Data Protection Notice of Isotoptech Zrt.


In accordance with articles 13 and 14 of the regulation (EU) 2016/679 OF the European Parliament and of the Council of 27 April 2016 on theprotection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive95/46/EC (hereafter: GDPR) the Controller hereby provides the following information for the data subjects about the processing of personal data:


  Controller  Data Protection Officer 
Name:  Isotoptech Zrt.  Papp Judit 
Postal address:  H-4001 Debrecen, Pf. 390.  4001 Debrecen, Pf. 390. 
Telephone:  +36 52/509-200  +36 30/113-8851 
Fax:  +36 52/509-282   
Regisztered office:  H-4025 Debrecen, Piac u.53., II. em. 9.   
Address:  H-4026 Debrecen, Bem tér 18/C.   


Legislation serving as basis for processing 

Regulation (EU) 2016/679 OF the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation). Act CXII of 2011 on Informational Self-Determination and Freedom of Information.  

Personal data:  

-means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier of to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. 


-means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing. 

What is our purpose and legitimate interests for the processing of your personal data? 

  • We process your personal data to ensure that our contractual obligations arising from the contract with you or a third party, of which you are in the position of a contact person or a signatory on behalf of the contractual party, are effectively fulfilled and also to be compliant with legal obligations under local law. Since we conducted the contract with your or the third party, we need to process your personal data to ensure effective, flawless and clear communication as well as to ensure fulfilment of our contractual obligations and legal obligations (tax and accounting) towards you or the third party. This processing also applies to other legal acts than contracts as for example power of attorney. 
  • We process your personal data for the purpose of incoming and outgoing post mail or e-mail evidence. 

What is our legal basis for the processing of your personal data? 

  • We process your personal data on the basis of legitimate interests under Article 6 (1) (f) of GDPR. When we handle the tax and accounting matters or we are obliged to conclude an agreement under the applicable law (e.g., Management of Rights of Light/Party Wall Agreements in the United Kingdom), we process your personal data on the basis of a legal obligation under Article 6 (1) (c) of GDPR. If you or the third party fail to provide us with your personal data, we cannot fulfill our legal obligations. 
  • We process your personal data on the basis of legitimate interests under Article 6 (1) (f) of GDPR. 

Who do we get personal data from? 

We receive your personal data from you or from third parties with whom we have entered into a contractual relationship (or other relevant legal relationship) or through correspondence. 

What kind of personal data do we process? 

  • Title, name, surname, position, department, personal and employee number, business area, place of work, signature, e-mail, phone and fax number and identification information of your employer (incl. identification information of the entity on which behalf you act). 
  • Name, surname, address, telephone number and e-mail. 


Who can access your personal data?  

In principle the employees the Controller can access the personal data of the data subjects for the purpose of discharging their duties. So personal data can be accessed for example by the Controller’s staff in charge of operating the filing system for administration purposes, or by its human resources staff for preparing labour contracts. 

Furthermore, Isotoptech Zrt. Selects and operates the IT tools used for the processing of personal data in the provision of the service in such a way that the processed data:  

  • is accessible to authorised persons (availability); 
  • authenticity and verification (authenticity of data processing); 
  • can be verified to be unchanged (data integrity); 
  • be protected against unauthorised access (data confidentiality). 

Isotoptech Zrt. takes appropriate measures to protect the data against unauthorized access, alteration, disclosure, deletion or destruction and against accidental destruction. 

Isotoptech Zrt. shall ensure the security of data processing by technical, organisational and organisational measures that provide a level of protection appropriate to the risks associated with data processing. 

Isotoptech Zrt. shall preserve the confidentiality and integrity of data processing. 

The Controller may only disclose personal information to state agencies in exceptional cases. So, for example if a court proceeding is initiated in a legal dispute between the Controller and the data subject and it is required to hand over to the court documents containing the data subject’s personal data, the Controller is requested by the police authority to disclose personal data of the data subject for the purposes of an investigation. Furthermore, for example personal data may also be disclosed to Controller’s legal counsel providing legal representation in case there is a legal dispute between the Controller and the data subject.  

