Data Protection

Personal Data

Our website can be visited without providing personal information.

Personal data is collected, processed and used on voluntary basis so that you can utilize the contacts and advertising offers.

By taking tax and commercial retention periods into account, personal data is stored until that is necessary for the stated purpose. Data will not be disclosed to third parties without your explicit consent.

You are entitled to inquire about your personal data and its origin, the purpose of data processing and to revoke your consent of personal data processing at any time for free of charge. Additionally, you are entitled to request the rectification, erasure and suppression of personal data. This does not apply to data that is stored due to legal regulations or required for proper conduction of business. In order to restrict data processing at any time, data is stored in a lock file for control purposes. Moreover, we can transfer your data to your or your desired location upon your request.

We may occasionally disclose data based on the instructions of government authorities with the purpose of law enforcement, fulfilling vital interests, statutory tasks of the Constitutional Protection Agency, Military Counterintelligence Service (MAD) or enforcement of intellectual property rights.

Should you have reasons for objection, you are entitled to raise a complaint to a regulatory authority or a competent body, respectively.

You can contact the following address to request information, raise questions, propositions, complaints or criticism regarding our privacy policy:

TEC GmbH
Hamburger Strasse 28
41540 Dormagen

         Tel.:    +49 2133 97901-0
         Fax:   +49 2133 97901-10

        E-Mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

Cookies

We utilize so-called “cookies” in order to recognize multiple searches made by the same user. "Cookies" are small text files that your Internet browser stores and saves on your computer. By the help of enabling “cookies”, our website will automatically recognize you when you re-visit our pages. The information obtained provides you easier access to our website and helps us to optimize our offers as per your needs.

You can prevent the storage of “cookies” on your hard disk by selecting “Do not accept cookies” in your browser settings, however, such settings may result the restriction of our offers.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google") which utilizes “cookies” as well. The information generated by the “cookie” about your usage of this website is stored and transmitted to a USA based server of Google.

We have activated an IP anonymization function which anonymizes the last digits of the user’s IP address. In exceptional cases, the complete IP address is transmitted and anonymized on Google’s server (USA). Google utilizes that data on our behalf in order to compile reports, to evaluate website activity and to provide other services related to website activity and internet usage. The IP address provided by Google Analytics will not be merged with other Google data.

You can prevent the storage of these “cookies” (see above under Cookies) or the transmission of the data either generated by the “cookie” or by your website usage (incl. your IP address) by downloading and installing the browser plug-in available at the following link:

http://tools.google.com/dlpage/gaoptout?hl=de

Further Links and Connection to Social Networks

Buttons on some pages might lead you to the websites of other companies or to social networks. By clicking on such a button, personal data might be transmitted to the operator of the browsed website. By clicking on social network links, your data might get connected to your social network profile and stored there.

Direct Marketing Data Protection

Data Protection Notice

 

  1. Introduction
    • TEC GmbH (hereinafter: “Controller”) informs you in the present data protection notice (hereinafter: “Notice”) regarding the manners of collecting, using, transferring, forwarding and storing personal data of its clients.
    • The Controller shall be entitled to amend the Notice at any time, unilaterally.
    • The Controller shall make the Notice and all amendments thereof available on its website. If the amendment is required by change of law or any decision of authority, or such amendment does not affect any matter related to the processing of personal data (e.g. amendment of a technical nature, not affecting rights and obligations related to data processing), the amendment shall be applicable for the processing of personal data collected preceding the date of entry into force of the amended Notice.
    • Should you have any queries regarding the present Notice, please contact us via the e-mail address provided in Article 2, and we will return to you with the answer.
    • The personal data shall be processed in compliance with the following acts by the Controller:
  • Act CXII of 2011 on Informational Self-Determination and Freedom of Information (hereinafter: “Privacy Act”),
  • Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter: “GDPR”),
  • Act CVIII of 2001 on certain issues of electronic commerce activities and information society services (hereinafter: “E-commerce Act”),
  • Act XLVIII of 2008 on the essential conditions and certain limitations of commercial advertising activity (hereinafter: “Advertising Act”),
  • Act C of 2000 on Accounting (hereinafter: “Accounting Act”),
  • Act CXXVII of 2007 on value added tax (hereinafter: “VAT Act”), and
  • Act V of 2013 on the Civil Code (hereinafter: “Civil Code”).
    • Under the referred statutory provisions, we hereby inform you regarding the details of the processing of your personal data, and your rights related thereto. Unless expressly stated otherwise in the present Notice, terms used therein shall bear the meaning ascribed to them in the Information Act and the GDPR.
  1. the Controller
TEC GmbH

registered office:

41540 Dormagen, Hamburger Str. 28, Germany

registration no.:

HRB 17555

e-mail address:

[•]

phone:

[•]

website:

[•]

The Controller determines the scope of data processing activities and related activities as well as the data elements collected during the pursuit of such activities, the manners and term of processing; and other essential conditions of the data processing for the purposes described in Article 6.

