Valid from October 10, 2023
We need some of your personal data to provide you with products and services, or to engage with you online. We never collect more personal data than absolutely necessary for the purposes listed below. We will only use your personal data for the purposes below, and nothing else.
I. Details of the controller
When we collect personal data from you, we are the controller and you are the data subject. Our details as the data controller are as follows:
Rákóczi út 70-72. II. em.
Budapest, 1074 Hungary
Business registry number: 01-10-140071
Tax ID: 25429356-2-42
II. Data protection contact person
The person responsible for the protection of your personal data is our General Counsel and Chief Compliance Officer, Máté Mohácsi (he/him; based in Budapest). To contact him—or memoQ Zrt. in general about data protection matters—, please write to email@example.com.
III. Short summary
We will give you more details below, but we wish to point out that we will not sell personal data to anyone. We will not send personally identifiable information in e-mail to unauthorized third parties. We will do everything in our power to ensure that customer data are properly protected from unauthorized access, copying, altering, or theft.
Please read every section that might apply to you.
IV. Details about collecting, storing, and processing your information
This Privacy applies to you and we collect personal data when
- We provide products or services to you or your organization and when you register an account to use our product or service, or for a subscription.
- You or your organization use our product or services including when you upload user content, submit a query to us, report a problem with the product or services, pay for or cancel a subscription.
- You are a visitor, considering to buy products or services.
- You visit our websites and social media, search our services or products.
- We reach out for information or feedback; you send us correspondence (including via email), when you complete a questionnaire, form or survey. When we reach out for feedback, information, or ideas, we usually do it through third-party services. Depending on the service and the actual data collection form, these services will either collect feedback anonymously, or they will collect your name and e-mail address . When we collect your name and e-mail address, your feedback will be associated with your person, and we may use this to follow up with you.
- You subscribe to our publications.
- You are registering for or participating at an event. We use third-party services to provide for virtual or in-person events or e-learning courses. These events are advertised through social media, through advertising spaces in websites, or else through newsletters that we send to our customers. The information is collected by the third-party service, which acts as a processor. We receive the information from them through our account in each service.
- You watch webinars, tutorials, or read any content.
- We collect your personal information from outside sources; this may include marketing mailing lists and other public information (including public posts to social networking sites such as Linkedin and Meta) and commercially available personal, identity, geographic and demographic information.
D.2. What personal data do we collect and process?
We may directly collect the following types of personal data from you:
- e-mail address,
- organization (company) (if applicable),
- billing address if applicable,
- phone number,
- VAT or tax number if applicable,
- Payment information including credit or debit card type, card number, CVC/CVV code, card expiration date, and the name associated with the card,
- Your password assicated with our product and service,
- your purchase history, and
- content including any personal information which may be contained within user content you submit for use on our product and services,
- Profile description. The profile description is a single phrase, describing the user group or the type of organization you belong to (individual/freelancer, translation company, other company, educational institution etc.). You will be asked to choose one from several pre-defined profile descriptions.
In case of e-learning courses on academy.memoq.com (run by Thinkific) we may also collect information about the completed courses and quiz history. Furthermore, during event we may collect your responses to polls and other input if it exists.
When you visit our website; use or search for our product or service, watch webinars, tutorials, or read any content, we and our service providers will also send cookies to your browser and other technologies such as pixel tags and web beacons to automatically collect and store certain types of information (hereinafter referred as “cookies”) including but not limited to
- Internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, Google ID, time zone setting, browser plug-in types and versions, operating system, and platform.
- The geographical location of your computer or mobile device. This location data is collected for the purpose of providing you with information regarding services which we believe may be of interest to you based on your geographic location, and to improve our location-based products and services.
- Information about your visit may include the full Uniform Resource Locators (URL), clickstream to, through, and from our Services (including date and time), pages you viewed or searched for, page response times, download errors, logins, length of visits to certain pages, title selections, watch history, page interaction information (such as scrolling, clicks, and mouse-overs), the information you have viewed and methods used to browse away from the page.
Some of these cookies are necessary for the memoQ website to open. For more details, see our cookies policy at https://www.memoq.com/legal/cookies-policy.
Also, when you visit our website, you may interact with a chatbot. The chatbot may offer to collect your e-mail address. Providing the information is voluntary, and if you do not specify the e-mail address, you can still browse the website.
