This notice provides detailed information on how KEGLO Ltd. (hereinafter: Data Controller) ensures your data protection rights during our data processing in accordance with applicable European Union laws, particularly Regulation (EU) 2016/679 (GDPR).
The data subject is any natural person whose personal data we process. We handle personal data confidentially and take all necessary security, technical, and organizational measures to protect your data. This policy covers the data processed for communication and contact purposes.
Name: KEGLO Ltd.
Representative: Ádám Keglovits
Email: [email protected]
Address (Mailing): 1194 Budapest, Hamu u. 28.
The Data Controller processes personal data to maintain contact with current and potential clients. The data is processed for the purpose and in the manner outlined in this policy.
Purpose and data processed:
For communication purposes, we process the contact person’s (data subject’s) name, phone number, and email address as personal data.
Legal basis of processing:
a) If the data subject provides personal data on their own initiative for contacting us: GDPR Article 6(1)(b), i.e., necessary for the performance of a contract or steps taken prior to entering into a contract.
b) If personal data is provided on behalf of another legal or natural person: GDPR Article 6(1)(f), i.e., legitimate interest. For potential clients, the legitimate interest is business development; for existing clients, it is contract performance.
Source of the data:
Personal data is provided either by the data subject or by an employee, agent, or collaborator of the organization where the data subject is employed.
Duration of data processing:
a) If the basis is contract performance, data will be processed until the end of the relationship and the expiry of the limitation period, or until consent is withdrawn if requested earlier.
b) If the basis is legitimate interest, data is retained until the end of the relationship and the expiry of the limitation period.
The retention period may be extended if the Data Controller is entitled to process the data on another legal basis. For more information, please request clarification or consult additional relevant privacy notices.
Processors used by the Data Controller:
– Google – for providing email services at [email protected]
The Data Controller shall respond to requests without undue delay and no later than one month. If the request is denied, the Data Controller must provide a reason. Requests can be submitted via the contact options listed above.
Rights vary depending on the legal basis of processing.
A) Rights applicable to all data subjects:
1.) Right of access (Article 15 GDPR)
Data subjects may request confirmation as to whether their personal data is being processed and, if so, obtain access to that data, including details such as purposes, categories, recipients, duration, and available rights.
2.) Right to rectification (Article 16 GDPR)
Data subjects may request the correction of inaccurate data. Supporting facts or documentation may be required for verification.
3.) Right to erasure / to be forgotten (Article 17 GDPR)
Data subjects may request deletion if:
a) data is no longer needed for its original purpose;
b) the data subject objects and there is no overriding legal ground;
c) the data was unlawfully processed;
d) legal obligations require deletion.
If data was shared with other processors, they will be notified of the deletion request within 30 days.
4.) Right to restriction of processing (Article 18 GDPR)
Data subjects may request restriction if:
a) data accuracy is contested (restriction applies during verification);
b) processing is unlawful and deletion is refused;
c) the data is no longer needed but is required for legal claims;
d) the data subject has objected, pending resolution.
Restricted data may only be processed with consent or for legal reasons as listed above.
5.) Right to lodge a complaint / seek legal remedy
If your rights are violated, you may seek remedy at the competent court. Courts handle these matters with priority. List of courts: http://birosag.hu/torvenyszekek
You may also contact the Hungarian National Authority for Data Protection and Freedom of Information:
Address: 1055 Budapest, Falk Miksa u. 9-11. Mailing: 1363 Budapest, Pf. 9 Email: [email protected] Website: https://naih.hu/
B) Additional rights if processing is based on contract performance or pre-contractual steps:
1.) Right to data portability (Article 20 GDPR)
You may request a copy of the data you provided in a structured, commonly used, machine-readable format. You may also request transfer to another controller, if technically feasible.
C) Additional right if processing is based on legitimate interest:
1.) Right to object (Article 21 GDPR)
You may object to processing based on legitimate interest. If no overriding legal grounds exist, the data must no longer be processed.
Hungarian National Authority for Data Protection and Freedom of Information
Address: 1055 Budapest, Falk Miksa u. 9-11.
Mailing Address: 1363 Budapest, Pf. 9.
Email: [email protected]
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
Website: www.naih.hu