Terms and Conditions
The terms and conditions of ESZERZŐDÉS.HU (hereinafter: T&C) includes the terms and conditions of using the online services available at the (https://eszerzodes.hu/) (hereinafter: ESZERZŐDÉS.HU or website) operated by Wiredsign Zrt. (hereinafter: Service Provider).
The effect of these T&C covers the users of the Service Provider's website (https://eszerzodes.hu/, https://ssl.eszerzodes.hu, https://eszerződés.hu, https://e-szerződés.hu) and sub-domains. These T&C are constantly available at the following website: https://eszerzodes.hu/altalanos-szerzodesi-feltetelek and may be downloaded from the following link: https://eszerzodes.hu/altalanos-szerzodesi-feltetelek.pdf
The Agreement arranged based on these T&C shall be filed by electronic means, deemed written Agreement, and the filed Agreement is subsequently available at Service Provider in electronic form.
These T&C are written in Hungarian language, the name of contracting is Hungarian.
Service Provider has subjected itself to no code of conduct, these T&C refers to no code of conduct.
At the website, service packages making electronic contracting available may be ordered. User may inform on the substantial properties of the packages to be ordered at the website at the sites describing the features of such packages.
The language of contracting and legal statements is Hungarian, the Agreement's conditions were made in Hungarian language.
The orders placed at the website are deemed statement made in the form of implied contract, and result in payment obligation on the User's side.
Service Provider shall confirm the reception of the order by electronic means. If no confirmation is received by User within 48 hours, then the User shall be exempt of the tender strings.
In the course of the order steps, prior to submitting the order, User receives information on the method of access to the service packages and the available payment methods.
User receives the contractual terms and the documents necessary for lawful notification as a document attached to the confirmation of the order sent via e-mail, with the actual content as of the reception of his/her order. In addition, User may download and/or print the contractual terms using the above designated link, and/or they are always available on the website in their actual state.
The times, time intervals mentioned in these terms and conditions shall be interpreted according to Central-European Time (CET).
The business days, holidays mentioned herein shall mean the Hungarian business days, holidays.
Service Provider's details
Service Provider's name: Wiredsign Zrt.
Service Provider's registered office: 2643 Diósjenő, Dózsa György rd. 28./b
Service Provider's contact details, regularly used electronic mailing address serves to keep contact with the Users: email@example.com
Service Provider's postal address: 2600 Vác, Deákvári alley 35. ground floor 4.
Company reg. No.: 1210001683 – managed in the registry of the Balassagyarmat General Court's Company Registrar
Tax No.: 29277261- 2- 12 Phone No.: +36 20 886 13 09
Hosting Provider's details
Gedeon Nyomdaipari és Service Provider Bt.
Address: 2600 Vác, Zrínyi str. 9.
Phone No.: (27) 501-655; (30) 949-2490
Telefax: (27) 501-656
Tax No.: 29071522-2-13
- Registered member: a natural person with full legal capacity, legal person or business entity without legal personality registered to the ESZERZŐDÉS.HU website free of charge through invitation.
- Subscriber: a natural person with full legal capacity, legal person or business entity without legal personality registered to the ESZERZŐDÉS.HU website free of charge through invitation, who has subscribed to the 'full membership' including premium features.
- User: the Subscriber, Registered member or any other person, who otherwise uses the website operated by Service Provider, irrespective of whether (s)he makes statement thereon or not.
- Contracting parties by electronic means: Those users, who conclude Agreement with each other by using the ESZERZŐDÉS.HU system.
- eAgreement: an Agreement drafted using the ESZERZŐDÉS.HU system, concluded by the User with another User.
- Individual Agreement: a relationship established between Service Provider and User, according to which User acknowledges that (s)he has learnt the content of the T&C, and acknowledges the content provided therein as binding on himself/herself. The Individual Agreement is established between parties concurrently with the registration to the ESZERZŐDÉS.HU site, and with the activation of the service.
- Audit: the inspection prior to the establishment of the Individual Agreement, when Service Provider ascertains on the validity of the data provided by the User.
- Visitor: Any person freely browsing the website, his/her privilege is limited solely to browsing.
- Service Provider: the Service Provider providing service related to the informational society, in this case: Wiredsign Zrt.
- Service: providing content and access required to use the services provided via the website to the User.
- Service Fee: the amount to be paid as the remuneration for using the service, as per the actual tariff.
- Digitally recorded signature: Own signature, which is digitally recorded in any form. For instance, signature on the capacitive display of mobile phones, or the digitization of hard-copy signature (photo, scanner...). One of its practical forms is the devices used by the courier services to record the delivery.
- Electronic signature: While in case of hard-copy documents, the authenticity of the document is ensured by the hand-written signature provided thereon, electronic documents may be authenticated by electronic signature. The electronic signature does not mean a scanned hand-written signature, but it is a special version of encoding. If we sign a document by electronic means, then we encode it in such manner that the authenticity of the encoded document is guaranteed by its structure. The authenticity of the electronic signature is also acknowledged by the laws.
- eIDAS: The Regulation on the electronic identification and fidelity services (Regulation No. 910/2014/EU – eIDAS) is a standardization requirement incorporated into a regulation, which refers to all EU member states, on which basis all electronic signatures types are legally valid and officially applicable.
- Electronic time stamp: Time stamp means a code series proving the exact and credible time of origin of a digital dataset or document.
1. Terms and Conditions – Principles and Effect
1.1. Legal background of Terms and Conditions
With respect to matters not regulated in these T&C, as well as on the interpretation of these T&C the Hungarian laws shall apply, in particular the relevant provisions of Act V of 2013 on the Civil Code and Act CVIII of 2001 on Certain issues of services related to electronic commercial services and informational society (Eker. Act) and Government Decree No. 45/2014. (II.26.) on the Detailed regulation of contracts between the consumer and the enterprise, and Governmental Decree No. 373/2021. (VI. 30.) on the Detailed regulations of sale of goods between the consumer and the enterprise, as well as on providing digital content and digital services. The mandatory provisions of the relevant laws shall apply to the Users without separate stipulation.
These T&C govern the general legal and commercial conditions of using the Service.
Main relevant laws:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (hereinafter: GDPR),
- Regulation (EU) 910/2014/EU of the European Parliament and of the Council (23 July 2014) on the electronic identification and fidelity services related to electronic transactions in the internal market, and on repealing Directive 1999/93/EC (hereinafter: eIDAS Regulations),
- Act CCXXII of 2015 on the General provisions of electronic administration and fidelity services (hereinafter: E-administration Act),
- Government Decree No. 451/2016. (XII. 19.) on the Detailed provisions of electronic administration (hereinafter: Eüvhr.),
- Act CVIII of 2001 on Certain issues of services related to electronic commercial services and informational society,
- Act LXXVI of 2009 on the General provisions on starting and pursuing service provision activity,
- Act CLV of 1997 on Consumer protection,
- Government Decree No. 45/2014. (II. 26.) on the Detailed provisions of contracts between the consumer and the enterprise,
- Governmental Decree No. 373/2021. (VI. 30.) on the Detailed regulations of sale of goods between the consumer and the enterprise, as well as on providing digital content and digital services.
1.2. Scope of the Terms and Conditions
Temporal scope: These Terms and Conditions shall be effective from their placement on the website on, and shall remain effective for indefinite term.
Personal scope: The personal scope of the T&C shall cover Service Provider, and any connecting organization entering relationship with Service Provider in regards the use of the Service (hereinafter: Recipient), as well as the business entity using the Service as a client, and on the natural person client and the administrator of a business entity (hereinafter: User).
On contractual relationships between enterprises having registered seat in the European Union and natural persons, the Regulation (EU) 593/2008/EC of the European Parliament and of the Council on the laws applicable to contractual obligations shall apply. Accordingly, parties may freely choose upon concluding the contract, which laws they are willing to apply to their contractual relationship. By these T&C, Parties accept that they acknowledge the Hungarian laws and the Hungarian language T&C regarding their choice of law.
Amendment of these T&C and the entry of such amendment into force: Service Provider may unilaterally amend the T&C. Service Provider shall disclose the amendments on the website 11 (eleven) days prior to the effective date, and raise user's attention thereon.
On the Individual Agreements, the conditions of the T&C effective as of ordering the service shall apply.
In regards on-going Individual Agreements, the provisions of the amended T&C shall become effective when the User accepts the amended conditions. Upon the first log-in following the amendment, Service Provider offers the User to read the amended T&C, and requests the acceptance thereof.
The User not deemed Consumer accepts by accepting these Terms and Conditions that Service Provider may unilaterally amend the contractual conditions with no further consequences. The amended provisions shall become effective upon the disclosure thereof.
To a User deemed Consumer, in regards the on-going Individual shall become effective when the User accepts the amended conditions. Should the User not deemed consumer do not accept the amended conditions, then the Individual Agreement shall cease and Parties shall account with each other in proportion to the services performed so far.
1.3. Learning the Terms and Conditions
The User, if (s)he logs into the website operated by the Service Provider, or reads its content in any manner (even if (s)he is not a registered user of the website), acknowledges the provisions of the T&C as binding. Should the User do not accept the conditions, then (s)he shall not view the website's content.
Should the User have any question regarding the provisions of these T&C or the use of the website, please send it to the firstname.lastname@example.org e-mail address. Service Provider answers your questions within 8 business days! Thank You!
2. Establishment of the Individual Agreement, the Users' rights and obligations
2.1. Service Provider creates an independent user account for the User, which is identified using the personal data provided by the User.
2.2. The User concludes the Individual Agreement authorizing to use the services of ESZERZŐDÉS.HU by completing the electronic form, in Hungarian language by electronic means. A precondition to use the service is registration, the individual access to the service becomes available using the user account created with it. The Individual Agreement is established from the date when the User fully completed the electronic registration form, accepted the provisions of the T&C, and Service Provider activated the service.
A Service Provider issues the incoming electronic agreements in PDF format, affixes its electronic signature and time stamp (enhanced security signature based on a qualified certificate). It stores the electronic agreements issued in this manner free of charge, and they may be downloaded anytime free of charge from the user's account. Just as the hard-copy signature is an evidence to be used at the Court, electronic signature may be used so too.
By executing the registration, among the packages appearing by clicking on the 'Prices' menu section, designated on the 'Prices and packages' page, the User obtains privilege for the usage provided in the description available there, with no remuneration.
To use further features, subscription is required. By executing the subscription, the User obtains privilege for wider use, more features in exchange for the service fee. (S)he may select the appropriate package on the same site. The content of the package, the features to be obtained by purchasing it, the scope of the user right are provided in the description available at the particular package. The subscription related to the selected package can be launched by clicking on the 'Subscription' button provided below the package description.
2.3. Placement and confirmation of the order, establishment of subscription Individual Agreement (hereinafter: subscription)
2.3.1. The User may place his/her order online, at the website as follows.
2.3.2. Depending on the selected service package, the User may launch the order process by clicking on the 'Subscription' button provided on the datasheet of the service package.
2.3.3. The User may pay the service package fee for a year in a single amount, or monthly, in the form of monthly fee. Depending on his/her intent, by ticking the checkbox next to the '12-month | Annual', and/or 'Monthly subscription' captions, (s)he may choose from the payment schedules.
