Privacy Policy

Data protection 
Ro-Sys Software Kft. (H-9064 Vámosszabadi, Sármány sétány 3., the ‘controller’) as the operator of 
the website www.ro-sys.hu accepts the content of the present legal statement as binding. It 
undertakes to perform data processing in connection with its activity in accordance with the 
requirements set forth in this code and legislation in effect. 
Ro-Sys Software Kft. is committed to protect the personal data of its clients and partners and the 
visitors of its website (together referred to as ‘user’), with special emphasis on the users’ right of 
informational self-determination. Ro-Sys Software Kft, as the controller of this website, shall treat 
personal data confidentially and take all security, technical and organisation measures to ensure data 
security. 
The controller, in this document, outlines its data processing principles, the activities and rules 
relating to data processed by the site. The data processing principles connected to the website 
operation comply with the relevant data protection legislation in effect, particularly with: 
Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (the 
‘Privacy Act’); 
Act CVIII of 2001 on certain issues of electronic commerce activities and information society services 
(the ‘Act on E-Commerce’); 
Act XLVIII of 2008 on Essential Conditions of and Certain Limitations to Business Advertising (the 
‘Advertising Act’). 
 
1., Definitions 
 
1.1. ‘data subject’ shall mean any defined natural person identified or identifiable directly or 
indirectly on the basis of personal data; 
1.2. 'personal data' shall mean any information relating to the data subject in particular by reference 
to an identification number or to one or more factors specific to his/her physical, physiological, 
mental, economic, cultural or social identity; or any conclusion relating to the data subject that might 
be drawn therefrom; 
1.3. 'the data subject's consent' shall mean any freely given specific and informed indication of 
his/her wishes by which the data subject signifies his/her agreement to personal data relating to 
him/her being processed, wholly or partly; 
1.4. ‘the data subject’s objection’ shall mean a declaration made by the data subject objecting to the 
processing of his/her personal data and requesting the termination of data processing, as well as the 
deletion of the data processed; 
1.5. 'controller' shall mean the natural or legal person, or unincorporated body which alone or jointly 
with others determines the purposes of the processing of data, makes decisions regarding data 
processing (including the means) and implements such decisions itself or engages a data processor to 
execute them; 
1.6. ‘processing of data’ shall mean any operation or set of operations that is performed upon data, 
whether or not by automatic means, such as in particular collection, recording, organization, storage, 
adaptation or alteration, use, retrieval, disclosure by transmission, dissemination or otherwise 
making available, alignment or combination, blocking, erasure or destruction, and blocking them 
from further use, photographing, sound and video recording, and the recording of physical attributes 
for identification purposes (such as fingerprints and palm prints, DNA samples and retinal images) ; 
1.7. ‘disclosure by transmission’ shall mean making data available to a specific third party; 
1.8. ‘public disclosure’ shall mean making data available to the general public; 
1.9. ‘erasure of data’ shall mean the destruction or elimination of data sufficient to make them 
irretrievable; 
1.10. ‘tagging data’ shall mean marking data with a special ID tag to differentiate it; 
1.11. ‘blocking of data’ shall mean the marking of stored data with the aim of limiting their processing 
in future permanently or for a predetermined period; 

1.12. ‘destruction of data’ shall mean the complete physical destruction of the medium containing 
data; 
1.13. ‘data process’ shall mean performing technical tasks in connection with data processing 
operations, irrespective of the method and means used for executing the operations, as well as the 
place of execution, provided that the technical task is performed on the data; 
1.14. ‘data processor’ shall mean any natural or legal person or organisation without legal personality 
processing the data on the grounds of a contract, including contracts concluded pursuant to 
legislative provisions; 
(e) 'processor' shall mean a natural or legal person, public authority, agency or any other body which 
processes personal data on behalf of the controller; 
1.15.‘third party’ shall mean any natural or legal person or unincorporated organization other than 
the data subject, the controller or the processor 
1.16. ‘third country’ any State that is not an EEA State. 
 
 
2., Data processing principles in website operation 
 
Personal data may be processed under the following circumstances: 
a) when the data subject has given his consent, or 
b) when processing is necessary as decreed by law or by a local authority based on authorization 
conferred by law concerning specific data defined therein for the performance of a task carried out in 
the public interest (hereinafter referred to as ‘mandatory processing’). 
Personal data may be processed also if obtaining the data subject’s consent is impossible or it would 
give rise to disproportionate costs, and the processing of personal data is necessary for compliance 
with a legal obligation pertaining to the data controller, or for the purposes of the legitimate interests 
pursued by the controller or by a third party, and enforcing these interests is considered 
proportionate to the limitation of the right for the protection of personal data. 
Where personal data is recorded under the data subject’s consent, the controller shall - unless 
otherwise provided for by law - be able to process the data recorded where this is necessary: 
a) for compliance with a legal obligation pertaining to the controller, or 
b) for the purposes of legitimate interests pursued by the controller or by a third party, if enforcing 
these interests is considered proportionate to the limitation of the right for the protection of personal 
data, without the data subject’s further consent, or after the data subject having withdrawn his 
consent 
Personal data may be processed only for specified and explicit purposes, where it is necessary for the 
exercising of certain rights and fulfilment of obligations. The purpose of processing must be satisfied 
in all stages of data processing operations; recording of personal data shall be done under the 
principle of lawfulness. 
The personal data processed must be essential for the purpose for which it was recorded, and it must 
be suitable to achieve that purpose. Personal data may be processed to the extent and for the 
duration necessary to achieve its purpose. 
Personal data may be processed only if the data subject signifies his/her agreement after obtaining 
proper information. 
Prior to data processing being initiated the data subject shall be informed whether his consent is 
required or processing is mandatory. Before processing operations are carried out the data subject 
shall be clearly and elaborately informed of all aspects concerning the processing of his personal 
data, such as the purpose for which his data is required and the legal basis, the person entitled to 
control the data and to carry out the processing, the duration of the proposed processing operation, 
whether personal data is recorded under the data subject’s consent, for compliance with a legal 
obligation pertaining to the controller, or for the purposes of legitimate interests pursued by a third 
party, and the persons to whom his data may be disclosed. Information shall also be provided on the 
data subject’s rights and remedies 

