The goal of our Privacy Policy is to provide all necessary information about processing your personal data related to the GYŐRBIKE public bike rental system available on www.gyorbike.hu in a concise, transparent, intelligible and easily accessible form, using clear and plain language, and assist the Data subjects in exercising their rights under Section 5.

In the Privacy Policy, we may define you as “data subject”, or “contact person of our business partners” in the following. You may find further definitions concerning your personal data within the Appendix of the current Privacy Policy.

The legal basis of our duty to communicate information is Article 12 of Regulation 2016/679 of the European Parliament and Council (hereinafter referred to as: GDPR), Section 16 of Act CXII of 2011 on the right of informational self-determination and on freedom of information (hereinafter referred to as Information Act) and Section 4 of Act CVIII of 2011 on electronic commerce and on information society services (hereinafter referred to as Electronic Commerce Act).

The Privacy Policy was prepared by taking into account the GDPR, the Information Act and further legal acts relevant from the viewpoint of specific data processing. The list of the legal acts is detailed in Annex 10.1, the main concepts and definitions are determined in Annex 10.2 and the detailed information on the right of the data subject is included in Annex 10.3 of the Privacy Policy.

During the drafting and applying this Privacy Policy, we proceeded in the spirit of the findings of the recommendation of the Hungarian National Authority for Data Protection and Freedom of Information on the data protection requirements of prior information and Article 5 of the GDPR, especially the principle of accountability laid down in Article 5, Paragraph 2 thereof.

We also monitor the practice of the European Union with regard to the protection of personal data, accordingly, we shall also implement the findings of Article 29 Working Party of the European Commission in its Guideline on Transparency into our data processing practice.

Location: 9025 Győr, Radnóti Miklós utca 46.

Tax Nr.: 23186855208

E-mail: GYORPROJEKT@GYORPROJEKT.HU

Tel.: +36 - 96 / 998 - 331

Data Protection Officer: Dr. Erős László Péter

E-mail: info@dreroslaszlo.hu

Tel: + 36 30 650 1718

The bicycle rental system of the Municipality of Győr City of County Rights, operated by Győr Projekt Kft., is a newly implemented environmentally friendly initiative that combines the freedom of individual transport with the reliability of fixed-track transport. The GYŐRBIKE aims to reduce air pollution, congestion and noise in the city by increasing the number of people using bicycles as part of their daily lives. The public transport system offers a total of 100 electric bikes for hire in the city, which can be rented at one of the 10 collection stations and then dropped off at any station. To use this service, you need to register in advance on the website as an occasional renter and purchase a GYŐRBIKE pass as a regular user. The related data management processes are carried out in accordance with the GDPR, Act CXII of 2011 on the right of informational self-determination and on freedom of information (hereinafter referred to as Information Act) and Act CVIII of 2011 on electronic commerce and on information society services (hereinafter referred to as Electronic Commerce Act). In this chapter, we set out the basic circumstances of the processing of data in the course of providing the service.

It is possible to connect us through our availability located on the website. Also, by communicating with our business partners, we process the personal data of their contact person. The details of these processing are described hereunder.

If a natural person User contacts us through our website, we process his or her personal data according to point 3.1.1. on his or her freely given consent that he or she provides us in the moment of connecting us by phone or email (article 6 (1) a) of GDPR).

If we use the User's data for a purpose other than the original purpose for which it was collected (e.g. the original purpose was contacting and we transfer data to a lawyer), we will inform the User and obtain his or her prior explicit consent or give him or her the opportunity to object to such use of personal data.

The above personal data of the contact person of a legal person are processed by the data controller as a municipality-owned company, in connection with a public interest-task (operation of a community bicycle rental system) on behalf of the Municipality of the City of Győr (Article 6 (1) e) of the GDPR). It is in the interest of both parties to ensure effective communication during the use of the Website and any partner consultations and to be able to provide information to each other's designated representative about any material circumstances affecting the contract between the parties. No infringement of the right of informational self-determination of the contact person of a legal person can be established because of his/her professional or contractual obligation to facilitate communication between the parties and to provide personal data for this purpose. The contact person of a legal person may object to this processing.

We will process the personal data provided until the deletion operation is carried out on the basis of the withdrawal of consent or the announcement of objection. You may withdraw your consent or announce your objection at any time. Withdrawal of consent does not affect the lawfulness of processing based on the consent prior to its withdrawal.