Nevertheless, we do not make decisions in an automated way which produces legal effects concerning you or similarly significantly affects you. We may calculate statistics from anonymous or anonymized information, and use the statistics to make decisions, but these decisions will never be made from personal data or data that can be used to identify data subjects but we will not be able to identify you during such decision-makings and they would have no legal or similarly significant effect on you. There is no profiling based on automated decision-making which produces legal effects concerning you or similarly significantly affects you.
D3. Social media widgets and applications
memoQ websites will typically include functionality to enable sharing via third party social media applications, such as the Facebook Like button. These social media applications will collect and use information regarding your use of memoQ websites (see details in our cookies policy). Any personal information that you provide via such social media applications will often be collected and used by other members of that social media application and such interactions are governed by the privacy policies of the companies that provide the application. We do not have control over, or responsibility for, those companies or their use of your information.
In addition, memoQ websites may host blogs, forums, crowd-sourcing and other platforms or services (collectively “social media features”). The purpose of social media features is to facilitate the sharing of knowledge and content. Any personal information that you provide on any memoQ social media feature will typically be shared with other users of that social media feature (unless otherwise stated at the point of collection), over whom we often have limited or no control.
D4. What is the purpose of processing the personal data?
To provide our services or products
Your personal data is being collected because you are our customer as a freelance professional, or else you represent an organization that is our customer. We use your personal data so that we can provide products and services to you or to the organization which you are working for. In addition, we may send you offers or information; we may also collect feedback from you. More specifically, this means the following:
- Checking if you are or your organization is eligible for certain product licenses, or certain services;
- Contacting you or your organization about services or changes to services and service terms;
- Billing you or your organization for paid licenses and services you purchase or subscribe to;
- Sending notices about the licenses you are or your organization is using;
- Sending expiry notices about licenses and services you are or your organization is using, as well as information about available upgrades. This includes follow-up e-mails when you are or your organization is trialling memoQ;
- Operating a chatbot to provide customer service for you or your organization;
- E-mail advertising: Sending promotion offers through mass e-mailing or through social media targeting;
- Inviting you or your organization to surveys about our products, services, or plans, for the purpose of quality assurance as well as more accurate planning;
- Market research: Collecting market information where the personal data collected from you may determine which profile group(s) you or your organization belong(s) to. Such groupswill determine the types of offers (discounts or product types) we may make to you or your organization later on. We may make these assignments by automatedmeans.
- Inviting you or your organization to provide reviews, case studies and testimonials for specific target groups.
To improve our services and products
We use the data we collect to improve our products, or else to plan or design our future products, services, or events. We do not use the data for anything else, and we do not hand these data over to third-party controllers. This purpose may cover the processing of your personal data
- To process customer product or service and maintenance requests you or your organization may make,
- To administer our product or service; and for internal operations, including bug fixes, troubleshooting, data analysis, testing, and survey purposes,
- To keep you up to date about our product and services, including notifying you or your organization about changes to our product or services,
- To keep our products and services safe and secure, including taking steps to detect and prevent fraud.
To organize events
We collect the data to run interactive events; to improve and plan future events; or in case of e-learning courses, to be able to issue certificates based on courses taken and progress achieved.
To promote our products and services
Based on the content you accessed, we may contact you with specific offers and promotions, through e-mailed newsletters.
Furthermore, we may use your personal data for measuring, understanding, and optimizing the effectiveness of advertising and to analyze our user base. We may also use this information to inform, refine, and deliver our wider online marketing campaigns.
D5. What is our legal basis to collect and process these personal data?
If you enter into an agreement with us as a person who does not represent any organization, we process your data to fulfil our contract with you—we need to perform those activities to be able to provide you with products and related services or conclude a relevant contract, i.e. the processing of your personal data is necessary to perform the contract between you and us or take steps based on your request(s) prior to entering into a contract [Article 6 (1) b) of the GDPR]. If you represent an organization, our data processing is based on our legitimate interest to perform our contract with your organization by processing your data as its contact person [Article 6 (1) f) of the GDPR].