2.3.4. In case of annual subscription, a voucher granting discount may be redeemed in the course of the order process, therefore, using the discount by typing the appropriate code into the field above the 'If You have voucher code, then You can activate here', and finally, by clicking on the 'Activate' button. Service Provider may provide voucher granting discount during periodic, case campaigns, to the User, in all such events, the conditions to get and use the voucher are provided in the particular campaign. In case of each campaign, Service Provider also provides information on the redemption options regarding the vouchers granting discount, by means of separate communication.
2.3.5. Then the payment method shall be selected, then the invoicing address must be provided. In case of selecting monthly payment method, only bank card and monthly renewing payment method may be chosen.
ATTENTION! In case of subscription as taxpayer having tax ID number (eg. business entity, sole entrepreneur, farmer, etc.), company name/name, tax number and invoicing address must be provided. The person acting on behalf of the subscriber taxpayer shall be liable for providing valid data.
2.3.6. User may switch from the purchased service package to a service package of higher category, in which case (s)he shall pay the difference between the price of the service package to be purchased and of the already purchased service package. Switching service package may be initiated following logging into the user account in the personal menu on the site appearing by clicking on the caption signing the expiry of the subscription, by selecting the service package. Then (s)he may place his/her order by executing the order process as per this chapter.
2.3.7. The User having subscription may purchase additional supplementary service packages and/or time stamp packages. On the purchase process and/or the regulations to be observed, the provisions of this chapter shall also apply.
2.3.8. Depending on the service package, next to the package's name and/or the designation of its subscription period, the package's consumer price and the gross amount of other potential costs; i.e. the total cost to be paid by the User, and/or in case of choosing monthly rate subscription, the monthly rate amount and additional information related to the payment of the fee are available.
2.3.9. Tools made available to identify and correct the data entry errors prior to sending the statement:
When entering deficient or obviously defective data, a warning message shows-up in the order process.
The User having user account may modify his/her personal data during the order process regarding the order. (S)he may modify his/her registration data following logging into his/her user account, by clicking on the 'My profile' button.
The order's data, parameters may be checked anytime, or even delated until placing the order, by modifying the data, entering new data as per provided in these T&C so far.
Upon checking the above data of the order and correcting the potential data entry errors, the User may validly place his/her order by ticking the statement on accepting the T&C and clicking on the 'Order subscription' button. In case of bank card online payment, then the Service Provider redirects to the online payment service provider's interface, where the User may execute the payment.
2.3.10. Upon the reception of the order, Service Provider shall promptly confirm it by an automatic e-mail to User, to the e-mail address provided by him/her. The confirmation is inclusive of the total amount to be paid, or in case of online payment, the already paid by the User. Should the confirmation is not received by User within 48 hours from sending his/her order, then User shall be exempt of the tender strings. The confirmation shall be deemed delivered to the User, when it becomes available to him/her (i.e. upon the reception in his/her e-mail account).
2.3.11. Service Provider shall provide the purchased service to User within 24 hours from the crediting of the service fee (the annual fee in case of annual fee, or the first monthly fee in case of monthly rate) to its bank account. The agreement on purchasing the digital service is established upon the delivery of the relevant notice to User.
2.3.12. Service Provider raises User's attention on checking the order confirmation. IF the confirmation's content deviates from the order's content, and the User does not contest such deviation within 24 hours from the reception of the confirmation, and/or if (s)he performs a payment following the reception of the confirmation, then the content of the confirmation shall apply on the agreement (not including the provisions on stating the incorrect price). Following the notification of Service Provider on the confirmation of deviating content, Service Provider shall inspect the notification, and in justified cases, correct the order.
2.3.13. In case of subscription, the User may cancel the subscription on the site appearing under the 'My orders' menu section in his/her personal menu showing-up after logging into his/her user account, or may initiate the cancellation of the subscription through sending an e-mail message to Service Provider in this regards. The cancellation of the subscription is always applicable on the end of the actual subscribed period.
2.4. In case of User's request on the delete of the user account sent after his/her order, Service Provider sends an information message to the User's e-mail address on that a precondition to access to digital services is to have a user account, therefore, the User's request is deemed the termination of the agreement with notice, which is effective for the end of the actual subscribed period.
Should User still request to delete his/her user account, Service Provider is not obliged to reimburse the amount paid by User for the service package, regardless of how much of the actual subscription period is left.
Upon deleting the user account, the User's right to access to the service package ordered by him/her ceases.
2.5. If the User requests to delete his/her data required to perform the order prior to the performance (granting access to individual access), or objects against the use of them for such purposes, then Service Provider shall cause him/her on his/her intent to withdraw from the order.
2.6. Posterior correction of the order
If User prefers to modify his/her already placed order, or provided incorrect data, then (s)he shall forthwith notify the customer service thereon. It is important to this promptly, in order to enable Service Provider correct the order prior to commencing the performance.
In case of posterior correction of the order, Service Provider shall send a new confirmation on the order, according to which the subscription agreement is established (or, in case of previously accepted incorrect order amended) according to the amendment.
In case of posterior correction, Service Provider may also choose to cancel User's incorrectly placed order and request him/her to place a new order. It shall make separate arrangements with the affected User.
2.7. Service Provider shall send an electronic mail to User on the activation of the services, i.e. on the establishment of the Individual Agreement. It shall attach the valid electronic agreement to the mail in PDF form.
2.8. The User acknowledges that if (s)he provided invalid data on the electronic registration form, or did not provide his/her own data, then the Individual Agreement is invalid. In case of invalidity, the User shall pay the fee of the already used services to Service Provider, and Service Provider no longer reimburses the already paid amount. If a third party suffered damage due to that the User provided invalid data during the registration, then User shall bear all consequences thereof, Service Provider excludes all any of its liabilities related thereto to the fullest extent permitted by the laws.
2.9. The registered members shall have the following rights upon registering to the website:
2.9.1. Accepting or rejecting of contractual offers.
2.9.2. Signing unlimited number of agreements, if a contractual offer is received through invitation.
2.9.3. Unlimited options to store, search, download signed agreements.
2.9.4. Unlimited access to the records of contract templates.
2.10. During the term of subscription, in addition to the privileges for registered members as per the above clauses 2.5 and 2.6, Subscribers shall also have the following privileges:
2.10.1. Establishment of agreements and invitation of persons to contract to the extent of the particular fee package.
2.10.2. Establishment of contract templates.
2.10.3. Access to system templates.
2.11. By deleting the user account, the relationship between the User and Service Provider as governed herein shall cease. The T&C's conditions related to view the website shall remain valid against the Users.
2.12. A User may have only one user account, unless otherwise provided by an individual agreement arranged between the Service Provider and the User. If a User is proven to have committed fraud (eg. attempts to register using multiple e-mail addresses), then Service Provider calls to stop his/her unlawful action, and if the User fails to do so within 11 days, then Service Provider may delete the particular user account. In the event of user account deletion due to such breach of contract, Service Provider is not required to reimburse to fee part potentially still remaining in exchange for the fee already paid by User, but not yet provided due to the breach of contract.
2.13. Service Provider undertakes to provide its Services to the User in accordance with the provisions of these T&C, if the User fulfils the conditions of using the services in accordance with the provisions of these T&C.
2.14. To activate the services, in case of services related to fee, the reception of the fee by Service Provider is required. Service Provider undertakes that its service to User will be available and operational within 24 hours from the reception of the subscription fee.
2.15. Subscriber shall pay the Service Fee provided in Service Provider's actual tariff for the services subject to remuneration. The Service Fee shall be due in advance in all cases.
2.16. The payment of the fee is deemed performed, when it is credited to Service Provider's bank account in full. Another precondition to the performance is that the depositor shall be identical to the customer stated on the invoice issued by Service Provider.
Creation of co-account: By logging into his/her account, the User may create access for additional persons under the title of co-account in his/her personal menu, on the page opening upon clicking on the 'Account accesses' menu section, to the account used by him/her and the services available therein. It is the user's privilege and liability to determine the scope of services, privileges available in the distributed co-account. Service Provider shall not be liable for the occurrence of errors, damages, unauthorized accesses related to the co-account created by the User, the related privileges, extent of access. Taking all of these into consideration, User shall carefully create co-accounts and/or shall regularly review their use, the scope of access rights related thereto.
Authentication of e-Agreements: In the course of providing its services, Service Provider affixes electronic signature of enhanced security and time stamp on the Agreements established by the Customers, acting on behalf of them.
Should the exercising of Customers' interests arising from the laws or the fulfilment of their obligations, or the enforcement of legitimate interests requires so, they can prove regarding the e-Agreements created by electronic means that the content of the Agreement concluded has not changed since the date of the creation thereof.
Pursuant to Government Decree No. 451/2016. (XII. 19.) on the Detailed provisions on electronic administration, Sec. 12 (1), that electronic document is authentic, which is deemed a private document having full evidence, and (if provided so by the laws), has time stamp affixed.
To ensure that Customers shall not be required to inspect the authenticity of the particular electronic agreement, Service Provider declares so that it affixes time stamps on the e-Agreements.
In the course of providing its services, Service Provider affixes electronic signature of enhanced security based on qualified certificate and time stamp (e-Szignó - Microsec).
The electronic signature of enhanced security based on qualified certificate and time stamp affixed onto the Agreements according to this clause certify that no change has occurred in the data content of the document since the moment of the authentication.
Therefore, the Agreement created by electronic means (although it has never existed as a hard-copy) is capable of causing legal effects, if the Customer uses Service Provider's service as per this clause, and on the basis of a general agency relationship established based on an Individual Agreement previously concluded with Service Provider, (s)he assigns Service Provider upon concluding the e-Agreement to authenticate the electronic agreement created by electronic means on his/her behalf on an ad-hoc basis.
Pursuant to the Pp. Sec. 325 (1) f), a private document has full evidence, when the signatory affixed its qualified electronic signature of enhanced security or electronic signature based on qualified certificate or seal on the electronic document, and (if provided so by the laws) also affixes a time stamp.
3.1. In regards the agreements arranged in the course of operating the ESZERZŐDÉS.HU using the system, by the Users between each other, Service Provider acts as an intermediator service provider, in accordance with the provisions of Ekr. Act. Accordingly, Service Provider bears no liability for the relationships established by the agreements establishment using the ESZERZŐDÉS.HU, or the establishment or failure to establish further relationships related thereto, moreover, in regards the defective or non-performance, termination or unlawfulness of relationships, Service Provider excludes all and any liability related thereto to the fullest extent permitted by the laws.
3.2. Service Provider warrants the availability of data entered into the ESZERZŐDÉS.HU system according to the data entry and data deletion made by the User. In addition, it bears no liability for the loss or damage or theft of the data managed related to the User's conduct.
3.3. Service Provider performs no electronic signature, nor issues electronic signature. In the course of providing the service, it acts as an intermediator service provider in the course of creating electronic signature (e-Szignó - Microsec) and time stamp on behalf of the Customers on the agreements arranged and concluded by the Customers.