In relation to the processing of the personal data of our business partners’ contact persons, we process their personal data until the personal data are no longer necessary in relation to the purposes for which they were collected or as long as it is possible according to the relevant acts (pursuant to the Hungarian Civil Code, 5 years following the performance or the termination of the contract, or 8 years following invoicing, in accordance with the Hungarian accounting act).

Your personal data are collected in electronic form.

To use the GYŐRBIKE system, Occasional Renters must register on www.gyorbike.hu, or in the GYŐRBIKE app where they create a user account. Details of the data processing associated with registration are set out below.

The processing of data is necessary for the performance of the contract (general terms and conditions and/or individual contract) concluded between the User and Győr Projekt Kft. (Article 6 (1) (b) GDPR), as the use of the occasional bicycle rental service requires prior registration and login via the Website or the application.

Pursuant to Paragraph (1) of Article 13/A of the Electronic Commerce Act, the service provider may process the natural person identification data and the address of the user necessary for the identification of the user for the purpose of creating, defining the content of, amending, monitoring the performance of, billing the fees arising from, and enforcing claims in connection with the contract for the provision of information society services. Pursuant to paragraph 2, the service provider may, for the purposes of billing for the charges resulting from a contract for the provision of an information society service, process natural person identification data, the address, and data relating to the time, duration and place of use of the information society service. Pursuant to paragraph 3, the provider may, in addition to paragraph 2, process personal data which are technically necessary for the provision of the service.

In accordance with the provisions of the Electronic Commerce Act, Győr Projekt Kft. processes only the personal data necessary for the provision of the service. In the case of regular bicycle renters and renters, Győr Projekt Kft. also processes the personal data of Users for the performance of the contract, since - although registration is not a prerequisite for the use of services in the case of the purchase of GYŐRBIKE cards and rentals - if the User registers on the Website or downloads the application and uses his/her user account, he/she will use the digital services of Győr Projekt Kft., which are subject to the General Terms and Conditions of Győr Projekt Kft. as Service Provider.

Occasional Users’ personal data will be automatically deleted 1 year after the deletion of the user’s profile.

Your personal data are collected in electronic form.

Registered Users have the possibility to rent a bike through the GYŐRBIKE application, and to use other services. The details of the data processing in this regard are described below.

The processing of data is necessary for the performance of the contract (general terms and conditions and/or individual contract) concluded between the User and Győr Projekt Kft. (Article 6 (1) (b) GDPR), as the use of the occasional bicycle rental service requires prior registration and login via the Website or the application.

Pursuant to Paragraph (1) of Article 13/A of the Electronic Commerce Act, the service provider may process the natural person identification data and the address of the user necessary for the identification of the user for the purpose of creating, defining the content of, amending, monitoring the performance of, billing the fees arising from, and enforcing claims in connection with the contract for the provision of information society services. Pursuant to paragraph 2, the service provider may, for the purposes of billing for the charges resulting from a contract for the provision of an information society service, process natural person identification data, the address, and data relating to the time, duration and place of use of the information society service. Pursuant to paragraph 3, the provider may, in addition to paragraph 2, process personal data which are technically necessary for the provision of the service.

In accordance with the provisions of the Electronic Commerce Act, Győr Projekt Kft. processes only the personal data necessary for the provision of the service. In the case of regular bicycle renters and renters, Győr Projekt Kft. also processes the personal data of Users for the performance of the contract, since - although registration is not a prerequisite for the use of services in the case of the purchase of GYŐRBIKE cards and rentals - if the User registers on the Website or downloads the application and uses his/her user account, he/she will use the digital services of Győr Projekt Kft.., which are subject to the General Terms and Conditions of Győr Projekt Kft. as Service Provider.

Occasional Users’ personal data will be automatically deleted 1 year after the deletion of the user’s profile.

Your personal data are collected in electronic form.

Occasional bike rental is available after prior registration and login to your user account. The details of the data management are described below.

The processing is necessary for the performance of the contract (general terms and conditions and/or individual contract) concluded between the User and Győr Projekt Kft. (Article 6 (1) (b) GDPR).

Until the end of the 1st year after the service has been provided.

Your personal data are collected in electronic form.

