Privacy Policy

This data processing notice regulates the processing of personal data by Passed Informatikai Kft. (hereinafter referred to as the “Data Controller”). We respect the privacy of our website visitors and those interested in our services, and as such, we only collect and process information that is necessary for the purposes specified in this notice. The use of our website and services is entirely voluntary, and any personal data required for this purpose is also provided voluntarily. These data will be processed based on consent, contract performance, legal obligations, or legitimate interests, depending on the purpose. The aim of this notice is to ensure transparency in our data processing activities, and to make the purpose, tools, legal basis, and, most importantly, the rights provided in relation to each processing operation clearly understandable.

Applicable Legislation

When drafting this notice, special consideration has been given to the Regulation (EU) 2016/679 of the European Parliament and Council (“General Data Protection Regulation” or “GDPR”), Act CXII of 2011 on the Right to Informational Self-Determination and on Freedom of Information (“Infotv.”), Act V of 2013 on the Civil Code (“Ptk.”), Act CVIII of 2001 on Electronic Commerce Services and Certain Issues of Information Society Services (“Eker. tv.”), as well as the provisions of Act XLVIII of 2008 on the Fundamental Conditions and Certain Restrictions of Economic Advertising Activities (“Grtv.”). In the preparation of this notice, we also took into account the recommendations of the National Authority for Data Protection and Freedom of Information regarding the data protection requirements of preliminary information.

Contact Information of the Data Controller

• Data Controller: Passed Informatikai Kft.
• Representative: János Pongrácz, Managing Director
• Headquarters: 1095 Budapest, Tinódi Street 1-3. C 1/9.
• Phone Number: +36 1 789 2525
• Company Registration Number: 01-09-870527
• Tax Number: 13735159-2-43

Contact Information Regarding the Data Protection Rights Mentioned Below:

• By Mail: 1095 Budapest, Tinódi Street 1-3. C 1/9.
• By Phone: +36 1 789 2525
• By E-mail: info@passed.hu
• Website: www.passed.hu

The details outlined in this data processing notice relate to sending newsletters, EDM (electronic direct marketing), service orders (online or offline), and the management of the website www.passed.hu. We will respond to your inquiry without delay, but no later than within 1 month, unless legal conditions allow for a 2-month extension for the response.

What types of data do we collect and for what purposes?

1. Newsletter Subscription

We send newsletters occasionally to those interested in the opportunities in software testing.
Our newsletters provide updates on current events, and we share our latest news, professional materials, publications, events, training opportunities, job offers, and possibly updates from our contracted partners on similar topics.

When subscribing to our newsletter, we collect the following data:

• Name
• Email address
• Subscription date
• IP address

Providing your data is entirely voluntary. You can unsubscribe from our newsletter at any time by using the link at the bottom of any of our emails. After unsubscribing, we will delete your data and will not send you any further newsletters. We will process your data until you unsubscribe from the newsletter. You can also request the deletion of your personal data by postal mail at 1095 Budapest, Tinódi Street 1-3. C 1/9, or by email at info@passed.hu.

2. Contact Page

On the contact page, you can ask questions about our services and request a quote. Please do not share personal data that is not necessary during the quotation/inquiry phase. If it is necessary, we will handle your data confidentially. By providing your data, we interpret it as sharing the information to prepare for a possible future contract. The provision of data is voluntary. We will keep your data for the statutory limitation period for enforcing civil law claims, which is 5 years according to current regulations.

Types of data collected on the page: Name, phone number, registration date.

3. Career Page

The purpose of data processing on the Career page is to apply for a job posted by Passed Informatikai Kft., evaluate the application, establish an employment relationship, and notify the applicant about future job offers that Passed Informatikai Kft. deems suitable for the applicant’s qualifications and professional experience. The personal data provided by applicants is only accessible to the relevant staff members involved in the recruitment and selection process, who have a role in decision-making or making recommendations regarding employment. The provision of data is voluntary. The data will be stored for 1 year from the date of consent.

Types of data collected on the page: Name, mobile number, email address, CV, registration date.