3.4. Service Provider is committed to maintain the highest level of services.
Service Provider shall not be liable for such defect of the agreements drafted or of the services provided by it, which is a result of the User's conduct, activity. Such events are including, but without limitation, uploading defective dataset by the User, application of incorrect user settings, or on the contrary of Service Provider's guidelines, entry of defective data by the User. It is inclusive of the correct recognition, interpretation and transmission of the dataset uploaded by User by Service Provider's system, since the correctness of the transmission of data can not be guaranteed taking the available technological solutions into considerations. User shall also posteriorly check the correctness of the data/datasets entered and/or uploaded by him/her, as well as the appropriateness of the user settings. (S)he shall perform such inspection prior to and following finalizing the agreements drafted, taking into consideration that the documents created may establish relationships and determine the conditions thereof. Should User find an error in the already drafted, finalized in the course of his/her posterior inspection, (s)he shall promptly notify Service Provider thereon, who shall make its best efforts within its technical opportunities in order to correct the error.
The service provided by Service Provider in exchange for fee covers the drafting of the agreements in the form of authentic electronic documents and the transfer thereof between the parties provided therein for signature purposes, including the execution thereof by all parties. The subsequent storage of the agreement drafted shall be provided by Service Provider in exchange for subscription, it makes an alternative option free of charge for the User. However, User shall download the contractual documents drafted following the execution thereof by all involved party and to store at his/her own domain. Following the drafting, signatures, all affected parties receives the drafted agreement via e-mail in the form of an electronic document. User has the option to make such setting that the system do not automatically send such agreements, this belongs to the User's scope of liability. In addition, the User may download the such drafted agreements in this case, and shall also promptly download them from his/her user account. Taking all of these into consideration, Service Provider bears no liability for the further storage of the already drafted agreements signed by all parties, nor for the data losses, defects occurring during the further storage.
Service Provider shall not be liable for the defects occurring beyond its control at external service providers (eg. downtime of internet service).
Service Provider excludes its liability for the downtimes occurring related to the performance of the necessary upgrades due to defects due to service downtimes. Service Provider shall make all reasonable efforts to ensure that such upgrades shall not cause downtime or halt, and in all anticipated events, it shall notify the users on the date of the expected upgrade. User shall take the content of such notifications into consideration, and avoid using the system accordingly, or use it in the affected period by acknowledging the above risks.
3.5. Service Provider conducts no legal activity, it does not review the agreements concluded using the ESZERZŐDÉS.HU, neither from legal, nor from other aspects, nor supervises, nor checks, nor make judgements thereon, it provides only service related to the information society to the Users to draft contractual documents, and an electronic platform to conclude the agreements by electronic means. Service Provider bears no liability for the content of the agreements drafted by the users, it contributes only to certifying the authentication of the document drafted. Service Provider does not determine the content of the agreements, nor review them from any aspect. The purpose of the agreement document templates offered by Service Provider is only general template provision during drafting certain agreement types to determine their content, to make the Individual Agreement content easier, and in at all times, it is the User's duty and liability to determine the agreement's content.
3.6. User shall be fully liable for all contracting, when his/her password were used. Taking this into consideration, User shall ensure to keep his/her password in secret, protected. Service Provider excludes its liability for such damages that incurred due to that User's password entered into an unauthorized possession, and the liability arising therefrom shall be solely borne by User.
3.7. The provision of service by Service Provider covers only the territory of the European Union.
3.8. Service Provider bears no liability for the Users' conduct, for the content of the relationships established between them, for Users' contractual performance, for Users' disturbing behaviour or conduct, nor for any kind of breach, including the infringements regarding intellectual property rights. User shall be solely liable for the content of the agreements, the validity of the information provided therein. Service Provider excludes its liability for all material and non-material damages and losses, loss of profits, which are incurred in regards the use of the ESZERZŐDÉS.HU from the Users' activity, including the damages caused to third parties.
3.9. Should a third party, authority or court have claim or launch a proceeding in regards the activity performed by the use of ESZERZŐDÉS.HU by User, then all costs, expenses or liabilities related to such claims or proceedings shall be borne by the User, and also undertake to make his/her best efforts in order to protect the goodwill of ESZERZŐDÉS.HU in regards the breaches and infringements, and also reimburse Service Provider's material and non-material damages arising from the breaches.
3.10. Service Provider warrants 99% uptime for its Services as per these T&C and the operation of the website projected to one year. Access and other operational duties provided by Service Provider shall be exempt of such obligation.
Service Provider shall not be liable for the malfunctions, access defects beyond Service Provider's control, or due to other service provider's contribution.
3.11. Service Provider shall be liable for indemnification in all cases only to the extent of the remuneration of the ordered Service, not including the damages incurred at Users deemed consumers due to Service Provider's defective performance.
3.12. Service Provider shall not get involved into disputes between the Users, in the event of any such dispute arising, User shall hold Service Provider harmless against any kind of demand, claim and indemnification.
3.13. User shall notify Service Provider all data changes regarding his/her data required to use the service, related to the payment of fees and those of provided in the course of the audit within 5 (five) business days, and change them in his/her user account. User shall reimburse the damage incurred due to the failure or default report such data change. Service Provider bears no liability for the damages caused by the failure or default performance of data report. Service Provider does not undertake the on-going provision of the Service in the event of no or default data report.
3.14. The provision of Internet access and the devices required thereto to access to the service (hardware and software and their proper settings) are of the User's obligation. Service Provider provides all information required to use the service, to User at its website platform, taking particular attention on the provisions of the 'Knowledge base' menu section.
3.15. Service Provider reserves the right to terminate the Individual Agreement concluded with the User without notice in the event of unlawful use breaching the provisions of these T&C, and delete the account of the User pursuing non-compliant activity.
3.16. Service Provider's inspection rights shall not exempt the User of the liability for the breaches arising due to unlawful use, which shall be solely borne by User against third parties too. User shall be fully liable for all such claims against Service Provider, which are exercised by a third party against Service Provider related to the User's activity.
3.17. If the User's activity is infringing, then Service Provider shall act according to the Ekr. Act, and may remove the infringing content, if receives appropriate notice from the entitled party. Within the relevant and actually effective legal framework, Service Provider shall cooperate with the authorities in order to prosecute the persons committing infringement.
3.18. Service Provider reserves the right to modify the website's content or terminate the access anytime by observing the provisions of these T&C, upon the prior notification of the Users.
4. Audit – Inspection of the Users
4.1. Service Provider may turn to the Users with auditing request, i.e. may request their identification data for data checking purposes. User shall fulfil Service Provider's such request. In this audit, the Users certify the authenticity of their personal or company data using their official documents.
4.2. Should the User fail to fulfil such request, Service Provider may terminate the use of the service without notice.
5. Feedbacks – the Users' rating
5.1. The content of the agreements is private, they are managed by the ESZERZŐDÉS.HU system confidentially, however, Users may provide feedback on each other, which are displayed by Service Provider on the Users' public profile, thus they become available to all such Users, who are preparing to contracting with the rated User. The ratings can not be subsequently modified. The User shall establish his/her opinion by being aware of that (s)he shall be subject liability for feedbacks infringing, defaming others' goodwill without grounds pursuant to the provisions of the civil and criminal law. Service Provider bears no liability for the content of feedbacks provided by others on the User.
5.2. Users may connect their feedbacks to the agreements arranged. They may do so in a categorized manner by selecting any of the following categories:
- The agreement was problematic
- 2. There was a default in the payment or the service,
- The User was neutral,
- The User was correct.
6. Users' contracting between each other
6.1. The agreement is arranged between Users upon parties' mutual agreement and concordant statement of intent, from which an obligation arises to perform the service and a right to claim the service. Parties note their mutual agreement, concordant statement of intent by their electronic signature, which they affix onto the agreement by clicking a button.
6.2. Pursuant to these T&C, valid statements may be made by the persons having legal capacity as per the Civil Code.
6.3. In the course of contracting, Parties shall act in accordance with the provisions and principles of the Civil Code, with particular respect to the principle of good faith and fairness, the principle of reasonable conduct, the obligations of mutual cooperation and notification.
6.4. Only such agreements may be concluded on ESZERZŐDÉS.HU, for which no notary public or attorney-at-law countersigning is required.
6.5. Prior to signing/finalizing the agreement, the electronically contracting parties shall check and identify each other's data. Should they observe deviations, potential deception or fraud, they shall promptly notify ESZERZŐDÉS.HU thereon via the following e-mail address: email@example.com. There is not publicly available profile and corresponding profile datasheet on ESZERZŐDÉS.HU. The user data may be placed into an agreement and thus into the other party's possession only in the event when the user approved the electronic contracting request.
6.6. Service Provider provides no service related to the identification or authentication of persons or organizations. Should User is obliged to perform client identification and related other duties based on legal obligations, then (s)he shall solve it independently.
6.7. Parties generate an electronic document using the ESZERZŐDÉS.HU system. They accept and acknowledge their signature created on their own in the system as their signature made by their own hands. The signature of the issuer parties is stated on the document, which they automatically acknowledge as their own by accepting these T&C. The relevant eIDAS regulation grounds the basis of electronic signature by declaring: no signature's validity may be contested purely due to its electronic form. This requirement may be fulfilled using typical electronic signatures.
Pursuant to the Regulation (EU) 910/2014/EU of the European Parliament and of the Council (eIDAS), a document with at least enhanced security electronic signature affixed meets the requirement of incorporating into writing.
On the agreements, in addition to the digitized form of manual signature, both electronic signature and time stamps are present, therefore, it can be not only proven that the document was signed by the person whose certificate is provided in the signature, but also that the document was signed prior to the date provided in the time stamp, which has not been changed since then.
6.8. Contracting Parties acknowledge the signature process in multiple steps, but ultimately by a single click as their own signatures, and as a result, their signature made by them and digitally stored is affixed onto the agreement drafted. The Users also acknowledge the validity of the agreements concluded by them within the ESZERZŐDÉS.HU system by clicking on the 'sign' button, but do not contest its authenticity. They have made multiple statements thereon in an independent document, which they accepted in the course of their registration to the ESZERZŐDÉS.HU, following complete notification.
6.9. Should the User contest the validity of the agreement concluded with other Users using the a ESZERZŐDÉS.HU system, then (s)he commits breach of contract against Service Provider, since (s)he accepted the conditions of these T&C, according to which (s)he acknowledges the agreements concluded by him/her as valid, acknowledges the signature corresponding to his/her user account as his/her signature made by his/her own hand, and shall ensure the protection of his/her user account on their own, and shall be liable for the consequences arising from the breach thereof. In such cases, User shall indemnify Service Provider for the damages caused (eg. prestige loss, lawyer costs, etc.).
6.10. The systems notifies the Users on the conclusion of the agreement. The agreements are delivered to the Parties via e-mail, and/or the system stores and makes them accessible anytime from the user account. The agreements concluded can not be posteriorly edited, the system itself does not make it possible.
6.11. Service Provider provides file number to each agreement, on which basis search among the documents is possible.
6.12. The agreements complying with the laws in force, concluded between the Users shall have binding effect, and parties shall perform them. In the event of no-performance, the provisions of the agreement may be enforced in accordance with the Hungarian laws.
6.13. The User may manage the agreements in the 'My agreements' menu section. The Party invited to contracting may accept the invitation.
6.14. If the Users to contract with each other agree in the agreement's content, they may close the finalized textual version thereof. The Users may sign the closed agreements. After the User clicks on the 'sign' button stated on the bottom of the agreement, a pop-up window shows-up, in which the User has to re-accept the terms of these T&C, and (s)he may finalize the signature only then, using the confirm button. The signature may be revoked as long as the other party does not sign them. The system notifies both parties on the signatures, just as on the revocation of the signature.
