6. Visitor processing on websites managed by the
Controller

​

This Policy applies to the following websites managed by the Controller:

https://easytrack.hu

For the purposes of this Policy, Visitors are: Natural persons browsing the website, using the services
of the website and ordering services from the Controller.

6.1 General information on the role of a Cookie

​

A cookie is a small piece of data (a variable alphanumeric packet of information) that is sent to the
Visitor's device by the server of the website being browsed. The cookie is stored in the browser
program of the Visitor's computer, phone or tablet and can later be read by the sending server. The
cookie cannot be read by any other website, only the one that installed it. Cookies give information
about Visitors' habits when using the website. Cookies can be used for a variety of purposes, such as
to measure the number of visitors to the site or to facilitate browsing by remembering pages previously
visited within the site. None of the cookies contain any personal data that would directly allow anyone
to contact the Visitor by e-mail, telephone or post. By themselves, cookies are not able to identify the
Visitor, they are only able to recognise the Visitor's device. If the Visitor does not wish to accept the
use of cookies on the website, they can also configure the web browser used to inform them of the
installation of cookies or to prevent the installation of cookies.

Functioning of cookies

When visiting the website of the Controller, the Controller installs cookies on the device (computer,
phone or tablet) used to visit the website. At the start of browsing the websites, the Controller informs
the Visitors about the use of cookies in a pop-up window when the main page loads.
The Visitor's consent is not required for the installation of cookies necessary to ensure the functionality
and user friendliness of the websites operated by the Controller. Anonymous visit analysis does not
involve the processing of personal data and therefore does not require consent.

The Visitor's consent is required for cookies used for additional purposes, such as statistical and
marketing data collection, to function. The Visitor provides their consent in a pop-up window.
The Visitor may at any time choose to disable and delete cookies in their Internet browser settings.
Please note, however, that without the use of cookies, you are not able to access many of the features
that make browsing easier, and some of our services may not function properly.

Managing cookie settings in browsers

Visitors can change their cookie settings via their browser. They can disable the use of cookies by
activating a setting in their browser that allows them to refuse all or some cookies. These settings are
usually available in the ‘settings’ or ‘preferences’ menu of their browser. For more information, visit the
following links:
• Chrome: https://support.google.com/chrome/answer/95647?hl=hu
• Firefox: https://support.mozilla.org/hu/kb/sutik-informacio-amelyet-weboldalak-tarolnakszami?redirectlocale=en-US&redirectslug=Cookies
• Microsoft Internet Explorer 11: http://windows.microsoft.com/hu-hu/internet-explorer/deletemanage-cookies#ie=ie-11
• Microsoft Internet Explorer 10: http://windows.microsoft.com/hu-hu/internet-explorer/deletemanage-cookies#ie=ie-10-win-7
• Microsoft Internet Explorer 9: http://windows.microsoft.com/hu-hu/internet-explorer/delete-managecookies#ie=ie-9
• Microsoft Internet Explorer 8: http://windows.microsoft.com/hu-hu/internet-explorer/delete-managecookies#ie=ie-8
Safari: visit https://support.apple.com/hu-hu and type ‘cookies’ in the search bar.
• Opera: http://help.opera.com/Windows/10.50/hu/cookies.html
• Microsoft Edge: https://support.microsoft.com/hu-hu/windows/a-microsoft-edge-ab%C3%B6ng%C3%A9sz%C3%A9si-adatok-%C3%A9s-az-adatv%C3%A9delem-bb8174ba-9d73-
dcf2-9b4a-c582b4e640dd

 

However, please also note that certain site features or services may not function properly without
cookies.

The cookies used on the website are not in themselves capable of identifying the user.

Types of cookies

Cookies can be either temporary or session cookies, which are valid for the duration of the session, or
persistent or saved cookies, and can be first-party (internal) or third-party (external) cookies.

Cookies valid during the browsing session

Browsing session cookies enable the Visitor to be recognisable during a visit to the website and thus
allow the browser to remember any page changes or selections made during the browsing session
from page to page within the website. These cookies make it quick and easy for you to navigate
through many pages on a website and go back without having to identify yourself on each page you
visit or repeat processes (such as completing a form). Such cookies are automatically deleted from
your device when you finish browsing the site or close your browser.

Persistent cookies

Persistent cookies are cookies that remain ‘persistent’ on the Visitor's device for a certain period of
time (their validity period is defined in days, weeks, months or years) after the browsing process has
expired, and therefore allow the recall of the user's preferences or actions during a subsequent visit to
the site (e.g. they can be used to store the data entered in a form on a given page). Saved cookies are
stored on the Visitor's device until the expiry date, but may be deleted by the Visitor before the
predefined deadlines expire.

Cookies from the website operator

Cookies from the server of the browsed website. In the present case, these are cookies from the
server hosting the website operated by the Controller, which ensure functionality and user friendliness,
the general characteristics and operation of which are described above. These cookies record the IP
address of the Visitor's device, the pages visited during the use of the website, and possibly (based on
the Visitor's decision) the data entered.

