Privacy Notice

Data processing related to the M-Explorer software
(on-premise deployment, not a cloud service)

Version: 1.0
Effective date: 2026-01-02
Language: EN

Definitions

• Software / M-Explorer: an on-premise enterprise software developed by Hungarian Hosting.
• Customer / Client: any natural or legal person who orders, installs, and operates the Software within their own infrastructure.
• Data Controller: the party determining the purposes and means of data processing. In on-premise deployments, this is typically the Customer with respect to data generated within their systems.
• Developer / Licensor / Service Provider: Hungarian Hosting (hereinafter: the Service Provider).
• Data Subject: a natural person whose personal data is processed (e.g. an employee or administrator of the Customer).
• Personal Data: any information relating to an identified or identifiable natural person (GDPR Article 4(1)).
• Audit Log / Log: a log file recording system events (e.g. login, action type, timestamp).
• “Data provided to the Service Provider”: data sets (e.g. log extracts, configuration fragments, support ticket content) voluntarily provided by the Customer for support or dispute resolution purposes.

1. Data Controller Information

Service Provider: Hungarian Hosting
Contact: info@hungarianhosting.hu

M-Explorer is an on-premise enterprise software solution. By default, all data remains within the Customer’s infrastructure, and the Service Provider does not have automatic or continuous access to such data.

2. Legal Basis for Data Processing

Data processing is carried out in accordance with the following legal bases:

• GDPR (EU Regulation 2016/679)
• GDPR Article 6(1)(b) – performance of a contract (license, support)
• GDPR Article 6(1)(f) – legitimate interest (security, traceability, dispute resolution)
• Hungarian Act CXII of 2011 (Info Act)

Legitimate interest: ensuring secure operation of the system, detection of unauthorized or erroneous actions, and clarification of disputed events.

3. Purpose of Data Processing

Data processing serves exclusively the following purposes:

• secure and stable operation of the Software,
• auditability and traceability of system activity,
• supporting troubleshooting and recovery,
• handling contractual matters and evidencing events in disputes.

Important: data processing is not used for marketing, profiling, or surveillance purposes.

4. Scope of Processed Data

4.1 Data processed locally by the Software

Depending on enabled features, M-Explorer may process the following data within the Customer’s infrastructure:

• user identifiers (username or role-based identification),
• date and time (timestamp),
• IP address,
• type of performed action (e.g. download, edit, delete, login),
• identifier of the affected resource (file, configuration, module, vault item).

These data are not transmitted to the Service Provider by default.

4.2 Data provided to the Service Provider

Log files, extracts, or related technical information may be provided to the Service Provider only in the following cases:

• upon explicit support request by the Customer,
• for contractual verification or settlement purposes,
• in connection with contractual or legal disputes,
• during investigation of serious operational incidents, to the necessary extent only.

Use of such data:

• strictly limited to investigation, resolution, and documentation of the specific case,
• not disclosed to third parties (except where legally required),
• not used for marketing or automated profiling.

5. Data Retention Period

5.1 Data generated locally

Retention periods for locally generated logs and system data are determined by the Customer in accordance with their internal policies and applicable legal requirements.

5.2 Data held by the Service Provider

Data provided to the Service Provider (e.g. log extracts, support attachments, configuration fragments) are retained:

• for the period required by applicable laws, and
• at least for the full duration of the license agreement.

Retention serves solely to fulfill support obligations, document actions taken, and resolve potential disputes.

6. Data Security

The Service Provider and the Software implement appropriate technical and organizational measures to ensure:

• data integrity,
• protection against unauthorized access,
• immutability of audit logs within configured system constraints.

Additional note: principles and limitations regarding AI-related features are defined separately in the AI Usage Policy.

7. Rights of Data Subjects

Data subjects are entitled in particular to:

• right of access (GDPR Article 15),
• right to rectification (GDPR Article 16),
• right to restriction of processing (GDPR Article 18),
• right to object (GDPR Article 21).

When exercising these rights, the Service Provider may verify the requester’s entitlement and the lawful feasibility of fulfilling the request, particularly in cases involving legitimate interest or contractual obligations.

8. Complaints and Remedies

8.1 Contact

Please contact us first at: info@hungarianhosting.hu

8.2 Supervisory Authority

If the issue cannot be resolved, a complaint may be filed with:

National Authority for Data Protection and Freedom of Information (NAIH)
Falk Miksa utca 9–11., 1055 Budapest, Hungary
https://www.naih.hu

9. Final Provisions

M-Explorer’s data processing principles are based on:

• processing only data necessary for operation,
• use exclusively for security, verification, and support purposes,
• retaining data provided to the Service Provider only as required by law and at least for the duration of the license.

Cross-references: this Privacy Notice shall be interpreted together with the End User License Agreement and the AI Usage Policy.