Adatkezelési tájékoztató

This Privacy Notice is published by Nitrogen Gas Generator Korlátolt Felelősségű Társaság (“NGG” or the “Data Controller”) to inform data subjects about the processing of their personal data.

Data Controller:
Nitrogen Gas Generator Korlátolt Felelősségű Társaság

Registered Office:
2750 Nagykőrös, Téglagyári utca 10., Hungary

Company Registration Number:
13-09-240565

Tax Number:
32816055-2-13

Phone:
+36 30 739 4540

Email:
info@nitrogengas.hu
________________________________________

I. Principles of Data Processing

The Data Controller processes personal data in accordance with the following principles:

  • Personal data shall be processed lawfully, fairly, and in a transparent manner in relation to the data subject (“lawfulness, fairness and transparency”). 
  • Personal data shall be collected only for specified, explicit, and legitimate purposes and shall not be further processed in a manner incompatible with those purposes (“purpose limitation”). 
  • Personal data shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed (“data minimisation”). 
  • Personal data shall be accurate and, where necessary, kept up to date. Every reasonable step shall be taken to ensure that inaccurate personal data are rectified or erased without delay (“accuracy”). 
  • Personal data shall be stored in a form that permits identification of data subjects only for as long as necessary for the purposes for which the personal data are processed (“storage limitation”). 
  • Personal data shall be processed in a manner that ensures appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical and organisational measures (“integrity and confidentiality”). 

________________________________________

II. Security of Data Processing

During its operations, the Data Controller ensures the protection of personal data through:

  • physical, 
  • logical, and 
  • administrative 

security measures.

The IT systems and tools used during data processing are selected and operated in a manner that ensures:

  • availability of data to authorised persons only; 
  • authenticity and verification of data processing; 
  • integrity and immutability of data; and 
  • protection against unauthorised access. 

During data processing, NGG ensures:

  • Confidentiality: ensuring that information is accessible only to authorised persons; 
  • Integrity: safeguarding the accuracy and completeness of information and processing methods; and 
  • Availability: ensuring that authorised users can access the required information whenever necessary and that the related tools and systems remain available. 

________________________________________

III. Data Processing Activities

1. Newsletter Subscription

Purpose of data processing:
To provide subscribers with news and updates related to NGG.

Categories of personal data processed:

  • Name 
  • Email address 

Legal basis for processing:
Article 6(1)(a) of the GDPR – consent of the data subject.

Data retention period:
Until the withdrawal of consent.

The Data Controller processes personal data collected for newsletter purposes only until the data subject unsubscribes from the mailing list or withdraws their consent.

Data subjects may unsubscribe at any time:

  • by clicking the unsubscribe link included in newsletters; 
  • by sending a request to: leiratkozas@nitrogengas.hu; or 
  • by post to:
    2750 Nagykőrös, Téglagyári utca 10., Hungary. 

________________________________________

2. Individual Enquiries

Purpose of data processing:
To provide communication, customer contact, and information.

Categories of personal data processed:

  • Name 
  • Email address 
  • Phone number 
  • Message content (which may contain personal data) 

Legal basis for processing:
Article 6(1)(a) of the GDPR – consent of the data subject.

Data retention period:
Until the requested information has been provided, after which the personal data will be deleted.
________________________________________

3. Processing of Contact Person Data

Purpose of data processing:
To maintain communication with business partners.

Categories of personal data processed:

  • Name 
  • Email address 
  • Phone number 
  • Message content (which may contain personal data) 

Legal basis for processing:
Article 6(1)(a) of the GDPR – consent of the data subject.

Data retention period:
Until the termination of the business relationship or withdrawal of consent by the data subject.
________________________________________

IV. Data Processors

A data processor is a natural or legal person who processes personal data on behalf of the Data Controller.

Data ProcessorActivity Performed
ININET Internet Kft. 1063 Budapest, Színyei Merse utca 10., Hungary Company Registration Number: 01-09-970252Website operation and web hosting

V. Rights of Data Subjects

Data subjects may request information regarding the processing of their personal data and may request the rectification or deletion of their personal data without undue delay, except where data processing is required by law.

Upon request, the Data Controller shall provide information regarding:

  • the personal data processed; 
  • the purpose, legal basis, and duration of processing; 
  • the name and registered office of any data processor; 
  • the activities carried out in connection with data processing; and 
  • the recipients to whom the data have been or may be disclosed. 

The Data Controller shall provide the requested information in writing, in a clear and understandable format, within the shortest possible time, but no later than 15 days from receipt of the request.

Such information shall be provided free of charge unless the data subject has already submitted a request concerning the same data processing activity within the same calendar year. In other cases, NGG may charge a reasonable administrative fee.

The Data Controller shall delete personal data if:

  • the processing is unlawful; 
  • the data subject requests deletion; 
  • the purpose of processing has ceased; 
  • the statutory retention period has expired; or 
  • deletion has been ordered by a court or the Hungarian National Authority for Data Protection and Freedom of Information. 

NGG shall notify the data subject and all recipients to whom the data were previously disclosed regarding rectification or deletion, unless such notification would adversely affect the legitimate interests of the data subject.

The data subject may object to the processing of personal data if:

  • the processing or transfer of personal data is necessary solely for the enforcement of the rights or legitimate interests of the Data Controller or a third party, unless processing is required by law; 
  • personal data are used or transferred for direct marketing, public opinion research, or scientific research purposes; or 
  • the right to object is otherwise provided by law. 

The Data Controller shall examine the objection within the shortest possible time, but no later than 15 days from submission of the request, while suspending processing activities, and shall inform the applicant of the outcome in writing.

If the objection is justified, the Data Controller shall terminate processing, including further collection and transfer of data, block the data, and notify all recipients to whom the affected personal data were previously transferred and who are required to take measures to enforce the right of objection.

If the data subject disagrees with the decision of the Data Controller, they may initiate court proceedings within 30 days from notification of the decision.

NGG may not delete personal data if processing is required by law. However, the data may not be transferred to recipients if the Data Controller agrees with the objection or if a court establishes the legitimacy of the objection.

Complaints regarding data processing may be submitted to the Hungarian National Authority for Data Protection and Freedom of Information:

Hungarian National Authority for Data Protection and Freedom of Information (NAIH)

Address:
1125 Budapest, Szilágyi Erzsébet fasor 22/c, Hungary

Postal Address:
1530 Budapest, Pf. 5., Hungary

Phone:
+36 1 391 1400

Website:
NAIH Official Website

Email:
ugyfelszolgalat@naih.hu
________________________________________

VI. Amendments to this Privacy Notice

The Data Controller reserves the right to amend this Privacy Notice unilaterally, subject to prior notice to users. By continuing to use the services following the entry into force of such amendments, users accept the amended Privacy Notice.
________________________________________

Applicable Laws and Standards

NGG’s activities relating to information security and the processing of personal data are governed in particular by the following laws and standards:

  • Fundamental Law of Hungary (Article VI (3)) 
  • Act CXII of 2011 on Informational Self-Determination and Freedom of Information 
  • Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation – GDPR) 
  • Act XXXIV of 2019 on amendments necessary for the implementation of the European Union’s data protection reform 
  • Act V of 2013 on the Civil Code 
  • Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities 
  • Act CLV of 1997 on Consumer Protection 
  • Act CLV of 2016 on Official Statistics 
  • MSZ EN 60950 – Safety requirements for information technology equipment and office machinery 
  • MSZ ISO/IEC 27001:2014 – Information technology – Security techniques – Information security management systems – Requirements 

________________________________________
Nagykőrös, 1 April 2026