Owner and Data Controller

EPM SYSTEMS Kft. (powering Checkpoint_3D)
Office: Dugonics Square 11. 3rd floor 26.
H-6720 Szeged
Tax No. 14919293-2-06
Company Registry No. 06-09-014518
“Data Controller” hereinafter

Data Controller claims that personal data collected during its business activities are processed in compliance with this privacy policy and the applicable legal rules and regulations.

Data Controller claims furthermore that personal data are processed solely for purposes defined in this Privacy Policy, following fair and legal data processing principles, to the necessary extent and time. Data Controller ensures that data are accurate, complete and up-to-date, and the data subject can be identified only for the time necessary for data processing.

On any data processing not listed in this Privacy Policy we give information upon collecting such data.


Data Protection Terms

Terms used in this Privacy Policy, unless otherwise defined herein, have the same meaning as defined in the Act CXII of 2011 on the right to information self-determination and freedom of information (“Info Act” hereinafter).

Any question not regulated by this Privacy Policy is governed by the Provisions of the Info Act.

Legal Basis for Data Controlling

Personal data can be processed if the data subject agrees to, or stipulated by the law, or enabled by law within a well-defined scope, by local government decree to serve public interest (“obligatory data processing” hereinafter).

Personal data can also be processed if the consent of the data subject is impossible to gain or only for an unreasonable fee, and personal data porcessing is necessary for the Data Controller to comply with legal obligations, or it is necessary for Data Controller or third parties to enforce their legitimate interests, and the enforcement of these interests is proportional to the restriction of personal data protecion rights.

If personal data collected with the consent of the data subject, Data Controller can process the collected data, unless otherwise required by the law, without any further consent, and following the withdrawal of the consent by the data subject, to comply with legal obligations, and to enforce the legitimate interests of the Data Controller or third parties if the enforcement of these interests is proportional to the restriction of personal data protecion rights.

Based on the above, Data Controller processes personal data with the consent of the data subject or if required by the regulations of the law (e.g. Paragraph (3) Article 13/A of the Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Services Related to the Information Society). Upon giving data to the Data Controller, data subject claims that his or her data are valid.

Data Processing

Data Controller does not employ data processor to process data.

Purpose of Data Processing, Scope of Processed Data

The data of visitors to homepage of (“Homepage” hereinafter).

Purpose of data processing: Data Controller records visitors’ data to the Homepage to check operation of services, and to prevent misuse during Homepage visit.

Scope of Processed Data: date, time, address of the visited page, data on the device and browser used by the data subject, the IP address* of the computer used by the data subject and the location of the data subject.

(*The IP address is a number sequence that clearly identifies the internet users’ computers. With the IP address even the location of the computer user can de identified. Data on the address of the visited pages, date, time alone cannot identify the data subject.)

To record the visit to the Homepage, the internet address (“IP address”) of the data subject is logged that serves only statistical purposes. Data in the log file are not attached to any other personal data which would identify an individual. Data Controller do not want to identify data subject as individual.

Data Proccessing by Third Party Service Providers

The Homepage includes hyperlinks from and to third party servers which are independent from the Data Controller. These third party servers are in direct contact with the computer of the data subjects. We infom our Homepage visitors that these third party servers may collect information upon such direct contact. They can give infomation in detail about such data collecting and processing.

Such customized contents requested by data subject are served by third party servers. The Data Controller only includes the code of the third party service providers, so no personal data are transfered.

Homepage visiting and other webanalytics data are collected and processed by Google Analytics. For more information about this, visit:

How to set Google Analytics service: after signing in your Google account, you can disable Google Analytics display advertising features in Ads Settings, and you can customize the advertising features of the Google Display Network:

You can find Google Analytics Opt-out Browser Add-on here:

For information about blocking Google ads based on your interests and info, visit:

The Homepage includes links to the Facebook, Youtube and Linkedin pages of the Data Controller.

Use of Cookies

We inform you that the Homepage includes links to websites operated by third party service providers, the contents of those websites are independent from the Data Controller.

Data Controller and third party service providers place and collect data packages (cookies) to and from the computer of the data subject to develop their service. These collected cookies allow data processors to connect the present visit of the data subject with his or her previous visits, and thus load the Homepage according to his or her earlier settings. Cookies are provided by Google.

You can disable cookies in the browser settings but then you cannot use certain features of the Homepage without cookies. On visiting and using features of the Homepage, you give your consent to storing cookies on your computer and being accessed by the Data Controller. You can delete cookies from your computer, or you can disable use of cookies in your browser. You find cookies setting generally at the Data Protection Settings of Tools/Settings menu in the browsers.

Subscription to Newsletter

You can subscribe to newletter on the Homepage. Data Controller pays special attention to the lawful use of the e-mail addresses given during registration, they can be used only in the determined way to send (informing or advertising) e-mails.

Data Controller sends newsletter to the data subject only he or she subscribes to, and gives preliminary, explicit and voluntary consent to by registrating with his or her name, e-mail address and information in the subscription form.

Purpose of data processing is to identify and distinguish data subjects, contact them, send them newsletters, make statistics, send them e-mails with advertisements, sweepstakes and market research, inform them about recent news, campaigns, direct marketing and personal offers, contact them.

Types of Processed Data: time, name, e-mail address and password.

Data subject can unsubscribe the newsletter without giving a reason any time on the Homepage or in the way described in the newsletter.

Rights of Data Subjects

Data subjects may request information on his or her personal data processing, their rectification, erasure or blocking from the Data Controller any time.

