Data Protection Policy
By publishing the present Data Protection Policy Seamantec Kft. as the data controller hereby informs all data subjects and users of its Sites on all aspects relating to gathering information while you are using our Site, how we handle your personal data and all further permissible uses of such personal data. It is important that you read this policy carefully to understand our views and practices regarding your personal data and how we will treat your personal details.
Creating a registered account, you thereby accept our General Terms and Conditions of Purchase www.seamantec.com/terms and this DPP in full; and further, you expressly consent to our collection, storage, use and disclosure of your personal data as described in this DPP.
Further versions of this DPP is effective upon acceptance for all newly registered users and is otherwise effective 7 days after being posted on the Site.
2. DATA CONTROLLERName:Seamantec Korlátolt Felelősségű TársaságRegistered seat:2092 Budakeszi, Szőlőskert utca 5.Postal address:2092 Budakeszi, Szőlőskert utca 5.Represented by:János Gönczy or Péter VargaRegistry no.:Cg.13-09-164288Registry Court:Budapest Area Court (Budapest Környéki Törvényszék)VAT number:24364120-2-13EU VAT number:HU24364120Customer Support E-mail:firstname.lastname@example.orgCustomer Support E-mail:email@example.comData collection reg. numbers:NAIH-[…] – scope
NAIH-[…] – scopeData protection contact:Seamantec Kft.Data Protection Representative:Postal address: 2092 Budakeszi, Szőlőskert utca 5.
“anonymous data” means information that is not associated with or linked to any person or to personal data relating to a data subject. Anonymous data does not permit the identification of individual persons.
“Authority” means the National Authority for Data Protection and Freedom of Information
“data subject” means a natural person who has been identified by reference to specific personal data, or who can be identified, directly or indirectly,
“personal data” means any information relating to the data subject, in particular by reference to his name, an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity, and any reference drawn from such information pertaining to the data subject,
“special data” means
personal data revealing racial origin or nationality, political opinions and any affiliation with political parties, religious or philosophical beliefs or trade-union membership, and personal data concerning sex life,
personal data concerning health, pathological addictions, or criminal record.
“consent” means the voluntarily and expressly given specific and informed indication of the data subject’s wishes by which the data subject signifies his agreement to personal data relating to him being processed without limitation or with regard to specific operations,
“objection” means a statement by which the data subject objects to the processing of his personal data and requests that the processing of data relating to him be terminated and/or the processed data be deleted,
“data controller” a natural or legal person or unincorporated organization that determines the purpose of data processing either on his own or together with others, makes and executes decisions pertaining to data processing (including the means thereof) or has it executed by a data processing contractor assigned by it.
“controlling of data” means regardless of the method employed, any operation or set of operations that is performed upon data, such as in particular collection, recording, organization, storage, adaptation or alteration, use, retrieval, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction, and blocking them from further use, photographing, sound and video recording, and the recording of physical attributes for identification purposes (such as fingerprints and palm prints, DNA samples and retinal images),
“disclosure by transmission” means making data available to a specific third party,
“public disclosure” making data available to the general public,
“erasure of data” means the destruction or elimination of data in a manner sufficient to make them irretrievable,
“blocking of data” means the marking of stored data with the aim of limiting their processing in future permanently or for a predetermined period,
“destruction of data” the complete physical destruction of the medium containing data,
“data processing” means the technical operations involved in data control, irrespective of the method and instruments employed for such operations and the venue where it takes place, provided that such technical operations are carried out on the data,
“data processor” means a natural or legal person or unincorporated organization that is engaged under contract in the processing of personal data, including when the contract is concluded by virtue of law,
“data source” means a body having public service functions, that is responsible for the inception – in the course of operations or otherwise – of any statutory public information to be published by way of electronic means,
“third party” means any natural or legal person or unincorporated organization other than the data subject, the controller or the processor,
“data protection directive” Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
“Act” means Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information.
