PRIVACY POLICY

As the operators of the ODT System website, OL Munkaidő Ltd.  registered in Hungary. Office Address at Szilágyi utca 58, Dunakszi 2120 Hungary.  (“We“, “Us“, “ODT System”), is committed to protecting and respecting your privacy. This Privacy and Cookies Policy (“Policy“) relates to services provided through our website and application (“Services”) and sets out the basis on which the Personal Data collected from you, or that you provide to Us will be processed by Us. “Personal Data” means any information that identifies or relates to a particular individual and also includes information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws, rules, or regulations (collectively the “Data Protection Laws”). This Policy does not cover the practices of companies We don’t own or control or people We don’t manage. For clarity, this policy applies when ODT System acts as a “Controller” (as defined in the General Data Protection Regulation (the “GDPR”) or “Business” as defined under the California Consumer Privacy Act of 2018 (the “CCPA”)). Note that we may also process Personal Data of our customers’ job applicants in connection with our provision of services to customers, in which case we are the processor of Personal Data. If we are the processor or service provider for your Personal Data (i.e., not the controller or business), please contact the controller/business party in the first instance to address your rights with respect to such data. Please read the following carefully to understand our views and practices regarding your Personal Data and how We will treat it.

You may print a copy of this Privacy Policy by clicking here. If you have a disability, you may access this Privacy Policy in an alternative format by contacting gdpr@odtsystem.com.

For the purpose of the GDPR and the CCPA:

• in respect of the Personal Data of users of the Website and the Services and business contacts and prospects of ODT System, the Data Controller is ODT System;
• In respect of the Personal Data of candidates who apply for, or who a Customer of ODT System contacts in respect of an Opening (as the term is described in ODT System’s Terms) (“Candidates”) ODT System shall process personal information as a data processor on behalf of its Customers, who use Our Services to assist with their recruitment processes. Where you apply for a role with one of ODT System’s Customers, our Customer’s privacy policy, rather than this Privacy Policy, will apply to our processing of your personal information.

Sources of Personal Data

We collect Personal Data about you from:

• You:

• when you provide such information directly to us, and
• when Personal Data about you is automatically collected in connection with your use of our Services.
• Our subsidiaries and affiliates (together, “Affiliates”), when they provide us with Personal Data about you.
• Third parties, when they provide us with Personal Data about you (“Third Parties”). Third Parties that share your Personal Data with us include:
• Service providers. For example, we may use analytics service providers to analyze how you interact and engage with the Services, or third parties may help us provide you with customer support.
• Social networks connected to the services. If you provide your social network account credentials to us or otherwise sign in to the Services through a third-party site or service, you understand some content and/or information in those accounts may be transmitted into your Account with us.
• Advertising partners. We receive information about you from some of our service providers who assist us with marketing or promotional services related to how you interact with our websites, applications, products, services, advertisements or communications.

Information we collect from you

We collect and process some or all of the following types of information from you:

• Information that you provide by filling in forms on the ODT System.com website (“Website”). This includes information provided at the time of registering to use the Website, subscribing to our Services, posting material or requesting further information or services. We may also ask you for information when you report a problem with the Website.
• If you contact Us, We may keep a record of that correspondence.
• We may also ask you to complete surveys that We use for research purposes, although you do not have to respond to them.
• Details of all actions that you carry out through the Website and of the provision of services to you.
• Details of your visits to the Website including, but not limited to, traffic data, location data, weblogs and other communication data, the site that referred you to our site and the resources that you access.

The provision of your full name and e-mail address, your employer and/or your place of work and the url of the business that you work for is required from you when you register to use our Services. We will inform you at the point of collecting information from you, whether you are required to provide the information to Us.

Categories of Personal Data We Collect

The following chart details the categories of Personal Data that we collect and have collected over the past twelve (12) months. Throughout this Privacy Policy, we will refer back to the categories of Personal Data listed in this chart (for example, “Category A. Personal identifiers”).

