The company AUTÓVÉD Ltd. (1097 Budapest, Kén u. 6.) is a distributor and service provider for satellite vehicle protection, online vehicle tracking, location determination, fleet tracking, vehicle security products, tachograph downloader, and vehicle driver card downloader tools. During our business activities, we process some of the data on behalf of other companies as data processors, and in these cases, we perform only technical tasks related to data processing in accordance with the instructions of the data controller. In such cases, we do not have independent decision-making authority over the data. As a data controller, we undertake to ensure that all data processing related to our activities complies with the requirements set out in this policy and applicable Hungarian and EU legislation.

AUTÓVÉD Ltd. is committed to protecting the personal data of its clients and partners, and it places great importance on respecting the informational self-determination rights of its clients. AUTÓVÉD Ltd. handles personal data confidentially and takes all necessary security, technical, and organizational measures to guarantee data security.

The data processing activities of AUTÓVÉD Ltd. are based on voluntary consent. However, in certain cases, the processing, storage, and transmission of certain data are required by law. We inform data providers that if they are not providing their own personal data, they are required to obtain consent from the data subject.

The scope of the processed data: the name of the driver and the employer company (if applicable), date of birth, driver’s license number, mobile phone number (if applicable), unique identifier, email address (if applicable), password and username, driver and vehicle events, GPS coordinates, company contacts (if applicable) and their contact details (name, position, landline and mobile phone numbers, email address).

The purpose of data processing: compliance with legal obligations, optimization of operations, tracking of subscribed services, minimizing potential errors and incidents, improving service quality.

The legal basis of data processing: the voluntary consent of the data subject, as well as the provisions of electronic commerce services and section 13/A (3) of the Eker. Act.

The deadline for data deletion: three years from the termination of the contract.

The application does not handle cookies, and data will only be shared with others outside the client if required by law.

AUTÓVÉD Ltd. will delete all emails received, including the sender’s name, email address, date, time, and other personal data provided in the message, no later than three years after the communication.

AUTÓVÉD Ltd. records incoming telephone calls from customers.

The purpose of data processing: enforcement of the rights of the client and data controller, retroactive proof.

The legal basis of data processing: the consent of the data subject.

The scope of the processed data: identification number, the recorded conversation between the client and the agent, other personal data provided during the conversation, the client’s name and phone number, date, the name of the agent, and call duration.

The duration of data processing: three years.

For data processing not listed in this notice, we will provide information when new data is recorded. We inform our clients that the court, prosecutor, investigative authority, authority for offenses, administrative authority, National Authority for Data Protection and Freedom of Information, or other authorized bodies under the law may request information, data communication, transfer, or provision of documents. AUTÓVÉD Ltd. will only release personal data to authorities as much and to the extent necessary for the specific purpose of the request, provided that the authority specifies the exact purpose and scope of the data.

DATA SECURITY

The IT systems of AUTÓVÉD Ltd. and its data storage locations are protected and located in secure server parks.

AUTÓVÉD Ltd. selects and operates the IT tools used in providing its services to ensure that the processed data:

  1. a) is accessible to authorized persons (availability);
  2. b) its authenticity and validation are guaranteed (data processing authenticity);
  3. c) its integrity is verifiable (data integrity);
  4. d) is protected from unauthorized access (data confidentiality);

is ensured.

AUTÓVÉD Ltd. protects data by implementing appropriate measures against unauthorized access, modification, transmission, disclosure, deletion, or destruction, as well as accidental loss, damage, and inaccessibility due to changes in applied technology.

AUTÓVÉD Ltd. ensures that data in its various records are protected by appropriate technical solutions to ensure that stored data—unless permitted by law—cannot be directly linked to and identified with the data subject.

AUTÓVÉD Ltd. implements technical, organizational, and procedural measures to protect the security of data processing, providing a level of protection corresponding to the risks associated with the data processing.

AUTÓVÉD Ltd. preserves:

  1. a) confidentiality: protecting the information so that only authorized persons can access it;
  2. b) integrity: protecting the accuracy and completeness of the information and the processing method;
  3. c) availability: ensuring that authorized users can access the required information and have the necessary tools available.

AUTÓVÉD Ltd.’s IT systems and network are protected against computer-assisted fraud, espionage, sabotage, vandalism, fire and flood, as well as computer viruses, intrusions, and denial-of-service attacks. The operator ensures security through server-level and application-level protective procedures.

