People may have concerns about the protection of their data. As you utilize our services, we want to ensure transparency in the handling of your personal data and how we use this information.
Our Privacy Notice outlines:
In crafting this Privacy Notice, we have taken into account the applicable international regulations (such as the European Parliament and European Union Council Regulation 2016/679 of April 27, 2016, on the protection of natural persons with regard to the processing of personal data) – hereafter referred to as the “Regulation.”
Data Controller: Geo-Log Environmental and Geophysical Ltd. Data Processor: Authorized representatives of Geo-Log Environmental and Geophysical Ltd., as well as contracted partners involved in the execution of orders.
Our Privacy Policies apply to all services offered by Geo-Log (such as providing quotations, contract negotiations, and invoicing) and extend to our suppliers and subcontractors bound by contractual obligations concerning the handling of personal data. By establishing written communication with Geo-Log Ltd., interested parties/customers accept the provisions of this Privacy Notice regarding the handling of personal data.
Definitions related to personal data:
• Data subject: an identified or identifiable natural person;
• Personal data: any information related to the data subject – particularly the data subject’s name, identifier, and knowledge specific to their physical, physiological, mental, economic, cultural, or social identity – from which conclusions can be drawn about the data subject;
• Consent: the voluntary and specific expression of the data subject’s will, based on appropriate information, by which the data subject gives their clear consent to the processing of their personal data, either fully or for specific operations.
• Data Controller: a natural or legal person, public authority, agency, or any other body that independently or jointly determines the purposes and means of processing personal data;
• Data Processor: a natural or legal person or organization without legal personality, who or which, based on a contract concluded with the data controller – including contracts based on legal provisions – processes personal data on behalf of the data controller;
• Delegate: a Geo-Log employee whose responsibilities include the handling of personal data;
• Data processing: any operation or set of operations performed on data, regardless of the applied procedure, including collection, recording, organizing, structuring, storage, adaptation, or alteration, retrieval, consultation, use, disclosure, transmission, distribution, or any other way of making data accessible, coordination, or combination, restriction, deletion, or destruction;
• Data processing: performing technical tasks related to data processing operations, regardless of the method and tool used for executing the operations, and regardless of the location where the application takes place, as long as the technical task involves processing data;
• Data transfer: making data accessible to a specific third party.
• Public disclosure: making data accessible to anyone;
• Data erasure: rendering data unrecognizable in a way that their restoration is not possible.
The processing of personal data shall be carried out:
a) lawfully, fairly, and in a transparent manner for the data subject;
b) collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes;
c) adequate, relevant, and limited to what is necessary for the purposes of processing (data minimization);
d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which they are processed, is erased or rectified without delay (accuracy);
e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (storage limitation);
f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures (integrity and confidentiality).
According to the regulation, the processing of personal data (such as recording, transmitting, using for advertising or other purposes, etc.) is generally allowed after obtaining the data subject’s consent or in cases of mandatory data processing (when permitted by law for public interest purposes). Personal data processing is considered lawful if at least one of the following conditions is met:
a) The data subject has given consent for the processing of their personal data for one or more specific purposes.
b) The processing is necessary for the performance of a contract in which the data subject is a party or for taking steps at the request of the data subject before entering into a contract.
c) The processing is necessary for compliance with a legal obligation to which the data controller is subject.
d) The processing is necessary to protect the vital interests of the data subject or another natural person.
e) The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller.
f) The processing is necessary for the legitimate interests pursued by the data controller or a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject, especially if the data subject is a child. [Point f) does not apply to data processing carried out by public authorities in the performance of their tasks.]
In summary, data processing by Geo-Log is considered lawful when it is necessary for the performance of a contract or for the intention to enter into a contract.
If data processing is based on consent:
• Before obtaining consent, the data subject must be informed about their rights.
• The data controller must be able to demonstrate that the data subject has given consent for the processing of their personal data. In such cases, when we need personal data, our customers can freely decide whether to provide the requested information after receiving the necessary information.
