Data management information for customer data management

and

Privacy Policy regarding the use of cookies

I. Name of the controller

Company name: Pivot Brigade Szolgáltató és Tanácsadó Kft.

Head office: Budapest

Company registration number: 01 09 374373

Tax number: 28797333-2-41

Contact: hq@pivotbrigade.com

Represented by: Zoltán Kristóf Varga, László Huszár

II. Legislation underlying data management

The following legislation applies to data processing related to customer service:

Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46 text: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:31995L0046

Act CXII of 2011 on the right to information self-determination and freedom of information. Act (hereinafter: Info Act), in force: https://net.jogtar.hu/jogszabaly?docid=A1100112.TV

Act CLV of 1997 on consumer protection Act, current text: https://net.jogtar.hu/jogszabaly?docid=99700155.TV

III. Information on the data processed

The scope of the managed data and the purpose of the data management

The scope and purpose of the processed data, their duration, legal basis and the method of processing are set out in the appendix to this information leaflet.

IV. Data access and data security measures

1. Access to and transmission of data

The personal data you provide may be accessed by the employees of the Data Controller in order to perform their duties.

The data controller may use a data processor to manage the personal data processed, for whose activities he is responsible as his own. Processors may transfer personal data outside the EEA. The data processors used:

Google Inc.

Microsoft Inc.

WIX Inc.

The Data Controller shall only transfer its personal data to other Data Controllers and state bodies not listed in the Annex in exceptional cases. For example, if

court proceedings are initiated in the case concerning you, and it is necessary for the trial court to hand over the documents containing your personal data,
the police will contact the Data Controller and request the transmission of documents containing your personal data for the investigation.

2. Data security measures

The Data Controller stores the personal data provided by you on the servers of the cloud service provider used by the Data Controller and, if applicable, in its paper-based archives.

The controller shall take appropriate measures to protect personal data against, inter alia, unauthorized access or alteration.

V. Rights of the data subject

1. Your Access Rights

You, as the right holder, have access to your personal data.

If you ask the Data Controller to provide feedback on whether you process your personal data, the Data Controller is obliged to provide information on:

a. what personal information

b. on what legal basis,

c. for what data management purpose,

d. from what source

e. how long

the Data Controller treats.

Your right to receive feedback on whether or not the Data Controller handles your personal data covers personal information about you;

a. does not cover anonymous data;

b. does not cover personal data not concerning you; and

c. includes pseudonymous data that can be clearly linked to you.

The Data Controller will provide access to and a copy of your personal data upon your request. If you request an additional / repeated copy of your personal data, the Data Controller may charge a reasonable fee to pay the administrative costs incurred in fulfilling the request, which fee will be borne by you.

2. Your right to rectification

You have the right to have your personal information corrected. Your right

a. does not cover anonymous data;

b. covers personal information about you;

c. does not cover personal data not concerning you; and

d. includes pseudonymous data that can be clearly linked to you.

The Data Controller will correct or supplement your personal data accordingly at your request. The Data Controller informs the recipients of the personal data (if any) about the correction of your personal data. However, the Data Controller will not inform the recipients of the correction of personal data if informing the recipients proves impossible or would require a disproportionate effort.

3. Right of cancellation

Under certain conditions, you have the right to delete your personal data.

The Data Controller is obliged to delete your personal data without undue delay, if

a. the Data Controller handles this personal data, and

b. You are requesting the deletion of your personal information and

c. personal data is not necessary for the purposes for which the Data Controller processes the personal data.

The Data Controller is obliged to delete your personal data without undue delay if

the. the Data Controller manages your personal data, and

b. You are requesting the deletion of your personal information and

c. You withdraw your consent on which the processing of your data is based and

d. there is no other legal basis for further processing of your data.

The Data Controller is obliged to delete your personal data without undue delay if

a. the processing is necessary to protect the legitimate interests of the Controller or of a third party, and

b. You object to the Data Controller's handling of your personal data and

c. the legitimate reason for processing such personal data does not take precedence over your objection.

The Data Controller is obliged to delete your personal data without undue delay if

a. You are requesting the deletion of your personal information and

b. the processing of such data by the Data Controller is not unlawful, or

c. cancellation is mandatory under applicable law, or

d. your data is collected in relation to information society services.

The Data Controller will inform the recipients of the personal data (if any) of the deletion of your personal data. However, the Data Controller will not inform the recipients of the deletion of personal data if informing the recipients would be impossible or would require a disproportionate effort.

