Our privacy policy principles

 

Mongo Applikáció Kft. (Ltd.) service-provider/data controller as the operator of the webpage of www.monguforteen.com processes data of the persons registered on the webpage or interested persons provided by them with a view to providing services.

In the course of its operation, Mongo Applikáció Kft., aims to meet all the legal requirements regarding the processing of personal  data as well as the provisions laid down by Regulation 2016/79 of the European Parliament and of the Council on the “Protection of natural persons with regard to the processing of personal data and on the free movement of such data”.

With a view to that, Mongo Applikáció Kft. has devised the

Data processing bulletin

as follows:

1./ Name of the service provider / data controller:
Name / company name: Mongo Applikáció Kft.
Registered seat, postal address:  1037 Budapest, Jutas utca 40/a
Tax number:  26574167-2-41
Webpage: www.monguforteen.com 
E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
Telephone number:  +36 30 854 8889

2./ The main definitions are specified by Regulation 2016/79 of the European Parliament and of the Council on the “Protection of natural persons with regard to the processing of personal data and on the free movement of such data” (General Data Protection Regulation) as follows:

‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

‘Restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future.

‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

‘Personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

Representative’ means a natural or legal person established in the Union who, designated by the controller or processor in writing pursuant to Article 27, represents the controller or processor with regard to their respective obligations under this Regulation.

‘Enterprise’ means a natural or legal person engaged in an economic activity, irrespective of its legal form, including partnerships or associations regularly engaged in an economic activity.

‘Supervisory authority’ means an independent public authority which is established by a Member State pursuant to Article 51.

The rights regarding data processing are laid down by Regulation 2016/79 of the European Parliament and of the Council on the “Protection of natural persons with regard to the processing of personal data and on the free movement of such data” (General Data Protection Regulation) as follows:

‘Right of access to information by the Data Subject’: The data subject shall have the right to obtain information by sending an email to the contact email address or via phone or postal letter as to what personal data, on what legal grounds, for what purpose, from what source, and how long are processed by the data service provider/controller. The service provider/controller shall respond the data subject immediately but at the latest within 30 days 

‘Right to rectification’: The data subject shall have the right to request the rectification of any of his/her stored data by sending an email to the contact email address or via phone or postal letter. The service provider/controller shall respond the data subject immediately but at the latest within 30 days.

‘Right to erasure’: The data subject shall have the right to request the erasure of any of his/her personal data by sending an email to the contact email address or via phone or postal letter. The service provider/controller shall respond the data subject immediately but at the latest within 30 days. Legal provisions may restrict the right to erasure.

‘Right to restriction of processing’: The data subject shall have the right to request that the data controller shall restrict the processing of his/her data by sending an email to the contact email address or via phone or postal letter. The service provider/controller shall preliminarily inform the data subject before lifting the restriction of data processing.

‘Right to object’: The data subject shall have the right to object to the processing of data by sending an email to the contact email address or via phone or postal letter. In such a case, the data controller shall not process the personal data any longer unless the data controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercising or defence of legal claims.

3./ The basic rules of data processing 

Personal data shall be collected for specified, explicit and legitimate purposes. The data controller shall process personal data lawfully, fairly and in a transparent manner in relation to the data subject.

Personal data shall be accurate and kept up to date. Inaccurate data shall be immediately erased. Data shall be kept in a form which permits the identification of data subjects for no longer than is necessary.

Data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. The basic rules of processing shall apply to all information regarding all identified or identifiable natural persons.

4./ General information about our data processing

The aim of data processing is to provide the registered and/or interested persons adequate services and/or information in the course of operating the webpage by the service-provider/data controller.

The legal basis for data processing is the consent of the data subject. The recording of the name, address, telephone number, and email address of the interested party is necessary for making contact and the potential concluding of a contract, which is partly a legal obligation as well. 

Data subjects shall be the persons registered on the website and/or interested persons.

The duration of processing depends on the particular goal of the user as well as being subject to applicable legal provisions. Data shall be immediately erased if the original goal has been accomplished or in the absence of divergent legal provisions.

The data subject may withdraw his/her consent to data processing any time by sending an e-mail to the contact e-mail address or via phone or postal letter. Unless otherwise specified by the law, data shall be erased.

The data controller, the owners of the data controller, and his/her employees shall have the right to access data.

The service provider/data controller is not in a position to verify the authenticity of the personal data provided by the interested/registered persons. The risk posed by providing false, inappropriate, inaccurate, etc. data shall be borne by the person having provided such data.

The data subject may request any time by sending an e-mail via phone or postal letter that the data controller shall provide information about data in relation to him/her as well as ensuring access to such data, the rectification, erasure, or the restriction of the processing of such data. The data controller may object to the processing of his/her personal data. The data subject shall have the right to request the data controller to clarify, rectify, amend, or erase without undue delay personal data in relation to him/her.

The data subject shall have the right to withdraw his/her consent to data processing any time. The withdrawal of the consent shall have no effect on the lawfulness of data processing prior to withdrawal.

The data subject shall have the right not to provide personal data requested on the webpage. The absence of providing data shall have no adverse effects on him/her.

The data subject shall have to right to submit any time a complaint regarding the processing of his/her data to the supervisory authority.

5./ Data processing in the course of registering / purchasing on the webpage: 

Personal data shall be stored electronically.

