Privacy policy
We safeguard client data through secure-by-design engineering practices and strict adherence to regulations like GDPR.
Enliven Systems Korlátolt Felelősségű Társaság, as the developer and operator of the Enliven Systems website, provides this privacy notice by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation, GDPR).
By visiting or using our website, you become a data subject as described in this document.
Controller’s details
Name: Enliven Systems Korlátolt Felelősségű Társaság
Registered address: Hungary, 1051 Budapest, Széchenyi István tér 7-8. C. ép. 1. lház.
Website: Enliven Systems
Company registration number: 01-09-430941
Tax number: 25962295-2-41
EU VAT: HU25962295
D-U-N-S number: 366670954
LEI number: 9845004CD193AC4B6338
Representative: Szilvia Kiss, Managing Director
E-mail: hello@enliven.systems
Privacy contact: privacy@enliven.systems
Definitions
For this privacy notice:
- Personal data: Any information relating to an identified or identifiable natural person.
- Processing: Any operation or set of operations performed on personal data, whether by automated means or not (e.g., collection, storage, use, disclosure, deletion).
- Controller: The natural or legal person that determines the purposes and means of processing personal data.
- Processor: A natural or legal person that processes personal data on behalf of the controller.
- Data subject: Any identified or identifiable natural person whose personal data is processed.
- Cookies: Small text files placed on your device to store information and enable functionality on the website.
Data subject rights
The Controller informs you that under the GDPR, upon verification of your identity, you may:
- request information about the processing of your personal data,
- request rectification of your personal data,
- withdraw your consent at any time,
- request the deletion of your personal data (under Article 17(1) GDPR conditions),
- request restriction of processing,
- exercise your right to data portability (if processing is automated).
Magyar Telekom
Company name: Magyar Telekom Távközlési Public Limited Company
Registered address: Hungary, 1097 Budapest, Könyves Kálmán krt. 36.
Date of incorporation: 31 December 1991
Company registration number: 01-10-041928
Registered at: Company Registry Court of the Metropolitan Court of Budapest
Hungarian Statistical Number: 10773381 6110 114 01
European Unique Identifier: HUOCCSZ.01-10-041928
EU VAT number: HU10773381
Website: https://www.telekom.hu/ (the hosting provider does not provide a direct contact e-mail address)
Physical server location: T-Systems Cloud & Data Center, Budapest, Asztalos Sándor út 13, 1087
The Enliven Systems website servers are located in T-Systems’ energy-efficient, high-security data center.
Google Ireland Limited
Registered address: Gordon House, Barrow Street, Dublin 4, Ireland
Date of incorporation: 28 February 2003
Managing Director: Nick Leeder
EU VAT number: IE6388047V
Company registration number: 368047
Phone: 0800-627-1050
Website: https://support.google.com/ (the hosting provider does not provide a direct contact e-mail address)
Enliven Systems uses Google Cloud infrastructure, including the Frankfurt data center and servers.
Cloudflare
Registered address: 101 Townsend Street, San Francisco, CA 94107, USA
Date of incorporation: 17 July 2009 (incorporated in Delaware, USA)
Company registration: Delaware, USA – active status
EIN: 27-0805829
EU representative: Cloudflare Portugal Unipessoal Lda, Av. da Índia 10, Floor 6, 1300-299 Lisbon, Portugal
EU representative e-mail: dsa-legal-representative@cloudflare.com
Website: https://www.cloudflare.com (the hosting provider does not provide a direct contact e-mail address)
Cloudflare provides content delivery network (CDN) and security services, including DDoS protection and web traffic optimisation. In providing these services, Cloudflare processes technical information such as IP addresses, system configuration data, and information about traffic to and from our website. Data may be transferred outside the EEA, including to the United States, with appropriate safeguards in place, such as Standard Contractual Clauses approved by the European Commission.
Contact form data processing
Description of processing
Visitors can contact us via the contact form on our website. Submission of the form is voluntary. The data provided is used solely to respond to the inquiry.
Purpose of processing
Communication with the data subject and responding to inquiries.
Legal basis
GDPR Article 6(1)(a) – consent of the data subject.
Categories of personal data
Name, e-mail address, and the message content.
Data transfers
No personal data is transferred to third parties unless required by law.
Storage period
Maximum 12 months after submission.
Automated decision-making
No automated decision-making is carried out.
Google Analytics data processing
Description of processing
We use Google Analytics to analyse website traffic. Google places cookies on your device and records data such as IP address, browser type, operating system, and on-site interactions.
Purpose of processing
Website usage analysis, visitor statistics, and service improvement.
Categories of personal data
IP address, browser type, operating system, page views, time spent, interactions.
