• Minősített IT biztonsági auditok az EU-ban
  • info@globalpentest.com
Facebook Linkedin
Global Pentest

Keressen bizalommal!

+36 20 575 9557

PRIVACY POLICY

1. INTRODUCTION

It is very important to us that we comply with the currently applicable data protection regulations and laws. Therefore, below we present in detail the data protection measures and data collection processes of globalpentest.com and Universal Services Kft.

The data is managed by Universal Services Kft., which is responsible for the handling of personal data.

Contact details:

Full legal name: Universal Services Kft.

Email address: info@globalpentest.com

Postal address: 2051 Biatorbágy, Magor utca 18/3.

2. WHAT PERSONAL DATA DO WE HANDLE, AND FOR WHAT REASON?

Personal data is information that clearly enables the precise identification of an individual.

On the globalpentest.com website, we handle the following personal data, with the exact legal basis specified:

COMMUNICATION DATA

This includes any message sent to us through the website, by email, via social media messages, or in any form of communication.

We process and retain this data in order to fulfil orders and to provide a basis for decisions in the event of potential legal claims.

Our legal basis for processing this data is the user’s demonstrable interest in our activities, as expressed through messages addressed to us.

CUSTOMER DATA

This includes all data related to the purchase of products and services, such as the buyer’s name, shipping and billing address, email address, phone number, and details of the purchased product.

We process this data in order to successfully fulfil orders and to maintain legally compliant records of purchases.

The legal basis for storing the data is the performance of the contract established by the order between the buyer and Universal Services Kft.

USER DATA

This includes data generated during the use of the website that enables the technical operation of the site, allows us to maintain the security of the site, store backups of user activity, and ensure that you always have access to the most relevant content possible.

The legal basis for processing the data is the user’s clear interest in our activities, for the assurance of which and for the technical operation of the site, storing this data is necessary.

TECHNICAL DATA

This includes data generated during the use of the site, such as IP address, login information, browser data, time spent on individual pages, page views and navigation paths, the number and timing of page visits, time zones, and the device data used to view the site.

The source of this data is our analytics software.

We process this data in order to analyse user behaviour on the site, maintain the secure operation of our website, and understand the effectiveness of individual marketing decisions.

The legal basis for processing the data is the user’s clear interest in our activities, which enables us to process this data in accordance with security requirements and use it for business growth in the interest of more effective operation.

MARKETING DATA

This includes the visitor’s preferences regarding what marketing content they are willing to receive from us. We process this data in order to enable participation in prize draws and to send advertising related to our products/services in which the user has expressed interest.

The legal basis for processing the data is the user’s clear interest in our activities, which enables us to process this data in accordance with security requirements and use it for business growth in the interest of more effective operation.

The collected data may occasionally be used for purposes such as providing targeted, relevant advertisements on the Facebook™ platform and on various dynamic advertising surfaces, and measuring the effective performance of advertisements.

The legal basis for processing the data is the user’s clear interest in our activities, which enables us to process this data in accordance with security requirements and use it for business growth in the interest of more effective operation.

In the course of our activities, we do not collect sensitive data such as ethnicity, religious views, sexual life and orientation, political opinions and trade union membership, health background, or genetic or biometric information.

3. HOW DO WE COLLECT DATA?

We may collect personal data in ways where the user provides it to us directly (for example, by placing an order or sending a message).

Furthermore, certain data is collected automatically during the use of the site, for example through so-called “cookies” and similar technologies. These only become active after the user has given their consent.

For more information, please see our Cookie Statement.

Certain data is received from external partners, such as analytics providers like Google (a partner outside the EU), advertising networks like Facebook™ (a partner outside the EU), and partners providing payment options, such as PayPal (a partner outside the EU) and Barion.

4. OUR PRACTICAL STEPS REGARDING DATA PROTECTION

The protection of users’ data and compliance with applicable regulations is of utmost importance to Universal Services Kft. Therefore, following a data protection impact assessment carried out on the site, we have compiled a list of the data collected, the necessity and legal basis for collecting it, and its legal compliance.

