Partner Portal Privacy Policy

This Privacy Policy (hereinafter referred to as the „Policy”) was posted on and is effective as of 12 October 2020.

1. DEFINITIONS

Cookie means a small text file, which is placed on your hard disk by a web server, and is used by the Site as set forth in point 2.6. below. 

Communication means any comment, feedback, information or document provided by User to Commsignia via any channel.

General Data Protection Regulation or GDPR means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

Commsignia means Commsignia Ltd.
Seat: 14 Széchenyi utca, Attala 7252, Hungary

Postal address: 4-20 Irinyi József utca, Budapest 1117, Hungary
Company registration number: 17-09-010377
Tax number: HU23874664
Email address: [email protected]
Website: my.commsignia.com

Company means the business entity requesting partnership with Commsignia, already a partner of Commsignia or accessing the Site for information only available to business partners of Commsignia.

Privacy Act means Act CXII of 2011 on the right of informational self-determination and on freedom of information of Hungary.

Product means hardware, software products and connected services marketed and sold by Commsignia, whether manufactured by Commsignia or a third party.

Site means www.commsignia.com/partners, my.commsignia.com and its subdomains.

User or “you” means a registered or not registered visitor of the Site, applying for partnership or already having partner status with Commsignia in the name of the Company, which the User represents or any other person accessing the Site. Users are data subjects in the use of the GDPR.

User Activity means location (based on the IP address of the User’s device) and behavior data of the User, e.g. language selection on the Site, onsite browsing history, and usage patterns (frequency/patterns of logging-in).

 
2. PRIVACY POLICY


2.1. Purpose of this document

This Policy sets out the terms and conditions of how the User’s (hereinafter referred to as the “User” or “you”) personal data is processed. Please read this document carefully! Should you have any questions, requests or remarks please feel free to contact us ([email protected]).

2.2. Availability and updating of this document

Commsignia reserves the right to modify or amend this Policy unilaterally at any time. We suggest visiting the Site from time to time for the latest information, however, you will also be informed via email of this Policy being modified or amended in case of significant changes (e.g. legal basis of processing, scope of processed data, person of data processor) of the Policy.

2.3. Data controller

2.3.1. The User’s personal data provided or generated on the Site is processed by Commsignia as data controller.

2.3.2. The provided or generated personal data of the User is accessible to the following persons within Commsignia:

Commsignia’s employees involved in the data processing (including IT specialists performing a variety of IT tasks related to the operation and maintenance of Commsignia’s computer system, sales and account specialists who are in contact and dealing with the Company which the User represents, members of the operations team of Commsignia, organizing and handling deliveries) as part of their role within Commsignia in connection with performing their duties associated with the purpose of this Policy.

2.4. Data processing activities

2.4.1. Processing of User’s personal data for providing access to B2B partner services and fulfilling obligations and exercising rights based on partnering agreements and administering registration on the Site and for any other channel Commsignia may provide

2.4.1.1. Purposes of data processing

  1. Provision of information to Company via the User as contact.
  2. Communication (notification and statements addressed to the Company) as necessary to share partnership information and conduct cooperation between Commsignia and Company,
  3. Administering registration on the Site and account maintenance.

If the User wishes to become a Commsignia partner or access all information published on the Site, he/she shall register on the Site.

2.4.1.2. Scope of the User’s processed personal data

  • User’s title;
  • User’s name;
  • IP address of the device of the User;
  • User’s email address;
  • User’s hashed password;
  • User Activity
  • Company data, which the user represents (not personal data falling under the scope of this Policy)

2.4.1.3. Legal basis of data processing

The data is processed in compliance with GDPR and all relevant applicable laws.

The legal basis of data processing is the User’s express consent given pursuant to point a) of Article 6(1) of the GDPR.

2.4.1.4. Duration of data processing

User’s personal data specified in point 2.4.1.2 is processed for the period until Company’s registration is deleted, rejected and/or until User informs us that it no longer represent the Company and/or withdraws his/her consent. Notwithstanding the above, Commsignia shall immediately delete your personal data if you specifically request the deletion thereof or withdraw your consent and there is no valid legal ground for data processing. If the User withdraws his/her consent, this does not affect the lawfulness of data processing based on his/her consent and conducted before such withdrawal.

2.4.1.5  Commsignia does not perform profiling.[1]

2.4.1.6. Commsignia does not process sensitive data.

2.5. Data processor

In order to fulfil its purposes as a data controller Commsignia cooperates with the data processors listed below. Commsignia reserves the right to change the data processors at any time.

