Informations

Privacy policy

CEZ Hungary Ltd. (hereinafter the ‘Data Controller’) is committed to fully respecting the rights of its clients and partners (hereinafter the ‘Data Subject’) related to data processing, therefore it will process personal data in compliance with the provisions of the applicable legislation.

The Data Controller’s data and contact information:

Name of the Data Controller: CEZ Hungary Electric Energy Trading Ltd.

Data Controller’s representative: Tamás Hiezl, Managing Director

Registered seat: H-1118 Budapest, Rétköz utca 5, Hungary

Phone number: +36-1-266-9324

Email:

We undertake to ensure that the processing of your data in relation to the operation of the website and the web service will be in compliance with the effective EU and Hungarian legislation.

We will use and process your data for the purpose of providing the services, products and information requested by you, implementing the contract you concluded with us, operating our websites and applications, and for administrative purposes.

Purpose of our data processing: Client and supplier management, preparation of contracts, liaising in contractual and business issues.

Scope of the data processed: Name, phone number and email address of the representatives and contact persons of the clients and suppliers.

Legal basis of the data processing: Data processing is necessary for the conclusion, performance and termination of contracts. This data processing will be considered lawful also, if data processing is necessary to take steps at the request of one of the affected parties before contract conclusion.

Duration of retention of the data processed: the duration of data processing will start at the time of provision of the Data Subject’s personal data and will last until the modification of the data of the natural person acting as a contact person, or as long as the client relationship persists, or as long as any civil law claims resulting from that may be enforced. In the case of contracts, pursuant to the accounting act it will be 8 years from the date of conclusion.

Potential consequences of a failure to provide data: The data provision is necessary for the establishment of the contractual relationship and for communication. If you fail to provide the data, the conclusion of the contract and communication in business matters will not be possible.

Our data processors

Operators of the IT system:

Accace Hungary Kft. (registered seat: H-1132 Budapest, Váci út 30.)
IP Systems Zrt. (registered seat: H-1139 Budapest, Teve utca 1/a-c.)
salesforce.com EMEA Limited (village 9, floor 26 Salesforce Tower, 110 Bishopsgate, London UK EC2N 4AY)
Attention CRM Consulting Kft. (registered seat: H-1075 Budapest, Madách Imre út 13-14, Hungary)

Cookie use

Our website uses cookies, regarding which you can find more detailed information under the menu item “Cookie Settings”.

It is not mandatory to agree to the use of or enable cookies. You may set up your browser’s settings to reject all cookies or to notify you when the system sends a cookie. While most browsers automatically accept cookies by default, typically these settings may be changed to disable automatic acceptance and let you accept or reject a cookie on each and every occasion.

You may disable the use of cookies permanently by clicking the following link and installing the plug-in appearing: https://www.google.com/settings/ads/plugin.

You can find more information regarding the cookie settings of the most popular browsers at the following links: www.aboutcookies.org.

However, we would also like to note that it may appear that some functions and services of the website may not work properly without cookies.

Implementing data security

We take the necessary technical and organisational measures and have in place appropriate procedural rules to ensure the security of personal data during the entire duration of data processing.

We select and operate the IT tools used for the processing of personal data so that:

the processed data can be accessed by those who are authorised thereto (availability);
the authenticity and authentication of the data is ensured (authenticity of data processing);
it can be certified that the data have not been changed (data integrity);
the data are protected against unauthorised access (confidentiality of data).

CEZ Hungary Ltd.

uses appropriate measures to protect the data against accidental or unlawful destruction, loss, alteration, damage, unauthorised disclosure or unauthorised access,
restricts access to the personal data by specifying authorisation levels,
uses firewall and antivirus protection to protect the IT systems,
during electronic data processing, ensures that the data can only be accessed by the persons who need to know these to be able to perform their tasks, in controlled circumstances and limited to purposes,
in order to protect the datasets processed electronically in its individual records, uses appropriate technical solutions to ensure that the stored data cannot be directly interlinked and assigned to the Data Subject (except to the extent allowed by law).

Taking into account the current state of the art of technology, we use such technical and organisational measures to protect the security of data processing that ensure a level of protection appropriate for the risks arising in connection with data processing.

Data Subjects’ rights

You are entitled to request the following in connection with your personal data processed by the Data Controller:

you may access your data processed by us: scope of the data processed, the purpose, manner and term of processing, information regarding automated-decision making, data disclosure or transfer rights and remedies
you may request rectification: if the data are inaccurate or deficient
you may request the deletion of data: if, in your opinion, the purpose of data processing has been fulfilled, or you object to data processing that is based on legitimate interests and request deletion, if data processing is unlawful in your opinion or if you think that the data should be deleted under law
you may request the restriction of data processing: if data processing is inaccurate, unlawful, unnecessary and/or is beyond the purpose for which the data were recorded,
you may object to data processing: if data are processed based on legitimate interests.

The Data Controller will provide information on action taken on a request or the reasons for not taking action to you without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months if the request is complex or a high number of requests are received. The information will be provided and the measures will be taken free of charge, except for requests that are manifestly unfounded or excessive, in particular because of their repetitive character. In such cases we will charge a reasonable fee or refuse to act on the request. If you request a copy of your personal data undergoing processing, this copy will also be provided free of charge in the first case but for any further copies we will charge a fee corresponding to the administrative costs.

In connection with our measure you may file a complaint with the supervisory authority (Hungarian National Authority for Data Protection and Freedom of Information, in Hungarian: Nemzeti Adatvédelmi és Információszabadság Hatóság, registered seat: H-1024 Budapest, Szilágyi Erzsébet fasor 22/C, website: www.naih.hu, phone number: +36 (1) 391-1400), and you may also request judicial remedy. You are entitled to seek judicial remedy against the supervisory authority’s decision or against the lack thereof.

If you have suffered damage as a result of the violation of the General Data Protection Regulation, you will be entitled to compensation for that damage from the Data Controller (or the data processor).

If, in your opinion, we have processed your personal data other than in compliance with the General Data Protection Regulation and have thereby violated your rights, you may turn to court on account of the violation.