The purpose of this Privacy and Data Processing Notice is to ensure that, prior to the commencement of data processing by Tideus Kft., you (as a client, prospective client or other data subject) are informed of why and for what purposes Tideus Kft. processes your data, and which rights you have in this context and how you may exercise them.
Tideus Kft. (registered office: 2600 Vác, Vám utca 13; hereinafter: Service Provider, Data Controller) recognises the contents of this legal notice as binding upon itself. The Data Controller undertakes to ensure that all of its data processing activities comply with this Notice, with applicable national legislation and with the legal acts of the European Union.
The data protection principles applied by Tideus Kft. in relation to its data processing activities are continuously available at:
https://cassandraprogram.info/en/privacy-policy/
Tideus Kft. reserves the right to modify this Notice at any time.
In accordance with Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, Tideus Kft. provides the following information to data subjects in relation to the processing of personal data.
Name of the Data Controller: Tideus Kft.
Address of the Data Controller: 2600 Vác, Vám u. 13
Registered office of the Data Controller: 2600 Vác, Vám u. 13
Telephone number: +36 30 225 4000
E-mail address: info@cassandraprogram.eu
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter: Data Subject).
Individual Client (hereinafter: Client): any natural person who, in the course of their economic or professional activity, uses the services of Tideus Kft. and enters into an individual contract.
For the purposes of this Notice, a Client is also any natural person (hereinafter: Data Subject) whose personal data are provided to the Data Controller by their employer or principal (hereinafter: Employer / Principal) within the framework, and on the basis, of an existing legal relationship between the Employer / Principal as Customer and Tideus Kft. as Contractor.
Tideus Kft. selects and operates the IT tools used in the course of providing its services in such a way that the processed data:
Tideus Kft. protects data by appropriate measures against unauthorised access, alteration, transfer, disclosure, erasure or destruction, as well as accidental destruction or loss.
Tideus Kft. applies technical and organisational measures to ensure a level of security appropriate to the risks associated with data processing. In the course of processing, Tideus Kft. guarantees:
Purpose of Data Processing | Legal Basis | Duration | ||
|---|---|---|---|---|
| 1. Conclusion and content of Service Provider contract | Performance of contract / GDPR Article 6 (1) (b) | 1 year | ||
| 2. Performance and monitoring of Service Provider contract | Performance of contract / GDPR Article 6 (1) (b) | 1 year | ||
| 3. Fee collection, fee calculation, invoicing | Compliance with legal obligation / GDPR Article 6 (1) (c); Act C of 2000, Section 169 | 10 years from date of invoice, in accordance with Act C of 2000, Section 169 | ||
| 4. Invoice management | Compliance with legal obligation / GDPR Article 6 (1) (c); Act C of 2000, Section 169 | 10 years from date of invoice | ||
| 5. Retention of invoices | Compliance with legal obligation / GDPR Article 6 (1) (c); Act C of 2000, Section 169 | 10 years from date of invoice | ||
| 6. Fulfilment of tax obligations | Compliance with legal obligation / GDPR Article 6 (1) (c); Act C of 2000, Section 169 | 10 years from date of invoice | ||
| 7. Provision of data to authorities | Compliance with legal obligation | 1 year + 30 days following termination of the client contract |
The Client’s personal data may be accessed by the employees of the Data Controller solely for the purpose of performing the Service Provider contract (data processing, filing, case management).
The Data Controller applies appropriate information security measures to protect the Client’s personal data through technical and organisational safeguards (physical security, protection of electronic systems, logging of activities, ensuring accountability).
We inform you that no profiling or automated decision-making is carried out in the context of the data processing activities described in this Notice.
Our current and potential clients and partners provide us, in the course of cooperation, with business contact information (e.g. names, business contact details, positions and addresses of their employees, agents, contractors and authorised users) for the purposes of contract management, performance, product delivery, service support, invoicing and relationship management.
Contact information and personal data processed in the course of providing services may be transferred to the following entities:
The technological background of the questionnaires used by Tideus Kft. is provided by
Alchemer LLC, 168 Centennial Parkway, Unit 250, Louisville, CO 80027, United States,
which performs data collection and storage on servers located in the EU.
Further information on Alchemer’s Privacy Policy and GDPR compliance is available at:
https://www.alchemer.com/privacy/
https://www.alchemer.com/privacy/gdpr/
https://www.alchemer.com/terms/
https://www.alchemer.com/security/
The operator of the cassandraprogram.com website is:
DigitalOcean, LLC, 101 Avenue of the Americas, 10th Floor, New York, NY 10013, United States.
DigitalOcean’s data protection documentation is available at:
https://www.digitalocean.com/legal/privacy-policy/
https://www.digitalocean.com/legal/gdpr-faq/
https://www.digitalocean.com/legal/data-processing-agreement/
Data and information may be transferred to authorities or other bodies as follows:
We inform you that your personal data are processed confidentially.
We do not disclose them to third parties without your knowledge and consent, unless there is a statutory authorisation.
To comply with data security requirements, the Company ensures fair and transparent data processing by appropriate organisational and technical measures, and protects your personal data in particular against:
You may request information at any time about the processing of your personal data and may request rectification, correction, erasure or restriction of processing, as well as exercise all other rights granted by applicable law.
These rights include:
You are entitled to obtain confirmation from the Data Controller as to whether your personal data are being processed and, if so, access to the following:
The Data Controller shall provide a copy of the personal data undergoing processing free of charge on the first occasion.
Upon request, the Data Controller shall rectify inaccurate personal data concerning the Client without undue delay.
Taking into account the purposes of processing, the Client has the right to have incomplete personal data completed, including by means of a supplementary statement.
The Client has the right to obtain the erasure of personal data concerning them. The Data Controller shall erase such data without undue delay, except where:
The Client’s right to erasure may be restricted only under the exceptions laid down in the GDPR, in particular where further retention is necessary:
The Client has the right to obtain restriction of processing where:
Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with the Client’s consent, or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for important reasons of public interest of the European Union or of a Member State.
The Client has the right to object, on grounds relating to their particular situation, at any time to the processing of personal data concerning them based on public interest, the exercise of official authority or the legitimate interests of the Data Controller or a third party, including profiling based on those provisions.
In such a case, the Data Controller shall no longer process the personal data, unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the Data Subject, or which relate to the establishment, exercise or defence of legal claims.
The Client has the right to receive the personal data concerning them, which they have provided to a Data Controller, in a structured, commonly used and machine-readable format and has the right to transmit those data to another Data Controller without hindrance, where:
In exercising the right to data portability, the Client has the right to request that the personal data be transmitted directly from one Data Controller to another, where technically feasible.
The Client has the right to withdraw consent at any time.
Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You may seek legal remedy in relation to data processing.
You may:
Data Protection Officer Name: Zsolt Szalóczy | Supervisory Authority Hungarian National Authority for Data Protection and Freedom of Information Address: H-1055 Budapest, Falk Miksa utca 9-11 |
