Vissza

The RPA Academy Privacy Policy

 

1. Definitions

For this information matter, the following terminology shall apply: 

1.1 Data subject: Any specific natural person who is or can be identified directly or indirectly on the basis of personal data.

1.2 Personal data: Any data that can be linked with the Data subject, particularly the name and ID symbol of the Data subject, and one or more pieces of knowledge typical of his/her physical, mental, economic, cultural or social identity, as well as any conclusion relevant to the Data subject and can be made on the basis of the data.

1.3 Approval: A voluntary and definitive expression of the will of the Data subject, which is based on appropriate supply of information and by which the Data subject gives a clear consent to the full or individual operation related processing of personal data relevant to him/her.

1.4 Protest: A declaration made by the Data subject, complaining processing of his/her personal data and requesting the termination of data processing or the deletion of processed data.

1.5 Controller: A natural or legal person or an entity without legal personality that will, either on its own or jointly with others, define the aim of data processing, make and execute decisions on data processing (including the means used for this), or make a data processing agent hired by him execute it.

1.6 Processing: Any operation or a total of operations carried out on the data irrespective of the applied procedure, so particularly collecting, taking up, recording, systemizing, storing, changing, using, polling, transferring, disclosing, coordinating or linking, seizing, deleting and destroying it as well as impeding further use of data, making photo, audio or video, and recording physical properties suitable for identifying the specific person (e.g. fingerprint or palm print, DNA sample, iris image).

1.7 Data transfer: Making a data accessible for a specified third party.

1.8 Data deletion: Making a data unrecognizable in such a way that it cannot be restored any longer.

1.9 Data designation: Furnishing the data with an ID mark in order to allow to discriminate it;

1.10 Data seizure: Furnishing the data with an ID mark in order to restrict it for a final or a definite period.

1.11 Data destruction: The total physical destruction of a data carrier medium containing the data.

1.12 Processing: Performing technical tasks associated with processing operations, irrespective of the method and means used to perform these operations and of the site of application provided that the technical tasks are carried out on the data.

1.13 Data processor: A natural or legal person or an entity without legal personality that will perform data processing on the basis of a contract made with the controller, including signing a contract in accordance with provisions set out in relevant statute.

1.14 Data file: Data as a whole managed in one and the same record.

1.15 Third party: A natural or legal person or an entity without legal personality which is not the same as the Data subject, the controller and the processor.

1.16 EEA State: A Member State to EU and any other state involved in the Convention on the European Economic Area, and a state whose citizens have the same legal status as any citizen of a state involved in the Convention on the European Economic Area on the basis of an international convention made between the EU and its Member States and a state not involved in the Convention on the European Economic Area.

1.17 Third country: Any state other than an EEA State.

1.18 For every term not defined in this information matter, a meaning defined in Infotv. (Act CXII of 2011 on Informational Self-Determination and Freedom of Information) shall apply.

2. Controller name

Name: Winformatics Technology UK Ltd..
Address: 77, High Street, Littlehampton, GB-ENG, BN17 5AG
Tax ID code: -
Trade Register No.: 12512215
E-mail: info##kukac##rpa.academy

3. Basic principles for data processing

3.1 A personal data shall be allowed to be processed only for a definitive purpose in order to exercise a right and to fulfil an obligation. Processing shall comply with the aim of processing at every stage. Taking up and processing any data shall be fair and lawful.

3.2 Only a personal data which is inevitable for implementing the aim of processing and is suitable for achieving the aim may be processed. Any personal data may only be processed to an extent and for a period as needed for implementing a specific aim.

3.3 Only a person aged over 18 shall be allowed to purchase on website https://rpa.academy!

3.4 Any data supplied for the use of the website shall be processed with a voluntary consent thereto from your side, with a separate consent for each data processing purpose. When you supply us the data, you will have to authorize us to process them by indicating it in a box by ticking. In the case where you fail to give us a consent thereto, the processing will not be realized and you will not be able to use the specific website function (purchase, mailing a newsletter). Pursuant to the provisions set forth in Infotv (Act CXII of 2011 on Informational Self-Determination and Freedom of Information), Winformatics Technology UK Ltd. shall not process a personal data unless:

3.4.1 an approval thereto is given by the Data subject.