4. Social Media Pages

We also maintain contact with our followers on our social media pages, such as Facebook and LinkedIn. On these platforms, we can see the registered name and public profile picture of users who have registered on these social media platforms and permitted the social media platform operator to access this information through their privacy settings. In this case, the data processing takes place on the respective social media platforms, so the duration, method, and data deletion and modification options are governed by the respective platform’s policies.

Who will receive your data?

Your personal data may be processed by our employees and by data processors with whom we have signed a written data processing agreement. Both our employees and our data processors, along with their direct employees, may handle your data only to the extent necessary to achieve the purpose of data processing and for the duration allowed by the legal basis.

The data processors do not make independent decisions; they are authorized to act only based on the contract with us and the instructions given to them. We monitor the work of our data processors, and our data processors are only allowed to use other data processors with our consent.

Data processors used by Passed Informatikai Kft. as the data controller:

• Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – statistical services
• Facebook Inc. (4 Grand Canal Square, Dublin, Ireland) – statistical services, advertisement display
• LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland) – statistical services

Data Security

We protect your data, especially against unauthorized access, alteration, transmission, disclosure, deletion, or destruction, as well as accidental loss and damage. Together with our server providers, we implement technical, organizational, and procedural measures to ensure the security of the data at a level that corresponds to the risks associated with data processing.

What Rights Do You Have?

As a data subject, you can request information about the processing of your personal data, request corrections, or, except for data processing mandated by law, request deletion of your personal data, for example, through the link provided in the footer of our newsletters or through any of our contact details.
Upon your request, we will provide information about the data we process, the purpose, legal basis, duration of processing, and the name and address of the data processor, as well as the activities related to the data processing, including who receives or has received the data and for what purposes.
We are required to respond to your request as soon as possible, but no later than within 1 month, in writing, in an understandable format, and free of charge. We are also required to correct any personal data that is incorrect. We will delete personal data if its processing is unlawful, if the data subject requests it, if it is incomplete or inaccurate and cannot be lawfully corrected, provided that the deletion is not prohibited by law, if the purpose of the data processing has ceased, the retention period set by law has expired, or it was ordered by a court or the data protection authority.
We will notify the data subject and all recipients of the data, unless this is unnecessary in relation to the purpose of the data processing and does not harm the legitimate interests of the data subject.

Right to Object

The data subject may object to the processing of personal data if the processing (transfer) of personal data is necessary only for the enforcement of the controller’s legal rights or legitimate interests, except where the processing is required by law, or for public opinion polling or scientific research, or where otherwise provided by law.
As data controllers, we are obligated to suspend the processing upon receiving the objection and investigate it within the shortest time, but no later than within 15 days, and inform the requester of the outcome in writing. If the objection is justified, we will cease the data processing, including further data collection and transmission, and notify those to whom we previously transferred the data, informing them of the objection and the actions taken to enforce the right to object.

Complaint Filing Option

If you suspect any infringement of your rights, please contact us at info@passed.hu or by post at 1095 Budapest, Tinódi utca 1-3. C 1/9.. We will do everything to investigate the matter and compensate for any inconvenience.
If your rights are violated, you may also turn to the court (depending on your choice, either at the defendant’s registered office or the data subject’s place of residence). The court will handle the case on an expedited basis. Legal fees related to the protection of personal data are exempt from charges.

You also have the right to file a complaint with the National Authority for Data Protection and Freedom of Information:

• Address: 1055 Budapest, Falk Miksa u. 9-11
• Mailing address: 1363 Budapest, P.O. Box 9
• Phone: +36 -1-391-1400
• Fax: +36-1-391-1410
• Email: ugyfelszolgalat@naih.hu

Complaint Submission Opportunity

If you suspect a violation of your rights, please contact us via email at info@passed.hu, or by mail at 1095 Budapest, Tinódi utca 1-3. C 1/9. We will take all necessary steps to investigate the case and compensate you for any inconvenience caused.

In case of a violation of your rights, you may also file a lawsuit (depending on the location of the defendant’s registered office or the affected person’s residence). The court will handle the case on an expedited basis. A lawsuit related to the protection of personal data is exempt from fees.