Cookies are used by the Controller to ensure that users registered on its websites are granted the
appropriate permissions; once the User has accessed the website, the necessary permissions are
granted. No other information is stored by these cookies in this context, including when they were
accessed, who accessed them, the Controller simply verifies the access rights by using them.
These cookies are session cookies, i.e. they are valid during the browsing session. This means that
when someone starts browsing the site, the cookie is activated and then persists for up to 15 minutes
after the user's last activity, or expires when the user exits.
An exception to this is the cookie that is stored on the Visitor's browsing device for 365 days, based on
the Visitor's decision.

Third-party cookies

Third-party cookies do not originate from the Controller or the server hosting the website. These
cookies are also saved on your computer, phone or tablet when you visit the site, as described below.

6.2 Processing performed by the cookies used by the Controller on the easytrack.hu
website

The Controller informs its Visitors that the following cookies are used by the Controller to measure
the traffic on the www.easytrack.hu website and its sub-sites and to monitor the behaviour of its
visitors, to compile statistics and to improve the effectiveness of its advertising:
- Google Analytics
- Google AdWords conversion tracking:
- Hotjar and
- Facebook Remarketing.

Google cookies
Google AdWords displays the easytrack.hu page on the Google advertising platform. When a Visitor
clicks on a Google ad and enters our website, Google Adwords places a cookie ("conversion cookie")
on the device used by the Visitor. This cookie expires after 30 days. The cookie is not used by the
data controller for personal identification. As long as the cookie is in effect, when the Visitor visits
certain pages, the Controller and Google will see that someone has clicked on the advertisement that redirected the user to our own site. Each AdWords customer receives a different cookie. Cookies may
therefore not be tracked through the websites of AdWords customers. The information collected by the
conversion cookie is used to generate conversion statistics for AdWords customers who opt for
conversion tracking. AdWords customers can see how many users clicked on their own
advertisements and were redirected to a specific page using the conversion ID.
No information suitable for personal identification is passed to the Visitor or the Controller. If the Visitor
does not wish to participate in the tracking process, they can refuse to allow the system to place the
necessary cookies - for example, they can set their browser not to allow cookies to be placed
automatically. Visitors can also prevent the placement of conversion cookies by setting their browser
to block cookies from the "googleadservices.com" domain.

Google Analytics© files are used to help monitor the site and to obtain information about how the site
is used (such as the number of visitors to the site, the pages viewed, the country region of the visitors -
where the user is browsing from, where the User "comes from" - from which other site -, the browser
used, the operating system, the Internet service provider and the resolution of the monitor used, the
time the page was browsed, when the page was left). We use this information to compile statistics and
to further improve the site.
During the visit analysis, the Controller does not collect the data in a way that would allow the
identification of the Visitor's browsing device, so we cannot identify the Visitor based on their browsing
habits. No personal data are managed during the visit analysis.
The anonymous data collected in this way is also accessible by Google Ireland Ltd (Gordon House,
Barrow Street, Dublin 4, Ireland), which is the owner and operator of the Google Analytics tools.

If the Visitor has consented to the collection of browsing data for marketing purposes, Google Ireland
Ltd will also use this data for its own purposes to deliver targeted advertising to the browsing user. In
that activity Google Ireland Ltd. combines the data collected by the cookies with the IP address of the
browsing device to determine the interests that can be identified based on the browsing patterns on
that particular device, and then delivers targeted advertising to that device.
Cookies used for marketing purposes only work with the Visitor's consent, by also identifying the
Visitor's device when the data is collected.

Further information:
• https://www.google.com/analytics
• https://support.google.com/analytics/answer/2838718?hl=hu
Google Analytics© cookies are permanent cookies and are stored for a maximum of two years, but in
practice this is between two hours and six months, depending on the type of cookie.
For more information about cookies, including the viewing, managing and deleting cookies placed,
please visit http://www.allaboutcookies.org. You can opt-out of tracking by Google Analytics on all
pages at https://tools.google.com/dlpage/gaoptout.

Facebook cookies and pixel
On the website the Controller uses the "Facebook pixel" of the Facebook social network operated by
Facebook Inc. (1 Hacker Way, Menlo Park, CA 94025, USA) or, if you live in the EU, by Facebook
Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (the "Facebook"). The
Facebook pixel allows Facebook to manage the visitors to the website as a target group to display ads
(called Facebook ads). Accordingly, the Controller uses the Facebook pixel to ensure that the
Facebook ads embedded by them only appear to Facebook users who have shown an interest in the
Controller's offers. In other words, the Facebook pixel is designed to ensure that Facebook ads match
the potential interest of users and do not cause a distraction. The Facebook pixel also allows the
Controller to analyse the effectiveness of ads on Facebook for statistical and market research
purposes, such as e.g., whether users have reached our website by clicking on a Facebook ad.
Facebook embeds the Facebook pixel directly when our website is opened and then it may place a socalled cookie, i.e. a small file on the visitor's device. If you later log in to Facebook or visit Facebook
pages while logged in, then it will register your visit to the site in your profile. The data obtained about
visitors are anonymous to us, which means that we cannot use it to determine your identity. At the
same time, the data are stored and processed by Facebook, so they can be linked to the user profile.
Facebook processes the data in accordance with its own privacy policy. So, for more information
about the operation of the remarketing pixel and the display of Facebook ads in general, please see Facebook's privacy policy at https://www.facebook.com/policy.php. You can opt out of the recording of
data by Facebook pixel and the use of your data for the purpose of displaying Facebook ads. To do
that, open the Facebook page and follow the instructions on the settings of your personal ads:
https://www.facebook.com/settings?tab=ads, the US page is http://www.aboutads.info/choices/ and
the EU page is http://www.youronlinechoices.com/. The settings are platform-independent, i.e., they
apply to both desktop computers and mobile devices.