To protect data entered through forms and data generated on the site, we apply SSL certification across the entire website (Let’s Encrypt Authority X3 certification).

To protect the site against attacks, we apply premium security software (Solid Security Pro) to protect stored data against so-called “brute force” and virus attacks.

Purchase and user data in the site’s databases are stored in encrypted (pseudonymised) form, making them unreadable to external parties.

In this privacy policy, we provide users with the ability to request information about the handling of their personal data, as well as to modify or delete their personal data, through forms.

Occasionally, it is necessary in the interest of our business operations to provide data to our service partners (for example, hosting providers, courier companies, newsletter software).

In such cases, we always choose partners who comply with the requirements of the GDPR regulation, and in the case of US-based partners, who participate in the EU-US Privacy Shield data protection initiative, and we have them sign a data processing agreement to ensure the responsible handling of data.

5. MARKETING COMMUNICATION

Marketing communication is of indispensable importance in the course of the company’s activities. The legal basis for data processing in this regard is the demonstration of interest in our services or the users’ express consent.

Based on the European Union’s Privacy and Electronic Communications Regulations (PECR), we send marketing messages to our users if they have made a purchase from us or have explicitly consented to receiving marketing messages.

We always make it clearly possible to withdraw consent and to unsubscribe from messages. A link for unsubscribing is available at the bottom of every email, or removal from the database can be requested at info@globalpentest.com.

Even in the case of unsubscribing from marketing communications, we may still send messages, but only in relation to the fulfilment of orders.

6. NOTE REGARDING PERSONAL DATA

Occasionally it is necessary to share certain personal data with certain partners in order to maintain normal business operations:

  • IT service providers and providers performing troubleshooting and maintenance on computer systems
  • Expert partners such as lawyers, accountants, bankers, and insurers
  • Government bodies requesting reports on our activities
  • Payment service providers who securely handle bank card data
  • Courier services who fulfil incoming orders to the specified delivery address

International Data Transfers

It is occasionally necessary for us to share users’ data with service partners operating outside the European Economic Area (EEA) in the interest of maintaining business operations.

Countries outside the EEA in many cases do not provide the same level of protection for data, which is why European law prohibits the export of data in the absence of the fulfilment of appropriate conditions.

Whenever personal data is transferred outside the EEA, we take the following steps in addition to those discussed in point 4, in the interest of the secure handling of data:

  • We only transfer data to countries that the European Commission considers adequate in terms of data security.
  • We only use US-based services that are part of the data security initiative known as the EU-US Privacy Shield.
  • If the above conditions are not met, we request the explicit consent of users for the data transfer. Consent can be withdrawn at any time.

Links to External Sites

This site occasionally contains links leading to external sites, or code snippets may be embedded in the site that enable the operation of external services.

Clicking on these links or using the embedded solutions may enable external partners to collect data about users.

Although we do everything possible to properly vet partners, we have no control over their data protection principles and are not responsible for their data handling practices.

7. DURATION OF DATA HANDLING

We always store users’ data only for as long as our legal/accounting/reporting obligations require it, or as long as it is necessary for the operation of the service.

When deciding on the duration of storage, we take into account the quantity, nature, and sensitivity of the data, and the potential impact of its leakage in the event of a data protection incident.

For tax reasons, it is necessary to retain buyers’ billing and purchase data for at least 8 years in order to meet our legal obligations.

Under certain circumstances, we may use data in anonymised form for statistical purposes, in which case we store the data indefinitely without notification.

8. THE VISITOR’S RIGHTS

As a citizen of the European Union, the General Data Protection Regulation (GDPR) provides the following rights to users of the site:

a. Access to Personal Data

Users of the site have the right to request a copy of the personal data stored by Universal Services Kft. The request is generally fulfilled free of charge within 14 days of submission.

In the case of repeated, abusive, or unjustified data requests, Universal Services Kft. may charge a moderate fee for providing the data, and additional time may be required to provide the data.

