Privacy Policy / Data Protection and Data Management Policy

Purpose of Privacy Policy / Data Protection and Data Management Policy

DATA MANAGEMENTNOTICE

1. Data controller, data protection officer, data processors

1.1. Data controller

Name: LoxTrade Kereskedemi és Szolgáltató Korlátolt Felelősségű Társaság

Registered office: 1077 Budapest, Wesselényi street 13., 1st floor., 3rd door

E-mail address: hello@uplan.io

Company registration number and name of the registering court:

CRN. 01-09-279238 / Budapest-Capital Regional Court

Tax number: 23183261-2-42

Website: www.uplan.io

Data Protection Register number: NAIH-146467/2018.

LoxTrade Kft. (hereinafter referred to as the “Data controller”) processes the data of visitors and

registered users (hereinafter referred to as the “Data subject”) of the website www.uplan.io.

1.2. Data Protection Officer

The Data controller has considered the possibility of appointing a Data Protection Officer pursuant to

Article 37 of the GDPR and has concluded that the processing of personal data occurring during the

operation of the website and the purchases made on the website do not justify the appointment of a Data

Protection Officer.

1.3. Data processors

The Data controller uses the following Data processors:

ACCOUNTING

Gold Medal Kft.

1061 Budapest, Andrássy way 46.

COURIER SERVICES

Hajtás Pajtás Kerékpáros Futárszolgálat

1074 Budapest, Vörösmarty street 20.

COURIER SERVICES

Magyar Posta Zrt.

1138 Budapest, Dunavirág utca 2-6.

COURIER SERVICES

UPS Magyarország Kft.

2020 Vecsés, Lőrinci u. 154.

Airport City Logistic Park G. épület

ELECTRONIC ACCOUNTING SYSTEM OPERATOR

Billingo Technologies Zrt.

1133 Budapest, Árbóc street 6. III. floor

MAIL SYSTEM OPERATOR

Eworx Network & Internet GmbH

A-4150 Rohrbach-Berg, Hanriederstraße 25, Austria

REGISTRATION OF TRAINING

Acuity Scheduling, Inc.

450 W 17th Street

New York, NY 10011

ONLINE TRAINING REGISTRATION

Genesis Digital LLC

7660 Fay Ave #H184, La Jolla, CA 92037

2. Introductory provisions

2.1 The purpose of this notice is to provide clear, up-to-date and transparent information about the

processing of personal data in the course of the services provided by this website. This notice may be

amended and/or withdrawn unilaterally by the Data controller at any time, with simultaneous notification

of the Data subjects. The information will be provided on the website.

2.2 Further purpose of this notice is to set out the data protection and data management principles and the

data protection and data management policy of LoxTrade Kft. and to comply with the information

obligation pursuant to Articles 13-14 of Regulation (EU) 2016/679 of the European Parliament and of the

Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal

data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as

“GDPR”).

2.3. The data protection terms that are used in this notice are defined in Article 4 of the GDPR, as well as

supplemented by Act CXII of 2011 on the right to informational self-determination and on the freedom of

information (hereinafter: “Info. Act”). This Data management notice applies to all natural persons (Data

subjects) whose personal data is managed by the Data controller, if the data management is related to the

performance of the activities specified in this Data management notice.

3. Detailed information on the circumstances of data management

3.1. Shopping on the website

3.1.1. You can use the services of the Website only by registering. In this context, we process your

personal data as follows:

Scope of processed personal data: surname and first name, residential address, e-mail address and other

personal data provided by you.

The purpose of data management: to identify you, to create and fulfill a purchase agreement between you

and the Data controller.

Legal basis for data management: creation and fulfillment of an agreement (GDPR Article 6 (1) point b)).

Duration of data management: for the time necessary to fulfill the purchase agreement between you and

the Data controller, up to the statute of limitations for civil claims (5 years).

The Data controller does not verify the authenticity or accuracy of the personal data you provide (e.g. e-

mail address, etc.). Only the person who provided the data is responsible for its accuracy. The Data

controller excludes any liability arising from the incorrectness of the data.

Provision of telephone number:

Purpose of data management: Although the telephone number is not a condition for the fulfillment of the

purchase agreement, as personal data, it would be difficult to solve any problems related to the order in

the absence of the telephone number. In the event you have ordered the service and paid the purchase

price, but there is a problem with the service for some reason, it is necessary to ensure that you are

informed by telephone about the solution and the procedure to overcome the problem.