When displaying targeted advertisements, we can use Google's and Facebook's tools to display our
own advertisements on the Visitor's device, but Google and Facebook also use the data necessary for
that for their own purposes, i.e. to display third-party advertisements. The display of such
advertisements is based on the interests of the Visitor concluded from their browsing habits.
In that activity, Google Ireland Ltd. (Gordon House, Barrow Street, Dublin 4, Ireland) and Meta
Platforms Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) determine the
interests that can be identified by combining browsing habits data with your browser's ID based on
your browsing habits from that browser, and then deliver targeted advertisements to that device. So
the data are not directly linked to the person of the Visitor, but to their device used for browsing,
primarily the browser.
Google and Meta (Facebook) do not have access to any data other than the data described in this
clause.

To find out more on the above, visit the Facebook page: https://developers.facebook.com/products.
Such cookies only work on the site with the Visitor's consent.

The Controller also uses Hotjar's analytics service: Hotjar Ltd. („Hotjar“) (http://www.hotjar.com, 3
Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta, Europe). With Hotjar's analysis, the
Controller can understand and evaluate the habits of the Visitors on the website (e.g. how much time
they spend on certain subpages, which links they click on, etc.). During the operation of this feature,
the information collected about the visit to this website is transmitted to Hotjar's servers in Ireland,
where it is stored by Hotjar.
The following information may be recorded by the visitor's device and browser:
- IP address of the user's device (collected and stored in an anonymous format)
- Screen size of the user's device
- The type of device and browser used by the user
- User location (country only)
With Hotjar, visits to and use of the website are analysed and reported on separately. Hotjar also uses
the services of third parties such as Google Analytics and Optimizely in this function. These third
parties mentioned in relation to the data transfer may store information that the user's browser sends
when viewing the website (e.g. cookies, IP bid requests, etc.). The cookies used by Hotjar are not
deleted for different periods of time, some cookies are automatically deleted after the current visit, but
there are also cookies that are kept for up to 365 days.
If you wish to opt-out of Hotjar's logging of data, please visit https://www.hotjar.com/opt-out.
Hotjar's privacy policy can be found here (https://www.hotjar.com/legal/policies/privacy).

 

Data subjects affected by the data processing: all Visitors, Users visiting the websites operated by
the Controller, regardless of the use of the services available on the website.

Legal ground of the processing:
In the case of processing of data which is technically necessary for the provision of the service
(session ID), the legal ground for the processing of the data is the legitimate interest of the Controller
pursuant to Article 6(1)(f) of the GDPR, given that the processing of data does not entail any risk for
the Visitor, while at the same time the usability of the website, as the availability of our services by
electronic means can only be ensured in this way.
On this legal ground, the Controller only processes data (e.g. IP address, browser type and screen
resolution used, language displayed, current country) which are necessary for the operation of the
website, for its user-friendliness, for providing essential functions and for the security of the computer
system.
The Controller will not transfer the data to third parties or process them for any other purpose.
The Controller performs general visit analysis by collecting anonymous data, so no personal data are
processed in this context.

Purpose of the processing: ensuring the proper functioning of the website

Cookies requiring consent:
Legal ground for the data processing Consent of the Visitor pursuant to Article 6(1)(a) of the GDPR.
You can consent to the collection of data for statistical and marketing purposes by setting the slider in
the Special cookie settings window that pops up when you start browsing the website and by clicking
on the "Save" button.

Purpose of the processing:
Google Adwords: The information collected by the conversion cookie is used to generate conversion
statistics for AdWords customers who opt for conversion tracking.
Google Analytics: Processing of data on browsing habits ("Visit Analytics" category in the pop-up
window): Visit analysis is performed by collecting anonymous data, so no personal data are processed
in this context.
Facebook pixels: for online marketing activities
Hotjar: Understanding and evaluating visitors' habits.

Processed data:
The Controller performs general visit analysis by collecting anonymous data, so no personal data are
processed in this context.
The data related to the following purposes are processed on easytrack websites in a manner that can
be linked to the Visitor, but the Controller only has access to them for technical purposes during the
login, otherwise they may be stored on the Visitor's device:
• the User's e-mail address or username and password, and their possible storage for easier
access (at the Visitor's choice, stored on the Visitor's device)
• the User's e-mail address (as username) or username and password (in encrypted form, the
password cannot be known by the Controller), the IP address of the browsing device used by the
User for the verification of the User’s access rights.