Regular Users can purchase a monthly, half-yearly or annual pass, or top up their GYŐRBIKE card with a balance that can be used during the validity period of their pass. The GYŐRBIKE card is a plastic card with an unique ID that entitles the cardholder to rent a bicycle, which the User can use to start the rental directly at the dock.

The processing is necessary for the performance of the contract (general terms and conditions and/or individual contract) concluded between the User and Győr Projekt Kft. (Article 6 (1) (b) GDPR).

Until the use of the GYŐRBIKE card, or until the end of the 5th year after the service has been provided - until the limitation period for legal claims arising from the contract with the User.

Your personal data are collected in electronic form and through the GYŐRBIKE Card.

During the cooperation with the Organizers, with regard to Act C of 2000 on accounting (hereinafter referred to as Accounting Act), we shall issue an accounting document. The details of such processing are described hereunder.

Processing is necessary for compliance with legal obligations (with regard to Article 6, Paragraph 1, Point f) of GDPR, Section 5, Subsection 1, Paragraph b) of Information Act and Section 166, Subsections 1 to 3 of the Accounting Act).

8 years after the issuance of the accounting document (with regard to Section 166, Subsection 6 of the Accounting Act, Section 169, Subsection 1 of the Accounting Act).

Personal data are collected in electronic form or are stored paper-based.

By taking into account the provisions of the legal act on the rules of the digital archiving, the accounting document issued in electronic form shall be stored in a manner that the applied method shall ensure the provision and continuous readable form of all of the data of the document without delay and that excludes the possibility of subsequent modification.

Since we cannot perform our accounting obligations without knowing the concerning personal data, the provision of personal data is a statutory requirement.

In order to keep our Users up to date with the latest information, they can subscribe to our newsletter. The following information applies to the processing of data in this context:

The data subject's consent (article 6 (1) a) of GDPR) given by subscribing to the newsletter, which the subscriber may withdraw at any time by sending a declaration to this effect to our contact details above or by unsubscribing from the newsletter.

We will process the personal data provided until the deletion operation is carried out on the basis of the withdrawal of consent. You may withdraw your consent or announce your objection at any time. Withdrawal of consent does not affect the lawfulness of processing based on the consent prior to its withdrawal.

Personal data are collected automatically and manually, in electronic form.

Users may contact us by e-mail or telephone to ask questions or to investigate any complaints. Details of the processing of data in this regard are set out below.

Processing is necessary for compliance with a legal obligation; with regard to section 6 paragraph 1 point f of GDPR, section 5 article 1 point b of Information Act and Act CLXV of 2013 on Complaints and Public Interest Disclosures.

Pursuant to Article 1 (4) and Article 10 of Act CLXV of 2013 on Complaints and Public Interest Disclosures., for 5 years from the date of receipt of the complaint.

Personal data are collected in electronic form or are stored paper-based.

If the User wishes to exercise his/her right of withdrawal/cancellation pursuant to Article 20 of Government Decree 45/2014. (II.26.) on Detailed Rules governing contract concluded between consumers and businesses esses ("Government Decree"), we are obliged to ensure that the consumer can exercise it. Details of the processing of data in this regard are set out below.

Processing is necessary for compliance with a legal obligation; with regard to section 6 paragraph 1 point f of GDPR, section 5 article 1 point b of Information Act and the provisions of section 22 of the Government Decree.

The period of 5 years from the exercise of the right of withdrawal/cancellation is the general limitation period for claims and enforcement of rights set out in the Civil Code, in order to be able to prove that we have complied with the consumer's request in accordance with the legal requirements and that he/she is not entitled to enforce any further rights or claims against us on the same legal basis.

In electronic form or paper-based, depending on how the withdrawal/cancellation declaration is received.

Since we cannot perform our accounting obligations without knowing the concerning personal data, the provision of personal data is a statutory requirement.

We secure your personal information from unauthorized access, use or disclosure. We secure the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. When personal information (such as connection data) is transmitted to other Web sites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) or HTTPS protocol.

Our employees and the employees of the data processors have the right to get acquainted with the personal data of the User, to the extent necessary, for the performance of the tasks which belong to their job. We make all technical and organizational measures that guarantee the security of the data.