Legal basis for processing: voluntary consent of the Data subject (Article 6(1)(a) of the GDPR).

Duration of processing: for the time necessary to fulfill the purchase agreement between you and the Data

controller, up to the statute of limitations for civil claims (5 years). The Data controller shall have primary

access to the personal data processed for the purposes of the purchase.

Data subject rights: in addition to the data subject rights set out in point 11 of the Data management

notice, the Data subject has the right to withdraw his consent to the processing of his personal data at any

time; in this case, the Data controller will no longer process his personal data and will delete the personal

data processed on this legal basis, unless another legal basis allows for the processing of such data. The

withdrawal shall not affect the lawfulness of the processing carried out on the basis of the consent prior to

the withdrawal.

Data transfer:

We use external service providers to fulfill orders:

Credit card payment: In case of payment by card, the data of the bank card and the card payment

transaction are managed by Stripe. In case of payment by bank card, the payer’s ID, the amount, date and

time of the transaction are transmitted.

Legal basis for data transfer: data management is necessary for the performance of the agreement [Article

6 (1) b) of GDPR].

3.1.2. Personal data processed for the purpose of paying the consideration for the ordered

service/product

You can pay for the products/services ordered on the Website by choosing from the following payment

methods: bank transfer, bank card payment through the Stripe system.

a)Bank transfer: in the case of a bank transfer, you can settle the consideration for the ordered

product/service with the help of your bank. In this case, the Data controller only processes

personal data in connection with the crediting of the transferred amount to the Data controller’s

account at Raiffeisen Bank.

Beneficiary name: LoxTrade Kft.

HUF bank account number: ………………………………

Range of processed data: first and last name, e-mail address, bank account number, value of the

product/service ordered, time of transfer.

Purpose of data management: to identify you, to create and fulfill a purchase agreement between you and

the Data controller.

Legal basis for data management: execution of an agreement (Article 6 (1) b) of GDPR).

Duration of data processing: 8 years in order to fulfill the obligation to preserve accounting documents

(Article 169 (2) of the Act C of 2000 on accounting).

In the case of bank transfers, access to the personal data processed is primarily granted to the Data

controller or the Data controller’s bank.

b)Payment by bank card: According to point 3.1.1 of the Data management notice

Regarding payment by bank card, please note that the use of the ordered product/service is based on a

monthly subscription, which will be automatically deducted from your bank account each month until you

manually cancel it in your profile settings. If the deduction was unsuccessful, Stripe will try the payment

three times on different days, or you can manually initiate the payment in your profile settings.

3.2. Personal data processed for the purpose of providing information relating to a purchase

Contact and communication between the Data controller and you are essential for the operation of the

Website. You will receive confirmation of the purchase in the form of an electronic mail. In some cases,

the Data controller sends notification to the Data subjects via e-mail about the products or services, as

well as changes to the General Terms and Conditions. However, the Data controller does not use such

notifications for advertising purposes.

In this context, we process your personal data as follows:

Range of processed data: first and last name, e-mail address, telephone number

Purpose of data management: to identify you, to execute a purchase agreement between you and the Data

controller.

Legal basis for data management: execution of an agreement (Article 6 (1) point b) of GDPR).

Duration of data management: for the time necessary to fulfill the purchase agreement up to the statute of

limitations for civil claims (5 years).

The Data controller has primary access to the personal data processed for the purpose of providing

information about the use of the Website.

4. Processing personal data due to accounting obligations

According to section 2 of Act C of 2000 on Accounting the Data controller is obliged to retain the

accounting documents underlying the accounting records directly or indirectly (including ledger accounts,

analytical records and registers) in a legible form and in a retrievable manner for 8 years. To this end, we

process your personal data as follows:

Range of processed data: first and last name, home address.

Purpose of data management: fulfillment of the obligation to retain the accounting documents underlying

the accounting records directly or indirectly, as defined in the Accounting Act

Legal basis for data management: fulfillment of the legal obligation of the Data controller (Article 6 (1) c)

of GDPR).

Duration of data processing: 8 years in order to fulfill the obligation to preserve accounting documents

(Article 169 (2) of the Act C of 2000 on Accounting).