 

Duration of processing:
The data necessary to ensure the user-friendliness of the website (IP address, order of the pages
visited on the website during browsing) are recorded for the duration of the browsing session (i.e. the
duration of the browsing of the website) and are deleted once it finishes. Such data are processed by
the Controller's IT system using its own tools and are not accessible for third parties.
The visit analysis is performed by the Controller by collecting anonymous data, so no personal data
are processed in this context.
The data on which the website usage patterns are mapped are stored for a maximum of two years.
The cookies that enable that are stored on your browsing device. You can erase these cookies or
prevent them from working at any time by turning off the "Marketing" categories in your browser
settings and in the window at the bottom of the website by clicking on "Cookie settings".

​

Method of data storage: On separate processing lists in the Controller's IT system. The data
necessary to ensure the user-friendliness of the website (IP address, order of pages visited on the
website during browsing) are not stored. Cookies that provide data are stored locally on the Visitor's
device.
For more information about the information technology processing using Google Analytics, Facebook's
tools, please visit Google Analytics https://www.google.com/intl/hu_ALL/analytics/support and
Facebook https://developers.facebook.com/products.

 

Use of processors
The Controller uses the following companies as processors for the display of targeted advertising and
visitor analysis:
Google Ireland Ltd.
Company registration number: 11603307
Tax number: IE 6388047V
Registered office: Gordon House, Barrow Street, Dublin 4, Ireland
Postal address: Gordon House, Barrow Street, Dublin 4, Ireland

Phone: +353 1 436 1000
Website: https://www.google.ie/

Meta Platforms Ireland Ltd.
Company registration number: 462932
Tax number: IE 9692928F
Registered office: 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Business site: 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Postal address: 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Phone: +001 650 543 4800
Message: https://facebook.com/help/contact/540977946302970
Website: https://www.facebook.com/privacy/explanation

Hotjar Ltd. („Hotjar“)
Company registration number: C65490
Tax number: 996834623
Registered office: 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta, Europe
Phone: +1 (855) 464-6788
Website: http://www.hotjar.com

Data subject to processing: the browsing data described above in this notice and preferences, and the
conclusions that can be drawn from them about the interests of the Visitor.
Purpose of the use of processors: to provide the Visitor with the information technology solutions used
to display targeted advertising.
Duration of processing: the Processors have access to the data processed for the different purposes
for the periods described above.
Nature of processing: collection of information technology data using online IT solutions.
There is no processing for other purposes.
The Controller does not use any processors other than the Processors identified above.

 

​

7 Data processed for the purposes of contracting and performance

Processing for the purposes of contracting and performance in more detail:

7.1 Contact
Processing A contact is established when the Customer contacts the Controller,
e.g., by email, contact form or phone, with a query about the
easyTRACK or TELL Tacho UltraLINK Service. Prior contact is not
mandatory; the Customer may enter into a contract for the use of the
Service at any time without it.
Purpose of the
processing
To facilitate contact with the Controller
Scope of
processed data
Data provided during the contact (name, phone number, employer's
company name, position, email address, subject of the communication,
content of the communication, vehicle data)
Data subjects Natural persons establishing contact with the controller
Legal ground of
data processing
The voluntary consent of the data subject, which they grant to the
controller by contacting the controller. [Processing pursuant to Article
6(1)(a) of the Regulation]
The User the right to withdraw their consent at any time. Withdrawal of
consent is free of charge and not subject to any conditions but the
withdrawal of consent shall not affect the lawfulness of processing
before its withdrawal.
Duration of the
processing
The Controller shall process the data until the purpose is achieved; if the
contact does not lead to a contract, the processing shall continue until
the message is answered or the Data Subject's request is fulfilled.

If the exchange of information takes place by exchanging several
messages on related subjects, the Controller shall erase the data 1
month after the end of the exchange of information or after the request
has been fulfilled.
If the exchange of messages leads to the conclusion of a contract and
the content of the messages is relevant to the contract, the legal ground
and duration of the processing is as described in Clauses 7.2 and 7.3
(processing related to the use of the service).
Recipients: employees of the Controller performing customer service tasks, the
hosting service provider of the Controller as a processor, employees of
the hosting service provider.
Consequence of
the failure to
provide the
required data:
the Data Subject cannot contact the Controller
Data transfer to a
third country or to
an international
organisation

• While processing the data referred to in this Clause, the Controller shall
not transfer data to third parties other than the data processor.
Processor Hosting service provider pursuant to Clause 8.1, service providers
pursuant to Clause 8.10. Powr (https://www.powr.io/) and Wix
(https://www.wix.com/)
Data transfer none
Automated decision
making, profiling
The Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.

