Effective from: 03.08.2022
Legal basis: | Our legitimate interest in creating and managing the accounts of our users (i.e. you), provide the services as requested by them, and negotiate our contracts. |
Categories of personal data: | Personal data provided by you, for example, contact details, information necessary to create an account, information related to the usage of the services, and communication-related to the services. |
Retention period: | 5 years which is based on the applicable limitation period for enforcing legal claims and the statutory retention period in case of accounting documents. |
3.3. Processing payments from customers
Legal basis: | Our legitimate interest in collecting the fees for the services rendered. |
Categories of personal data: | Personal data provided by you, for example, contact details, information necessary to create an account, information necessary for billing, and information related to the usage of the services. |
Retention period: | 5 years which is based on the applicable limitation period for enforcing legal claims and the statutory retention period in case of accounting documents. |
3.4. Enhancing the services
Legal basis: | Our legitimate interest is in improving the existing features of our services and developing new features in order to remain competitive. |
Categories of personal data: | Personal data provided by you, for example, contact details, information necessary to create an account, information related to the usage of the services, communication related to the services, and data collected via cookies. |
Retention period: | 5 years after you canceled your account at the Website or if you do not have an account, from the last interaction with you. |
3.5. Ensuring information security of the services and preventing fraud
Legal basis: | Our legitimate interest in providing our services securely for our customers and detecting, and avoiding fraudulent use of our services. |
Categories of personal data: | Personal data provided by you and personal data that we collect from other sources, in particular, contact details, information related to the usage of the services, data collected via cookies, and public database information. |
Sources of the categories of personal data not provided by you | Publicly available open source information. |
Retention period: | 5 years after the fraud check query is completed. |
3.6. Lead generation, sending newsletters and other direct marketing communications
Legal basis: | Data Subject’s Consent |
Categories of personal data: | Personal data provided by you and personal data we collected from other sources, in particular, contact details, information necessary to create an account, data collected via cookies, public database information. |
Sources of the categories of personal data not provided by you | Webinar organizing partners, business listing pages, social media providers, company email address databases, marketing lead contact search engines, and other business partners. |
Retention period: | According to the applicable limitation period for enforcing legal claims, or until your consent is revoked. |
Joint controllers | Facebook Ireland Ltd. Address: 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland; Contact: https://www.facebook.com/help/contact/2061665240770586;Contact details of the data protection officer: https://www.facebook.com/help/contact/540977946302970). LinkedIn Ireland Unlimited Company Address: Wilton Plaza, Wilton Place, Dublin 2 Ireland. Contact: https://www.linkedin.com/help/linkedin/ask/ppqContact details of the data protection officer: https://www.linkedin.com/help/linkedin/ask/TSO-DPO. For any inquiries about the joint controller’s privacy practices, or our joint data processing agreements, you may contact the joint controller’s DPO at the above contact details. |
3.7. Providing customer support, providing information on service updates
Legal basis: | Our legitimate interest in helping our customers fix bugs or unintended functioning of the services in an efficient and timely way to increase our customers’ loyalty and retain our customers. |
Categories of personal data: | Personal data provided by you, for example, contact details, information necessary to create an account, information related to the usage of the services, and communication-related to the services. |
Retention period: | According to the applicable limitation period for enforcing legal claims. |
3.8. Organizing webinars, events
Legal basis: | Our legitimate interest in raising awareness about our services and improving user engagement. |
Categories of personal data: | Personal data provided by you, for example, contact details, information necessary to create an account, and communication related to the services. |
Retention period: | According to the applicable limitation period for enforcing legal claims. |
3.9. Analysis of business performance and managerial decision making
Legal basis: | Our legitimate interest in growing our business by making strategic decisions, and complying with contractual obligations and applicable laws. |
Categories of personal data: | Personal data provided by you, for example, contact details, information necessary to create an account, information necessary for billing, information related to the usage of the services, communication related to the services. |
Retention period: | According to the applicable limitation period for enforcing legal claims and the statutory retention period in case of accounting documents. |
4.1. Your personal data will be primarily processed by the employees at SEON for the above listed purposes. This includes sharing your personal data between SEON group entities. Please note that we may share your personal data with SEON entities outside the EEA, in particular, we may transfer your personal data to the UK. We rely on the adequacy decision adopted by the European Commission for transfers of personal data to the UK.
