Privacy Policy (effective: 2025.02.04.)

APPENDIX – DATA PROCESSING ON THE WEBSITE 

TABLE OF CONTENTS 

1. INTRODUCTION  
2. VISITOR DATA PROCESSING – INFORMATION ON COOKIE USAGE 
3. DATA PROCESSING RELATED TO THE WEBSITE'S CONTACT, CUSTOMER SERVICE, TECHNICAL SUPPORT REQUEST MENU 
4. DATA PROCESSING RELATED TO WEBSITE REGISTRATION 
5. DATA PROCESSING RELATED TO NEWSLETTER SERVICE 
6. DATA PROCESSING RELATED TO WEBSHOP 
7. RIGHTS OF DATA SUBJECTS 

1. INTRODUCTION 

1. The provisions of this Appendix shall apply to data processing on the Data Controller's website.

2. The Data Controller ensures that website data processing technically complies with these regulations.

3. The designation of the affected websites is contained in Part I of the Privacy Policy (hereinafter: website)

4. Definitions:

Visitor: a natural person who accesses the website without registration. 

User: a natural person who registers on the website, provides their personal data, and uses the website's services. 

4. VISITOR DATA PROCESSING – INFORMATION ON COOKIE USAGE

4.1. Website visitors must be informed about the use of cookies and their consent must be obtained. 

4.2. During the visit, the data scope affected by cookies may include, depending on the type of cookies, the IP address used by the visitor, browser type, characteristics of the operating system of the device used for browsing (e.g., language settings), time of visit, visited (sub)pages, functions or services, actions, clicks. 

4.3. The purpose of data processing is to ensure the functional operation of the website, its use, access to website services, increasing service efficiency, enhancing user experience, making website usage more convenient, website analysis, placement and display of advertisements. 

4.4. The legal basis for data processing is the voluntary consent of the data subject – the visitor – which can be given or refused by checking the checkbox placed in the cookie banner on the website. The choice is made by checking the checkbox and saving the choice. By saving, we store the choice and provide website usage to the user accordingly. It must be taken into account that refusing the use of cookies may result in certain functions of the site not working properly. According to Section 13/A (3) of Act CVIII of 2001 on Electronic Commerce Services and Information Society Services (Electronic Commerce Act), the website service provider may process personal data necessary for providing the service. Under identical conditions, the service provider must select and always operate the tools used during the provision of information society services in such a way that personal data processing only occurs when absolutely necessary for providing the service and fulfilling other purposes defined by law, and only to the necessary extent and duration. 

4.5. Recipients: employees of the data controller, employees of the IT service provider data processor, and in the case of third-party cookies, the third party as well. In the case of cookies that ensure advertising display, data may be transferred to third countries. 

4.6. Data storage duration: according to browser cookie settings. 

4.7. Additional Information About Cookies 

A cookie is data sent by a visited website to the browser running on the visitor's device (computer, tablet, mobile, etc.) to store and later load its content. Cookies can have validity, be valid until the browser is closed, or indefinitely. A cookie identifies not the user but the device and browser they use, but through this, it is capable of identifying the person. The danger lies in the fact that the user is not always aware of this, and it may be suitable for tracking the user by the website operator or other (third-party) service providers whose content is embedded in the page (e.g., Facebook, Google Analytics), thereby creating a profile about them, in which case the cookie content is considered personal data. 

Cookie types are usually distinguished according to their loaded functions or application purposes; there is no uniform terminology for this, and there may be overlap between individual groups. 

ad 1. Technically essential cookies. These are also called session cookies or functional cookies. Their essence is that without them, the site simply would not function, ensuring the minimum conditions necessary for the proper functioning of the website. These are necessary for user identification, such as managing whether they are logged in, what they put in the cart, etc. This typically involves storing a session ID, with other data stored on the server, which is thus more secure. Other terminologies call any cookie that is deleted upon exiting the browser a session cookie (a session is one browser use from start to close). The data processing duration of these cookies applies exclusively to the visitor's current visit; at the end of the session or when the browser is closed, this type of cookie is automatically deleted from the computer. 

ad 2. Usage-facilitating cookies: these are also called various things: analytical, site development, or statistical cookies. These cookies remember the user's choices, for example, in what format the user wants to see the page. These types of cookies essentially represent settings data stored in the cookie. 

ad 3. Advertising display and social media-related cookies. These are also called performance cookies, experience cookies, marketing cookies. They have little to do with "performance"; generally, these are cookies that collect information about the user's behavior on the visited website, time spent, clicks. They are also connected to social media. These are typically third-party applications (e.g., Google Analytics, AdWords, Facebook Like Box, or Yandex.ru cookies). These are suitable for creating user profiles. 