7.2 Processing of data of contracting partners

Description of the
processing
Processing of data of partners who have entered into a contract with the
Controller for the performance of the contract.
Purpose of the
processing
Conclusion, performance, termination of the contract
Scope of
processed data
The Controller processes the name, name at birth, date of birth, mother's
name, address, tax identification number, phone number, e-mail
address, ID card number, bank account number, signature of the natural
person who has entered into a contract with the Data Controller to the
extent necessary for the performance of the contract.
For the EasyTRACK and TELL Tacho UltraLink service, the Controller
processes the tachograph operator's registration card ID and the size
and composition of the fleet.
Data subjects Natural persons having a contractual relationship with the Controller.
Legal ground of
data processing
Article 6(1)(b) of the Regulation, according to which processing is
necessary for the performance of a contract to which the data subject is
a party.
Such processing is also lawful if it is necessary for the purposes of
taking steps at the request of the data subject prior to the conclusion of
the contract.
Duration of the
processing
5 years after the termination of the contract.
The Controller shall keep the data processed in connection with the
performance of the contract, including messages with substantial
content relating to the contract, for 5 years after the termination of the
contract, which is the general limitation period applicable to civil law
claims. Information on the processing of data for the fulfilment of related
accounting obligations is provided in Clause 7.4.
Recipients: Recipients of the personal data: the employees of the Company
performing customer service tasks, the employees performing
accounting and taxation duties and processors.
Consequence of the Data Subject cannot enter into a contract with the Controller

the failure to
provide the
required data:
Data transfer to a
third country or to
an international
organisation
While processing the data referred to in this Clause, the Controller shall
not transfer data to third parties other than the data processor.
Processor Hosting provider of the Controller (8.1.), CRM system (8.3.)
Data transfer none
Automated decision
making, profiling
The Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.

7.3 Processing of data of natural person representatives of legal person customers,
buyers, suppliers

Description of the
processing
Processing of data of partners acting on behalf or organisations as
contact persons who have entered into a contract with the Controller for
the performance of the contract.
Purpose of the
processing
Performance of a contract with a partner of the controller legal person,
business relations.
Scope of
processed data
the natural person’s name, address, phone number, e-mail address,
place of work, position, signature.
Data subjects The natural person representative, contact person of Customers who
have a contractual relationship with the Controller.
Legal ground of
data processing
The personal data are processed by the Controller on the basis of Article
6 (1) (f) of the GDPR, on the basis of the legitimate interest of the
Controller in establishing and maintaining a business relationship.
In addition, the legitimate interest of the organisation contracting with the
Controller is the use of the ordered service, which it can do through its
natural person representative.
Duration of the
processing
five years from the start of the business relationship and the
representative status of the data subject.
Recipients: employees of the Controller performing customer service tasks, the
hosting service provider of the Controller as a processor, employees of
the hosting service provider.
Consequence of
the failure to
provide the
required data:
the Data Subject cannot enter into a contract with the Controller
Data transfer to a
third country or to
an international
organisation
While processing the data referred to in this Clause, the Controller shall
not transfer data to third parties other than the data processor.
Processor Hosting service provider (clause 8.1), CRM system 8.3.
Data transfer none
Automated decision
making, profiling
the Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.

7.4 Processing for the fulfilment of an accounting obligation

Description of the
processing
The processing is performed for the purpose of issuing invoices in
accordance with the law and for the fulfilment of the obligation to keep
accounting records. Pursuant to Section 169 (1) to (2) of the Accounting
Act, companies are required to keep accounting documents that directly

and indirectly support the accounts in the books.
Purpose of the
processing
To fulfil accounting obligations, record keeping and document retention
obligations related to the contract with the Processor.
Scope of
processed data
name, address, tax number, taxpayer status, e-mail address, additional
data recorded on the accounting document.
Data subjects Natural persons having a contractual relationship with the Controller.
Legal ground of
data processing
Fulfilment of a legal obligation [Processing pursuant to Article 6(1)(c) of
the Regulation, performance of a legal obligation] Pursuant to Article 159
(1) of Act CXXVII of 2007 on Value Added Tax, the issue of an invoice is
mandatory and invoices must be kept pursuant to Section 169 (2) of Act
C of 2000 on Accounting
Duration of the
processing
Invoices issued must be kept for 8 years from the date of issue in
accordance with Section 169 (2) of the Accounting Act.
Recipients: Employees of the Controller performing invoicing tasks.
Consequence of
the failure to
provide the
required data:
the Data Subject cannot enter into a contract with the Controller.
Data transfer to a
third country or to
an international
organisation
While processing the data referred to in this Clause, the Controller shall
not transfer data to third parties other than the data processor.
Processor Freshdesk Ticketing System (8.8)
Processor of the Controller performing accounting and auditing tasks
Data transfer none
Automated decision
making, profiling
the Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.

7.5 Data processed in relation to the justifiability of consent

Description of the
processing
When you visit the website and when you make a declaration in relation
to the use of cookies or when you subscribe to the newsletter, accept
the GTC, conclude a contract, the IT system stores the IT data relating
to the consent for the purpose of subsequent verifiability.
Purpose of the
processing
Proof of the data subject's consent
Scope of
processed data
Date of consent and declaration and IP address of the data subject.
Data subjects Visitors to websites operated by the Controller
Legal ground of
data processing
Article 6 (1) c) of the Regulation
This obligation is provided for in Article 7(1) of the Regulation.
Duration of the
processing
Due to legal requirements, consent must be verifiable at a later stage,
therefore the duration of the data storage will be for a period of limitation
after the end of the processing.
Recipients: Recipients of personal data and recipient categories employees of the
Controller performing technical support tasks, the hosting service
provider of the Controller as a processor, employees of the hosting
service provider.
Consequence of
the failure to
provide the
required data:
no consequence
Data transfer to a
third country or to
While processing the data referred to in this Clause, the Controller shall
not transfer data to third parties other than the data processor.

an international
organisation
Processor the hosting service provider of the Controller (Clause 8.1)
Data transfer none
Automated decision
making, profiling
the Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.