Personal Data Collected (including Categories)	Purposes of Use	What is the source of this Personal Data?	Categories of third parties to whom we disclose the information for business purposes
A. Personal identifiers Real name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social profile URL	Provide the Services Communicate with You and provide customer service Personalize your experience Improve the Services Our Marketing and Third Party Marketing and Advertising Purposes Bug detection and error reporting Auditing Consumer Interactions Security, Fraud and Legal Compliance	You Affiliates Third Parties	Service Providers Our Affiliates Other Individuals, Services, and Partners at Your Request Entities for Legal Purposes Entities For Sales or Transfer of Business or Assets
	Provide the Services Communicate with You and provide customer service Personalize your experience Improve the Services Our Marketing and Third Party Marketing and Advertising Purposes Bug detection and error reporting Auditing Consumer Interactions Security, Fraud and Legal Compliance	You Affiliates Third Parties	Service Providers Our Affiliates Other Individuals, Services, and Partners at Your Request Entities for Legal Purposes Entities For Sales or Transfer of Business or Assets
C. Commercial information History of services purchased through ODT System	Provide the Services Internal Accounting purposes Provide Customer service Performance of legal obligations	You Affiliates	Service Providers Our Affiliates
D. Internet or other similar network activity information Browsing history, search history, information interaction with the website or application.	Our Marketing and Third Party Marketing and Advertising Purposes Auditing Consumer Interactions Communicate with You and provide customer service Improve the Services Bug detection and error reporting Security, Fraud and Legal Compliance	You Affiliates Third Parties	Service Providers Our Affiliates
E. Geolocation data Physical location (calculated from IP address)	Provide the Services Security, Fraud and Legal Compliance	You Affiliates Third Parties	Service Providers Our Affiliates
F. Professional or employment-related information Current job title and employer	Provide the Services Communicate with You and provide customer service Personalize your experience Improve the Services Our Marketing and Third Party Marketing and Advertising Purposes	You Affiliates Third Parties	Service Providers Our Affiliates

The following section provides additional information about how we collect your Personal Data.

IP Addresses and cookies

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration, customer support and to collect aggregate information for internal reporting purposes.

In addition, our Website uses cookies. A cookie is a small file of letters and numbers that we put on your computer if you select to agree at the banner that is displayed to you during the first time you visit our website. You may accept or decline being tracked by indicating your preference to this banner. These cookies allow us to distinguish you from other users of the Website, which helps us to provide you with a good experience when you browse our Website and also allows us to improve the Website.

The cookies we use are “analytical” cookies. Some of the common uses for our cookies are as follows:

• to recognise and count the number of visitors and to see how visitors move around the site when they are using it. This helps us to improve the way our Website works, for example by ensuring that users are finding what they are looking for easily.
• to identify and authenticate a user across different pages of our Website, within our own Website, in a session or across different sessions. This is so that the user does not need to provide a password on every page the user visits; and
• to be able to retrieve a user’s previously stored data, for example, information that the user previously submitted to the Website, so as to facilitate reuse of this information by the user.

You can also decide whether or not to accept cookies through your internet browser’s settings. Most browsers have an option for turning off the cookie feature, which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new cookie in a variety of ways. You can also delete all cookies that are already on your computer. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some of the Services and functionalities may not work.

To explore what cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find out more information about cookies, including information about how to manage and delete cookies, please visit https://ico.org.uk/for-the-public/online/cookies/ or http://www.allaboutcookies.org/.

Uses made of your information when you request assistance from ODT System Support

If you request assistance by a representative of ODT System, the System representative may obtain access to your ODT System account for the purposes of resolving your inquiry. Under those circumstances, the ODT System representative will assume your role in ODT System and view your account as you would when you log in.

ODT System reserves the right to assume the role of a user in your account without prior notice in certain situations, for example when it is necessary for security purposes (such as investigating a bug or abuse) or when it is necessary to comply with applicable law.

Uses made of your information

Where you are using our Services on behalf of our Customer, we rely on legitimate interests in performing our contract with our Customer as the lawful basis on which We collect and use your Personal Data.

We use information held about you in the following ways:

• To ensure that content from the Website is presented in the most effective manner for you and for your computer.
• To provide you with information, products or services that you request from us or which we feel may interest you or our Customer.
• To carry out our obligations arising from any contracts entered into between our Customer (on whose behalf you are using the Services) and Us
• To notify you about changes to our Services and provide you with information that is relevant to your use of the Services.
• Where you or your employer are a prospective Customer, to provide you with information about our Services for marketing purposes.

Disclosure of your information

We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 (where applicable). Where any such member of our group is outside the EU this transfer will be on the basis of a contract including the Model Contractual Clauses in accordance with the Data Protection Laws.

We may disclose your personal information to third parties:

• in the event that we sell or buy any business or assets, in which case we may disclose your Personal Data to the prospective seller or buyer of such business or assets;
• if we or substantially all of our assets are acquired by a third party, in which case Personal Data held by us about our customers will be one of the transferred assets;
• if we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation or in order to enforce or apply our Website Terms and Conditions and other agreements, but we will endeavour to minimise such disclosure to only that reasonably necessary and, where possible, to provide you with notice of such disclosure; and/or
• to protect the rights, property, or safety of ODT System, the Website, our users and any third party we interact with to provide the Website.