6.15. The concluded agreement is completed when the last party signed it. Upon the signing by both parties, the agreement's content can be no longer amended.
6.16. In Service Provider's database, the data, agreements uploaded by the Users are encrypted using a cryptographic procedure. The ESZERZŐDÉS.HU website communicates with the server using SSL encryption, to prevent the reverse engineering of the message packages meanwhile.
The validity of agreements concluded using the ESZERZÖDÉS.HU
ESZERZŐDÉS.HU has the solution of legally binding contracting, therefore, its digitally recorded signature process is quick and easy. The agreements drafted this manner have electronic signature of enhanced security based on qualified certificate and time stamp affixed. The time stamp certifies that a particular document already existed in a given moment. The time stamp is issued by the time stamp service provider. The time stamp is such a data, which includes the footprint of the time-stamped document, as well as the date of the time-stamping, and the time stamp is authenticated by a time-stamp service provider by its own signature. The time-stamp's authenticity is also acknowledged by the laws.
The Users conclude agreement using the ESZERZŐDÉS.HU in accordance with the following laws:
Civil Code, Sec. 6:4 [The juridical act]
(1) The juridical act is a declaration of intent aimed at producing legal effect.
(2) The juridical act may be made orally, in writing or by implied conduct.
(3) If a party performs his/her judicial act by way of implied conduct, then juridical act shall be considered as being made when the implied conduct has been shown.
In terms of the above laws, even implied conduct is sufficient to conclude an agreement. Demonstrating through a realistic example, shaking hands at the end of an oral agreement is such a manner.
there is no so-called type coerce in Hungary. Parties freely determine the agreement's content.
Pursuant to the Civil Code, Sec. 6:58, an Agreement is parties' mutual and concordant statement of intent, from which obligation arises to perform a service, and right to claim such service.
Section 6:59 (2) provides that parties may freely determine the agreement's content. They may deviate from the agreement's provisions on the parties' rights and obligations upon their mutual consent, if such deviation is not prohibited by this act (the Civil Code).
The new Civil Code makes no difference compared to the 1959 Civil Code, Sec. 217 from the aspect of consequences, depending on whether parties breached the formality required by the laws or by parties.
According to the rating, the agreements arranged on ESZERZŐDÉS.HU are deemed written agreements, thanks to the digital signature and time-stamp affixed thereon, and regarding their content, they may be classified into the type of mixed agreement, since they have the properties of several contract types provided in the Civil Code. By using the ESZERZŐDÉS.HU, only such agreements may be concluded, for which no notary public or attorney-at-law countersigning is required.
7. Service Fee
7.1. The actual tariff of each Service is included in the actual service fee table (Prices) of ESZERZŐDÉS.HU. User may learn the actual prices of the service packages on the sites introducing the description of each package of the website. The full amount of the service fee is inclusive of all costs related to the invoicing period, i.e. it also means full monthly/annual cost.
The fees stated are gross consumer prices, i.e. at each package, the amount inclusive of the tax payable is shown.
The amount of fees shall be understood always in HUF.
In the order confirmations, always the actually payable (or in case of prepayment, the already paid) gross consumer price and potential other costs are provided in their full amount.
Should an obviously incorrect price due to a mistake is presented (eg. '0' or '1' HUF price, or a price obviously deviating from the realistic price by scale, eg. instead of 10,000 HUF, 1000 HUF or 100 HUF ) is stated, then Service Provider is not obliged to sale at the incorrect price, in such event, the agreement is not arranged regarding the package subject to the incorrect price. Service Provider may offer a sale at the correct price, being aware of which the User affected by the particular transaction may order the package at the correct price by placing a new order.
7.2. User may settle the Service Fee only using the payment method provided by ESZERZŐDÉS.HU. The services related to the payment of the Service Fee shall be activated upon the confirmation of successful transaction.
7.3. Service Provider may unilaterally adjust the Service Fees according to the inflation rate (rounded) related to the previous calendar year as published by the Central Statistical Office (KSH). It shall notify the User on the adjustment within reasonable time of the effective date thereof, prior to deducting the subsequent periodic fee, on a permanent media storage unit. User may cancel the renewing payment prior to the date of the subsequent fee collection, and/or choose not to transfer the subsequent due fee, this terminating the Individual Agreement.
7.4. As a main rule, Service Provider shall issue electronic invoice on its services, which it shall send to the User within 48 hours. Service Provider shall send the invoice in PDF format, which may be viewed using any widespread document manager software's free version or a freely available Internet browser.
7.5. Service Provider, as required, may also issue hard copy invoice to User, in exchange for postal fee.
7.6. Service Provider does not reimburse the fee paid by the User, unless the provision of the Service subject to fee is failed due to a cause within Service Provider's control, or Parties individually agree thereon, or it is made available by the laws due to the unilateral amendment of a consumer agreement by Service Provider.
7.7. Should User fail to pay the Service Fee even following the termination of the agreement, then Service Provider may initiate a on order for payment procedure, whose costs (procedural fee, lawyer's fee, etc.) shall be reimbursed by the User. The cost of further proceeding after the order for payment procedure shall be borne by the User.
7.8. Payment methods
7.8.1. Pre-payment using bank transfer
In the process of placing the order, the User may select this payment method. Payment by bank transfer is possible only when choosing annual payment. The data required to perform the transfer are included in the e-mail confirming the reception of the order.
7.8.2. Bank card online payment
In the process of sending the order, payment using the service of the online payment service provider selected by the User.
Bank card online payment service is provided by:
Barion Payment Zrt.
Address: 1117 Budapest, Irinyi József str 4-20. 2nd floor
Phone No.: +36 1 464 70 99
Tax No.: 25353192-2-43
In the course of using the service, User may pay using bank card.
Our system provides secure bank card payment methods provided by Barion Payment Zrt., to our customers. The security is grounded by the separation of data. ESZERZŐDÉS.HU receives the information related to the order from the customer, whilst Barion Payment Zrt. only the card data necessary for the payment transaction via the payment site having 128-bit SSL encryption. In the course of paying using bank card, User provides the bank card's data used for the payment in the course of bank card payment directly and solely to Barion Payment Zrt., since in the payment process, (s)he is redirected to the Barion Payment Zrt.'s site. Barion Payment Zrt. does not share the bank card data with Service Provider. ESZERZŐDÉS.HU's sites provides information on the transaction's result upon the payment. For the bank card payment, the Internet browser must support SSL encryption.
In case of payment using bank card, following the successful transaction (which means the acceptance following checking the bank card's validity and the financial coverage) Barion Payment Zrt. initiates the debiting of the Card owner's account with the value of the goods or services.
If You are not redirected from the payment site to our System's site, then the transaction is deemed unsuccessful. If You click on the 'Back' or 'Refresh' button on the bank payment site, or close the browser page before being redirected to ESZERZŐDÉS.HU, the payment is deemed unsuccessful.
If You are willing to get informed on the transaction result, if it is unsuccessful, on its reason, details, please contact your account holding bank.
The value of the goods purchases, the paid amount is promptly blocked on your card account.
Service Provider's contractual terms provide on the further conditions of online bank card payment, which may be learnt by the User prior to the payment at Service Provider's platform, where (s)he is redirected in the order process.
Barion Payment Zrt. is an institute under the supervision of the National Bank of Hungary, its licence No.: H-EN-I-1064/2013.
7.8.3. Monthly rate subscription using recurring bank card payment
At Eszerződés.hu, you may order monthly rate service. Recurring payment is a feature provided by Barion, related to bank card acceptance, on which basis using the bank card data provided by the User (Card owner) in the course of the registration transaction, further payments may be initiated in the future without providing the bank card data again. The essence of recurring payment is that the User declares upon ordering the product or service to be orders (on the product order sheet platform) (by ticking a relevant checkbox) that (s)he is willing to use recurring payment option.
On the bank statement received by the customer, Barion Payment Zrt. will be stated as acceptance point.
A single consent is required: in the course of the registration transaction, the User consents to that Service Provider may initiate recurring payment on the amounts becoming due in the future, and expressly accepts to charge the bank account corresponding to his/her bank card at pre-defined periods with the pre-defined amounts. The fee of the Service to be used by monthly or annual subscription shall be deducted on that day of the actual month, when the Service's subscription expires. The use or continuing of the Service may be started upon the crediting of the amount received.
In case of bank card payment, the Service may be cancelled at the 'My orders' page (https://www.eszerzodes.hu/rendeleseim) or must be notified via -email (firstname.lastname@example.org). Within 24 hours of notifying on the cancellation intent, the recurring payment shall be cancelled. In case of cancellation, the amount deducted so far shall not be reimbursed.
On security: SSL is the abbreviation of Secure Sockets Layer accepted encryption process. Barion Payment Zrt. has a 128-bit encryption key, which protects the communication channel. The VeriSign company enables the use of B-Payment Zrt.'s 128-bit key, using which they ensure SSL-based encryption. Currently, 90% of the world's electronic trade uses this encryption method. The browser used by the customer encrypts the card owner's data using SSL prior to sending, thus they are delivered to Barion Payment Zrt. in an encoded form, therefore, they can not be interpreted by unauthorized parties.
No registration is required for bank card payment, it is sufficient to provide the bank card's number, the expiry date and the CVC code on the back page, as well as functioning e-mail address.
Bank card to be used for payment:
- Mastercard or Maestro bank card,
- Visa or Electron bank card,
- Amex bank card.
Details of order using monthly rate subscription
User may also pay the service package's fee in monthly rate form, with automatically recurring payment. Monthly rate subscription may be initiated in the order process by using monthly rate.
Monthly rate subscription is possible only through bank card recurring payment as follows.
Upon ordering the service package, in the course of the first payment, the User is redirected to the payment service provider's site. (S)he initiates his/her first deposit by providing his/her bank card details, and also consents to recurring payments, which occur upon using his/her bank card details provided at the first instance.
By accepting these contractual terms and conditions and upon the first payment, User, as card owner expressly consents to that Barion Payment Zrt., for the purpose of performing recurring payments, may store his/her bank card details used for the payment.
User provides his/her bank card details directly and only to the payment service provider, and Service Provider as per these contractual terms and conditions shall not receive those bank card details.
The title of payments is monthly rate subscription fee, the monthly rates shall be paid per 30 days in advance. The subsequent instalments shall be paid on the 30th day (turning date) from the date of the payment of the first instalment. Accordingly, on the basis of User's authorization provided upon the first payment, bank card payment takes places under the title of automatically recurring subscription at each turning date, using the bank card details. The payment service provider automatically performs these payments. Barion Payment Zrt.'s contractual terms and conditions provide on the details of bank card online payment, which the User may learn prior to the payment on the payment service provider's platform, where (s)he is redirected in the course of the order process.
Cancellation of subscription: User may cancel the automatically recurring subscription for the subsequent turning date.
- User may initiate the cancellation of the automatically recurring subscription (this the cancellation of using the service) through an e-mail sent to Service Provider, or may cancel the subscription by logging into his/her user account on the page appearing below the 'My orders' menu section available from his/her personal menu.
Consequences of cancellation: in the event of cancellation of the subscription, Service Provider shall send a notification message to the User's e-mail address on that following the cancellation of the subscription, the service package becomes unavailable. Should User still maintain the cancellation of the subscription, then it shall mean the termination of the agreement for the end of the actual subscribed period.
