In processing data, our company follows these principles:

• We process personal data lawfully, fairly, and transparently for you.
• We collect personal data only for specified, explicit, and legitimate purposes and do not process it in a manner incompatible with those purposes.
• The personal data we collect and process is adequate, relevant, and limited to what is necessary for the purposes of data processing.
• Our company takes all reasonable measures to ensure that the data we process is accurate and, where necessary, kept up to date; we delete or correct inaccurate personal data without delay.
• We store personal data in a form that allows identification of you only for as long as necessary to achieve the purposes of processing personal data.
• We ensure appropriate security of personal data through appropriate technical and organizational measures against unauthorized or unlawful processing, accidental loss, destruction, or damage.

We process data based on your prior informed and voluntary consent and only to the necessary extent and always for specific purposes. In some cases, the processing of your data is based on legal requirements and is mandatory. In certain cases, our company or a third party has a legitimate interest in processing your personal data, such as for the operation, development, and security of our website.

Company name

Lexunit Zrt.

Headquarters

1136 Budapest, Tátra utca 15/A 3. em. 3. ajtó

Website

lexunit.hu, lexunit.ai

Postal address

1136 Budapest, Tátra utca 15/A 3. em. 3. ajtó

Phone number

+36 30 890 50 75

Email address

info@lexunit.ai

Tax number

27774009-2-41

Company registration number

01-10-141771

Our company is not required to appoint a data protection officer under Article 37 of the GDPR.

Our company's hosting provider:

Name

Google Ireland Limited

Headquarters

Gordon House, Barrow Street, Dublin 4, Ireland

Tax number

IE 6388047V

Website

google.com

We only request personal data from our website visitors if they wish to register, log in, or participate in a prize draw. We cannot link the personal data provided during registration or use of our marketing services to identify our visitors, and this is not our fundamental goal.

If you have questions regarding data processing, you can contact us at info@lexunit.ai or by postal mail. We will respond within 15 days (but at most within 1 month).

Cookies are small data files stored on your computer by your internet browser. Most browsers (Chrome, Firefox, etc.) accept cookies by default, but you can reject or disable them in your settings. The "help" menu of your browser provides more information.

There are cookies that do not require your prior consent (e.g., authentication, multimedia players, load balancing, user interface customization, and security cookies). Our website provides brief information about these when you first visit.

For cookies requiring consent (e.g., analytics or marketing), we request your consent at the start of your first visit. Our company does not use cookies that would enable third parties to collect data without your consent. Accepting cookies is not mandatory, but the website may not function as expected if they are disabled.

Detailed information about third-party cookies can be found at Google Technologies and Google Analytics Privacy.

You voluntarily provide personal data to us during registration or when contacting our company. Please ensure the authenticity, correctness, and accuracy of your data, as you are responsible for this. Incorrect or incomplete data may prevent you from using our services. If you provide personal data of someone other than yourself, we assume you have the necessary authorization to do so.

You can withdraw your consent to data processing at any time free of charge by:

• Deleting your registration,
• Withdrawing consent to data processing, or
• Requesting the blocking of mandatory data.

We undertake to register the withdrawal of consent within 30 days for technical reasons. However, we may continue to process certain data even after withdrawal to fulfill legal obligations or assert legitimate interests. In case of misleading personal data, crime, or system attacks, we will delete the visitor's data immediately upon terminating registration or retain it for legal proceedings if necessary.

By explicitly declaring your consent during registration or later, you allow us to use your personal data for marketing purposes. We will process your data for direct marketing and/or newsletters until you withdraw consent.

You can give or withdraw consent for direct marketing and newsletters separately. We consider the deletion of registration as withdrawal of consent in all cases. Withdrawal of marketing consent does not affect data processing related to website registration. We undertake to register withdrawal or cancellation of consents within 15 days.

Our company may organize prize draws on a campaign basis. The current promotion regulations can always be found on the homepage of our website.

We can only transfer your data within the framework defined by law. In the case of our data processors, we ensure through contractual conditions that they cannot use your personal data for purposes contrary to your consent.

Data Transfer and Processing Abroad

We primarily store and process your personal data within the European Union (EU) and the European Economic Area (EEA).

However, to ensure the high-quality operation of our website and services, we use specialized third-party service providers (see "Hosting provider" and "Cookie" sections, e.g., Google Ireland Limited). In some cases, these partners may process data in countries outside the EEA ("third countries"), such as the United States.

In all cases of international data transfer, our company ensures strict compliance with GDPR Chapter V requirements to guarantee the security of your data. We rely on:

• Adequacy Decisions: Transfers to countries recognized by the European Commission as providing an adequate level of protection (e.g., the EU-U.S. Data Privacy Framework).
• Standard Contractual Clauses (SCCs): Where necessary, we sign the European Commission's Standard Contractual Clauses with our partners to legally guarantee the protection of your data.

Authority Requests

Courts, prosecutors, and other authorities (e.g., police, tax office, NAIH) may contact our company to provide information or documents. We fulfill these obligations only to the extent absolutely necessary to achieve the purpose of the request.

Data Security

We protect your personal data with appropriate technical and organizational measures (encryption, password protection, antivirus software, physical access control). However, data transmission over the internet cannot be considered completely secure. We ask for your help in safeguarding your password.

Regarding data processing, you are entitled to the following rights:

National Authority for Data Protection and Freedom of Information (NAIH)

Headquarters

1055 Budapest, Falk Miksa utca 9–11.

Mailing address

1363 Budapest, Pf.: 9.

Phone

+36 (1) 391-1400

Email

ugyfelszolgalat@naih.hu

Website

https://naih.hu/

We ask that before turning to the supervisory authority or court, please contact our company at info@lexunit.ai for a faster resolution.

• Regulation (EU) 2016/679 (GDPR)
• Act CXII of 2011 on informational self-determination and freedom of information (Info Act)
• Act V of 2013 on the Civil Code (Civil Code)
• Act CVIII of 2001 on certain issues of electronic commerce services and information society services (E-commerce Act)
• Act C of 2003 on electronic communications (Electronic Communications Act)
• Act CLV of 1997 on consumer protection (Consumer Protection Act)
• Act CLXV of 2013 on complaints and public interest disclosures (Complaints Act)
• Act XLVIII of 2008 on commercial advertising activities (Advertising Act)

Our company reserves the right to modify this Privacy Policy, about which it will inform the data subjects in an appropriate manner. Information related to data processing is published on the lexunit.ai website.