3.4.2 If a personal data is taken up with a consent thereto from the Data subject, Winformatics Technology UK Ltd. may process the collected data - unless otherwise specified in relevant law:

3.4.2.1 in order to meet a legal obligation relevant to him, or

3.4.2.2 in order to enforce a lawful interest of Winformatics Technology UK Ltd. or a third party if the enforcement of such interest is proportionate to the restriction of law associated with the personal data protection, without a further special approval thereto and even after the withdrawal by the Data subject of his/her approval.

3.4.3 An approval thereto from the Data subject shall be presumed in regard to the personal data required for pursuing the proceedings for a court or authority proceedings initiated at the request or initiative of the Data subject, and in regard to personal data supplied by him or her for any other case initiated at the request of the Data subject.

3.5 Winformatics Technology UK Ltd. calls the attention of anyone delivering him any data that - unless their own personal data are supplied - the one supplying the data shall be obliged to obtain a consent thereto from the Data subject. The person supplying a data shall only be liable for the adequacy of the data supplied. The Customer shall, when giving an e-mail address, at the same time assume liability for the fact that only the user which has registered the specific e-mail address shall have every kind of responsibility associated with an entry to the specified e-mail address.

4. Sphere of processed personal data, aim, title and period of processing:

4.1 IDs, cookies recorded when visiting a website:
During a visit to the website, the starting and ending dates of the visit made by the user and in some case - depending on the setting of the user`s computer - the types of browser and operating system will be automatically recorded. Using these data the system will automatically generate statistical data. The Operator will not link these data with any personal data. When logging in, the website will send a session ID which will be automatically deleted when exiting the website.

Processing period:
All browsing data and session IDs will be automatically deleted when exiting the website.

4.2 Data processed at registration:

a. Surname and first name
b. User name
c. e-mail address
d. Phone number
e. Password
f. Name for invoicing
g. Country
h. Postal code
i. City
j. Street

Aims of processing: Mailing information on advantages for registered customers

Legal basis for data processing: A consent thereto from the Data subject

Processing period: Until withdrawal of consent

Data transfer: None

You can modify and delete data by entering the registration account or in person at the registered center of the company or you can ask it in writing at e-mail address info@rpa.academy (unless you have already purchased under that user name because in that case you will have to act as regulated by relevant law).

4.3 Data processed during a purchase linked with registration

a. Surname and first name
a. E-mail address / user name (needed for user identification and customer relation correspondence)
b. Password (protection of user account)
c. Name and address for invoicing, phone number and contacts (needed for making an invoice)
d. Community tax number - for an order by a company (needed for making an invoice)
f. Approval to newsletters

Aims of processing: To record purchases, to discriminate purchases, to manage complaints from customers, to facilitate and perform ordering, to keep contact with customers, to analyze customer habits, to send information on advantages for registered customers.

Legal basis for data management: A consent thereto from Data subject and an obligation set out by law

Processing period: 10 years

Data transfer: Delivery name, address, phone number, e-mail address depending on the form of delivery, for the carrier company. Data for invoicing shall be handed over to the service provider making an electronic invoice.

You can ask to modify and delete data in person at the registered center of the company or via e-mail at e-mail address info@rpa.academy (unless you have already purchased under that user name because in that case you will have to act as regulated by relevant law).

4.4 Data processed when subscribing for newsletters 

a. Name / User name
b. E-mail address

Aims of processing: Mailing newsletters containing ads as well, via e-mail

Legal basis for processing: A consent thereto from Data subject

Processing period: Until withdrawal of consent

Data transfer: None

The user may ask to unsubscribe for newsletters by clicking on link Leiratkozás /Unsubscribe/ in the newsletter or by pressing key Leiratkozás /Unsubscribe/ found in the Subscribe box on the website or by sending an e-mail message to e-mail address info@rpa.academy.

4.5 Data processed when establishing contact

a. E-mail address
b. User ID
c. Other voluntarily given data 

Aims of processing: Managing aims of message sender, documenting purchase problems

Legal basis for processing: A consent thereto from the Data subject

Processing period: up to 5 years after the management of affairs

Data transfer: None

5. Content

5.1 www.rpa.academy shall not be liable for any of its former sites that have already been deleted but nevertheless archived through the intervention of any web search engine program. Their removal shall be provided for by the Operator of the search engine site.

5.2 The html code for the portal accessible at www.rpa.academy also contains links coming from an external server and pointing to an external server, being independent from Winformatics Technology UK Ltd. The service providers of such links can collect user data due to a direct connection to their server.