The personal data processed for the purpose of fulfilling the obligation to retain the accounting documents

underlying the accounting records directly or indirectly as defined in the Accounting Act may be accessed

primarily by the Data controller, by Könyvelésmegoldás.hu Kft. as the accountant, and by the operator in

connection with the operation of the electronic invoicing system.

5. Handling complaints

If you are not satisfied with the ordered product/service or if you have any other complaint regarding the

website, the Data controller shall provide you with the opportunity to file a complaint pursuant to section

17/A-17/C of the Act CLV of 1997 on consumer protection. In this case, we process your personal data as

follows:

Range of processed data: surname and first name, home address, e-mail address, product/service data

(name, purchase price), the claim that the consumer wishes to enforce, the determination of the error, the

method of settlement of the objection, the date of recording of the minutes.

Purpose of data management: handling customer objections and complaints.

Legal basis for data management: fulfillment of the legal obligation of the Data controller related to the

handling of consumer protection complaints (Article 6 (1) c) of GDPR).

Duration of data processing: 3 years for recorded minutes, 2 years for copies of entries made in the

customer complaint register and 3 years for copies of responses to written complaints.

The Data controller has access to personal data processed for the purpose of handling complaints.

6. E-mail customer support – support for customers and interested parties

The website provides an opportunity for customers or other interested parties to send a message to the

Data controller and report their interest in a message or raise questions to the Data controller via e-mail

hello@uplan.io.

Purpose of data management: information requests related to purchases and products/services.

Range of processed data: name, e-mail address, personal data that may appear in the message.

Legal basis for data management: necessity to fulfill a contract/take steps prior to concluding a contract

[Article 6 (1) b) of GDPR].

Duration of data management: 60 days

7. Data management related to newsletter subscription

The Data controller pays high attention to the legality of the use of the electronic mail addresses it

manages, so he only uses them in the manner specified below to send (informational or advertising) e-

mails.

The management of e-mail addresses primarily serves the identification of the Data subject, contact and

information provision during the fulfillment of orders, therefor e-mails are sent primarily for this purpose.

The Data controller will send letters containing promotions or advertisements (newsletters) to the e-mail

addresses provided during registration only with the express consent of the Data subject, in cases and in a

manner that complies with legal requirements. The newsletter has direct marketing elements and contains

advertising. The Data controller manages the data provided by the Data subject when using the newsletter.

In case of a newsletter, the Data controller manages the Data subject’s data provided during the

subscription to the newsletter until the Data subject unsubscribes from the newsletter by clicking on the

“Unsubscribe” button at the bottom of the newsletter or requests to be removed from the list of

subscribers to the newsletter by email. In case of opt-out, the Data controller will not contact the Data

subject with further newsletters and offers. The Data subject can unsubscribe from the newsletter and

withdraw his consent at any time free of charge.

Legal basis for data management: voluntary consent of the Data subject (Article 6 (1) a) of GDPR)

The Data subject is voluntarily providing his consent to hand out data related to subscribing to the

newsletter with regard to individual data management.

Range of processed data:

– name

– e-mail address

The purpose of data management is for the Data controller to contact the Data subject by e-mail or

newsletter and inform them about the products/services.

8. Use of cookies

The website uses so-called cookies for the best possible user experience. Cookies store information in

your browser, their job is to recognize you when you return to this website later. The cookies help us by

providing information about the User’s use of the website and by doing so we learn which elements of the

website the User considers the most usable or the worst. Cookies are stored on your computer. Regarding

the cookie settings, we would like to point out that the use of cookies is allowed according to the basic

settings of the browsers. You can delete cookies from your computer or even set your browser to block

their use. In the latter case, we would like to draw your attention to the fact that the website will not be

fully functional.

By clicking on the “I accept the cookie settings” button on the website, you consent to the use of cookies

managed by our own or external service providers (“third parties”), which are necessary to record the data

and information written in this information sheet. Such data is the data of your computer that is generated

when you use our website, or that is recorded by the cookies used on our website as an automatic result of

technical processes. The automatically recorded data is automatically logged by the system – without your

separate consent – when you visit or exit the website. We do not connect these data with any other

personal data, therefor you cannot be identified. Only we and the provider managing the cookies have

access to this data.

