PRIVACY NOTICE
INTRODUCTION
This Privacy Notice (hereinafter referred to as the “Notice”) provides information about the data processing activities carried out by Hacktify International LLC. as the Data Controller in connection with the use of the website www.www.hacktify.eu (hereinafter referred to as the “Website”) and the sub-domain app.hacktify.eu (hereinafter referred to as the “Platform”), user registration, newsletter subscription and related services.
DATA CONTROLLER
Name of data controller: Hacktify International Korlátolt Felelősségű Társaság
Short name of data controller: Hacktify International Kft.
Headquarters and postal address: 1027 Budapest, Bem József Utca 9. Fszt.
Company registration number: 01-09-380827
TAX number: 27965043-2-41
Public tax ID: HU27965043
E-mail: [email protected]
DATA PROCESSING ACTIVITIES
A detailed description of each of the purposes of data processing is set out in the table at the end of this notice.
Visiting the website (DPA-H001)
You can visit our website without providing any personal data, but you must register to use the Platform and the services available there. We will also only use cookies with your consent, which will be indicated in a separate window when you use the Website or the Platform.
Contacting us (DPA-H002)
You can contact us using the form on the website, or by contacting us by e-mail, post or telephone.
User registration (DPA-H003)
In order to access certain functions of the Website, registration is required, during which the following personal data provided by you will be processed.
User profile (DPA-H004)
Users with a User Registration can also provide additional personal information about themselves in their account and set their profile to be public. By default, profile visibility is private. When filling in a profile, the information you provide is voluntary.
Job application (DPA-H005)
Based on your application for one of our advertised positions, we will process the personal data you submit in your application to select the right candidate as part of our recruitment process.
Sign up for newsletter (DPA-H006)
You have the possibility to subscribe to our newsletter by providing an e-mail address. If you no longer wish to receive such mailings from us, you can unsubscribe by clicking on the unsubscribe button in the e-mail.
Identity verification (DPA-H007)
The identity verification process (or Know Your Customer – KYC) is a data processing activity aimed at preventing money laundering and terrorist financing. Under our Terms and Conditions, KYC is mandatory for all registered users who are entitled to receive a reward (for accepted reports).
The process takes place on the Stripe interface, where the user is required to present a valid ID and take a selfie. It is important to note that the submitted documents and selfies are not stored by Stripe, nor do we at HACKTIFY have access to this information. Stripe will only transmit the results of the verification to the platform, which will be recorded to the user account.
The data collected during the KYC process is processed only for the purposes required by law and is not disclosed to third parties.
Using cookies
For more information about the cookie practices on our website, please see the cookie popup/banner. You can also change your preferences and withdraw your consent, as well as get detailed information about the cookies that are running. You can change/view all settings and information in the pop-up window.
Automatic decision-making and profiling
Automated decision-making and profiling will not take place in the case of the data processing activities and services presented above.
DATA TRANSFER
In order to provide our services and operate our Website, we use data processors, which you can find below. In selecting our data processors, we always take into account the enforcement of data protection requirements, as well as the guarantees provided by the third party, as well as the fact that the place of data processing is located within the territory of the EU.
RECIPIENTS
The Rocket Science Group LLC MailChimp
675 Ponce de Leon Ave NE Suite 5000
Atlanta, GA 30308 USA
https://mailchimp.com/contact/
Provision and operation of a newsletter sending service
SendPulse Inc.
220 E 23rd St #401, New York, NY 10010.
https://sendpulse.com/
Automate messages related to user account activity
Microsoft Ireland Operations Limited
One Microsoft Place, South County Business Park, Leopardstown, Dublin 18., Írország
https://privacy.microsoft.com/hu-hu
Use of cloud services, mail server, office applications
AWS Europe-Amazon EU
S.a.r.L., 23 r. du Puits Romain, 8070 Bertrange, Luxembourg
https://aws.amazon.com
Use of cloud hosting and network security services
Datadog, Inc.
620 8th Avenue, Floor 45, New York, NY 10018
https://www.datadoghq.com/
Log analysis and application of security solutions
LinkedIn Ireland Unlimited Company
Gardner House, Wilton Plaza, Wilton Place, Dublin 2, Ireland
https://www.linkedin.com/legal/privacy-policy
Publish social media content, post job advertisements, thereby receiving applicants’ data via LinkedIn
Mango Technologies, Inc.
350 Tenth Ave Suite 500
San Diego, CA 92101
www.clickup.com
Use of project management tools
Stripe, Inc.
Legal Office of the DPO/Office of the DPO
354 Oyster Point Blvd
South San Francisco, CA 94080
Email: [email protected]
Phone: (415) 223-0377
Providing an identity verification service.
DATA AND INFORMATION SECURITY
Taking into account the state of the art, we take technical, organizational, and organizational measures to ensure the security of data processing that provides a level of protection appropriate to the risks associated with the processing, and we implement and maintain the following general measures.
TECHNICAL AND ORGANIZATIONAL MEASURES
We select and operate the IT tools used to manage personal data during the operation of the website and the provision of our service in such a way that the processed data:
- accessible only to those entitled to it;
- its authenticity and authentication are ensured;
- its invariability can be justified;
- be protected against unauthorized access.
The data shall be protected by appropriate measures, in particular against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as against accidental destruction, damage or inaccessibility due to changes in the technology used.
reCAPTCHA
We use Google Inc.’s reCAPTCHA service to discover whether the information you provide when you use the forms is from a natural person or the result of an automated computer process. This is necessary so that the form cannot be used by robots developed for this purpose, thus sending us an unsolicited, mass message. During the use of the service, no personal data other than the data provided by the Data Subject will be processed.
