of the ÆGO websites of INOX Trading and Manufacturing LLC.

Registered Office: 6000 Kecskemét, Szolnoki út 27. Hungary

Company Registration Number: 03-09-101315

Tax Number: 10743102-2-03  EU Tax Number: HU10743102

Prepared by: Value Data Solutions Trading and Service Ltd.

Registered Office: 6050 Lajosmizse, Bajcsy-Zsilinszky u. 78. Hungary

Company Registration Number: 03-09-131294

Tax Number: 25947539-2-03

Vincze Katalin Gizella – Data Protection Officer

—

The purpose of this policy is to establish the fundamental rules for data processing to ensure that data controllers respect the privacy of natural persons. It applies to all data processing and data handling conducted within the territory of Hungary that concerns personal data of natural persons, as well as public interest data or data made public in the public interest.

This policy has been developed in accordance with the following applicable laws:

– Act CXIX of 1995 on the processing of name and address data for research and direct marketing purposes

– Act CVIII of 2001 on certain issues of electronic commerce services and information society services

– Act CXII of 2011 on the right to informational self-determination and freedom of information

– Regulation (EU) 2016/679 (April 27, 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR)

– The Fundamental Law of Hungary

– Act V of 2013 on the Civil Code

– Act I of 2012 on the Labor Code

– Act C of 2012 on the Criminal Code

– Act C of 2003 on Electronic Communications

– Act CLXV of 2013 on Complaints and Public Interest Reports

– Act XCII of 2003 on the Rules of Taxation

– Act L of 2013 on the Electronic Information Security of State and Local Government Bodies

– Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activities

– Act C of 2000 on Accounting

– Act LIII of 2017 on the prevention and combating of money laundering and terrorist financing

– Act CLI of 2017 on the rules of tax administration

– Act LXVI of 1995 on public documents, public archives, and the protection of private archival materials

– Act CLXIV of 2005 on commerce

– Act LXXXVIII of 2012 on product market surveillance

– Act LXXVI of 2009 on the general rules for starting and conducting service activities

– Act C of 1990 on local taxes

– Government Decree 57/2013 (II. 27.) on certain production and service activities subject to establishment permits or notifications, and the rules for issuing permits and notifications

Prepared in Lajosmizse (Hungary) on May 22, 2018.

Company Name: INOX Trading, Manufacturing, and Service Ltd.

Company Registration Number: 03-09-101315

Registered Office: 6000 Kecskemét, Szolnoki út 27. Hungary

Site: 6000 Kecskemét, Szolnoki út 29. Hungary

Site: 6000 Kecskemét, Béke fasor 1/A. Hungary

Tax Number: 10743102-2-03

EU VAT ID: HU10743102

Value Data Solutions Ltd. (6050 Lajosmizse, Bajcsy-Zsilinszky u. 78.) – Vincze Katalin Gizella – v.datakft@gmail.com

INOX Trading, Manufacturing, and Service Ltd. (hereinafter: Data Controller) places great emphasis on the protection of personal data, compliance with legal requirements, and ensuring secure and fair data processing. The Data Controller always processes personal data in accordance with applicable Hungarian and European laws and ethical standards, implementing all necessary technical and organizational measures to ensure secure data processing.

The Data Controller reserves the right to modify this policy, in which case the updated policy will be published publicly.

– Personal data may only be processed with the consent of the data subject (in writing for special categories of data) or if required by law or local government decree.

– Personal data may only be processed for specific purposes, to exercise rights or fulfill obligations.

– Only personal data that is essential, suitable, and limited to what is necessary for the purpose may be processed.

—

INOX Trading, Manufacturing, and Service Ltd. operates in accordance with the principles outlined in this policy.

The company’s main economic activities include the production of grinding products, industrial machine repair, and retail trade of other goods.

This policy governs the processing of all personal data obtained during the company’s activities.

Data processing includes any operation or set of operations performed on data, such as collection, recording, organization, storage, modification, use, querying, transmission, disclosure, alignment, combination, blocking, deletion, or destruction, as well as preventing further use of the data.

In relation to customers, the company ensures compliance with anti-money laundering regulations and the principle of purpose limitation when handling personal documents. Copies of identification documents are made only with the customer’s consent, and the retention period and purpose are clearly communicated.

