Data Management and Privacy Policy
1. The Purpose of the Policy
The purpose of this Data Management and Privacy Policy is to define the data protection and data management principles applied by SystemLock Kft. (registered address: 1173 Budapest, Pesti út 17., tax number: 29044559-1-42) and to outline the company’s data protection and data management policies.
SystemLock Kft. (hereinafter referred to as the „Service Provider”) aims to ensure that in all areas of the services provided, the rights and fundamental freedoms of all individuals—regardless of nationality or place of residence—are respected. In particular, the Service Provider is committed to upholding the right to privacy during the automated processing of personal data, ensuring compliance with data protection regulations and principles.
2. Designation of the Data Controller
| Name: | SystemLock Kft. |
| Registered Office and Mailing Address: | 1173 Budapest, Pesti út 17, Hungary |
| Email address: | [email protected] |
3. Scope of Processed Personal Data
3.1. Registration
During the registration process, the User is required to provide the following personal data:
- Full name
- Email address
- Company name
- Phone number
3.2. Automatically Recorded Technical Data
During the operation of the system, certain technical data related to the user’s logging device is automatically recorded. These data are generated during the use of the service and are stored as a result of automated technical processes by the data controller’s system.
- The system automatically logs these data upon user login and logout without requiring any additional declaration or action from the user.
- These automatically recorded data cannot be linked to other personal user data, except in cases required by law.
- The data is accessible only to the data controller and is used solely for system operation, security, and troubleshooting purposes.
3.3. Cookies and Web Tracking
When visiting the website, one or more cookies—a small file containing a character string—may be sent to the visitor’s device, enabling the browser to be uniquely identified.
- These cookies are provided by Google and are used via the Google AdWords system.
- They are only sent when specific subpages are visited, recording only the fact and time of the visit, without storing any other information.
Purpose of Cookie Usage
Third-party service providers, including Google, use these cookies to store whether a user has previously visited the advertiser’s website. Based on this information, ads may be displayed to the user on external websites that are part of Google’s partner network.
- Users can disable Google cookies on the Google Ads Settings page.
- They may also opt out of third-party cookies via the Network Advertising Initiative opt-out page.
Types of Cookies Used:
- Analytical and Tracking Cookies – Monitor user behavior for website performance improvements.
- Cross-site Tracking Cookies – Used to track user activity across different websites.
- Session Cookies (Login & User Identification) – Store temporary authentication information for user sessions.
Most browsers provide a Help function where users can:
- Disable cookies.
- Accept new cookies.
- Configure settings to receive notifications before accepting cookies.
- Manage or remove existing cookies.
For more details, users should refer to their specific browser’s cookie settings.
4. Legal Basis, Purpose, and Method of Data Processing
4.1. Legal Basis for Data Processing
The processing of personal data on the syslock.hu website (hereinafter referred to as „Website”) is based on the voluntary, informed consent of the users. This consent includes the explicit authorization for the use of personal data provided while using the website.
The legal basis for data processing is the voluntary consent of the data subject, as stipulated in Section 5(1)(a) of Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information (Infotv.).
- The User gives consent to data processing by using the Website, registering, or voluntarily providing personal data for specific purposes.
4.2. Purpose of Data Processing
The primary purpose of data processing is to enable the provision of services available on the Website. The Service Provider processes personal data strictly for the following purposes:
- Fulfilling user requests and processing orders
- Ensuring compliance with contractual obligations
- Maintaining customer records and communication
- Providing and improving services
- Enhancing user experience and technical development
The Service Provider only stores user data to fulfill orders and retain contractual proof, ensuring compliance with legal requirements.
4.3. Purpose of Automatically Recorded Data
Automatically collected data is processed for the following purposes:
- Generating website usage statistics
- Developing and optimizing the IT system
- Protecting user rights and securit
4.4. Restrictions on Data Usage
- The Data Controller will not use the provided personal data for any purpose other than those explicitly stated in this policy.
- Personal data may only be disclosed to third parties or authorities if required by law or if the user provides explicit prior consent.
4.5. Responsibility for Provided Data
- The Data Controller does not verify the accuracy of the personal data provided.
- The user is solely responsible for the correctness of the submitted information.
- When providing an email address, the user guarantees that only they use that email account for accessing services.
- Any activities or logins associated with a given email address are the responsibility of the registered user.
5. Duration of Data Processing
5.1. Duration of Processing for Registered User Data
- The processing of mandatory personal data provided during registration begins at the time of registration and continues until the account is deleted.
- The processing of optional personal data starts when the user provides the data and lasts until the user requests its deletion.
- The user may delete their registration at any time, and the Service Provider may also delete the account under the conditions specified in this Privacy and Data Processing Policy.
5.2. Duration of Processing for Logged Data
- The system stores automatically recorded log data for six (6) months from the time of logging.
- The last visit date is an exception, as it is automatically overwritten upon each new login.
5.3. Legal and Contractual Retention Obligations
- The above provisions do not affect legal retention requirements, such as those established by accounting or tax regulations, which may mandate longer retention periods.
- If a user has given additional consent for specific data processing beyond registration, such data will be processed in accordance with the agreed terms and until consent is withdrawn.
6. Persons with Access to Data, Data Transfer, and Data Processing
6.1. Persons Authorized to Access Personal Data
- Personal data is primarily accessible to the Service Provider (SystemLock Kft.) and its internal employees who are authorized to process such data.
- These individuals are responsible for handling customer requests, order processing, and system maintenance.
- The Service Provider ensures that personal data is not published or disclosed to unauthorized third parties.
