Privacy Policy

Last updated: 2020-07-27

Please read this Privacy Policy carefully to understand how the Data Controller uses the Personal Data we collect from you when you visit or use our Website.

By accessing or using the Website or the Services, you agree to this Privacy Policy and consent to the collection, transfer, storage, disclosure, and use of your personal data as described below. Our Services also incorporate privacy controls which affect how we will process your personal data. Please refer to Section ‎IX. for a list of rights with regard to your personal data and how to exercise them. („Privacy Policy”)

This Policy may change from time to time. Your continued visit or use of the Website or the Services after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

1. DATA CONTROLLER

The Data Controller, who determines the purpose and manner in which your personal data is used, is GBD Consulting and Services Private Limited Company a company incorporated under the laws of Hungary, seated: 12. Határ út, Újlengyel, 2724, Tax number: 27325162-2-13, Company Reg. Number: 13-10-042025 (hereinafter referred to as: “Data Controller”,Provider”, „Service Provider”, „we”, or „us”).

2. DEFINITIONS

“ColdCampaigns”: service provided by Provider.

Data Protection Officer (DPO)” ensures, in an independent manner, that Provider applies the laws protecting individuals’ Personal Data. The designation, position and tasks of a DPO within an organization are described in Articles 37, 38 and 39 of the European Union (EU) General Data Protection Regulation (GDPR)

“GDPR” – Regulation (EU) 2016/679 of The European Parliament and of The Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

 “Personal Data” – any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. Personal Data regarding to the Service is data of our Website Visitors, our Users and our Customers, data entrusted to us by our Users and our Customers for processing and processed in relation to the use of the Service.

"Service" or "Services": services available at, or through the Website, including, but not limited to management of emailing campaigns with real-time monitoring of sent email delivery, sending and managing marketing emails and our other covered services.

“Website": coldcampaigns.com and any of its subdomains. Website is operated by Provider.

"Website Visitor ": any individuals or company who visit our website and who may communicate with.

"User": Website Visitor who on behalf of themselves on our website subscribe to receive communications and information from our Website or subscribe to use any of the service offered on the Website.

"Customer": User who on behalf of themselves use paid services offered on the Website.

3. Information we collect about you and why we collect it

This Privacy Policy applies when we are acting as a data controller with respect to the following personal data of our Website Visitor, our User and our Customer:

Information you provide voluntarily to us:

  • Account Data: We collect your Account Data, which include your name, your email address and your password. This Account Data is voluntarily provided by you upon your registration. The Account Data may be processed for the purposes of providing you our services offered on our Website, sending you information about email marketing, ensuring the security of our Website and communicating with you.
  • Third-Party Email Account Data: Provider allows you to connect our Services to your various third-party email accounts (such as Gmail) for the purpose of sending email and for us to check your inbox for replies and bounces. We require your third-party email address, your password, and a small set of permissions on your third-party email account to be able to do this and will only use it for the purpose of providing you with our Services or for diagnosing issues related to your third-party email account. Provider will not use your email account information for any purpose other than providing the Services to you, and Provider is not responsible for any issues related to your third-party email account.
  • Correspondence Data: We may process information contained in or relating to any communication that you send to us or send through our Service. The Correspondence Data may include the communication content and metadata associated with the communication and the content of your campaigns. The Correspondence Data may be processed for the purposes of communicating with you and record-keeping.
  • Notification Data: We may process information that you voluntarily provide to us for the purpose of subscribing to our push notifications. The Notification Data may be processed for the purposes of sending you the relevant notifications.
  • Payment Data: We may process information, like billing address and VAT number that you voluntarily provide to us after your registration when you decide to continue to use our paid services offered on our Website. The Payment Data may be processed for the purposes of providing our paid services offered on our Website.
  • Transaction Data: We may process information relating to transactions, including the time and activity of the purchases of our services and the code of the transactions. Financial transactions relating to our services offered on our Website may be handled by our payment service providers, Adyen and PayPal. We never store any credit card or PayPal account details. The Transaction Data may be processed for the purposes of supplying the purchased services, keeping proper records of these transactions, refunding such payments and dealing with complaints.

The legal basis for processing the information you voluntarily provide to us is consent (Art. 6 sec. 1 (a) of GDPR) and the performance of the contract between you and us (Art. 6. sec. 1(b) of GDPR) as set in this Privacy Policy, in the Terms of Service and in the Data Processing Agreement.