You can find out more about the service on the following page: https://www.google.com/recaptcha/about/
Accesses
During each data management, we have carefully defined the users and user groups who can access and manage the data, so that our internal employees, who are primarily responsible for the fulfillment of the given purpose, have the right to do so.
YOUR RIGHTS REGARDING YOUR PERSONAL DATA
You may request information at any time about your personal data we control and may request to correct, refine, delete or limit any of your data and to exercise any of the rights allowed by law.
Right to request information
You may request information via the contact details above about
what personal data,
on what legal reason,
for what purpose,
from what source,
for how long is controlled,
to who, when, on what legal basis the organization granted access of forwarded what personal information of the data subject.
While we make every effort to prevent this from happening, in the event of a privacy incident, if your personal information is compromised, we will send you information.
Right to rectification
If there is a change in your data or it has been recorded inaccurately, you can request that it be changed, however, you can also change your data at any time via our Website or, in the case of a newsletter, through the MailChimp system. We will process your request within a maximum of one month and will notify you via the contact information you provided.
Right to erasure
If you do not want us to continue to process your data or you believe that we are processing it illegally, you can request the deletion of your personal data.
A request for cancellation may be rejected if we are required by law to further store personal data. However, if there is no such obligation, we will process your request within a maximum of one month. Unsubscribing from the newsletter will result in the deletion of the data, however, it will not affect your data related to additional services provided on the Website.
Users registered on our platform are entitled to delete their account at any time. After deleting the account, we are still entitled to store the data for 30 days based on the General Terms and Conditions (GTC).
Right to restriction of processing
You can request that your personal data be blocked (by clearly indicating the limited nature of the data processing and ensuring that it is treated separately from other data). The lock lasts as long as the reason you specify requires the data to be stored. We will provide you with advance notice of any restrictions or deletions.
Data portability
You are either entitled to receive your personal information about us provided to us in a structured, widely used, machine-readable format, and you are also entitled to transfer this information to another data controller.
Right to object
You may object to the processing of your personal data in the legitimate interest. In this case, we may not further process your personal data unless it can be demonstrated that the processing is justified by compelling legitimate reasons which take precedence over your rights, interests and freedoms or which relate to the submission, enforcement or protection of legal claims.
Complaints and remedies
If you have any questions or comments regarding data management, please contact us at one of the contact details provided.
You may request legal remedy regarding the processing of your personal data if you suspect that the processing of your personal data is in violation with the related legal regulation, and you may also file a petition to the court.
Supervisory Authority
Hungarian National Authority for Data Protection and Freedom of Information
Nemzeti Adatvédelmi és Információszabadság Hatósága (NAIH)
Address 1055 Budapest, Falk Miksa utca 9-11.
Mailbox 1363 Budapest, Pf.: 9.
Phone number +36 1 391 1400
Fax +36 1 391 1410
E-mail [email protected]
Website www.naih.hu
Fulfillment of requests
During the development and planning of our services, we took into account the fulfillment of data protection requirements, and we built our systems in such a way that the relevant rights and enforcement possibilities could be fulfilled as simply and quickly as possible. In the case of our website, as a user, you have the opportunity to change and delete your personal data, as well as to adjust their visibility.
In the case of your rights to be enforced through our contact details, we will fulfill them immediately, but not later than within one month, and we will send a notification to the contact details you have provided.
| ID | Purpose of data processing | Collected personal data | Lawful basis | Retention period |
| DPA-H001 | Creating a user account, registration | Surname first name Nickname/User name E-mail address Password Country | Execution of a contract for the use of a service concluded with the person concerned | 1 year from the last login to the website or until the exercise of the rights of the data subject (Delete Account) |
| DPA-H002 | Contact, answering a request | E-mail address, Subject (subject of inquiry), Message text Optional: Company name, Phone number | in the case of a natural person data subject’s consent in the case of a non-natural person e.g. in the case of a contact person, our legitimate interest in the provision of the service | Until withdrawal of consent, but not more than 1 year after contact |
| DPA-H003 | Felhasználói fiók regisztrálása | Surname first name Nickname/User name E-mail address Password Country | Data subject’s consent | 1 year from the last login to the website or until the exercise of the rights of the data subject (Delete Account) |
| DPA-H004 | Display relevant information related to services in the profile | optional BIO, Skills, Languages, Publications, Social media Profiles | Data subject’s consent | 1 year from the last login to the website or until the exercise of the rights of the data subject (Delete Account) |
| DPA-H005 | Workforce recruitment, recruitment management, contact with applicants | Personal data provided as part of the application material (information provided in CV) Contact information | Data subject’s consent | Until the advertised position is filled, but no later than 30 days after receipt of the application material |
| DPA-H006 | Sending newletters to subscribed users about news and events related to services | Name E-mail address* Company name Type of interests | Data subject’s consent Subscription to the newsletter is subject to user confirmation (double opt in). | Until withdrawal of consent, but no later than the termination of the newsletter service |
| DPA-H007 | KYC for identity verification, money laundering and terrorism prevention | Result of personal identification | Performance of a contract with a data subject on terms and conditions of use | Until delate account. |
| DPA-H008 | Financial transactions, payment of rewards | Identifying information required for the payment method selected | Performance of a contract with a data subject on terms and conditions of use | Until the user profile is deleted, but at the latest until the legal requirements for the payment method are met |