Name of the data processorData processing activity carried out on behalf of Commsignia and list of the personal data the data processor has access to
SuiteDash

Company name: SuiteDash, Inc.
Address: PO Box 110163,
Research Triangle Park, NC 27709, USA   Website: www.suitedash.com
Contact:  [email protected]
 By mail: SuiteDash.com, 3511 Silverside Road, Suite 105, Wilmington, DE 19810, USA
SuiteDash provides the platform for the Site and therefore it processes all Data on behalf and based on the instructions of Commsignia.   Data received by SuiteDash, Inc. may be stored and processed in a third country (especially in the USA). Hence Commsignia and SuiteDash, Inc. has signed a data processing agreement which includes standard contractual clauses in accordance with the 2010/87/EU Decision of the European Commission with the intention to provide appropriate safeguards to the Users as laid down in GDPR.   More information regarding GDPR compliance: https://suitedash.com/gdpr-commitment/
Google Workspace (GSuite)

Company name: Google LLC (and subsidiaries)
Address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
  Website: https://gsuite.google.hu/intl/hu/
Contact: 
https://support.google.com/policies/contact/general_privacy_form
Google provides Google Workspace (GSuite) services to Commsignia, which is a collection of cloud computing, productivity and collaboration and e-mail tools, software and products.   Data received by Google LLC or its affiliates may be stored and processed in a third country (especially in the USA). Hence Commsignia and Google LLC has entered into a data processing agreement which includes standard contractual clauses in accordance with the 2010/87/EU Decision of the European Commission with the intention to provide appropriate safeguards to the Users as laid down in GDPR.   More information regarding GDPR compliance: https://privacy.google.com/businesses/compliance/
Salesforce

Company name: salesforce.com, inc.
Address: 415 Mission Street, 3rd Floor San Francisco, CA 94105, USA
  Website: www.salesforce.com
Contact: 
[email protected]  By mail: Salesforce Data Protection Officer (Salesforce Privacy Team) 415 Mission St, 3rd Floor San Francisco, CA 94105, USA  
Salesforce is a customer relationship management solution.   Data received by salesforce.com inc. or its affiliates may be stored and processed in a third country (especially in the USA). Hence Commsignia and salesforce.com inc. has entered into a data processing agreement which includes standard contractual clauses in accordance with the 2010/87/EU Decision of the European Commission with the intention to provide appropriate safeguards to the Users as laid down in GDPR.

2.6. Cookies

2.6.1. Commsignia hereby informs you that if you download certain parts of the Site, small data files (“Cookies”) will be automatically sent by the web server to your electronic device. In certain cases, these data files may contain personal data under the applicable data protection laws, which can be accessed by Commsignia. Some of these data files are necessary for the proper operation of the Site, and are used to collect information on the User’s visits to the Site.

2.6.2. The User can accept or refuse Cookies by adjusting his/her browser settings. Browsers offer the possibility to change cookie settings in general. Most browsers automatically accept cookies as default, but this can be changed in order to prevent their automatic acceptance. More information about the settings of some popular browsers are available at the following links:

Google Chrome; Firefox; Microsoft Internet Explorer 11; Microsoft Internet Explorer 10 ; Microsoft Edge.

2.6.3. To find out how to do this and learn more on Cookies, please visit: https://www.youronlinechoices.eu/ .

2.6.4. If the User chooses to refuse all Cookies, access to some of the Site pages features may be limited.

Type of CookiePurpose of CookiesLegal basis of data processingCookie retention period
Google AnalyticsThe Site   use the Google Analytics tool to collect and analyze information on how the User uses the Site. We use the information to compile reports and improve the Site. The data is collected in an anonymous form, including the number of Users to the Site, where Users have come to the Site   from, and the pages they visited within the Site. The collected data cannot be tracked back to the User. For further information on Google’s privacy policy, click here.User’s consent.Google Analytics Cookies are created as soon as the User visits a website on which a valid Google Analytics tracking code is installed. The Cookies will be held in the User’s browser for a maximum period of 2 years from the above date. For further information, please click here.
SessionSession Cookies allow the User to be recognized within the Site.  The most common example of this functionality is the shopping cart feature of the Site. When the User visits a page of a catalogue and selects some items, the session Cookie remembers the selection, so the shopping cart will contain the selected items when the User is ready to check out.User’s consent.The information is saved until the end of the current session. After that, the collected information will no longer be available.
PersistentPersistent Cookies remember the User’s login information and automatically fill out the login form for the User when the User starts the login process next time.User’s consent.The Cookies will be held in the User’s browser for a maximum period of 1 year.