“DPP” means this Data Protection Policy of Seamantec Kft..
“Site” means the website at http://www.seamantec.com and any other websites and its subdomains owned or operated by data controller and where this DPP is publicly disclosed.
Any further terms used with capital letters in this DPP have the meaning assigned to them in the General Terms and Conditions of Purchase www.seamantec.com/terms.
4. PURPOSE OF DATA COLLECTION
For you to actively the functions of the Site (e.g. initiate purchases and downloads) do need to collect some of your personal data from you. Once you provide us with your required personal data, you are no longer anonymous. In providing us with your personal data, you consent to the transfer and storage of such information on our servers.
Personal data collected is controlled/processed exclusively for the below purposes:
enabling user registration and login of registered users,
enabling users to download Software Products, install and activate them
Customer Support and user communication purposes
if consented explicitly for the purpose of sending marketing materials
registering and follow-up (contacting you via e-mail) on orders registered as “incomplete” by our ordering system
5. LEGAL BASIS OF DATA COLLECTION
Collection and controlling of personal data takes place on the basis data subjects’ consent as described in § 5(1) subsection a) of the Act. Consent may be granted by using the Site or by registering on the Site, furthermore by providing the personal data to us while using the Site’s functions (in particular, but not limited to submitting orders, request activation keys, etc.)
6. DATA TYPES
6.1. Anonymous technical data
You may visit the Site at any time without providing your identity or revealing any personal data about yourself. However, when you visit the Site, we may collect and store your computer and connection information, statistics on page views, traffic to and from our Site, advertisement data, IP address and standard web log information and information from other companies, such as demographic and data.
Such data is never connected to any person’s registration information or other personal data, therefore such data does not qualify as personal data. Such data may only be accessed by Seamantec Kft. and only used for the purpose of operating the Site and for statistical purposes.
6.2. Registration data
Data subjects are requested to provide the following personal data when registering on the Site:
Data controller may request further data in order to prepare, automatize, enhance the use of the services, features or functions on available on the Site. Provision of such data is not mandatory for registration.
6.3. Ordering and Purchase related data
Data subjects are requested to provide the following personal data when initiating evaluation version downloads or purchasing commercial license activation keys on the Site:
Data controller may request further data in order to prepare, automatize, enhance the use of the services, features or functions on available on the Site. Provision of such data is not mandatory for requesting downloadable software copies or purchasing activation licenses.
Cookies are small text files that are placed on your computer by the Site.
Cookies can be controlled by you following your Internet browser’s help file directions.
Alternatively you may follow instructions of this English language online guide on cookies: http://www.aboutcookies.org/Default.aspx?page=1 .
NOTICE: If you choose to disable Cookies in your internet browser, you may not be able to log in to the Site and access some Site features and pages.
Types of Cookies the Site uses:
Cookie Filename(s) Purpose session id _session_id Session cookies allow users to be recognized within the Site so any page changes or item or data selection the User does is remembered from page to page. The most common example of this functionality is the shopping cart feature of the Site. When user visits one page of a catalogue and select some items, the session cookie remembers the selection so the shopping cart will have the items selected when the user is ready to check out. auto login _session_id these cookies remember the user’s login information to fill out the login form automatically for the user, when user starts the login procedure next time google analytics _ga these cookies are used to collect information about how users use our Site. We use the information to compile reports and to help us improve the Site. The cookies collect information in an anonymous form, including the number of users to the Site, where users have come to the Site from and the pages they visited within the Site. For further information on Google’s privacy terms and measures click here .
No third parties set cookies on user computers via the Site.
At various steps of using the Site data controller provides the possibility to the data subjects to give their consent to subscribe to the periodic newsletter issued by the data controller and sent to the e-mail address provided by the data subject. Such newsletters may contain marketing- or advertisement messages of data controller or its advertising partners.
If consent is granted, data controller processes personal data lawfully collected from the data subject. No personal data is transmitted to any third parties (even if such third parties’ advertisement or marketing message is placed in the newsletter.
