top of page

Privacy policy

Privacy Notice regarding data processing in connection with the use of Nortemsy Solutions Private Limited Company's website (http://www.nortemsy.com) and its services.

​

Purpose of the Notice

Based on Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: GDPR), and Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information (hereinafter: Privacy Act), Nortemsy Solutions Private Limited Company (registered office: 1117 Budapest, Hauszmann Alajos utca 3/b., tax number: HU32746165, represented by: Zoltán Dibó CEO independently; hereinafter: Company) publishes the following notice to protect personal data processed during the use of its website (www.nortemsy.com).

​

Data Controller and Location of Data Processing

Data Controller: Nortemsy Solutions Ltd. 

Address: 1117 Budapest, Hauszmann Alajos u. 3/b

Tax number: HU32746165

Contact:  info@nortemsy.com 

Represented by: Zoltán Dibó, CEO

​

The Company does not use data processors for personal data processing. Location of data processing: The Company's premises and employees' work locations. Regarding personal data processed in connection with website usage, Company employees have access only to the extent necessary for performing their tasks, fulfilling services requested by the data subject, answering potential questions, and providing information.

About Contact Through the Website Personal data provided through messages sent to any email address listed under "Contact" on the website will be used by the Company exclusively for the purpose specified in this section and will not be shared with third parties. Purpose of data processing: Investigation of suggestions, product inquiries, complaints, observations in electronic messages from visitors, quality assurance, service development Scope of processed data: data subject's name, email address, other personal data provided in the message Legal basis for processing: consent according to GDPR Article 6(1)(a) Data storage period: Personal data are deleted from the system immediately after answering the data subject's questions or after closing the communication in case of multiple exchanges. Exceptions apply in cases of legal claims, proceedings by courts, prosecutors, investigative authorities, administrative authorities, the National Authority for Data Protection and Freedom of Information, or other bodies authorized by law, until their final conclusion Data storage method: The Company stores the data subject's personal data electronically

 

Processing of Image and Sound Recordings, News

Summaries from Events During events organized by the Company, image and/or sound recordings qualifying/not qualifying as crowd recordings, or written news summaries may be made of participants. Data processing is generally based on the data subject's consent given by participating in the event (implied consent). With the consent of the data subject or their legal representative, the Company may publish news, image and/or sound recordings on its website, Facebook, Instagram pages, and YouTube channel to promote its services, events, programs, and products. During the processing period, the data subject may request deletion of their personal data at any time and acknowledges that the Company may remove such data at its sole discretion at any time. Different conditions may be set for specific events, but the data subject must be informed of these in each case. Scope of processed data: data subject's name, biometric data (image and voice) Legal basis for processing: consent according to GDPR Article 6(1)(a) Data storage period: Personal data are deleted from the system immediately after investigating the data subject's request for deletion - if the request is justified. Exceptions apply for archiving in the public interest, scientific and historical research purposes under GDPR Article 89, crowd recordings, legal claims, proceedings by authorities until their final conclusion. Data storage method: The Company stores the data subject's personal data electronically

​

Information About Cookie Usage

Following general practice, the Company uses cookies on its website. Cookies alone cannot identify users. Cookies are short data files placed on the user's computer by the visited website. Their purpose is to ensure continuous operation of the information communication internet service, make it easier and more comfortable, and contribute to website improvement through anonymous statistics. There are many types of cookies, but they generally fall into two categories: temporary (strictly necessary) cookies placed on the user's device only for a single session (e.g., one website visit); and permanent cookies (e.g., website language settings) that remain on the computer until deleted by the user. The Company's website uses only temporary cookies necessary for operation. Their validity period applies only to the duration of the visit. The Company's website automatically receives information about visitors for the duration of the visit: visitor's IP address, time of visit, viewed page data, browser program name.

​

Browser Settings

Accepting and enabling cookies is not mandatory. You can reset your browser settings to reject all cookies or indicate when a cookie is being sent, however some functions or services may not work properly without cookies. Most browsers accept cookies automatically by default, but these settings can usually be changed to prevent automatic acceptance and offer the choice each time. Setting options are usually found in the browser's "Options" or "Settings" menu; please use your browser's "Help" menu for the most appropriate settings. Purpose of data processing: ensuring highest quality website operation Scope of processed data: visitor's IP address, time of visit, viewed page data, browser program name Legal basis for processing: data subject's consent according to GDPR Article 6(1)(a) Data storage period: duration of the given visit Data storage method: The Company stores the data subject's personal data electronically

 