  1. the purpose and legal basis of date processing
    • The Controller publishes the purpose and legal basis of the processing in clause 6
    • The Controller shall review in each 3 (three) years whether the processing of the personal data is necessary to achieve the purpose thereof.
    • The Controller shall process your personal data solely in accordance with the proper legal basis described in the applicable data protection laws, in particular:
  • in the event you give your voluntary, exact, unambiguous consent to the processing of your personal data by the Controller for a single or multiple purpose determined by you, which is identical to the purpose of the Controller, based on proper information (which is the present Notice), as a clear confirming action, such as written declaration (even if forwarded via electronic manner); or
  • if the processing of your personal data by the Controller is essential to establish or fulfilment of a contract between you and the Controller, including if your personal data is required to take the steps leading to conclude the contract (processing is necessary for the execution of a contract) in which you (data subject) are a contracting party; or
  • if the processing of your personal data by the Controller is necessary for compliance with a legal obligation to which the Controller is subject; or
  • if the processing is necessary in order to protect the vital interests of you or of another natural person;
  • if the processing is necessary for the purposes of the legitimate interests pursued by you, the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of you which require protection of personal data (legitimate interest as the basis of processing personal data).
    • In principle, when processing personal data, sensitive data is not processed. Should any sensitive data be processed (e.g. data regarding health status), provisions of the GDPR and of relevant Hungarian sectorial laws shall be applied properly.
  1. Principles of data processing
The Controller shall process personal data in compliance with the applicable data protection laws, the provisions of the present Notice and with respect to the principles of processing personal data, therefore in particular personal data shall be processed:

  • lawfully, fairly and in a transparent manner in relation to you;
  • collected for specified, explicit and legitimate purposes;
  • adequately, relevant and limited to what is necessary in relation to the purposes for which they are processed (in line with the principle of data minimization);
  • accurately and kept up to date (in line with the principle of accuracy);
  • in line with the principle of storage limitation;
  • in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures (‘integrity and confidentiality’);
  • in line with the principles of privacy by default, privacy by design and accountability.
  1. General information related to data processing
    • The personal data of the data subject shall be processed by the Controller during the following business activities:
  • direct marketing activity by using personal data collected from you,
  • direct marketing activity by using personal data not collected from you,
  • data processing related to compliance of data processing.
    • By their nature, the Controller provides its services to business partners only, excluding natural persons (consumers). However, concluding agreements with various types of business entities, personal data may be processed (in particular recording contact data, contacting individual entrepreneurs or employees etc.).
  1. Information regarding the specific properties of each data processing activity
 

6.1.    Direct marketing activity by the personal data collected from you in Hungary

Under Section 6 of the Advertising Act, you may give your expressed consent to the Controller to send you advertisements and other communications through the contact points provided by you.  Considering the conditions of the present Notice, you may give your consent to the processing of your personal data required for the Controller to send commercial offers.

Purpose of processing:

Sending electronic communication with advertising contents to you, providing information to you regarding up-to-date information and products/services, individual offers, storing client responses to the offers, sending invitations to the programs of the Controller.

Scope of data subjects:

Employees, managing directors, company executives and agents of the addressee companies.

Legal basis of processing:

Consent of the data subject, based on Section 5 (1) a) of the Information Act, Article 6 (1) a) of the GDPR and Section 6 (1) of the Advertising Act.

Categories of personal data:

Name, e-mail address, phone number, date and time of communication, contents of the communication, essential contents of the response to the communication (phone calls are not recorded), position and name of the organizational unit of the contact person.

Duration of processing:

Until the withdrawal of the consent by the data subject, or in lack thereof, 2 (two) years following the last contact with you.

Source of personal data:

The personal data is collected by the Controller directly from you as data subject.

Based on contract or law:

No.

Obligated to provide:

Providing your personal data is voluntary.  Data processing is not mandatory.

Possible consequences of failure to provide personal data:

The Controller will not send you advertisements and information regarding its up-to-date offers.