We provide access to our IT systems with personalized rights. The “necessary and sufficient rights” principle applies to the allocation of accesses, consequently all employees may use our IT systems and services only to the extent necessary for the performance of their duties, with the appropriate rights and for the required time. Access to IT systems and services can only be granted to a person who is not restricted for security or other reasons (e.g. conflicts of interest) and who has the professional, business and information security knowledge required to use it securely.

We and the data processors undertake strict confidentiality rules in a written statement, and we are obliged to act in accordance with these confidentiality rules during the course of our activities.

The data is stored, EEEwith the exception of the data stored by our data processors, on our own devices, in a data center. The IT devices which store data are located in an isolated, separate closed server room, protected by a multi-stage access control system subject to authorization control.

We protect our internal network with multi-level firewall protection. In all cases, a hardware firewall (border protection device) is located at the entry points of the applied public networks. The data is stored redundantly, that is, in several places, so it is protected from destruction, loss, damage, or illegal destruction due to the failure of the IT device.

Our internal networks are protected from external attacks with a multi-level, active protection against complex malicious code (e.g. virus protection). The external access to the IT systems and databases is operated by us via an encrypted data connection (VPN).

We do steps to ensure that the IT tools and software continuously comply with the generally accepted technological solutions in the market.

We develop systems, during our development, in which logging can be used to control and monitor the operations performed, and to detect incidents, such as unauthorized access.

Our server is protected and closed, located on the dedicated servers of the hosting provider.

It is relevant to us that our data processing shall comply with the requirements of fairness, lawfulness and transparency. In light thereof, we shall present the rights of the data subjects in this Section, and thereafter we shall explain them in detail in Appendix 10.3.

Our Users may request free information on the details of the processing of their personal data and in cases laid down in legal acts, they may also request the rectification, erasure or blocking thereof, or the restriction of such processing, and they may also object to the processing of such data. Our Users may address their request for information and the request indicated in this Section to our contact information set out in Section 2.

Our User has the right to obtain confirmation as to whether or not personal data concerning him/her are being processed, and, where that is the case, access to the personal data and the information regarding the details of processing.

Our User has the right to obtain from us without undue delay the rectification of inaccurate personal data concerning him/her and to have incomplete personal data completed, including by means of providing a supplementary statement.

At the request of our User, we shall erase personal data concerning him/her, if the processing of such data is no longer necessary, if the User has revoked his/her consent thereto, if the User objects thereto or if the processing is unlawful.

If we made the personal data public and are obligated to erase the User’s personal data at request, we shall inform any such controller which was made aware of or could have made aware of the possibly published data of the User.

At the request of our User, we shall restrict data processing if the accuracy of the personal data is challenged, or the data processing is unlawful, or our User objects to the processing of data, or if we do not deem the provided personal data necessary in the future.

Our User has the right to receive the personal data concerning him/her, in a structured, commonly used and machine-readable format and has the right to transmit those data to another controller.

Our User has the right to object, on grounds relating to his/her particular situation, at any time to the processing of personal data concerning him/her based on the data processing purposes of legitimate interest (see Sections 4.1, 4.2., and 4.3.). In such a case, we no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims. In case of objection, as a general rule, the personal data for such purposes may not be processed further.

We shall examine the requests as promptly as possible following its submission to us, but not later than within 30 days, and in case of objections, within 15 days and we shall decide whether they are well founded, of which we shall notify the person submitting the request in writing. If we do not fulfil the request of our User, then we shall inform him/her of the factual and legal reasons for denying thereof in our decision.

Protecting personal data is of utmost importance to us, and we shall also respect your right of informational self-determination, therefore we strive to respond to all requests and claims in a correct manner and within the deadlines. With respect thereto, we ask you to contact us before possibly pursuing your claim before authorities and courts, for the purposes of submitting your complaint or request to us, in order to have your possible objections resolved as soon as possible.

Should this be unsuccessful, our User may

pursue his/her rights and claims before the courts pursuant to Act V of 2013 on the Civil Code (the legal proceedings may be lodged before the regional court of our User’s domestic or habitual residence; the list and contact information of the regional court may be viewed in the following link: http://birosag.hu/torvenyszekek) and turn to and submit a complaint to the National Authority for Data Protection and Freedom of Information (address: 1055 Budapest, Falk Miksa utca 9-11., telephone number: +36-1-391-1400, facsimile: +36-1-391-1410, e-mail address: ugyfelszolgalat@naih.hu, website:https://www.naih.hu/panaszuegyintezes-rendje.html, pursuing the claim online: https://www.naih.hu/online-uegyinditas.html, hereinafter referred to as NAIH) pursuant to the provisions of the Information Act.