6.2. Data Processing and Transfer to Third Parties
- To operate its IT system, fulfill orders, and manage financial transactions, the Service Provider may involve data processors, such as:
- System operators (for IT infrastructure management)
- Courier or shipping companies (for order delivery)
- Accounting service providers (for financial and tax reporting)
- While the Service Provider takes care to cooperate only with trusted partners, it is not responsible for the data management practices of these external entities.
- Data is only transferred to third parties to the extent necessary for service fulfillment and in compliance with legal data protection requirements.
Designation of Data Processors:
| Company name | SystemLock Kft. |
| Address | 1173 Budapest, Pesti út 17. |
| Activity | Information Technology Consulting |
6.3. Beyond the aforementioned cases, the transfer of personal data related to the User may only take place if mandated by law or with the explicit consent of the User.
7. User Rights and Legal Remedies
7.1. The User has the following rights regarding their personal data:
Right to Information: The User may request information at any time about the personal data managed by the Service Provider regarding them.
Right to Modification: The User may modify their personal data at any time as specified in the Privacy and Data Management Policy.
Right to Deletion („Right to be Forgotten”): The User is entitled to request the deletion of their personal data through the contact details provided in this section.
Requests for information, modification, or deletion can be submitted via the official contact channels of SystemLock Kft.
7.2. Upon the User’s request, the Service Provider will provide information regarding:
- The personal data being processed about the User.
- The purpose of data processing.
- The legal basis for data processing.
- The duration of data processing.
- The recipients of the data and the purpose of their data access.
The Service Provider will respond to the request in writing within 30 days from the date of submission.
7.3. The User can exercise their rights regarding data processing through the following contact details:
| Address: | SystemLock Kft. 1173 Budapest, Pesti út 17. |
| E-mail: |
The User may contact the Service Provider’s representatives with any questions or concerns related to data processing.
- Any inquiries regarding data management, modification, or deletion can be addressed to the Service Provider using the contact details listed in Section 7.3.
- The Service Provider will respond to all inquiries as soon as possible, but no later than 30 days from receipt.
7.4. Right to Rectification and Deletion
- The User has the right to request the correction of incorrectly recorded data or the deletion of their personal data at any time.
- Some data can be modified directly by the User through the Website’s account settings.
- In all other cases, upon receiving a written request, the Service Provider will delete the requested data within 3 business days.
- Once deleted, the data cannot be restored.
Exceptions:
- The right to deletion does not apply to data processing required by legal regulations (e.g., accounting laws), in which case the Service Provider will retain the data for the legally required period.
7.5. If the User believes that their data protection rights have been violated, they have the following options to seek legal remedy:
- Judicial Enforcement: The User may enforce their rights in court based on the Infotv. (Act CXII of 2011 on Informational Self-Determination and Freedom of Information) and the Civil Code (Act IV of 1959).
- Supervisory Authority Complaint: The User may file a complaint with the National Authority for Data Protection and Freedom of Information (NAIH) regarding the data processing practices of the Service Provider.
Contact Information for NAIH:
- Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C
- Website: www.naih.hu
- Phone: +36 (1) 391-1400
- Email: [email protected]
The User is encouraged to first contact the Service Provider with any concerns before initiating legal action or filing a complaint with NAIH.
7.6. Liability and Compensation
- If the User provides third-party data during registration or while using the Website without authorization, or causes damage in any way, the Service Provider has the right to claim compensation from the User.
- In such cases, the Service Provider will fully cooperate with law enforcement and relevant authorities to help identify the offending individual and support legal proceedings.
8. Use of Email Addresses
8.1. Lawful Use of Email Addresses
The Service Provider pays special attention to ensuring the lawful use of the email addresses it manages. Therefore, email addresses are used exclusively for the following purposes:
- Sending informational or marketing emails under the conditions specified below.
8.2. Primary Use of Email Addresses
- Email addresses are primarily used for User identification and communication during order fulfillment and service usage.
- The Service Provider sends emails mainly for these operational and service-related purposes.
8.3. Service and Policy Update Notifications
- If there are changes to the services provided by the Service Provider or updates to the Privacy and Data Processing Policy, affected Users may receive email notifications.
- In some cases, the Service Provider may send notifications about similar services it offers.
- Users cannot unsubscribe from these essential service notifications, as they are not considered marketing messages.
- However, these messages will not be used for advertising purposes.
8.4. Marketing and Newsletter Emails
- The Service Provider will only send advertising, promotional emails, or newsletters to the User’s registered email address if the User has provided explicit consent.
- Marketing emails comply with all legal requirements regarding electronic communications.
- Users may unsubscribe at any time by clicking the „Unsubscribe” link at the bottom of the newsletter.
9. Other Provisions
9.1. Data Collection on User Activity
- The Service Provider’s system may collect data on user activity, but these data cannot be linked to the personal data provided during registration.
- The collected data also cannot be associated with information generated from the use of other websites or services.
9.2. Use of Data for Different Purposes
- If the Service Provider intends to use the collected data for a purpose different from the original purpose of collection, the User will be informed in advance.
- In such cases, the Service Provider will obtain explicit prior consent from the User or provide an option to decline data usage for the new purpose.
9.3. Data Security Commitments
- The Service Provider is committed to ensuring the security of personal data.
- The necessary technical and organizational measures will be taken to protect collected, stored, and processed data from:
- Unauthorized access,
- Accidental loss,
- Unauthorized use,
- Unauthorized modification or destruction.
- The Service Provider also obliges any third parties who may receive or process personal data to comply with the same data protection obligations.
9.4. Modifications to the Privacy Policy
- The Service Provider reserves the right to modify this Privacy and Data Processing Policy unilaterally, with prior notice to the Users.
- After a modification comes into effect, the User’s continued use of the service will be considered acceptance of the updated policy.