Data transfers
The service is provided by Google Ireland Limited, which may process and store data on servers located outside the European Economic Area, including in the United States. Where such transfers occur, Google implements appropriate safeguards, such as the European Commission’s Standard Contractual Clauses, to ensure an adequate level of data protection.
Storage period
As set in Google Analytics (typically 14–26 months).
Automated decision-making
No automated decision-making is carried out.
Google reCAPTCHA data processing
Description of processing
Our website uses Google reCAPTCHA to protect against spam and automated abuse. This tool collects technical and behavioural data to distinguish humans from bots.
Purpose of processing
Security and prevention of fraudulent or abusive use.
Legal basis
GDPR Article 6(1)(f) – Legitimate interest of the controller in securing the website.
Categories of personal data
IP address, browser and device data, behaviour patterns (e.g., mouse movements, clicks, time on page).
Data transfers
The service is provided by Google Ireland Limited, which may process and store data on servers located outside the European Economic Area, including in the United States. Where such transfers occur, Google implements appropriate safeguards, such as the European Commission’s Standard Contractual Clauses, to ensure an adequate level of data protection.
Storage period
As determined by Google’s privacy policy.
Automated decision-making
No automated decision-making is carried out.
Hotjar Data Processing
Description of processing
We use Hotjar to analyse user interactions (e.g., heatmaps, scroll tracking, click tracking) to improve usability. Hotjar does not collect form input text or personally identify you unless you voluntarily provide it.
Purpose of processing
Improving user experience and optimising the website.
Legal basis
GDPR Article 6(1)(a) – Consent of the data subject.
Categories of personal data
Anonymised IP address, browser type, device type, usage patterns, and interaction data.
Data transfers
Data is processed by Hotjar Ltd., Malta (EU).
Storage period
As determined by Hotjar’s settings (generally up to 12 months).
Automated decision-making
No automated decision-making is carried out.
Server log files data processing
Description of processing
When you access our website, our servers automatically record technical information about the request. This data is generated by the server software and is stored in server log files.
Purpose of processing
Ensuring the security and stability of the website, diagnosing technical problems, and monitoring server performance.
Legal basis
GDPR Article 6(1)(f) – the legitimate interest of the Controller in maintaining website security and functionality.
Categories of personal data
IP address of the requesting device, date and time of access, requested URL, HTTP status code, amount of data transferred, referrer URL (if applicable), browser type and version, and operating system used.
Data transfers
Cloudflare may process data as part of website security and content delivery. Data may be transferred outside the EEA with appropriate safeguards such as Standard Contractual Clauses.
Storage period
Maximum of 6 months unless required for security incident investigation.
Automated decision-making
No automated decision-making is carried out.
Cookie data processing
Description of processing
Our website uses cookies to support functionality, analytics, and security. Cookies are placed on your device by the services mentioned above.
Purpose of processing
Ensuring website functionality, analysing visitor behaviour, and maintaining security.
Legal basis
GDPR Article 6(1)(a) – Consent (for analytics/marketing cookies).
GDPR Article 6(1)(f) – Legitimate interest (for strictly necessary security cookies).
Categories of personal data
IP address, browser type, operating system, and browsing patterns.
Data transfers
See service-specific sections above.
Storage period
- Functional cookies are stored only for the duration of the browsing session and deleted when the browser is closed, unless otherwise stated in the cookie description.
- Analytics cookies are retained for the period set in the analytics tool’s configuration, currently up to 26 months, after which they are automatically deleted or anonymised.
- Security cookies are retained for as long as necessary to ensure the security and integrity of the website, detect and prevent fraud, and investigate incidents, but no longer than 12 months unless required for ongoing investigations.
Automated decision-making
No automated decision-making is carried out.
Our website and services are not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that personal data from a child under this age has been collected without verifiable parental consent, we will delete it promptly.
If you believe we may have collected personal data from a child, don’t hesitate to get in touch with us at privacy@enliven.systems.
Your personal data may be transferred to and processed in countries outside of your country of residence, including outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place, such as:
- standard contractual clauses approved by the European Commission, or
- adequacy decisions issued by the European Commission, or
- binding corporate rules, or other lawful transfer mechanisms.
Details of international transfers for specific services can be found in the relevant sections of this privacy notice.
Your personal data may be transferred to and processed in
The Controller takes all necessary technical and organisational measures to protect data from unauthorised access, alteration, transmission, disclosure, deletion, or destruction, and from accidental loss or damage.
Requests should be submitted primarily in writing to the contact details provided above. If you request oral information, after verifying your identity, our authorised representative may provide it verbally if the necessary information is available. In other cases, we will respond in writing within one month, extendable by two months in complex cases.
Suppose we do not act on your request or you are dissatisfied with our response. In that case, you have the right to lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH) or take the matter to court. We recommend contacting our privacy officer first.
