Privacy Policy

Privacy Policy

 

1. Purpose of this document

This Privacy Policy (hereinafter referred to as the “Policy”) sets the terms and conditions of how the data subject’s (hereinafter referred to as the “User” or “you”) personal or anonymous information is processed. Please read these terms and conditions carefully!

2. Definitions

General Data Protection Regulation or GDPR shall mean the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, repealing Directive no. 95/46/EC.

NNG shall mean NNG Software Developing and Commercial LLC.

  • Registered office: H-1037, Szépvölgyi út 35–37, Budapest, Hungary
  • Court of Registration: Budapest-Capital Regional Court (Fővárosi Törvényszék)
  • Company registration number: Cg.01-09-891838
  • Tax number: 13357845-2-44
  • Email: privacy@nng.com
  • Website: www.nng.com

Site shall mean www.nng.com and its subdomains.

User or you shall mean a registered or non-registered visitor of the Site.

3. Availability and updates of this document

The Data Controller reserves the right to amend this document unilaterally at any time. We suggest visiting the Site from time to time for the latest information.

4. Data controller(s)

Your data provided on the Site is processed by NNG (hereinafter referred to as the “Data Controller”).

The provided data is accessible to the following persons:

  • NNG’s employees involved in data processing (including IT specialists performing a variety of IT tasks related to the operation and maintenance of NNG’s computer system) as part of their role at NNG, relating to the performance of their duties associated with the purpose of this Policy.

5. Data processing activities

5.1 Sending newsletters or other promotional e-mails

You can subscribe to the newsletters on the Site. By ticking the appropriate checkbox, you give your voluntary consent to receiving newsletters sent by the Data Controller from time to time.

5.1.2 Purpose of data processing

The Data Controller may send you newsletters, provided that you have subscribed to the service subject to the terms set forth in this section. In the newsletters, the Data Controller provides you with information about its new products, promotions, blog entries, and other marketing activities. In the newsletters, the Data Controller may also inform you about business offers and opportunities. To provide you with personalized and relevant newsletters, increase your user experience and satisfaction, and evaluate and measure the effectiveness of the newsletter campaigns, NNG uses profiling techniques by involving the data processor specified in section 9.

The scope your personal data subject to processing:

  • First and last name
  • Email address
  • Company name (optional)
  • Position (optional)

Data processed for profiling purposes:

  • Your interaction with the received email (i.e. whether you opened the email, how many times you clicked on it, whether you read the entire email);
  • The bounce rate of the newsletters sent to you.

5.1.3 Legal basis of data processing

The data is processed in compliance with the GDPR and all relevant local laws and regulations.

The legal basis of data processing is your express consent given pursuant to

  • point a) of Article 6(1) of the GDPR and
  • sections 6(1) and (2) of Act XLVIII of 2008 of Hungary on the basic requirements of and certain restrictions on commercial advertising activities.

5.1.4 Duration of data processing and newsletter subscription

Your personal data will be retained

  • for two (2) years after your last activity (e.g. opening a newsletter), should the Data Controller notice that you have not been active on the Site for at least two (2) years, or
  • until you unsubscribe from the newsletter or specifically request the erasure of your personal data, and there is no valid legal ground for processing your data.

You may withdraw your consent at any time by

  • Following the instructions in the newsletter. Click on the unsubscribe link at the bottom of the newsletter.
  • Sending an email to privacy@nng.com.
  • Sending a letter to NNG’s postal address specified in section 2.

Please note that unsubscribing from the newsletter does not affect the lawfulness of data processing based on your consent and conducted before the withdrawal of said consent.

Please note that the Data Controller may at any time decide to stop sending newsletters without prior notice or assuming additional liability or obligation of any kind.

Please note that the newsletters are sent in collaboration with the data processor specified in section 9.

5.2 Communication with the User about any content downloadable from the Site

5.2.1 Purpose of data processing

The Data Controller may wish to provide you with access to certain educational or other materials (e.g. white papers, reports, webinars) relating to NNG’s activities (hereinafter referred to as the “Content”).

5.2.2 The scope your personal data subject to processing:

If you download any of the Content, the Data Controller will collect and process the following personal data to keep contact with you, inform you of any new content available on the Site, or send you newsletters or other promotional emails in compliance with section 5.1 herein:

  • First and last name
  • Email address
  • Company name (optional)
  • Position (optional)

Data processed for profiling purposes:

  • Your interaction with the received email (i.e. whether you opened the email, how many times you clicked on it, whether you read the entire email);
  • The bounce rate of the newsletters sent to you.