Initiating termination of data processing:

Your withdrawal may be submitted via e-mail to the address described in Article 2 above or via a Processor assigned by the Controller.

6.2.    Direct marketing activity if you are not the source of personal data in Hungary

Under Section 6 (4) of the Advertising Act, addressed advertisement through direct marketing may be sent to you even in lack of your preceding and expressed consent, however, the Controller shall provide that you may prohibit sending such advertisements through direct marketing free of charge without any restriction.  In the event such prohibition, advertisements may no longer be sent to you via direct marketing.

Purpose of processing:

Sending electronic communication with advertising contents to you, providing information to you regarding up-to-date information and products/services, individual offers, storing client responses to the offers, sending invitations to the programs of the Controller.

Scope of data subjects:

Employees, managing directors, company executives and agents of the addressee companies.

Legal basis of processing:

Legal interest of the Controller regarding the advertisement of its services, under Article 6 (1) f) of the GDPR and Section 6 (4) of the Advertising Act.

Categories of personal data:

Name, e-mail address, phone number, date and time of communication, contents of the communication, essential contents of the response to the communication (phone calls are not recorded), position and name of the organizational unit of the contact person.

Duration of processing:

2 (two) years following the last contact with you.

Source of personal data:

The personal data is collected from publicly available sources (company register, LindedIn) or other sources (information acquired from the central phone number of your employer, data transfer within the company group of the Controller).

Based on contract or law:

No.

Obligated to provide:

Data processing is voluntary.

Possible consequences of failure to provide personal data:

The Controller will not send you advertisements and information regarding its up-to-date offers.

Initiating termination of data processing:

Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.  Where the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes under Article 21 (2) and (3) of GDPR.  Your objection may be submitted via e-mail to the address described in Article 2 above or via a Processor assigned by the Controller.

6.3.    Data processing related to compliance of data processing

In accordance with Article 5 (2) of the GDPR, the Controller shall be responsible for ensuring that all its data controlling activities are lawful and as a part of this shall be able to demonstrate legal compliance („accountability”).

Purpose of processing:

The Controller generally processes the documents, and the personal data therein that are necessary for the verification of the legal compliance.

Scope of data subjects:

Each data subject of any data processing activity of the Controller.

Legal basis of processing:

Legal interest of the Controller regarding the verification of compliance, under Article 6 (1) f) of the GDPR.

Categories of personal data:

Documents needed for the verification of compliance are particularly your consents (name, signature, date); the legitimate interest tests (name, title, signature, date); data policies (name, title, signature, date); records of processing activities (name, title, signature, date); data protection impact assessments (name, title, signature, date); in-house policies (name, title, signature, date); contracts (name, title, signature, date); company documentations (content of the resolution, name, title, date); all correspondence and documents regarding compliance of the data processing activities (and the personal data set out therein).

Duration of processing:

The personal data mentioned here might be processed for 5 (five) years from the termination of the certain data processing activity.

Source of personal data:

The personal data is directly provided by you to the Controller, however if the personal data is available in the records of the Controller, or in public registries, then the Controller has the right to acquire the personal data from those sources.

Based on contract or law:

No.

Obliged to provide:

Data processing is mandatory.

Possible consequences of failure to provide personal data:

The Controller will not possess essential bodies of proof the verify the compliance of data processing.

Initiating termination of data processing:

Where data processing is based on a legitimate interest, in accordance with Article 21 (1) of the GDPR, you have the right to object against the data processing, including profiling based on those provisions.  The Controller shall no longer process personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

  • Profiling
The Controller does not perform profiling.

