Privacy Policy

Any translated versions of the Agreement in a language other than Hungarian are provided as a courtesy only.
In the event of any conflict or discrepancy between any translated version of the Agreement and the Hungarian language version, the Hungarian language version shall prevail.

Data Management Information

Brief Overview

Data Controller Information: Klippe Learning Ltd. (1123 Budapest, Győri út 20, 3rd floor, no. 7.), hello@klippe.hu

Data Protection Officer: We do not engage in activities that would require the appointment of a data protection officer.

Data Protection Requests: If you have any requests or questions regarding data management, you can send your inquiries by post or electronically to the above contact details. We will respond without delay, but no later than 30 days, to the address you provided.

Data Processing: Data processing is carried out by the companies detailed in point 3 of this Information.

International Data Transfer: Personal data is transferred within the territory of the European Union.

Preamble

Klippe Learning Ltd. (hereinafter referred to as the “Data Controller”; headquarters: 1123 Budapest, Győri út 20, 3rd floor, no. 7.), as the data controller, manages personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and the Council (April 27, 2016) (hereinafter referred to as GDPR) on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and the applicable laws.

Klippe Learning Ltd. respects your (hereinafter referred to as the “Data Subject”) rights to the protection of personal data. This information summarises concisely and straightforwardly what data we collect, how we may use it, and describes the tools we use, as well as the Data Subject’s data protection and enforcement possibilities.

Detailed regulations are available in the aforementioned regulation, and for further information, we recommend studying the GDPR. This Information cannot provide a comprehensive understanding of the law.

Definitions

  • Information: Interpreted data. Data in the form of facts and concepts suitable for interpretation, processing, transmission by human or IT means, interpreted here as technical data, identifiers, or location data, and personal data.
  • Data Subject: A natural person who has been identified or is identifiable in the course of personal data management.
  • Personal Data: Any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
  • Data Management: Any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
  • Data Controller: A natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the data controller or the specific criteria for its nomination may be provided for by Union or Member State law.
  • Data Processor: A natural or legal person, public authority, agency, or other body which processes personal data on behalf of the data controller.
  • Recipient: A natural or legal person, public authority, agency, or another body to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
  • Third Party: A natural or legal person, public authority, agency, or body other than the Data Subject, data controller, data processor, and persons who, under the direct authority of the data controller or data processor, are authorised to process personal data.
  • Consent of the Data Subject: Any freely given, specific, informed, and unambiguous indication of the Data Subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
  • Profiling: Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location, or movements.
  • Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
  • Authority: National Authority for Data Protection and Freedom of Information (NAIH), naih.hu.

1. Data Controller (Service Provider) Identification and Contact Details

  • Data Controller Name: Klippe Learning Ltd.
  • Data Controller Representative: Dr. Péter Tamás Balkányi
  • Representative’s Contact: balkanyi@klippe.hu
  • Headquarters: 1123 Budapest, Győri út 20, 3rd floor, no. 7.
  • Postal Address: 1123 Budapest, Győri út 20, 3rd floor, no. 7.
  • Company Registration Number: 01-09-164126
  • Adult Education Registration Number: B/2020/000921
  • Data Protection Officer: We do not engage in activities that would require the appointment of a data protection officer.
  • Customer Service Email: hello@klippe.hu
  • Complaints Address and Contact Details: 1123 Budapest, Győri út 20, 3rd floor, no. 7.

2. Purpose of Data Management, Scope of Managed Data, Duration of Data Management, Parties Entitled to Access Data

Purpose of Data Management

Personal data may only be managed for specific purposes, to the necessary extent, for the exercise of rights and the fulfilment of obligations. Data management must comply with the purpose of data management at all stages; data collection and management must be fair and lawful. Personal data may only be managed to the extent and for the duration necessary to achieve the purpose. The Data Controller has regulated in internal instructions that only recipients involved in achieving the purpose of data management should manage the data.

The Data Controller manages personal data based on legal requirements in the following cases:

  • Billing: Issuing invoices for orders.
  • Performance Certification: Verifying performances related to orders.
  • Adult Education Related Orders: Service provision related to adult education in accordance with Act LXXVII of 2013 on Adult Education.

The Data Controller manages personal data based on legitimate interest in the following cases:

  • Identification of the Data Subject as a Customer: Contact, offer making, contract signing.
  • Record Keeping of Data Subjects for Service Provision and Communication Related to Contract Performance.
  • IT Background Operation for Service Provision.

The Data Controller manages personal data based on the Data Subject’s explicit and voluntary consent in the following cases:

  • Contact Forms: Forms on klippe.hu (and subpages: any webpage under the klippe.hu domain and subdomains) provide online contact opportunities. We request name, email address, and phone number on the forms.
  • Contact via Phone: If you contact us by phone, we will know your phone number and name.
  • Submission of CVs: If you apply for our job advertisement or send your CV independently, we will manage the personal data provided there.
  • Inquiry Regarding Service Provision, Information Request from the Data Subject: Contact and information provision.
  • Cookies: Detailed information on cookie management can be found in our Cookie Management Policy at klippe.hu/cookie-management-policy.