5.3 An external service provider helps with an independent measurement of attendance and other web analytics figures concerning the website (Google Analytics).

Google Analytics contains so-called cookies, that is, text files stored on your computer allowing to analyze visits to your website. The information created by the cookie on the visits to your website is generally sent by the system to the Google server found in the USA and is stored there. Google will shorten your IP address but only in the EU Member States and in other countries involved in the Convention on the European Economic Area. It only happens in an exceptional case that the system sends the entire IP address to the Google server found in the USA and shortens it there. Upon an order from the website operator, Google will use these pieces of information to evaluate the usage of your website and to make reports on the activities performed on the website, and to offer other services associated with the use of the website and internet to the website operator. Google will not link the IP address transferred by your browser with other Google data. You can disable the use of cookies by properly setting your browser software. You can avoid collection and use of data by Google (cookies and IP address) by downloading and installing the browser plug-in available at the following link:

http://tools.google.com/dlpage/gaoptout?hl=en

Instead of the plug-in or on the mobile device browsers click on that link in order to install a disabling cookie that will, from now on, disable data collection within the framework of Google Analytics on that website. Disabling will be active until its cookie is deleted. If the cookie has been deleted, all you will have to do is to click on the link again. For further information on the conditions for use and the data protection directive concerning Google Analytics, please refer to:

https://www.google.com/analytics/terms/us.html

https://www.google.com/privacy?hl=en-GB

Detailed information on the way how to process measurement data is available from the controller which is available at:

https://www.google.com/analytics

5.4 For a tailored service, the service provider installs a small data package, a so-called cookie on the user`s computer. A cookie is a text file allowing us to provide you with maximum comfort when you visit our website. Each cookie contains a clear combinations of letters/numbers identifying the browser you use. These cookies are stored on your computer temporarily only and will be transferred to our server only when you visit our website. We mainly use single activity cookies which are not stored on your hard disk and are immediately deleted when you close the browser or do nothing on the website for a definite period.

The user can delete a cookie from his/her own computer and can set his/her browser to disable use of cookies.

You can view and delete cookies stored on your computer and can keep the way how they are used under control through the proper settings of your web browser. For further information on this, please contact the manufacturer or refer to the Help of your web browser.

5.5 By visiting the website and using individual functions thereof the user will give an approval to that the above mentioned cookies should be stored on the user`s computer and that the controller can have an access thereto. As a general rule, cookies will be stored for a period of 30 days but the user can ask to delete them anytime. In addition, by means of a browser program the user can set and impede cookie related activities. However, please remember that in the latter case, without the use of cookies, it may happen that you might be unable to use every service provided by the website.

5.6 https://rpa.academy may contain links pointing to websites of other companies. We shall not be liable for the data protection measures for websites visited by you through such links. Please check data protection rules relevant to such external websites!

6. Management of affairs associated with data processing

6.1 The Data subject may request Winformatics Technology Uk Ltd.:

6.1.1 to inform him or her on the processing of personal data relevant to him or her;

6.1.2 to correct his or her personal data, and

6.1.3 to delete or seize his or her personal data - with the exception of mandatory processing.

6.2 At the request of Data subject, Winformatics Technology UK Ltd. shall give information on the data of Data subject processed by him and/or his or her data processed by the controller ordered by Winformatics Technology UK Ltd., their source, the aim, legal basis and duration of processing, the name and address of controller and its activity associated with processing, and - in case of transferring personal data of the Data subject - the legal basis and address of data transfer.

6.3 Winformatics Technology UK Ltd.. shall give the information in writing within the shortest period reckoned from the date of submission of the request but within a period of 25 days at the latest, in a clear form, if requested so by the Data subject.

6.4 The above information shall be free of charge if the one requesting information has still not submitted an application for information to Winformatics Technology UK Ltd. in the current year for the same sphere of data. In other cases, reimbursement of cost may be determined. The extent of reimbursement of cost may also be fixed in a contract made between the Contracting parties. Cost reimbursement already paid shall be paid back if the data have been processed in an unlawful manner or the application for information has led to correction.

6.5 Winformatics Technology UK Ltd. shall have no right to refuse to inform the Data subject unless in cases set out in Infotv. (Act CXII of 2011 on Informational Self-Determination and Freedom of Information).

