Privacy Policy

General terms

The purpose of this Privacy Policy is to summarize and demonstrate the general data controlling activity of Outis Nemo Limited Liability Company acts in the capability of a data controller (hereinafter referred to as: Outis Nemo or Data Controller) – but not including the data controlling of any recruitment activities – so that you, like „Data Subject” may fully acquaint him/herself with the data controlling activity carried out by the Data Controller as well as the right, information etc. set-out by the GDPR Regulations effective as of 25 May 2018.

The data controller activity of Outis Nemo, as Data Controller is being regulated by the Privacy Policy herein.

Personal data of the Data Controller

Data controller: Outis Nemo Ltd.
Registered office: 3 Hollósy Simon street, floor 2. door 2., Budapest 1126, Hungary
Tax ID: 26302584-2-43
EU tax ID: HU 26302584
Company registration number: 01 09 377749
Online helpdesk: help.kameleo.io
Email: support@kameleo.io

 

Pursuant to Article 37 of the GDPR Regulations Outis Nemo is not obliged to appoint a data controlling officer. Accordingly, further information on data protection may be available by reaching-out with Outis Nemo directly through the above listed channels.

Should you have any further questions in relation to the below or any other topics, please do not hesitate to contact Outis Nemo, It is with great pleasure answering you.

The data controlling activity of Outis Nemo is subject to the following key principles:

  • Personal data are controlled fairly and lawfully in a way that it is transparent to the Data Subjects;
  • Personal data are collected for specified, explicit and legitimate purposes and not further controlled in a way incompatible with the key principles listed herein;
  • Personal data are collected and controled appropriately and with relevance to the purposes of the data controlling and are limited to a necessary level only;
  • Outis Nemo takes all reasonable measures to ensure that the data controlled are accurate and, where necessary, up to date. Inaccurate personal information will be deleted or corrected immediately;
  • Personal data are stored in such a way that they can only be identified for the time necessary to achieve the purposes for which the personal data are controlled;
  • Outis Nemo ensures the security of personal data against unauthorized or unlawful handling, accidental loss, destruction or damage of personal data by applying appropriate technical and organizational measures.

Legal references

The data protection and control principles of Outis Nemo are in line with the currently applicable data protection legislations – being listed as follows:

  • Act CXII of 2011 on information self-determination and freedom of information (Information Act);
  • REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR);
  • Act V of 2013 on the Civil Code (Civil Code.);
  • Act C of 2000 on Accounting (Accounting Act);
  • Act LIII of 2017. on the Prevention of Money Laundering and Terrorism (AML Act);
  • Act CCXXXVII of 2013 on Credit Institutions and Financial Enterprises (Act on Financial Enterprises).
  • Act CVIII of 2001 on Certain Issues in Electronic Commerce Services and Information Society Services (Ecom Act)
  • Act C of 2003 on Electronic Communications (EC Act)
  • Act CLV of 1997 on Consumer Protection (Act on Consumer Protection)
  • Act CLXV of 2013 on Complaints and Notices of Public Interest (Act on Complaints and Notices)
  • Act XLVIII of 2008 on the Basic Conditions and Certain Restrictions of Economic Advertising (Act on Economic Advertising)

Scope of personal data collected and the legal basis thereto

The legal basis, purpose, nature, duration and data subjects of the data controlled are as follows:

Self-activating newsletter

  • Legal basis: Consent
  • Personal data controlled: name, e-mail address, date of subscription, click-through date, clicked link, e-mail opening date, opened e-mail, IP address
  • Purpose of data control: Notification about promotions, new products, campaigns, other requests for business development purposes, general contact
  • Duration: Until subscription / withdrawal of consent, but no later than 12 months from the last identifiable activity
  • Data Transfer to Third Parties (Data Controllers): DigitalOcean, LLC, 101 6th Ave, New York, NY 10013, United States

Usage and customer information on the software service provided by Outis Nemo (SaaS)

