HU|DE

Contact

By submitting the form, you agree to the Privacy Policy.

G-SMT Hungary Kft.
Company reg. number:20-09-074008
Tax number:24816184-2-20
Headquarters:8315 Gyenesdiás, Toldi Miklós utca 5.
FACTORY sites:6300 Kalocsa, Martinovics Ignác u. 15
Phone:+36 70 348 06 19
Manager:Kerekes Attila
+36 30 254 7077
Emailinfo@g-smt.hu

Failure analysis

Please ask our help to find out the cause of the next manufacturing problems:
  • Tombstones of resistances
  • QFP soldering errors
  • PAD wetting faults
  • BGA faults
  • Etc.
To analyzed the errors we use the following methods:
  • Optical microscope
  • X-ray microscope
  • Cross stitch – the cross section is intended for a flat surface with minimal surface roughness, in order to explore the internal structure of the sample
  • Shear testing –shear strength of BGA balls
  • BGA dyeing test - This is an analytical method that is a special coloring fluid relying on the existing cracks in the BGA spheres.
  • Electron microscope - allows large, grayscale micrographs of the surface of the sample up to 100,000x magnification.

IATF 16949

Our existing partners in the quality policy of G-SMT Hungary Ltd. have already experienced that we are constantly improving the quality of our company management system, quality of our processes, and paying increased attention to the needs of our clients.

Continuous quality management and technological development are always at the leading place of management goals.

Our pleasure to inform you, that our company has reached a new milestone, and we have extended our series of certifications with the successful IATF 16949 automotive certification.

This is an international technical quality standard for automobile and automotive industry developed by the International Automotive Task Force (IATF). This standard provides you with the ability to produce and manufacture to meet higher customer needs.

You can find our certificate on the website link:

DOWNLOAD CERTIFICATE

ISO 14001

Introduction of an environmental management system.

The environmental management system implemented in accordance with ISO 14001 aims at promoting cleaner production and sustainable development by reducing emissions, and overviewing and optimising processes.

The ISO 9001 quality assurance system focuses on products and production, while ISO 14001 on the environment and environment protection.

ISO 9001

Introduction of a quality management system, and compliance with the requirements related to the following areas:

  • demonstrating the senior management’s commitment
  • quality planning
  • customer relations
  • documenting the quality management system
  • resource management
  • issues of planning and development
  • organising production
  • handling of non-compliances
  • system development

Manual assambling, repair

We have the maximum ability to carry out all specific work processes required for the ready-mounting of the products, using manual or semi-automatic equipment (screwing, wire soldering, boxing, testing, etc.).

You can ask our colleagues to help you as early as from the first step of the design process, so that your products go through optimised manufacturing processes, and are made from the most efficient budget and in maximum quality. In addition to controls during manufacturing, we carry out a 100% final visual inspection of all of our products to ensure their high quality, which is performed by our employees having a valid IPC-A-610 exam.

TH technology

THT - Through Hole Technology

Assembly and soldering of axial and radial parts. Parts can be assembled manually or using a machine, depending on product requirements. Upon demand, soldering can be carried out by using selective automated equipment that complies with car industry standards (process camera, automatic wave level regulation, soldering in nitrogen atmosphere). Thanks to the selective soldering technology, not only soldering but also flux application takes place selectively, which minimises the final product’s flux contamination. If necessary, the product can be cleaned with our semi-automatic cleaning equipment, which is suitable to achieve the highest level of panel cleanness, so as to ensure the best possible conditions for varnishing.

Manufacturing, part process

PCB washing: with our DCT INJET semi-automatic equipment, the flux residues generated during manual or wave soldering as well as other smaller impurities can be completely removed from the PCB surface, thereby ensuring long-lasting and high-quality varnishing.

Coating: You can choose from among several varnishing options according to your needs. Acrylic and silicone-based materials with different micron thickness, which, if applied to the product, prevent the corrosion resulting from extreme usage conditions as well as other harmful chemical processes.

Gluing, fixture: We can equip different size of SMT (e.g. socket) ad TH (large size condenser) parts with extra physical fixture, which can relieve the soldering of the parts in case of physical load. It is recommended for large parts and for products exposed to high acceleration.

Professional advisory

Our experienced staff can help you solve your problems of manufacturing technology; whether it comes to process optimisation, reduction of error costs, or volume increase. Our designer and purchaser colleagues can support our customers all along, from the designing process through selecting the necessary material.

