Privacy Policy

Dear Visitor,

The protection of your personal data is of primary importance for FGSZ Zrt.

We are fully aware of the fact that you are hold the right of disposal over your personal data, and therefore we will, to the best of our ability, ensure the thoughtful and safe processing and storage of data provided to us.

Your confidence is highly appreciated, and therefore the least possible information is collected, while it is done only with your permission at all times. All data are used exclusively for the purpose defined in advance, and they are not disclosed to third parties without your consent.

At FGSZ Zrt., we make all efforts to ensure the protection of your data, including the deployment of technical data protection and internal processes, as well as the implementation of physical data protection measures.

Since the trust of our customers and visitors is of primary importance for us, we will protect your personal data to the best of our abilities.

Thank you for your continued interest and support.

Data Management Notice

FGSZ Natural Gas Transmission Private Company Limited by Shares – registered address at 
H–8600 Siófok, Tanácsház u. 5.

Last revision: 24.05.2018

Table of contents:

1. General provisions and contact information 

2. Updating and accessibility of the Notice

3. Understanding and acceptance of the Notice

4. Scope of the managed data and data management objectives

5. Decision based on automated data processing

6. Persons authorized to process data (editor, admin)

7. Data transfers

8. Sending direct mails

9. Cookies and web beacons, anonymous information through the use of our websites

10. Personal data relating to children and third parties

11. Data security measures

12. Links

13. Rights and legal remedies for data subjects in the course of registration, job applications and other voluntary contacts

14. Public communication options and other issues

 

1. General provisions and contact information 

This is the data control notice of (“Notice”) belongs to FGSZ Natural Gas Transmission Private Company Limited by Shares (registered address: H–8600 Siófok, Tanácsház u. 5.) – hereinafter referred to as “FGSZ” –, and is applicable to your personal data collected and managed by FGSZ.

 

FGSZ’s address: FGSZ Földgázszállító Zrt., H–8600 Siófok, Tanácsház u. 5.

FGSZ is registered by Company Registry Court of the Tribunal Court of Kaposvár

Company registration number: 14-10-300230

Tax number: 12543331-2-14

If you have any questions or comments regarding this Notice, prior to using the https://www.rbp.eu

website, or providing any information as described in this Notice, please contact our Customer Services at any of the following contacts:

FGSZ’s contact information: the rbp@fgsz.hu e-mail address or the office telephone number of the Customer Services: +36 (70) 938-7961.

 

2. Updating and accessibility of the Notice

FGSZ reserves the right to modify or amend this Notice at its own discretion, with effect from the date of such modification or amendment. In view of the foregoing, it is recommended to regularly visit the https://rbp.eu website in order to keep track of the changes.

On your kind request, we will send you a copy of the Notice in effect from time to time.

 

3. Understanding and acceptance of the Notice

By making available any personal data or information, you represent to have understood and expressly accepted the version of this Notice in effect on the date of such data or information disclosure.

When using certain individual services, specific data protection conditions may also apply; you will be notified of such conditions prior to using the service.

 

4. Scope of the managed data and data management objectives

When using certain websites (rbp.eu, fgsz.hu) or in connection with specific services (RBP, OTR, IPDATA), you may be requested to provide personal data, or you have to register and provide personal data (Regional Booking Platform registration form), and during your communication with FGSZ you may voluntarily disclose data (name, e-mail address). Some of the information we collect is considered “personal data” pursuant to Section 2 of Article 3 of Act CXII of 2011 on the right of informational self-determination and on freedom of information (“Info Act“), and pursuant to the provisions of the General Data Protection Regulation (“GDPR“) adopted under no. 2016/679/EU.

The scope of the managed data, the objectives of data management, the duration of the processing and the scope of persons with the right of access are shown in the following table.

Please note that by making available any personal data or information, you represent to have understood and expressly accepted the version of the entire data management notice in effect on the date of such data or information disclosure.

FGSZ basically processes the following personal information:

  • For the purpose of operating the Call Center and complaint management – registration of telephone numbers and e-mail communications.
  • For the purpose of assessing customer satisfaction – registration of e-mail communications in the form of newsletters
  • For the purpose of filling in the Regional Booking Platform registration form – registration of all requested data

 

5. Decision based on automated data processing

Registration confirmation mails are part of automated data processing; such mails are generated with the use of non-personal data provided by the customer, and sent to the customer by the system used by FGSZ, in line with the relevant pre-specified rules. This is how the Newsletter or the customer satisfaction assessments are operated. This is a standard format mail showing the data of the customer and the registered product; it is sent out by FGSZ’s Customer Relationship Management (CRM) system.