Data subject and any possible data processors will be informed about the rectification, blocking, tagging or erasure of data. Such notification may not be sent if it does not affect the lawful interests of the data subject regarding the data processing purpose.

In matters pertaining to EPM Systems’s privacy practices you may contact the Data Controller at:

EPM Systems Kft. (Office: Szeged, Dugonics Square 11. 3rd floor 26., H-6720, Hungary)


On data subject’s request, Data Controller gives information about the personal data processed by Data Controller or other data processors, their storage, the purpose and legal basis of data processing, their retention time, the names, addresses and related activities of data processors, details and effects of the data protection incident, measures taken to its prevention, furthermore legal basis and recipient of data transfer if personal data of the data subject is transferred.

Data Controller gives free, clear, written information within 25 days from the request’s submission. Request can be sent to the e-mail address on the Contact Us webpage.


If your personal data is inaccurate, and the accurate personal data is avaible for the Data Controller, personal data will be rectified by the Data Controller.


Personal data will be deleted if its processing is unlawful, it is requested by the data subject, it is inaccurate or incomplete, and it cannot be rectified lawfully, provided that erasure is not excluded by the law, the purpose of processing has ended, personal data storage time defined by the law has ended, or court or authority ruled so.

If personal data processing is required by law, it cannot be deleted, Data Controller preserves them for the obligatory time period.


Data Controller removes personal data instead of erasure if the data subject requests so, or erasure would damage data subject’s legitimate interests based on the available information. Such removed personal data can be processed until the processing purpose exists that excludes the erasure of the personal data.


Data Controller tags the processed personal data if the data subject contests its accuracy or correctness but the inaccuracy or incorrectness of the disputed personal data cannot be verified clearly.

Refusing the Request

If Data Controller refuses rectification, blocking or erasure request of the data subject, information and the legal reasons for refusal of rectification, blocking or erasure request will be sent in writing or by e-mail if data subject consents to within 25 days upon receiving the request. In case of rectification, blocking or erasure request refusal Data Controller informs the data subject about judicial remedy and authority appeal options.

Objecting to Personal Data Processing

Data subject may object to personal data processing if personal data processing or transferring is necessary solely to fulfill legal obligations of the Data Controller, or to enforce legitimate interests of the Data Controller, data importer or third parties except for obligatory data processing; or if personal data is processed or transferred for direct marketing, public enquiry or scientific research purposes; or in other cases as defined in the act on the right to information self-determination and freedom of information.

Data Controller investigates the objection and informs the applicant about the decision in writing within 15 days, otherwise data subject may appeal to court against the Data Controller.

Data Protection Records (Data Protection Incident)

Data Controller keeps data protection records to check data protection incidents related measures and to inform the applicant. Records include data protection incidents related personal data, name and number of those participating in data protection incident, date, details, effects and related preventing measures of the data protection incident, and other data defined in applicable data protection law.

Data Transfer

1. By registering the training, data subject gives consent to Data Controller to transfer his or her name, e-mail address, telephone number and cv to a client (“Client” hereinafter) ordering the training so that the Client may offer a job to the applicant no matter he or she were admitted to the training.

2. Students contracted to the training accept that Data Controller transfers their data, their projects, their information records in the progress report during the training to the Client, or to give an insight into them to the Client, so that the Client can get information about the performance of the students, about their capabilities, skills and results assessed during the training.

3. We inform our clients that the court, prosecutor, investigating authorities, offence authorities, administrative authorities, Hungarian National Authority for Data Protection and Freedom of Information and other authorities by the law may request information, data disclosure and transfer, making available documents from Data Controller. If the purpose and scope of data are specified by the authorities, Data Controller gives personal data to authorities so much and to the extent absolutely necessary to fulfil the purpose of the request.


Retention period in case of the first four points of the paragraph „Purpose of Data Processing, Scope of Processed Data”: personal data shall be processed and stored until data processing purpose ends, or data subject gives consent to.

Retention period in case of the point „By registering the training” of the paragraph „Purpose of Data Processing, Scope of Processed Data”: personal data shall be processed and stored until data processing purpose ends.

Retention period in case of the point „Students’ data processing” of the paragraph „Purpose of Data Processing, Scope of Processed Data”: personal data shall be processed and stored for as long as the training contract between the student and the institution has been fully performed, or for minimum 36 months from the final exam of the training, if training contract ends sooner, then from the end of the training contract, or thereafter until the withdrawal of students’ consent.

Data Processors

Personal data managed by Data Controller is availble solely for

chief officers and CEO of Data Controller,

employee delegated by chief officers and CEO of Data Controller if it necessary to fulfil their tasks,

other persons defined in this Privacy Policy.

Changes to this Privacy Policy

Data Controller may change this Privacy Policy at any time. After the change comes into force, data subject accepts the effective modified privacy policy by using the service.

Legal Remedy

In the event of complaint concerning personal data mismanagement, or immediate danger that of, data subject may apply to Hungarian National Authority for Data Protection and Freedom of Information.

Hungarian National Authority for Data Protection and Freedom of Information
Office: 1125 Budapest, Szilágyi Erzsébet fasor 22/C
Postal address: 1350 Budapest, PO Box 5.
Telephone: +36 (1) 391-1400
Fax: +36 (1) 391-1410

If data subject’s rights are violated, data subject may turn to the competent court and file an official complaint against Data Controller. Data Controller shall compensate for damages caused by the unlawful processing of personal data.

Data Privacy

Data Controller provides personal data privacy, and takes technical and organizational measurements, and develops operating rules necessary to enforce the Info Act, or other data and secret protection rules.

EPM Systems Kft.
Data Controller