Privacy Policy

This Privacy Policy covers what AppCorner Kft. (henceforward referred to “we” as the plural first person), as a data controller collects and how it uses, discloses, transfers and stores your information when visiting this website or using Lumio Photo.

We are obliged to comply with the contents of this legal notice. We have committed ourselves to ensure that all data management related to our business complies with the requirements of this policy along with the applicable national legislation and the legal acts of the European Union.

We are committed to protect the personal information of our customers and partners, and we always prioritize their privacy. We will not use or share your information with anyone except as described in this Privacy Policy. All personal data is handled confidentially, and we take extensive security, technical and organizational measures that guarantee proper data protection.

What kind of data do we collect and for what purpose?

Our processing is based on voluntary consent and/or other legal grounds detailed below. In the case of voluntary consent, the subject’s consent may be withdrawn at any time. Below you will find Article 6 (1) of Regulation (EU) 2016/679 of the European Parliament and of the Council. Please review this because we will refer to it in many places. You can access the full text of the regulation via this link.

Processing shall be lawful only if and to the extent that at least one of the following applies:

a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes;

b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

c) processing is necessary for compliance with a legal obligation to which the controller is subject;

d) processing is necessary in order to protect the vital interests of the data subject or of another natural person;

e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Point (f) of the first subparagraph shall not apply to processing carried out by public authorities in the performance of their tasks.

Diagnostic data

Legal grounds for processing: Point (f) of the (first) paragraph in Article 6 of Regulation (EU) No. 2016/679: the enforcement of legitimate interests pursued by the controller

We collect diagnostic data of the page loads on our website. The data includes information about the downloaded page, the download method and the result, and the downloader’s IP address. This data is used for the detection of errors and detection and prevention of hostile attacks. The recorded information is stored separately from any other personal data, furthermore, we take all the necessary steps to ensure that such information cannot be used for any purpose other than diagnostics. All recorded data will be automatically destroyed after 14 days, on a daily interval.

Crash reports

Legal grounds for processing: Point (f) of the (first) paragraph in Article 6 of Regulation (EU) No. 2016/679: the enforcement of legitimate interests pursued by the controller

If the app crashes while running, a crash report is submitted the next time the app is launched. The crash report contains information about the computer where the crash occurred, technical details about the crash, as well as diagnostic data that is used for the detection and prevention of hostile attacks against the crash reporting service. Crash reports do not contain other private information, and are only used to resolve the software bug that caused the crash.

Customer support inquiries

Legal grounds for processing: Points (b) and (f) of the (first) paragraph in Article 6 of Regulation (EU) No. 2016/679

Personal data that you provide when contacting our customer support, will solely be used for communication regarding the subject of your inquiry, and for solving your problem itself.

Any data that you provide when contacting customer support, including personal data, will be handled on the above mentioned legal grounds and will be stored indefinitely. Should you provide any personal data for which we have no legal grounds to handle, the data will not be used in any way and will be deleted as soon as possible.

Data provided during other form of communications

Legal grounds for processing: Point (a) of the (first) paragraph in Article 6 of Regulation (EU) No. 2016/679: the voluntary consent of the subject

In the case of any other communication or support request, the personal data of the subject will be used solely in relation with the communication or the fulfillment of any requests communicated. Such data is stored for an indefinite period unless otherwise requested by the subject.

What do we do to secure data?

Security

We store and manage data in accordance with the latest security standards. While designing our internal processes, we concentrate on reducing the potential for human error and making sure we can effectively mitigate any damage resulting from such error.

Access

Our internal processes have been designed in a way that our employees only have access to the data needed to complete their work. Access to personal data is audited and logged. Our employment contract contains a strict confidentiality clause and the importance of protecting personal data is always emphasized to our employers. The performance of our data handling related processes is measured and revised on a regular basis.

With whom do we share data?

We do not sell, trade or otherwise transfer any personally identifiable information to outside parties.

This does not include trusted third-party services or subcontractors who assist us in operating our website and our app, conducting our business, or servicing you. We are very careful when picking these third-party service providers, making sure that they can guarantee the confidentiality and security of the data, and they are in compliance with the national legislation in force and the legal acts of the European Union. Below you will find a list of such data processors and the scope of the data being transmitted.