As Commsignia uses SuiteDash as data processor and platform provider for the Site, Cookies are placed by SuiteDash based on their Cookie policy here: https://suitedash.com/cookie-policy/.


2.7. Data security

Commsignia observes all applicable regulations regarding the security of personal data, therefore both Commsignia and its authorized data processors implement appropriate technical and organizational measures to protect personal data, and establish adequate procedural rules to enforce the provisions of the GDPR and all relevant local laws concerning confidentiality and the security of data processing.

2.8. Rights and enforcement

2.8.1. Any personal information which you provide for Commsignia must be true, complete, and accurate in all respects. Please notify us of any change in your personal information via Commsignia’s email address specified in section without delay.

2.8.2. The User may exercise the following rights in relation to Commsignia’s data processing activities:

  • Request information and to have access to personal data being processed;
  • Request the rectification of his/her personal data; 
  • Request the deletion of his/her personal data or restriction of the processing of his/her personal data;
  • Object to Commsignia’s data processing;
  • Request data portability.

2.8.3.    Right to get information and to have access to personal data being processed:

The User has the right to obtain confirmation from Commsignia as to whether or not personal data concerning him or her are being processed, and, if that is the case, to have access to the personal data and the following information:

  1. the purposes of the data processing;
  2. the categories of personal data concerned; 
  3. the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations; 
  4. if possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  5. the User’s right to request from Commsignia the personal data’s rectification, erasure or the restriction of their processing if these personal data are related to the User or the User’s right to object to such data processing;
  6. the right to lodge a complaint with a supervisory authority;
  7. if the personal data are not collected from the User, any available information as to their source;
  8. the existence of automated decision-making, including profiling, and at least in these cases meaningful information about the logic involved, as well as the significance and the envisaged consequences of such data processing for the User.

If personal data are transferred to a third country or to an international organization, the User shall be informed of the appropriate safeguards relating to the data transfer.

Commsignia provides the User with a copy of his or her processed personal data. For any further copies requested by the User, Commsignia may charge a reasonable fee based on administrative costs. If the User submits the request by electronic means, the information shall be provided in a commonly used electronic form, unless otherwise requested by the User.

The right to obtain a copy referred to in the previous paragraph shall not adversely affect the rights and freedoms of others.

The rights mentioned above can be exercised through Commsignia’s contact details indicated above.

2.8.4.    Right to rectification:

Upon the request of the User, Commsignia will rectify any inaccurate personal data related to the User (without undue delay). Considering the purposes of the data processing, the User has the right to have his or her incomplete personal data completed, including by providing a supplementary statement.

2.8.5.    Right to erasure („Right to be forgotten”):

The User has the right to request the erasure of personal data concerning him or her from and Commsignia shall comply with this request without undue delay if any of the following reasons exists:

  1. the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  2. the User withdraws his or her consent on which the data processing is based, and if there is no other legal ground for the data processing;
  3. the User objects to the data processing and there are no overriding legitimate grounds for the data processing, or if the personal data are processed for direct marketing purposes;
  4. the personal data have been unlawfully processed;
  5. the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which Commsignia is subject;
  6. the personal data have been collected in relation to the offer of information society services.

Erasure of data cannot be initiated if data processing is necessary:

  1. for exercising the right of freedom of expression and information;
  2. for compliance with a legal obligation which requires processing by Union or Member State law to which Commsignia is subject to or for the performance of a task carried out in the public interest;
  3. for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, for medical diagnosis, for the provision of health or social care or treatment or for the management of health or social care systems and services, on the basis of Union or Member State law or pursuant to contract with a health professional and if those data are processed by or under the responsibility of a professional subject to the obligation of professional secrecy under Union or Member State law or rules established by national competent bodies or by another person also subject to an obligation of secrecy under Union or Member State law or rules established by national competent bodies;
  4. for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of Union or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the User, in particular as for professional secrecy;
  5. for reasons of public interest in the area of public health and if those data are processed by or under the responsibility of a professional subject to the obligation of professional secrecy under Union or Member State law or rules established by national competent bodies or by another person also subject to an obligation of secrecy under Union or Member State law or rules established by national competent bodies;
  6. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, if the right of erasure would make such data processing impossible or the right of erasure would such data processing seriously jeopardize[2]; or
  7. for the establishment, exercise or defense of legal claims.