You can also file a complaint with the National Authority for Data Protection and Freedom of Information:

National Authority for Data Protection and Freedom of Information

• 1055 Budapest, Falk Miksa u. 9-11
• Mailing address: 1363 Budapest, P.O. Box 9
• Phone: +36-1-391-1400
• Fax: +36-1-391-1410
• Email: ugyfelszolgalat@naih.hu

Cookie Usage

Like many others, Passed Informatikai Kft. uses cookies to improve the quality of our services, enhance user experience, and display relevant, interest-based advertisements through behavior-based marketing. This is done only with your consent when you accept the use of cookies and web beacons in our cookie banner. You can also modify the default settings via the link in the banner. The storage period, name, and purpose of the cookies and web beacons can be found in our cookie banner, which you can modify at any time on our website.

The system of Passed Informatikai Kft. automatically records the user’s computer’s IP address, the start time of the visit, and in some cases, depending on the computer’s settings, the type of browser and operating system. The data recorded cannot be linked to other personal data. The data processing is for statistical purposes only. Cookies enable the website to recognize previous visitors. They help optimize the website and tailor its services to the user’s preferences. Cookies also help:

• Remember settings, so the user doesn’t need to enter them again when visiting a new page,
• Remember previously entered data, so it does not need to be re-typed,
• Analyze website usage to improve it based on the information gathered, ensuring the site works as expected and users can easily find the information they seek,
• Monitor the effectiveness of our advertisements.

As the Data Controller, with explicit consent, we use cookies, web beacons, and pixels to display ads and marketing materials to Users with the assistance of Google and Facebook. This also includes the transfer of event data, such as page views. The data processing happens without human intervention. By disabling cookies, the User acknowledges that the website will not function optimally.

Google Ads Conversion Tracking

1. We use the “Google Ads” online advertising program as a Data Controller and utilize the Google conversion tracking service within its framework. Google conversion tracking is an analytical service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).
2. When a user reaches our website via a Google ad, a conversion tracking cookie is placed on their computer. These cookies have a limited validity period.
3. When the User browses specific pages on the website, and the cookie is still active, Google and the Data Controller can see that the User clicked on the ad.
4. Each Google Ads client receives a different cookie, meaning they cannot be tracked across Ads client websites.
5. The information gathered via conversion tracking cookies is used to prepare conversion statistics for Ads clients who opt for conversion tracking. This helps clients understand how many users clicked on their ad and visited a page with the conversion tracking tag.
6. If you don’t wish to participate in conversion tracking, you can decline it by disabling cookie installation in your browser. You will not appear in the conversion tracking statistics.
7. More information, as well as Google’s privacy statement, is available here: google.de/policies/privacy/

Use of Google Analytics

1. Our websites use Google Analytics, a web analytics service from Google Inc. (“Google”). Google Analytics uses cookies, which are text files saved on your computer, to help analyze the use of websites you visit.
2. The data created by cookies about your use of the website is usually transferred and stored on a server in the USA. By activating IP anonymization on the website, Google will shorten the User’s IP address within the European Union or other states party to the European Economic Area Agreement.
3. The full IP address is only sent to a Google server in the USA in exceptional cases and shortened there. Google will use this information to evaluate how you use our website, to generate reports on website activity for us, and to provide further services related to website and internet usage.
4. Google does not combine the IP address transmitted by your browser within the Google Analytics framework with other Google data. You can prevent the storage of cookies by adjusting your browser settings, but please note that in this case, some features of our website may not work fully. You can also prevent Google from collecting and processing data about your use of the website (including the IP address) by downloading and installing the browser plugin available here: https://tools.google.com/dlpage/gaoptout?hl=hu
5. We use Google Analytics to analyze website traffic for system development purposes. In this case, no personal data is collected. Such data is shared with other Google services for development purposes.
6. With consent, we also use Google Analytics for marketing purposes.

