Online Survey

Data Protection and Data Management Statement


0. Funds acts as a controller and processor of personal data. The personal data manager position of applies to the personal data of Users (registered members who have accepted the terms of use) and questionnaire Fillers (visitors, respondents, natural persons who fill out questionnaires created in the system) visiting the website (this regulation paragraph 0.1). With the personal data that the User has saved on the server (the User prepares a questionnaire in which the respondents can even enter their personal data), acts as a processor, or the User only provides data storage for. The administrator of this personal data is the User himself (paragraph 0.2 of these regulations).

Automated individual decision-making (profiling): does not perform profiling or automated individual decision-making.

0.1. as the manager of personal data operates as a manager of the personal data of Users and Fillers visiting its website.

What personal data do we process?

To fulfill the contract or legal obligations, primarily processes the following personal data: e-mail, billing name, billing address, mailing name, mailing address. also processes the data it obtains from Users and Fillers who use the system or visit the website: cookies, log files (IP address or other online identifier).

How long do we process personal data?

We process the User's personal data during the duration of the contractual relationship. We process personal data that are subject to special legislation for the period prescribed by them.

Where do the personal data come from?

Personal data is obtained directly from the data subjects during registration (contract conclusion) and when changing packages. We always inform the parties concerned what personal data is necessary for the agreement.

0.2. as a processor of personal data provides storage space on its own server for the User's data used within the systems. The User's data may also include the personal data of the Questionnaire Fillers. We act as a processor in relation to the personal data stored by the User (respondents' personal data). The administrator of this personal data is the User himself.

Warning to the User:

If you also collect personal data with the help of questionnaires, you become the controller of personal data and must comply with the data protection guidelines of the GDPR and related legislation. is not responsible if the User violates the data protection rules.

Warning for Fillers and respondents:

The use of the system may also be determined by the User's guidelines and rules, if the User has one. If you provide your personal data to the User, please contact the User with any questions regarding the protection of personal data. We cannot be held responsible for the data protection and security rules used by the User, which may differ from these data protection guidelines.

What is the purpose of the processing and how do we handle the data? does not perform any operations with the User's data, except for storing them on the server. You will not modify, publish or transmit them to third parties (unless they are required by law to be made available to government authorities), unless otherwise provided in the agreement. The sole purpose of handling personal data is to store it and ensure its availability for the User.

What personal data do we process?

We only process the personal data of the respondents that were saved to the server using the questionnaires created on the website, that is, the data that the respondents provided when filling out a questionnaire. These include: name, date of birth, gender, age, workplace, address, e-mail, phone number and the like.

How long do we process personal data? processes personal data for the duration of the contract with the User. After the User terminates his account, all his data will be irrevocably deleted from our server.

1. The purpose of the data management information

The owner of Sándor Bíró, individual entrepreneur (tax number: 74450655-1-29, EV registration number: 22374322) (hereinafter: service provider, data controller) as a data controller, acknowledges the content of this legal notice as binding on him . It undertakes to ensure that all data management related to its activities meets the requirements set out in these regulations and in the applicable national legislation, as well as in the legal acts of the European Union.

The data protection guidelines arising in connection with the service provider's data management are continuously available at the following address:[privacy ]

The service provider reserves the right to change this information at any time. Of course, you will notify your audience of any changes in good time.

If you have any questions related to this announcement, please write to us and our colleague will answer your question.

The service provider is committed to protecting the personal data of its customers and partners, and considers it of utmost importance to respect its customers' right to informational self-determination. The service provider treats personal data confidentially and takes all security, technical and organizational measures that guarantee data security.

The service provider describes its data management practices below.

2. Data of the data controller

If you would like to contact the data controller, you can do so at or +36 70 215 3708.

The service provider deletes all e-mails received, including personal data, no later than 1 year from the date of data communication.

Name: Sándor Bíró individual entrepreneur
Headquarters: 4032 Debrecen, Mikszáth Kálmán utca 11th floor: FS door: 2.
EV registration number: 22374322
Tax number: 74450655-1-29
Phone number: +36 70 215 3708

2.1. Data Protection Officer

No data protection officer has been appointed.

3. Scope of managed personal data

3.1. Personal data to be provided during registration

Only the e-mail address is requested, it is mandatory.

3.2. Technical data

The service provider selects and operates the IT tools used for the management of personal data during the provision of the service in such a way that the managed data:

The service provider uses appropriate measures to protect the data against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as against accidental destruction.

The service provider ensures the security of data management with technical, organizational and organizational measures that provide a level of protection corresponding to the risks associated with data management.

The service provider keeps it during data management

3.3. Cookies

3.3.1. The task of cookies

In order to provide customized service, a small data package, so-called it places a cookie and reads it back during the next visit. If the browser returns a previously saved cookie, the cookie management service provider has the opportunity to link the user's current visit with previous visits, but only with regard to its own content.

3.3.2. Session cookies are absolutely necessary

The purpose of these cookies is to enable visitors to fully and smoothly browse the website, use its functions and the services available there. The validity period of this type of cookie lasts until the end of the session (browsing), when the browser is closed, this type of cookie is automatically deleted from the computer or other device used for browsing.

3.3.3. Cookies placed by third parties (analytics)

The website also uses cookies from Google Analytics as a third party. By using the Google Analytics service for statistical purposes, the service provider collects information about how visitors use the website. The data is used for the purpose of developing the website and improving the user experience. These cookies also remain on the visitor's computer or other device used for browsing, in their browser, until they expire, or until the visitor deletes them. IP Anonymization is turned on, so it is considered personal we do not collect data.