  1. Data transfer
    • The Controller employs data processors (“Processor”) in accordance with the provisions of clause 11 to perform processing activities described in clauses 1 and 6.2.
    • Data transfer within the company group
      • The Company as a member of an international group of companies may transfer personal data to other members of the group of companies, which companies provide services regularly at a group level and involve themselves in the management of the company group. In this context, personal data may be transferred to third countries, like the United States of America, Egypt, South African Republic and Turkey.  In course of such data transfers, the Company ensures to comply with data protection requirements in all cases.
      • The Controller may transmit personal data to each joint venture or affiliated company of the so-called Robur Group. More information on the Robur Group may be found on the following link: https://www.robur-industry-service.com/en/robur-group/
  1. YOUR rights AS DATA SUBJECT
    • Manner of practicing data subject rights
      • Should you have any remark, query or complaint regarding the processing of your personal data, you may contact the Controller directly, who will respond your application no later than 25 (twenty-five) days following the receipt of your application. In the event necessary due to the complexity or number of your application(s), the deadline to respond may be extended by 2 (two) months, regarding which the Controller notifies you.
      • You are entitled to various rights related to the processing of your personal data (informational self-determination rights), basically depending on the legal basis of the data processing. Provisions of further conditions, which may exclude or restrict practicing certain rights may be prescribed by the GDPR or the applicable law.  Therefore, we request you to familiarize yourself with the present Notice, and the GDPR in respect of the detailed contents each of your rights.
      • You may practice your rights in writing, submitted to the Controller.
      • The Controller shall not restrict the rights of the data subject, therefore verbal claims are not excluded, in such cases, the Controller shall draw up notes on the request.
      • Considering the obligation of the Controller of protecting personal data and confidential information, the Controller shall identify you preceding the fulfilment of your request to process your personal data. The Controller may fulfil your request or application following your identification only.
      • The Controller shall inform you on each decision it has made, with the summary of the information grounding such decision. In the event of refusal, the decision shall include the referral for remediation, as described in the present Notice.
      • The Controller shall provide the requested information in writing or electronically (if you submitted your request electronically and request to do so). Information may be provided verbally, if you identify yourself for the Controller.
      • The Controller shall inform each recipient regarding the rectification, erasure of personal data or restriction on processing to whom the Controller forwarded personal data, except the any case it is impossible or requires disproportionately great effort.
    • Withdrawal of consent
(GDPR Article 7 (3))

If the legal basis of data processing is your consent, you shall be entitled to withdraw such consent at any time.  Withdrawal of consent shall not affect the lawfulness of data processing based on the consent, preceding such withdrawal.

  • Right of access
(GDPR Article 15)

  • You shall have the right to obtain from the Controller confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the information described in Article 15 of GDPR and the present Notice.
  • The Controller shall provide a copy of the personal data undergoing processing. For any further copies requested by you, the Controller may charge a reasonable fee based on administrative costs.  Where you make the request by electronic means, and unless otherwise requested, the information shall be provided in a commonly used electronic form by the Controller.
  • Right to rectification
(GDPR Article 16)

  • You shall have the right to obtain from the Controller without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
  • If you contest the accuracy of the personal data, the Controller shall mark such personal data per clause 6 for a period enabling the Controller to verify the accuracy of the personal data.
  • Right to erasure (‘right to be forgotten’)
(GDPR Article 17)

  • You shall have the right to obtain from the Controller the erasure of personal data concerning you without undue delay and the Controller shall have the obligation to erase personal data without undue delay where one of the grounds described in Article 17 of the GDPR applies:
  • The right to erasure may be obtained upon the following circumstances:
  • the processing of personal data is no longer necessary,
  • you withdraw your consent on which the processing is based, and no other legal ground for the processing is present,
  • your objection to the processing is effective and there are no overriding legitimate grounds for the processing,
  • the personal data have been unlawfully processed;
  • the personal data have to be erased for compliance with a legal obligation,
  • the personal data have been collected in relation to the offer of information society services.
    • Where the Controller is obligated to erase personal data, such erasure shall be performed by actual, final and irreversible erasure/anonymization, and shall take measures to completely destroy all documents to be destroyed under the erasure obligation.
    • Where the Controller has made the personal data public and is obliged to erase the personal data, the Controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
    • Right to erasure shall be practiced within the confines of the right of freedom of expression and information, legal obligations which requires processing and the establishment, exercise or defense of legal claims.
  • Right to restriction of processing
(GDPR Article 18)

  • You shall have the right to obtain from the Controller restriction of processing where one of the grounds described in Article 18 of the GDPR applies.
  • Such grounds may be the following:
  • the accuracy of the personal data is contested, for a period enabling the Controller to verify the accuracy of the personal data;
  • the processing is unlawful, and you oppose the erasure of the personal data and request the restriction of their use instead;
  • the personal data are required by you for the establishment, exercise or defense of legal claims;
  • you have objected to processing pending the verification whether the legitimate grounds of the Controller override yours (in case of data processing based on legitimate interest).
    • Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest.
    • If you have obtained restriction of processing shall be informed by the Controller before the restriction of processing is lifted.
  • Right to data portability
(GDPR Article 20)

  • You shall have the right to receive the personal data concerning you, which you have provided to the Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Controller to which the personal data have been provided, where (i) the processing is based on consent or on a contract, (ii) the processing is carried out by automated means, and (iii) such receiving is technically feasible. In exercising your right to data portability, you shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.
  • Right to data portability shall not prejudice the provisions of the right to erasure and may not infringe adversely rights and freedoms of others.
  • Automated individual decision-making, including profiling
(GDPR Article 22)

