Loading...

Our Privacy Policy was last updated on June 2024

First One (1One Kft.) its subsidiaries and affiliates hereinafter as First One or We, respects the personal data of users and related rights, we want to make the user’s experience as safe as possible. This privacy policy hereinafter as Privacy Policy applies to all access to and use of this website hereinafter as Website, the purchasing of services, as well as the services available through this Website, by First One, including without limitation, any First One services hereinafter as Services.

GDPR PII Definition:  Personal Identifiable Information hereinafter as PII is any data that can be used to clearly identify an individual. Some examples: your mailing address, email address and phone numbers. As technology has improved, the scope of PII has grown considerably to now include IP addresses, login ID details, social media posts and digital images, as well as geolocation, behavioural and biometric data.

When you, the user hereinafter as You or User uses the Services visting this Website, your Personal Data including PII will be processed subject to the terms of this Privacy Policy. At the same time by visiting (opening) the Website or using any First One Services, the User consent this Privacy Policy and the terms and restrictions described in it.

If you have any questions or complaints contact us: dpo@1one.hu.

1. Liability

1.1. First One does not assume any responsibility for such – primarily a computer virus

caused – for damage caused to the User’s computer equipment or other property by

occurred during access, the use of the services, the Websites, or electronic correspondence. The former

based on the User’s obligation before downloading the documents and information on the Websites

ensure adequate virus protection.

1.2. First One is not liable for behavior (especially damage) that a

It results from the unprofessional and illegal use of websites – services.

1.3. The User is subject to conditional and unlimited liability both with First One and with third parties

against a person for the truthfulness of the data and information provided by the User, or

for its legality. The User has unlimited liability for damages resulting from the violation of the above provision

has an obligation (responsibility).

1.4. The use of any system or solution for the operation of the Websites is prohibited

aims at or may result in the downtime of used servers, or which otherwise endangers you

may endanger the operation of the Websites.

First One does not examine the content of the sites linked to

provides. First One assumes no responsibility for the content of these off-sites.

The risk of opening (linking) any off-site is borne by the User. The Websites

may contain links to websites that are independent of First One

(hyperlinks), which are maintained by third parties and whose content is responsible for the

The service provider does not assume any responsibility, especially on foreign websites and

For legal violations committed with websites and for damages caused.

How We Use Personal Data

1. We may process meta data in connection with your use of our Website and/or the Services hereinafter as User Data . User Data may include your IP address, location, type of browser and version, operating system, referral source, visit length, page views and Website navigation paths, as well as information about the frequency and timing of your use of the service. User Data may be processed for the purposes of analyzing the use of the Website and Services, operating our Website, improving and customizing the Services, ensuring the security of our Services, maintaining back-ups of our databases and communicating with you.

2. When registering on our Website you may be asked to enter your name, email address, mailing address, telephone number, email address, or other details hereinafter as Entered Data. You are the source of such account data, and such data may be processed for the purposes of operating the Website, providing the Services, ensuring the security of the Website and Services, maintaining back-ups of our databases and communicating with you.

3. We may process information contained in any enquiry you submit to us regarding Services hereinafter as Enquiry Data. The Enquiry Data may be processed for offering Services and/or renewals, and selling relevant Services to you.

4. We may process information relating to transactions that you enter into with us and/or through our Website, such as the purchasing of Services hereinafter as Transaction Data. The Transaction Data may include your contact details, your card details and the transaction details. The Transaction Data may be processed for supplying the purchased goods and Services and keeping records of transactions.

5. We may process information that you provide to us for the purpose of subscribing to our email notifications, offering you services, or promotions which may interest you hereinafter as Notification Data. The Notification Data may be processed for the purposes of sending you relevant Notification Data.

6. We may process any of the types of data described in this Section 1 if we are required to do so by court-order, any legal obligation to which we are subject, or when necessary, for the establishment, exercise or defense of legal claims. The legal basis for this processing is our legitimate interests, namely of the Website’s legal rights, your legal rights and the legal rights of others.

7. Please do not supply any other person’s PII to us without the specific and explicit consent of all parties, including the owner of such PII.

