Privacy policy

DATA PROCESSING REGULATION

1. Purpose of the Data Controller’s Information

Step Inside Consulting Ltd. (2336 Dunavarsány Forrás sor 27.; Company Reg.: 13-09-235164, Metropolitan Court of Registration) (hereinafter referred to as the data controller) acknowledges the content of this information as binding. The data controller commits to ensuring that all data processing related to its activities complies with the provisions of this information, the applicable national laws, and the rules laid down by the European Union. In establishing this data processing information, the data controller considered the provisions of Act CXII of 2011 on Informational Self-Determination and Freedom of Information (“Infotv.”), Act LIII of 2017 on the Prevention and Combating of Money Laundering and Terrorist Financing, and Regulation (EU) 2016/679 of the European Parliament and Council (GDPR). The data controller’s principles on data processing are continuously available at www.stepinside.hu. The data controller reserves the right to change this data processing information at any time, with the current version always available on the website. Step Inside Consulting Ltd. is committed to protecting the personal data of its users and partners, handling them confidentially, and taking all security, technical, and other measures to ensure the security of this data.

2. Data Controller’s Information

Company Name: Step Inside Consulting Ltd. Headquarters: 2336 Dunavarsány Forrás sor 27. Company Registration Number: 13-09-235164 Tax Number: 32605367-2-13 Phone Number: +36 70 364 4009 Email: hello@stepinside.hu

3. Principles of Data Processing

Step Inside Consulting Ltd. handles personal data lawfully and fairly, in a transparent manner, based on applicable laws. Personal data may be processed if the data subject consents or if it is required by law or a local government decree issued based on the law within the specified scope. Personal data must be stored in a manner that allows identification of data subjects only as long as necessary. Personal data must be collected for specified, explicit, and legitimate purposes and must be adequate, relevant, and limited to what is necessary. Personal data must be accurate and up-to-date. Inaccurate personal data must be promptly deleted. For children under 16, personal data can only be processed if the consent is given or authorized by the holder of parental responsibility over the child. Personal data must be processed in a way that ensures appropriate security, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage, using appropriate technical or organizational measures. The data controller ensures the security of personal data by taking technical and organizational measures and establishing procedural rules that ensure the security of the collected, stored, and processed data. Step Inside Consulting Ltd. continuously ensures the high level of security of its data carrier servers. The principles of data protection must be applied to all information relating to an identified or identifiable natural person.

The purpose of data processing is to respond to inquiries and provide services, where personal data processing is necessary for contract performance and service delivery. In other cases, the legal basis for data processing is the user’s voluntary, informed, and explicit consent to use the personal data provided during the use of the website www.stepinside.hu. According to Section 21 (1) of the Adult Education Act, the Company is entitled to process the personal data specified in Section 5 for the purpose of conducting the training.

5. Scope of Personal Data Processed for Service Usage and Contracting

For contract performance, the following personal data may be collected: For legal entities and organizations without legal personality:

  • Email address
  • Phone number
  • Contact person’s name

For natural persons:

  • Name
  • Phone number
  • Email address

The purpose of collecting the above personal data includes:

  • Email address: To confirm scheduled times in writing, send documents related to contract performance, and send invoices.
  • Phone number: To arrange necessary phone consultations regarding the agreed time for contract performance.
  • Name/Contact person’s name: To arrange necessary phone consultations regarding the agreed time for contract performance at the contracting party’s premises.