The accuracy and completeness, and the up-to-dateness of the data must be provided for throughout 
the processing operation, and shall be kept in a way to permit identification of the data subject for no 
longer than is necessary for the purposes for which the data were recorded. 
Personal data may be transmitted to a data controller or processor operating in a third country, if the 
data subject has given his explicit consent, or the conditions laid down in Article 5 and 6 of the 
Privacy Act for data processing are satisfied and - save where Article 6(2) applies – the adequate level 
of protection of the personal data have been ensured in the third country during the course of the 
control and processing of the data transferred. Transfer of data to EEA Member States shall be 
considered as if the transmission took place within the territory of Hungary 
 
3., Personal data processed and features of data processing 
 
Data processing in connection with the activities of the website www.ro-sys.hu is based on voluntary 
consent. However, in some cases the processing, storage or transmission of certain data are set forth 
by law, about which the visitors, users are notified. 
 
3/1. Data of ww.ro-sys.hu website users 
Purpose of the data processing: the web hosting service provider records users’ data during their visit 
to the website in order to monitor the operation of the service and to prevent misuse. 
Legal basis of data processing: the consent given by the user or Article 13/A(3) of the Act on E-
Commerce. 
Data processed: date, time, user computer IP address, address of page visited, address of previous 
page visited, data in connection with the operating system and browser of the user. 
The web analytics software and external server of Google Analytics assists the independent 
measuring and auditing of the website’s visitor information and other web analytics. Controllers shall 
be able to give detailed information on the processing of data at the address www.google-
analytics.com. 
External service providers place and read small data packages called cookies on the user’s computer 
to provide custom service. 
In case the web browser returns a cookie previously saved, the service providers can associate the 
user’s current visit with the previous ones, but only in terms of their own content. 
No web beacons are used at the website bpw.hu. 
 
3/2. Data on making contact, application, requesting information at www.ro-sys.hu 
Purpose of the data processing: making contact, keeping contact, requesting information. 
Legal basis of data processing: the consent given by the user. 
Data processed: name, e-mail address, phone number, subject and text of message, date and time, 
other personal data provided by the data subject. 
Deadline of data erasure: when the purpose of data processing is terminated.  
 
Erasure or modification of personal data may be requested: 
► by post: Ro-Sys Software Kft H-9064 Vámosszabadi, Sármány sétány 3, 
► by e-mail: info@ro-sys.hu. 
 
3/3. Data of BPW AGRO HUB 2.0 Android application users 
BPW AGRO HUB 2.0 owned by BPW-Hungária Kft. (H-9700 Szombathely, Körmendi út 98.) and 
developed by Ro-Sys Software Dev does not collect or transmit any personally identifiable 
information such as your name, address, phone number or email address. 
BPW AGRO HUB 2.0 does not store any data related to geographic location, but users may be asked 
to consent to the App’s collection of location information from your mobile device. This location 
information is required in order to list Bluetooth devices. 

BPW AGRO HUB 2.0 has no facility for collecting, transmitting, or maintaining user data, so no data is 
shared with vendors or analytics providers.  
Data protection of BPW-Hungária Kft.: https://bpw-hungaria.hu/data-protection. 
  
4., Controller’s data, contact data 
 
Name: Ro-Sys Software Kft. and its employees performing their tasks set forth in their job 
descriptions in connection with the given contract. 
Registered seat:  H-9064 Vámosszabadi, Sármány sétány 3 
Online contact data: : info@ro-sys.hu 
 
5., Data processor’s data, contact data 
 
Name: Ro-Sys Software Kft. and its employees performing their tasks set forth in their job 
descriptions in connection with the given contract. 
Registered seat: H-9064 Vámosszabadi, Sármány sétány 3 
Online contact data: info@ro-sys.hu 
 
6., Exercising users’ rights in connection with data protection, and the rights to remedies 
 
The legal rights and obligations of users are determined by Articles 14 to 21 of the Privacy Act. As set 
forth in this Act, the user has the right to information and is entitled to request the erasure, 
rectification or blocking of his personal data. Detailed information on the rights and obligations can 
be obtained at this website: http://njt.hu/cgi_bin/njt_doc.cgi?docid=139257.296244 (Articles 14 to 
21 of the Privacy Act) 
The rights to remedies in connection with data processing: the rights to remedies of the user 
concerned are specified in Articles 22-23 of the Privacy Act: 
http://njt.hu/cgi_bin/njt_doc.cgi?docid=139257.296244 
Detailed information on data processing may be requested from the website controller at the e-mail 
address info@ro-sys.hu, or from the National Authority for Data Protection and Freedom of 
Information (Seat: H-1125 Budapest Szilágyi Erzsébet fasor 22/c, Postal address: 1530 Budapest, Pf.: 
5., Phone:+36 (1) 391-1400). 
In case of violation of rights connected to the processing of personal data, complaints may be sent to 
and inspection may be initiated by the National Authority for Data Protection and Freedom of 
Information. Contact data: 
Nemzeti Adatvédelmi és Információszabadság Hatóság 
H-1024 Budapest, Szilágyi Erzsébet fasor 22/C. 
Website: http://www.naih.hu