4. Your right to restrict data management

You can request a restriction on the processing of your personal data. You have the right to request a restriction on the processing of your personal data

(a) does not cover anonymous data;

(b) cover personal information about you;

(d) includes pseudonymous information that is clearly associated with you.

The Data Controller will limit the processing of your personal data for the period during which it checks the accuracy of such data if you request a restriction on the processing of your personal data and you dispute the accuracy of such data.

The Data Controller restricts the processing of your personal data if you request a restriction on the processing of data the processing of which is unlawful and you object to the deletion of such data.

The Data Controller restricts the processing of your personal data if

(a) You request a restriction on the processing of your personal information, and

(b) the Data Controller no longer needs such data for the purpose of its data processing, and

The Data Controller restricts the processing of your personal data if

a. You object to the processing of your personal data which is necessary for the legitimate interests of the Data Controller, and

b. You are awaiting confirmation that there is a legitimate reason for the processing of your personal data by the Data Controller, which does not take precedence over your protest.

The Data Controller informs the recipients of the personal data (if any) about the restriction of the processing of your personal data. However, the Data Controller shall not inform the recipients of such restriction if informing the recipients would be impossible or would require a disproportionate effort.

5. Your right to data portability

You have the right to receive your personal data about you provided to a data controller in a structured, widely used, machine-readable format, and you have the right to transfer this data to another data controller without hindrance (where technically possible) the controller to whom you have made the personal data available, if the processing is based on consent or necessary for the performance of a contract and the processing is carried out in an automated manner.

Your right to data portability

(a) does not cover anonymous data;

(b) cover personal information about you;

(d) does not cover clearly pseudonymous data.

6. Deadline for processing your application as a party

The Data Controller will respond to requests for your rights under the above without undue delay, but no later than within two weeks.

7. Right to lodge a complaint

If you believe that your rights have been violated, the Data Controller recommends that you initiate a consultation with the Data Controller by direct contact. If such consultation is unsuccessful or if you do not wish to take part in such an activity, you can go to court or to the NAIH. If you institute legal proceedings, you may decide to bring the proceedings before the court having jurisdiction over your address or place of residence.

The contact details of NAIH are as follows: 1125 Budapest, Szilágyi Erzsébet fasor 22 / C .; phone: +36 1 391 1400; fax: +36 1 391 1410; e-mail:

ugyfelszolgalat@naih.hu; Website: www.naih.hu

8. Amendments to this prospectus

The Data Controller reserves the right to amend this prospectus at any time. The Data Controller shall inform the customers of such changes by letter or e-mail, as the case may be, and in all cases in accordance with the relevant legislation.

6/1/2021

Kristóf Varga, László Huszár

Executives

Privacy Policy

regarding the use of cookies

I. Name of the controller

Company name: Pivot Brigade Szolgáltató és Tanácsadó Kft.

Head office: Budapest

Company registration number: 01 09 374373

Tax number: 28797333-2-41

Contact: hq@pivotbrigade.com

Represented by: Zoltán Kristóf Varga, László Huszár

II. Legislation underlying data management

The following legislation applies to data processing:

Act CXII of 2011 on the right to information self-determination and freedom of information. Act (hereinafter: Info Act), in force: https://net.jogtar.hu/jogszabaly?docid=A1100112.TV

Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activity. Act, current text: https://net.jogtar.hu/jogszabaly? docid = A0800048.TV

Act CLV of 1997 on consumer protection. Act, current text: https://net.jogtar.hu/jogszabaly?docid=99700155.TV

III. Information on the data processed

Scope of data managed by the data controller: the online ID of the data subject. Legal basis for data processing: Consent of the data subject

Duration of data processing: Until the consent is withdrawn

IV. About cookies in general

(1) Cookies are short data files placed on the user's computer by the website visited. The purpose of the cookie is to make the given infocommunication and internet service easier and more convenient. There are many varieties, but they can generally be classified into two major groups. One is a temporary cookie that the website places on the user's device only during a specific session (e.g., during the security authentication of an Internet banking), the other type is a persistent cookie (e.g., setting the language of a website) that remains until then. on the computer until the user deletes it. According to the guidelines of the European Commission, cookies [unless they are absolutely necessary for the use of the given service] may only be placed on the user's device with the user's permission.