We inform users that electronic messages transmitted over the internet, regardless of protocol (email, web, ftp, etc.), are vulnerable to network threats that may lead to dishonest activities, contract disputes, or unauthorized disclosure or modification of information. To protect against such threats, the data controller will take all reasonable precautions. The systems are monitored to log any security deviations and provide evidence in case of security incidents. This system monitoring also enables the verification of the effectiveness of the preventive measures in place.

DATA CONTROLLER INFORMATION, CONTACT DETAILS

Name: AUTÓVÉD Ltd.

Headquarters: 1097 Budapest, Kén u. 6.

Company registration number: 01-09-694674

Registration court: Metropolitan Court Company Registry

Tax number: 12607037-2-43

Phone number: +36204585660

Email: autoved@autoved.hu

 

REMEDY OPTIONS

The data subject may request information about the processing of their personal data, as well as request the correction, deletion, or blocking of their personal data (except for mandatory data processing) as indicated at the time of data collection or via the data controller’s contact details above.

Right to information:

Upon request, AUTÓVÉD Ltd. as the data controller will provide information about the data it processes, the source of the data, the purpose of processing, legal basis, duration, name and address of the data processor, and related activities, as well as details of any data protection incidents, their impacts, and measures taken to resolve them, and if applicable, the legal basis and recipient of any data transfers. The data controller will provide the information in writing, in an easily understandable format, within 25 days of the request. This information is free of charge if the data subject has not previously requested the same data for the current year. In other cases, AUTÓVÉD Ltd. may charge a fee for the service.

Right to rectification:

AUTÓVÉD Ltd. will rectify personal data if it is inaccurate and if the correct data is available.

Right to blocking and marking:

AUTÓVÉD Ltd. will block personal data if the data subject requests it or if the available information suggests that deletion would violate the legitimate interests of the data subject. The blocked data can only be processed for the duration of the data processing purpose that excluded deletion. AUTÓVÉD Ltd. will mark the personal data if the data subject disputes its accuracy, but the inaccuracy cannot be definitively determined.

Right to Erasure:

AUTÓVÉD Ltd. will erase personal data if its processing is unlawful, the data subject requests it, the data is incomplete or inaccurate and cannot be lawfully corrected, provided that the deletion is not prohibited by law, the purpose of the data processing has ceased, or the statutory retention period for the data has expired, or if ordered by the court or the National Authority for Data Protection and Freedom of Information.

Procedural Rules:

The data controller has 25 days to respond to requests for rectification, blocking, or deletion of personal data. If the data controller does not fulfill the request within 25 days, they must communicate the reasons for refusal in writing or electronically, with the consent of the data subject.

AUTÓVÉD Ltd. will notify the data subject and any parties to whom the data was previously transferred for processing about the rectification, blocking, designation, or erasure of personal data. Notification may be omitted if it does not harm the legitimate interest of the data subject in relation to the purpose of processing.

Right to Object:

The data subject may object to the processing of their personal data if:

  1. a) the processing or transmission of personal data is necessary solely for compliance with a legal obligation of the data controller or for the legitimate interests of the data controller, recipient, or a third party, except where the processing is required by law;
  2. b) the personal data is used for direct marketing, public opinion polling, or scientific research purposes;
  3. c) in other cases defined by law.

AUTÓVÉD Ltd. will examine the objection as soon as possible, but no later than 15 days from submission, and will inform the applicant in writing about the decision. If the data controller finds the objection to be valid, the processing of the data (including further data collection and transmission) will cease, and the data will be blocked. The company will inform all recipients who have previously received the objected personal data, as required to enforce the objection. If the data subject disagrees with the decision, they may appeal to the court within 30 days from receiving the notification. AUTÓVÉD Ltd. may not delete the data if processing is required by law. However, the data may not be transferred to the recipient if the data controller agrees with the objection, or if the court establishes the objection’s validity.

Compensation and Damages:

AUTÓVÉD Ltd. will compensate the data subject for damages caused by unlawful processing or violation of data security requirements. If the data subject’s personality rights are violated, they may claim compensation (Civil Code 2:52 §). The data controller is also responsible for damages caused by the data processor. The data controller is not liable for damages if the harm was caused by unavoidable circumstances outside the scope of data processing. Compensation is not required, and no damages can be claimed if the harm was caused by the data subject’s intentional or grossly negligent behavior.

Right to Approach the Court:

The data subject may file a lawsuit against the data controller in case of rights violations. The court will handle the case as a matter of priority.

The competent court for the data controller’s headquarters is the Budapest Metropolitan Court (1055 Budapest, Markó u. 27.), or the data subject may choose the court in their place of residence.

Data Protection Authority Procedure:

The data subject may file a complaint with the National Authority for Data Protection and Freedom of Information.