2.8.6.    Right to restrict data processing:

The User has the right to request the restriction of data processing concerning him or her from the Commsignia and Commsignia shall comply with this request without undue delay if any of the following reasons exists

  1. the accuracy of the personal data is contested by the User, in this case restriction is related to a period enabling Commsignia to verify the accuracy of the personal data;
  2. the data processing is unlawful and the User opposes the erasure of the personal data and requests the restriction of their use instead;
  3. Commsignia no longer needs the personal data for the purposes of the data processing, but they are required by the User for the establishment, exercise or defense of legal claims;
  4. the User has objected to data processing based on public interest or legitimate interest, in this case restriction is applied for a period in the course of which it can be verified whether the legitimate grounds of Commsignia override those of the User.

If processing has been restricted according to the above, such personal data shall, with the exception of storage, only be processed with the User’s consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

A User who has obtained restriction of data processing according to the above shall be informed by Commsignia before the restriction of data processing is lifted.

2.8.7.    Right to data portability:

The User has the right to receive personal data concerning him or her, which he or she has provided to Commsignia, in a structured, commonly used and machine-readable format and have the right to transmit those data to another data controller without hindrance from Commsignia, if the data processing is based on consent or on a contract and the processing is carried out by automated means.

When exercising the right to data portability defined above, the User shall have the right to have the personal data transmitted directly from one controller to another, if it is technically feasible.

Exercising the right to data portability is without prejudice to the right to erasure („right to be forgotten”).

The right to data portability shall not adversely affect the rights and freedoms of others.

2.8.8.    Right to object:

The User has the right to object, on grounds relating to his or her particular situation, at any time to the processing of personal data concerning him or her, if the legal ground of data processing is to perform a task carried out in the public interest or in the exercise of official authority vested in a data controller, or the data processing is necessary for the purposes of the legitimate interests pursued by a data controller or by a third party, including profiling based on these provisions. Commsignia shall no longer process the personal data unless it can demonstrate compelling legitimate grounds for the data processing which override the interests, rights and freedoms of the User or for the establishment, exercise or defense of legal claims.

2.8.9.    Procedure in the event of a request submitted by the User concerning the exercise of the above rights:

Commsignia provides information to the User on any action taken upon the User’s request related to the rights defined in this Policy without undue delay and in any event within one month of receipt of the request. This period may be extended by two further months where necessary, considering the complexity and number of the requests. Commsignia informs the User of any such extension within one month of receipt of the request, with the reasons for the delay. If the User makes the request by electronic means, Commsignia will provide the information by electronic means where possible, unless otherwise requested by the User.

If Commsignia does not act on User’s request, Commsignia informs the User without delay and at the latest within one month of receipt of the request of the reasons for not acting and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.

Any and all information and communication requested by User are provided by Commsignia free of charge, unless requests from the User are manifestly unfounded or excessive, in particular because of their repetitive character. In this case, Commsignia may either charge a reasonable fee considering the administrative costs of complying with the request or refuse to act on the request.

Commsignia shall communicate any rectification or erasure of personal data or restriction of data processing carried out by Commsignia to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. Commsignia shall inform the User about those recipients if the User requests it.

2.8.10. You may lodge a complaint about the processing of your personal data to the National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság – NAIH; address: H-1125 Budapest, Szilágyi Erzsébet fasor 22/C.; postal address: 1530 Budapest, Pf. 5; 5 phone: +36-1-391-1400; facsimile: +36-1-391-1410; email: [email protected]) or to the data protection authority of your home country or country of your residency. Prior to initiating a legal procedure, it may be useful to discuss the complaint with Commsignia.

2.8.11. Independently from lodging a complaint to NAIH, you may turn to court pursuant to the provisions set forth in the Privacy Act if your rights are infringed. Upon your decision, the procedure may be launched before the tribunal in whose jurisdiction you are domiciled or you have a temporary address.

2.8.12. Your detailed rights and remedies are set out in subsections 14–18 and 21–23 of the Privacy Act and in Articles 15-21 of the GDPR.

2.9. Contacting Commsignia

We value your opinion. If you have any comments, questions, or wish to obtain more information on data processing at Commsignia, please send an email or mail to the email or postal address specified in section 1. We will handle the submitted information confidentially. Our representative will contact you within a reasonable time.


[1] Profiling is any form of automated processing of personal data in which personal data are used to evaluate, analyze or predict certain personal characteristics of the user (e.g. characteristics related to personal preferences, interests, health, behavior, location, or movement).

[2] Processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, shall be subject to appropriate safeguards protecting the rights and freedoms of the data subject. These safeguards shall ensure that technical and organizational measures are in place in particular in order to ensure respect for the principle of data minimization. These measures may include pseudonymization provided that these purposes can be fulfilled in that manner. If these purposes can be fulfilled by further data processing which does not permit or no longer permits the identification of data subjects, these purposes shall be fulfilled in that manner.