7.9. Should Service Provider be unable to fulfil the already paid order due to a reason within its control, then it shall reimburse the full amount paid regarding the order, to the User within 14 days of the occurrence of such hindrance.
8. Refusal of Service
8.1. Service Provider may refuse the Service in the event it is unfeasible due to technical reasons beyond its control, furthermore, if User breaches any clause of these T&C or the laws in force.
8.2. Should a bankruptcy, liquidation or final accounting procedure is initiated against the User, then Service Provider may refuse to provide another Service and/or suspend User's invitations for contracting.
8.3. Concurrently with the refusal of the Service, Service Provider may terminate the Individual Agreement concluded with the User without notice, provided that in the event of the refusal of performance as per this clause, Service Provider shall be subject by no indemnification of warranty obligations, not including the refusal for technical reasons in case of consumer agreement, when Service Provider shall account in proportion to its performance so far with the User deemed consumer.
8.4. Service Provider may unilaterally suspend the Service without terminating the Individual Agreement arranged between itself and the User, in part or in whole also in the event the User shows such conduct, which infringes the provisions of these T&C.
8.5. The suspension, cancellation of the Service for the above reasons either in part or in whole, or the termination of the agreement by Service Provider shall not exempt the User of paying the fees of the Services uses prior to and/or during the date of such suspension. In such cases, Service Provider may invoice the already performed services according to the tariff related to the potentially arranged Individual Agreement.
9. Intellectual Property Rights
9.1. Service Provider reserves all rights in regards the contents appearing at the ESZERZŐDÉS.HU website and any detail thereof, as well as the dissemination of the website.
9.2. ESZERZŐDÉS.HU, as website is deemed a copyright, it is prohibited to download, multiply or use the contents or any details appearing at the ESZERZŐDÉS.HU website in any other manner, electronic storage, processing and distribution without Service Provider's written consent.
9.3. Adopting any material from the Eszerződés.hu website and the database thereof is permitted even in case of written consent by reference to the particular website.
9.4. Service Provider reserves all right to every element of its service, the domain names, the secondary domain names generated by them, as well as on Internet advertisement platforms. The use of the Service shall within no circumstances result in the reverse-engineering of the source code other infringement of Service Provider's rights related to copyrights.
9.5. It is prohibited to adapt or reverse-engineer the content of the ESZERZŐDÉS.HU website or certain parts thereof; the establishment of user IDs and passwords in an unfair manner; the use of any such application, using which ESZERZŐDÉS.HU website or any part thereof may be modified or indexed (eg. search bot, or any other reverse-engineer).
9.6. The ESZERZŐDÉS.HU name is subject to copyright, its use except the reference is possible only upon Service Provider's written consent.
9.7. User may save certain parts of the website for own use purposes, or print them, although (s)he shall not become entitled to further use, disseminate, photocopy, adopt, store in database, make available for downloading of the website's part multiplied in this manner, nor for the distribution of the content in commercial market.
This shall not apply to the data, agreements, entries stored in the User's own account, they constitute User's own properties.
10. Defective performance, Warranty, Right to withdrawal/termination
10.1. Defective performance
10.1.1. Service Provider performs defectively, if the digital content/digital service does not meet the qualitative requirements set out by the laws or the agreement as of the date of performance.
10.1.2. Service Provider does not perform defectively, if the User was aware of the defect at the time of contracting, or should have been aware of the defect at the time of contracting.
10.1.3. Service Provider performs defectively, if the defect of the digital content/digital service arises from the unprofessional integration thereof into the digital environment of the User deemed consumer, provided that
- the integration of the digital content or digital service was performed by Service Provider, or such integration was performed under Service Provider's undertaking of liability; or
- the digital content or digital service shall be integrated by the User, and the unprofessional integration was caused by the deficiencies of the integration instructions made available by Service Provider.
10.1.4. In case of the purchase by the User deemed consumer
- if the agreement provides on single service or a series of individual service actions, Service Provider shall be liable for that defect, including the upgrades necessary for maintaining the compliance with the agreement and the security updates, which already exists as of providing digital content or digital service;
- if the agreement provides on on-going provision of the digital content or digital service for a specified period, Service Provider shall be liable for the defect of the digital content or digital service, provided that the defect occurs or becomes recognizable during the term provided in the agreement.
10.1.5. In case of the purchase of digital content or digital service by a User deemed consumer, if the agreement provides on on-going provision of the digital content or digital service, unless otherwise proven, it shall be assumed that within one year of the performance date, the defect recognized by the User was already present at the time of performance.
10.1.6. In case of the purchase by a User deemed consumer, if the agreement provides on on-going provision of the digital content or digital service for a specified period, the burden of evidence shall be borne by Service Provider regarding that the service subject to the defect recognized during the period provided in the agreement was contractual at the time of provision of the service.
10.1.7. No defective performance may be declared if upon the conclusion of the agreement, the User deemed consumer received a separate notification on that any exact property of the digital content or digital service deviates from the requirements on contractual performance or updates necessary for maintaining the contractual performance, and upon the conclusion of the agreement, the User expressly and separately accepted such deviation.
10.1.8. Service Provider does not perform defectively, if it proves that the digital environment of the User deemed consumer is non-compatible with the technical requirements of the digital content or digital service, and clearly notified User thereon prior to the conclusion of the agreement.
10.1.9. In case of the purchase of digital content or digital service, the User deemed consumer shall cooperate with Service Provider in order to make Service Provider ascertain (by using the tools requiring the minimal intervention for the User as available from technical aspects) on that the reason of the defect is User's digital environment.
10.1.10. If in case of purchasing digital content or digital service, the User deemed consumer does not fulfil his/her cooperation obligation set out in the preceding clause, then having clearly notified by Service Provider on this obligation prior to the conclusion of the agreement, the burden of evidence shall be borne by the User on that:
- in case of an agreement on a single service or a series of individual service actions, the defect recognized within one year of the performance was already present at the time of the performance, or
- in case of an agreement on the provision of digital content or digital service for a specified period, the service subject to the defect recognized during the period provided in the agreement was non-contractual in the period of the contractual provision of the service.
10.2. Implied warranty
10.2.1. In the event of Service Provider's defective performance, the User may exercise claim for implied warranty against Service Provider as per the provisions of the Civil Code, in case of a User deemed consumer, pursuant to the Civil Code, and in case of purchasing digital content or digital service, according to the provisions of Government Decree No. 373/2021. (VI. 30.).
10.2.2. User, according at his/her discretion, may use the following implied warranty claims: (s)he may request repair or replacement, unless the performance of the claim chosen by the User is unfeasible or would lead to undue extra costs for Service Provider compared to the fulfilment of other claims. In case of a User deemed consumer, to declare the existence of undue extra costs, Service Provider shall take all circumstances into consideration, including the value of the service in flawless condition, as well as the weight of the breach of contract. If Service Provider did not undertake the repair or replacement, or is unable to fulfil its obligation within a reasonable deadline considering the product's properties and the intended use thereof as expected by User, taking the User's interest into account, or User's interest for such repair or replacement has ceased, then:
- In case of the purchase of digital content or digital service, the User deemed consumer may request the proportional discount of the remuneration or may withdraw from the agreement, but shall not repair or cause the defect repaired at Service Provider's expense;
- In case of the purchase of digital content or digital service, the User deemed consumer may request the proportional discount of the remuneration, or may repair or cause the defect repaired at Service Provider's expense, or may withdraw from the agreement.
10.2.3. In case of exercising the implied warranty right to repair or replace, depending on the technical properties of the digital content or digital services, Service Provider may choose the manner of making the digital content or digital service contractual.
10.2.4. In case of exercising implied warranty rights on the repair or replacement of digital content or digital service by a User deemed consumer , the Service Provider (without undue inconvenience caused to the consumer, taking the nature and purpose of the digital content or digital service) shall make the performance contractual within a reasonable deadline of being notified by the User on the defect, free of charge. The reasonable deadline shall be counted from the date when the User notified Service Provider on the defect.
10.2.5. In case of the purchase of digital content or digital service, the User deemed consumer may also request proportional discount of the remuneration (in proportion to the weight of the breach of contract) and/or terminate the agreement, when
- such repair or replacement is unfeasible, or would cause undue extra costs for Service Provider;
- Service Provider (without causing undue inconvenience for the User, taking the nature and purpose of the digital content or digital service into account), failed to fulfil its obligation to make the performance contractual within a reasonable deadline of being notified by the User on the defect, free of charge;
- a repeated performance defect arises, despite of that Service Provider attempted to make the performance contractual;
- the weight of the performance defect is so substantial that it justifies prompt discounting or the termination of the agreement without notice; or
- Service Provider did not undertake to make the service contractual, or it is obvious from the circumstances that Service Provider will not make the service contractual within a reasonable deadline or without causing substantial detriment for the User.
10.2.6. In case of the purchase of digital content or digital service by a User deemed consumer, the discounting of the remuneration is proportional, if its amount matches the difference of the value due to the User in case of contractual performance and of the actually provided service.
10.2.7. If the agreement provides on the provision of digital service for a specified period, the proportional discounting of the remuneration shall refer to the period during which the service was non-contractual.
10.2.8. In case of the purchase by a User deemed consumer, his/her implied warranty right to terminate the agreement may be exercised by a statement expressing the decision on the termination, addressed to Service Provider.
10.2.9. If the User deemed consumer is willing to terminate the agreement by reference to defective performance, the burden of evidence shall be borne by Service Provider that the defect is minor. No withdrawal may take place due to minor defect.
10.2.10. The User deemed consumer may retain the remaining part of the purchase price (in proportion to the weight of the breach of contract) either in part or in whole as long as Service Provider fails to fulfil its obligation related to the contractual performance and defective performance.
10.2.11. User may switch from the chosen implied warranty right to another, however, the cost of such switch shall be borne by the User, unless it was justified or Service Provider provided cause thereon.
10.2.12. The User deemed consumer shall notify on the defect forthwith, but latest within two months from discovering such defect. In case of an agreement between a consumer and an enterprise, the defect reported within two months of discovering the defect shall be deemed notified without delay. The authorized party shall by liable for the damage arising from the default notification. However, Service Provider raises the User's attention on that (s)he may no longer exercise his/her implied warranty rights beyond the two-year forfeiture deadline counted from the performance of the agreement.
10.2.13. The costs related to the performance of the implied warranty obligation shall be borne by Service Provider.
10.2.14. In case of purchasing digital content or digital service, if Service Provider failed to fulfil its performance obligation without undue delay in the latest version available at the time of contracting, the User deemed consumer shall call Service Provider to perform. If despite of User's call, Service Provider fails to provide the digital content or digital service without delay or within the extra deadline accepted by parties, User may terminate the agreement.
10.2.15. In case of purchasing digital content or digital service, the User deemed consumer may terminate the agreement without calling Service Provider to perform, when:
- Service Provider did not undertake the provision of the digital content or the digital service, or it is obvious from the circumstances that it will not provide the digital content or the digital service; or
- it is obvious that based on parties' arrangement or the circumstances of the contracting that the performance in a specified time is inevitable for the User, and Service Provider is in default with it.
10.2.16. In the event of the termination of the agreement, Service Provider may prevent the User deemed consumer to further use the digital content or digital service, and in particular make the digital content or digital service unavailable, or may ban the consumer's user account.