(2) In the case of cookies that do not require the user's consent, information shall be provided during the first visit to the website. It is not necessary for the full text of the cookie information to appear on the website, it is sufficient for the website operators to briefly summarize the essence of the information and to indicate the availability of the full information via a link.

(3) In the case of cookies requiring consent, the information may also be related to the first visit to the website in the event that the data processing associated with the use of cookies already begins with a visit to the website. If the cookie is used in connection with the use of a function specifically requested by the user, the information may also be displayed in connection with the use of this function. In this case, it is not necessary for the full text of the cookie information to appear on the website, a short summary of the essence of the information and a reference to the availability of the full information leaflet will suffice.

(4) The visitor shall be informed about the use of cookies on the website in the data management information set out in the annex to these regulations. With this information, the Data Controller ensures that the visitor can find out for which data management purposes the Data Controller manages which data types, including the handling of data that cannot be directly contacted by the user, before and during the use of the information society services of the website.

V. Cookies used

The Data Controller informs its Users that he uses Google Analytics, Google Remarketing, AdWords Conversion Tracking, and Facebook Remarketing to measure traffic to his Website and subpages and monitor visitor behavior, generate statistics, and advertise performance. The referenced programs on the user's computer are called cookies are placed that collect user data. Visitors to the Website (Stakeholders) authorize the Data Controller to use Google Analytics, Google Remarketing, AdWords Conversion Tracking, and Facebook Remarketing. At the same time, they consent to the Data Controller monitoring and following their user behavior and using all the services provided by the programs. In addition, the user has the option to disable the recording and storage of cookies for future reference at any time, as described below.

We would like to inform our users that the settings and use of Google Analytics, Google Remarketing, AdWords Conversion Tracking, and Facebook Remarketing programs fully comply with the requirements of the Privacy Authority.

According to Google, Google Analytics mainly uses visitor-generated cookies to report visitor interactions on your site. These cookies only store non-personally identifiable information. Browsers do not share their own cookies between domains. You can find more information about cookies in the Google Advertising and Privacy FAQ.

1. Google Analytics:

The Data Controller uses Google Analytics primarily to generate statistics, including measuring the performance of your campaigns. By using the program, the Data Controller mainly obtains information about how many visitors visited your Website and how much time the visitors spent on the Website. The program recognizes the visitor's IP address, so you can track whether the visitor is a return or a new visitor, as well as track what path the visitor has taken on the Website and where they have entered.

2. Google Remarketing:

Using the Google Remarketing program, the Data Controller collects data from the DoubleClick cookie in addition to the usual data from Google Analytics. The DoubleClick cookie allows you to use the remarketing service, which primarily ensures that visitors to the Website will later encounter the Data Manager's ad on free Google ad slots. The Data Controller uses Google Remarketing for its online advertising. Data Manager's ads are also displayed on Internet sites by third-party service providers, such as Google. Data Management and third-party service providers, such as Google, jointly use their own cookies (such as Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) based on users ’previous visits to the Website. to optimize and display ads.

3. Google AdWords Conversion Tracking:

Google AdWords Conversion Tracking is designed to help Data Controller measure the effectiveness of your AdWords ads. It does this using cookies placed on the User’s computer that lasts for 30 days and does not collect personal information.

4. Facebook Remarketing

The Data Controller uses the Facebook remarketing pixel to increase the effectiveness of Facebook ads, so-called to build a remarketing list. Thus, after visiting the Website, an external service provider, such as Facebook, may display advertisements on Internet sites. Remarketing lists are not personally identifiable. The visitor's personal information is not included, only the browser software is identified.

5. Disable cookies

If you want to manage or disable cookie settings, you can do so from your own user's computer in your browser. you can set what tracking features you want to enable / disable on your computer.

Users who do not want Google Analytics to report on their visit can install the Google Analytics disabled browser extension.

To disable Analytics web activity, visit the Google Analytics Disable page and install the extension for your browser. For more information about installing and uninstalling the extension, see the help for your browser.

VI .. Right to lodge a complaint

The contact details of NAIH are as follows: 1125 Budapest, Szilágyi Erzsébet fasor 22 / C .; phone: +36 1 391 1400; fax: +36 1 391 1410; e-mail: ugyfelszolgalat@naih.hu; Website: www.naih.hu

VII .. Amendments to this prospectus

2020.10. 05.

Kristóf Varga, László Huszár

executives

Adatkezelési tájékoztató cookie használatról