While processing data, ASTRASUN Holding (‘ASTRASUN’) as the operator of the corporate website accessible at the domain www.astrasun.solar (‘Website’) pays special attention to proceeding in accordance with Act CXII of 2011 on the right to informational self-determination and on the freedom of information, other legislation, the good data protection practices that the National Authority for Data Protection and Freedom of Information (‘Authority’) has developed in the course of its activities and relevant international recommendations related to data protection.
ASTRASUN qualifies as a controller (‘Controller’) under Section 3(9) of Act CXII of 2011 on the right to informational self-determination and on the freedom of information (Information Act).
Each natural person of full age, legal person or business association without legal personality or other organisation who takes part in information society by registering on the Website or using services available on the Website qualifies as a user (‘User’).
ASTRASUN hereby informs its Users and the visitors to its Website of the practices it follows with respect to the processing of personal data, what personal data are processed in relation to the Website and the organisational and technical measures taken in order to protect such personal data, the methods and possibilities for the data subjects concerned to exercise their rights, as well as every fact related to data processing, thus in particular the purpose and legal basis for data processing, the person authorised to process data and the duration of data processing.
- Data and contact details regarding the Controller
Name: ASTRASUN Solar Kft.
Registered seat: Magyarország, 2161 Csomád, Kossuth Lajos út 103.
Correspondence address: 1097 Budapest, Ecseri út 14-16.
Registration number: 13-09-191675
VAT number: 11610306-2-13
Representative: Dr Krisztina IZSÓ, Executive Director
- The data processed
From the personal data provided by the User, ASTRASUN only uses the information which is necessary for identifying the User in order to provide them with information concerning their registration on the Website or the use of a service. Data does not need to be provided for browsing and using the Website, however accessing certain functions (for example subscribing to the newsletter, using the contact form) require more personal data to be provided.
ASTRASUN does not check the personal data it is provided. The person providing the data is solely responsible for their appropriateness. When they provide their email addresses, each User at the same time assumes responsibility for being the only person who has subscribed to the newsletter or who will be using a service from the email address provided. With regard to this commitment, all responsibility is borne exclusively for logins from a given email address by the User who registered the email address.
- Purpose of the data processing
The data registered by ASTRASUN about a User and the information stored in the databases maintained by ASTRASUN may be used to resolve any issues or disputes arising between User and ASTRASUN or the User and the partners of ASTRASUN. The purpose of data processing is communication with the Users that enables the use of services and information to be provided.
- Legal basis of data processing
The legal basis of data processing is the freely given consent of the User under Section 5(1)(a) of the Information Act, which is given to ASTRASUN when the User provides their name and email address or by the process of registration.
- Duration of data processing
The data provided by User are stored by ASTRUSUN until User requests their deletion.
- Persons having access to the data
Primarily the employees of ASTRASUN have the right to know the data, however, they shall not disclose the data, nor transfer the data to any third persons. (Except if ASTRASUN is obliged to transfer the data by a decision of a court or public authority.)
- User’s rights, erasure, blocking and rectification of data
User has the right to [request] at any time access to, rectification of or erasure of their data, to be forgotten, a limitation of the processing of their data or data portability. If the User requests assistance to do so, he or she may turn to the Budapest office of ASTRASUN. ASTRASUN assesses the requests received by the office immediately if possible, but at the latest within 30 days and advises the User of its response.
- Legal remedies
ASTRASUN strives to settle any points at issue arising with regard to the processing of data amicably. In case the settlement of the points at issue is unsuccessful, the User may turn to the National Authority for Data Protection and Freedom of Information (Adatvédelmi és Információszabadság Hatóság – registered seat: 1125 Budapest, Szilágyi Erzsébet fasor 22/C) and may enforce any other claim before the courts.
- Relevant legislation
The following laws include the detailed statutory provisions on the Controller’s obligations and the specific means of enforcing one’s rights, as well as the Authority’s procedures:
Act CXII of 2011 on the right to informational self-determination and on the freedom of information (hereinafter referred to as: Information Act), Act CVIII of 2001 on [e-commerce and] certain issues regarding Information Society services (E-commerce Act) and Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR)
- Anonymous user identification (cookies)
As required by European Union law, ASTRASUN calls the attention of the Website’s visitors to the Website using so-called ‘cookies’ in order to provide personalised content during a visit.
Anonymous user identification (cookies) is a series of signals suitable for unique identification or the storage of profile information which are placed on the Website visitor’s computer by the server. Such a series of signals is by itself in no way capable of identifying the Website’s visitor, as it is only capable of recognising the visitor’s machine.
Accepting cookies is not necessary in order to browse the Website, but certain service functions may not work if cookies have been disabled in the browser.
ASTRASUN may collect data on User’s activities which cannot be linked to any other data provided by the User during registration, nor any data created during the use of other Websites or services.
ASTRASUN shall inform the User if it intends to use the data provided for any other purpose than the one the data were originally collected for and shall obtain the User’s prior and express consent to do so or shall provide an opportunity to User to prohibit such use.
ASTRASUN undertakes to ensure the security of the data and furthermore takes the technical measures which ensure that the data collected, stored and processed are secure and shall take all necessary measures in order to prevent their destruction, unlawful use and unlawful alteration.
ASTRASUN shall maintain records of data processing activities under its responsibility (record of data processing activities) according to Article 30 of the GDPR.
A personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data processed. In case of a personal data breach, ASTRASUN shall proceed according to Articles 33 and 34 of the GDPR. ASTRASUN shall document any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken.
ASTRASUN has the right to unilaterally modify the present Rules of Procedure at any time. ASTRASUN shall inform the User of any modifications on its Website. Following any such modification, use of the Website is conditional on an express acceptance of the modification by the User on the Website, through means provided on the Website.
In effect from: 1 January 2021
Accessible on the Internet at the following address: https://astrasun.solar