  • Where the Controller performs profiling by automatic data processing, you shall have the right to:
  • request human interference from the Controller,
  • state your remarks related your profiling,
  • submit complaints regarding the decision based on profiling by automatic data processing.
    • Right to object
(GDPR Article 21)

  • You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, which is based on legitimate interest or public interest, including profiling. The Controller shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.  You may obtain the balancing test performed in the subject of the data processing based on legitimate interest electronically (via e-mail) sent to the Controller.
  • Where the purpose of processing of personal data is to pursue direct marketing activities of the Controller, you shall be entitled to object at any time against the processing of your personal data for such purpose, including profiling, if it is related to direct marketing activities. In you object against the data processing for direct marketing activities, the Controller ceases the processing of your personal data for such purpose.
  • For the time of verification of your objection, the Controller shall restrict the data processing, following such verification, the Controller makes its decision and informs you thereof.
  • You shall not be entitled to object against the data processing if it is performed based on any other legal basis (consent, fulfilment of contract, fulfilment of legal obligation, protection of essential interest).
  1. Remedies
In the event your rights related to the processing of your personal data is breached, the following remedies may be applied:

  • You may contact the Controller as described in the present Notice.
  • You may submit your complaint to the supervisory authority: Hungarian National Authority for Data Protection and Freedom of Information (seat: H-1125 Budapest, Szilágyi Erzsébet fasor 22/c; postal address: H-1530 Budapest, Pf. 5.; e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it., phone: +36 (1) 391-1400; facsimile: 36 (1) 391-1410, website: naih.hu).
  • You may file a lawsuit against the Controller: You are entitled to initiate court procedure in case of unlawful processing of your data.  Information on jurisdiction and competence of the courts of Hungary is available on the following website: birosag.hu.
You may request a procedure upon:

  • refusal of providing information,
  • ungrounded refusal of your application for rectification, erasure or restriction,
  • infringement of your rights, furthermore,
  • disputing the decision of the Controller regarding your objection, or
  • the Controller fails to communicate its decision in due time,
in 30 (thirty) days following the communication of the decision or the deadline of communication.