4.2. We may share your personal data with the following categories of business partners for the above listed purposes:cloud providers, customer relationship management (CRM) providers, e-signature providers, integration tool providers, meeting organizer tool providers, banks, payment processors, invoicing tool providers, instant messaging providers, video conferencing tool providers, UI/UX tool providers, public database providers, social media providers, gift card tool providers, data cleansing providers, online form providers, reporting tool providers, online advertising platforms and agencies, analytics tools providers, webinar partners, marketing lead contact search engines, business listing pages, project management tool providers, legal consultants, financial consultants, and public authorities. Please note that we may share your personal data with some business partners outside the EEA, in particular, we may transfer your personal data to the US and various third countries. We enter into standard contractual clauses adopted by the European Commission with these business partners to ensure the adequate protection of your personal data.
4.3. A copy of the safeguards for international data transfers can be obtained for your review on request by using the contact details specified in this Privacy Notice.
You have the following rights regarding the processing of your personal data carried out by us:
5.1. Right to access
You have the right to request access to your personal data and obtain information from us regarding (among others): the purpose of processing; what categories of personal data are processed; to whom we transfer or disclose your personal data; for what period we process your personal data; your rights in connection with data processing carried out by us regarding your personal data; your right to lodge a complaint with a supervisory authority regarding the processing; in case we collect your personal data from other sources than from you, any available information as to the source; the existence of automated decision-making and related information, including the logic involved, as well as the significance and the envisaged consequences of such processing for you; whether your personal data is transferred outside the EEA and regarding the conditions of these transfers.We will provide you with a copy of your personal data in case you require us to do so.
5.2. Right to rectification
You have the right to request us to rectify your inaccurate personal data and to request us to complete your incomplete personal data by means of providing us with a supplementary statement.
5.3. Right to erasure
5.3.1. We erase any of your personal data if you request us to do so in the event of the following:
5.3.2. Please note that we are entitled to not erase your personal data if it is necessary – inter alia – for exercising the right of freedom of expression and information, for compliance with legal obligations, and for the establishment, exercise or defense of legal claims.
5.4. Right to restriction of processing
5.4.1. You have the right to obtain a restriction of processing from us where one of the following applies:
5.4.2. Where processing has been restricted, personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or of an EU member state.
5.5. Right to object to processing
5.5.1. You have the right to object to the processing of personal data on grounds relating to your particular situation, where the legal basis of the processing activity is our legitimate interest (or the legitimate interest of a third party). We will no longer process the personal data unless we demonstrate compelling legitimate grounds, which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
5.5.2. You do not need to ascertain grounds relating to your particular situation if your personal data is processed for direct marketing purposes, and we will no longer process personal data if you objected to the processing.
5.6. Right to data portability
5.6.1. If certain conditions apply, you have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without hindrance from us. You also have the right to have your personal data transmitted directly from us to another controller, where technically feasible.
5.7. Right to withdraw your consent
5.7.1. You have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on your consent before its withdrawal.
5.8. Our actions
5.8.1. If you wish to exercise any of your rights, please contact us at the email contact details indicated in this Privacy Notice.We will provide information on the actions taken on your requestwithout undue delay and in any event within one month of the receipt of your request. This period may be extended with a reasoned notification to you by two months where necessary, taking into account the complexity and number of requests. We will take the necessary actions free of charge except when your request is manifestly unfounded or excessive. In case we have reasonable doubts as to the identity of the natural person making the request, we may request additional information necessary to confirm your identity. We will inform all recipients of all rectification, erasure, or restriction of processing to whom personal data was disclosed except if it is impossible or requires disproportionate effort.
5.8.2. In case we do not take any action regarding your request, we will inform you within one month of the receipt of your request as to the reasons and the possibility of lodging a complaint with a data protection supervisory authority and seeking a judicial remedy.