The Data Controller may use customers’ personal data for business-related electronic communications with their consent.

Tax secrets and other documents provided by customers will not be disclosed to third parties without written consent, except as required by law. Business secrets will be preserved and not disclosed to third parties.

– Compliance with applicable laws (e.g., Labor Code, Personal Income Tax Act, Accounting Act) when maintaining records of employees, customers, contractors, and patients.

– Destruction of copied personal documents if business negotiations do not result in an agreement.

– Preparation of confidentiality agreements and ensuring compliance with business secrecy regulations.

– Restricting employee access to customer data and documenting physical, operational, and technical security requirements.

The legal basis for data processing is the legitimate interest of the entrepreneur, which may be based on legal requirements, contractual obligations, or voluntary consent.

—

The Data Controller protects data against unauthorized access, alteration, transmission, disclosure, deletion, or destruction, as well as accidental loss or damage. The Data Controller, together with server operators, implements technical, organizational, and operational measures to ensure data security.

Data subjects may provide consent for data processing in writing as part of a contract. The contract must include all necessary information about the data processing, such as the data to be processed, the duration, purpose, transmission, and use of data processors.

The rights and personality rights of data subjects must not be infringed by other interests, including the public interest in data disclosure.

Data storage, disposal, use, processing, and transmission are conducted in compliance with legal requirements, with precise documentation. Logs and records are maintained to track these activities.

In the event of a data breach, the company will immediately notify the system operator and take steps to prevent further data loss. Affected individuals will be informed, and data recovery efforts will be organized with experts.

For invoicing purposes, the customer’s address must be included as required by law. The legal basis for this data processing is Section 13/A (2) of the Accounting Act. Data is retained for 8 years in accordance with accounting regulations.

The company ensures that customers and interested parties can contact us by mail. Email addresses are essential for user identification. The legal basis for this data processing is the data subject’s consent. Data is retained until consent is withdrawn or for one year after the last communication.

System messages related to contractual performance are retained for 5 years to provide evidence in case of disputes.

PROFITÁRHELY IT Services Ltd. (6000 Kecskemét, Szolnoki út 23., Tax Number: 23173080-2-03) Hungary

Websites: www.inox.hu and www.aego.us 

—

The Data Controller processes personal data only in accordance with legal requirements or voluntary consent. In some cases, data processing may be based on other legal grounds or Article 6 of the GDPR.

Data subjects may request information about the processing of their personal data, correction of their data, or deletion/blocking of their data (except for mandatory data processing).

The Data Controller will provide information about the data processed, its source, purpose, legal basis, duration, and any data breaches.

Personal data will be deleted if its processing is unlawful, the data subject requests it, the data is incomplete or inaccurate (and cannot be corrected), the purpose of processing has ended, the retention period has expired, or a court or data protection authority orders it.

Data subjects may object to the processing of their personal data if it is based solely on the legitimate interests of the Data Controller or a third party, except where processing is required by law.

The Data Controller must examine objections within 15 days and inform the data subject of the outcome. If the objection is justified, the Data Controller must cease processing and block the data.

Data subjects may file a complaint with a court or the data protection authority if their rights are violated.

—

Key terms used in this policy:

– **Personal Data**: Any data relating to an identified or identifiable natural person.

– **Consent**: Voluntary and explicit agreement by the data subject to the processing of their personal data.

– **Objection**: A data subject’s statement objecting to the processing of their personal data and requesting its cessation or deletion.

– **Data Controller**: The entity that determines the purposes and means of data processing.

– **Data Processing**: Any operation performed on data, including collection, recording, storage, and deletion.

– **Data Breach**: Unauthorized access, alteration, or destruction of personal data.

Competent District Court – for civil matters

National Authority for Data Protection and Freedom of Information (NAIH)

Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c. Hungary

Phone: 06-1-391-1400

Fax: 06-1-391-1410

Email: ugyfelszolgalat@naih.hu

Website: naih.hu

Lajosmizse, May 22, 2018.

Prepared by: Value Data Solutions Ltd. – Vincze Katalin Gizella, Data Protection Officer