Where and for how long do we store your personal data?  

The Controller stores the personal data provided by the data subject at its registered seat or branch. Controller uses the services of the data processor indicated in the Appendix for processing the personal data of the data subject.  

The Controller takes the necessary information security measures to protect the data subject’s data among others from unauthorized access or from unauthorized alteration. The Controller takes adequate organizational measures to prevent disclosing personal data to an undetermined number of people.  

As soon as we no longer need your personal data for the processing purposes for which the personal data have been collected, we will delete them unless the statute-barred period applies. Certain details and correspondence may be retained until the time limit for claims, in respect of the pre-contractual or contractual relationship, has expired or in order to comply with regulatory requirements regarding the retention of such personal data. 

What are your rights?  

Your rights as a data subject are stated below. Please note that the exact conductions to exercise these rights are set out in detail in Chapter III of GDPR, while in a particular circumstance not all rights may be exercised. You have following rights: 

  • Access to personal data we process about you 
  • Rectification of incorrect or inaccurate personal data and add incomplete personal data  
  • Restriction, i.e., blocking of processing of your personal data 
  • The deletion of personal data in case the purpose absence or unauthorized data processing 
  • Submission of an objection to the processing of personal data if you believe that our data processing is not justified 
  • Be excluded from automated decision-making 
  • Listing of personal data in a structured and machine-readable format or for another controller 
  • Revocation of consent to the processing of personal data 
  • To lodge a complaint with the supervisory authority 

How can you exercise your rights?  

We strive to protect your privacy as much as possible and therefore we process your personal data in compliance with GDPR and all other relevant laws. However, if you disagree with the way we handle your personal data, you can exercise your rights via our Data Protection Officer at: 

Data Protection Officer’s contact:  

Papp Judit, Isotoptech Zrt,  

H-4026 Debrecen, Bem tér 18/C.  


Phone number: +36 30 113 8851 

Or you can file a complaint in supervising authority regarding the processing of your personal data. Your local supervisory authority:  

Hungarian National Authority for Data Protection and Freedom of Information (NAIH)  

Address: H-1125 Budapest, Szilágyi Erzsébet fasor 22/c  

Postal address: H-1530 Budapest, Pf.: 5  


phone: +36 (1) 391-1400  

fax.: +36 (1) 391-1410  

web page: 

Other information 

We inform our customers that the court, the prosecutor, the investigating authority, the law enforcement authority, the administrative authority, the National Authority for Data Protection and Freedom of Information, the National Bank of Hungary, or other bodies authorised by law may contact the data controller to provide information, to disclose or transfer data, or to provide documents. 

Isotoptech Zrt. shall disclose personal data to the authorities only to the extent and to the extent strictly necessary for the purpose of the request, provided that the authorities have indicated the exact purpose and scope of the data.  

Privacy Notice (PDF) 


1.1 Functionality 

– collect information about visitors and their devices.  

 – record visitors’ individual preferences, which are used, for example, when they make online transactions, so that they do not have to be re-entered.  

 – make the website easier to use.  

 – provide a quality user experience. In order to provide a personalised service, a small piece of data, called a cookie, is placed on the user’s computer and read back during a subsequent visit. If the browser returns a previously saved cookie, the cookie provider has the possibility to link the user’s current visit to previous visits, but only for its own content.  

1.2 Strictly necessary session cookies 

The purpose of these cookies is to enable visitors to browse the website use its features and services, without any problems. This type of cookie is valid until the end of the session (browsing), when the browser is closed this type of cookie is automatically deleted from the computer or other device used for browsing. 

1.3 Third-party cookies (analytics) 

The website also uses Google Analytics as a third-party cookie. By using Google Analytics for statistical purposes, collects information about how visitors use its websites. The data is used to improve the website and the user experience. These cookies will also remain on the visitor’s computer or other browsing device, their browser until they expire or until they are deleted by the visitor.  

2. Data related to online ordering

We do not trade online. 

3. Data related to online transactions  

 The following information is required for online transactions: name, email address, company or institution name, address and telephone number.  

4. Data related to newsletter  

Our company does not distribute newsletters.