6.6 In case of refusal of supplying information, Winformatics Technology UK Ltd. shall communicate to the Data subject in writing the provision set forth in the aforesaid law the refusal of information supply has been based upon. In case of refusal of information supply the controller shall inform the Data subject on the opportunity of legal remedy at court and of addressing to competent authority Hungarian National Authority for Data Protection and Freedom of Information (hereinafter referred to as NAIH).

6.7 Should a personal data fail to comply with reality, and a the personal data complying with reality is available to the controller, the personal data will be corrected by Winformatics Technology UK Ltd.

6.8 A personal data shall be deleted if:

6.8.1 its processing is against the law.

6.8.2 requested so by the Data subject as set forth in Infotv. (Act CXII of 2011 on Informational Self-Determination and Freedom of Information)

6.8.3 it is incomplete or incorrect and this state cannot be remedied in a lawful manner provided that the deletion is not excluded by law.

6.8.4 the aim of data processing has ceased or the deadline for data storage specified by law or in these Regulations has expired.

6.8.5 it has been ordered by a court or authority.

6.9 In a case defined in clause 6.8.4 of the above paragraph the obligation to delete shall not apply to a personal data whose data carrier medium has to be deposited into safeguard at public archive in accordance with legislation concerning protection of archived matters.

6.10 Instead of deleting it, Winformatics Technology UK Ltd. shall seize the personal data if requested so by the Data subject or if - on the basis of information available to him - it can be assumed that the deletion would violate lawful interests of the Data subject. A personal data seized in this way can only be processed as far as the aim of processing which has excluded deletion of the specific personal data exists.

6.11 Winformatics Technology UK Ltd. shall designate the personal data processed by him if the Data subject argues its correctness or accuracy but the incorrectness or inaccuracy of disputed data cannot be identified clearly.

6.12 Winformatics Technology UK Ltd. shall notify the Data subject and everyone for whom the data has been transferred for processing, of the correction, seizure, designation and deletion. The notification can be neglected if it does not violate lawful interest of the Data subject in regard to the aim of processing.

6.13 Should Winformatics Technology UK Ltd. fail to meet request of the Data subject for correction, seizure or deletion, Winformatics Technology UK Ltd. shall inform in writing within a period of 25 days upon receipt of the request, the factual and legal reasons for the refusal of request for correction, seizure or deletion. In case of refusal of a request for correction, seizure or deletion, the controller shall inform the Data subject on the option of legal remedy at court and of turning to competent authority.

6.14 The Data subject shall have the right to protest against processing his/her personal data if:

6.14.1 processing or transferring the personal data is only needed to meet a legal obligation relevant to the controller or to enforce a lawful interest of controller, data recipient or a third party except for the case of mandatory data processing.

6.14.2 the personal data is used or transferred for the purpose of direct marketing, poll or scientific research, and

6.14.3 in any other case set out by relevant law.

6.15 Winformatics Technology UK Ltd. shall, within the shortest period reckoned from the date of submission of the request but within a period of 15 days at the latest, examine and shall make a decision whether it is grounded and will inform the applicant in writing on its decision.

6.16 Should Winformatics Technology UK Ltd. state that the protest of Data subject is properly grounded, he will stop processing - including further data take-up and transfer - and shall seize the data and notify everyone for whom the personal data concerned by the protest has been transferred for processing and who are obliged to take measures in order to validate the right to protest, of the protest and of any measure taken on the basis thereof.

6.17 Should the Data subject fail to agree with the decision made by Winformatics Technology UK Ltd. or if Winformatics Technology UK Ltd. fails to keep the deadline relevant to him, the Data subject may - within a period of 30 days after the data of communicating the decisions or from the last day of the deadline - turn to a court in a manner as defined in Infotv. (Act CXII of 2011 on Informational Self-Determination and Freedom of Information).

6.18 Should the Data recipient fail to receive the data needed for enforcing his/her right due to the protest of the Data subject, so within a period of 15 days after the date of communicating the notification, he may turn to court against the controller in order to get the data in a manner as defined in Paragraph 22 of Infotv. (Act CXII of 2011 on Informational Self-Determination and Freedom of Information). The controller may also interplead the Data subject.

6.19 Should the controller fail to perform a notification as specified in clause 6.16., the Data recipient may request information from the controller on the circumstances under which the data handover has failed. This information shall be supplied by the controller within a period of 8 days upon service of relevant request of data recipient. If information is requested, the data recipient may bring the matter to court within a period of 15 days reckoned from the date of supply of the information but after a deadline open for it at the latest against the controller. The controller may also interplead the Data subject.