Data subjects may unsubscribe with immediate effect on convenience and without giving reason from the newsletter if they wish to revoke their consent to subscription. Such revocation of consent may be performed by clicking the “Unsubscribe” link at the bottom of the newsletter, or by notifying data controller via e-mail or regular mail. In such cases data controller erases all personal data with the sole purpose facilitating such communication and stops sending the newsletters to the data subject.
Personal data may only be accessed by data controller and its employees. Such persons may not transmit personal data to any third part and may only access and process personal data for the purposes set out herein.
9. DATA PROCESSORS
Data controller employs the following data processor(s) for the purposes defined at each data processor entity’s information:
Name Contact Purpose Amazon AWS Amazon Web Services, Inc. 410 Terry Ave North Seattle, WA 98109-5210, US Hosting the Site and the downloadable material. Amazon as data processor does not access the personal data of any specific data subjects, however in for the purposes of operating its hosing services it may backup, archive, move the databases containing such data. MailChimp MailChimp 512 Means Street Suite 404 Atlanta, GA 30318 USA marketing communication provider, processing e-mail addresses and last name, first name of data subject that gave consent to receiving marketing e-mail
Data processors always act in line with the instructions and requirements of data controller and the greatest care was taken during the selection process of data processor partners by data controller.
10. DISCLOSURE BY TRANSMISSION
Personal data may be disclosed in the following cases:
(a) to competent and duly authorized national security organs, law enforcement authorities and courts for purposes of national security, defense and for the prevention and prosecution of criminal offences and the unauthorized use of telecommunication systems,
(b) to courts in the case of legal disputes,
(c) to assigned contractors of data controller acting within the scope of it’s business or administrative activities (e.g. accountants, lawyers, etc.) to the extent necessary for the fulfilment of such assignments,
(d) to Payment Service Provider the data of data subjects initiating purchase related disputes involving such Payment Service Provider for the sole purpose of settling such disputes.
In respect of data disclosed pursuant to points c) and d) of this section, the recipients of data shall be bound by the same non-disclosure obligations that apply to data controller.
Transmission of personal data within the European Economic Area qualifies as if the data would be transmitted within the territory of Hungary. (§8 (4) of the Act).
If the data subject does not approve the transmission of its personal data, it may request via e-mail or regular mail from data controller to cease further transmission activities.
11. DATA SECURITY
On the Site your account and information contained therein is password protected for your security. It is expressly forbidden for you to share this password with any other person for any reason.
PLEASE NOTE THAT NO REPRESENTATIVE OF DATA CONTROLLER WILL EVER ASK YOU FOR YOUR PASSWORD IN ANY FORM OF COMMUNICATION, INCLUDING EMAIL.
Please ensure that you log out of the Site and close the browser window when you leave the Site; this is imperative if you have accessed the Site from a public computer. This is, at present, the safest way of preventing that no one else has access to your personal data. Data controller accepts no liability for the abuse of login data and passwords used.
You shall be exclusively liable for the confidentiality of access credentials (especially the password).
You shall immediately change the password upon learning that any unauthorized third person may have the password, and shall the abuse of the password by the third be suspected, you must also notify the data controller.
Further, data is treated as an asset that must be protected. Data controller and its contracted data processors use security measures to protect both your privacy and personal data against unauthorized access and disclosure, however data controller cannot guarantee (not should you expect) that your personal data or private communications will always remain private.
Data controller may claim damages in case you provided third party’s personal data in the course of registration to use the Site or its functions, or caused damages in any manner during the usage of the Site. In such cases, data controller provides all cooperation and support to authorities in order to facilitate identification of the wrongdoer.
12. RIGHTS OF DATA SUBJECTS AND THE ENFORCEMENT OF THOSE RIGHTS
In a submission addressed to the data protection contact specified in Section 1 above, the data subject may request information on the processing of his personal data, may request the rectification of such data and, save where processing is rendered mandatory, may also request the erasure or blocking of his personal data.