10.3. Right to withdrawal/termination
10.3.1. User may withdraw from the agreement on using the service within 14 days of the contracting without providing reasons, but may use this right only prior to commencing the performance. User shall not be entitled to withdraw if Service Provider started the performance upon User's prior express consent, and concurrently with this consent, User declared on the acknowledgement of that upon starting the performance, (s)he shall lose his/her right to withdrawal.
10.3.2. If performance of the agreement has started, User may terminate the agreement within 14 days of the contracting without providing reasons.
10.3.3. If the User is willing to use his/her right to withdrawal/termination, (s)he shall deliver his/her clear statement containing his/her withdrawal/termination intent to any of Service Provider's contact details. The withdrawal/termination statement may be made in any manner, either orally or in writing.
To exercise his/her right to withdrawal/termination, User may also use the statement template downloadable vie the following link:
► withdrawal/termination statement template
or may copy the content thereof from here:
withdrawal/termination statement template
(please complete and return only in case of your intent to withdraw from/terminate the agreement)
Recipient: Wiredsign Zrt.
Postal address: 2600 Vác, Deákvári alley 35. ground floor 4.
E-mail address: email@example.com
Undersigned ………………………………………………………………… hereby declare that I exercise my right to withdrawal/termination in regards the agreement aimed at the sale and purchase of the following service(s):
Date of contracting:
Consumer's signature (only in case of declaration made on hard-copy document):
10.3.4. User exercises his/her right to withdrawal/termination within the provided deadline, if (s)he delivers his/her withdrawal/termination statement prior to the expiry of the above designated deadline, or orally notifies thereon on the last day of the deadline. The burden of evidence shall be borne by the consumer that (s)he exercised his/her right to withdrawal/termination as provided herein and within the provided deadline.
10.3.5. Upon the acceptance of the withdrawal/termination, the accounting shall take place, latest within 14 days of accepting the withdrawal/termination. In the event of withdrawal, the service fee subject to the withdrawal and the costs paid in regards the use of the service to Service Provider shall be reimbursed to the User.
10.3.6. If Service Provider started the performance upon the User's prior express consent, (in case of User's termination following starting the performance) the User shall pay the fee proportional to the service performed by Service Provider until the delivery of the termination.
10.3.7. User shall not exercise his/her right to withdrawal/termination:
- in case of an agreement aimed at the provision of services, upon the provision of the whole service, if the enterprise started the performance upon the consumer's prior express consent, and consumer acknowledged that upon starting the performance in whole, (s)he shall lose his/her right to termination;
- with respect to digital data content provided not on material data storage media, eg. online available and/or downloadable contents, if Service Provider started the performance upon the User's prior express consent, and concurrently with such consent, the User declared on the acknowledgement that (s)he shall lose his/her right to termination.
10.4. Effects of withdrawal/termination
10.4.1. If the User withdraws from the agreement, Service Provider shall promptly, but latest 14 days of the reception of User's declaration of withdrawal reimburse all remuneration performed by the User.
10.4.2. If User requested to commence the provision of the service within the deadline for withdrawal, in the event of his/her termination, User shall reimburse the amount due to the already performed services proportionally provided until the termination date of the agreement, to Service Provider. Similarly, Service Provider shall reimburse that part of the remuneration provided by the User, which exceeds the remuneration for the service provided.
10.4.3. In the course of the reimbursement, Service Provider shall use a payment method matching the payment method used during the original transaction, unless expressly consents to the use of another payment method, and as a result of using such reimbursement method, no extra costs shall be borne by the User.
11. Data Protection
In the course of obtaining both the personal data and the consents, the Controller (Service Provider) shall ensure the appropriate protection of personal data, protect them from learning by unauthorized parties using appropriate technical solutions.
12.1. Service Provider may use intermediary to fulfil its obligation. Service Provider shall bear full responsibility for the intermediary's unlawful conduct so as it had committed the unlawful conduct on its own.
12.2. Should any part of these T&C become invalid, unlawful or unenforceable, then it shall not affect the validity, lawfulness and enforceability of the remaining parts.
12.3. If Service Provider fails to exercise its rights provided by these T&C, and/or the Individual Agreement, then the failure to exercise such rights shall not be deemed a waiver of such rights. Any waiver of rights is possible only in case of a relevant, express, written statement. The fact that Service Provider once does not strictly insist any substantial condition or provision of these T&C, shall not mean a waiver of subsequently insisting to strictly observe the particular condition or provision.
12.4. The content accessed by following external links on the website are beyond Service Provider's control. If the authorized party requests so, Service Provider shall delete or modify the external link. Service Provider bears no liability for the contents displayed or downloaded using such link.
Complaint management, Enforcement
Consumer may turn to Service Provider to complain regarding Service Provider's service, its members, employees or persons acting for or on behalf of the Service Provider, about the conduct, activity or omission of the Service Provider directly related to the distribution or sale of digital content or services to consumers, or about the quality of the digital content or service, by letter, telephone or e-mail at the following contact details:
Recipient: Wiredsign Zrt.
Postal address: 2600 Vác, Deákvári alley 35. ground floor 4.
E-mail address: firstname.lastname@example.org
Service Provider shall promptly investigate the complaint and cure it as necessary. If it is not possible, or in case of Consumer's disagreement, and in case of a complaint submitted in writing, Service Provider shall answer latest within thirty days.
If the User deemed consumer disagrees with Service Provider's measures, or the prompt investigation of consumer's complaint is not possible, then Service Provider shall promptly take up a protocol on the complaint and its related viewpoint, and in case of personally delivered oral complaint, hand-over one counterpart thereof on-site, or in case of a complaint delivered through telephone or by electronic means, send along with the written answer on the complaint.
Service Provider shall provide an individual ID number to Consumer's complaint submitted through telephone or by electronic means.
In the event of the rejection of Consumer's complaint, Service Provider shall provide reasons to such rejection.
The protocol taken on the complaint shall be inclusive as follows:
- Consumer's name, address,
- place, date, manner of submitting the complaint,
- detailed description of Consumer's complaint, the list of the documents and other evidences presented by the Consumer,
- Service Provider's statement on its viewpoint related to the Consumer's complaint, if the prompt investigation of the complaint is possible,
- the signature of the person taking up the protocol, and (except in case of complaints delivered through telephone or by electronic means) the Consumer's signature,
- place and date of taking up the protocol,
- in case of oral complaint delivered through telephone or by electronic means, the complaint's individual ID number.
Service Provider shall retain the protocol taken on the complaint and the copy of the answer for three years, and present to the inspecting authorities on request.
In the event of the rejection of Consumer's complaint, Service Provider shall inform Consumer in writing on that the proceeding of which authority or mediating body (s)he may initiate. The information shall also include the seat, phone and online contact details and mailing address of the authority having jurisdiction, as well as the phone and online contact details and mailing address of the mediating body as per Consumer's residence or temporary address. The information shall also cover whether the enterprise uses the mediator body's proceeding in order to resolve the consumer's dispute.
Should the consumer dispute be not resolved between the Consumer and Service Provider, Consumer may turn to the following bodies.
Option to turn to mediator body
Consumer may also request the free of charge proceeding of a mediator body in regards the quality of the digital content and/or service, as well as the conclusion of the agreement between parties.
If Consumer has Hungarian residence or temporary address, then the mediator body functioning at the county (metropolitan) commercial and industrial chambers as per such residence or temporary address shall have jurisdiction. The contact details of the mediator bodies are available at the: https://www.bekeltetes.hu/index.php?id=testuletek site.
Consumer may appoint another mediator body in his/her relevant request.
The mediator body having jurisdiction as per Service Provider's registered office:
Nógrád County Mediatory Body
Address: 3100 Salgótarján, Mártírok rd. 4. ground floor 14.
Phone No.: +36 32 520 860
E-mail address: email@example.com
In the absence of Consumer's Hungarian residence and temporary address:
The Budapest Mediator Body operated by the Budapest Chamber of Commerce and Industry may act in Hungary between merchants and consumer in disputes related to online sale and purchase or service agreements beyond the borders. The contact details of the Budapest Mediator Body operated by the Budapest Chamber of Commerce are available at the:
https://www.bekeltetes.hu/index.php?id=testuletek&pid=1&mid=1 site, and here:
Budapest Mediator Body operated by the Budapest Chamber of Commerce and Industry
Address: 1016 Budapest, Krisztina blv. 99. 1st floor 111.
Postal address: 1253 Budapest, PO.: 10.
Phone No.: +36 1 488 2131
Service Provider shall be subject to co-operational obligation in the proceeding of the mediator body.
The mediator body is an independent body functioning at the county (metropolitan chambers of commerce and industry. Their competence include the extra-judicial resolution of consumer disputes of the above topics: to attempt to arrange a settlement for this purpose, and if such arrangements prove to be ineffective, making a resolution in that case in order to ensure the simple, quick, efficient and cost-effective enforcement of consumer rights.
On the request of the consumer or the enterprise, the mediator body shall provide advice on the rights and obligations for the consumer.
The online dispute resolution platform of the European Commission
If the User lives in the European Union, (s)he may use the following online dispute resolution tool with respect to his/her complaint regarding online purchases product, service.
This online complaint management platform has been established by the EU for those consumers, who wish to file complaint regarding the products or services purchases online, and ask an independent third party (dispute resolution body) to manage their complaint.
You can find additional information on the online dispute resolution platform, the manner of dispute resolution at the website available using the above link.
Consumer protection authority
Consumer may turn to the government office having jurisdiction as per his/her Hungarian residence, as consumer protection authority to complain regarding Service Provider's service, its members, employees or persons acting for or on behalf of the Service Provider, about the conduct, activity or omission of Service Provider. The contact details of the government offices having territorial jurisdiction are available at the a https://www.kormanyhivatal.hu/hu/elerhetosegek site.
Consumer may also turn with his/her complaint to the consumer protection authority as per Service Provider's registered office:
Nógrád County Government Office
Transportation, Technical licencing and Consumer protection General Department,
Consumer Protection Department
Address: 3100 Salgótarján, Karancs rd. 54.
Postal address: 3100 Salgótarján, PO. 308.
Phone No.: +36 32 511 116
Enforcement through litigation
Contracting Parties shall mutually cooperate in order to resolve their potential disputed matters extra-judicially, through negotiations within the shortest term and at minimum costs.
If such arrangements prove to be ineffective, then the User deemed consumer, depending on the litigation value, may initiate the lawsuit at the local court or general court as per his/her residence or temporary address, or the Balassagyarmat Local Court or Balassagyarmat General Court as per Service Provider's registered office.
The User not deemed consumer and Service Provider submit to the exclusive jurisdiction of the Court as per Service Provider's registered office with respect to the potential disputes subject to the scope of these T&C, that can not be resolved within 30 (thirty) calendar days by settlement.
22nd June 2022
General Terms of Data Processing Agreement
on data processing under the contractual relationship established pursuant to the acceptance of the General Terms and Conditions published on the website https://eszerzodes.hu/ (hereinafter referred to as the Service Agreement),
which was concluded on the one hand by
the Subscriber accepting the referred General Terms and Conditions on the website mentioned in the title,
hereinafter referred to as the Data Controller,
and on the other hand by
Wiredsign Private Company Limited by Shares
Short name: Wiredsign Ltd.
