall not apply any automated decision-making or profiling related thereto.
3. Recipients of forwarded personal data
Controller shall forward/disclose personal data of data subjects to the following bodies, persons only—save for public bodies defined in any legal regulation or a binding act of the European Union, requiring personal data from the Controller for their specific investigations:
a) data and documents required by the business organisation providing bookkeeping and accounting services to the Controller, to perform their bookkeeping obligations;
b) the subcontractors involved in the translation, this involves the personal data in the texts provided for translation.
Controller shall not forward personal data of data subjects to any other third person, organisation.
For further information regarding Google Analytics cookies, please click here.
The Websites use the remarketing tracking codes of Google AdWords. It allows the Service Provider to promote remarketing ads on the websites in the Google Display network to the data subjects visiting its websites. You can disable such cookies with the instructions in the Ads Settings of Google. For ads-related privacy policies of Google, please click here.
Every modern browser offers the option to change cookie setups. Most browsers automatically accept cookies by default, but this can be disabled so that the browser prevents automatic acceptance and offers a choice between enabling and disabling cookies every time.
Please note that disabling or deleting cookies might mean that the users cannot use the full functionality of our website and the website might function differently than expected in the browser.
You can read about the cookie settings of the most popular browsers via the following links:
5. Protection of the rights of data subjects
5.1. Pursuant to Articles 12-21 of the GDPR, the data subject may request access to his/her personal data, their erasure, restriction of their use, and he/she may also object the processing of such data, and he/she may also exercise his/her right to data portability.
5.2. Should the rights of the data subject under the GDPR become infringed, he/she may lodge a complaint with the Controller, via the contact details provided in Clause 1.
5.3. The data subject may lodge a complaint with the National Authority for Data Protection and Freedom of Information (http://naih.hu/; H-1125 Budapest, Szilágyi Erzsébet fasor 22/c; mailing address: 1530 Budapest, Pf.: 5.; telephone: +36-1-391-1400; fax: +36-1-391-1410; Email: email@example.com). The data subject shall have the right to lodge a complaint with any other authority; hence, with any authority of the EU Member State of his/her habitual residence.
5.4. A lawsuit may be filed with a court against the Controller for the violation of the rules for processing personal data. The data subject may file for a lawsuit at the Budapest-Capital Regional Court or at the Regional Court having jurisdiction over his/her residential address. Contact details of Hungarian regional courts (törvényszékek) are available on this link: http://birosag.hu/torvenyszekek
If the habitual residence of the data subject is in another Member State of the European Union, then the lawsuit may be lodged with a court having competence and jurisdiction in that Member State as well.
Place and date: Budapest, 25 May 2018