View used cookies →

3.4. Data related to online ordering

3.5. Data related to online administration

Email address

3.6. Data related to the newsletter

We do not send newsletters. The system sends notifications about important account events, at the bottom of these messages you can find the Unsubscribe option, but this also involves the termination of your account.

4. Planned use and retention period of the managed data

Name of dataUsageLegal basisRetention period
E-mail addressIdentification, notification of important account eventsTerms of use of the pageFor the duration of the use of the service
Billing dataPreparation of accounting documentsAccording to legal requirementsFor the period prescribed by the relevant law
Posting dataPosting of accounting documentsAccording to legal requirementsUntil the service is used

5. The purpose, method and legal basis of data management

The data management of the service provider's activities is based on voluntary consent and legal authorization. In the case of data processing based on voluntary consent, the data subjects may withdraw their consent at any stage of the data processing.

In some cases, the management, storage and transmission of a range of the provided data is made mandatory by law, of which we notify our customers separately.

We draw the attention of data providers to the service provider that if they do not provide their own personal data, the data provider is obliged to obtain the consent of the data subject.

The basic principles of data management are in accordance with the current legislation on data protection, in particular with the following:

6. Data transmission, data processing, the circle of those familiar with the data

Data processorTax numberActivity completed
Benemiz Könyvelő Bt.12413485-1- 09Accounting Services
Hungarian Posta Zrt.10901232-2-44Postal Services
DigitalOceanEU528002224 Virtual server provider

7. Your affected rights and legal remedies

The data subject can request information about the handling of his personal data, and can request the correction of his personal data, or - with the exception of mandatory data processing - deletion or withdrawal, he can exercise his right to data portability and protest in the manner indicated when the data was recorded, or at the above contact details of the data controller.

7.1. Right to information

The service provider takes appropriate measures in order to provide the data subjects with all the information mentioned in Articles 13 and 14 of the GDPR and Articles 15-22 regarding the processing of personal data. and provide all information pursuant to Article 34 in a concise, transparent, comprehensible and easily accessible form, clearly and comprehensibly worded.

7.2. The data subject's right to access

The data subject has the right to receive feedback from the data controller as to whether his personal data is being processed, and if such data processing is underway, he is entitled to access the personal data and the following information: the purposes of the data processing; categories of personal data concerned; the recipients or categories of recipients to whom or to whom the personal data has been or will be communicated, including in particular recipients in third countries and international organizations; the planned period of storage of personal data; the right to rectification, deletion or restriction of data processing and the right to protest; the right to submit a complaint to the supervisory authority; information about data sources; the fact of automated decision-making, including profiling, as well as comprehensible information about the applied logic and the significance of such data management and the expected consequences for the data subject. The data controller shall provide the information within a maximum of one month from the submission of the request.

7.3. Right of rectification

The data subject may request the correction of inaccurate personal data concerning him/her managed by the service provider and the addition of incomplete data.

7.4. Right to erasure

If one of the following reasons exists, the data subject has the right to request that the service provider delete his personal data without undue delay:

Deletion of data cannot be initiated if data management is necessary: for the purpose of exercising the right to freedom of expression and information; for the purpose of fulfilling the obligation under the EU or Member State law applicable to the data controller requiring the processing of personal data, or for the execution of a task performed in the public interest or in the context of the exercise of public authority conferred on the data controller; relating to the field of public health, or for archival, scientific and historical research or statistical purposes, based on public interest; or to submit, assert or defend legal claims.

7.5. The right to restrict data processing

At the request of the data subject, the service provider restricts data processing if one of the following conditions is met:

If data management is subject to restrictions, personal data, with the exception of storage, will only be used with the consent of the data subject, or for the presentation, enforcement or protection of legal claims, or for the protection of the rights of another natural or legal person, or for the Union or a member state can be handled in the public interest.

7.6. Right to data portability

The data subject has the right to receive the personal data concerning him/her provided to the data controller in a segmented, widely used, machine-readable format, and to forward this data to another data controller.

7.7. Right to protest

The data subject has the right to object at any time for reasons related to his own situation against the processing of his personal data necessary for the execution of a task carried out in the public interest or in the context of the exercise of a public authority vested in the data controller, or for the enforcement of the legitimate interests of the data controller or a third party, including the aforementioned also profiling based on provisions. In the event of a protest, the data controller may no longer process the personal data, unless it is justified by compelling legitimate reasons that take precedence over the interests, rights and freedoms of the data subject, or that are related to the submission, enforcement or defense of legal claims.

7.8. Automated decision-making in individual cases, including profiling

The data subject has the right not to be covered by a decision based solely on automated data management, including profiling, which would have legal effects on him or affect him to a similar extent.

7.9. Right of withdrawal

The data subject has the right to withdraw his consent at any time.

7.10. Right to go to court

In the event of a violation of their rights, the data subject may apply to court against the data controller. The court acts out of turn in the case.

7.11. Data protection official procedure

You can file a complaint with the National Data Protection and Freedom of Information Authority:

Name: National Data Protection and Information Freedom
Authority Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.
Mailing address: 1530 Budapest, Pf.: 5.
Phone: 0613911400
Fax: 0613911410 E-mail:

8. Other provisions

We provide information on data management not listed in this information when the data is collected.

We inform our customers that the court, the prosecutor, the investigative authority, the infringement authority, the public administrative authority, the National Data Protection and Freedom of Information Authority, the Hungarian National Bank, or other bodies based on the authorization of the law, provide information, communicate data, and transfer , or they can contact the data controller to provide documents.

The service provider only discloses personal data to the authorities - if the authority has indicated the exact purpose and the scope of the data - to the extent and to the extent that is absolutely necessary to fulfill the purpose of the request.