Web hosting providers

We rely on the following providers to host our website and content related to the application. Servers that are involved in our data processing run on hardware physically located in the European Union.

DigitalOcean, Inc. (privacy policy)
Cloudflare, Inc. (privacy policy)
Amazon Web Services (privacy policy)

Customer support

Our company uses G Suite apps for everyday communication, email and other daily activities. Customer support emails sent to us are also received through this service and stored on Google’s servers.

Google G Suite (privacy policy)

About your rights

We would like to inform you that in case the legal basis for data processing is point (a) of the (first) paragraph in Article 6 of Regulation (EU) 2016/679, i.e. the voluntary contribution of the subject, in accordance with national legislation in force and acts of the European Union you are entitled to the following rights:

Right to be informed

As the data subject, you shall have the right to access all of the information relating to data processing referred to in Articles 13 and 14 of Regulation (EU) 2016/679, and Articles 15-22 and 34 in a short, concise, easily understandable and accessible form. You can access the full text of the regulation on this link.

Right to access

As the data subject, you shall have the right to access personal data or any other information that may arise in the data processing: the purposes of data management; the categories of personal data concerned; the categories of recipients or recipients with whom personal data was shared or will be shared, including in particular third-country addressees or international organizations; the intended duration of the storage of personal data; the right for rectification, deletion or the restriction of data processing and the right to object; the right to file a complaint addressed to the supervisory authority; information about data sources; the fact of automated decision making, including profiling, as well as easily understandable information based on the applied logic of such data management and the likely consequences for the data subject. The data controller shall provide the information required within 25 days of the submission date.

Right to rectificate

As the data subject, you shall have the right to ask for the correction of inaccurate data and have incomplete personal data completed during data processing.

Right to be erased

As the data subject, you shall have the right to obtain from the controller the erasure of personal data concerning you without undue delay where one of the following grounds apply:

the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
the data subject withdraws consent on which the processing is based and there is no other legal ground for the processing;
the data subject objects to the processing pursuant and there are no overriding legitimate grounds for the processing;
the personal data have been unlawfully processed;
the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
the personal data have been collected in relation to the offering of information society related services.

Erasure of data cannot be initiated if data management is necessary: with the aim of exercising the right to freedom of expression and the right of access; the fulfilment of an obligation under EU or Member State law applicable to the data controller for the processing of personal data, if the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; for the performance of a task carried out in the exercise of public authority exercised in the public interest or on the data controller; for the purpose of public health or archiving, scientific and historical research or statistics, out of public interest; or for the submission, validation or protection of legal claims.

Right to restrict processing

As the data subject, you shall have the right to obtain from the controller restriction of processing where one of the following applies:

the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims; or
the data subject has objected to processing pursuant pending the verification whether the legitimate grounds of the controller override those of the data subject.

Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with the data subject's consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

Right for data portability

As the data subject, you shall have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.

Right to object

As the data subject, you shall have the right to object, on grounds relating to your situation, at any time to processing of personal data concerning you or the existence of appropriate safeguards, which may include encryption or pseudonymisation, or data processor or the purposes of the legitimate interests pursued by the controller or by a third party, including profiling based on those provisions. In case of objection, the controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

Automated individual decision-making, including profiling

As the data subject, you shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

Right to withdraw

As the data subject, you shall have the right to withdraw consent at any time.

Right to go to judicial authorities

As the data subject, should you feel that your rights have been violated, you may be directed to the court against us. The court proceeds out of turn.

Right to file a complaint

To file a complaint please contact the Hungarian National Authority for Data Protection and Freedom of Information at:
Name of the authority: Nemzeti Adatvédelmi és Információszabadság Hatóság
Registered office: 1055 Budapest, Falk Miksa utca 9-11.
Mailing address: 1363 Budapest, Pf.: 9.
Phone: +36 1 391 1400
Fax: +36 1 391 1410
Email: [email protected]
Website: www.naih.hu

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page.

This policy is effective as of 2022-10-03.

Contact Us

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us at [email protected].