Providing data based on voluntary consent is not a precondition for contract conclusion; you are not obliged to provide personal data for these purposes. Possible consequences of not providing data: inability to establish contact and potential service provision.

Scope of Managed Data, Duration of Data Management, Parties Entitled to Access Data

In accordance with the above, we collect and manage the following data based on the indicated legal basis for the specified retention period.

DATA MANAGED BASED ON LEGAL REQUIREMENTS

  • Billing and Performance Certification: Billing name, billing address, tax identification number – Retention period: 5 years as per law (Civil Code 6:22).
  • In case of Adult Education: Participants’ last name, first name, title, username, email address, organisational unit of the user, job position of the user, exam results, date of birth of the participant, highest education level, gender, address, employment status, enrolment date – Retention period: 5 years as per law (Act LXXVII of 2013 on Adult Education).

DATA MANAGED BASED ON LEGITIMATE INTEREST

  • Identification of the Data Subject as a Customer, Contact, Offer Making, Contract Signing: Contact person’s name, phone number, email address, job position – Retention period: Until the legitimate interest ceases or 5 years as per the related legal requirement (Civil Code 6:22§).
  • Record Keeping of Data Subjects for Service Provision and Communication Related to Contract Performance: Contact person’s name, email address, phone number, job position; representative’s name – Retention period: Until the legitimate interest ceases or 5 years as per the related legal requirement (Civil Code 6:22§).
  • IT Background Operation for Service Provision: Contact person’s name, email address, phone number, job position; representative’s name – Retention period: Until the legitimate interest ceases or 5 years as per the related legal requirement (Civil Code 6:22§).

DATA MANAGED BASED ON VOLUNTARY CONSENT

  • Contact Forms: Name, billing address, email address, and phone number – Retention period: End of the second year following the subject year of contact.
  • Contact via Phone: Phone number, name – Retention period: End of the second year following the subject year of contact.
  • Submission of CVs: Name, address, email address, place of birth, date of birth, educational background, data related to previous jobs, any other personal data voluntarily provided in the CV – Retention period: End of the second year following the subject year of contact.
  • Inquiry Regarding Service Provision, Information Request from the Data Subject: Contact, information provision: Name, phone number, email address – Retention period: End of the second year following the subject year of contact.
  • Cookies: Cookies used by klippe.hu and its subpages (e.g., moodle.klippe.hu), as well as skillheaven.hu. Detailed information on data management is available in our Cookie Management Policy at https://klippe.hu/cookies-policy.

You can read about the unsubscription method in point 5 of this Information.

3. Collection, Use, and Transfer of Personal Data

The Data Controller complies with the relevant legal requirements, restrictions, and ethical standards when collecting personal data.

The Data Controller:

  • Provides information on its data management practices to the Data Subject in a timely manner, before data management begins, in the prescribed manner.
  • Collects, stores, and uses personal data solely for specific purposes. The collected information is always appropriate, relevant, and adequate to the purpose.
  • Takes reasonable steps to ensure that the personal data of the Data Subject is complete, accurate, up-to-date, and reliable to the extent necessary for the purpose.
  • Uses personal data for promotional purposes only with your consent and provides an opportunity to prohibit such communication.
  • Takes proportionate and prudent steps to ensure the protection of the Data Subject’s personal data, including cases when data is transferred to third parties. Data transfer to third parties does not occur without the prior explicit consent of the Data Subject.

The Data Controller generally employs the following Data Processor(s) for specific activities related to personal data management. Further, occasional data processors are regulated in our internal policy; for related information, please contact us at any of the above contact details.

Data Processor Company Registration Number / Tax Number Activity
Számlázz.hu – KBOSS.hu Ltd. 01-09-303201 Online invoicing
Magyar Posta Ltd. 01-10-042463 Postal correspondence, package delivery
Twilio Inc. – Sendgrid 26-2574840 Sending emails through the contact form
Facebook Ireland Ltd. IE9692928F Marketing activities
Adobe Systems Software Ireland Ltd. Administration and document management, e-sign
Google Ireland Ltd. IE6388047V Marketing activities, data collection for data provision, administration
LinkedIn Corporation 47-0912023 Marketing activities
Pixel Paddock, LLC 4059646 Project management support
SaltPay IIB hf. / B-payment 4406861259 Online payment
Sonix Inc. Automatic transcription
Grammarly Inc. 31633083 Grammar checking
OpenAI, L.L.C. 38-4222707 AI-based text processing services

4. Access, Modification, Rectification, and Portability of Personal Data

Access

The Data Subject is entitled to receive feedback from the Data Controller regarding whether their personal data is being processed, and if such processing is ongoing, to access the personal data and the following information:

  • The purposes of data management.
  • The categories of personal data concerned.
  • The recipients or categories of recipients to whom personal data have been or will be disclosed.