Use of Facebook Ads

1. We use Facebook’s advertising system as a Data Controller and also utilize the Facebook Pixel solution within its framework. Facebook Ads are a service of Facebook Inc. (4 Grand Canal Square, Dublin, Ireland).
2. When a User visits our website, after giving consent, a cookie is placed on their computer. These cookies have a limited validity period.
3. When the User browses specific pages on the website and the cookie is still active, both Facebook and the Data Controller can see that the User visited the site and which pages were viewed.
4. Each visitor receives a different Facebook cookie.
5. The information we obtain via Facebook cookies is used to display ads more accurately to visitors of our website, and with their help, we also obtain conversion information.
6. If you do not wish to participate in conversion tracking, you can decline it by disabling cookie installation in your browser. You will not appear in the visit or conversion tracking statistics.
7. Using the Facebook Pixel, we collect events such as page visits with the express consent of the website’s visitors.
8. If a website visitor withdraws their consent for Facebook pixels to function, the relevant cookies will be deleted from their browser after the page reloads.
9. You can modify your ad preferences on Facebook via the following link: https://www.facebook.com/ads/preferences
10. Facebook’s privacy information is available here: https://www.facebook.com/privacy

As the Data Controller, we comply with legal requirements, and we process personal data solely based on a legal basis defined by law. We adhere to the principles for processing personal data. These principles and legal bases are summarized below.

Concepts related to data protection

1. Personal data: Any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
2. Data processing: Any operation or set of operations which is performed on personal data, such as collection, recording, organization, structuring, storage, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
3. Data controller: The natural or legal person, public authority, agency, or any other body that determines the purposes and means of processing personal data, either alone or jointly with others. The data controller may be subject to specific requirements under EU or national law.
4. Data processor: A natural or legal person, public authority, agency, or other body that processes personal data on behalf of the data controller.
5. Recipient: A natural or legal person, public authority, agency, or any other body to whom or with whom personal data is disclosed, regardless of whether it is a third party.
6. Third party: A natural or legal person, public authority, agency, or any other body which is not the data subject, the data controller, the data processor, or any person authorized to process the data under the direct authority of the data controller or processor.
7. Consent of the data subject: The voluntary, specific, informed, and unequivocal indication of the data subject’s wishes, expressed by a statement or a clear affirmative action, by which they consent to the processing of their personal data.
8. Data breach: A security breach that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise processed.

Principles of Personal Data Processing

1. Personal data must be processed lawfully and fairly, and in a transparent manner for the data subject (“lawfulness, fairness, and transparency”);
2. It must be collected for specified, legitimate, and clear purposes, and not further processed in a way that is incompatible with those purposes; further processing for archiving in the public interest, scientific or historical research purposes, or statistical purposes is not considered incompatible with the original purpose (“purpose limitation”);
3. Personal data must be adequate, relevant, and limited to what is necessary for the purposes of processing (“data minimization”);
4. Personal data must be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, for the purposes of processing, are erased or rectified without delay (“accuracy”);
5. Personal data should be kept in a form that permits the identification of data subjects only for as long as necessary for the purposes of processing; personal data may only be stored for longer periods if they are to be processed for archiving purposes in the public interest, scientific or historical research, or statistical purposes, in accordance with the appropriate technical and organizational measures required under this regulation to protect the rights and freedoms of the data subjects (“storage limitation”);
6. Personal data must be processed in such a way as to ensure appropriate technical or organizational measures are in place to provide appropriate security of personal data, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage (“integrity and confidentiality”).

The data controller is responsible for compliance with the above, and must be able to demonstrate this compliance (“accountability”).”

Legal Basis for Data Processing

The processing of personal data is lawful only if at least one of the following applies:

1. The data subject has given consent to the processing of their personal data for one or more specific purposes;
2. The processing is necessary for the performance of a contract to which the data subject is a party, or for taking steps at the request of the data subject prior to entering into a contract;
3. The processing is necessary for compliance with a legal obligation to which the data controller is subject;
4. The processing is necessary to protect the vital interests of the data subject or another natural person;
5. The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller;
6. The processing is necessary for the purposes of legitimate interests pursued by the data controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, particularly if the data subject is a child.

Budapest, April 9, 2021.