Company Registration Number: 12-10-001683
Tax Identification Number: 29277261-2-12
Registered Office: 2643 Diósjenő, Dózsa György út 28/b.
Mailing Address: 2600 Vác, Deákvári fasor 35, ground floor 4.
Phone: +36 20 886 1309
hereinafter referred to as the Data Processor,
(hereinafter collectively: Parties),
on the day of acceptance of the General Terms and Conditions of this data processing agreement, under the following conditions:
The purpose of this agreement is the protection of the personal data of the data subjects and compliance with the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and the repeal of Directive 95/46/EC (General Data Protection Regulation); (hereinafter: GDPR or Regulation), and other data protection legislation applicable to the Parties.
1. Scope of the Data Processing Agreement
1.1. This data processing agreement applies to data processing operations on personal data transmitted or made accessible by the Data Controller to the Data Processor within the framework of the contract referred to in the title (hereinafter: Service Agreement), which the Data Processor carries out in the course of providing the services to the Data Controller.
1.2. The Data Processor may only access the personal data processed by the Data Controller in the course of the activities specified in the service agreement, software development and maintenance, and troubleshooting, as provided for in this agreement.
1.3. This agreement forms an integral part of the service agreement, and, therefore, regarding its temporal validity, termination, and expiration, it shares its fate in such a way that the provisions for the period following the termination of the agreement are unchanged and remain in effect for the time specified in them, as set out in the current legislation and this agreement. An exception to the termination of this agreement as defined in this section is provided in Section 1.4.
1.4. This data processing agreement applies to all legal relationships established between the Parties based on which the Data Processor processes the personal data handed over to or made accessible by the Data Controller. In the presence of such other legal relationships, contrary to the provisions of Section 1.3, this data processing agreement, with the content it interprets, remains in effect for the subsequent legal relationship. In this case, regarding its temporal validity, termination, and expiration, it shares the fate of the subsequent legal relationship in such a way that the provisions for the period following the termination of the agreement are unchanged and remain in effect for the time specified in them.
1.5. Any prior agreements or provisions concerning the processing of personal data become invalid with the signing of this agreement, and this agreement is fully applicable in this regard.
1.6. If, in the course of performance, any provision of the service agreement or another agreement governing the legal relationship between the Parties contradicts a provision of this data processing agreement, the provision of this data processing agreement shall prevail if the protection of personal data and the interests of the data subjects so require.
1.7. If not otherwise specified in this agreement, terms in the contract that appear but are not defined in terms of meaning have the meaning given by the GDPR regulation.
1.8. The Parties undertake to make the content of the provisions of this data processing agreement known to the leaders and employees of the organizational units performing relevant tasks and ensure that they comply with the provisions.
2.1. "personal data": any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person;
2.2. "data processing": any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction;
2.3. "data controller": a natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the data controller or the specific criteria for its nomination may be provided for by Union or Member State law;
2.4. "data processor": a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the data controller;
2.5. "third party": a natural or legal person, public authority, agency, or body other than the data subject, data controller, data processor, and persons who, under the direct authority of the data controller or data processor, are authorized to process personal data;
2.6. "data breach": a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed;
3. Subject of this Agreement
3.1. Data Controller instructs Data Processor to perform data processing necessary for the performance of the service contract referred to in the title.
3.2. During data processing, Data Processor may only perform data processing operations necessary for the tasks specified in the referenced service contract on the personal data provided by the Data Controller.
4. Scope of Data Processing by the Data Processor
The subject of data processing is the performance of tasks necessary for the service contract, ensuring the use, development, continuous operability, maintenance, and access provision for the online contract signing software specified in the service contract, as well as troubleshooting. The data processing operations primarily concern the data of natural persons employed by the Data Controller and other identifiable natural persons marked in the documents uploaded to the software by the Data Controller (typically, contractual partners of the Data Controller or their representatives, contacts) as data subjects and those with access to Data Controller's data. The latter are also identified as data subjects concerned with data processing and data processing by the Data Processor. Hereinafter: data subjects.
5. Duration of Data Processing by the Data Processor
5.1. The duration of data processing is determined in each case by the Data Controller during data processing, using the partially automated business management system provided by the Data Processor. In doing so, the Data Processor always ensures that data deleted by the Data Controller is actually deleted from the software business management system. The data processing operations required for this deletion are executed automatically by the software provided by the Data Processor in response to deletion instructions initiated by the Data Controller. The Data Processor ensures that no data remains in the software and on the storage used by the Data Processor after the deletion by the Data Controller.
5.2. Due to the nature of the service, the deletion of contractual documents created with the software requires deletion instructions from all parties involved in the respective contract for the final and complete deletion of the documentation in question. Any Data Controller who has not provided deletion instructions can access the contractual documentation stored in the software until such instructions are given.
5.3. In the course of data processing activities, the Data Processor may not exceed the data processing period necessary for the performance of the service contract and the operations defined in this data processing agreement.
6. Nature and Purpose of Data Processing by the Data Processor
6.1. Data processing is conducted electronically. The Data Processor provides the software as a framework and an electronic business management system based on the service contract. During its use, the Data Controller initiates the execution of their decisions on the data subjects' data through their software interface, and their instructions are automatically carried out by the software framework provided by the Data Processor. The services provided by the Data Processor involve partially automated data processing through the software. However, all data processing operations are based on the decisions of the Data Controller, and no decisions based solely on automated data processing are made during data processing.
6.2. The data processing operations to be performed may only include essential actions necessary for the performance of the tasks defined in this agreement.
6.3. The purpose of data processing is solely the contractual performance of the tasks defined in the Data Processor's service contract.
7. Types of Personal Data Processed by the Data Processor
The Data Processor processes the following types of personal data for access to the software by employees of the Data Controller:
- Name of the employee
- Employee's username/workplace email address
- Employee's password (Stored securely)
- Electronic logging data for the use of access rights, including:
- IP address
- Type of device used
- Browser used
- Created and opened documents
- Created template fields
- Document and data updates
- User declarations
- Document signatures, sending, receiving, and timestamp
- Document identifiers
- Recipient's email address for signature invitations and the result (delivered, bounced, opened, clicked through)
Data related to the employee of the Data Controller, the natural person customers/partners, or representatives of organizational customers/partners:
- Data uploaded by the Data Controller and data entered on electronic forms, typically including name, job title, workplace contact information, contact information for the represented organization, and identifying data, as well as textual content of uploaded documents.
8. Categories of Data Subjects Affected by Data Processing by the Data Processor
8.1. Employees of the Data Controller with access to the software provided by the Data Processor.
8.2. Natural person customers/partners of the Data Controller.
8.3. Representatives of natural persons for organizational customers/partners of the Data Controller.
9. Rights and Obligations of the Data Processor in Data Processing
9.1. The data processing operations to be carried out may only include essential actions necessary for the performance of the tasks defined in this agreement, as described below.
9.2. During data processing, the Data Processor may only request personal data from the software and perform data processing operations to the extent necessary for the fulfillment of tasks defined in the service contract and any subsequent amendments. Beyond this scope, the Data Processor may not use the data, especially by providing access to the data to third parties or transmitting it to such parties (excluding data transmission to further data processors, as permitted by the Data Controller).
10. Data Processor's Obligations Regarding Data Processing
10.1. The Data Processor may not exceed the data processing operations that are essential for the performance of the tasks defined in the service contract.
10.2. The data provided for processing may not be used for any purpose other than the performance of the service contract. Specifically, no access to the data may be provided to third parties or transmitted to such individuals (except for data transmission to additional data processors as permitted by the Data Controller).
10.3. The Data Processor is responsible for the security of the data in its possession, protecting the data and data carriers beyond the data processing operations necessary for the performance of the service contract. This includes, among other things, preventing the unauthorized disclosure of data by third parties, data loss, accidental or unlawful destruction, alteration, unauthorized disclosure, or unauthorized access to data beyond the required data processing operations.
10.4. The Data Processor may not make the data carriers and the processed data public.
10.5. The Data Processor may not create copies (records) of the data entered into the software for its service beyond temporary copies that may become necessary for the performance of its services. If it does create such copies, the legality and security of processing this data are the responsibility of the Data Processor. The Data Processor must destroy these copies (records) at the latest after the expiry of the data processing period.
10.6. Within its organization, the Data Processor ensures that data processing authorizations provided by the Data Controller for the performance of tasks defined in the service contract and this agreement are only used to the extent necessary within the organization's operations.
10.7. The Data Processor ensures that only its employees who have a role in providing services to the Data Controller access and perform operations on the data made available or transferred to data processing by the Data Controller.
10.8. The Data Processor processes personal data only based on written instructions from the Data Controller and the contracts concluded with it, except when EU or member state law applies to the Data Processor; in which case, the Data Processor shall inform the Data Controller of that legal requirement before processing, unless that law prohibits such information on important grounds of public interest.
10.9. The Data Processor provides all information necessary to demonstrate compliance with the legal provisions for the Data Controller's use of the Data Processor's services.
10.10. The Data Processor immediately provides all necessary assistance to the Data Controller to fulfill its obligations regarding requests related to the exercise of data subject rights.
10.11. After completing the task under the service contract, the Data Processor deletes all personal data that may be in its possession, as well as any existing copies and records.
10.12. Deletion of data means that the data is no longer readable by any means, and the data on the data carriers cannot be restored to the extent that they or any part of them are readable again.
10.13. Regardless of the above-mentioned audits, the Data Processor allows the Data Controller to have access to its internal regulations regarding data protection, data processing, and information security, including supporting and facilitating data protection audits conducted by the Data Controller or another auditor appointed by the Data Controller, including on-site inspections.
10.14. The Data Processor immediately informs the Data Controller if it believes that any of the Data Controller's instructions violate the data protection laws of the EU or a member state.
10.15. The Data Processor consents to an annual outsourced audit of its information security. The timing of the audit is jointly determined by the Parties. The audit is carried out to verify compliance with the legal requirements, professional regulations, and standards related to the Data Processor's services. The full cost of the audit is borne by the Data Controller.
10.16. The Data Processor also consents to an annual legal compliance audit regarding data protection and data processing practices, including an outsourced audit. The timing of the audit is jointly determined by the Parties. The full cost of the audit is borne by the Data Controller.
10.17. The Data Processor grants the Data Controller access to its internal regulations related to data protection, data processing, and information security, even without audits, only to the extent that such access does not violate the business secrets and intellectual property rights of the Data Processor, and does not jeopardize the effectiveness of its data security measures and technologies.
10.18. The Data Processor shall, in a documented manner, withdraw access rights concerning the software from an employee who previously had access when there is a change in the Data Controller's employee who has access to the software.
10.19. The Data Processor ensures, as part of the service contract, particularly:
- The separate and authorized management of personal data transferred/made available for processing on the Data Processor's instructions, or on the instructions of another data processor engaged by the Data Controller, in a dedicated and secured database.
- With consideration for the current technical possibilities:
- Prevention of unauthorized data input by unauthorized individuals.
- Prevention of unauthorized data input by authorized individuals.
- That authorized individuals can only input and modify data through the software's logical system.
- That an IT administrator of the Data Processor, equipped with access rights, can provide access only to the person designated by the Data Controller or, in the case of autonomous distribution of permissions controlled by the Data Controller, ensures that permission distribution occurs exclusively according to the Data Controller's instructions. This, and any modifications, is recorded in a query log file within the software.
