Client Data Processing and Privacy
The Client is informed that during the term of the Agreement, the Operator will process (collect, store, record, enter, transfer, transmit, play back, etc.) data about the Client (including name, surname, personal identity code, address, email address, phone number, outgoing and incoming calls where the Client’s voice is audible), their obligations towards the Operator (including active obligations (currently valid), duly fulfilled (historical) obligations, and improperly fulfilled obligations (debts)), including but not limited to the basis, amount, ancillary claims, term, and date of origin of the obligations, for the purpose of assessing the Client’s solvency (creditworthiness).
The Client is informed that the Operator has the right to transfer the data mentioned in clause 10.1 of the Agreement to third parties, including subcontractors, and to receive such data from third parties, databases, and accounting systems, and process them to achieve the goals and objectives of this Agreement and within the framework of its legitimate interests.
The server hosting the Operator’s website registers the requests you send (web addresses you open, the device and browser you use, IP address, access time). This data is used solely for technical purposes: to ensure the proper functioning and security of the website and to investigate potential security incidents. The basis for collecting and using such data is the Operator’s legitimate interest in ensuring the technical availability and security of the Operator’s website.
The Operator uses this data in its legitimate interests as a business to improve understanding of the Client’s needs and preferences, to provide better services, and to enhance the accessibility of the Operator’s services. The Client’s data is processed for the duration necessary to maintain the Client’s account, including the storage period of data backups for system integrity and security, to protect the interests of the Operator and the Client, and to comply with obligations stipulated by legal regulations. A detailed description of cookies is available in the website’s cookie policy.
The Client acknowledges that upon termination of the contractual relationship—i.e., when the Operator ceases to provide services arising from this Agreement, the Client opts out of the Operator’s services, the Operator discontinues services due to the Client’s failure to comply with the Agreement’s terms, by mutual agreement of the Parties, or for any other reason—the Operator, in accordance with this clause, retains the data entered and stored by the Client on its equipment for a period not exceeding three months after the completion of service provision, unless the Parties agree otherwise upon termination of the contractual relationship.
The Operator has the right to retain personal data necessary to protect its legitimate interests against potential harm or threats even after the termination of the contractual relationship with the Client (legitimate interest). Such data includes information proving the Client’s history of service usage.
If the Parties agree that, upon termination of service provision and in compliance with clause 10.6, the Operator transfers all stored data to the Client and destroys all personal data after the transfer, the data handover to the Client is a paid service provided by the Operator and paid for by the Client in accordance with an additional agreement. At the same time, the Client confirms that they are informed of the options to independently retrieve data without the Operator’s involvement.
The Operator implements mandatory technical protection of personal data provided to it through physical and logical security measures, ensuring protection through software tools, passwords, encryption, and other logical protection means.
When processing personal data, the Operator ensures that only authorized personnel have access to the technical resources used for data processing and protection (including personal data) and that information carriers containing personal data are registered, moved, organized, transformed, transferred, copied, or otherwise processed by authorized personnel.
The collection, recording, organization, storage, copying, transcription, transformation, correction, deletion, destruction, archiving, backup, and blocking of personal data are carried out by authorized personnel, who also ensure the ability to identify personal data processed without proper authorization, as well as the time of processing and the person responsible. The resources used in personal data processing are moved by authorized personnel.
If the Client fails to comply with the provisions of clause 10.13 of the Agreement and does not take adequate security measures to prevent third-party access to their data (e.g., insecure passwords, malware, software vulnerabilities, etc.), and as a result of the Client’s actions in the Operator’s system it becomes necessary to conduct system audits to address a data security threat or incident and/or restore system functionality, the Operator will mitigate the consequences of the Client’s actions, and the Client is obliged to pay the Operator’s invoices for the work required to restore the service.
For the provision of the Client’s requested services and to fully ensure the Operator’s services and functions, it may be necessary to use cookies. In such cases, in accordance with cookie usage terms, the Operator may receive and store information about the browser used, including IP address and device details, for the time and extent necessary to achieve the specific purpose. Cookies are used in compliance with the Client’s right to choose and legal requirements, including those in the field of information society services. The User can change settings or deny the use of certain cookies at any time, but in such cases, the Client is informed that the Operator’s service may be incomplete or unavailable. The legal basis for using cookies is the Operator’s legitimate interest in ensuring the technical functionality of the website. When cookies are used to remember your choices or for statistical purposes, the legal basis is your consent.
The Client’s data is processed in accordance with the specific data processing purpose and for the time period necessary to provide the services. The basis for processing includes the Client’s consent, the provision of requested transactions, compliance with legal regulations, and the Operator’s legitimate interests. Providing consent is the Client’s free choice, and refusal to provide consent does not impose additional obligations on the User. However, data necessary for service provision arises from the nature of the transaction and/or legal requirements, making such data processing essential, and refusal to provide it may result in partial or complete denial of service provision.
By using the Operator’s services, the Client confirms that the Operator has the right to process the Client’s personal data, including personal identification codes, and use technological solutions to ensure transaction execution, payment administration, complaint handling, service quality control, and other obligations related to the provision of the Client’s account services, in accordance with legal regulations and the purpose of the Operator’s available services. If additional data processing is required for specific Operator services or functions, applying for such a service constitutes the Client’s confirmation of additional data processing in accordance with the terms, purpose, basis, and duration of that specific transaction.
Within the framework of legitimate interests, the Operator, in cooperation with partners and its group companies, has the right to process data for purposes such as statistics, business information and analysis compilation, service and system development and improvement, offer provision, support in the Client’s use of services, security, and fraud prevention. The Client has the right to submit a written request to the Operator at any time to specify the involved cooperation partners.
By using the Operator’s services, the Client acknowledges that the website provides opportunities to use services from other providers and is informed and aware that the respective service provider is responsible for the security of personal data and information when using services provided by cooperation partners. In cases where only the Operator’s service is used, the Operator ensures data storage in data centers located within the European Union.