Privacy Policy

Last updated: 25 June 2026

This Privacy Policy explains how denxpert EHS&S software Kft. collects, uses, discloses and protects your personal data when you visit our websites, subscribe to our communications, or use our services. It also explains your rights under the EU General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and Hungarian Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (“Infotv.”).

We are committed to processing your personal data lawfully, fairly and transparently. Please read this Policy carefully.

1. Data Controller

The data controller responsiblefor your personal data is:

•    Company: denxpert EHS&S software Kft.

•    Registered address: 1037 Budapest, Seregély u.6., Hungary

•    Email: office@denxpert.hu

•    Phone: +36 1 239 1208

For any questions about thisPolicy or your personal data, or to exercise your rights, contact us using thedetails above (data protection requests may be addressed to office@denxpert.hu).

We have assessed ourobligations under Article 37 GDPR and are not required to appoint a statutoryData Protection Officer. We have nonetheless designated an internal contactpoint responsible for data protection matters, reachable at the address above.

2. Definitions

•    Personal Data – any information relating to anidentified or identifiable natural person.

•    Processing – any operation performed on personaldata, such as collection, storage, use, disclosure or deletion.

•    Data Subject – the individual to whom personaldata relates (i.e. you).

•    Controller – the entity that determines thepurposes and means of processing (us).

•    Processor – a third party that processespersonal data on our behalf and under our instructions.

•    Service – our websites (includingcsrdsoftware.com), our software products, and related communications.

3. Personal Data We Collect

3.1 Data you provide to us

•    Identity and contact data: first name, last name, emailaddress, phone number, company name and job title.

•    Account data: login credentials and profile settingswhere you register for our Service.

•    Communications: the content of messages, demo requestsand support enquiries you send us.

3.2 Data we collect automatically

•    Usage data: IP address, browser type and version, pagesvisited, date/time and duration of visits, referring URLs and diagnostic data.

•    Device data: device type, operating system, uniquedevice identifiers (in particular when accessing via a mobile device).

•    Cookie and tracking data: information collected viacookies and similar technologies (see Section 7), including analytics,heatmap/session and advertising identifiers, subject to your consent.

We do not intentionallycollect special categories of personal data (e.g. health, religion, politicalopinions) through our Service.

4. Purposes and Legal Bases for Processing

Under the GDPR we must have alawful basis for each processing activity. The table below sets out what we do,why, and the legal basis we rely on.

PurposeData usedLegal basis (Art. 6 GDPR)
Provide, operate and maintain the Service and your accountIdentity, contact, account, usage dataPerformance of a contract (Art. 6(1)(b))
Respond to demo requests, enquiries and supportIdentity, contact, communicationsSteps prior to a contract / legitimate interests (Art. 6(1)(b)/(f))
Send marketing newsletters and offersIdentity, contact dataConsent (Art. 6(1)(a))
Website analytics, heatmaps and visitor identificationUsage, cookie, device dataConsent (Art. 6(1)(a))
Online advertising and audience measurementCookie, usage, advertising identifiersConsent (Art. 6(1)(a))
Security, fraud prevention and service improvementUsage, device dataLegitimate interests (Art. 6(1)(f))
Comply with legal obligations (accounting, tax, lawful requests)Identity, contact, transaction dataLegal obligation (Art. 6(1)(c))
Business transfers (merger, acquisition, asset sale)All relevant dataLegitimate interests (Art. 6(1)(f))

Where we rely on consent, you may withdraw it at any timewithout affecting the lawfulness of processing before withdrawal. Where we relyon legitimate interests, you may object at any time (see Section 9).

5. Marketing Communications

We send marketing newslettersonly on the basis of your explicit opt-in consent, given through an untickedcheckbox at the point of sign-up. We keep a record of when and how youconsented.

Every marketing email contains aclear unsubscribe link. You can withdraw consent at any time by clickingunsubscribe or by contacting us — withdrawing consent is as easy as giving it.We will then stop sending marketing messages, though we may still sendessential service-related communications.

6. Recipients and Third-Party Processors

We share personal data only asnecessary and under appropriate safeguards. Our categories of recipients andkey processors include:

Recipient / processorPurpose
HubSpotCRM, marketing email, forms and analytics
Google (Analytics / Ads)Website analytics and advertising
Meta (Facebook Ads)Advertising and audience measurement
LinkedIn AdsAdvertising and audience measurement
Microsoft AdsAdvertising and audience measurement
HotjarHeatmaps and session analytics
LeadfeederIP-based business visitor identification
Hosting / IT providersHosting of the Service within the EU/EEA
Professional advisers and authoritiesLegal, accounting and regulatory compliance

We require all processors to process personal data only on ourinstructions and under a written data processing agreement compliant withArticle 28 GDPR. We do not sell your personal data.

7. Cookies and Tracking Technologies

We use cookies and similartechnologies (beacons, tags, scripts, pixels) to operate our website and, withyour consent, to analyse usage and deliver advertising.

•    Strictly necessary cookies – required for thewebsite to function and to authenticate users. These do not require consent.