  • Legal basis: Service Agreement
  • Personal data controlled: name, e-mail address, phone number, website, date of registration, username, company name, user’s role
  • Purpose of data control: Ensuring the use of the software service, regularly informing customers about the use of the software, and getting to know the customers’ opinions about the use of the software.
  • Data subjects: person who registers an account for products developed by Outis Nemo on the Service Provider Agreement Website.
  • Duration:
    • In the case of user accounts out of use for at least 12 month: Outis Nemo terminates the Service Agreement, deletes the contents of the related user account, e-mail address and password at the end of the 5th year following the termination of that Service Agreement.
    • In the case of he account is being cancelled by the user, or Outis Nemo terminates the Service Agreement on the free user account: Outis Nemo deletes the related user account and then deletes all related data at the end of the 5th year following the termination of that Service Agreement.
  • Data Transfer to Third Parties (Data Controllers): DigitalOcean, LLC, 101 6th Ave, New York, NY 10013, United States
  • The user can unsubscribe from information e-mails at any time and would not receive such information after the termination of the related Service Agreement, and no data control activity like this would take place either from that date.

Registration for a demo presentation for decision making purposes

  • Legal basis: Service Agreement
  • Personal data controlled: e-mail address, last name, first name, phone number, date
  • Purpose of data control: Organizing and leading the presentation and answering on questions raised in order to achieve the purpose of the presentation
  • Data subjects: person who registers for the presentation and who is registered as a guest for the presentation
  • Withdrawal of subscription: users can unsubscribe anytime and free of charge
  • Duration:
    • For registered users, by the date of unsubscription, but no later than a year after participating in the demo presentation
    • in case of non-accepted guest registrations, for 30 days after registration
    • in case of accepted guest registration until the date of unsubscription, but no later than a year after participating in the demo presentation
  • Data Transfer to Third Parties (Data Controllers): DigitalOcean, LLC, 101 6th Ave, New York, NY 10013, United States

Handling help desk requests

  • Legal basis: Service Agreement or legitimate interest
  • Personal data controlled: Surname, first name, e-mail address, telephone number, subject of interest, date of registration, data provided in the customer satisfaction feedback provided via an online form by the contact person, as well as audio recording of telephone calls (date, content, telephone number)
  • Purpose of data control: Fulfillment of the help desk request or feedback on its non-fulfillment, answering the formulated questions, making the requests and answers available as a reference to the contact person, conducting customer satisfaction surveys and analyzing their data, customer information
  • Duration:
    • For customer service matters related to a paid Outis Nemo user account or any other paid services and/or product, 8 years
    • For customer service matters related to an unpaid (free) Outis Nemo user account, 5 years
    • Content of recorded telephone calls, 5 years
    • In any other cases, the deletion of personal data can be requested at any time free of charge
  • Data Transfer to Third Parties (Data Controllers): DigitalOcean, LLC, 101 6th Ave, New York, NY 10013, United States

Registration for the Outis Nemo affiliate program

  • Legal basis: Fulfillment of Service Agreement
  • Personal data controlled: company name, surname, first name, e-mail address, settlement of commissions
  • Purpose of data control: Providing information on the engagement agreement process of the affiliate program, concluding the affiliate agreement, and then supporting the affiliate within the framework of the affiliate agreement.
  • Duration:
    • in case of successful conclusion of the affiliate agreement, 8 years after the termination of that affiliate agreement
    • in case of failure to conclude the affiliate agreement, no later than one month after the date of registration
  • Data Transfer to Third Parties (Data Controllers): DigitalOcean, LLC, 101 6th Ave, New York, NY 10013, United States

 

The identification of the visitors of Outis Nemo’s website is refused by Outis Nemo, neither taking any action in this regard.

The unsubscription can be done any time and free of charge with the use of a single click – in which case Outis Nemo deletes (even physically) the related data stored from all of Outis Nemo’s systems. In addition, any services provided by Outis Nemo may be used without the subscription to the promotional emails of Outis Nemo.

Cookies

What are the cookies on a website and how does Outis Nemo use them?

Cookies are small data files that are transferred to the visitor’s computer via the website, upon using the website and are saved and stored by the visitor’s internet browser.

General roles of cookies:

  • collect information about visitors and their devices;
  • memorize the individual settings of the visitors’, which can be used e.g. when using online transactions so you don’t have to retype them;
  • facilitate the use of the website;
  • provide and improve a qualitative user experience.