Cookies supporting basic functionality: These are essential for navigating the given website, for the

operation of the website’s key functions and for accessing protected content. These cookies do not collect

information that could be used for marketing purposes or that would remember what other websites the

visitor visited. After closing the website, these cookies are automatically deleted and the session is closed.

If the visitor does not accept these cookies, the website or some of its parts may not be displayed, or may

be displayed incorrectly, making it impossible to use the website or fill out forms.

The legal basis for data management is the legitimate interest of the Data controller operating as an

MSME based on Article 6 (1) f) of the GDPR.

You, as a Data subject have the right to access, correct, delete, restrict data processing and object in

connection with technical cookies.

We draw our visitors’ attention to the fact that since the purpose of cookies is to support and facilitate the

usability and processes of the website, if cookies are disabled, we cannot guarantee that the visitor will be

able to fully use all the functions of the website. In this case, the website may function differently than

planned in the browser.

Convenient cookies that support use: These cookies allow our website to remember which mode of

operation you have chosen (for example: you have accepted the cookie information and according to

which sorting method the results obtained in the list of search results should be displayed). This is done so

that on the next visit you do not have to accept the cookie information again and again or set the sorting

method according to which you want to view the content displayed on the page. Without the information

contained in the cookies that store preferences, our website may function less smoothly.

We do not record personal data in the convenience cookies, we only store an identification number, from

which the site is informed that the cookie notice was previously accepted. The convenience cookie is

stored in the browser of the client’s machine with an expiration date of 1 month. If cookies are enabled,

the Data controller does not record any identifiers. The visitor can use the site and services in complete

safety when accepting cookies.

Cookies for statistical purposes:

Statistical data is automatically generated from the data generated by viewing the website.

Legal basis and duration of data management: Based on the information displayed in the pop-up window,

by clicking on the “I accept” button, you can authorize the Data controller to use cookies on the website

and thereby manage the above personal data.

Clicking on the “I accept” button is considered a voluntary consent according to Article 6 (1) a) of the

GDPR, thus the Data controller will process your data until you withdraw your consent. Based on the

information displayed in the pop-up window, by clicking on the “I do not accept” button, you do not

allow the Data controller to use cookies on the website and thereby to manage the above personal data. If

you do not allow the use of cookies, the website will be limited to the use of basic cookies and

technologies in terms of its operation, and no personal data will be processed.

Cookie classificationPurpose of data managementScope of managed dataLegal basisRetention period
cookies ensuring basic functionalityensuring the proper functioning of the website– Google Analytics with reduced functionality — JSESSIONID – gdpr_level – gdpr_timeGDPR Article 6 (1) f) legitimate interestSession cookies: until the end of visiting Cookies to facilitate use: for 6 months
Cookies for statistical purposesCollecting information about how our visitors use our websiteGoogle Analytics code _ga _gid _dam _gac_<property-id> Hotjar codes _hjClosedSurveyInvites _hjDonePolls _hjMinimizedPolls _hjDoneTestersWidgets _hjMinimizedTestersWidgets _hjIncludedInSample _hjShownFeedbackMessage​​Google Optimize cookies​__utmx​__utmxx​_gaexp​Piwik PRO cookies​_pk_ref​_pk_cvar​_pk_id​_pk_ses​_pk_hsr​piwik_ignore​GDPR Article 6 (1) a) your consentDepending on the cookie: – until the end of the session – for 2 years – until 24 hours – for 1 minute – for 90 days – for 365 days
_pk_uid

With the exception of cookies that are absolutely necessary for the operation of the website (which do not

collect information considered personal data), the use of cookies is based on your express and appropriate

consent, which forms the legal basis for related data management. Cookies will only be used if you

specifically authorize their use on the dedicated interface. You have the option to change your settings –

and in this case to revoke your consent – at any time.

In addition to the website’s cookie settings, most browsers also provide the option to view, manage, delete

and disable cookies from a specific website. Please note that if you delete all cookies, the settings stored

in them will also be lost, including blocking the acceptance of cookies, as this function also requires

cookies to be placed on the device. Below you will find instructions on how to control the use of cookies

in the most common browsers.

