PRIVACY POLICY
The purpose of the present Privacy Policy is to set out the data protection and data processing principles applied in the course of using the Helpme.life application and providing related services, as well as the method and conditions of data processing.
- The Data Controller and the Data Processor
Data Controller: Jemefy Technologie LTD. (registered office: 1044 Budapest, Ezred utca 2., company registration number: 01-09-356673, telephone: +36 27 222 007, e-mail: support@jemefy.com).
Data Processor: Jemefy Technologies LTD. (registered office: 1044 Budapest, Ezred utca 2., company registration number: 01-09-356673, telephone: +36 27 222 007, e-mail: support@jemefy.com)
Jemefy Technologies LTD. (registered office: 1044 Budapest, Ezred utca 2., company registration number: 01-09-356673, telephone: +36 27 222 007, e-mail: support@jemefy.com) hereby publishes the following notice (‘Notice’) in order to comply with the information provision obligations stipulated under Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council (‘GDPR’), with a view to informing data subjects about the personal data it processes.
- Activities of the Data Controller and the Data Processor
The responsible Data Controller of your personal data is Jemefy Technologies LTD. (registered office: 1044 Budapest, Ezred utca 2., company registration number: 01-09-356673, telephone: +36 27 222 007, e-mail: support@jemefy.com) also referred to as the ‘Company’. The Company processes your personal data pursuant to the present Privacy Policy whenever you contact us through the Helpme.life application, sign up as a sponsor, provide us with financial support, subscribe to our newsletters or participate in one of our programmes, in the context of which you voluntarily provide us with your personal data.
The activity carried out by the Data Controller is the processing of the data of visitors to the application and subscribers to the Company’s newsletters, as indicated in the present Privacy Policy, conducted in the form of the electronic storage of personal data (hosting service). This activity covers all personal data processed by the Company in the context of the application.
The Data Processor is responsible for the operation of the Helpme.life application. The Data Processor has access to personal data in the context of the operation of the Helpme.life application for the duration of operation.
- Legal background
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data,
- Act CXVII of 1995 on personal income tax,
- Act CL of 2017 on the rules of taxation,
- Act CVIII of 2001 on certain aspects of electronic commerce services and information society services,
- Act XLVII of 2008 on the prohibition of unfair commercial practices against consumers,
- Act XLVIII of 2008 on the basic requirements and certain restrictions of commercial advertising activities
- Act XC of 2005 on the freedom of electronic information,
- Act C of 2003 on electronic communications.
- Definitions of terms
‘Personal Data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is someone who can be identified, directly or indirectly, in particular by way of an identifier such as name, number, location data, online ID or by one or several factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
‘Data Processing’ means any operation or set of operations performed in respect of personal data or sets of personal data, whether or not by automated means; such as the collection, recording, organisation, structuring, segmentation, storage, adaptation or alteration, enquiry, viewing, use, disclosure, transmission, dissemination or the disclosure otherwise, alignment or merging, restriction, deletion or destruction of such data or data sets;
‘Restriction of Data Processing’: the marking of stored personal data for the purpose of restricting their future processing;
‘Data Controller’ means a natural person or legal entity, public authority, agency or any other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of data processing are determined by EU or Member State law, the Data Controller or the specific criteria for the designation of the Data Controller may also be determined by EU or Member State law;
‘Data Processor’ means a natural person or legal entity, public authority, agency or any other body which processes personal data on behalf of the Data Controller;
‘Third Party’ means a natural person or legal entity, public authority, agency or any other body other than the data subject, the Data Controller, the Data Processor or the persons who, under the direct control of the Data Controller or Data Processor, are authorised to process personal data;
‘Data Subject Consent’ means a voluntary, specific, informed and clear statement of the data subject’s wishes through which the data subject signals, by way of a statement or by an act clearly expressing his or her confirmation, that he or she consents to the processing of personal data regarding him or her;
‘data breach incident’ means a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to the personal data transmitted, stored or otherwise processed.
- Scope of personal data processed
Personal data that may be provided subject to the user’s voluntary decisions: name, e-mail address, telephone number, address and other voluntarily provided personal data.