BGA repair

We undertake QFP, QFN and BGA soldering, the correction of production line rejects, BGA replacement, and rework. Thanks to our x-ray inspection, we can check our repairs to a 100%. Given our ESD system, we can work also with sensitive parts.

Prototype manufacturing

We undertake the manufacturing of samples or complete products in small batches. With the help of our professional partners we can take care of all tasks within short deadlines during the manufacturing of samples. Our professional experience is at your disposal in the area of quality, feasibility, efficiency and economy.

You can become our registered partner through the MyAccount system where you can share with us – comfortably, quickly, and with a high level of confidentiality and data security – your manufacturing designs as well as any files necessary for manufacturing.

X-ray inspection

Viscom X7056RS This high-performance test system can examines automated optical (AOI) and automated X-ray (AXI) at the same time, which is unique in the world. As this result the mistakes of the hidden soldering points (ex. BGA) can be detected reliably. Our X7056 equipment is reliable, and can provides fast in-line control, with the help of the conveyor system ,which belongs to this machine. We have a DMC/QR code reader at our delivery conveyor system- before the X7056RS machine -in our production line, so the identification of the inspected products is insured. Next workstation :after this equipment owing to DM/QR code scan the error picture of the production which appears on the monitor.All results of the inspected products can be retrievable, owing to the unique identification of the PCB-s. The X7056 system is totally modular, can be used as:
  • combined system (AOXI)
  • equipment under X-ray control (AXI)

Optical inspection

We undertake to carry out the optical inspection of products not manufactured by us. With our experienced scanning staff, you can hire us for even a 100% optical inspection, and further, with our automatic optical inspection machines we can carry out automatic inspection under fully automated conditions, with unloading from magazine and loading into the magazine after the inspection, concerning a particular error image of even a complete product.

SMT manufacturing

Our SMT production line is fully automated, and so we can guarantee that parts are completely free from injuries. Our high level ESD system allows us to handle even the most sensitive ICs and BGAs without any problems.

We are able to automatically place and examine surface-mounted and through-hole parts from a part size of 0201 up to 55x55mm. We can handle printed circuits in a wide range of sizes, between 50 mm and 460 mm in terms of both width and size.

You can become our registered partner through the MyAccount system where you can share with us – comfortably, quickly, and with a high level of confidentiality and data security – your manufacturing designs as well as any files necessary for manufacturing.

You can hire us for complete or even partial mounting works.

Configuration of our SMT production line:

  • Automatic PCB handling in magazine (ASYS, Rommel)
  • Automatic paste printer (EKRA)
  • 3D paste inspection (KohYoung)
  • Automatic pick-and-place - from reel, tray or pipe (Siemens)
  • Reflow oven with nitrogen atmosphere (Rehm)
  • FIFO feeding (ASYS)
  • AOI (VISCOM, VI)
  • Visual inspection (Optilia system)
  • Labelling (Zebra)
  • Laser engraving

(Magyar) Találkozzunk idén is az Automotive Kiállításon

Sorry, this entry is only available in Hungarian.

(Magyar) Minden, amit a 3D képrendszerről tudni érdemes

Sorry, this entry is only available in Hungarian.

(Magyar) Megkaptuk az Autóipari Tanúsítványt, az IATF 16949-et

Sorry, this entry is only available in Hungarian.

(Magyar) Az Elektronika Kiállítás és ami mögötte van

Sorry, this entry is only available in Hungarian.

(Magyar) Az Automotive Kiállításon jártunk

Sorry, this entry is only available in Hungarian.

(Magyar) Elektronika Messe München 2018

Sorry, this entry is only available in Hungarian.

(Magyar) Automotive Hungary 2018

Sorry, this entry is only available in Hungarian.

(Magyar) Interjú Bökönyi Zsolt cégvezetővel

Sorry, this entry is only available in Hungarian.

Productronica

Automotive Hungary

hungexpo kiállítás
2017. október 18-20.

SMT Hybrid Packaging

International Exhibition and Conference for System Integration in Micro Electronics
Nuremberg, 16 - 18 May 2017

Our company policy

To our company, it is important to form long-term business relationships and partnerships built on innovative quality solutions and trust. It is the guiding principle of our company policy to fully fulfil our customers’ requirements. We consider it important to fully support our customers in electronic manufacturing and design. We ensure quality and flexibility to our partners throughout Europe.