We communicate any rectification or erasure of personal data or restriction of processing carried out, to each recipient to whom the personal data of the Users have been disclosed, unless this proves impossible or involves disproportionate effort. We also inform the User about these recipients at request.

We provide information on actions performed at the request indicated in Section 5 within one month of the receipt of such request at the latest in electronic form, unless otherwise requested by the User. That period may be extended by an additional two months where necessary, taking into account the complexity and number of the requests. We inform you of any such extension within one month of receipt of the request, together with the reasons for the delay.

At the request of the User, an oral notification may also be granted, provided that the User offers an identification in any manner.

If we do not take actions at your request, we inform you within one month of receipt of the request at the latest of the reasons for not taking actions and on the possibility of lodging a complaint at NAIH and seeking a judicial remedy (see point 5.9).

In exceptional cases, if we have reasonable doubts concerning the identity of the natural person submitting the request, we may request the provision of additional information necessary to confirm the identity of the data subject. This measure is required for the purposes of facilitating the confidentiality of data processing and preventing unlawful access to personal data as laid down in Article 5, Paragraph 1, Point f) of GDPR.

We provide you information with regard to the requests concerning Section 5 and take the necessary measures to be carried out based thereon free of charge.

If your requests are manifestly unfounded or excessive, in particular due to their repetitive nature, we may charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested or we refuse to act at the request.

Our website’s hosting provider (data processor) can have access to the personal data you provide while using the website. The data processor’s data are the following:

Name: Telekom Rendszerintegráció Zrt.

Availability: servicedesk@telekom.hu

The newsletter software used to send the Website newsletter is operated by the data processor we use. The data processor’s data are the following:

Name: Telekom Rendszerintegráció Zrt.

Availability: servicedesk@telekom.hu

Ticket fees can be paid by credit card via the interface of a bank service provider as a data processor.

Name: OTP Mobil Kft.

Availability: https://simplepay.hu/

During issuing invoices, our data processor dealing with invoicing may gain access to the personal data of the Users collected for invoicing. The data processor’s data are the following:

Name: KBOSS.hu Kft.

Availability: info@szamlazz.hu

In order to the proper functioning of our websites, we have placed smaller data files in the Users’ computer devices in certain cases, similarly to most of the modern websites.

Cookies are small text files, which the website places to the computer device (including mobile phones) of the User. Consequently, the website is able to “remember” the settings of the User (such as: applied language, letter size, design, etc.), therefore, it is not necessary to set it each time the User visits our website.

Cookies used on our Website:

These cookies may be deleted, blocked, however in such cases, the Website may not function appropriately.

We do not use cookies to identiy Users. We exclusively use cookies for the purposes above.

1. The Google Analytics is the web analysis service of Google Inc. („Google”). Google Analytics uses so-called “cookies”, text files, which are saved to the computers of the Users, thereby facilitating the analysis of use of the website visited by the User.

2. The information generated by the cookies with respect to the website used by the User are generally placed to and stored in one of the servers of Google in the USA. By activating IP anonymization on the website, Google previously shortens the IP address of the User within the Member States of the European Union or in other countries that are party to the treaty on the European Economic Area.

3. Only in exceptional cases shall the full IP address be transferred to the Google server in the US and abridged there. On behalf of us, Google shall use these information to assess how the User used the specific website and to make reports pertaining to the activity regarding the website for us, furthermore, to perform additional services with respect to the use of the internet and the website.

4. In the scope of Google Analytics, the IP address transferred by the web browser of the User shall not be combined with other Google data. By appropriate configuration of the User’s browser, you may prevent these cookies from being stored, nevertheless, we shall point out that in this case you may not be able to fully use all functions of this website. Furthermore, you have the option to prevent the collection of the Users’ data generated by the cookies and related to the use of the website (including your IP address) by Google as well as processing this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=h

Information about the cookies used by Google Analytics:

https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

The cookies placed by our website are stored on your computer, therefore you may erase them at any time. For the erasure of the cookies, the following guidelines may offer you assistance:

In case of Mozilla Firefox web browser:
https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox

In case of Chrome web browser: https://support.google.com/chrome/answer/95647?hl=hu&ref_topic=7438325

In case of Microsoft Edge web browser:
https://privacy.microsoft.com/hu-hu/windows-10-microsoft-edge-and-privacy

In case of Opera web browser:
https://help.opera.com/en/latest/web-preferences/#cookies

If we intend to further process the personal data for a purpose other than that for which the personal data were collected, we shall inform the Users thereof, we shall acquire their prior and expressed consent thereto and ensure the possibility for them to object to such processing.