 

6. Persons authorized to process data (editor, admin)

For the purpose of performing the technical tasks relating to data management operations, FGSZ engages the data processors listed in the table below. The rights and obligations of data processors in association with the processing of personal data are defined by FGSZ as the data controller in the context of the Info Act, GDRP, as well separate acts pertaining to data management. As the data controller, FGSZ shall be liable for the legality of its instructions given. The data processor may not make any substantial decision affecting data management, and may process any personal data that it comes in possession of pursuant to the instructions of FGSZ as the data controller; it may not perform data processing for its own purposes, and is obliged to store and preserve personal data as required by FGSZ as the data controller.

 

Record-keeping of customers information

RBP customers

rbp.eu

Sales and Customer Support

e-mail address, name

Until deletion requested

 

7. Data transfers

Data provided in connection with the performance of financial services and the consummation of financial transactions via the Internet will be transferred to OTP Bank Nyrt. and ING Kereskedelmi Bank Magyarország through the credit card acceptance network of OTP Bank Nyrt. and ING Kereskedelmi Bank Magyarország for the purpose of completing the financial transactions.

Please see the relevant table above for the description of the purpose of the data transfer relating to data management described as “Data linking with the purpose of (1) facilitating the central withdrawal of consents to data management operations performed by certain MOL group company, and (2) sending further personalized marketing communication to your mobile phone via various marketing channels, such as emails, text messages (SMS) and pop-up messages (notifications other than emails or text messages, displayed in pop-up windows) and other communication”.

 

8. Sending direct mails

We might send you direct letters to the e-mail address given at the registration, in which we will remind you every time that you can request the deletion of your personal data from FGSZ at any time, without limitation and free of charge.

 

9. Cookies and web beacons, anonymous information through the use of our websites

Cookies are used in certain parts of the fgsz.hu website. Cookies are files that store information on your hard drive or your web browser. Cookies enable the website to recognize you if you visited that site earlier. Cookies help us to understand which parts of the website are the most popular, as they show the pages viewed by our visitors and the time they spend there. By studying the results, we can adjust the website to better serve your needs, and therefore provide you with a more diverse user experience. For example, with the use of cookies we can ensure that the next time you visit our website the displayed information matches your expectations as a customer.

When you visit one of our websites, such technical information may be automatically collected which will not personally identify you. Such information may include the name of another website that has directed you to the given website, the location from where the website has been accessed or the searches performed at the website. The collection of such information assists us in recognizing the preferred search habits of the users at our website without the use of personal data. This information is solely used internally. Anonymous or generic data from which you cannot be identified is not considered as personal information, and therefore they do not fall within the scope of this Notice.

You may set up your web browser to accept all cookies, reject all cookies or notify you when a cookie is pushed to your PC. Each web browser is different, so please use the “Help” menu in your browser to change the settings for cookies.  For example in case of Microsoft Internet Explorer, go to “Tools/Internet Options” to turn off cookies and change the security settings. The https://rbp.eu website has been designed to operate with the use of cookie, and for this reason disabling cookies may affect the usability of the website and prevent you from enjoying all benefits.

Cookies used at the websites:

  • Analytics, tracking
  • User ID, session cookie

We do not exchange cookies with third parties or with websites operated by third parties.

The https://rbp.eu website and any communication resulting from the use of and/or registration at the website, such as promotional emails, may contain electronic images called web beacons. Web beacons operate similarly to cookies, and can be used e.g. for the following:

  • counting the number of website visitors;
  • monitoring your activities in connection with any email, or if you clicked link to – for instance – the terms and conditions of entry to a competition;
  • having suggestions as to the success of any marketing campaign or competition;
  • establishing the success of certain aspects of a website in raising the interest of visitors;
  • determining the success of advertisements and competitions in terms of sales; or
  • helping to determine the popularity of a product or service, and how such interest is divided between FGSZ products and services.

10. Personal data relating to children and third parties

Persons under the age of 16 may not provide their personal data unless it is approved by their parents.