•    Functionality cookies – remember yourpreferences (e.g. language, login). Used with your consent.

•    Analytics cookies – e.g. Google Analytics,Hotjar, Leadfeeder. Used only with your consent.

•    Advertising cookies – e.g. Google, Meta,LinkedIn, Microsoft. Used only with your consent.

Non-essential cookies are notplaced until you give consent through our cookie banner. You can change orwithdraw your cookie preferences at any time via the “Revisit consent” / cookiesettings link on our website, or by adjusting your browser settings. Refusingnon-essential cookies will not affect access to essential parts of the Service.

8. International Data Transfers

Our Service data is hostedwithin the European Economic Area (EEA). However, some of our processors (inparticular Google, Meta, LinkedIn, Microsoft, HubSpot and Hotjar) may processdata outside the EEA, including in the United States.

Where personal data istransferred outside the EEA, we ensure an adequate level of protection throughone or more of the following safeguards: an adequacy decision of the EuropeanCommission (including the EU–U.S. Data Privacy Framework where the recipient iscertified), or Standard Contractual Clauses approved by the EuropeanCommission, together with supplementary measures where necessary. You mayrequest a copy of the relevant safeguards by contacting us.

9. Your Rights

Under the GDPR you have thefollowing rights in relation to your personal data:

•    Right of access – to obtain confirmation of, anda copy of, the data we hold about you (Art. 15).

•    Right to rectification – to have inaccurate orincomplete data corrected (Art. 16).

•    Right to erasure – to have your data deleted incertain circumstances (Art. 17).

•    Right to restriction – to limit how we processyour data in certain cases (Art. 18).

•    Right to data portability – to receive your datain a structured, machine-readable format (Art. 20).

•    Right to object – to object to processing basedon legitimate interests and to direct marketing at any time (Art. 21).

•    Right to withdraw consent – to withdraw consentat any time where processing is based on consent (Art. 7(3)).

•    Rights related to automated decision-making – wedo not carry out solely automated decision-making producing legal effects (Art.22).

To exercise any of these rights,contact us at office@denxpert.hu. We will respond within one month, as requiredby the GDPR. Exercising your rights is free of charge unless requests aremanifestly unfounded or excessive.

9.1 Right to lodge a complaint

If you believe your dataprotection rights have been infringed, you have the right to lodge a complaintwith the Hungarian supervisory authority:

•    Authority: Nemzeti Adatvédelmi ésInformációszabadság Hatóság (NAIH)

•    Address: 1055 Budapest, Falk Miksa utca 9-11.,Hungary

•    Website: www.naih.hu

•    Email: ugyfelszolgalat@naih.hu

You may also lodge acomplaint with the supervisory authority in your country of residence, or seeka judicial remedy.

10. Data Retention

We retain personal data only foras long as necessary for the purposes set out in this Policy, after which it isdeleted or anonymised. Indicative retention periods:

Data categoryRetention period
Account and contract dataDuration of the contract + up to 8 years (statutory accounting period under Hungarian law)
Demo / enquiry dataUp to 2 years from last contact, unless a contract follows
Marketing subscription dataUntil you withdraw consent / unsubscribe
Cookie and analytics dataPer the retention period of each tool (typically up to 14–26 months)
Support communicationsUp to 2 years from resolution

11. Security

We implement appropriatetechnical and organisational measures to protect personal data againstunauthorised access, loss, alteration or disclosure, including access controls,encryption in transit, and regular review of our security practices. However, nomethod of transmission or storage is completely secure, and we cannot guaranteeabsolute security.

12. Children’s Privacy

Our Service is intended forbusiness users and is not directed at children. In Hungary, the minimum age forvalid consent to information society services is 16. We do not knowinglycollect personal data from children under 16 without parental or guardianconsent. If you believe we have collected such data, please contact us and wewill delete it.

13. Links to Other Websites

Our Service may contain links tothird-party websites we do not operate. We are not responsible for theircontent or privacy practices and encourage you to review their privacypolicies.

14. Changes to This Privacy Policy

We may update this Policy fromtime to time. We will post the updated version on this page and update the“Last updated” date. Where changes are significant, we will notify you by emailand/or a prominent notice on the Service before they take effect. Please reviewthis Policy periodically.

15. Contact Us

If you have any questions aboutthis Privacy Policy or our data practices, contact us:

•    Email: office@denxpert.hu

•    Phone: +36 1 239 1208

•    Address: 1037 Budapest, Seregély u. 6., Hungary

Foglalj 30 perces demót
Book a 30-min demo

Schedule a free demo and see in action

Our experts
Contact our sustainability experts
1
Contact
Just fill out the form, and we’ll get back to you within an hour!
2
Book a slot
Book the preferred date for the free consultation directly with our  colleagues
3
See in action
See live how much easier the sustainability reporting of your business can be with our solutions.
Írj nekünk, vagy foglalj konzultációt
Kapcsolat
Konzultáció

Form styling

Error state
Add meg a vezetékneved!
Validated state
Field focused state
This is some text inside of a div block.
Placeholder
This is some text inside of a div block.
Placeholder
Field normal state
Placeholder