To maintain a constant level of quality, our company has implemented the ISO 9001:2015 quality management standard, on the basis of which we have elaborated a quality control system to ensure constant quality to our customers. By complying with deadlines and trying to communicate with customers as perfectly as we can, we are restlessly striving to do everything in our power so that our projects with customers can be as successful as possible – and, to date, we have done so with a perfect, 100% result!

The management of G-SMT Hungary Kft. wishes to create balance between the reaching of its business objectives and the protection of the environment, and therefore, as part of its management activity, it is committed to give a key role to preserving and improving the conditions of both artificial and natural environment. We ensure that proper managerial and administrative controls are in place, our environmental policy is reflected in all of our activities and that the system is constantly being improved.

Use and Data Protection


Introduction

The company G-SMT Hungary Kft. (Adress: H-8315 Gyenesdiás, Toldi Miklós utca 5., Hungary, email: info@g-smt.hu, tax number: 24816184-2-20, company registration number: 20-09-074008) (hereinafter referred to as: ‘Service Provider’ or ‘controller’) undertakes to be bound by the provisions of the following Notice.

The company hereby provides the following information in accordance with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

This Privacy Notice regulates processing on the https://g-smt.hu/ website and by the G-SMT Hungary Kft.. The Privacy Notice is available at: https://g-smt.hu/adatvedelem/. Any amendments to the Notice shall take effect upon being published on the above website.

The controller and its contact information

  • Name: G-SMT Hungary Kft.
  • Registered office:8315 Gyenesdiás, Toldi Miklós utca 5. » show on map
  • E-mail: info@g-smt.hu
  • Phone: +36 70 348 06 19
  • Company registration number: 20-09-074008
  • Tax number: 24816184-2-20

Definitions

1. ‘personal data’  means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

2. ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

3. ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

4. ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

5. ‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;

6. ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

7. ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

Principles relating to processing of personal data

Personal data shall be:

  • a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
  • b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’);
  • c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
  • d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);
  • e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’);
  • f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).

The controller shall be responsible for the above and be able to demonstrate compliance with the above (‘accountability’).

Instances of processing

Contact

1. The fact of data collection, the categories of data processed, and the purpose of processing:

Personal data
The purpose of processing
Name
Identification
Email address
Communication, sending responses
Phone number
Communication
Message content
Required for response
Date of communication
Performance of technical operations.
IP address at the time of communication
Performance of technical operations.

The email address shall not necessarily contain personal data.

2. Categories of data subjects: Add data subjects sending messages through the contact form.

3. Duration of processing, time limit for erasure of the data: Until the data subject’s erasure request.

4. Potential controllers entitled to receive the data, recipients of personal data: Personal data may be processed by the authorised employees of the controller.

5. Information on the rights of data subjects related to processing:

  • The data subject may request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject, and
  • the data subject shall have the right to data portability, and the right to withdraw consent at any time.

6. The data subject can initiate the provision of access to the personal data, the erasure, modification, restriction of processing, or data portability in the following manners:

  • by post at the address of H-8315 Gyenesdiás, Toldi Miklós utca 5., Hungary
  • by email at the info@g-smt.hu email address,
  • by telephone at the +36 70 348 06 19 telephone number.

7. Legal basis for processing: the data subject’s consent, Article 6(1)(a) and (b).

8. Please note that

  • processing is based on your consent and is necessary for communication or for providing an offer.
  • you are obliged to provide the personal data so that you can contact us.
  • as a consequence of your failure to provide data you will be unable to contact the Service Provider.

The data processors used

Web hosting

1. Activity performed by the processor: Web hosting

2. Name and contact details of processor:

  • Bábelhal Webstudio Kft.
  • Registered office: H-8360 Keszthely, Honvéd u. 17/2, Hungary
  • Email: info@babelhal.hu
  • Telephone: +36 83 777 603

3. The fact of processing, categories of data processed: All personal data provided by the data subject.

4. Categories of data subjects: All data subjects using the website.

5. The purpose of processing: To ensure the availability and proper operation of the website.

6. Duration of processing, time limit for erasure of the data: Processing lasts until termination of the contract between the controller and the web hosting provider, or until the data subject’s deletion request addressed to the web hosting provider.

