Privacy Policy

Version1.0
Valid: 01.09.2018.
ID&Trust Ltd. (Registered seat: 1117 Budapest, Infopark, Gábor Dénes utca 2/D. 1. em.; Company registration number: 01-09-710179; phone: +36-1-307-8035; email: hello@goodid.net; hereinafter referred to as: "ID&Trust") ID&Trust aims to provide access to fast, simple and secure user identification through GoodID in the world of internet for everybody, enabling people to practice control over their own personal data.
For the purpose of communication, the GoodID Service operates the website goodid.net (hereinafter referred to as: „Website”).
A jelen Adatvédelmi Tájékoztató tartalmazza a Weboldal használatával összefüggő adatkezelésre vonatkozó szabályokat. A Weboldal a felhasználói élmény javítása érdekében cookie-kat használ, melyekről további információt a cookie szabályzatunkban találhat: https://goodid.net/cookie-policy

1. Data Controller

1.1 This Privacy Policy regulates the privacy issues of the Website developed and operated by ID&Trust; the Data Controller is ID&Trust.
1.2 By using the Website and providing their personal data, Users accept the terms of this Privacy Policy, and give their consent to the collection and processing of the data described under section 2. in accordance with the terms of this Privacy Policy.

2. Scope and legal basis of the data collection and processing on the Website

2.1 2.1. When you visit the Website and send an email to ID&Trust from the Website or to the above-mentioned email address directly, ID&Trust will process the following data:
  • your name
  • eyour mail address
  • personal data that you may include in the message.
2.2 Pursuant to GDPR Article 6 paragraph (1), in this case the legal basis for the data collection and processing is your consent. Your consent is not a precondition to concluding a contract with ID&Trust or using the services of ID&Trust. You may at any time withdraw your consent described under this point free of charge by sending a request to any of the above addresses. The withdrawal of your consent does not affect the lawfulness of the data collection before the withdrawal, based on your consent. If you do not provide your email address (you do not wish your personal data to be collected and processed), we will not be able to send you responses.

3. Persons entitled to access personal data

3.1 3.1. Specific employees and data processors of ID&Trust are entitled to access personal data. By using the Website and voluntarily submitting their personal data, Users express their explicit consent that ID&Trust may collect and process the above personal data and transfer them to the Data Processors on his behalf for the purposes of data processing.
3.2 Data Processors on behalf of ID&Trust:
Name: Amazon Web Services Inc.
Activities relating to data processing: providing technical background, server services
Seat: 410 Terry Avenue North Seattle, WA 98109-5210
Contact: Rachel Thornton
Phone number: 1-866-216-1072
Email: info@amazon.com
Place of data processing (address or website): www.aws.com
Data processing technology: Data processing technology: Amazon Web Services Inc. provides server services and technical background for sending messages to verify the ownership of the email addresses provided by the users.
Name: ZeroTime Services Kft.
Activities relating to data processing: technical and operating support
Seat: 2013 Pomáz, Mikszáth Kálmán utca 36/4.
Contact: Hábit József
Email: info@zerotimeservices.com
Place of data processing (address or website): www.zerotimeservices.com/
Data processing technology: Website operating support.

4. Purpose and duration of the data collection

4.1 With regard to the name and email address provided by the User, the purpose of data processing is to answer the questions and inquiries of the User, as well as enable communication with the User.
4.2 4.2. The data processing will last until the end of the process necessary for the attainment of the purpose, after which the above-mentioned personal data will be erased and the data processing will be terminated within 90 days at the latest. If you do not agree to the above described data processing, please do not send the above data to ID&Trust.

5. The rights of the User concerning the data processing

5.1 The User may request information in writing from ID&Trust as Data Controller about the processing of the personal data; such requests must be sent to the addresses specified in the introductory section of the present Privacy Policy.
5.2 With regard to the collection and processing of your personal data, you have the following rights:
A) Right of access (GDPR Article 15): You have the right to obtain confirmation from ID&Trust as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the information contained in this Privacy Policy.
Upon your request, ID&Trust shall provide a copy of the personal data undergoing processing. For any further copies requested by you, ID&Trust may charge a reasonable fee based on administrative costs. Where you make the request by electronic means, and unless you request otherwise, the information shall be provided in a commonly used electronic form.
B) Right to rectification (GDPR Article 16): You have the right to obtain from ID&Trust without undue delay the rectification of inaccurate personal data concerning you. Furthermore, you have the right to have incomplete personal data completed.
C) Right to erasure (GDPR Article 17): You have the right to obtain from ID&Trust the erasure of personal data concerning you without undue delay and ID&Trust shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
  • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • you withdraw consent on which the processing is based, and where there is no other legal ground for the processing;
  • you object to the processing and there are no overriding legitimate grounds for the processing;
  • the personal data have been unlawfully processed;
  • the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which ID&Trust is subject;
The above provisions listed under point (c) of this Privacy Policy shall not apply if (i) the data is required for compliance with a legal obligation by Union or Member State law to which ID&Trust is subject, or (ii) the data processing is required for the establishment, exercise or defence of legal claims.
D) Right to restriction of processing (GDPR Article 18): You have the right to obtain from ID&Trust restriction of processing where one of the following applies:
  • you contest the accuracy of the personal data, for a period enabling ID&Trust to verify the accuracy of the personal data;
  • the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
  • ID&Trust no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims; or
  • you have objected to processing, pending the verification whether the legitimate grounds of ID&Trust override your legitimate grounds.
E) Right to object (GDPR Article 21): You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you. In this case, ID&Trust shall no longer process the personal data unless ID&Trust demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims. If the processing is required for compliance with a legal obligation, the exercise of the right to object shall not terminate the data processing in accordance with the present Privacy Policy.
F) Right to be informed about the above rights (GDPR Article 12): ID&Trust shall provide you information on the data processing without undue delay and in any event within one month of receipt of the request detailed under the points a) and e) above in a concise, transparent, and intelligible form. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. ID&Trust shall inform you of any such extension within one month of receipt of the request, together with the reasons for the delay.
The information shall be provided free of charge. Where your requests are manifestly unfounded or excessive, in particular because of their repetitive character, ID&Trust may either: (i) charge a reasonable fee taking into account the administrative costs of providing the information; or (ii) refuse to act on the request ID&Trust shall bear the burden of demonstrating the manifestly unfounded or excessive character of the request.
G) Right to lodge a complaint (GDPR Article 77): You have the right to lodge a complaint with a supervisory authority - in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement - if you consider that the processing of personal data relating you infringes the GDPR. Complaints can be lodged with the Hungarian National Authority for Data Protection and Freedom of Information (address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.; phone: +36 1 391 1400; fax: +36 1 391 1410; www.naih.hu; ugyfelszolgalat@naih.hu).
H) Right to an effective judicial remedy (GDPR Article 79): You have the right to an effective judicial remedy where you consider that your rights under the GDPR have been infringed as a result of the processing of your personal data in non-compliance the GDPR. Proceedings against ID&Trust shall be brought before the courts of the Member State where ID&Trust has an establishment. Alternatively, such proceedings may be brought before the courts of the Member State where you have your habitual residence.
I) Right to data portability (GDPR Article 20): You have the right to data portability if the processing is based on point (a) or point (b) Article 6 (1) GDPR, that is on your consent or on a contract concluded with you. In this case, you shall have the right to receive the personal data concerning you, which you have provided to ID&Trust in a structured, commonly used and machine-readable format and you shall have the right to transmit those data to another controller without hindrance from ID&Trust. Moreover, you have the right to have the personal data transmitted directly from ID&Trust to another data controller, where technically feasible.