6. REMEDIES
6.1. In case you do not agree with our response or action, or if you consider that your rights have been infringed, you may lodge a complaint with the data protection supervisory authority in the UK or the EU Member State of your habitual residence, place of work or place of the alleged infringement, in particular, with the following data protection supervisory authorities:
6.1.1. Hungarian National Authority for Data Protection and Freedom of Information (address: HU-1055 Budapest, Falk Miksa utca 9-11, mailing address: 1363 Budapest, Pf.: 9.; tel.: +36-1-391-1400; e-mail: ugyfelszolgalat@naih.hu);website: naih.hu);
6.1.2. Information Commissioners Office (address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, online contact form: https://ico.org.uk/global/contact-us/).
7. UPDATES
7.1. Please note that we review this Privacy Notice on occasions and amend it as necessary. When we amend this Privacy Notice, we will announce and publish it by the usual means (e.g., via e-mail or on the Website). We encourage you to review this Privacy Notice regularly.
WHY DID YOU RECEIVE THIS INFORMATION NOTICE? You received this information notice because an online service provider (where you registered an account or with whom you interacted) uses certain functionalities of SEON’s services, and, as a result, SEON became the processor of your personal data.
WHO IS SEON? SEON provides state-of-the-art fraud prevention to online service providers.
WHICH SEON FUNCTIONALITIES CONCERN YOUR PERSONAL DATA? There are two functionalities we would like to inform you about in this notice. We provide your online service provider with information (i) on how many times your email address, IP address or phone number was checked in our system, and when was it checked last time, etc. (history data); and (ii) on whether your email address, phone number, IP address, or browser has been flagged as fraudulent in our system, etc. (flag data). We collect these personal data from other online service providers that use these functionalities.We may maintain a database of this data. We do not carry out automated decision-making or profiling based solely on automated processing of your personal data as described by Article 22 GDPR when providing these functionalities.
WHY DO WE PROVIDE THESE FUNCTIONALITIES TO ONLINE SERVICE PROVIDERS? We would like to enhance our fraud prevention service by identifying previously queried data points. We have legitimate interest in building a database of previously queried data points with our customers’ notes for an enhanced fraud prevention service.
HOW DO WE SHARE YOUR PERSONAL DATA? We share your personal data with SEON group companies, and we may transfer your personal data to the UK. We rely on the adequacy decision adopted by the European Commission for transfers of personal data to the UK. We share your personal data with our cloud provider and other online service providers that use these functionalities. We transfer your personal data to the US and various third countries. We enter into standard contractual clauses adopted by the European Commission with these business partners to ensure the adequate protection of your personal data. You can request a copy of the safeguards for international data transfers can by contacting us.
FOR HOW LONG DO WE KEEP YOUR PERSONAL DATA? According to the applicable limitation period for enforcing legal claims.
WHAT ARE YOUR RIGHTS?
Please note that SEON acts only as a “Data Processor” of any of your personal information that may have been collected by SEON in our role as a provider of fraud detection services for our customers. Our customer(s) are considered the “Data Controller” of your personal information under the GDPR and they are the only one(s) that can respond to your request. In such cases, we notify our customer(s) of your request without undue delay. Our customer(s) (your Data Controller) must respond to your request. Again, we notify them on your behalf, and they should execute your request, however for further information about your request, you may want to contact them directly.
Among other data protection rights, you have the right to object that we include your personal data in these functionalities. You can exercise your rights by contacting our customer(s) (the Data Controller) or us. For further information on your rights, remedies and updates to this document please refer to the corresponding sections of our Privacy Notice available on the following link: [Link to Section 5 – Your Rights*]
WHO CAN YOU CONTACT? If a SEON group company (either SEON Technologies Kft., registered seat: H-1072 Budapest, Rákóczi út 42. 7. em; company registration number: 01-09-292732) provides the functionalities to the online service provider you use, you can contact any SEON entity at the following email address: legal@seon.io.
WHERE CAN YOU FIND INFORMATION ON OTHER SEON FUNCTIONALITIES? With regards to other SEON functionalities not detailed above, the online service providers who you interact with will qualify as the controller of your data. These online service providers will provide you further information in their own privacy notices on how their fraud prevention practices affect your personal data.
Click here
The top stories of the month delivered straight to your inbox