Upon the data subject’s request, the data controller shall provide information concerning the data relating to it, including those processed by a data processor on its behalf, the sources from where they were obtained, the purpose, grounds and duration of processing, the name and address of the data processor and on its activities relating to data processing, and – if the personal data of the data subject is made available to others – the legal basis and the recipients. Data controller shall provide the requested information in an intelligible form and in writing within the shortest possible time but not later than 30 days after the submission of the request.
Data controller shall rectify any personal data deemed inaccurate or shall erase it if:
• processing of such data is unlawful,
• so requested by the data subject, provided the data controller is not required by law to continue to retain such data, or if further data processing is not necessary for the enforcement of the data controller’s rights,
• data is incomplete or inaccurate and it cannot be lawfully rectified,
• the purpose of processing no longer exists or the legal time limit for data retention has expired,
• so instructed by court or by the National Authority for Data Protection and Freedom of Information.
When a data is rectified or erased, data controller shall notify the data subject to whom it pertains and all recipients to whom it was transmitted for processing. Notification is not required if it does not violate the rightful interest of the data subject in light of the purpose of processing.
If the data controller refuses to comply with the data subject’s request for rectification, blocking or erasure, the factual or legal reasons on which the decision for refusing the request for rectification, blocking or erasure is based shall be communicated in writing within 30 days of receipt of the request. Where rectification, blocking or erasure is refused, the data controller shall inform the data subject of the possibilities for seeking judicial remedy or lodging a complaint with the Authority.
The data subject shall have the right to object to the processing of data relating to him
(a) if processing or disclosure is carried out solely for the purpose of discharging the controller’s legal obligation or for enforcing the rights and legitimate interests of the controller, the recipient or a third party, unless processing is mandatory,
(b) if personal data is used or disclosed for the purposes of direct marketing, public opinion polling or scientific research,
(c) in all other cases prescribed by law.
In the event of objection, in respect of data related to such objection and with the simultaneous suspension of data processing, data controller shall investigate the cause of objection within the shortest possible time within a 15-day period and it shall notify the data subject in writing of its decision. If the data subject’s objection is justified, data controller shall terminate all processing operations (including data collection and transmission), block the data involved and notify all recipients to whom any of these data was previously transferred concerning the objection and the ensuing measures, upon which these recipients shall also take measures regarding the enforcement of the objection. If the data subject disagrees with the decision taken by data controller, he shall have the right to bring action in the court of law within 30 days after such decision was communicated.
Data subjects shall acknowledge that data controller will not erase data and will continue to be entitled to process data as long as data controller may enforce a claim against the data subject (either via court proceedings or out of court). In case no claim enforcement proceedings are launched or the date subjects fulfilled their payment obligation to data controller arising from a business relationship, data can be erased after the term of limitation is elapsed.
Complaints and inquiries seeking legal remedy may be submitted to the National Authority for Data Protection and Freedom of Information by using the below contact details, or, according to § 22 of the Act, data subjects may, in the event of the infringement of their rights, also seek redress from courts of law:
Name: National Authority for Data Protection and Freedom of Information
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c, Hungary
Telephone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
13. MISCELLANEOUS PROVISIONS
Seamantec Kft. reserves the right to amend the present DPP unilaterally, with the prior notification to you via the Site (e.g. next login). After the entry into force of the amended version, you accept the contents of the amended version by using the Site’s services and functions or by logging in after pop-up notification.
Data controller does not check or verify the validity or truthfulness of data provided by the data subject. Data subject is responsible for the validity or truthfulness, furthermore data subject warrants that the data (in particular the e-mail address) provided is used exclusively by the data subject.
This Data Protection Policy is effective from 1 November, 2014.
A copy of this Data Protection Policy is accessible and downloadable here: seamantec.com/data_protection