Please note that the Data Controller contacts you at its sole discretion and may decide at any time to stop providing information of or relating to the Content without prior notice or assuming additional liability or obligation of any kind.

5.2.3 Legal basis of data processing

The data is processed in compliance with the GDPR and all relevant local laws and regulations.

The legal basis of data processing is your express consent given pursuant to

  • point a) of Article 6(1) of the GDPR and
  • sections 6(1) and (2) of Act XLVIII of 2008 of Hungary on the basic requirements of and certain restrictions on commercial advertising activities.

5.2.4 Duration of data processing

In compliance with section 5.1.4 of this Policy.

5.2.5 Cooperation with third parties

NNG may, from time to time, cooperate with carefully selected third party organizations (hereinafter referred to as “Third Party”) in the creation and publication of the Content.

NNG will get your express consent before sharing your personal data collected in connection with this section 5.2 with any Third Party for marketing purposes. If you have opted-in, NNG may share your personal data with the Third Party clearly specified in the given consent, and said Third Party may contact you directly in email to inform you about their products, services, promotions and special offers that you may be interested in (unless you have refused your consent in advance).

Please note that said Third Party qualifies as a data controller of the personal data shared with them, and said Third Party will process the personal data in compliance with their own privacy policy.

Data processing conducted by NNG’s partners, i.e. transfer of personal data within the partner’s organisation, is not covered by this Policy.

After the transfer of the personal data described in this section, the Third Party will be liable for the processing thereof. Should you have any claim related to data processing as of the date of transfer, please lodge your claim directly with the Third Party.

5.3 Notification of the User of new NNG blog entries

5.3.1 Purpose of data processing

You can subscribe to NNG’s blog on the Site. By ticking the appropriate checkbox, you can request notifications of the latest blog entries (hereinafter referred to as the “Blog Notification”).

5.3.2 The scope of personal data subject to processing:

To send you Blog Notifications, the Data Controller collects and processes the following personal data:

  • First and last name
  • Email address

5.3.3 Legal basis of data processing

The data is processed in compliance with the GDPR and all relevant local laws and regulations. The legal basis of data processing is your express consent given pursuant to point a) of Article 6(1) of the GDPR.

5.3.4 Duration of data processing and Blog Notification subscription

Your personal data will be retained

  • for two (2) years after your last activity (e.g. opening a newsletter), should the Data Controller notice that you have not been active on the Site for at least two (2) years, or
  • until you unsubscribe from the Blog Notification or specifically request the erasure of your personal data, and there is no valid legal ground for processing your data.

You may withdraw your consent at any time by

  • Following the instructions in the Blog Notification. Click on the unsubscribe link at the bottom of the Blog Notification.
  • Sending an email to privacy@nng.com.
  • Sending a letter to NNG’s postal address specified in section 2.

Please note that unsubscribing from the newsletter does not affect the lawfulness of data processing based on your consent and conducted before the withdrawal of said consent.

Please note that the Data Controller may at any time decide to stop sending Blog Notifications without prior notice or assuming additional liability or obligation of any kind.

Please note that the Blog Notifications are sent in collaboration with the data processor specified in section 9.

6. Consent to the provisions of this Policy

6.1 By subscribing to the newsletter or the blog or downloading the Content by way of ticking the appropriate checkbox(es), you give your express and voluntary consent that the Data Controller process your personal data in compliance with this Policy and the laws on data protection.

6.2 Any personal information provided for the Data Controller must be true, complete, and accurate in all respects.

7. Links

Please note that the Site contains links that lead to other websites. The use of such external websites are governed by the respective data protection rules, therefore once you click on an external link or the provided button, the Data Controller no longer has any influence over the collection, storage, or processing of any personal data transmitted by your click.

8. Data security

The Data Controller observes all applicable regulations regarding the security of personal data, therefore both the Data Controller and its authorized data processors implement appropriate technical and organizational measures to protect personal data and establish adequate procedural rules to enforce the provisions of all applicable laws and regulations governing confidentiality and the security of data processing.

9. Processor(s)

9.1 NNG employs data processors to make all Content available to and/or provide email marketing services for the Users. NNG uses the online system provided by the data processor (hereinafter referred to as the “System”) to provide Content for and/or send newsletters to the Users.

9.2 With an eye to improving user experience and the effectiveness of the marketing activities, the System is used for the following purposes:

  • Store the your personal data;
  • Send emails to you;
  • Check whether the addressee has received the email;
  • Analyse the bounce rate (e.g. in cases where the email address was invalid or the email was listed as spam);
  • Analyse the addressee’s behaviour (in particular whether the email was opened, how many times the addressee clicked on it, whether the addressee read the entire email);
  • Allow you to download the Content;
  • Analyse your interaction with the downloaded Content.