By making your personal data available, you represent and warrant to act in proper observance of the foregoing, and that your capacity in relation to the disclosure of information is not restricted.

In case you are not legally entitled to disclose any personal data independently, you are required to obtain the consent of the third parties concerned (e.g. authorized family member, guardian, custodian or any other person, such as a customer, on whose behalf you act) or ensure other legal grounds for the provision of data. In this context, you are required to consider whether the consent of a third party is necessary in connection with the disclosure of the personal data in question. There may be situations when FGSZ does not come in personal contact with you, and therefore you are required to ensure compliance with the requirement herein, while FGSZ may not be held liable in this respect. Nevertheless, FGSZ shall at all times be entitled to verify the existence of proper legal grounds for managing any personal data. For instance, if you are acting on behalf of a third person – e.g. a family member – we are entitled to request you to present your authorization and/or the appropriate consent of the data subject to data management.

We will make all reasonable efforts to delete all the information unduly disclosed to us, and ensure that such information is not transferred to other parties or used by us, either (for use in advertising or for any other purpose). Please let us know immediately if you have learnt that children provided personal data about themselves, or in case a third person disclosed personal data about you. You may contact us at any of the contacts provided at the beginning of this Notice.

11. Data security measures

The security of your information is protected by the following means:

  • encryption of the passwords defined by the user;
  • communication via encrypted TLS/SSL channel; and
  • restriction of access to information (for example, only those of our employees may have access to information who are need of it towards accomplishing the above-mentioned goals).

You are kindly requested to help us in protecting information by avoiding the use of any obvious login name or password and regularly changing your password; furthermore, please do not make your password available to others.

Records of communications with the Call Center may exclusively be accessed by those appointed and dedicated employees who signed separate confidentiality agreements.

 

12. Links

The https://rbp.eu website may contain links to other websites not controlled by us, and in turn websites not controlled by us may also offer such opportunities to link to our https://rbp.eu website. When you leave the https://rbp.eu website, we may not be held liable for the safety of any information you disclose at other websites. It is recommended to act with caution and study the confidentiality documents of such websites thoroughly.

 

13. Rights and legal remedies for data subjects in the course of registration, job applications and other voluntary contacts

In general, the data subject may ask the data controller for (a) information on the management of the data subject’s personal data, (b) the correction of personal data, and (c) the deletion or blocking of personal data unless statutory data management is performed. Upon the data subject’s request, the data controller shall provide information after the submission of the request as soon as possible and no later than within 25 days in writing, in a clearly understandable form.

If the data controller does not fulfill – in writing or by electronic means if approved by the data subject – the data subject’s request for correction, blocking or deletion within 25 days following the receipt of the request, the factual and legal causes of the refusal of the request for correction, blocking or deletion shall be communicated.

The legal basis of the data management is the voluntary consent of the users, which is deemed to be given by opening the website or entering certain parts thereof subject to registration.

a) Right to be informed

Users may request information about the management of their personal information. Upon the data subject’s request, the data controller shall provide information in relation to the data managed by the data controller in association with the data subject, the purpose of data management, its legal grounds and duration, the name, address of the data processor and its activities associated with data management, as well as who has or will receive the data and for what purposes. Such information may be requested at the data controller’s postal address (registered address: H–8600 Siófok, Tanácsház u. 5.) or via the rbp@fgsz.hu email address.

The same contacts can be used for the initiation of the correction or deletion of the user’s personal data.

Any user who believes that the data controller has violated its right to the protection of his/her personal data may state its claim before a civil court, or request the assistance of the National Authority for Data Protection and Freedom of Information (hereinafter referred to as the Authority). Detailed provisions pertaining to the foregoing and the data controller's obligations are set out in the Info Act.

b) Right to correction, deletion, blocking

If any personal data are false, while the true personal data are available to the data controller, the personal data shall be corrected by the data controller. Personal data shall be deleted if the data management is unlawful; if so requested by the data subject as specified above; if the data is incomplete or inaccurate – and such conditions may not be legally remedied – provided that such deletion is not excluded by law; if the purpose of data management no longer exists, or if the period for data storage specified by legislation expires; if ordered by any court of justice or the Authority.

Personal data shall be blocked instead of deletion if so requested by the data subject, or if there are reasonable grounds to believe that the deletion would be injurious to the legitimate interests of the data subject. Blocked data may still be managed as long as the purpose of data management that has excluded the option to delete the personal data exists. The data controller shall mark the managed personal data in case the data subject disputes their correctness or accuracy, but such incorrectness or inaccuracy may not be clearly ascertained.