More detailed information about the cookie settings can be found at the following browsers:

Google Chrome

Mozzila Firefox

Microsoft Internet Explorer

Microsoft Edge

If you do not accept the use of cookies, certain functions will not be available to you. You can find more

information about deleting cookies at the following links:

Mozilla Firefox: Sütik engedélyezése és tiltása, amit a weboldak használnak beállítások mentésére

Google Chrome: A cookie-k be- és kikapcsolása

Microsoft Internet Explorer: Cookie-k törlése és kezelése

Microsoft Edge: A Microsoft Edge, a böngészési adatok és az adatvédelem

Apple Safari: Sütik és webhelyadatok kezelése a Mac gép Safari alkalmazásában

9. Method of storing personal data, security measures

Taking into account the science and technology, the Data controller implements appropriate technical,

administrative and organizational measures to guarantee data security:

– Only our employees and partners who have been authorized to do so have access to personal data;

– Our website receives encrypted data via a secure HTTPS protocol, so it is not possible for unauthorized

persons to access personal data via any network device between the target server;

– Our employees use operating systems and software with the latest security updates when performing

their tasks;

– We encrypt our backups;

– Personal data that are no longer needed are deleted or anonymized for use for statistical purposes;

– The servers of our hosting provider operate in a secure data center;

– Our website stores personal data on its IT devices located at its headquarters, as well as on the hosting

provider’s servers located in a secure data center.

The Data controller keeps records of any data protection incidents, indicating the facts related to the data

protection incident, its effects and the measures taken to remedy it.

The Data controller shall report any data protection incident to the National Authority for Data Protection

and Freedom of Information without delay and, if possible, no later than 72 hours after becoming aware

of the data protection incident, unless the data protection incident is likely to pose no risk to the rights and

freedoms of natural persons. We review our security measures regularly, we record the necessary actions

in our internal Incident Management regulations and our employees always perform their duties in

accordance with the current regulations.

10. Automatic decision-making

The Data controller does not perform automatic decision-making procedures and profiling with the

personal data of the data subject.

11. Affected rights, legal remedies

The data subject may request information about the management of his personal data, as well as request

the correction of his personal data, or – with the exception of mandatory data management – deletion,

withdrawal, limitation of data management, and may exercise his right to data portability and protest at

one of the contact details provided in section 1. of this Data Management Notice, or at customer service

(e-mail address) as defined in section 6 of the Data Management Notice.

Right to information:

You are entitled to contact the Data controller with a request for information on the processing of your

personal data at the above contact details of the Data controller. The Data controller informs the data

subject without undue delay, but in any case within one month of the receipt of the request, of the

measures taken following the data subject’s request. If necessary, taking into account the complexity of

the application and the number of applications, the 30-day deadline can be extended by another two

months. The Data controller shall inform the Data subject of the extension of the deadline, indicating the

reasons for the delay, within one month of receiving the request. If the Data subject submitted the request

electronically, the Data controller will provide the information electronically, unless the Data subject

requests otherwise. Information and measures are provided by the Data controller free of charge. If the

Data subject’s request is clearly unfounded or – especially due to its repetitive nature – excessive, the Data

controller may, taking into account the administrative costs associated with providing the requested

information or taking the requested measure, charge a reasonable fee or refuse to take action based on the

request.

Right of access:

The Data subject has the right to obtain from the Data controller feedback as to whether or not his

personal data are being processed and, if such processing is taking place, the right to access the personal

data and the following information: the purposes of the processing; the categories of personal data

concerned; the recipients or categories of recipients to whom or with which the personal data have been

or will be disclosed, including in particular recipients in third countries or international organisations; the

envisaged period of storage of the personal data; the right to rectification, erasure or restriction of

processing and the right to object; the right to lodge a complaint with a supervisory authority; information

on the data sources; the fact of automated decision-making, including profiling, clear information on the

logic used and the significance of such processing and its likely consequences for the data subject. The

Data controller shall provide the Data subject with a copy of the personal data which are the subject of the

processing. For additional copies requested by the Data subject, the Data controller may charge a

reasonable fee based on administrative costs. At the request of the Data subject, the Data controller shall

provide the information in electronic form.

Right of rectification:

The Data subject may request the correction of inaccurate personal data concerning him and the addition

of incomplete data.