- That an IT administrator of the Data Processor, with access rights, can access data stored in the database transferred for processing by the Data Controller outside of the software interface only with written consent (including via email) from the Data Controller. Access requests and implementations are documented jointly, and documentation is preserved.
- To ensure traceability of the legality of electronic data processing operations, the Data Processor ensures that an automated data processing system (referred to hereafter as the "electronic log") records:
- The scope of personal data involved in the data processing operation.
- The purpose and justification of the data processing operation.
- The exact time of the data processing operation.
- The identification of the person performing the data processing operation.
- The recipient's address in case of data transmission.
- Data recorded in the electronic log can only be accessed and used for verifying the legality of data processing, enforcing data security requirements, and for conducting criminal proceedings.
- The Data Processor provides access to the electronic log for the National Authority for Data Protection and Freedom of Information (NAIH) and for other persons and organizations carrying out activities defined by law upon their lawful request. If necessary, the Data Processor must provide technical assistance for this.
- The Data Processor ensures that the data recorded in the electronic log is preserved for six months after the deletion of the processed data, and after that period, it is automatically deleted.
- The Data Processor ensures the recovery of the software in case of operation failure (business continuity, recovery plan).
- The Data Processor ensures that personal data processed using the software remain available for further use, in a structured, widely used, machine-readable, and interoperable format.
- Upon termination of the service contract and data processing agreement, the Data Processor provides the Data Controller with any personal data that may be in its possession in a structured, widely used, machine-readable, and interoperable format. Following this, the Data Processor ensures the data is deleted so that it cannot be recovered as personal data. The deadlines described above also apply to deleted data in the case of log files and any backups or copies.
11. Technological Measures to Ensure Adequate Data Security
11.1. The Parties have defined the data security requirements to be met by the Data Processor in the form of objectives as recorded in Appendix 1 attached to this data processing agreement.
11.2. The Data Processor complies with the requirements specified in Appendix 1.
12. Procedure in Case of Data Protection Incidents
12.1. A data protection incident is any event related to the processed personal data that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access to, or unauthorized provision of, such data in any way; in particular, the loss of data (even on a temporary basis), unauthorized access by unauthorized persons, unauthorized possession, unauthorized disclosure, or making data carriers unreadable, rendering data inaccessible.
12.2. Classification of Data Protection Incidents:
12.2.1. Confidentiality Incident: Unauthorized or accidental disclosure of personal data or unauthorized access to it – making the data accessible to unauthorized individuals. This can be caused by external deliberate IT attacks, unintentional granting of access due to software or hardware failures, or unauthorized data transmission, either accidental or intentional.
12.2.2. Integrity Incident: Unauthorized or accidental alteration of personal data – the data records are preserved, but unintended changes occur in their content, posing risks to the data subjects. The stored database is not lost, but due to technical hardware or software errors, human negligence, or deliberate external human actions, unwanted changes take place in the data, making it no longer reflective of reality.
12.2.3. Availability Incident: Accidental or unauthorized destruction of personal data or their "loss." The stored data is not lost; however, due to some technical or external reasons, the Data Controller and/or Data Processor cannot access the database, retrieve it, or carry out the intended and legitimate data processing operations.
12.3. Possible Incidents in Practice at the Data Processor:
12.3.1. Confidentiality Incident: Data leakage, unauthorized access by unauthorized individuals, which can result from software errors, hardware errors, deliberate human actions, mistakes, or negligence.
12.3.2. Integrity Incident: Changes in data records, interchange of certain personal data, mixing of specific personal data with those of other individuals, changes or modifications of certain personal data to the extent that the data subject is no longer, or not correctly, identifiable as a result.
12.3.3. Availability Incident: Data loss, complete or partial loss of the ability to access data, accidental or intentional data erasure, damage to data records that hinders access and/or proper readability.
12.4. If a data protection incident related to personal data under the control and processing of the Data Processor occurs, it shall be reported to the Data Controller without undue delay upon becoming aware of it. The report must be made directly to the Data Controller.
12.5. In the incident report, the Data Processor shall provide all relevant information about the incident and its circumstances to the Data Controller, in particular, the following:
- The nature of the data protection incident, including – if possible – the categories and number of data subjects and the categories and number of data affected by the incident;
- The potential consequences arising from the data protection incident.
12.6. To fulfill the above reporting obligation, the Data Processor shall act in a manner during the performance of its tasks under the service contract that makes it possible to establish the above information in the event of an incident. It should be possible to determine which specific data subjects' data, and which data carriers containing them, were affected by the incident, and the nature and extent of the incident.
12.7. The Data Processor shall provide full assistance to the Data Controller in complying with the reporting and cooperation obligations towards the National Authority for Data Protection and Freedom of Information in matters related to a data protection incident, taking into account the nature of data processing and the information available to the Data Controller.
13. Data Processor's Records
13.1. The Data Processor maintains a record (hereinafter referred to as the Data Processor's records) of the data processing operations performed by it on behalf of the Data Controller or as directed by the Data Controller. In the Data Processor's records, the Data Processor records:
- The names and contact information of the Data Controller, Data Processor, other data processors, and the Data Processor's data protection officer;
- The types of data processing operations performed on behalf of the Data Controller or as directed by the Data Controller;
- If international data transfers are made on the express instructions of the Data Controller, the fact of international data transfers and the designation of the recipient third country or international organization;
- A general description of the executed technical and organizational security measures.
14.1. The Data Processor undertakes comprehensive confidentiality obligations concerning the personal data transferred for processing from the Data Controller and any other data processors, if applicable.
14.2. The Data Processor guarantees and ensures that its employees under its control who are involved in the performance of the service contract and, as a result, process personal data of the data subjects, also comply with the confidentiality and data processing operation provisions set out in this contract.
15. Use of Additional Data Processors
15.1. The Data Controller grants the Data Processor general authorization to use additional data processors, considering that this is essential to ensure the reliable and continuous availability of the service. The Data Processor informs the Data Controller of any changes occurring with respect to additional data processors or the use of new additional data processors.
15.2. If the Data Processor uses the services of additional data processors for specific data processing activities performed on behalf of the Data Controller, the Data Processor must impose the same data protection obligations on these additional data processors, under an agreement or other legal act established under EU or Member State law, as are set out in the data processing agreement between the Data Controller and the Data Processor, particularly by ensuring that the additional data processor provides sufficient guarantees to implement appropriate technical and organizational measures, thereby ensuring that the data processing complies with the requirements of the GDPR. If the additional data processor fails to fulfill its data protection obligations, the Data Processor shall be fully liable to the Data Controller for the performance of the obligations of that additional data processor.
16. Handling of the Parties' Representatives and Contact Persons' Data
16.1. The names and contact details of the representatives and/or contact persons designated by the Parties in the service contract and this contract may only be used to the extent and in the manner necessary for the performance of the service and this contract. The processing of their data shall not exceed this extent.
16.2. In case of changes in the identity or data of the representative and/or contact person, the party affected by the change shall immediately notify the other Party of the change. The notified Party, upon receipt of the notification, shall promptly ensure that, in the future, the new data of the contact person/representative are used in the performance of the contract, or, in the case of data changes, only the new data are used and maintained, and the old contact person's data are deleted from its internal records.
17. Final Provisions
17.1. The Data Processor shall not extend the scope of the data, the duration of data processing, and the purposes of data use beyond what is stated above, except for data processing operations necessary to fulfill legal obligations applicable to it.
17.2. In matters not regulated by this contract:
- The provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) (GDPR) are applicable, and
- The provisions of additional, current data protection laws applicable to the Parties shall prevail.
Budapest, October 16, 2023.
Annex: Annex 1 on Data Security Requirements
Annex 1 to the "General Terms of the Data Processing Agreement with Software Usage" Contract regarding Data Security Requirements
General Information Security and Data Protection Obligations of the Data Processor
1. The Data Processor shall establish, introduce, and continuously improve an information security and data protection management system in compliance with the current requirements of ISO/IEC 27001 and ISO/IEC-27701:2019 standards.
2. The Data Controller shall require documented operations from the Data Processor in the following areas related to the general activities of the Data Processor's organization:
- The Data Processor shall demonstrate the commitment of its leadership to implementing information protection.
- The Data Processor ensures that information security and data protection responsibilities and authorities related to roles involved in providing its services are defined.
- The Data Processor identifies risks and opportunities that can prevent or reduce unexpected effects and ensures continuous improvement. The Data Processor plans activities related to risks, incorporates them into its processes, continually assesses them, and establishes a risk assessment and evaluation process.
- The Data Processor ensures the availability of resources related to the continuous improvement and support of provided IT equipment and services.
- The Data Processor ensures the appropriate competence of its employees, their awareness of information security and data protection, during development and support processes.
- The Data Processor uses a ticketing system to support development and support tasks, through which development and support activities affecting the Data Controller can be traced.
- The Data Processor regularly conducts internal audits to assess its information security and data protection activities.
- The Data Processor allows the Data Controller to perform information security and data protection audits at the Data Processor's premises, at a pre-notified time and in an agreed area.
- The Data Processor responds to non-compliance detected by itself or other organizations, conducts assessments, takes actions, and evaluates the effectiveness of the measures introduced.
3. The Data Controller shall require documented operations from the Data Processor in the following areas concerning the Information Security and Data Protection measures and objectives of the Data Processor's organization:
- The Data Processor shall develop and introduce Information Security and Data Protection policies within the organization.
- When forming its internal organization, the Data Processor shall define roles, positions that must be separated from an information security and data protection perspective and create a corresponding organization.
- The leadership of the Data Processor continuously ensures the awareness of its employees regarding information security and data protection, and conducts training programs to support this. In case of personnel changes within the Data Processor's staff that affect the Data Controller's activities or are in the interest of the Data Controller, the Data Processor shall inform the Data Controller about these changes.
- The Data Processor evaluates its assets, information, and implements appropriate processes for their management.
- The Data Processor handles the data and data carriers, as described in other sections of this agreement, which are processed during the services provided to the Data Controller.
- With regard to access management tasks defined in this agreement, the Data Processor shall establish an access management policy that ensures supervised registration, allocation of access rights, ongoing supervision, necessary modifications, and shall inform the Data Controller when needed.
- The Data Processor shall develop, introduce, and continuously improve documented operating procedures, especially in the following areas:
- Access management
- Change management, testing, and deployment
- Incident management
- The Data Processor shall ensure proportionate, expected protection against external attacks on its information systems. It regularly conducts tests for the discovery of technical vulnerabilities, evaluates them, and takes appropriate measures.
- The Data Processor shall ensure the protection of information and assets within its IT network.
- The Data Processor (in cooperation with the Data Controller when necessary) shall ensure the protection of data used for testing purposes.
- The Data Processor shall provide consistent and effective solutions for managing IT development, operation, information security, and data protection incidents by developing procedures with defined responsibilities. The Data Processor records reported or otherwise known incidents within its own ticketing system in the incident management process, evaluates them, implements procedures consistent with the evaluation, and when necessary, implements special incident management procedures. The Data Processor is obliged to resolve incidents within the agreed time frame as stipulated in the support contract. After resolving the incidents, the measures taken are evaluated to draw lessons from them.
The Data Processor shall develop a business continuity plan for the fulfillment of tasks arising from adverse events.