9.3 The above specified user data collected and processed under this Policy is stored both in the System and on the NNG’s servers.

9.4 NNG reserves the right to change the data processor at any time.

9.5 List of data processors employed for the aforementioned purposes:

Name:   salesforce.com EMEA Limited

Address:              Floor 26 Salesforce Tower, 110 Bishopsgate EC2N 4AY London, UK

Website:              https://www.salesforce.com

Contact:               https://www.salesforce.com/form/contact/contact-privacy.jsp

 

Name:   The Rocket Science Group LLC d/b/a MailChimp

Address:              675 Ponce De Leon Ave NE, Suite 5000 Atlanta, Georgia 30308 USA

Website:              https://mailchimp.com/

Contact:               https://mailchimp.com/contact

10. Rights and seeking remedy

10.1 You may exercise your rights over the processing of your personal data against the Data Controller.

10.2 You may exercise the following rights concerning the data processing activities conducted by the Data Controller:

  • Request information on the processing of your personal data;
  • Request data portability;
  • Request the rectification of your personal data;
  • Request the erasure of your personal data or restriction of the processing thereof;
  • Object to the processing of your personal data by NNG.

10.3 By sending an email or letter to the email or postal address (registered office) of the Data Controller specified in section 2, you may request information on the data related to you and the processing thereof by the Data Controller; the sources from which the data was obtained; the purpose, grounds, and duration of processing; if your personal data is transferred to a third party, the legal basis and the recipient(s) thereof; and any breach of your personal data. The Data Controller must provide written information about the processing of your personal data within one (1) month after receipt of the request. You may also request the rectification of your personal data.

10.4 You have the right to receive your personal data processed by the Data Controller in a structured, commonly used, and machine-readable format in compliance with Article 20 of the GDPR.

You are entitled to transmit your personal data to another controller or, where it is technically feasible, you can request the Data Controller to transfer your personal data directly to another controller in compliance with Article 20 of the GDPR.

10.5 If your personal data is inaccurate, you may request the Data Controller to rectify said data, provided that the correct data is at the Data Controller’s disposal.

10.6 You are entitled to request the erasure of your personal data in compliance with the applicable laws and regulations. You may submit your request of personal data erasure by sending an email or letter to the email or postal address (registered office) of the Data Controller specified in section 2. The Data Controller must erase all stored personal data in compliance with this Policy by obfuscating said data, and making it anonym in a permanent and non-reversible manner. Please note that your data will not be erased if the processing thereof is required by law, or other exceptions apply under applicable law.

10.7 You have the right to obtain from the Data Controller the restriction of processing where one of the following applies:

  • You contest the accuracy of your personal data, for a period enabling the Data Controller to verify the accuracy of your personal data;
  • The processing is unlawful and you oppose the erasure of your personal data and request the restriction of its use instead;
  • The Data Controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise, or defence of legal claims;
  • You have objected to processing pending the verification whether the legitimate grounds of the Data Controller override yours.

10.8 You have the right to object at any time to the processing of your personal data in compliance with the applicable laws and regulations, and you are entitled to object to the processing of your personal data for direct marketing purposes, including profiling. In such a case, the Data Controller may no longer process your personal data unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defence of legal claims.

10.9 You may lodge a complaint about the processing of your personal data with the National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság, NAIH) (address: 1055 Budapest, Falk Miksa utca 9–11.; postal address: 1363 Budapest, Pf. 9.; phone: +36-1-391-1400; fax: +36-1-391-1410; email: ugyfelszolgalat@naih.hu) or the supervisory authority in the Member State of your habitual residence.

10.10 Pursuant to the GDPR—independent of your complaint lodged with the supervisory authority—you may turn to court if your rights have been violated. At your request, the proceedings may be brought before the tribunal in whose jurisdiction your home address or temporary residence is located. We suggest that you discuss your complaint with the Data Controller before launching court proceedings.

10.11 For more information on the rights and remedies, please refer to Articles 15–21 of the GDPR.

11. Limited applicability of this Policy

This Policy is not applicable to the Career Portal of the Site.

12. Contacting the Data Controller

Your feedback is much appreciated. If you have any comments or questions, or wish to obtain more information on data processing by the Data Controller, please use the Contact us menu on the Site or write to any official address of the Data Controller. All provided data will be handled with confidence. Our representative will contact you within a reasonable time.

The data protection officer (DPO) of the Data Controller can be contacted at the following email address: DPO@nng.com.

This Policy was published and is effective as of 31/05/2022.

Attached files