The data controller requests only the minimum data necessary for service and contract performance. The data controller stores the above data until the end of the fifth year following the contract expiration unless otherwise specified by the contracting partner. The user can view the website without revealing personal data, but providing the above personal data is necessary for contract conclusion. The user is solely responsible for the accuracy and truthfulness of the provided personal data. Users are reminded that if they provide someone else’s personal data, they must obtain the data subject’s consent. The data controller does not transfer personal data to third parties, either free of charge or for a fee. In certain cases, the handling, storage, and transfer of some provided data is mandatory by law, such as official court or police requests, legal proceedings, or other violations or their reasonable suspicion, and the data controller cannot refuse such requests from authorities or courts. The Company, based on Section 21 (1) of the Adult Education Act, processes the following personal data for the purpose of conducting training:

  • Natural personal identifiers,
  • Gender,
  • Citizenship, and for non-Hungarian citizens, the legal basis for residence in Hungary and the name and number of the document authorizing residence,
  • Address, mailing address, email address, and phone number,
  • Social security number,
  • Tax identification number,
  • Training-related data, including qualifications, skills, language proficiency, training entry and completion, or exit from the training, assessment, and certification, financial obligations, and training loans.

These data can be used for statistical purposes and transferred for statistical use in a non-identifiable manner, and can be provided to the Central Statistical Office free of charge for statistical purposes in an individually identifiable manner. The Company, based on Section 15 (1) of the Adult Education Act, in the case of reportable adult education activities, provides data on:

  • The name, nature, location, hours, first training day, and planned end date of the training, except for closed-system e-learning training,
  • Personal identifiers, email address, and tax identification number of the training participants, provided they did not prohibit the transfer of these data in their written or otherwise legally valid declaration.

If a legal entity contracts with the Company, it is responsible for obtaining the consent of the natural persons participating in the training and assisting in obtaining these consents if not initially provided.

6. Scope of Personal Data Processed in Case of Request for Quotation

The website allows for consultation and quotation requests via a form, during which users can provide the following personal data: For legal entities and organizations without legal personality:

  • Email address (required to contact the requester, schedule personal meetings, and provide a quote based on the described needs)
  • Contact person’s name (optional but recommended for identifying the contact person within the organization)
  • Company name (optional but recommended for more accurate quoting)
  • Company size (optional but recommended for more accurate quoting)

For natural persons:

  • Name
  • Phone number
  • Email address

Personal data provided by non-contracted partners (inquirers, requesters) will be deleted after 90 calendar days.

7. Technical Data and Data Storage Locations

The data controller selects and operates the IT and software tools used for personal data processing in a way that ensures the data is encrypted, intact, available upon request, and protected against unauthorized access, alteration, transfer, disclosure, deletion, or destruction, as well as accidental destruction. The website’s HTML code may contain references and links pointing to external servers independent of Step Inside Consulting Ltd., which assist in independent auditing of visit and web analytics data on the website. The web analytics service provider, on behalf of Step Inside Consulting Ltd., is only authorized to handle data stripped of personal identifiers. Currently, the web analytics service is provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043) through Google Analytics. Info: www.google.com. The user’s personal data (which may include name, email address, phone number) can come into the data controller’s possession through the data provided on the website during a request for a quote, data provided during contract signing (email address, phone number, name, contact person name, company name, company size), and inquiries sent via email. Personal data provided by non-contracted partners (inquirers, requesters) will be deleted after 90 calendar days.

8. Data Transfer, Data Processing, and Access to Data

Personal data managed by the data controller will not be transferred. The data controller may use data processors to fulfill the service, who may include: Dotroll Ltd. (company registration number: 01 09 882068, tax number: 13962982-2-42, email: support@dotroll.com) for server and domain management. Personal data managed by the data controller can be accessed by Step Inside Consulting Ltd.’s employees, whose tasks are closely related to the provision of the service. The employees of the data controller commit in writing that they will not transfer the personal data they become aware of and will handle it with the utmost care according to this data processing information, not disclosing it to third parties during or after their employment. All employees of Step Inside Consulting Ltd. are familiar with the current regulations and apply this knowledge with the utmost care in their work. Employees receive detailed information about the methods, rules, and actions related to data processing that concern them.

9. Rights of the Data Subject and Remedies

The data subject can request information about the processing of their personal data and may request the correction, deletion, withdrawal, or exercise of their data portability and objection rights through the data controller’s contact details, primarily in writing to hello@stepsinside.hu. Right to access: The data controller takes appropriate measures to provide all information and notifications regarding personal data processing in a transparent

Scroll to Top