We disclose your Personal Data to service providers and other parties for the following business purposes:

• Auditing related to a current interaction and concurrent transactions, including, but not limited to auditing compliance with this specification and other standards.
• Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
• Debugging to identify and repair errors that impair existing intended functionality.
• Short-term, transient use of Personal Data that is not used by another party to build a consumer profile or otherwise alter your consumer experience outside the current interaction.
• Performing services on our behalf, including software hosting and cloud computing, Customer Relationship Management, email sending, logging, storing Customer data, maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
• Undertaking internal research for technological development and demonstration.
• Undertaking activities to verify or maintain the quality or safety of a service or functionality that we provide, own, manufacture, or control.

We disclose your Personal Data to the following categories of service providers and other parties:

• Service providers, including:

• Payment processors.
• Ad networks.
• Security and fraud prevention consultants.
• Hosting and other technology and communications providers.
• Analytics providers.
• CRM software providers.
• Email sending providers.
• Logging service providers.
• Customer Service software providers.
• Our Affiliates.
• Parties who acquire your Personal Data through an acquisition or other change of control.
• Personal Data may be transferred to a third party if we undergo a merger, acquisition, bankruptcy or other transaction in which that third party assumes control of our business (in whole or in part).
• Other parties at your direction.
• Other users (where you post information publicly or as otherwise necessary to effect a transaction initiated or authorized by you through the Services).
• Social media services (if you intentionally interact with them through your use of the Services).
• Third-party business partners who you access through the Services.
• Other parties authorized by you.

Over the past twelve months, we have disclosed the following categories of your Personal Data to service providers or other parties for the business purposes listed above:

• A. Personal identifiers.
• B. Customer records identified by state law.
• C. Commercial information.
• D. Internet or other similar network activity information.
• E. Geolocation data.
• F. Professional or employment-related information.

Sales of Personal Data

We haven’t sold your Personal Data over the last twelve months.

How we store your Personal Data

Security

We take appropriate measures to ensure that all Personal Data is kept secure including security measures to prevent Personal Data from being accidentally lost, or used or accessed in an unauthorised way, for the duration of your use of our Services. We limit access to your Personal Data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where We are legally required to do so.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to the Website, therefore any transmission remains at your own risk. Once we have received your information, we will use strict procedures and security features in order to prevent unauthorised access.

Keeping your Personal Data up to date

If your personal details change you may update them by accessing the relevant page of the Website, or by contacting Us at gdpr@odtsystem.com.

We will endeavour to update your Personal Data within thirty (30) days of any new or updated Personal Data being provided to Us, in order to ensure that the Personal Data We hold about you is as accurate and up to date as possible.

Where we store your Personal Data

The data that We collect from you and process as a result of your use of the Services may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for Us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your orders, the processing of your payment details and the provision of support services. By submitting your Personal Data, you agree to this transfer, storing or processing.

In particular, your data may be accessible to i) ODT System’s staff in the USA or ii) may be stored by ODT System’’s hosting service provider on servers in the USA as well as in the EU. The USA does not have the same data protection laws as the United Kingdom and EEA. A Data Processing Agreement has been signed between ODT System Software Limited and ODT System’ Technology Limited and their overseas group companies, and between ODT System’and each of its data processors. These Data Processor Agreements that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your Personal Data. A full list of ODT System’s sub-processors can be found here.

If you would like further information please contact Us (see ‘Contact’ below). We will not otherwise transfer your Personal Data outside of the United Kingdom OR EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

How long we keep your Personal Data

We will hold all the data for so long as we have an obligation to the Customer to provide the Services, and thereafter until such time as we delete the Customer’s account in accordance with our Customer Terms and Conditions.

Your personal information will be deleted on one of the following occurrences:

• deletion of your personal information by you (or by another person engaged by the Customer); or
• receipt of a written request by you (or another person engaged by the Customer) to us.

Personal Data of Children

We do not knowingly collect or solicit Personal Data from children under 16; if you are a child under 16, please do not attempt to register for or otherwise use the Services or send us any Personal Data. If we learn we have collected Personal Data from a child under 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us Personal Data, please contact us at gdpr@odtsystem.com.

Your rights

Access

You have the right to request certain information about our collection and use of your Personal Data over the past 12 months. We will provide you with the following information:

• The categories of Personal Data that we have collected about you.
• The categories of sources from which that Personal Data was collected.
• The business or commercial purpose for collecting your Personal Data.
• The categories of third parties with whom we have shared your Personal Data.
• The specific pieces of Personal Data that we have collected about you.