To comply with Article 30 of GDPR, we maintain a record of processing activities (record of processing activities) which we are liable for.

Data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. In case of data breach, we are obligated to act according to Articles 33 and 34 of GDPR. We shall record data breaches by indicating the facts pertaining to data breaches, their effect and the measures taken to remedy them.

We are entitled to unilaterally amend this Privacy Policy. If it is amended, we will keep the previous versions of it or, where possible and appropriate, draw the attention of the persons concerned to the amended provisions.

Effective as of: 1th of August 2024

Győr Projekt Kft.

Data Controller

In the course of drafting this Privacy Policy, the Controller has taken into account the relevant effective legal acts and the international recommendations, with special regard to the following:

Right to access

The User is entitled to receive access to the personal data being processed by us, at his/her request, submitted to any address as indicated in our contact details. In the scope thereof, the User may be informed of the following:

The User may request a copy of his/her personal data that is subject to the processing of data. In this case we shall provide the personal data in a structured, commonly used and machine-readable format (PDF/XML) and on paper, in a printed format. Requesting the copy is free of charge.

Rectification

Based on a request submitted to any address as indicated in our contact details, the User is entitled to request the rectification of the inaccurate personal data concerning him/her and to have the incomplete data completed. If we do not have the necessary information for the correction and completion of the incorrect information, we may request the provision of such supplementary data and the certification of the accuracy of the data. In the absence of such supplementary information, we shall restrict the processing of the relevant personal data and we shall temporarily suspend the measures carried out thereon with the exception of storing until such a time that the correction and completion of data may be performed.

Erasure

Based on a request submitted to any address as indicated in our contact details, the User is entitled to request the erasure of the personal data concerning him/her and processed by us, provided that any of the following conditions are met:

Should we determine based on the User’s request that we are obligated to erase the personal data processed by us, we shall cease the processing of such data and we shall destruct the previously processed personal data. Besides that, we are also obligated to erase the personal data upon the revocation of consent, the exercising of the right to object and based on our obligations laid down in legal acts.

Restriction of data processing

Based on a request submitted to any address as indicated in our contact details, the User is entitled to request the restriction of the personal data concerning him/her processed by us in the following cases:

We automatically restrict the processing of personal data if the User challenges the accuracy of the personal data and the User exercises its right of objection. In this case, the restriction shall extend to such a time period which enables the checking of the accuracy of the personal data and, in case of objection, the determination of the fact whether the prerequisites of the data processing are met.

During such restriction, the data processing measures of the indicated personal data may not be carried out, only the storage thereof. In case of the restriction of data processing, the personal data may only be processed in the following cases:

We shall inform the Users of the lifting of the restrictions in advance.

Data portability

Based on a request submitted to any address as indicated in our contact details, the User is entitled to request the provision of personal data concerning him/her, and processed by us to further use determined by the User. Besides that, the User may also request that we transfer the personal data to another controller indicated by the User.

This right only covers the personal data provided by the User and processed for the performance of the contract. There is no possibility for the portability of other data. We shall provide the personal data to the User in a structured, commonly used and machine-readable format (PDF/XML) and on paper, in a printed format.

We inform the User that the exercising of this right does not automatically involve the erasure of such personal data from our systems. Besides that, the User is entitled to contact us and keeping in contact with us again, even following such data portability.

Objection

Based on a request submitted to any address as indicated in our contact details, the User is entitled to object to the processing of his/her/its personal data for the purposes indicated in Section 3.1. of this Privacy Policy. In this case, we shall examine whether the data processing is justified by such mandatory legal reasons which take precedence over the interests, rights and freedoms of the User or which are pertaining to the submission, enforcement or protection of legal claims. Should we determine that such reasons exist, we shall continue processing the personal data. In failure thereof, we shall not process the personal data in the future.