PRIVACY NOTICE

INTRODUCTION

This Privacy Notice (hereinafter referred to as the “Notice”) provides information about the data processing activities carried out by Hacktify International LLC. as the Data Controller in connection with the use of the website www.hacktify.eu (hereinafter referred to as the “Website”) and the sub-domain app.hacktify.eu (hereinafter referred to as the “Platform”), user registration, newsletter subscription and related services.

DATA CONTROLLER

Name of data controller: Hacktify International Korlátolt Felelősségű Társaság

Short name of data controller: Hacktify International Kft.

Headquarters and postal address: 1027 Budapest, Bem József Utca 9. Fszt.

Company registration number: 01-09-380827

TAX number: 27965043-2-41

Public tax ID: HU27965043

E-mail: info@hacktify.eu

DATA PROCESSING ACTIVITIES

A detailed description of each of the purposes of data processing is set out in the table at the end of this notice.

Visiting the website (DPA-H001)

You can visit our website without providing any personal data, but you must register to use the Platform and the services available there. We will also only use cookies with your consent, which will be indicated in a separate window when you use the Website or the Platform.

Contacting us (DPA-H002)

You can contact us using the form on the website, or by contacting us by e-mail, post or telephone.

User registration (DPA-H003)

In order to access certain functions of the Website, registration is required, during which the following personal data provided by you will be processed.

User profile (DPA-H004)

Users with a User Registration can also provide additional personal information about themselves in their account and set their profile to be public. By default, profile visibility is private. When filling in a profile, the information you provide is voluntary.

Job application (DPA-H005)

Based on your application for one of our advertised positions, we will process the personal data you submit in your application to select the right candidate as part of our recruitment process.

Sign up for newsletter (DPA-H006)

You have the possibility to subscribe to our newsletter by providing an e-mail address.  If you no longer wish to receive such mailings from us, you can unsubscribe by clicking on the unsubscribe button in the e-mail.

Identity verification (DPA-H007)

The identity verification process (or Know Your Customer – KYC) is a data processing activity aimed at preventing money laundering and terrorist financing. Under our Terms and Conditions, KYC is mandatory for all registered users who are entitled to receive a reward (for accepted reports).

The process takes place on the Stripe interface, where the user is required to present a valid ID and take a selfie. It is important to note that the submitted documents and selfies are not stored by Stripe, nor do we at HACKTIFY have access to this information. Stripe will only transmit the results of the verification to the platform, which will be recorded to the user account.

The data collected during the KYC process is processed only for the purposes required by law and is not disclosed to third parties. 

 

Using cookies

For more information about the cookie practices on our website, please see the cookie popup/banner. You can also change your preferences and withdraw your consent, as well as get detailed information about the cookies that are running. You can change/view all settings and information in the pop-up window.

 

Automatic decision-making and profiling

Automated decision-making and profiling will not take place in the case of the data processing activities and services presented above.

DATA TRANSFER

In order to provide our services and operate our Website, we use data processors, which you can find below. In selecting our data processors, we always take into account the enforcement of data protection requirements, as well as the guarantees provided by the third party, as well as the fact that the place of data processing is located within the territory of the EU.

RECIPIENTS

The Rocket Science Group LLC MailChimp

675 Ponce de Leon Ave NE Suite 5000

Atlanta, GA 30308 USA

https://mailchimp.com/contact/

Provision and operation of a newsletter sending service

SendPulse Inc.

220 E 23rd St #401, New York, NY 10010.

https://sendpulse.com/

Automate messages related to user account activity

Microsoft Ireland Operations Limited

One Microsoft Place, South County Business Park, Leopardstown, Dublin 18., Írország

https://privacy.microsoft.com/hu-hu

Use of cloud services, mail server, office applications

AWS Europe-Amazon EU

S.a.r.L., 23 r. du Puits Romain, 8070 Bertrange, Luxembourg

https://aws.amazon.com

Use of cloud hosting and network security services

Datadog, Inc.

620 8th Avenue, Floor 45, New York, NY 10018

https://www.datadoghq.com/

Log analysis and application of security solutions

LinkedIn Ireland Unlimited Company

Gardner House, Wilton Plaza, Wilton Place, Dublin 2, Ireland

https://www.linkedin.com/legal/privacy-policy

Publish social media content, post job advertisements, thereby receiving applicants’ data via LinkedIn

Mango Technologies, Inc.

350 Tenth Ave Suite 500

San Diego, CA 92101

www.clickup.com

Use of project management tools

Stripe, Inc.

Legal Office of the DPO/Office of the DPO

354 Oyster Point Blvd

South San Francisco, CA 94080

Email: dpo@stripe.com

Phone: (415) 223-0377

Providing an identity verification service.

DATA AND INFORMATION SECURITY

Taking into account the state of the art, we take technical, organizational, and organizational measures to ensure the security of data processing that provides a level of protection appropriate to the risks associated with the processing, and we implement and maintain the following general measures.

TECHNICAL AND ORGANIZATIONAL MEASURES

We select and operate the IT tools used to manage personal data during the operation of the website and the provision of our service in such a way that the processed data:

  • accessible only to those entitled to it;
  • its authenticity and authentication are ensured;
  • its invariability can be justified;
  • be protected against unauthorized access.

The data shall be protected by appropriate measures, in particular against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as against accidental destruction, damage or inaccessibility due to changes in the technology used.

reCAPTCHA

We use Google Inc.’s reCAPTCHA service to discover whether the information you provide when you use the forms is from a natural person or the result of an automated computer process. This is necessary so that the form cannot be used by robots developed for this purpose, thus sending us an unsolicited, mass message. During the use of the service, no personal data other than the data provided by the Data Subject will be processed.