 

In order to provide customized services, a small data packet, i.e. the so-called cookie is placed on the visitor’s device, which data packet is read back by the website upon a re-visit. Should the browser of the visitor send back a previously saved cookie to the website of origination, the cookie provider has the capability to link the visitor’s recent visit with the previous one(s). This capability of the cookie provider is limited to its own content only.

Most of the most commonly used internet browsers (Chrome, Firefox, Edge, Explorer, Opera, Safari, etc.) accept and allow the download, save and use of cookies by default. Anyway, it is up to the visitor’s intent to refuse or disable them by changing the browser settings, or the visitors can also delete cookies that are already stored on their computer.

There are cookies that do not require the visitors’ prior consent. Outis Nemo’s website provides a brief information to the visitor about these cookies upon the first visit of Outis Nemo’s website. As an example such cookies are authentication, multimedia player, load balancer, user interface customization session cookies, and user-centric security cookies.

Outis Nemo informs the visitors about the cookies that require consent – if the data control is being commenced by visiting the site – at the beginning of the first visit and asks for visitors’ consent. Acceptance of cookies requiring consent is not mandatory, nevertheless, Outis Nemo is and will not be liable if, in the absence of acceptance, the website would not function as expected.

Outis Nemo does not use and/or allow cookies that entitle third parties to collect data without the visitors’ / users’ consent.

Cookie type Details on cookie Name and date of expiration
Cookie information

We use this cookie to remember the user’s settings for cookies and not to ask them again.

Type: Required

moove_gdpr_popup = 1 year
Outis Nemo utm cookies

It is used to pass on to Google Analytics which ad the visitor clicked on to the website, as well as the same information for the Outis Nemo forms. It does not store personal information.

Type: Statistical

mssys_utm_params = End of browser session
System cookies

The purpose of these cookies is to enable visitors to fully and  seamlessly browse the Data Controller’s website, use its functions and the services available there. These types of cookies last until the end of the session (browsing), and when you close the browser, these types of cookies are automatically deleted from your computer or other device used for browsing.

Type: Required

PHPSESSID = End of browser session
Google Analytics cookies

Google Analytics Cookies – These cookies are used to collect data about how visitors to Outis Nemo’s website use the website. Such information may include (amongst others) information on the website from which the visitor clicked-through and the number of visits. We use this information to improve our website and services, as well as the user experience. Cookies do not personally identify the visitors, but collect information anonymously, which is transmitted to and stored on Google’s servers in the United States, in accordance with Google’s Privacy Policy. To learn more about Google Analytics privacy practices, please visit:

https://support.google.com/analytics/answer/6004245

(This page may only be available in English.)

Type: Statistical

__utma = 2 years
__utmb = 30 minutes
__utmc = End of browser session
__utmz = 6 months
__utmv = 2 years

Data processors

Please see detailed information on the data processors listed at each data control activity at Section 1) D of this Privacy Policy.

Digital Ocean
DigitalOcean, LLC
Registered seat: 101 6th Ave, New York, NY 10013, USA
Website: https://www.digitalocean.com/

Számlázz.hu
Invoicing
KBOSS.hu Ltd.
Registered seat: 7 Záhony street, Budapest 1031, Hungary
Company registration number: 01-09-303201
Telephone number: +3630 35 44 789
Website: www.szamlazz.hu

Stripe
Payment provider
Stripe, Inc.
Registered seat: 510 Townsend St, San Francisco, CA 94103, USA
Website: www.stripe.com

BitPay
Payment provider
Bitpay, Inc.
Registered seat: 8000 Avalon Blvd Ste 300 Alpharetta, GA, 30009-2470 USA
Website: www.bitpay.com

Payssion
Payment provider
Payssion Ltd.
Registered seat: Flat 01A2, 10/F, Carnival Comm Bldg, 18 Java Rd, North Point, Hong Kong, Hongkong
Website: www.payssion.com

Coingate
Payment provider
UAB “Decentralized”
Registered seat: A. Goštauto g. 8, Vilnius 01108, Litvánia
Website: www.coingate.com

Zendesk
Bank account services
Zendesk, Inc.
Registered seat: 989 Market St, San Francisco, CA 94103
Website: www.zendesk.com

 

Additional information on data control

Outis Nemo may only transfer your personal data within the framework set-out by the relevant legislation. In terms of Outis Nemo’s data processors, it is stipulated by the underlying contractual terms that they may not use any of your personal data for any purposes contrary to your consent.