If you provided your personal data to us as a person who does not represent any organization (and not as a business entity or the representative of a business entity) we may ask you for specific permission or consent to process some of your personal information, and we will only process your personal information in this way if you agree to us doing so. This is done through a consent box in the form where your data are collected. You can withdraw your consent for your data to be used for these activities any time and free of charge by sending a note to firstname.lastname@example.org. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
When we reach out for information or feedback as person who does not represent any organization, providing us with information or feedback is voluntary and so we collect and process these data based on your consent. If you represent a business entity, your data are collected and processed based on our (and your organization’s) legitimate business interest. Nevertheless, you may decide not to respond, and you also have the right to withdraw your response and have it removed from our systems, along with your contact details.
In certain cases, we are required to process your personal information to comply with a legal obligation, such as keeping records for tax purposes or providing information to a public body or law enforcement agency.
Furthermore, we may process personal information where it is in our legitimate interest in running a lawful business to do so to further that business, so long as it does not outweigh your interests. Examples of the ‘legitimate interests’ referred to above are:
— To offer information and/or services to individuals who visit our website or offer information about employment opportunities.
— To prevent fraud or criminal activity and to safeguard our IT systems.
— To customize individual’s online experience and improve the performance usability and effectiveness of memoQ’s online presence.
— To conduct, and to analyze, our marketing activities e.g. by using cookies.
— To meet our corporate and social responsibility obligations.
D.6. Where do the personal data come from?
Primarily, we use data that we directly collect from you or your organization. Either we collect the data in e-mail or through a conversation, or else you specify your details in a form on our website.
memoQ may also collect information from third parties we work closely with. This includes third-party platform providers, sub-contractors in communications, technical, and payment services, analytics providers, and search information providers. Some of them are connected to the cookies which may be collected when you browse our products or services and also allow us to improve our products and services. For more information, please see our cookies policy at https://www.memoq.com/legal/cookies-policy.
The memoQ.com website also contains a chatbot that may collect an e-mail address.
D.7.Who receives the personal data?
We do not collect data on behalf of other organizations, and we do not sell or otherwise hand over the data to third-party controllers. Nevertheless, we share information about you with members of our group of companies that include our subsidiaries, affiliates, and any parent company from time to time that supports our processing of personal information under this policy.
We regularly use external service providers to perform the activities listed above. Some service providers, listed in Appendix 2, may receive your information. This list is not exhaustive. It does not contain all the data processors involved in memoQ’s services and data processes; other data processors may also receive your data. However, one should bear in mind that we do not share personal information with data processors, except as necessary for our legitimate professional and business needs, to carry out services and your requests, and/or as required or permitted by law or professional standards.
D.8. Will these personal data be transferred out of the EEA or to an international organization?
When we provide services and products to you, your personal data may be transferred out of the EEA, but not to international organizations. For details about data transfers outside the EEA, see the list above. We have made every precaution so that these transfers happen without a personal data breach and remain otherwise safe.
When we ask for your feedback, the personal data collected may leave the EEA, or more precisely, they may be collected through USA-based services. We maintain data processing agreements with these providers, referring to GDPR's Standard Contractual Clauses that cover data transfers between the EEA and the USA.
We may use external service providers to organize and host the events. The platform providers may be based outside the EEA, so it is possible that your data leave the EEA or are even collected outside the EEA. We have made the necessary legal and technical precautions (see above).
For advertising purposes, we use third-party service providers to store and process your data, they may be transferred outside the EEA. We only use specific third-party service providers, and we maintain appropriate data processing agreements with all of them.
D.9. How long do we store these personal data?
We also make reasonable efforts to retain personal information only for so long i) as the information is necessary to comply with an individual’s request, ii) as necessary to comply with legal, regulatory, internal business or policy requirements, or iii) until that person asks that the information be deleted. The period for which data is retained will depend on the specific nature and circumstances under which the information was collected, however subject to the requirements of i)–iii) above, personal information will not generally be retained for more than 5 years (which is the expiry of the statute of limitation in civil law). Information may be retained longer if the processing of the data is necessary because of the initiation, enforcement or defense of any legal claims or the applicable law prescribes a longer retention period.
Billing information shall be retained longer. By Hungarian law, we must keep the billing information for 8 years after the last financial transaction with you or your organization. In most cases, this means 8 years after the last invoice was issued to you.
D.10. Detecting illegal copies of memoQ and collecting usage statistics as you use the memoQ application
- What personal data are we collecting and processing?