2. Providing your PII to others

1. We may disclose PII to any member of our group of companies, including subsidiaries, holding companies and all of their respective subsidiaries (if any), insofar as reasonably necessary for the purposes set out in this Privacy Policy.

2. We may disclose your PII to professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.

3. Handling and transfer of Personal Data

1. In this Section, we provide information about the circumstances in which your PII may be transferred to countries worldwide including inside and outside the European Economic Area (“EEA“).

2. Transfers to countries inside and outside the EEA will be protected by appropriate safeguards, namely means the provisions of applicable law which relate to the protection of individuals with regards to the Processing of Personal Data to which a party may be subject including, without limitation, the Data Protection Act 1998, the Data Protection Directive 95/46/EC, the Regulation of Investigatory Powers Act 2000, the Telecommunications (Lawful Business Practice (Interception of Communications) Regulation 2000, the Electronic Communications Data Protection Directive 2002/58/EC, the Privacy and Electronic Communications (EC Directive) Regulations 2003 and, where applicable, the guidance and code of practice issued by the Information Commissioner’s Office from time to time, directions of any competent regulatory authority, relevant regulatory guidance and codes of practice (collectively “Data Protection Regulation”) or to the extent transfers will cross borders to outside the EEA, such transfer shall be carried out in accordance with standard contractual clauses annexed to the EU Commission Decision 2010/87/EU of 5 February 2010 for the Transfer of Personal Data to Processors established in Third Countries under the Directive (the “Model Clauses”). 

3. The hosting facilities for our Website are situated in Europe (Lithuania), Europe (Germany), Switzerland

4. You acknowledge that PII submitted by you for publication through the Services may be available around the world via the internet.

4. Personal data retention

1. This Section sets out our data retention policies and procedures, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.

2. We will retain and delete your personal data as follows:

3. PII will be retained for up to a period of one year at following the end of the Services after which period it will be deleted from our systems, unless otherwise required under applicable law.

4. Notwithstanding the other provisions of this Privacy Policy, we may retain your PII where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

5. PURPOSE AND LEGAL BASIS OF DATA MANAGEMENT

The purpose of its data management is to provide the service(s). As part of the provision of the Service:

(i) identification and/or differentiation of the client/user from other clients/users;

(ii) contact, in case of eDM contribution, notification of related or new services;

(iii) testing and measuring customer satisfaction

(iv) facilitating the customization of the Service;

(v) sending system messages related to the Service;

(vi) in the case of separate consent, inquiries with advertising content for direct business acquisition or marketing purposes (e.g. newsletter, eDM,.);

(vii) possibility to order services and products, create a contract, define its content, put the ordered product into use, use the given and ordered bonuses;

(viii) participation in events and related ancillary services (for example, taking photos and videos);

(ix) membership-related services, bonus programs

(x) advertising products of third parties without transferring data.

(xi) requesting and providing product trials

(xii) request for and offer for the products of First One

2. The collection and management of personal data in the case of the use of certain services performed in return for consideration is regulated by law – such as CXVII of 1995, C of 2000 and XCII of 2003, which regulate taxation and accounting obligations. based on laws. In the absence of a different provision, data management is based on the User’s voluntary consent. Marketing contributions are recorded in a separate register and can be separated from customer status.

3. The User is solely responsible for the authenticity and accuracy of personal data.

4. The range of personal data managed by First One is influenced and partially determined by electronic commercial, accounting and advertising regulations, especially XLVIII of 2008 on the basic conditions and certain limitations of economic advertising activities. § 6 of the Act, CVIII of 2001 on certain issues of electronic commercial services and services related to the information society. 13/A.§-14/C.§ of the Act.

5. Some services can only be used by registration, during which personal data provided by necessity or individually selected will be collected and processed.

6. Some additional services (e.g. bonuses) can only be registered and signed in conjunction with subscribing to the service-related newsletter or direct business acquisition or marketing inquiries containing advertising, while for other services it is possible to subscribe to the newsletter and other advertising messages.