Processed data

The particular aim of processing data

Name/Company name:

Identification, keeping contact, concluding a contract, invoicing.

Address/Registered seat:

Identification, keeping contact, concluding a contract, invoicing.

E-mail address:

Keeping contact.

Telephone number:

Keeping contact.

Date of registration:

Technical information operation.

IP address:

Technical information operation.

The data subject may give his/her consent to data processing by intentionally ticking the empty checkbox (tick box) on the webpage.

The data subject shall provide the service provider/data controller other, including personal, data in addition to the identification and contact details specified above. The service provider/data controller shall process and store such personal data in accordance with the applicable provisions.

6./ The use of cookies:

Cookies are placed in the computer by the visited webpage and contain information about the settings of the page or the logged-in status. Consequently, cookies are small files created by websites. By saving browsing data, they enhance user experience. Cookies enable the website to “remember” the settings of the website and offer locally relevant contents. The webpage of the service provider sends a small file, a cookie, to the computers of the visitors of the webpage in order to identify the reason for visiting it and the date of visiting it. The service provider sends information about it to the visitor of the webpage.

Data subjects are the visitors of the webpage. The aim of data processing is the offering of extra services, identification, and the tracking of visitors.

The legal basis for data processing. The consent of the user is not necessary if the service provider strictly needs to use cookies.

The scope of data: personal identification number, date, settings data.

The user shall have the right to erase cookies in the Settings menu any time from his/her browser.

Data shall be stored electronically. By using cookies, the data controller shall not proceed personal data.

7./ Social sites

The social site is a media device where messages are disseminated through the social website users. Social media uses internet and online presence to turn the users from content receivers to content editors.

Social media is a surface of internet applications where contents created by the users can be seen, e.g. Facebook, Google+, Twitter, etc.

Social media may be manifested in the form of public speeches, lectures, demonstrations, product or service demonstrations. 

Information in social media may be disseminated via forums, blogs, image, video, and audio files, message walls, e-mail, etc.

Therefore, the scope of data subjects may as well include the public profile picture of the user in addition to his/her personal data.

Data subjects are all users registered on a social site.

The aim of collecting data on the social websites is to promote the website or the webpage related to it.

The legal basis of data processing is the voluntary consent given by the data subject.

The duration of processing, the deadline by which data shall be erased, the scope of people authorised to have access to data, and rights related to data processing are defined by the “Privacy Policy Bulletin” belonging to the given social site.

Personal data shall be stored electronically.

With regard to social sites, the data subject by uploading or sending any personal data, gives a globally valid consent to the operator of the social site to store and use such contents.

8./ Google Analytics 

Our webpage applies Google Analytics.

On the basis of cookies, Google Analytics makes reports for its clients about the habits of the users of the webpage.

As an additional service, it may as well make reports about the activity of the webpage for the operator.

Google collects, stores and processes data in accordance with the contents of its “Privacy Policy Bulletin”.

Users who do not want Google Analytics to make JavaScript reports about their data may install the browser blocking extension of Google Analytics. This extension forbids Google Analytics JavaScript (ga.js, analytics.js, and dc.js) to send information to the Google Analytics system. The browser extension may be used in most of the latest browsers. The blocking browser extension of Google Analytics does not forbid the sending of data for the website itself and for other internet analytical service providers.

The blocking extension is available at the website of https://support.google.com/analytics/answer/6004245?hl=hu.

The privacy policy principles of Google are available on the webpage of https://policies.google.com/privacy?hl=hu.

9./ Hosting service provider:

Name / company name: mysec.cloud

Registered seat:

Telephone number: +36 (1) 690-1951

E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

The electronic data of the webpage are stored by the server operated by the hosting service provider. The data controller, the owners of the data controller, his/her employees, and the operators of the server shall have access to stored data. Nevertheless, they are all liable for secure data processing.

The name of the activity: hosting service providing on servers. The aim of data processing is to ensure the operation of the webpage. Processed data are personal data provided by the data subject and the data of the webpage.

The duration of data processing and the deadline by which data shall be erased. The duration of data processing shall last until the termination of the operation of the webpage and in accordance with the contract concluded between the data controller and the hosting service provider. The personal data subject, if necessary, may request the erasure of his/her data even by contacting the hosting service provider. The legal basis for data processing is the consent of the data subject or data processing based on legal provisions.

10./ Personal data breach 

The data controller shall report any personal data breach to the supervisory authority without any undue delay, and if possible, within 72 hours after becoming aware of it unless the personal data breach incident is not likely to pose any risk for the rights and freedoms of natural persons. 

The data controller shall keep a record of personal data breach incidents, demonstrating facts related to the incident, effects thereof, and measures taken to remedy it.

If the personal data breach incident is likely to pose a high risk for the rights and freedoms of natural persons, the data controller without any undue delay shall inform the data subject of the incident, with the exception of cases specified by the law.

11./ The enforcement of rights related to data processing

In the case of unlawful data processing, the data subject shall immediately advise the service provider/data controller, thereby ensuring that the legitimate state shall be restored within a short period of time.

If according to the data subject, the legitimate state cannot be restored or the proceeding of the service provider/data controller is not appropriate for him/her, he/she shall advise the Hungarian National Authority for Data Protection and Freedom of Information (1125 Budapest, Szilágyi Erzsébet fasor 22/c) of it.