If you download the memoQ application, it will check your license to determine legitimate use. When it checks your license, it will send data to memoQ to detect illegal copies and to collect usage statistics. It will collect and send the following information:
- the language of Windows,
- the user interface language of the memoQ application,
- a hash of the serial number of your copy (it is enough to distinguish between two copies of memoQ but not enough to identify the user),
- the edition of your copy (4Free, Translator Pro, or Project Manager),
- your IP address (to be used to determine the country you are located; the IP address is not preserved in the database).
Based on the above data, we cannot identify you, and we do not make any attempts to, either.
- What is the purpose of collecting the personal data?
Checking your license to use memoQ, and detecting illegal copies; collecting usage statistics based on user language and country. We use these data to determine memoQ’s performance in specific geographical regions and to make decisions about languages the product is localized into.
- What is our legal basis to collect and process these personal data?
We process these data based on our legitimate interest to provide memoQ to licensed users only and to detect illegal copies. We also have a legitimate interest in learning about the usage of our product [Article 6 (1) f) of the GDPR].
- Who receives the personal data?
No third parties receive the data.
- Will these personal data be transferred out of the EEA or to an international organization?
The data will not be transferred outside the EEA or to an international organization.
- How long do we store these personal data?
We store the data as long as you have a contract (license) with us, or as long necessary to calculate statistics and provide for historical data. Generally, we store the personal data until the expiry of the civil law statute of limitation, which is 5 years counted from the event that might give rise to civil law claims (in this case, the last use of the license).
- Where do the personal data come from?
The data are collected by the memoQ application.
- Will we use automated processes to make decisions about the personal data?
We do not make decisions in an automated way that would result in legal effects that concern you or significantly affect you.
Our site and services are not intended for use by minors under the age of sixteen (16) years. memoQ does not knowingly collect, disclose, or sell the personal data of minors under 16 years of age. If you are under 16 years old, please do not provide any personal data even if prompted to do so. If you believe that you have inadvertently provided personal data, please ask your parent(s) or legal guardian(s) to notify us and we will delete your personal data.
VI. Your rights
In accordance with the rules of the GDPR, you may request
- access to personal data concerning you, i.e. information on what personal data memoQ Zrt. processes about you. You may also request a copy of this data, provided that this does not adversely affect the rights of others (right to access);
b. the correction of personal data concerning you (right to rectification);
c. the erasure of personal data concerning you (right to erasure; “right to be forgotten”);
d. the restriction of processing your personal data. In this case, the respective data will be marked and may only be processed by memoQ Zrt. for certain purposes (right to restriction);
e. to receive the personal data provided by you to use a structured, readable format and is also entitled to transfer this data to another data controller (right to data portability). The exercise of this right is subject to the condition that the data processing is based on your consent or the performance of a contract between you and us or on your request(s) to take steps prior to entering into a contract and that the data processing is automated.
You also have the right to object to the processing of your personal data in accordance with Art. 21 of the GDPR. When you object, we must stop processing your data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. Exercising this right will not incur any additional costs. However, this right may only exist if the data processing is based on the legitimate interests of the controller or a third party. If your personal data is processed for direct marketing purposes and you object against such processing, we may no longer process your personal data for those purposes.
The rights above are not of absolute nature, and they may be limited due to reasons determined in the GDPR.
If the data processing is based on your consent, you have the right to withdraw their consent at any time, free of charge, without giving any reason. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
Furthermore, you have the right to lodge a complaint with the competent data protection supervisory authority competent in their Member State of residence or alleged infringement of the GDPR. In Hungary, the competent supervisory authority is the National Authority for Data Protection and Freedom of Information (“NAIH”) of which contact details are the followings:
Address: 1055 Budapest, Falk Miksa u. 9-11.; Hungary
Mailing address: 1363 Budapest, Pf.: 9.
Phone: +36-30-683-5969, +36-30-549-6838 and +36-1-391-1400
You may find the contact details of the competent supervisory authority for EU/EEA Member States with the associated contact details at the following link:
You may initiate court proceedings in certain cases for exercising their rights. However, we recommend that a complaint is always directed to us in the first instance.
You can also contact the data protection contact person of memoQ Zrt at email@example.com.
VII. Security of personal data
Finally, we wish to point out that we make every effort to protect your personal data from data breaches or from unauthorized access, copying, or theft. To that end, we maintain an information security management system, certified against the ISO/IEC 27001:2017 standard. For more information, see our Security Policy at https://www.memoq.com/legal/security-policy.
VIII. Changes to this statement