In cases where a financial donation is provided (bank payment, internet card payment), by reading and accepting the information on data processing, data subjects expressly consent to the collection, processing, storage and transferring of their personal data to the above-mentioned Data Controller for the purposes set out in the present notice. By using the credit card payment interface, the user accepts that the following personal data provided by the Company in the course of using the Helpme.life application will be transferred to OTP Bank Nyrt. as an additional Data Controller, which, in the course of its independent data processing, will process the personal data of the data subjects as described under the following link:
The Bank will not forward the card data to the Company. By using the bank card payment interface, the user accepts that his or her personal data provided to the Company via the Helpme.life application will be transferred to OTP Bank Nyrt. in its capacity as a Data Controller. The following data will be forwarded: family name, first name, country, telephone number, e-mail address.
- The legal grounds, purpose and methods of data processing
The processing of data takes place subject to the voluntary, informed consent of the users of content available in the Helpme.life application, which includes the express consent of users to the use of their personal data provided during the usage of the site.
The Data Controller may not use the personal data provided for purposes other than those described in the present document. Unless otherwise required by law, the disclosure of personal data to third parties or public authorities may only take place subject 2 the user’s prior, express consent.
The Data Controller is not obliged to verify the personal data provided by the user. The person providing the personal data is solely responsible for the correctness of the data provided. By providing an e-mail address, users also become responsible for ensuring that they are the only ones to use any services via the e-mail address provided. In view of this responsibility, any liability arising in the context of logging in from the e-mail address provided by the user shall be solely borne by the user who registered the e-mail address.
The Company will process your personal data on the following legal grounds: data processing is necessary for (i) the performance of a contract or ancillary agreements (donation) concluded with you, or for taking steps at your request prior to entering into a contract (Sub-Section (b), Section 1, Article 6 of the GDPR: ‘Contractual Legal Grounds’); (ii) the execution of legal obligations necessary to assert a legitimate interest (Sub-Section (f), Section 1, Article 6 of the GDPR; ‘Legitimate Interest’); or (iv) is based on your consent (Sub-Section (a), Section 1, Article 6 of the GDPR; ‘Consent’), in particular in the case of sending a newsletter, for which you have the right to unsubscribe at any time, which unsubscription does not affect the lawfulness of data processing prior to the unsubscription. The Company does not collect or process any special data.
Accepting donations, donation of funds: data processing is necessary for the purpose of taking steps at the request of the data subject prior to entering into a contract or for the performance of a contract concluded with the data subject (Sub-Section (b), Section 1, Article 6 of the GDPR). The purpose of data processing is necessary for the purposes of identification and donation.
The processed data are as follows:
- Donor’s full name (required for identification purposes),
- Donor’s country (required for identification purposes),
- His/here-mail address, telephone number (optional to provide it for contact purposes),
- Donation details/amount (required for donation),
- Description of the purpose of the donation (if required),
- Billing address (if required),
- Data required for carrying out the transaction (bank account number, value of the donation, source of the donation, date of donation).
The provision of your personal data is voluntary, however, if you choose not to provide them, the Company will not be able to accept your donation.
If the data are not required for accounting purposes, they will be deleted after 5 years calculated from the date of providing the donation, pursuant to Article 6:22 of Act V of 2013 on the Civil Code. It is the communication and finance staff members of the Company, as the data processing organisation, that have access to the data, in line with the principle of ‘need to know’.
- Principles of data processing, data security
Data must be obtained, processed and processed in a fair and lawful manner. Data may only be stored for specific and lawful purposes, and should not be used for any other purpose. The data must be proportionate to, and compatible with, the purpose for which they are stored, and may not stretch beyond that purpose. The data must be stored in a way that permits the identification of the data subject only for the duration required for the purpose for which the data are stored. Appropriate security measures must also be taken to protect personal data stored in automated data files against accidental or unlawful destruction or accidental loss, and to prevent unlawful access, alteration or dissemination.
The Data Controller undertakes to process the data in its possession in accordance with the provisions of the Information Act and the data protection principles set out in the present document; and not to transfer them to third parties. One exception to the provisions of this paragraph is the use of the data in a consolidated, statistical format, which may not, in any format, contain the name of the user concerned or any other form of data suitable for identifying the user. In certain cases, in particular in the event of a formal judicial or police enquiry, legal proceedings, infringement of copyright, property rights or other infringements or reasonable suspicion thereof, or in the event of prejudice to the interests of the Data Controller or the provision of its services, the Data Controller may make available the data of the user concerned to third parties.
The Helpme.life application system may collect data about the activity of users, which may not be linked to other data provided by users at the time of registration, or to data generated through the use of other websites or services.