7.6 Processing on the Controller's Facebook page

The Controller maintains a Facebook page to promote its products and services: EASYTRACK GPS
Monitoring System.
The Controller does not process personal data posted by visitors to the Controller's Facebook page.
Visitors are governed by the Facebook Privacy and Terms of Service.
In the event of publication of illegal or offensive content, the Controller may exclude the data subject
from membership or delete their comments without prior notice.
The Controller is not responsible for any illegal content or comments posted by Facebook users.

 

7.7 Data processing for connecting to Facebook messenger

Description of the
processing
Contact is established when the data subject contacts the Controller in a
messenger message in relation to the easyTRACK or TELL Tacho
UltraLINK Service. Prior contact is not mandatory; the Customer may
enter into a contract for the use of the Service at any time without it.
Purpose of the
processing
To enable the User to exchange messages with the Controller.
Scope of
processed data
the name of the User and the content of the message sent by them.
Data subjects Users who send messages on the website using the Facebook
messenger application.
Legal ground of
data processing
The consent of the User pursuant to Article 6(1)(a) of the GDPR. The
User gives their consent by sending a message via the Facebook
messenger application.
The User the right to withdraw their consent at any time. The withdrawal
of consent shall not affect the lawfulness of processing before its
withdrawal.
Duration of the
processing
The Controller processes the data until the purpose is achieved.
Accordingly, in the case of Users sending a message, the duration of the
processing shall be until the message is replied to or the User's request
is fulfilled. If the exchange of information takes place by exchanging
several messages on related subjects, the Controller shall erase the
data 1 month after the end of the exchange of information or after the
request has been fulfilled.
If the exchange of messages leads to the conclusion of a contract and
the content of the messages is relevant to the contract, the legal ground
and duration of the processing is as described in Clauses 7.2 and 7.3
(processing related to the use of the service).
Recipients: Recipients of personal data and recipient categories: employees of the
Controller performing customer service tasks, the hosting service
provider of the Controller as a processor, employees of the hosting
service provider.
Consequence of
the failure to
provide the
required data:
the Data Subject cannot contact the Controller
Data transfer to a
third country or to
an international
While processing the data referred to in this Clause, the Controller shall
not transfer data to third parties other than the data processor.

organisation
Processor The Controller uses Meta Platforms Ireland Ltd. as processor in
connection with the use of the Facebook messenger application. For
information on processing performed by the service provider Meta
Platforms Ireland Ltd. on its own behalf when Facebook messenger is
used, please refer to the relevant privacy notice of the service provider
Meta Platforms Ireland Ltd. at
https://www.facebook.com/privacy/explanation.
Data transfer none
Automated decision
making, profiling
the Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.

7.8 Processing in the course of technical support tasks

Description of the
processing
Solving technical problems encountered in the use of the Service
Purpose of the
processing
Performance of the contract with the Controller's partner, technical
support tasks, troubleshooting.
Scope of
processed data
When investigating a report, technical support may, depending on the
type of problem, examine: system logs, data added by the Customer to
their account, account settings and any other data displayed.
Data subjects Users reporting a technical problem to the Controller.
Legal ground of
data processing
Article 6 (1) f) of the Regulation
Data are processed by the Controller on the basis of their legitimate
interest in the performance of the contract.
Duration of the
processing
the duration of technical support tasks, troubleshooting, after which the
data will be erased without delay.
Recipients: Employees of the Controller performing technical support tasks.
Consequence of
the failure to
provide the
required data:
The Controller is unable to fulfil its contractual obligations.
Data transfer to a
third country or to
an international
organisation
While processing the data referred to in this Clause, the Processor shall
not transfer data to third parties other than the data processor.
Processor the Controller's hosting service provider (Clause 8.1.), Arenim Tel (8.9.),
Customer Service Calling System (8.4.)
Data transfer none
Automated decision
making, profiling
the Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.

