1. The aim of this policy

1.1. This data processing policy (hereinafter: Policy) contains the most important data protection rules applicable to the records kept by Alkubot Kft. (hereinafter: Service Provider), with particular regard to the requirements relating to data management, data processing, data transfer, data protection and disclosure. The aim of this Policy is to determine the principles and rules of data management and the terms and conditions of data processing applied by the Service Provider in accordance with the requirements of the relevant Hungarian and EU legislation.

1.2. The Service Provider operates the website (hereinafter: Website), amongst which it manages the data of users of the Website.

1.3. This Policy was made in accordance with Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (hereinafter: Privacy Act), Act CVIII of 2001 on certain issues of electronic commerce activities and information society services (hereinafter: Information Act), Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities, the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC General Data Protection Regulation (hereinafter: GDPR).

1.4. The Service Provider reserves the right to notify the User by email of any changes to the services or general terms and conditions it provides. The Service Provider does not use the information for advertising purposes.

2. Data Controller’s data:

Company name: Alkubot Kft.

Registered office: 2483 Gárdony, Üdülő utca 70

Company registration number: 07-09-030144

Tax number: 26774972-2-07


Server and Website Operator:

Company name: DigitalOcean LLC

Registered office: 101 Avenue of the Americas, 10th Floor, New York, NY 10013

3. Data management by the Service Provider

3.1. Registration and subscription

The required data in order to register and subscribe to the Product.

Recorded data:

  • Name,
  • Company name,
  • E-mail address,
  • Phone number,
  • Billing address,
  • Tax number.

Aim of data management: Proof of subscription

Legal basis of data management: necessary to perform the contract

Duration of data management: can be terminated by the Service Provider and the User with normal or extraordinary termination.

The way of data storing: the Service Provider stores the User’s registered data on the enterprise server.

3.2. Newsletter sign up

Aim of data management: information in form of newsletter

Scope of managed data: e-mail address

Legal basis of data management: contribution

Duration of data management: until the consent is withdrawn

The way of data storing: the Service Provider stores the User’s registered data on the enterprise server.

3.3. Contact via the website contact form

Aim of data management: Keeping in touch with clients, contacting

Scope of managed data: Name, e-mail address, phone number

Legal basis of data management: contribution

Duration of data management: until the consent is withdrawn

The way of data storing: the Service Provider stores the User’s registered data on the enterprise server.

3.4. Communications between the installed Alkubot plugin on the User’s website and the User’s website visitors.

Aim of data management: Further development of the product based on the communication between the installed Alkubot plugin on the User’s website and the User’s website visitors.

Scope of managed data: The complete chat message exchange between the User’s visitor and the installed Alkubot plugin on the User’s website.

Legal basis of data management: contribution.

Duration of data management: until the consent is withdrawn.

The way of data storing: the Service Provider stores the User’s data on the enterprise server.

4. Data Processors

Accounting, payroll:

Company name: ABC Accounting Kft.

Registered office: 1121 Budapest, Mártonvölgy utca 20

Company registration number: 01-09-306201

Tax number: 26179054-2-43

Contact: 06 30 442 5377

Newsletter provider:

Company name: The Rocket Science Group LLC

Registered office: 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA


Scope of data transmitted: Email address

Purpose of data transfer: Collecting newsletter subscribers

Electronic payment:

Company name: PayPal (Europe) S.à r.l.

Registered office: 22-24 Boulevard Royal L-2449, Luxembourg.

Electronic invoicing:

Company name: Kft.

Registered office: 1031 Budapest, Záhony utca 7.

Company registration number: 01-09-303201

Tax number: 13421739-2-41


Scope of data transmitted: Name, Billing address, Tax number

Purpose of data transfer: Billing of Service

Any personal data recorded, stored and managed by the Data Controller will not be accessible by third parties unless to comply with statutory obligations.

5. Responsibility

The correctness of the personal data registered by the User is not verified by the Service Provider. The User is solely responsible for the adequacy of the registered data. The User is responsible for the e-mail address that he has registered, which allows access to and use of the Service Provider’s data.

6. Handling of registered data

The Service Provider and the data processors are entitled to know the data registered by the User. The access authority to the Service Provider’s data management process shall be determined by the Chief Executive Officer of the Service Provider. The access rights to the data processing process entrusted by the Service Provider shall be determined by the Chief Executive Officer (managing director) of the data processing agent. The Service Provider is entitled and obliged to transit data to third parties for the purposes of its statutory obligations.

7. User rights

7.1. The User is entitled to request free of charge information about his personal data processed, the purpose, legal basis, duration of the data processing, the name, headquarter address of the data processors and activities related to data processing, as well as data protection rights and remedies. The User is entitled to request the rectification, erasure, blocking or restriction of the processing of his data free of charge in the cases defined by law, and may object to the processing of his personal data.

7.2. The Service Provider shall examine the User’s application as soon as possible after submitting the application, but no more than 30 days - 15 days in case of protest - and make a decision on the validity of the application, which shall inform the applicant in writing. If the Service Provider does not comply with the User’s request, it shall inform the User in its decision of the factual and legal reasons for rejecting the request.

7.3. Pursuant to Act V of 2013 on the Civil Code, the User has the right to enforce his rights in court and to the National Data Protection and Freedom of Information Authority (1125 Budapest, Szilágyi Erzsébet fasor 22/c.; to contact and file a complaint.

8. Other information

8.1 The Service Provider collects data about the activity of the inquirers in a way that does not make the identity of the inquirers identifiable, it cannot be linked to the personal data provided by the User during the registration or the information provided when using other websites or services.

8.2 The Service Provider shall inform the User in advance and request prior explicit consent if the User wishes to use the personal data for purposes other than those specified by him.

8.3 The Service Provider shall ensure the security of data management and data processing and shall take all necessary technical measures to protect the data recorded, stored and managed, as well as to prevent their unauthorized use or alteration or destruction.

8.4 The Service Provider keeps a record of its data management activities required by law (records of data management activities).

8.5 Privacy incident is a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access of personal data that we process. In the event of a privacy incident, the Service Provider shall act in accordance with Articles 33 and 34 of the GDPR. The Service Provider shall keep records of data protection incidents, indicating the facts related to the data protection incident, its effects and the measures taken to remedy it.

8.6 The Service Provider may at any time unilaterally modify this Prospectus. The Service Provider shall publish the modification of the Prospectus on its website. The User is entitled to continue using the services of the Website after accepting the modification of the Prospectus.

Effective: 2019. November. 05