The Data Controller hereby agrees to publish a clear, prominent and unambiguous notice informing the user of the manner, purpose and principles of the use of the data before the collection, recording or processing of any data from the user. In all cases where the Data Controller intends to use the data for a purpose other than that for which they were originally collected, the Data Controller must inform the user and obtain his/her prior explicit consent or give him/her the opportunity to ban such use. The Data Controller must, at all times, comply with the restrictions laid down by law concerning the collection, recording and processing of data, and must inform the data subject of its activities by electronic mail, as requested by the data subject. The Data Controller agrees not to impose any sanctions upon a user who refuses to provide non-mandatory data.
The security of your personal data is protected by the following means: the Company takes all required measures to protect the personal data it processes against unauthorised access, alteration, disclosure, deletion, damage or destruction. The Company, as the Data Controller, and the Data Processor it uses, treat personal data in a confidential manner. All security, technical and organisational measures will be taken by us that guarantee the security of the data. The Company has taken measures to ensure that its employees and Data Processors involved in the processing of personal data take appropriate security measures to protect the data.
- Duration of data processing
The personal data provided by the user will be processed until the user unsubscribes from the service. The deadline of deletion is 10 working days from the date of receipt of the user’s unsubscription (request for deletion). In the event that unlawful or fraudulent personal data are used, or if a criminal offence is committed by the user, or the system is attacked, the Data Controller becomes entitled to deleting the data immediately upon termination of the user’s registration, but if a criminal offence or civil liability is suspected, the Data Controller is also entitled to retain the data for the duration of the proceedings to be conducted.
The personal data provided by the user may be processed by the Data Controller until the user explicitly requests in writing that the processing of such data be terminated. Data that are automatically, technically recorded in the course of the system’s operation, are stored in the system for a period of time calculated from the moment they are generated for a duration of time that is reasonable for facilitating the operation of the system. The Data Controller must ensure that such automatically recorded data cannot be linked to other personal user data, except in cases required by law.
- Google Ads
In the context of the Application’s operation, the Company uses Google Ads, an online advertising facilitation service. This conversion tracking service is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
If you access a website via a Google ad, a cookie is stored on your device for conversion tracking. However, you cannot be identified from these cookies, given the duration of the cookie’s validity.
In the event that you browse specific parts of the Application website (and the cookie has not yet expired), the Company and Google may also find out which advertisement you have clicked on.
Each Google Ads client receives a different cookie, so there is no way to track them.
The purpose of the information obtained from conversion tracking cookies is to enable the compilation of conversion statistics about users.
If you do not wish to consent to the recording of conversion tracking data about you, you have the option to disable the installation of cookies in your browser. Once disabled, you will not be included in the relevant statistics.
For more information about how Google Ads works, please visit www.google.de/policies/privacy/.
- Google Analytics
In the context of the Application’s operation, the Company uses a service called Google Analytics, which is provided by Google Inc. Google Analytics uses various text files (cookies) to analyse your activity.
When you visit a website, the information contained in the cookie about the website is mostly stored on Google’s servers. By activating IP anonymisation on a website, Google will shorten your IP address within the EU Member States and other states that are party to the Agreement on the European Economic Area. In some rare cases, however, your full IP address may be transmitted to, stored on and shortened by Google servers in the USA.
If the Company requests so, Google will evaluate this information in order to assess your use of the Application website, and to compile usage reports and provide other services relating to the website and your use of the Internet.
Google Analytics does not compare the IP addresses transmitted by any of your browsers with any other data held by Google. You have the option to prevent cookies from being stored in your browser; however, as a result, you may not be able to use all the features of the website. If you download and install the following plugin on your device, you can prevent Google from collecting and processing the data stored by the cookies.
- Facebook / Instagram
The Company can be reached via the following Facebook and Instagram sites:
Instagram: helpme.life@jemefy.com
Facebook: helpme.life@jemefy.com
The Company aims to promote and follow donation activities and the Application on Facebook and Instagram social networking sites.
If you ask a question to the Company via Facebook or Instagram, the data will solely be used by us to answer your question and not for sales or other promotional purposes.
If you open the Application on Facebook or Instagram, all content displayed there is under the control of the Company or the Data Processor. The data collected there will be collected, stored and processed by the Company and the Data Processor only, and will not be forwarded to Facebook or Instagram.
To connect with the Company via Facebook or Instagram, you must be logged on to Facebook or Instagram. For this purpose, Facebook or Instagram may also request, store and/or process personal data. The Company has no control over the type, scope and processing of such data. The Company does not receive any personal data from the operator of Facebook or Instagram.