7. The legal basis for processing is: Article 6(1)(c) and (f), and Section 13/A (3) of Act CVIII of 2001 on Certain Issues of Electronic Commerce Activities and Information Society Services.

Management of cookies

1. The fact of processing, categories of data processed: Unique identifier, dates, times
2. Categories of data subjects: All data subjects visiting the website.
3. The purpose of processing: Identification of users, and monitoring of visitors.
4. Duration of processing, time limit for erasure of the data:

Cookie type
Session cookies

Persistent or saved cookies
Legal basis for processing
Section 13/A(3) of Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Information Society Services (‘E-commerce Act’)
Duration of processing
The period ending upon the relevant visitor session ending

until deletion by the data subject, but not more than 30 days
Data category processed
connect.sid

5. Potential controllers with right of access: The use of cookies does not involve the processing of personal data by the controller.

6. Information on the rights of data subjects related to processing: Data subjects can delete cookies in the Tools/Settings menu of their browser, generally among the settings of the Privacy menu.

7. Legal basis for processing: The data subject’s consent is not required if the exclusive purpose of using cookies is to communicate through the electronic communications network, or its use is indispensable for the service provider to render an information society service expressly requested by the subscriber or the user.

Use of Google Ads (Adwords) conversion tracking

1. The controller uses the ‘Google Ads (Adwords)’ online advertising program, including Google’s conversion tracking service. Google conversion tracking is an analysis service offered by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; ‘Google’).

2. When the User reaches a website through a Google advertisement, a cookie required for conversion tracking is saved on his or her computer. These cookies have limited validity and they do not contain any personal data, and therefore cannot be used for the User’s identification.

3. If the User visits certain pages on the website and the cookie has not yet expired, both Google and the controller can detect that the User has clicked on the advertisement.

4. Each Google Ads (Adwords) customer receives a different cookie, and so the cookies cannot be tracked via the websites of Ads (Adwords) customers.

5. The information obtained using the conversion cookie is used to generate conversion statistics for Ads (Adwords) customers. This way customers receive information on the number of users that clicked on their advertisement and were directed to the page marked with a conversion tracking tag. However, they will not receive any information that can be used to personally identify users.

6. If you want to opt out of conversion tracking, you can reject it by disabling the installation of cookies in your browser. After that, you will not be included in conversion tracking statistics.

7. For further information and for the privacy statement of Google, please visit the following website: https://policies.google.com/privacy?gl=de&hl=en-GB

Use of Google Analytics

1. This website uses Google Analytics, a web analytics service offered by Google, Inc. (‘Google’). Google Analytics uses ‘cookies’ that are text files placed on the User’s computer and which help analyse how Users use the site.

2. The information generated by the cookie about the User’s use of the website is generally transmitted to and stored by Google on servers in the USA. If, however, IP anonymisation is activated on the website, Google will beforehand shorten the User’s IP address within Member States of the European Union or in other states that are party to the Agreement on the European Economic Area.

3. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information on behalf of the operator of this website to evaluate the User’s use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and the Internet for the website operator.

4. The IP address that the User’s browser transmits as part of Google Analytics will not be associated with any other data held by Google. The User can prevent the storage of cookies by selecting the corresponding setting in his or her browser, but please note that in such a case the User may not be able to use all the functions on this website. The User can also prevent Google's collection and use of data generated by the cookie and related to the User’s use of the website (including the User’s IP address) as well as the processing of this data by downloading and installing the browser plugin available at https://tools.google.com/dlpage/gaoptout?hl=hu

Customer relationships

1. The fact of data collection, the categories of data processed, and the purpose of processing:

Personal data
The purpose of processing
Name, email address, telephone number.
Communication, identification, performance of contracts, business purpose.

2. Categories of data subjects: All data subjects communicating by phone/email/in person, or in a contractual relationship with the controller.

3. Duration of processing, time limit for erasure of the data: Processing shall end upon termination of the legal relationship between the controller and the data subject or, in the case of claims, upon the expiry of 5 years following the contract.

4. Potential controllers entitled to receive the data, recipients of personal data: The personal data may be processed by the controller’s personnel, by honouring the above principles.

5. Information on the rights of data subjects related to processing:

  • The data subject may request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject, and
  • the data subject shall have the right to data portability, and the right to withdraw consent at any time.