If we have disclosed your Personal Data for a business purpose over the past 12 months, we will identify the categories of Personal Data shared with each category of third party recipient.

Deletion

You have the right to request that we delete the Personal Data that we have collected from you. Under the CCPA, this right is subject to certain exceptions: for example, we may need to retain your Personal Data to provide you with the Services or complete a transaction or other action you have requested. If your deletion request is subject to one of these exceptions, we may deny your deletion request.

Exercising Your Rights

To exercise the rights described above, you must send us a request that (1) provides sufficient information to allow us to verify that you are the person about whom we have collected Personal Data, and (2) describes your request in sufficient detail to allow us to understand, evaluate, and respond to it. Each request that meets both of these criteria will be considered a “Valid Request.” We may not respond to requests that do not meet these criteria. We will only use Personal Data provided in a Valid Request to verify you and complete your request. You do not need an account to submit a Valid Request.

We will work to respond to your Valid Request within 45 days of receipt. We will not charge you a fee for making a Valid Request unless your Valid Request(s) is excessive, repetitive, or manifestly unfounded. If we determine that your Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your request.

You may submit a Valid Request using the following methods:

• Call us at: +36 70 380 2997
• Emailing us at: gdpr@odtsystem.com

We Will Not Discriminate Against You for Exercising Your Rights Under the CCPA

We will not discriminate against you for exercising your rights under the CCPA. We will not deny you our goods or services, charge you different prices or rates, or provide you a lower quality of goods and services if you exercise your rights under the CCPA.

European Union Data Subject Rights

If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:

• access to your Personal Data and to certain other supplementary information that this Policy is already designed to address
• require Us to correct any mistakes in your information which We hold
• require the erasure of Personal Data concerning you in certain situations
• receive the Personal Data concerning you which you have provided to Us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
• object at any time to processing of Personal Data concerning you for direct marketing
• object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
• object in certain other situations to our continued processing of your Personal Data
• otherwise restrict our processing of your Personal Data in certain circumstances
• claim compensation for damages caused by our breach of any data protection laws.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

• contact us using our Contact details below
• let Us have enough information to identify you,
• let Us have proof of your identity and address. Where you are a user of our Services you should email us from the email address that you used to register with ODT System. Receipt of an email from this address will usually be sufficient to confirm your identity. In all other cases we may request one or more identification documents, such as a copy of your driving licence or passport and a recent utility or credit card bill; and
• let Us know the information to which your request relates.

Transfers of Personal Data

The Services are hosted and operated in the Germany and Hungary through ODT System, Inc. and its service providers. By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to ODT System, Inc. in the Hungary and will be hosted on Germany servers, and you authorize ODT System to transfer, store and process your information to and in the Germany., and possibly other countries. You hereby acknowledge and agree with the transfer of your data to the Germany. 

 

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to gdpr@odtsystem.com.

In certain situations, we may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

ODT System’s accountability for Personal Data that it received in the United States under the Privacy Shield and subsequently transferred to a third party is described in the Privacy Shield Principles. In particular, ODT System remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process Personal Data on its behalf do so in a manner inconsistent with the Principles, unless ODT System proves that it is not responsible for the event giving rise to the damage.

In compliance with the Privacy Shield Principles, ODT System commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. Please contact us at gdpr@odtsystem.com with any questions, concerns or complaints relating to our Privacy Shield Certification.

We are also further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland and you may have the possibility to engage in binding arbitration through the Privacy Shield Panel.

ODT System Inc. is based in the USA and it has appointed ODT System Software Limited to be its representative within the EEA. The contact details are ODT System Software Limited registered in England and Wales with Company Registration Number 08125469 and having its registered office address at 5 Golden Square, 5th Floor, London, W1F 9BS, United Kingdom.

Third Party Websites

The Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and terms of use and that we do not accept any responsibility or liability for these policies and terms of use. Please check these policies before you submit any Personal Data to these websites.

How to complain

We hope that We can resolve any query or concern you raise about our use of your information.

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the Hungary  is the Information Commissioner who may be contacted at https://www.naih.hu/ or telephone: +36 (30) 683-5969
+36 (30) 549-6838

Changes to our privacy policy

We reserve the right to modify this Privacy Policy at any time. Any changes we may make to our Policy in the future will be notified and made available to you using the Website. Your continued use of the Services and the Website shall be deemed your acceptance of the varied Privacy Policy.

Contact

If you have any questions about this Privacy Policy or want to report a potential data breach please reach out to support@odtsystem.com. Please note that ODT System’s Data Protection Officer (DPO) responds to any requests submitted to support@odtsystem.com.