Information About Processing Personal Data Provided in Job Applications

The Company publishes job offers on its website at https://www.nortemsy.com/join-us for job applicants. Applicants can send their CV as a document to join@nortemsy.com and may attach a cover letter (motivation letter). The Company only processes applications as valid if they include the signed "Job Application Data Processing Notice and Consent" attached in email form available on the website. Applications submitted without the "Job Application Data Processing Notice and Consent" are invalid; the Company does not store or process these and ensures their immediate destruction. The Company notifies the submitter of invalid applications about the invalidity and subsequent destruction via email. The Applicant's completed data and attached documents must not contain special categories of personal data under GDPR (data revealing racial or ethnic origin, political opinions or party affiliation, religious or philosophical beliefs, trade union membership, data concerning sexual life, health status, addictions, or criminal personal data). The Company does not collect special categories of personal data. If the Applicant still provides special categories of personal data in their application materials, the Applicant acknowledges and declares that they do so voluntarily, based on their explicit consent. Purpose of data processing: selection of job applicants Scope of processed data: data subject's name, email address, education, previous workplaces, other personal data provided in CV Legal basis for processing: consent according to GDPR Article 6(1)(a) Data storage period: until evaluation of the application but no longer than until filling the advertised position; personal data are deleted from the system immediately after evaluation. Exceptions apply for legal claims and proceedings by authorities until their final conclusion Data storage method: The Company stores the data subject's personal data electronically

​

Rights Related to Data Processing

In connection with data processing, through the Company's representative, you may at any time:

  • request information about data processing and access to data processed about you,

  • request rectification of inaccurate data or completion of incomplete data,

  • request deletion of data processed based on your consent, object to the processing of your data,

  • request restriction of processing.

 

Based on request for information - unless restricted by law - you can learn whether your personal data are being processed by the Company, and you have the right to receive information about:

  • the purpose of processing,

  • what authorizes the processing of data (legal basis),

  • from when and until when they process your data (duration),

  • what data they process, and receive a copy of these,

  • recipients or categories of recipients of personal data,

  • transfers to third countries or international organizations,

  • if not collected from you, the source of the data,

  • characteristics of automated decision-making if used by the controller,

  • your rights related to data processing, possibilities for legal remedy.

 

The Company responds to requests for information and access within 25 days at the latest. For additional copies of personal data processed about the data subject, the Company may charge a reasonable fee based on administrative costs. When requesting data rectification (modification), the data subject must support the accuracy of the new data and prove that the person requesting the modification is indeed authorized to do so. This is how the Company can assess whether the new data is true and if so, whether the old data can be modified.

If it is not clear whether the processed data is correct or accurate, the Company will not rectify the data, only mark it, indicating that it was contested by the data subject but may not be incorrect. After confirming the authenticity of the request, the controller rectifies inaccurate personal data or completes the data affected by the request without undue delay. The Company notifies the data subject about rectification or marking. When requesting data deletion or blocking, the data subject may request deletion of their data, meaning the Company is obliged to delete personal data concerning the data subject without undue delay if: the personal data were unlawfully processed the personal data are no longer needed for the purpose they were processed, if processing was based on the data subject's consent and they withdrew it, and no other legal basis makes further processing lawful, law prescribing deletion of data establishes such obligation for the Company, and it has not yet complied. You may request restriction of processing, which the controller fulfills if any of the following applies: the data subject contests the accuracy of personal data, in which case the restriction applies for the period enabling the controller to verify the accuracy, processing is unlawful and the data subject opposes deletion and requests restriction instead, the controller no longer needs the personal data for processing purposes, but the data subject requires them for establishing, exercising or defending legal claims. If data is restricted, such personal data shall, with the exception of storage, only be processed with the data subject's consent or for establishing, exercising or defending legal claims or protecting rights of another natural or legal person or for important public interest reasons of the Union or a Member State. The Company informs the data subject before lifting the processing restriction. If you believe the processing violates GDPR or Privacy Act provisions, or find the Company's processing of your personal data objectionable, we suggest first contacting the Company with your complaint. Your complaint will be investigated in all cases.

The Company's privacy policy can be accessed at: https://www.nortemsy.com/privacy-policy Contact of the person responsible for data protection: info@nortemsy.com If despite your complaint you still find the Company's data processing objectionable, or wish to contact authorities directly, you can file a complaint with the National Authority for Data Protection and Freedom of Information (address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c, postal address: 1530 Budapest, Pf.: 5. Email: ugyfelszolgalat@naih.hu, website: www.naih.hu). You can turn to court to protect your data, which will handle the case as a priority.

 

You can freely decide whether to file your lawsuit at the tribunal of your residence (permanent address) or stay (temporary address) (http://birosag.hu/torvenyszekek). You can find the tribunal of your residence or stay at http://birosag.hu/ugyfelkapcsolati-portal/birosag-kereso.

 

Legal References

  • Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR)

  • Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information

​

Final Provisions

This notice takes effect on February 3, 2025, and remains in force until revoked. I hereby order the application of this privacy notice. Date: February 3, 2025

​

Zoltán Dibó CEO

bottom of page