6. The data subject can initiate the provision of access to the personal data, the erasure, modification, restriction of processing, or data portability in the following manners:

  • by post at the address of H-8315 Gyenesdiás, Toldi Miklós utca 5., Hungary
  • by email at the info@g-smt.hu email address,
  • by telephone at the +36 70 348 06 19 telephone number.

7. Legal basis for processing:

7.1. Points (b) and (c) of Article 6(1) of the GDPR.

7.2. Pursuant to Section 6:21 of Act V of 2013 on the Civil Code 5 years for exercising claims arising from the agreement.

    Section 6:22 [Statute of limitations]
    (1) Unless otherwise provided for in this Act, claims shall lapse after five years.
    (2) The period of limitation commences upon the due date of the claim.
    (3) An agreement for changing the limitation period shall be executed in writing.
    (4) Any agreement excluding prescription shall be null and void.

8. Please note that

  • processing is required for the performance of the contract and for giving an offer.
  • you are obliged to provide the personal data to allow performance of your order/other request.
  • as a consequence of your failure to provide data we will be unable to process your order/other request.

Complaint handling

1. The fact of data collection, the categories of data processed, and the purpose of processing:

Personal data
The purpose of processing
Surname and first name
Identification, communication.
Email address
Keeping contact.
Phone number
Keeping contact.
Invoicing name and address
Identification, handling quality complaints, issues and problems related to the services.

2. Categories of data subjects: All data subjects submitting a complaint in connection with the website services.

3. Duration of processing, time limit for erasure of the data: Copies of the minutes, memorandum recording the complaint and the response thereto shall be retained for 5 years pursuant to Section 17/A(7) of Act CLV of 1997 on Consumer Protection.

4. Potential controllers entitled to receive the data, recipients of personal data: The personal data may be processed by the controller’s sales and marketing personnel, by honouring the above principles.

5. Information on the rights of data subjects related to processing:

  • The data subject may request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject, and
  • may object to the processing of these personal data, and
  • the data subject shall have the right to data portability, and the right to withdraw consent at any time.

6. The data subject can initiate the provision of access to the personal data, the erasure, modification, restriction of processing, data portability, or objection to data processing in the following manners:

  • by post at the address of H-8315 Gyenesdiás, Toldi Miklós utca 5., Hungary
  • by email at the info@g-smt.hu email address,
  • by telephone at the +36 70 348 06 19 telephone number.

7. Legal basis for processing: Article 6(1)(c), and Section 17/A (7) of Act CLV of 1997 on Consumer Protection.

8. Please note that

  • personal data are to be provided based on a contractual obligation.
  • the processing of personal data is a condition precedent to the conclusion of the contract.
  • you are obliged to provide the personal data so that we can handle your complaint.
  • as a consequence of your failure to provide data, we will not be able to handle the complaint we have received from you.

Social media sites

1. The fact of data collection, the categories of data processed: The user’s name as registered on Facebook/Google+/Twitter/Pinterest/Youtube/Instagram or other social media sites, and the user’s public profile picture.

2. Categories of data subjects: All data subjects who have signed up for Facebook/Google+/Twitter/Pinterest/Youtube/Instagram or other social media sites and have ‘liked’ the website.

3. The purpose of data collection: To share certain content elements of the website, or the products and promotions on the website or the website itself on these social media sites, and to promote the same, so that users ‘like’ them.

4. Duration of processing, time limit for erasure of the data, potential controllers entitled to receive the data, and information on the rights of data subjects related to processing: Data subjects may receive information about the sources, the processing of data, the method of data transfer and the legal grounds thereof by visiting the relevant social media site. Processing is performed on the social media sites, therefore the duration and manner of processing, and also the option of data erasure and rectification shall be governed by the policy of the relevant social media site.

5. Legal basis for processing: the data subject’s voluntary consent to the processing of their data on the social media sites.

Customer relations and other processing

1. If the data subject has any questions or problems during their use of the controller’s services, they can contact the controller at its contact information (phone, email, social media sites etc.) specified on the website.

2. The emails and messages received, the data provided by telephone or via Facebook etc, including the name, email address and any other voluntarily provided personal data of the data subject will be erased by the controller within a maximum of 2 years from the date of provision.

3. Regarding any type of processing not listed herein, we will provide information at the time of recording the data in question.

4. In exceptional cases at the authorities’ request, or at the request of other bodies authorised by law, the Service Provider may be obliged to provide information, disclose and transfer data, or supply documents.