Furthermore, Universal Services Kft. requests proof of identity before releasing data in order to prevent misuse. To request personal data, please use the contact form on the contact page and kindly include in the text which of the following topics you are contacting us about:

Data Request / Data Deletion / Data Restriction

b. Modification of Personal Data

If personal data has changed or was entered incorrectly, users have the right to request the modification of the data. To modify personal data, please contact us at info@globalpentest.com.

c. Request for Deletion of Personal Data

Users have the right to request the deletion of all their personal data. The request will be fulfilled free of charge within 14 days of the request. After the deletion of personal data, the user account will no longer be accessible, meaning that any purchased materials will also become inaccessible, as the personal data linked to the user account is indispensably necessary for accessing the service.

Universal Services Kft. requests proof of identity before deleting personal data in order to prevent misuse. To delete personal data, please use the contact form above.

d. Request to Restrict the Processing of Personal Data

Users have the right to request, through a formal request, the restriction of the sharing of their data with third parties (service partners). During the submission of the request, the service partners to be restricted may also be named.

It is important to note that cooperation with certain service providers is indispensable for the operation of the site (e.g. Barion as a payment provider), therefore restricting them will render the site’s services inaccessible to the user.

Universal Services Kft. requests proof of identity before restricting the transfer of personal data in order to prevent misuse. To restrict the transfer of personal data, please use the contact form above.

The official body dealing with data protection in Hungary is the National Authority for Data Protection and Freedom of Information (NAIH). Users can find more information about their data protection rights on the NAIH website.

National Authority for Data Protection and Freedom of Information, 1125 Budapest, Szilágyi Erzsébet fasor 22/C., Mailing address: 1530 Budapest, Pf.: 5., Phone: 06.1.391.1400, Fax: 06.1.391.1410, Email: ugyfelszolgalat@naih.hu Website: http://www.naih.hu

9. ANONYMISED DATA AND “COOKIES”

The globalpentest.com website uses so-called “cookies” and similar technologies in emails and advertisements, such as tracking codes, remarketing tags, and pixels, which become active after the user’s consent has been given.

These technologies help us better understand the behaviour and interests of users, thereby supporting our higher-quality and more effective operation.

Our goal is to make the use of globalpentest.com as user-friendly and personalised as possible. If the user wishes to prevent these technologies from recording non-personal data, this can be done in the following ways:

  • Using the cookie notices appearing on the website to disable their loading
  • By disabling “cookies” in the browser

Further information about cookies and tracking codes found on globalpentest.com can be found in our Cookie Statement.

Privacy Policy Section Relating to Facebook Advertisements

This privacy policy (hereinafter: “Statement”) applies to Facebook advertisements operated by Universal Services Kft. (hereinafter: “we”, “us”, “our” or “our company”). Please read this Statement carefully to be informed about our practices regarding the collection, handling, and protection of personal data.

1. Data Collection and Use

We, Universal Services Kft., use the personal data provided by you through Facebook advertisements exclusively for the given project. The personal data we collect may include: name, email address, phone number, etc., which you consciously and voluntarily provide to us.

We use this data exclusively to facilitate contact with the client. We only disclose data to a third party at the request of the client. We do not use the data for other projects or clients, and we do not pass it on to third parties for other purposes, except where required by legal obligation or legitimate interest.

2. Data Protection

The protection of your personal data is of primary importance to us. We take all reasonable and necessary steps to maintain data security in order to prevent unauthorised access, use, modification, or other unauthorised activities.

3. Cookies and Tracking

We may use cookies and tracking technologies associated with our advertisements in order to analyse the effectiveness of our advertisements and improve them. These cookies are small data files placed on your device when you visit or interact with our Facebook advertisements. Using cookies, we may collect information such as the number of visitors, clicks, and unique user activity in order to better understand areas of interest and the effectiveness of our advertisements.

4. Rights and Access

Data protection is important to us, and we respect your rights regarding access to, rectification, deletion of, and objection to your data. If you wish to exercise these rights or would like to receive further information about our data protection practices, please contact us using the contact details below.

5. Third-Party Websites and Services

Our Facebook advertisements may provide the opportunity to redirect to third-party websites or services. Please note that these websites and services may have their own data protection practices, which are not covered by this Statement. We recommend that you read the privacy policies of the relevant websites or services before providing them with personal data.