7.9 Processing of data provided when logging into easyTRACK.hu

Description of the
processing
The Service can be used by the User after logging on to
https://easytrack.hu orhttps://easytrack.hu/tacho-ultralink
Purpose of the Purpose of the processing performance of the contract; within that, to
processing enable the User to use the Service.
The data are necessary for the identification of the User in the database
and for the provision of the service, and for the maintenance of relations
between the parties.
The password is used for secure access to the User's account.
Scope of
processed data
Data processed when accessing easytrack.hu and
easytrack.hu/tachoultralink.hu: username, password.
The username is necessary to identify the User in the database.
The password is used for secure access to easyTRACK and TELL
Tacho UltraLINK.
Data subjects Users of the easyTRACK and TELL Tacho UltraLINK services available
on the website.
Legal ground of
data processing
the Controller processes personal data on the basis of Article 6(1)(f)
GDPR, on the basis of the legitimate interest of the Controller in the
lawful use of their Services.
In addition, the legitimate interest of an organisation contracting with the
Controller is the use of the ordered service by an authorised person.
Duration of the
processing
five years from the start of the business relationship and the
representative status of the data subject.
Recipients: employees of the Controller performing customer service tasks, the
hosting service provider of the Controller as a processor, employees of
the hosting service provider.
Consequence of
the failure to
provide the
required data:
the Data Subject cannot use the service.
Data transfer to a
third country or to
an international
organisation
While processing the data referred to in this Clause, the Processor shall
not transfer data to third parties other than the data processor.
Processor Hosting service provider (Clause 8.1)
Data transfer none
Automated decision
making, profiling
The Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.
Method of storage In the Controller's IT system, in a separate file.

7.10 Processing for direct marketing purposes

Processing Unless otherwise provided by specific other legislation, with the
exception provided for in Act XLVIII of 2008, advertisements may be
conveyed to natural persons by way of direct contact (direct marketing),
such as through electronic mail or equivalent individual communications,
only upon the express prior consent of the person to whom the
advertisement is addressed.
Purpose of the
processing
To pursue direct marketing activities related to the activities of the
Controller, i.e. to send advertising publications, newsletters, current
offers in printed (postal) or electronic form (e-mail), on a regular or
periodic basis, to the contact details provided at the time of registration.
Scope of
processed data
name, address, telephone number, e-mail address, online identifier of
the natural person.
Data subjects Natural persons who consent to the processing of their data for direct
marketing purposes by the controller
Legal ground of
data processing
The voluntary consent of the data subject given to the Controller by
means of an explicit declaration. [Processing pursuant to Article 6(1)(a)
of the Regulation]
The User the right to withdraw their consent at any time. Withdrawal of
20
consent is free of charge and not subject to any conditions but the
withdrawal of consent shall not affect the lawfulness of processing
before its withdrawal.
Duration of the
processing
Duration of the processing: until consent is withdrawn
Recipients: Employees of the Controller performing customer service tasks,
marketing activities, employees of the IT service provider of the
Controller performing server services as processors, postal delivery.
Consequence of
the failure to
provide the
required data:
the Data Subject is not informed of news and promotions related to the
activities of the Controller
Data transfer to a
third country or to
an international
organisation
• While processing the data referred to in this Clause, the Controller shall
not transfer data to third parties other than the data processor.
Processor The hosting service provider according to clause 8.1., T.E.L.L. Műszaki
Fejlesztő Kft. (8.2.)
Data transfer none
Automated decision
making, profiling
The Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.

7.11 Processing related to the newsletter service

Processing The Controller operates a newsletter system to keep interested parties
informed.
Purpose of the
processing
1. To send newsletters about the products and services of the Controller
2. To send promotional material
3. Providing technical information (updates, new features, bug fixes)
Scope of
processed data
name (last name, first name)), e-mail address of the natural person.
Data subjects Natural persons subscribing to the newsletter
Legal ground of
data processing
The voluntary consent of the data subject, which they grant to the
controller by contacting the controller. [Processing pursuant to Article
6(1)(a) of the Regulation]
The User the right to withdraw their consent at any time. Withdrawal of
consent is free of charge and not subject to any conditions but the
withdrawal of consent shall not affect the lawfulness of processing
before its withdrawal.
A natural person who registers for the newsletter service on the website
may give his or her consent to the processing of his or her personal data
by ticking the box "Consent to processing" and clicking on the button
“Subscribe". The data subject may unsubscribe from the newsletter by
using the “Unsubscribe” application or in a written declaration made via
e-mail. Unsubscription also means the withdrawal of the user’s consent.
In such a case, all data of the unsubscribing user must be erased
immediately.
The data subject may unsubscribe from the newsletter at any time by
clicking on the "Unsubscribe" button in the footer of the newsletter, which
will automatically erase their data stored in the system, or, upon their
request by e-mail (info@tell.hu), the Controller will erase their without
delay, but within 15 days at the latest.
Duration of the
processing
Duration of the processing: until consent is withdrawn
As long as the newsletter service exists or until the data subject's

consent is withdrawn (until the request for erasure is sent to
info@tell.hu).
Recipients: Employees of the Controller performing customer service tasks and
marketing activities, employees of the IT service provider of the Data
Controller as data processors for the purpose of providing the hosting
service,
Consequence of
the failure to
provide the
required data:
the Data Subject cannot contact the Controller
Data transfer to a
third country or to
an international
organisation
• While processing the data referred to in this Clause, the Controller shall
not transfer data to third parties other than the data processor.
Processor the hosting service provider pursuant to Clause 8.1
The Controller's newsletters are sent through the international newsletter
system "Mailchimp" from abroad, so in addition to registration, the
explicit consent of the Data Subject is required for the transfer of their
personal data to a foreign controller. The Mailchimp system is operated
by The Rocket Science Group, LLC (675 Ponce de Leon Avenue, Suite
5000, Atlanta, GA 30308 USA). The foreign operator ensures processing
in compliance with European Union regulations under the provisions of
the EU-U.S. Privacy Shield Framework data exchange agreement.
For Mailchimp's most recent Privacy Policy, please visit
https://mailchimp.com/legal/privacy/.
Data transfer none
Automated decision
making, profiling
The Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.

