Effective as of 1 February 2019
Taxually (company name: Taxually Korlátolt Felelősségű Társaság , seat: 1056 Budapest, Molnár utca 13. 2. em. 11., Hungary, registration no.: Cg.01-09-326410, tax no.: 26365550-2-41; email@example.com) is a data controller with regard to any personal information collected from users of its Service. A "data controller" is an entity that determines the purposes for which and the manner in which any personal information is processed. Any third parties that handle your personal information in accordance with our instructions are our service providers and are "data processors."
2. The Information We Collect and Store
2.1 Personal information is any information that identifies you (as a natural person) or makes you identifiable. Any information that is anonymized or aggregated is no longer personal information. We may collect and store the following information when running the Service:
Information You Provide. We collect personal information from you and any devices (including mobile devices) you use when you: use our Services, register for an account with us, provide us information on a web form, update or add information to your account, participate in a chat, or when you otherwise correspond with us.
Transaction Data. While using our Service, we collect information about the Services you purchase and your payment method. We monitor your time spent on our Website, so we can better help you if you struggle with any of the needed steps to be done.
Uploaded Data. We collect and store the information and data (typically on your marketplace traffic) you upload, download, or access with the Service ("Files").
Log Data. When you use the Service, we automatically record information from your device, and your activity using the Services ("Log Data"). This may include the device's Internet Protocol ("IP") address, browser type, information you search for on our Website.
Cookies. We use "cookies" to collect information and improve our Services. A cookie is a small data file that we transfer to your device. We may use "persistent cookies" to save your registration ID and login password for future logins to the Service. We may use "session ID cookies" to enable certain features of the Service, to better understand how you interact with the Service and to monitor aggregate usage and web traffic routing on the Service.
Third-Party Services. To maintain and improve the accuracy of the information we store about you, and to optimize our Services, we may collect your publicly available information from Third-Party Service Providers. For example, we may verify the company details you have provided us at the corresponding national/EU company register. Providing Service to you, we may be obliged to review (and record) all your data as representative/beneficial owner of a company (typically your first name, family name, place and date of birth, mother's full maiden name, citizenship, registered address: number and type of the identification document, tax number, copy of passport/identity card) by way of comparing them with the data contained in authority databases in connection with promoting the security of transactions. If you do not provide any of the above data for establishing your personal identification, we reserve the right to deny our cooperation in providing services to you (for more information on our obligation on the prevention of money laundering and how this obligation might affect you, visit Section 11.4 of our General Terms and Conditions).
2.2. Some of this personal information (first name, middle name, last name, e-mail address of the registrant, password), such as a way to identify you, is necessary to enter into an agreement with you. The provision of all other personal information is voluntary, but may be necessary in order to use our Services.
2.3. For more specific information on the categories of information we collect (process) at each stage of our Service, visit our Terms and Conditions document.
3. How We Use Personal Information
3.1. Your personal information may be used for the following purposes:
To provide our Services to you. We process your personal information to provide you with the Service you request. We share this information with Third-Parties (for example tax authorities) upon your request, or our service providers or partners to the extent necessary to provide you with the Services. We cannot provide you with Services without processing your personal information. [In this case the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract with us.]
To improve Customer Experience. We monitor your Website usage data (time spent with registration, upload, etc.) to proactively help you with the necessary steps to use our Services. We wish to provide you with the best Service possible. If we realize that you are having difficulties using our Website, we solely use this data to come to your help by sending you a communication via e-mail or phone. [In those cases, processing is necessary for the purposes of our legitimate interests, namely maintenance of a good service level and processing is necessary for the performance of a contract to which you are party__.]
To contact you about the Service. When you sign up for our Service, we will send you administrative or account-related information to keep you updated about our Services, inform you of relevant security issues or updates, or provide other transaction-related information to you. Service-related communications are not promotional in nature. You are not able to unsubscribe from such communications, otherwise you may miss important developments relating to your account or the Services that could affect your use of the Services. [In this case the processing is necessary for the performance of a contract to which you are party.]
To respond to your inquiries and provide customer service. We process your personal information when you contact us, such as with questions, concerns, feedback, disputes or issues. Without your personal information, we cannot respond to you or ensure your continued use and enjoyment of the Services. [In this case the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract with us.]
To enforce our terms, agreements or policies. We process your personal information to investigate, prevent, or mitigate violations of our terms, agreements or policies; enforce our agreements with third parties and partners; and, as applicable, collect fees based on your use of our Services. We cannot perform our Services in accordance with our terms, agreements or policies without processing your personal information for such purposes. [In this case the processing is necessary for the performance of a contract to which you are party or for the purposes of the legitimate interests pursued by us.]
To ensure the security of the Service. We are committed to ensuring your safety and continued enjoyment of our Services. To do so, we process your personal information to: combat spam, malware, malicious activities or security risks; improve and enforce our security measures; and to monitor and verify your identity so that unauthorized users do not access your account with us. We cannot ensure the security of our Services if we do not process your personal information for security purposes. [In this case the processing is necessary for the performance of a contract to which you are party.]