7. Use and complaints are facilitated by a separate customer service, which may be independent for each product.

8. Various cookies (e.g. session-specific or persistent browser cookies, flash cookies, etc.) may be placed in order to facilitate user activity in order to exploit the potential of the services.

6. RIGHTS RELATED TO DATA MANAGEMENT, LEGAL REMEDIES

A. Modification, deletion, blocking of data

1. The User can modify or request the correction of their data at any time at dpo@1one.hu. The service provider undertakes to respond to the request within 15 working days, to inform the applicant about his right to data portability and how it can be enforced.

2. With the exception of mandatory data management, the User may delete his personal data or request the deletion or blocking of his personal data at the contact(s) and method(s) specified for the individual websites and services (e.g. in the user account, via email, etc.) . In some cases, the premature deletion of personal data is equivalent to the loss of certain rights (e.g. bonuses).

3. The customer’s / user’s personal data will be deleted if it is suspected that their handling is illegal (e.g. it conflicts with the Competition Act or some criminal law violation legislation); the purpose of data management has ceased; or the statutory period for data storage has expired; it was ordered by the court or the National Data Protection and Freedom of Information Authority; or if the data management is incomplete or incorrect – and this state cannot be legally remedied – provided that deletion is not precluded by law. Our system does not record special data, they are deleted automatically.

4. Consent to the sending of inquiries for direct business acquisition or marketing purposes containing economic advertising can be withdrawn separately for each type of inquiry (e.g. newsletter, e-DM, etc.) at any time without limitation or justification, free of charge at the bottom of the letters, in the same way as signing up. The data management associated with the customer relationship cannot be terminated as long as the data management obligation is prescribed by law.

B. Request for Information

1. The User is entitled at any time to request information about his/her personal data processed in connection with the given Service at the address dpo@1one.hu.

2. At the request of the User, First One provides information on the data relating to the User, managed by it in connection with the given Service, or processed by the data processor commissioned by it, its source, the purpose, legal basis, duration of the data processing, the name and address of the data processor, the about the activity related to data management, the legal basis of the data transfer and the recipient according to the complaint handling regulations.

C. Objection to the processing of personal data

1. The User may object to the processing of his personal data

a) if the processing or transmission of personal data is necessary solely for the fulfillment of the relevant legal obligation of First One or for the enforcement of the legitimate interests of the data controller, data receiver or third party, except for the so-called the case of mandatory data management;

b) if personal data is used or forwarded for the purpose of direct business acquisition, public opinion polls or scientific research; as well as

c) in other cases specified by law.

2. If the data management (e.g. accounting) is mandated by law, the data controller may not delete the User’s data, but will not forward the personal data to the data recipient, if the objection has been agreed with or a court has established the legitimacy of the objection.

D. Authority Remedy

In the event of a perceived violation of rights related to the processing of personal data, any person concerned may apply to the competent court, the Capital Court in the capital, or initiate an investigation at the National Data Protection and Freedom of Information Authority (chairman: dr. Attila Péterfalvi, 1024 Budapest, Szilágyi Erzsébet fasor 22/C., same service @naih.hu, +36-1-391-1400, www.naih.hu).

7. Information Security

First One constantly improves its data security system so that you always have the data entrusted to us in the most secure place. We also pay attention to the confidentiality, integrity, availability and resilience of the systems and services. We use technologies that facilitate this, in particular the pseudonymization and encryption of personal data and the restoration of access and availability in the event of an incident. The above mentioned technical and organizational measures are tested regularly.

1. The devices used to provide the service are operated in such a way that your data is only accessible to those authorized to do so (availability)

2. their authenticity and authentication are ensured (authenticity of data controlling)

3. their non-modification must be verifiable (data integrity)

4. and they are protected against unauthorized access (data confidentiality).

5. We follow generally accepted industry standards to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure that’s why we can not

How do we control your personal data?

Employees of our Company who have access to your personal data may only process such data in accordance with the relevant contractual provisions and internal policies as required by the applicable legislation.

We only grant access to your data to the extent necessary to perform the work required to provide the service or only to a person whose job and responsibilities include the control / process of the data.