When any data are corrected, blocked, marked or deleted, the data subject and all recipients to whom they have been forwarded for data management shall be notified. Notification is not required if it does not violate the rightful interest of the data subject in light of the purpose of data management.

In the event of any inappropriate use of the website, or if it so requested by the user, the data controller shall delete the data of the data subject. Such deletion will be executed within 8 days following the receipt of the demand for deletion. The data controller shall annually notify the Authority of any refused requests until 31 January of the year following the year of the request. Where correction, blocking or deletion is refused, the data controller shall inform the data subject in relation to the possibilities for seeking judicial remedies or lodging a complaint with the Authority.

c) Right to object

The data subject shall have the right to object to the management of personal data if the management or transfer of personal data is required exclusively for fulfilling the legal obligations of the data controller or the enforcement of the legitimate interest of the data controller, the data recipient or a third party, except in the case of mandatory data management, when personal data are used or transferred for the purpose of direct marketing, public opinion poll or scientific research; and in other cases specified by law.

In cases described in Article 21 of the Info Act, the data subject may object to the use of his or her personal data. In the event of such objection, the data controller shall investigate the cause of objection within the shortest possible time and no later than within 25 days, adopt a decision as to merits, and notify the data subject in writing of its decision.

If based on the findings of the data controller the data subject’s objection is justified, the data controller shall terminate all processing operations (including data collection and transmission), block the data involved and notify all recipients to whom any of these data have been previously transferred concerning the objection and the ensuing measures, upon which these recipients shall also take measures regarding the enforcement of the objection. If the data subject disagrees with the decision made by the data controller, or the data controller fails to meet the respective deadline, the data subject shall have the right to turn to court within 30 days following the last day of the deadline.

In the event of any breach of the rights of the data subject, and in cases described in Article 21 of the Info Act, the data subject has the right to seek ruling from a court. At the data subject’s own discretion, the court proceedings may as well be initiated at the tribunal court at the address or temporary place of residence of the data subject.

The court shall act in extraordinary proceedings in these cases. The data controller shall be liable for any damage caused to a data subject as a result of unlawful processing or by any breach of data security requirements, The data controller shall be liable for damage caused to the data subject by the data processor, as well. The data controller shall be exempted from its liability if it can evidence that the damage has resulted from any uncontrollable cause beyond the scope of data management. The damage need not be indemnified in case it has a result of deliberate or gross negligence of the damaged party.

Furthermore, any person may initiate investigation by making a report to the National Authority for Data Protection and Freedom (http://naih.hu/; H–1530 Budapest, Pf.: 5.; telephone: +36-1-391-1400; fax: +36-1-391-1410; e-mail: ugyfelszolgalat@naih.hu), claiming any infringement relating to his or her personal data or associated with the exercise of the rights to have access to public information or information of public interest, or if there is imminent danger of such infringement.

The detailed description of the rights and legal remedies relating to data management is provided in Section 13–17 and 30 of the Info Act.

Prior to the initiation of any procedure it may be appropriate to send the complaint to the data controller.

 

14. Public communication options and other issues

 As part of our services, the public communication channels are used at your own risk. The personal intellectual rights of various comments belong to the specific users, but the given user may not enforce any claim for property rights or demands against the data controller; furthermore, the data controller shall have the right to make reference to such comments without limitations, and may make copies and/or moderate and/or modify them.

Registered users have the opportunity to send their opinions and comments to the data controller, while the data controller will not publish, but delete comments that violate legislation or personality rights, or comments that do not comply with the business policies, principles of the data controller. Moreover, comments may be printed, downloaded or distributed by third persons for personal use only, and may exclusively be used with the written consent of the data controller.

Our users are also to note that any comments and public communication published via public communication channels are subject to the legal regulations governing public communication.

The use of the Internet entails various threats to privacy. Please be advised that your opinion published at the website is considered as personal data that is suitable for deriving information in relation your specific details, origin or political views. Such data may become available to anyone. It is therefore recommended to use PET technology (Privacy Enhancing Technology) in order to safeguard your personal data. Several websites show relevant information.

Important websites

Effective legal regulations: www.magyarorszag.hu