To maintain legal and regulatory compliance. Certain laws or regulations apply to our Services that may require us to process your personal information. For example, we process your personal information to pay our taxes, to fulfil our business obligations, ensure our compliance with different laws, or as necessary to manage risk as required under applicable law. Without processing your personal information for such purposes, we cannot perform the Services in accordance with our legal and regulatory requirements. [In those cases processing is necessary for the purposes of the legitimate interests pursued by us, except where such interests are overridden by the interests or fundamental rights and freedoms.]
To engage in marketing activities. We may send you marketing or informational announcements. We will only contact individuals located in the EU Countries by electronic means (including email or SMS) based on our legitimate interests, as permitted by applicable law, or the individual's consent. When we rely on legitimate interest, we will only send you information about our Services that are similar to those which were the subject of a previous sale or negotiations of a sale to you.You can object to direct marketing at any time and free of charge. [In this case the processing is based on our legitimate interest or on your previous consent.]
If you choose to limit the ways we can use your personal information, some or all of the Services may not be available to you.
4. Information Sharing and Disclosure
Service Providers, Business Partners and Others. We use certain trusted third-party companies and individuals to help us provide, analyze, and improve the Service (including but not limited to data storage, maintenance services, database management, web analytics, security, payment processing, and improvement of the Service's features). For example, we use Microsoft Azure storage service to store some of your information (for more information on Microsoft Azure's security see https://docs.microsoft.com/en-us/azure/security/azure-security) and we use "számlázz.hu" to issue invoices for you. Google Analytics collects us first-party cookies, data related to the device/browser, IP address and on-site/app activities to measure and report statistics about your interactions on our websites. (For more information on data collection of Google Analytics, visit https://support.google.com/analytics/answer/6004245?hl=hu website. Information on how you can opt-out of having making your site activity available to Google Analytics you will find on website: https://support.google.com/analytics/answer/181881?hl=en)
Compliance with Laws and Law Enforcement Requests; Protection of Taxually's Rights. We may disclose files stored in your Taxually account and other information about you to third parties (typically authorities or courts) when we have a good faith belief that disclosure is reasonably necessary to comply with a law, regulation or legal requests including to meet national/international security or law enforcement requirements.
Business Transfers. If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.
Non-private or Non-personal Information. We may disclose your non-private, aggregated, or otherwise non-personal information, such as usage statistics of our Service, and use this information for both commercial and non-commercial purposes.
5. Marketing Opt Out and Choice
If you sign up to receive marketing or informational announcements from us, such emails will include the capability to opt-out of receiving such e-mails in the future. Marketing and informational announcements include any communications to you that are only based on advertising or promoting services.
Transactional communications about your account or our Services are not considered "marketing" or "informational" communications. We will only contact you through electronic means (including email) based on our legitimate interests, as permitted by applicable law, or the relevant individual's consent. When we rely on legitimate interest, we will only send you information about our Services that are similar to those which were the subject of a previous sale or negotiations of a sale to you.
You can object to direct marketing at any time and free of charge.
6. Storage Period
We do not store the personal data for longer than is legally permitted and necessary for the related processing purposes. The storage period depends on the type of personal data, the purposes and the applicable law and therefore varies per use.
If you register for an account with us or you correspond with us using any available communication channel without a later purchase of our Services, we erase your personal data, unless you tell us not to do so, after one year from your registration and from your communication respectively.
Typically, we store your (personal) data for as long as you are using our Services or for as long as we have another purpose to do so and, thereafter, for no longer than is required or permitted by law or necessary for internal reporting and reconciliation purposes.
We erase personal data after the above described storage period or when you request us to erase your personal data.
The security of your information is important to us. No method of electronic transmission or storage is 100% secure, however. Therefore, we cannot guarantee its absolute security. We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk of varying likelihood and severity for the rights and freedoms of natural persons, in line with Article 32 of the GDPR.
If you have any questions about security on our Website or on the technical and organizational measures we have implemented, you may contact us at firstname.lastname@example.org.
8. Individual Rights.
Right of Access 1 . You, as data subject shall have the right to obtain from the us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data.
Right to rectification 2 . You shall have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you.
Right to erasure ('right to be forgotten')3 . You shall have the right to obtain from us the erasure of personal data concerning you without undue delay and we shall have the obligation to erase personal data without undue delay where certain grounds apply.
Right to restriction of processing 4 . You shall have the right to obtain from us restriction of processing where certain grounds apply.
Right to data portability 5 . You shall have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format.
Complaint lodging 6 . Without prejudice to any other administrative or judicial remedy, you as data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the data protection rules (GDPR).
Right to object 7 . You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on legitimate interest. We shall no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing. Where personal data are processed for direct marketing purposes, you shall have the right to object at any time to processing for such marketing.
If you would like to exercise your rights under applicable law, please contact us at email@example.com. We may seek to verify your identity when we receive an individual rights request from you to ensure the security of your personal information.
1 Article 15 of the GDPR
2 Article 16 of the GDPR
3 Article 17 of the GDPR
4 Article 18 of the GDPR
5 Article 20 of the GDPR
6 Article 77 of the GDPR
7 Article 21 of the GDPR