Right to erasure:

If one of the following reasons exists, the Data subject has the right to request from the Data controller to

delete the personal data relating to him without undue delay:

● personal data are no longer needed for the purpose for which they were collected or otherwise

processed;

● the data subject withdraws his consent, which is the basis of the data management, and there is no other

legal basis for the data management;

● the data subject objects to data processing and there is no overriding legal reason for data processing;

● personal data were handled illegally;

● personal data must be deleted in order to fulfill the legal obligation prescribed by EU or member state

law applicable to the data controller;

● the collection of personal data took place in connection with the offering of services related to the

information society.

Data deletion cannot be initiated in the case of mandatory data processing: in the case of a legal basis

based on Article 6 (1) c) of the GDPR.

The right to restrict data processing:

At the request of the Data subject, the Data controller restricts data processing if one of the following

condition is met:

● the Data subject disputes the accuracy of the personal data, in which case the restriction applies to the

period that allows checking the accuracy of the personal data;

● the data management is illegal and the Data subject opposes the deletion of the data and instead

requests the restriction of its use;

● the Data controller no longer needs the personal data for the purpose of data management, but the Data

subject requires them to present, enforce or defend legal claims; or

● the Data subject objected to data processing; in this case, the restriction applies to the period until it is

determined whether the legitimate reasons of the Data controller take precedence over the legitimate

reasons of the Data subject.

If data management is subject to restrictions, personal data may only be processed with the consent of the

Data subject, with the exception of storage, submission, enforcement or defending legal claims, or to

protect the rights of another natural or legal person, or in the important public interest of the European

Union or a member state.

The Data controller will inform the Data subject in advance of the lifting of the restrictions on data

management.

Right to data portability:

The Data subject has the right to receive the personal data concerning him and which he provided to the

Data controller in a segmented, widely used, machine-readable format, and to forward this data to another

Data controller.

Right to object:

The Data subject has the right to object at any time to the processing of his personal data necessary to

assert the legitimate interests of the Data controller or a third party for reasons related to his own

situation. In the event of an objection, the Data controller may no longer process the personal data, unless

it is justified by compelling legitimate reasons that take precedence over the interests, rights and freedom

of the Data subject, or that are related to the presentation, enforcement or defense of legal claims.

Procedural rules:

The Data controller informs the Data subject without undue delay, but in any case within one month of

the receipt of the request, of the measures taken following the request in accordance with Articles 15-22

of the GDPR. If necessary, taking into account the complexity of the application and the number of

applications, this deadline can be extended by another two months.

The Data controller shall inform the Data subject of the extension of the deadline, indicating the reasons

for the delay, within one month of receiving the request. If the data subject submitted the request

electronically, the information will be provided electronically, unless the Data subject requests otherwise.

If the Data controller does not take measures following the Data subject’s request, he shall inform the

Data subject without delay, but at the latest within one month of the receipt of the request, of the reason

for the failure to take action, as well as of the fact that the Data subject may file a complaint with a

supervisory authority and exercise his right to judicial redress.

The Data controller provides the requested information free of charge. If the Data subject’s request is

clearly unfounded or – especially due to its repetitive nature – excessive, the Data controller may, taking

into account the administrative costs associated with providing the requested information or taking the

requested measure, charge a reasonable fee or refuse to take action based on the request.

The Data controller informs all recipients of all corrections, deletions or data management restrictions

carried out by him, to whom or to whom the personal data was disclosed, unless this proves to be

impossible or requires a disproportionately large effort. At the request of the Data subject, the Data

controller informs about these recipients.

The Data controller provides a copy of the personal data that is the subject of data management to the

Data subject. For additional copies requested by the Data subject, the Data controller may charge a

reasonable fee based on administrative costs. If the Data subject submitted the request electronically, the

information will be provided in electronic format, unless the data subject requests otherwise.

Right to go to court:

In the event of a violation of their rights, the Data subject may apply to the court against the Data

controller. The court acts out of sequence in the case.

Official data protection procedure:

You can file a complaint with the National Authority for Data Protection and Freedom of Information:

National Authority for Data Protection and Freedom of Information

Registered office: 1055 Budapest, Falk Miksa street 9-11.

Mailing address: 1363 Budapest, Pf.: 9.

Telephone: 06-1-391-1400

Fax: 06-1-391-1410

E-mail: ugyfelszolgalat@naih.hu

Website: http://www.naih.hu

12. Code of Conduct

The Data controller is not subject to the provisions of any code of conduct.

Dated: Budapest, 01.01.2024