5. In such cases, provided that the requesting entity has specified the exact purpose of use and the scope of the data, the Service Provider will only disclose those personal data to the requesting entity and only to such extent that is indispensable for the implementation of the purpose of the request.

The rights of data subjects

1. Right of access: You shall have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the information listed in the Regulation.

2. Right to rectification: You shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

3. Right to erasure: You shall have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay under certain conditions specified.

4. Right to be forgotten: Where the controller has made the personal data public and is obliged to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

5. Right to restriction of processing: You shall have the right to obtain from the controller restriction of processing where one of the following conditions applies:

  • the accuracy of the personal data is contested by you, for a period enabling the controller to verify the accuracy of the personal data;
  • the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
  • the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
  • you have objected to processing pending the verification whether the legitimate grounds of the controller override your legitimate grounds.

6. Right to data portability: You shall have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.

7. Right to object You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, including profiling based on those provisions.

8. Objection in case of direct marketing: Where personal data are processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.

9. Automated individual decision-making, including profiling: You shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

The previous paragraph shall not apply if the decision:

  • is necessary for entering into, or performance of, a contract between you and a data controller;
  • is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
  • is based on your explicit consent.

Time limit for taking action

The controller shall provide you with information on action taken on the requests above without undue delay and in any event within 1 month of receipt of the request.

This period may be extended by 2 further months where necessary. The controller shall inform you of any such extension within 1 month of receipt of the request, together with the reasons for the delay.
If the controller does not take action on your request, the controller shall inform you without delay and at the latest within one month of receipt of the request of the reasons for not taking action and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.

Security of processing

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:

  • a) the pseudonymisation and encryption of personal data;
  • b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
  • c) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
  • d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

Communication of a personal data breach to the data subject

When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall communicate the personal data breach to the data subject without undue delay.

The notice delivered to the data subject shall define the nature of the personal data breach in clear and plain language, and it shall communicate the name and contact details of the data protection officer or other contact point where more information can be obtained; it shall describe the likely consequences of the personal data breach; describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.

The communication to the data subject shall not be required if any of the following conditions are met:

  • the controller has implemented appropriate technical and organisational protection measures, and those measures were applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorised to access it, such as encryption;
  • the controller has taken subsequent measures which ensure that the high risk to the rights and freedoms of data subjects is no longer likely to materialise;
  • it would involve disproportionate effort. In such a case, there shall instead be a public communication or similar measure whereby the data subjects are informed in an equally effective manner.

If the controller has not already communicated the personal data breach to the data subject, the supervisory authority, having considered the likelihood of the personal data breach resulting in a high risk, may require it to do so.

Notification of a personal data breach to the authority

In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.

Complaints

Complaints may be filed against the controller’s violation of law, if any, with the Hungarian National Authority for Data Protection and Freedom of Information:

  • Hungarian National Authority for Data Protection and Freedom of Information
  • H-1125 Budapest, Szilágyi Erzsébet fasor 22/C, Hungary
  • Mailing address: H-1530 Budapest, PO Box (Pf.) 5.
  • Telephone: +36 -1-391-1400
  • Fax: +36-1-391-1410
  • Email: ugyfelszolgalat@naih.hu

Closing remarks

When preparing the information document we took into account the provisions of the following laws:

  • REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
  • Act CXII of 2011 – on Informational Self-Determination and Freedom of Information (hereinafter: Info Act)
  • Act CVIII of 2001 – on Certain Issues of Electronic Commerce Activities and Information Society Services (Section 13/A in particular)
  • Act XLVII on 2008 – on the Prohibition of Unfair Commercial Practices against Consumers;
  • Act XLVIII of 2008 – on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities (Section 6 in particular)
  • Act XC of 2005 on the Freedom of Information by Electronic Means
  • Act C of 2003 on Electronic Communications (Section 155 in particular)
  • Opinion 16/2011 on EASA/IAB Best Practice Recommendation on Online Behavioural Advertising
  • Recommendation by the Hungarian National Authority for Data Protection and Freedom of Information on the Data Protection Requirements of Prior Information
  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC

Documents available for download

  • Personal Data Breach Report
  • Communication of a personal data breach to the data subject
  • Consent pursuant to the GDPR
  • Declaration on erasure


  • Gyenesdiás, 30 Nov 2018