Information we collect automatically:

  • Usage Data: Data about your use of our Website and the Service. The usage data include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your Service use. The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analyzing the use of the website and services, and to avoid users misusing our Service.

The legal basis for processing Usage Data is our legitimate interests (Art. 6 sec. 1 (f) of GDPR), namely:

  • For analytical purposes. We have a legitimate interest in analyzing Service operations and your satisfaction. We consider processing this data beneficial to our Customers. Our aim is to constantly develop the Service and to provide it of the highest quality.
  • To prevent fraud and abuse. We have a legitimate interest in conducting necessary verification to detect and prevent potential fraud and abuse. We understand processing this Data is beneficial for all parties involved, especially for you, because it allows us to set up precautions.
  • To contact you. We have a legitimate interest in contacting you with marketing messages, information about our current services, business opportunities, and special offers on other products, and services we think you might like.

We may process Data based on our legitimate interest to exercise legal claims. We believe we have a legitimate interest in processing your Data if it’s necessary to exercise claims concerning the use of the Service that’s unlawful or incompatible with the Terms of Service or to defend ourselves against such claims.

If you are our Website Visitor to provide you with our Service, we process the following Personal Data:

  • Correspondence Data
  • Notification Data
  • Usage Data

If you are our User to provide you with our Service, we process the following Personal Data:

  • Account Data
  • Third-Party Email Account Data
  • Correspondence Data
  • Notification Data
  • Usage Data

If you are our Customer to provide you with our Service, we process the following Personal Data:

  • Account Data
  • Third-Party Email Account Data
  • Correspondence Data
  • Notification Data
  • Payment Data
  • Transaction Data
  • Usage Data

4. How we protect your personal data

In order to avoid unauthorized use of personal data and to avoid misuse of such data, Provider has taken comprehensive technical and operational safety measures. Our safety procedures have regularly been controlled and improved in harmony with technological development, such as:

  • We protect the security of your information while it is being transmitted by using secure connection,
  • We use computer safeguards such as firewalls to keep this data safe;
  • We only authorise access to employees and trusted partners who need it to carry out their responsibilities;
  • We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security; and
  • We will ask for proof of identity before we share your personal data with you.
  • We rely on Adyen for all our payment processing: in terms of credit card information, we only store the last 4 digits of someone's card in our database.

Please be aware, though, that despite our efforts, no security measures are perfect or impenetrable. We cannot ensure, and do not warrant or guarantee, that the information you transmit to the Provider will remain secure, nor do we guarantee that this information will not be accessed, disclosed, altered, destroyed or used in an unauthorized manner.

If we learn of a security breach, we may attempt to notify you electronically so that you can take appropriate protective steps. If you have any questions about the security of your personal information, please contact us as indicated in the ‘Contact Us’ section below.

The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by companies operating outside the EEA who work for us or for one of our service providers. If we do this we ensure that your privacy rights are respected in line with this Privacy Policy.

5. How long we use personal data for

We will not keep your personal data longer than we need to, and we will only use your personal data for the purposes set out in this Privacy Policy. We will always keep your personal data in accordance with applicable legal and regulatory requirements.

In case we process your Personal Data based on your consent Provider will keep your personal data until you withdraw your consent given to the data processing. Once you withdraw your consent, we will delete your data permanently.

Without withdrawing your consent we will keep your Personal Data for up to 1 year following we stopped providing you with our services.

In case we process your Personal Data based on our legitimate interest, we will terminate the processing and delete your Personal Data as soon as we have no further legitimate interest for the processing.

In most circumstances this means we will not keep your Correspondence Data for more than 10 years after our last conversation and we will not keep your Usage Data for more than 50 months after the end of your relationship with us.

6. Cookies

We use cookies and similar tracking technologies to collect and use Personal Information about you, including to serve interest-based advertising. For further information about the types of cookies and tracking technologies we use, why, and how you can control them, please see our Cookie Policy.

7. Sensitive Data

We ask that you not send us, and you not disclose, on or through the Services or otherwise to us, any Sensitive Personal Data (e.g., any government-issued identification number; credit or debit card details or financial account number, with or without any code or password that would permit access to the account; or information on race, religion, ethnicity, sex life or practices or sexual orientation, medical or health information, genetic or biometric information, biometric templates, political or philosophical beliefs, political party or trade union membership, or information on any judicial or administrative proceedings).

