We process your data with due care, in accordance with all applicable laws and regulations, including the regulation (EU) 2016/679 of the European Parliament and of the Council, the General Data Protection Regulation (the “GDPR”).
We do not knowingly collect or ask for information from people under the age of 18. If you are such a person, please do not use our service or send us your information. We delete information that we learn is collected from a person under the age of 18 without verified parental consent.
Who processes your personal data?
Your personal data are being processed by our company The Spot Hungary Kft. with its registered at 1061 Budapest, Király utca 26, Hungary Identification no.: 01 09 293668, (the „Controller“, “we”, “us” or “our”) and the group it belongs to, Vacuumlabs Group, operating under the entity VacuumLabs s.ro., with its registered seat at Bottova 2A, 811 09 Bratislava, Slovakia, Identification no.: 48 207 497 (the „Controller“, “we”, “us” or “our”).
What personal data is processed?
We may collect the following types of information about you:
We may collect and process your personal data which identifies you and is provided by you voluntarily when you use our Services. This personal data includes:
What are cookies?
To make this website work properly, we sometimes place small data files called cookies and similar technologies on your device.
A cookie is a small text file that the website saves on your device when you visit it. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Permanent cookies last until you or your browser delete them or until they expire.
We use our session-based and also permanent functional cookies which enable the website to remember your actions and preferences (e.g., to remember that you are logged in) so you don’t have to keep re-entering them whenever you come back to the website or browse from one page to another.
We also use third parties’ permanent cookies, which helps us to detect abusive traffic on our website without any user friction.
Upon your consent, We use analytical cookies for the improvement of our Site and Platform. We may collect data such as device data, browsing data and interactions with the Site and Platform. You can withdraw your consent to analytical cookies at any time through your browser settings.
Upon your consent, We use marketing cookies including social pixels, for retargeting you on other websites. You can withdraw your consent to marketing cookies at any time through your browser settings.
How to control cookies?
What are the purposes and legal basis for processing your personal data?
We process your personal data in order to:
We process your personal data in order to:
carry out the agreement existing between us based on your decision to use our Services
This purpose includes mainly the following processing activities:
We process the email address, payment information and other data provided by you voluntarily when you use our Service.
The conclusion and the fulfillment of the contract are possible only if we can process your personal data. In case that the personal data are not provided, our company will not be able to enter into the contract with you and so to provide you the Services in accordance with the General Terms.
Legal basis for such processing: the performance of a contract in accordance with Article 6 (1) (b) of GDPR.
process an application if your apply to join our team
If you choose to submit an employment application online, the personal data that you provide to The Spot HU will be used for the purposes of performing the obligations we have as an employer, including our pre-contractual relationship.
These purposes may include:
Legal basis for such processing: consent in accordance with Article 6 (1) (a) of GDPR.
ensure security in our premises
In some circumstances your personal data may be processed for the protection of our rights and interests and for ensuring security in our premises. For this purpose, your personal data may be processed in the following contexts:
Legal basis for such processing: legitimate interest in accordance with Article 6 (1) (f) GDPR.
market our Services
We may market current or future Services to You if you subscribe to our newsletter or consent to marketing cookies, as described above.
The Controller processes your email address on the following legal basis: your consent in accordance with Article 6 (1) (a) of GDPR (granted during submitting your email address to our newsletter bar) or legitimate interest in accordance with Article 6(1) (f) of GDPR (if you have an existing relationship with Us) .
You can stop direct marketing communications from us by:
improve our Services
This purpose includes the following processing activities using technical information on our Website:
The Controller processes technical information under the following legal basis: legitimate interest in accordance with Article 6(1)(f) of GDPR.
Who are recipients of your personal data?
We only share your personal data within the organisation of the Controller and the group of companies into which the Controller belongs.