6.20 Winformatics Technology UK Ltd. shall not delete the data of Data subject if the processing has been ordered by law. However, the data must not be transferred to the Data recipient if the controller agreed with the protest or the court has stated that the protest has been lawful.

6.21 Any Data subject may, in case of a presumed grievance associated with the processing of a personal data, turn to the competent tribunal, and in Budapest to the Fővárosi Törvényszék /Municipal Tribunal of Budapest/ as well as initiate an examination with NAIH /Hungarian National Authority for Data Protection and Freedom of Information/ (chairman: dr. Attila Péterfalvi, 1024 Budapest, Szilágyi Erzsébet fasor 22/C, ugyfelszolgalat@naih.hu, phone: +36-1-3911400, www.naih.hu).

7. Sphere of those having an access to data, data processors, data transfer:

a. Winformatics Technology UK Ltd. will perform data transfer in order to fulfil purchase orders.
b. It will not use an external processor for data processing, therefore the processor has the following data: Winformatics Technology UK Ltd. address: 77, High Street, Littlehampton, GB-ENG, BN17 5AG, https://rpa.academy
c. It is inevitable for performing the contract that the delivery data supplied by the user should be handed over to a logistic company or its subcontractors performing delivery selected by the user. Our colleagues, partners and service providers shall have secrecy obligations toward us.
d. The invoicing data supplied by the user will be handed over to the service provider making an electronic invoice: TBD
e. The controller shall not hand over any personal data to any third party beyond the aforesaid. This shall not apply to any mandatory data transfer possibly set out by law which may occur in special cases only. On the basis of an authorization from court, state attorney, investigating authority, contravention authority, public administration authority, data protection commissioner and other organizations according to an authorization by legal statute may contact the controller in order to supply information, communicate or hand over data and to deliver documents. Before fulfilling individual requests from authority the controller shall examine, for each data, whether the legal basis for data transfer exists or not. Winformatics Technology UK Ltd. shall, if the authority has indicated the exact aim and the sphere of data, issue personal data for the authorities in a quantity and to an extent only which is inevitably needed for implementing the aim of inquiry.

8. Data security requirements: 

8.1 Winformatics Technology UK Ltd. or in its sphere of activity the controller will provide for data security and shall take all technical and organizational measures and establish rules of proceedings required for enforcing Infotv. (Act CXII of 2011 on Informational Self-Determination and Freedom of Information) and other data protection and secrecy rules.

8.2 Appropriate measures shall be taken in order to protect data, particularly against illegal access, alteration, transfer, disclosure, deletion or destruction and incidental destruction and damage, and against becoming unaccessible due to a change in technology applied.

8.3 For the protection of electronically handled data files in various records, an appropriate technical solution shall be used to ensure that the data stored in the records - unless allowed by law - cannot be linked directly and assigned to the Data subject.

8.4 During an automated processing of personal data the controller and processor shall take further measures to ensure:

8.4.1 to prevent illegal data entry;

8.4.2 to impede use of automated data processing systems by an unauthorized person by means of a data transfer unit;

8.4.3 to control and identify to which bodies the personal data have been or can be transferred by means of a data transfer unit;

8.4.4 to control and identify which personal data have been entered when and by whom into the automated data processing systems;

8.4.5 that the installed systems can be restored in case of a malfunction, and

8.4.6 that a report should be made on every failure occurring during automated processing.

8.5 The controller and processor shall, when defining and applying data security measures to be taken, regard the current technical level. Out of more than one available processing solutions the one ensuring a higher level of personal data protection will have to be selected except for the case where it would mean an disproportionate difficulty for the controller.

9. Logging in to NAIH (Hungarian National Authority for Data Protection and Freedom of Information)

NAIH-84581/2015. (Management of a database associated with the operation of a webshop. Registration required for the purchase of an on-line program and how to log in for the use thereof on the website.)

NAIH-84582/2015. (Database handled for sending newsletters)

10. Data concerning shared web hosting service provider

Name of shared web hosting service provider: Winformatics Technology UK Ltd.

Contacts: http://rpa.academy

Issued in 23/06/2020

 

Created: Laszlo Fodor Modified: Laszlo Fodor

Newsletter

Calendar