  • In the event any damage arises due to the unlawful processing of data or breach of the requirements of data security by the Controller, the Controller shall compensate such damages. In the event your personal rights are infringed by the unlawful processing of personal data or breach of the requirements of data security by the Controller, you may enforce a tort against the Controller.
  1. Data security measures
    • The Controller shall ensure the security of data, perform all technical and organizational measures, and establish such procedural rules, which ensure that the collected, stored and processed data are protected, and prevents the destruction, unlawful use and unlawful adjustment thereof. Furthermore, the Controller shall require such third parties to whom personal data are transferred to abide to the requirements of data protection.
    • The Controller shall ensure that no unauthorized person access to, or publish, transmit, adjust or erase the processed data.
    • The Controller shall make all reasonable efforts to protect the data from damage or destruction. Such obligation shall be prescribed for the employees of the Controller and the processors assigned by the Controller to participate in the data processing activities.
    • Information technology systems of the Controller and other data are stored on the servers of [the Controller / external service provider, with address].
    • In order to prevent access of unauthorized persons to your personal data, access to the sever and computers of the Controller is protected by password.
    • For the protection of personal data, the Controller has implemented safety measures compliant to the international information protection standards. Such measures include technology, administrative, technical, physical and procedural safeguards, with the sole purpose of protecting personal data from unauthorized use, access, publishing and the loss, modification or destruction thereof.
    • Principles
      • Physical and logical devices, the use, operation thereof and the regulation and processes of security are all included in the scope of data security. Data protection responsibilities are laid on corporate management, IT organization, information owners and the end users.
    • Rights and responsibilities
      • The Controller appointed an administrator to each application system used by the Controller. The administrators are responsible for the operation of the system, the protection of information, including the unauthorized publication of information and creating backup saves, preventing critical data losses. The IT systems and devices may only be used for the purpose of business activities of the Controller.  The users shall be aware of the internal policies in the subject of information security and perform their activities accordingly.  The users shall report any suspected or actual breach of data security policies to the administrator of the respective application.  Each user is responsible for the use of IT resources and liable for his/her activities related to IT data security.
    • System access
      • All information system used by the Controller may be operated with approved access and password. Information and service may be accessed by authorized users only.
      • All external connections to the network of the Controller are protected by strong authentication and encryption systems. External connection of any type is authorized only with software and network technologies approved by the Controller. All remote access transmissions are encrypted by the Controller.  Firewalls installed in the system of the Controller are managed centrally.
      • Wireless access within the sites of the Controller may only be used if it is compliant with the WiFi standards of the Controller and the encryption protocols. All data transmitted via wireless network is encrypted. No other wireless network access is permitted to the internal network of the Controller.  These are continuously monitored by the Controller.
      • To ensure uninterrupted, safe operation of computers and networks, all computers, including workstations, servers, mail gateways and mobile devices are protected by the most recent versions of anti-virus software, approved by the Controller. Mobile storage (memory sticks, CD, DVD) connection is not authorized. Confidential information stored on mobile devices (notebook, smartphones) are encrypted.
      • IT devices are controlled through their life cycle by the Controller. Only properly licensed software may be used on the IT systems of the Controller. The Controller monitors the proper license use.  The Contractor has concluded maintenance agreements for all hardware elements with their respective manufacturers or their authorized partners.  All data is erased from the computers which ownership is transferred and which leave the site of the Controller.
      • Security monitoring is performed to confirm that the Controller’s activity is compliant to the data protection policies and prescriptions. Security logs are examined periodically by the Controller with a schedule in line with the volume of risk, to discover and remedy any defective operation or vulnerability. The Controller periodically performs the security settings, repairs and examines the status of service packs and version updates on all major systems, depending on the volume of risk.
    • Backup
      • The Controller applies data backup procedures for all IT system to protect the information. Backup data is stored in a secure, remote location, which is not threatened by the live system.  Backups on local computers or systems are not sufficient.  The Controller shall systematically perform system restore practices on each system and data storage rotation, using the systematically backed up data.  Saved files are stored at a fireproof and breach proof location by the Controller.
    • Physical protection
      • Only the minimal necessary personnel may be authorized to enter computer rooms, and only such personnel may enter; entries are logged and supervised by the Controller. Regular entry shall be granted only to IT personnel performing server administration and maintenance.
      • Computer rooms physical protection include the following:
    • Automatic fire protection system furnished with fire and smoke detection and automatic fire extinguishing mechanism (sprinkler).
    • Water leak detection and preventive mechanism.
    • AC equipment, which ensures optimal temperature and humidity for the operation of the computers.
    • Uninterruptible power supply (UPS) and generator.
    • Entry detection and alarm system.
      • Physical protection (theft, damages) of mobile IT devices (laptop, notebook, smartphone, iPad) shall be the responsibility of the user of such device. Physical protection is independent from the software protection installed on the device.
      • Each breach of the internal policies may be considered as material breach of the employment, misdemeanor or criminal offense, depending of the severity of such breach. In the event of breach of the policies, the Controller shall make all necessary measures in due time and manner to mitigate the damages, comply with the statutory provisions and external authority prescriptions, and prevent repeated occurrence.
  1. Data processors, access to personal data
    • The Controller may assign data processors (hereinafter: the “Processor”) as determined in this Notice to perform the data processing activities. The Processor may not make any decisions on its own, the Processor may act only in accordance with the agreement concluded with and the instructions made by the Controller. The Controller shall supervise the work performed by the Processor.  The Processor may employ further sub-processors upon prior written approval of the Controller.
    • The Controller assigns Enikő Czakó (registered office: H-3200 Gyöngyös, Pesti út 35. I/2.) individual entrepreneur as data processor, to perform direct marketing activities in the territory of Hungary. The Processor shall store the personal data until the termination of the service agreement concluded therewith for an indefinite term.
    • All Processors assigned by the Controller shall abide to the provisions of the present Notice. Unless expressly stated otherwise, no notice or information may prejudice the provisions described in the present Notice. In the event of any discrepancy among the notice or information provided to you (if any) and the present Notice, the provisions of the present Notice shall prevail.
    • The employees and officers of the Controller as well as the Processors specified in this Notice may have access to the personal data to the extent require to perform their respective duties. For example, the system administrator of the Controller and the Processors specified in this Notice may learn the personal data for the purposes of administration of cases and data processing.

 TEC GmbH
Hamburger Strasse 28
41540 Dormagen
Germany

Phone: +49 2133 97901-0
Fax: +49 2133 97901-10
E-Mail: info@tec-gmbh.com

Legal Information
Data Protection


Cookies make it easier for us to provide you with our services. With the usage of our services you permit us to use cookies.
More information Ok