We do not share your personal data with any recipients outside of the Controller and the group of companies into which the Controller belongs unless one of the following circumstances applies:
it is necessary for the performance and improvement of our Services
To the extent that our external service providers (sub-processors) need access to your personal data to help us perform our Services for you, we have taken the appropriate contractual and organisational measures to ensure that your personal data are processed in accordance with all applicable laws and regulations.
When indicated, providers will only receive your technical data upon your consent.
Below is a non-exclusive list of our sub-processors:
The list of external service providers we use may change from time to time as we change or remove some of the providers listed above and/or put in place other providers to assist us in providing the Services.
It is necessary for legal reasons
We may share your personal data with recipients outside the Controller if we have a good-faith belief that access to and use of your personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent, or otherwise address fraud, security or technical issues; and/or (iii) protect the interests, properties or safety of the Controller, our users or the public as far as in accordance with the law. When possible, we will inform you about such processing.
Do we transfer your data to countries outside the EU/EEA?
The Controller may transfer your personal data to countries outside the European Union and the European Economic Area where we engage with external service providers. In such a case, we transfer your personal data only to a country that is considered to have an adequate level of protection in accordance with the EU Commission’s decision or there are appropriate safeguards in place to protect your personal data, such as standard contract clauses or binding internal company rules. Regardless of the country in which your personal data is processed, the Controller takes reasonable technical, legal and organisational measures to ensure that the level of protection is the same as in the European Union and the European Economic Area.
If we are involved in a merger, acquisition or other reorganisation, your information may be transferred as part of that deal. We will notify you (for example, via a message to the email address associated with your account) of any such deal and outline your choices in that event.
What is the storage period?
In case that processing is necessary for compliance with a legal obligation, your personal data will be processed during the period set by the applicable legal obligation or line with it.
In case that processing is necessary for performance of the contract, your personal data will be processed until the end of the contract.
In case that personal data are processed for CCTV purposes, your personal data will be processed for 15 days.
If you provide us with your personal data for leasing offices, we store the personal data for 3 years.
As soon as The Spot HU no longer needs your personal data for the processing purposes for which the personal data were collected, it will delete them unless the statute-barred period applies.
Certain transaction details and correspondence may be retained until the time limit for claims, in respect of the transaction, has expired or in order to comply with regulatory requirements regarding the retention of such data.
What are your rights?
Right of access – The Controller offers you access to your personal data we process. This means you can contact us and request from us a confirmation whether or not your personal data are being processed and if so, you have the right to request access to your data, which we will provide to you in the form of a so-called “registry” (stating, in particular, purposes, categories of personal data, categories of recipients of personal data, storage periods or criteria for determining storage periods).
Right to rectification – You have the right to have inaccurate personal data we have stored about you rectified.
Right to erasure – You may also ask us to erase your personal data from our systems. We will comply with such requests unless we have a legitimate ground to not delete your personal data.
Right to restriction of processing – You may request us to restrict certain processing of your personal data. If you restrict certain processing of your personal data, this may lead to fewer possibilities to use our Services and website.
Right to data portability – You have the right to receive your personal data from us in a structured, commonly used and machine-readable format in order to transmit the personal data to another controller.
How to use your rights – You may exercise your rights above, free of charge, in writing by sending a letter or email at email@example.com. We may require confirmation of your identity depending on your request.
May you complain?
In case you consider our processing activities of your personal data to be inconsistent with the applicable data protection laws, you may lodge a complaint with the local supervisory authority for data protection.
Are data secured?
We take all reasonable, appropriate security measures to protect the Controller and our customers from unauthorised access to or unauthorised alteration, disclosure or destruction of personal data we hold. Measures include, where appropriate, encryption, firewalls, secure facilities and access rights systems. Should, despite the security measures, a security breach occur that is likely to have negative effects to your privacy, we will inform you about the breach as soon as reasonably possible. If you have any questions, feel free to contact us at firstname.lastname@example.org.
Leave us your contact details and we will get in touch with you shortly.