You can find out about the duration of data processing on the Facebook and Instagram social media pages, the deadline for deleting data, potential Data Controllers, the legal grounds of data processing, the source and processing of data, and the rights related to data processing on the social media pages, taking into account that data processing takes place on the social media sites. For further information please, visit the following websites:
www.facebook.com/about/privacy/
https://www.facebook.com/help/instagram/155833707900388/
- Prize games
Through the use of the Application, games and prize games may also be organised.
In order to run the games and prize games, the Company collects the following personal data of the participants: title, full name, address, e-mail address and telephone number. The Company will use such data primarily to notify the participants of the game, and in particular the winners, by e-mail, mail and/or telephone, and the address will also be used to send the prize.
The legal basis for the Company’s processing of data for the purpose of participation in the prize game is the data subject’s consent, which must be clear and explicit (Sub-Section a), Section (1), Article 6 of the GDPR).
Data subjects: any natural person who gives his or her unambiguous and explicit consent to the processing of his or her personal data by the Company for the purpose of participating in the prize game.
The purposes of date processing are as follows: to keep in touch for the purpose of the prize game, to notify you of the results of the prize game, to recommend further prize games, to send you prizes, and to enable you to participate in events related to the prize game. You will be contacted by telephone, e-mail or regular mail.
The personal data processed: address, full name, address, e-mail address and telephone number.
Duration of data processing: until the withdrawal of the data subject’s consent to the processing of personal data for the purpose of participation in the prize game.
- Control over personal data
A change in personal data or a request for the deletion of personal data may be communicated to the Data Controller by means of a prompt written statement sent by e-mail to support@jemefy.com. The receipt of newsletters can be stopped by modifying the settings of the user interface on the site or by sending an express written statement to that end to support@jemefy.com. Once a request for the deletion or modification of personal data has been executed, previous(ly deleted) data can no longer be restored.
Consent to the processing or use of personal data may be withdrawn at any time. Withdrawal of consent shall not affect the lawful nature of data processing that had taken place prior to the withdrawal of consent. Beyond that, you have the following rights pursuant to the applicable legislation (i.e. the GDPR):
Right of access: you have the right to obtain confirmation/feedback from us as to whether or not your personal data are being processed and, if so, you have the right to access your personal data. The right of access extends, among others, to the purposes of the processing, the categories of the personal data processed and the recipients or categories of recipients to whom or which the personal data have been or will be disclosed. You have the right to request a copy of your personal data that are processed. If you request additional copies, we may charge a reasonable fee based on the actual administrative costs.
Right to rectification: you have the right to have inaccurate personal data about you rectified at your request. Depending on the purpose of data processing, you may have the right to request that incomplete personal data be completed, including by means of a supplementary statement.
Right to deletion (right to be forgotten): you have the right to request the deletion of your personal data.
Right to the restriction of data processing: you have the right to request a restriction of the processing of your personal data. If this happens, we may not be able to provide any services to you. In this case, we will earmark the relevant data, and process them only for specific purposes.
Right to data portability: you have the right to receive the personal data we have about you in a structured, widely used, machine-readable format, and the right to have such personal data transferred to another Data Controller without any hindrance on our part.
Right to objection: you have the right to object to our processing of your personal data at any time for reasons specific to your particular situation, in which case we may be required to stop the processing of your personal data. You also have the right to object at any time to the processing of your personal data for the purpose of sending you newsletters, including profiling. If you have a right two objection, and you exercise that right, we will no longer process your personal data for such purposes. There is no cost to exercising this right. This right is not relevant to you personally, especially if the processing of your personal data is required for pre-contractual measures or the execution of a contract already concluded.
Please, note that your above rights may be subject to restrictions under applicable law. You can exercise these rights at any time by contacting us using the contact details provided. In addition to the above, you have the right to file a complaint with the competent supervisory authority, in particular in the Member State of your habitual residence or in the Member State where the alleged breach of the GDPR’s provisions has occurred. If you are in Hungary, the competent authority is the National Authority for Data Protection and Freedom of Information (address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C., phone: +36-1-391-1400, fax: +36-1-391-1410, e-mail: ügyfelszolgalat@naih.hu
- Amendments to the Privacy Policy
The Service Provider reserves the right to amend the present Privacy Policy at any time by unilateral decision. Following the modification of the Privacy Policy, all users must be informed in an appropriate manner (by e-mail or in a pop-up window upon login). By continuing to use the service, users acknowledge the amended data processing rules, and no further consent is required.
Budapest, 11.11.2022.
Jemefy Technologies LTD.
Change cookie consent: Revoke consent