Modification and Rectification

The Data Subject has the right to request the Data Controller to rectify inaccurate personal data concerning them without undue delay. Considering the purpose of the data management, the Data Subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement.

Portability

The Data Subject has the right to receive the personal data concerning them, which they have provided to a Data Controller, in a structured, commonly used, and machine-readable format, and has the right to transmit those data to another Data Controller without hindrance from the Data Controller to which the personal data have been provided, if:

  • The data management is based on consent or a contract where the Data Subject is a party; and
  • The data management is carried out by automated means.

5. Deletion, Restriction, and Right to Object to Personal Data

Deletion

(1) The Data Subject has the right to request the Data Controller to delete personal data concerning them without undue delay, and the Data Controller has the obligation to delete personal data without undue delay where one of the following grounds applies:

  • The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise managed.
  • The Data Subject withdraws consent on which the data management is based, and there is no other legal ground for the data management.
  • The Data Subject objects to the data management on grounds relating to their particular situation, or to direct marketing data management, and there are no overriding legitimate grounds for the data management.
  • The personal data have been unlawfully managed.
  • The personal data must be deleted to comply with a legal obligation under Union or Member State law to which the Data Controller is subject.
  • The personal data have been collected in relation to the offer of information society services directly to children.

(2) Where the Data Controller has made personal data public and is obliged to delete the personal data pursuant to paragraph (1), the Data Controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are managing the personal data that the Data Subject has requested the deletion by such controllers of any links to, or copy or replication of, those personal data.

(3) Paragraphs (1) and (2) shall not apply to the extent that data management is necessary:

  • For exercising the right of freedom of expression and information.
  • For compliance with a legal obligation which requires data management by Union or Member State law to which the Data Controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller.
  • For reasons of public interest in the area of public health.
  • For archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes in so far as the right referred to in paragraph (1) is likely to render impossible or seriously impair the achievement of the objectives of that data management.
  • For the establishment, exercise, or defence of legal claims.

Restriction

(1) The Data Subject has the right to obtain from the Data Controller restriction of data management where one of the following applies:

  • The accuracy of the personal data is contested by the Data Subject, for a period enabling the Data Controller to verify the accuracy of the personal data.
  • The data management is unlawful, and the Data Subject opposes the deletion of the personal data and requests the restriction of their use instead.
  • The Data Controller no longer needs the personal data for the purposes of data management, but they are required by the Data Subject for the establishment, exercise, or defence of legal claims.
  • The Data Subject has objected to data management pending the verification whether the legitimate grounds of the Data Controller override those of the Data Subject.

(2) Where data management has been restricted under paragraph (1), such personal data shall, with the exception of storage, only be managed with the Data Subject’s consent, or for the establishment, exercise, or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or of a Member State.

(3) The Data Controller shall inform the Data Subject who has obtained restriction of data management under paragraph (1) before the restriction is lifted.

Right to Object

The Data Subject has the right to object at any time to data management concerning personal data on grounds relating to their particular situation, where data management is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller, or for the purposes of the legitimate interests pursued by the Data Controller or by a third party, including profiling based on those provisions. In this case, the Data Controller shall no longer manage the personal data unless the Data Controller demonstrates compelling legitimate grounds for the data management which override the interests, rights, and freedoms of the Data Subject, or for the establishment, exercise, or defence of legal claims.

Where personal data are managed for direct marketing purposes, the Data Subject shall have the right to object at any time to data management of personal data concerning them for such marketing, including profiling to the extent that it is related to such direct marketing.

Where the Data Subject objects to data management for direct marketing purposes, the personal data shall no longer be managed for such purposes.

6. Special Data

Automated Decision-Making Based on Personal Data

Our company does not engage in data collection activities for automated decision-making.

Management of Special Data

Klippe Learning Ltd. does not manage special data.

Profiling

Klippe Learning Ltd. does not engage in automated profiling.

7. User’s Legal Remedies

In the event of a violation of the user’s personal rights, or in the cases specified in the Regulation, the user may seek assistance from the National Authority for Data Protection and Freedom of Information:

Name: National Authority for Data Protection and Freedom of Information

Postal Address: 1530 Budapest, Pf.: 5.

Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.

Phone: +36 (1) 391-1400

Fax: +36 (1) 391-1410

Web: naih.hu

Email: ugyfelszolgalat@naih.hu

8. Changes to the Information

The Data Controller reserves the right to modify or update this “Information” at any time without prior notice and to publish the updated version on its websites. Any changes will only apply to personal data collected after the publication of the modified version.

Enter your
text here

      Curious to dive deeper into our learning materials, e‑learning systems, or training programs? Looking for a quote? Reach out to us!