In the case of such cookies, data transfer to third countries may also occur – the user's acceptance of cookie use also means consent to data transfer to third countries. 

• You can find information about Google Analytics cookies here:

https://policies.google.com/technologies/cookies?hl=en 

• You can find information about Google AdWords cookies here:

https://policies.google.com/technologies/cookies?utm_source=ucbs&hl=en  

• You can find information about Facebook cookies here.

https://www.facebook.com/policies/cookies/  

Accepting and allowing the use of cookies is not mandatory. You can reset your browser settings to reject all cookies or to indicate when the system is sending a cookie. Most browsers automatically accept cookies by default, but these can generally be changed to prevent automatic acceptance and offer the choice each time. 

You can find information about the most popular browsers' cookie settings at the following links: 
• Google Chrome: https://support.google.com/accounts/answer/61416?hl=en 
• Firefox: https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop 
• Microsoft Internet Explorer 11: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11 
• Microsoft Internet Explorer 10: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-10-win-7 
• Microsoft Internet Explorer 9: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-9 
• Microsoft Internet Explorer 8: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-8 
• Microsoft Edge: http://windows.microsoft.com/en-us/windows-10/edge-privacy-faq 
• Safari: https://support.apple.com/en-us/HT201265 

However, we draw attention to the fact that certain website functions or services may not work properly without cookies. 

Individual websites use cookies with varying intensity; it may also occur that a website does not use them because they are not necessary for operation, or uses them only minimally. 

III. 

5. DATA PROCESSING RELATED TO THE WEBSITE'S CONTACT, QUOTE REQUEST, CUSTOMER SERVICE, TECHNICAL SUPPORT REQUEST MENU AND FORMS

5.1. These rules shall apply if the website has Contact, Customer Service, or functions with similar content. 

5.2. Scope of data subjects: visitors to the website who send messages or emails using the Contact menu or forms. 

5.3. Scope of processed data: Name, email address, phone number, company name, VAT number, and other unrequested data provided by the user in the message. 

5.4. Purpose of data processing: Ensuring the visitor's ability to contact the data controller, providing customer service, providing quote request opportunities, registration, reservation, complaint handling, information about website operation, website analysis, placement, display, and sending of advertising offers. 

5.5. Legal basis for data processing: the data subject's consent, which is given by becoming familiar with the privacy notice, voluntarily providing their data, checking the checkbox placed before the data processing statement, and sending the message or email. Pre-checking the checkbox is prohibited. Before sending the message, the privacy notice must be made available via a link. 

5.6. Recipients: who can access this data: the data controller's customer service employees, freight organizers, and IT data processor employees. 

5.7. Information about data processors: the Company's IT service provider (Privacy Policy Part I) 

5.8. Data storage duration: The provided data will be deleted upon request following contact. 

6. 6. DATA PROCESSING RELATED TO WEBSITE REGISTRATION

6.1. These rules shall apply if the website has registration or a function with similar content. 

6.2. Scope of data subjects: the user who registers for the website's services and provides their personal data. The user is responsible for ensuring that only they use services from the provided email address and using the data they provided. Persons under 16 years of age may only register on the website with the consent of their parental supervisor. In the absence of a consent statement, the Data Controller does not collect personal data relating to data subjects under 16 years of age. 

6.3. Scope of processed data: name, email address, phone number, billing name and address, postal name and address, online identifier, password. 

6.4. Purpose of data processing: 

■ Providing services offered on the website 

■ Using the Data Controller's services. 

■ Contacting via electronic, telephone, SMS, and postal communications. 

■ Providing information about the Company's products, services, contractual conditions, and promotions. 

■ Advertising materials may be sent electronically and by mail during information provision. 

■ Analysis of website usage. 