8. Cookies

Anonymous visitor IDs (cookies) are files or information fragments that are saved on your computer (or other internet-enabled devices, such as your smartphone or tablet) when you visit a website. The cookie generally contains the name of the website from which it is originated, its own “duration” (in other words how long it stays on your device) and its value, which is a random generated unique number.

Cookies are used to optimize websites and to offer you products corresponding to your interests and needs thereby making it easier to use these websites. Besides, cookies help to accelerate your future browsing sessions and to enhance your experience while using our websites. Cookies can also be used to generate anonymized, aggregated statistical data so that we have a better insight on how people use our websites so that we can improve their structure and content. This information is not suitable to identify you, as an individual.

We may use two kinds of cookies on our websites: session and permanent cookies. Session cookies are temporary, meaning they stay on your device until you leave our site. Permanent cookies remain longer, sometimes as long as you manually delete them.

Other websites use further information, so-called pixel tags, that can be shared with third parties. This directly supports our promotion activities and website development efforts. For example, the website usage information of our visitors can be shared with advertisement agencies so that we can use our online advertisements more effectively.

9. California Online Privacy Protection Act

1. CalOPPA is the first state law in the nation to require commercial websites and apps and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates Website collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its Website stating exactly the information being collected and those individuals or companies with whom it is being shared.

2. According to CalOPPA, we agree to the following:

1. Users can visit our site anonymously.

2. Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our Website.

3. Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above

10. Do Not Track Signals

1. We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

2. Note that we also allow third-party behavioral tracking.

11. COPPA (Children Online Privacy Protection Act)

1. When it comes to the collection of PII from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of Website and online services must do to protect children’s privacy and safety online.

2. We do not specifically market to children under the age of 13 years old, and 13 year olds are prohibited from using this Website without proper consents from guardians as detailed hereunder.

12. Fair Information Practices

1. The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect PII.

1. In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

2. We will notify you within a reasonable amount of time.

3. We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only those individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

13. CAN SPAM Act

1. The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

2. We collect your email address in order to:

1. Send information, respond to inquiries, and/or other requests or questions

2. Process orders and to send information and updates pertaining to orders.

3. Send you additional information related to the Services.

4. Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.

3. To be in accordance with CANSPAM, we agree to the following:

1. Not use false or misleading subjects or email addresses.

2. Identify the message as an advertisement in some reasonable way.

3. Include the physical address of our business or site headquarters.

4. Monitor third-party email marketing services for compliance, if one is used.

5. Honor opt-out/unsubscribe requests quickly.

6. Allow users to unsubscribe by using the link at the bottom of each email.

14. Third-party providers

In the course of some of its Services, First One is considered to be a cooperating partner as defined in the Terms of Use for certain sub-service(s) on its own, and together with the Companies belonging to First One, it is considered to be a multiple data controller or data processor. Some third-party service providers manage data according to their own data management policies.

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

Providers list: Microsoft, Hostinger, Atlassian

15. COPYRIGHTS

The content of the Websites (e.g.: trademark, text, data, video, audio, image, etc.), the external

the appearance and the software used for the operation of the Websites are the exclusive intellectual property of the Operator

property, its – whether online, in print or in any other way –

it can only be used with the prior consent (permission) of the Operator.

Certain parts of the Websites may be saved for individual (own) use only

can be printed. However, the former authorization does not mean consent (permission) for the downloaded materials

for commercial reproduction, distribution, making available (downloadable), storing in a database, or any kind of processing.

The images and other intellectual products on the Websites are owned by the User or a third party

may only be used with the permission of the holder. Their use without prior permission

violates the laws on the protection of copyright and personal rights.

The User bears unconditional and unlimited liability for violations of the provisions of this clause.

16. Age of consent

By using this site, you represent that you are at least the age of majority in your state, province or country of residence, or that you are the age of majority in your state,  province or country of residence and you have given us your consent to allow any of your minor dependents to use this site.

17. APPLICABLE LAW AND SETTLEMENT OF DISPUTES 

All activity and disputes on this Website or Services shall be governed by the law of Hungary and under the sole  jurisdiction of Central District Count of Buda or the Budapest Environs Regional Court