• If the data subject’s consent is given in a written statement that also covers other matters, the request for consent must be presented in a way that is clearly distinguishable from these other matters, in a clear and easily accessible form, using plain and simple language. Any part of such a statement containing provisions that are in violation of this regulation shall have no legal effect.
If data processing is mandatory (e.g., for fulfilling legal obligations):
• Obtaining written consent from the data subjects is not necessary, in addition to informing them about their rights.
When inquiries, information requests, and quotation requests are made to Geo-Log, we store the necessary communication details (first name, last name, phone number, email address), provided by you among the listed data. In the case of orders, we also store the data required for communication, contract formation, and compliance with legal obligations (first name, last name, address, phone number, email address, tax identification number).
Geo-Log does not collect, store, or process special categories of personal data, such as racial or ethnic origin, political opinions, religious or philosophical beliefs, or data concerning health or sex life.
When you contact Geo-Log, we keep a record of our communication with you in our database to assist with potential problem-solving in the future. Your email address may be used to inform you about our services, sending notifications about changes or improvements.
Data Handling: The data we manage is not made public or transferred to third parties (exceptions are mentioned below). Data transmission occurs solely to fulfill orders to our subcontractors and suppliers to the extent required (see below). Data can be transmitted and different data processes can be linked only if the individual has given consent or if the law permits, and if the conditions for data processing are met for each personal data.
Data Handling Exceptions: We may access your data and retain or share it in response to official requests (e.g., search warrants, court orders, or subpoenas) or if we genuinely believe that the law requires us to do so. Similarly, we may access, retain, and share your data if we believe it is our duty to prevent or disclose fraud or other illegal activities, protect ourselves or others during an investigation, prevent harm to life or physical safety.
Data Storage: We retain data for the period necessary to provide products and services or as required by law.
Data Transmission: We may transmit data in response to official requests or to our partners who need this data to provide services to the individuals concerned.
When you contact Geo-Log, we keep a record of our communication with you to be able to assist you with your possible issues in the future. We may use your email address to inform you about our services, sending notifications regarding changes or improvements.
Data Handling: The data we handle is not made public, nor shared with third parties (exceptions are listed below). Data transmission is solely carried out to fulfill orders to our subcontractors and suppliers to the extent necessary (see below). Data can only be transmitted, and different data processing can only be linked if the individual has given consent, or the law permits it, and if the conditions of data processing are met for each individual piece of personal data. Therefore, the personal and other data provided by our clients will not be supplemented or connected with data or information from other sources.
Exceptions to Data Handling: Upon official request (e.g., search warrant, court order, or summons), we may access, preserve, or share data if we believe in good faith that the law requires it. We may also access, preserve, and share data if we believe in good faith that it is our obligation to prevent or disclose fraud or other illegal activities; protect ourselves or others, for example, during investigations; or prevent immediate endangerment to life or physical safety.
Data Storage: We store data for the necessary period to provide products and services, as well as in compliance with legal requirements.
Data Transmission: We perform data transmission upon request from authorities or to our partners who need the data for providing services to the individual concerned.
Data subjects may request information from the data controller at any time regarding the processing of their personal data. They can initiate the correction, deletion, or blocking of their personal data. In such cases, the correction of personal data must be carried out, and the data concerning the data subject must be promptly deleted, except for data subject to legal retention obligations.
The data subject has the right to withdraw their consent at any time, without affecting the lawfulness of the processing based on the consent given before the withdrawal.
Contact details of the data controller:
Phone: +36 (1) 363-5643
Address: 1145 Budapest, Szugló u. 54.
If the data subject believes that a breach of their rights related to the processing of their personal data has occurred or is imminent, they have the right to file a complaint with the supervisory authority or turn to the court:
National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság)
Postal address: 1530 Budapest, Pf.: 5.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
In case of violation of their rights, the data subject may turn to the court. The competence of the court depends on the data subject’s choice and may be initiated before the court of the data subject’s residence or place of stay.
Date: Budapest, May 24, 2018.