6.5. Legal basis for data processing: the data subject's consent, which is given by becoming familiar with the privacy notice, voluntarily providing their data, checking the checkbox placed before the data processing statement, and sending the message or email. Pre-checking the checkbox is prohibited. Before sending the message, the privacy notice must be made available via a link. 

6.6. Recipients: who can access this data: the data controller's employees and IT data processor employees 

6.7. Information about using data processors: the Data Controller's IT service provider (Privacy Policy Part I) 

6.8. Data storage duration: until the registration/service remains active or until the data subject withdraws consent (deletion request). The website must enable the registrant to delete their registered data. 

7. 7. DATA PROCESSING RELATED TO NEWSLETTER SERVICE

7.1. These rules shall apply if the website has newsletter subscription and sending functions or functions with similar content. 

7.2. Scope of data subjects: the user who registers (subscribes) to the Data Controller's newsletter service. The user is responsible for ensuring that only they use services from the provided email address and using the data they provided. Persons under 16 years of age may not register for the newsletter without the consent of their parental supervisor.  

7.3. Scope of processed data: name (last name, first name), email address. 

7.4. Purpose of data processing: 

1. Sending newsletters about the Company's products and services
2. Sending advertising materials

7.5. Legal basis for data processing: The data subject's consent, which is given by becoming familiar with the privacy notice, voluntarily providing their data, checking the checkbox placed before the data processing statement, and sending the message or email. Pre-checking the checkbox is prohibited. Before sending the message, the privacy notice must be made available via a link. The user may also provide consent for newsletter subscription in a written contract with the data controller or in a separate written consent statement. The data subject may unsubscribe from the newsletter at any time using the "Unsubscribe" function in the newsletter, or by written or email statement, which means withdrawal of consent. In such cases, all data of the unsubscriber must be deleted immediately. 

 7.6. Recipients: who can access this data: the Company's employees performing customer service and marketing activities, and as data processors, the Company's IT service provider employees for hosting services, 

7.7. Information about using data processors: the Data Controller's IT service provider (Privacy Policy Part I) 

7.8. Data storage duration: until the newsletter service continues, until subscription to the newsletter continues, until unsubscription, until the data subject withdraws consent (deletion request). 

8. 8. DATA PROCESSING RELATED TO WEBSHOP

8.1. These rules shall apply if the website has a webshop or a function with similar content. 

8.2. Scope of data subjects: the user who purchases products or services in the Data Controller's webshop. 

8.3. Purpose of data processing: creating a contract, determining its content, modifying, fulfilling, monitoring its fulfillment, billing fees arising from it, and enforcing related claims 

8.3. Scope of processed data: natural person identification data necessary for identifying registrants and purchasers in the webshop, address, phone number, email address, bank account number, online identifier, VAT number. 

8.4. Legal basis for data processing: In the case of purchases in a webshop, the legal basis for data processing is contract fulfillment. Purchasing in a webshop constitutes a contract, taking into account Section 13/A of Act CVIII of 2001 on electronic commerce services and certain issues related to information society services, and Government Decree 45/2014 (II. 26.) on detailed rules for contracts between consumers and businesses. The legal basis for processing data provided for billing purposes during purchase is fulfilling legal obligations under VAT and Accounting Act provisions; in this scope, the data processing duration is 8 years. 

8.5. Recipients: who can access this data: the Data Controller's employees performing customer service, finance, delivery, and marketing activities; as data processors, employees of the company handling the Company's tax and accounting tasks for fulfilling tax and accounting obligations; the Company's IT service provider employees for hosting services; courier service employees regarding delivery data (name, address, phone number); the Bank regarding financial fulfillment. 

8.6. Information about using data processors: 

■ The Data Controller's IT service provider 

■ Accounting, taxation, payroll data processor 

■ Hungarian Post 

■ Courier service 

■ Bank account provider 

The contact details of data processors can be found in Part I of the Privacy Policy. 

8.7. Data storage duration: until the end of 5 years following the year of purchase; regarding data recorded on accounting documents related to the purchase, 8 years. Failed purchase data must be deleted immediately. 

VII. 

9. RIGHTS OF DATA SUBJECTS

Data subjects may exercise the rights described in the Privacy Notice (Privacy Policy Part IV). 

Maglód, 2025.01.31. 

Mag-Log Transport Kft