Courts, the Public Prosecutor’s Offices and other authorities (e.g. police, tax authorities, National Data Protection and Freedom of Information Authority) may contact Outis Nemo for disclosure or provision of information and underlying documentation. In these cases, Outis Nemo is obliged to comply with the relevant legislation and provide information – but only to the extent strictly necessary to achieve the purpose of the request of that authority.

Contributors and/or employees of Outis Nemo involved in the data control and / or data processing of Outis Nemo are entitled to get familiar with your personal data to a predetermined extent – under explicit conditions of confidentiality.

Outis Nemo protects your personal data by the use of appropriate technical and other interventions, as well as ensure the security and availability of the information, and protect it from unauthorized access, alteration, damage or disclosure, and any other unauthorized use.

Data Security

As part of in-house interventions, we control physical access, train Outis Nemo’s employees on an ongoing basis, and keep paper-based documents locked up with adequate protection. Upon data control, we use encryption, password protection and anti-virus software – that suits the nature of data controlled. Nevertheless, please note that data transmission over the internet can never be considered as a completely secure way of data transmission.

Outis Nemo’s website always communicate via an encrypted channel (https protocol), so the data sent or received by you cannot be disclosed to third parties.

Right of data subjects

The data subject may request information on the handling of his / her personal data, as well as request the correction of his / her personal data, or – with the exception of mandatory data controlling – deletion, revocation, exercise the data carrier’s right to protest at the above contact details.

Right to information

The Data Controller takes appropriate measures to provide Data Subjects with all information on the controlling of personal data in a concise, transparent, comprehensible and easily accessible form, all in a clear and comprehensible manner – pursuant to Articles 13, 14, 15, 22 and 34 of the GDPR.

Outis Nemo provides information within 30 days from submitting a request in relation to the data controlled. The information request and the provision of such information is free of charge, unless an information request has been already submitted to Outis Nemo pertaining to the same personal data in the given calendar year. Outis Nemo may refuse the provision of information only in cases set-out by the law. In such case Outis Nemo is obliged to indicate in its answer the referred legislation (being the basis of the refusal) and provide information on the legal remedies available as well as on the potential recourse to the competent authorities.

Right of access

The Data Subject has the right to receive feedback from the Data Controller as to whether the control of his / her personal data is in progress and, if such data controlling is in progress, he / she has the right to access the personal data and the following information:

  • purpose of the data control;
  • type of personal data being under control;
  • the recipients or categories of recipients to whom or with whom the personal data have been or will be communicated, including in particular third country recipients or international organizations;
  • the planned duration of the storage of personal data;
  • the right to rectify, erase or restrict data control and to protest;
  • the right to lodge a complaint with the supervisory authority;
  • information on data sources;
  • the fact of automated decision-making, including profiling, and comprehensible information on the logic used and the significance of such data management and the expected consequences for the data subject.

The Data Controller provides the information requested within a maximum of one month from the submission of the request.

Right to rectify data

The Data Subject may request the correction of inaccurate personal data controlled by the Data Controller and the completion/amendment of incomplete data.

Right of deletion

The Data Subject has the right to delete personal data concerning him / her at his / her request without undue delay if one of the following reasons exists:

  • personal data are no longer required for the purpose for which they were collected or otherwise controlled;
  • the data subject withdraws the consent on which the data controlling is based and there is no other legal basis for the data controlling;
  • the data subject objects to the data control and there is no overriding legitimate reason for such data control;
  • personal data has been controlled unlawfully;
  • personal data must be deleted in order to comply with a legal obligation under EU or Member State law applicable to the Data Controller;
  • personal data was collected in connection with the provision of information society services.

