top of page
Horizontal Wordmark.png

Privacy Policy
 

For data processing related to the operation of the website http://pyxisnautica.hu/ and its subpages.

Effective from: April 1, 2023, until revoked


1. Data Controller

Company name: Pyxis Nautica Építésziroda Kft.
Company registration number: 01 09 296428
Registered office: 1024 Budapest, Kis Rókus utca 17-19. 4th floor, no. 2
Tax number: 25922488241
Website: http://pyxisnautica.hu/
E-mail: info@pyxisnautica.hu
Phone: +3630/4767500

Hereinafter referred to as “Service Provider” or “Data Controller”, as the operator of the website http://pyxisnautica.hu/ (hereinafter: “Website”), with the purpose of providing adequate and detailed information to the users and visitors of the Website (hereinafter: “Data Subject” or “Data Subjects”) about the scope of the data managed by the Service Provider, the manner, purpose, and legal basis of data processing, as well as ensuring compliance with the constitutional principles of data protection, the enforcement of data security requirements, and the prevention of unauthorized access, alteration, unauthorized disclosure, or misuse of the Data Subjects’ data.


2. Applicable Legislation (including but not limited to):

  • Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation, hereinafter: “GDPR”)

  • The Fundamental Law of Hungary

  • Act CXII of 2011 on Informational Self-Determination and Freedom of Information (“Infotv.”)

  • Act V of 2013 on the Civil Code (“Ptk.”)

  • Act LIV of 2018 on the Protection of Trade Secrets

  • Act XC of 2017 on Criminal Proceedings

  • Act CLV of 1997 on Consumer Protection

  • Act CLXXXV of 2012 on Waste

  • Government Decree 309/2014 (XII. 11.) on Record-Keeping and Data Reporting Obligations Related to Waste

  • Act CL of 2017 on the Rules of Taxation (“Art.”)

  • Act C of 2000 on Accounting (“Accounting Act”)

  • Act LXVI of 1995 on Public Records, Public Archives, and the Protection of Private Archives (“Ltv.”)

  • Relevant local government decrees affecting the activities of the Data Controller, unless in conflict with the above.

3. Data Processing Related to the Website

3.1 Scope of Processed Data and Purpose of Data Processing

  • Purpose: Contact with visitors of the website who explicitly request this by providing their personal data on the page https://www.pyxisnautica.hu/contact. The form fields provided on the Website allow visitors to request a callback using the contact details they provide.

  • Duration of data processing: If an employment contract is concluded between the parties, the data will be further processed according to the rules applicable to employment contracts. If no contract is concluded, the data will be processed until the request is rejected, but no longer than 6 months after the offer was sent.

  • Types of personal data: Name, phone number, e-mail address of the Data Subject; full content of the message written by them.

  • Legal basis: Consent of the Data Subject; conclusion and performance of a contract between the parties.

4. Data Processing Based on Consent and Processing in Case of Withdrawal

The Data Controller processes personal data as described above. Processing is also lawful if it is necessary for the purposes of the legitimate interests pursued by the Data Controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject which require protection of personal data, particularly where the Data Subject is a child.

The Data Subject has the right to withdraw consent at any time and may request the deletion of their personal data without undue delay. The Data Controller is obliged to delete such data without undue delay if consent is withdrawn, provided there is no other legal basis for processing. If another legal basis exists, the withdrawal of consent does not prevent further lawful processing.

To determine whether data may still be processed without or after withdrawal of consent, a legitimate interest assessment is carried out in line with the GDPR and Recital (47). This involves:

  • Identifying the Data Controller’s legitimate interest,

  • Assessing the Data Subject’s interests and fundamental rights,

  • Balancing the two to decide if the data may be processed.

The Data Controller will only continue processing if compelling legitimate grounds can be demonstrated that override the interests, rights, and freedoms of the Data Subject, or if processing is necessary for legal claims. Objections will be reviewed within one (1) month, and the Data Subject will be informed in writing of the outcome. If the objection is upheld, the processing will be terminated, the data blocked, and all recipients of the data will be notified.


5. Data Access and Security Measures

5.1 Access to and Transfer of Data
Only the Data Controller’s executives and specifically designated employees may access your personal data as required for their duties (e.g., clerical staff for case administration). Personal data will only be shared in exceptional cases, strictly due to legal obligations or official requests, with judicial or state authorities.

5.2 Data Security Measures
Personal data is stored on servers located at the Data Controller’s registered office. No external service provider is used for storage. Appropriate measures are in place to protect personal data against unauthorized access or modification. For example, all access to the server is logged, making it verifiable who accessed which data and when.

6. Further Information on Data Processing

Data Subjects’ rights include, but are not limited to:

  • Right to information and to object

  • Right to deletion, rectification, and restriction of processing

  • Right to notification

  • Right to data portability

  • Right to legal remedies

Further details on the rights of Data Subjects and on data processing are set out in the Data Controller’s Data Protection Policy, available at:

This Policy contains all applicable rules of our Company’s data processing. For further information, you may also contact us at the contact details published on the Website.

If Data Subjects believe their rights have been violated, they may seek remedies before the arbitration tribunal specified in the Data Controller’s current General Terms and Conditions, or, in the absence thereof, the competent court under law (typically the district court of the Data Subject’s residence). They may also file a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (mailing address: 1534 Budapest, P.O. Box 834; address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.). Courts shall handle such cases with priority.


Issued in Budapest, April 1, 2023

bottom of page