Use of Services by Minors

The Services are not directed to individuals under the age of eighteen (18), and we request that they not provide Personal Data through the Services.

8. Sharing information with others

In certain situations, Provider may share your personal data with third parties.

Third parties that provide services:

We use service providers to process your personal data on our behalf including, such as:

Company that provide server hosting:

  • Rackforest Kft.

Companies that provide email delivery, help to contact our Users:

  • Getresponse
  • OneSignal
  • MillionVerifier
  • MailGun

Companies that provide information technology and help to operate and improve our Service:

  • Adroit Group Kft.
  • Fehér Ákos Attila EV. - Self employed
  • Agócs Máté EV. - Self employed

Companies that provide data analysis and advertising solutions:

  • Google Inc.
  • Facebook
  • Hotjar

These companies may only process personal information pursuant to our instructions and in compliance both with this Privacy Policy and other applicable confidentiality and security measures and regulations.

Specifically, we do not permit these companies to use any personal information we share with them for their own marketing purposes or for any other purpose than in connection with the services they provide to us.

Other Uses and Disclosures:

We will use and disclose Personal Data as we believe to be necessary or appropriate: 

  • to comply with applicable law, including laws outside your country of residence;
  • to comply with legal process;
  • to respond to requests from public and government authorities, including authorities outside your country of residence and to meet national security or law enforcement requirements;
  • to enforce our terms and conditions;
  • to protect our operations of our business, assets or stock,
  • to protect the rights, privacy, safety or property of us, you or others; and
  • to allow us to pursue available remedies or limit the damages that we may sustain.

We may use and disclose Other Data for any purpose, except where we are not allowed to under applicable law.

9. What are your data protection rights?

Provider would like to make sure you are fully aware of all of your data protection rights. Every Customer is entitled to the following:

The right to express and withdraw your consent - If we ask for consent to process your Data, you can always choose to give it or not. We inform you about the right to withdraw your consent before giving consent. In our Service, we never ask for one consent for different Personal Data processing operations.

Withdrawal of your consent is effective upon execution, and it does not affect the lawfulness of processing based on the consent before you withdraw it. You can always withdraw your consent without detriment. It may, however, render you unable to use some of the features of the Service.

If you no longer wish to receive emails from us, you can use the unsubscribe link at the bottom of any of our communications, or by sending a letter to: GBD Consulting and Services Private Limited Company at 12. Határ út, Újlengyel, 2724 Hungary.

In addition push notification you can delete your information stored with us by unsubscribing from notifications by following the instructions here.

For information on your choices related to Cookies and Other Data, please read our Cookie Policy.

The right to access – You have the right to request Provider for copies of your Personal Data. We may charge you a small fee for this service.

The right to rectification – You have the right to request that Provider correct any information you believe is inaccurate. You also have the right to request Provider to complete the information you believe is incomplete.

The right to erasure – You have the right to request that Provider erase your Personal Data, under certain conditions.

The right to restrict processing – You have the right to request that Provider restrict the processing of your Personal Data, under certain conditions.

The right to object to processing – You have the right to object to Provider’s processing of your Personal Data, under certain conditions.

The right to data portability – You have the right to request that Provider transfer the data that we have collected to another organization, or directly to you, under certain conditions.

The right to apply and right to lodge a complaint with a supervisory authority - You have the right to complain to a supervisory authority concerning the processing of your Personal Data. In Hungary the supervisory authority is The National Authority for Data Protection and Freedom of Information, contact details:

Telephone: +36-1-391-1400

Email:

If you would like to exercise any of these rights, please contact us at our email:

10. How to contact Us

If you have any questions about Provider’s Privacy Policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us:

  • Email us at:
  • Or write to GBD Consulting and Services Private Limited Company at: Határ út, Újlengyel, 2724 Hungary

We have designated a Data Protection Officer – dr. Hám Boglárka Barbara (DPO), who you can reach out to about anything related to your Personal Data processing. You can easily contact our DPO:

  • Via email: ,
  • or in writing to dr. Hám Boglárka Barbara at: Határ út, Újlengyel, 2724 Hungary.