Deletion of data cannot be initiated if data control is required:

  • to exercise the right to freedom of expression and information;
  • in order to fulfill an obligation under EU or Member State law applicable to the Data Controller to control personal data or to perform a task in the public interest or in the exercise of a public authority conferred on the Data Controller;
  • in the field of public health, or for archival, scientific and historical research or statistical purposes, in the public interest;
  • or to bring, assert or defend legal claims.

Right to Limit and Revoke Data Controlling

At the request of the Data Subject, the Data Controller restricts the data controlling if one of the following conditions is met:

  • the Data Subject disputes the accuracy of the personal data, in which case the restriction applies to the period of time that allows the accuracy of the personal data to be verified;
  • the data controlling is unlawful and the data subject opposes the deletion of the data and instead requests that their use be restricted;
  • the Data Controller no longer needs the personal data for the purpose of data controlling, but the data subject requests them in order to submit, enforce or protect legal claims; obsession
  • the Data Subject has objected to the data controlling; in this case, the restriction shall apply for the period until it is determined whether the legitimate reasons of the Data Controller take precedence over the legitimate reasons of the Data Subject.

Where data control is being restricted, personal data may be controlled (with the exception of storage) only with the consent of the data subject or for the purpose of enforcing or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State.

Outis Nemo undertakes to register the withdrawal of consent within 30 days, however, please note that we may control certain data after the withdrawal of consent in order to fulfill our legal obligation or to enforce our legitimate interests.

Right to Data Portability

The Data Subject has the right to receive the personal data concerning him / her made available to the Data Controller in a structured, widely used, machine – readable format and to transmit this data to another Data Controller.

Right to protest

The Data Subject has the right to object at any time to the control of his / her own personal data in the public interest or in the exercise of public authority, or to the controlling of data controllers or third parties, including profiling based on those provisions.

In the event of a protest, the Data Controller does not further control the personal data, unless it is justified by compelling legitimate reasons which take precedence over the interests, rights and freedoms of the data subject or which are related to the submission, enforcement or protection of legal claims.

If you object to the controlling of your personal data, Outis Nemo will examine the objection as soon as possible, within 14 days (but not more than 1 month) of submitting the request, and will inform you in writing of our decision. If we have determined that your objection is well-founded, we will immediately terminate the controlling of data – including further data collection and data transfer – and block the data. Accordingly, Outis Nemo will notify all persons to whom the personal data (affected by the objection) have been previously transferred and who are obliged to take action to enforce the right to protest.

Outis Nemo will refuse to comply with your request if we can prove that the control of data is justified by overriding legitimate reasons which take precedence over your interests, rights and freedoms or which relate to the submission, enforcement or defense of legal claims. If you do not agree with our decision, or if we miss the deadline, you can go to court within 30 days of the decision being announced or the last day of the deadline.

Right to apply to the court

If the rights of the Data Subject have been violated, he / she may take legal action against the Data Controller. The relevant court is acting out of turn in that case.

Data protection lawsuits fall within the jurisdiction of the tribunal, which may – at the intent of the Data Subject – be sued/commenced in the court of the data subject’s domicile or place of residence. A foreign national may also lodge a complaint with the competent supervisory authority of his place of residence.

Before contacting any supervisory authority or the court, please reach out with Outis Nemo in email or by registered mail delivery to the postal address of the registered seat of Outis Nemo.

Right to complain

Supervisory Authority: National Data Protection and Freedom of Information Authority

  • Registered seat: 22/c Szilágyi Erzsébet alley, Budapest 1125, Hungary
  • Postal address: Budapest 1530, Hungary Mailbox no.: 5.
  • Telephone number: +36 (1) 391-1400
  • Fax number: +36 (1) 391-1410
  • E-mail: ugyfelszolgalat@naih.hu
  • Website (some parts available in Hungarian): https://naih.hu/
  • More information: https://naih.hu/panaszuegyintezes-rendje.html

Amendments to Privacy Policy

This Privacy Policy is reviewed and updated on a regular basis to reflect the planned privacy changes of Outis Nemo. In the event of a change, depending on the extent of the change – depending on the impact of the change on the Data Subjects – we will notify the Data Subjects. If the change is significant, we will notify all those affected of the change by email, if the change is not significant, we will publish the new version on our website, but we will not send an e-mail notification.

Last updated on 01/03/2021