You can find out more about the service on the following page: https://www.google.com/recaptcha/about/

Accesses

During each data management, we have carefully defined the users and user groups who can access and manage the data, so that our internal employees, who are primarily responsible for the fulfillment of the given purpose, have the right to do so.

YOUR RIGHTS REGARDING YOUR PERSONAL DATA

You may request information at any time about your personal data we control and may request to correct, refine, delete or limit any of your data and to exercise any of the rights allowed by law.

Right to request information

You may request information via the contact details above about

what personal data,

on what legal reason,

for what purpose,

from what source,

for how long is controlled,

to who, when, on what legal basis the organization granted access of forwarded what personal information of the data subject.

While we make every effort to prevent this from happening, in the event of a privacy incident, if your personal information is compromised, we will send you information.

Right to rectification

If there is a change in your data or it has been recorded inaccurately, you can request that it be changed, however, you can also change your data at any time via our Website or, in the case of a newsletter, through the MailChimp system. We will process your request within a maximum of one month and will notify you via the contact information you provided.

Right to erasure

If you do not want us to continue to process your data or you believe that we are processing it illegally, you can request the deletion of your personal data.

A request for cancellation may be rejected if we are required by law to further store personal data. However, if there is no such obligation, we will process your request within a maximum of one month. Unsubscribing from the newsletter will result in the deletion of the data, however, it will not affect your data related to additional services provided on the Website.

Users registered on our platform are entitled to delete their account at any time. After deleting the account, we are still entitled to store the data for 30 days based on the General Terms and Conditions (GTC).

Right to restriction of processing

You can request that your personal data be blocked (by clearly indicating the limited nature of the data processing and ensuring that it is treated separately from other data). The lock lasts as long as the reason you specify requires the data to be stored. We will provide you with advance notice of any restrictions or deletions.

Data portability

You are either entitled to receive your personal information about us provided to us in a structured, widely used, machine-readable format, and you are also entitled to transfer this information to another data controller.

Right to object

You may object to the processing of your personal data in the legitimate interest. In this case, we may not further process your personal data unless it can be demonstrated that the processing is justified by compelling legitimate reasons which take precedence over your rights, interests and freedoms or which relate to the submission, enforcement or protection of legal claims.

Complaints and remedies

If you have any questions or comments regarding data management, please contact us at one of the contact details provided.

You may request legal remedy regarding the processing of your personal data if you suspect that the processing of your personal data is in violation with the related legal regulation, and you may also file a petition to the court.

Supervisory Authority

Hungarian National Authority for Data Protection and Freedom of Information

Nemzeti Adatvédelmi és Információszabadság Hatósága (NAIH)

Address 1055 Budapest, Falk Miksa utca 9-11.

Mailbox 1363 Budapest, Pf.: 9.

Phone number +36 1 391 1400

Fax +36 1 391 1410

E-mail ugyfelszolgalat@naih.hu

Website www.naih.hu

 

Fulfillment of requests

During the development and planning of our services, we took into account the fulfillment of data protection requirements, and we built our systems in such a way that the relevant rights and enforcement possibilities could be fulfilled as simply and quickly as possible. In the case of our website, as a user, you have the opportunity to change and delete your personal data, as well as to adjust their visibility.

In the case of your rights to be enforced through our contact details, we will fulfill them immediately, but not later than within one month, and we will send a notification to the contact details you have provided.

 

 

IDPurpose of data processingCollected personal dataLawful basisRetention period
DPA-H001Creating a user account, registration

Surname first name

Nickname/User name

E-mail address

Password

Country

Execution of a contract for the use of a service concluded with the person concerned1 year from the last login to the website or until the exercise of the rights of the data subject (Delete Account)
DPA-H002Contact, answering a request

E-mail address, Subject (subject of inquiry), Message text

Optional: Company name, Phone number

in the case of a natural person

data subject’s consent

in the case of a non-natural person

e.g. in the case of a contact person, our legitimate interest in the provision of the service

Until withdrawal of consent, but not more than 1 year after contact
DPA-H003Felhasználói fiók regisztrálása

Surname first name

Nickname/User name

E-mail address

Password

Country

Data subject’s consent1 year from the last login to the website or until the exercise of the rights of the data subject (Delete Account)
DPA-H004Display relevant information related to services in the profile

optional

BIO, Skills, Languages, Publications, Social media Profiles

Data subject’s consent1 year from the last login to the website or until the exercise of the rights of the data subject (Delete Account)
DPA-H005Workforce recruitment, recruitment management, contact with applicants

Personal data provided as part of the application material (information provided in CV)

Contact information

Data subject’s consentUntil the advertised position is filled, but no later than 30 days after receipt of the application material
DPA-H006Sending newletters to subscribed users about news and events related to services

Name

E-mail address*

Company name

Type of interests

Data subject’s consent

Subscription to the newsletter is subject to user confirmation (double opt in).

Until withdrawal of consent, but no later than the termination of the newsletter service
DPA-H007KYC for identity verification, money laundering and terrorism preventionResult of personal identificationPerformance of a contract with a data subject on terms and conditions of useUntil delate account.
DPA-H008Financial transactions, payment of rewardsIdentifying information required for the payment method selectedPerformance of a contract with a data subject on terms and conditions of useUntil the user profile is deleted, but at the latest until the legal requirements for the payment method are met