7.12 Customer service telephone recording

Processing The Controller records telephone communications with its customer
service for the purpose of providing information and fulfilling sales and
services as well as providing information in that regard.
Purpose of the
processing
quality assurance, preservation of the content of the conversation for
future evidential purposes
Scope of
processed data
phone number, time of the call, audio recording of the recorded
conversation, personal data provided during the conversation.
Data subjects Natural persons establishing contact with the controller
Legal ground of
data processing
The voluntary consent of the data subject, which they grant to the
controller by contacting the controller. [Processing pursuant to Article
6(1)(a) of the Regulation]
The User the right to withdraw their consent at any time. Withdrawal of
consent is free of charge and not subject to any conditions but the
withdrawal of consent shall not affect the lawfulness of processing
before its withdrawal.
The voice recording must be stated and consent must be requested at
the beginning of the call.
Duration of the
processing
Phone conversations will be kept for 1 year. The recorded audio
materials can be retrieved on the basis of the phone number and the
date of the conversation.

Recipients: Employees of the Controller performing customer service related tasks.
Consequence of
the failure to
provide the
required data:
the Data Subject cannot contact the Controller
Data transfer to a
third country or to
an international
organisation
While processing the data referred to in this Clause, the Controller shall
not transfer data to third parties other than the data processor.
Processor Hosting service provider according to Clause 8.1, Arenim Tel (8.9.)
Data transfer none
Automated decision
making, profiling
The Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.

7.13 Processing related to the use of the trial version

Processing The Company provides the possibility to test the service on the website
in order to get to know the service.
Purpose of the
processing
To allow to test the service
Scope of
processed data
name (surname, first name), e-mail address of the natural person.
Data subjects Natural persons intending to try a trial version
Legal ground of
data processing
The voluntary consent of the data subject. [Processing pursuant to
Article 6(1)(a) of the Regulation]
A natural person who registers for a trial version of the service may give
their consent to the processing of their personal data by ticking the box
"Consent to processing" and clicking on the button "Request trial
version".
The User the right to withdraw their consent at any time. Withdrawal of
consent is free of charge and not subject to any conditions but the
withdrawal of consent shall not affect the lawfulness of processing
before its withdrawal.
Duration of the
processing
As long as the test service exists or until the data subject's consent is
withdrawn (until the request for erasure is sent to easytrackinfo@tell.hu).
Recipients: employees of the Controller performing customer service and technical
support tasks
Consequence of
the failure to
provide the
required data:
the Data Subject is unable to use the service on a test basis.
Data transfer to a
third country or to
an international
organisation
While processing the data referred to in this Clause, the Controller shall
not transfer data to third parties other than the data processor.
Processor the hosting service provider pursuant to Clause 8.1
Data transfer none
Automated decision
making, profiling
The Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.

7.14 Processing of data in the course of using the Driver App mobile application

Processing In order to use the service, the user is required to provide certain
personal data to the Company. These data will be processed by the
Company in a confidential manner, in full compliance with the applicable
legislation and solely for the purpose of providing the service and
operating the application.
The downloading and use of the application and the supply of personal
data is always voluntary. The Data Subject accepts responsibility for
having downloaded the application voluntarily and having been duly
informed. Only the person providing the data is responsible for the
accuracy of the provided personal data. With regard to this assumption
of responsibility, the Company shall not be liable for any inaccuracy in
the content of the data provided.
Purpose of the
processing
The use of the Driver App Mobile Application services by the User.
Scope of
processed data
- for the purpose of driver identification User name, password, •
- photos uploaded by the Data Subject to the Document Store,
- content of conversations between drivers and dispatchers,
- the data of the User's log-in computer and mobile devices generated
during the use of the service and recorded by the Company's system
as an automatic result of technical processes.
Data subjects Natural persons intending to try a trial version
Legal ground of
data processing
Section 13/A (3) of Act CVIII of 2001 on certain issues of electronic
commerce services and information society services (Eker.tv.).
Duration of the
processing
The Service Provider processes the data for the duration of the driver's
registration.
Recipients: employees of the Controller performing customer service and technical
support tasks
Consequence of
the failure to
provide the
required data:
the Data Subject cannot use the service on a test basis.
Data transfer to a
third country or to
an international
organisation
While processing the data referred to in this Clause, the Controller shall
not transfer data to third parties other than the data processor.
Processor the hosting service provider pursuant to Clause 8.1
Data transfer none
Automated decision
making, profiling
The Controller does not pursue such processing and does not score or
classify into categories data subjects according to any system, criteria,
etc.
Data storage
location
on servers owned by the Service Provider and located in the serverhotel
at Servergarden Kft., 1023 Bp, Lajos utca 28-32 and the storage space
of the application.