Privacy Policy
RTQ – Real Time Qualification
Effective from: January 1, 2025 · Last updated: March 4, 2026
This notice has been prepared in accordance with the GDPR (Regulation (EU) 2016/679) and the Hungarian Act CXII of 2011. If you have any questions, please contact us at privacy@rtq.app.
1. Data Controller
| Company: | EasySkill (RTQ – Real Time Qualification) |
| Website: | rtq.app |
| Privacy contact: | privacy@rtq.app |
If you have any questions, comments or complaints regarding data processing, please contact us at the email address above.
2. Scope of Personal Data We Process
We only process data that is necessary for providing and improving the Service and for communicating with you.
Data you provide
- Data required for registration (e.g. name, email address)
- Profile data associated with your account that you fill in
- Content of inquiries sent to our customer support
- Data provided when consenting to receive newsletters and notifications
Automatically collected data
Certain technical data is automatically generated during your use of the Service. We use this data solely to ensure the proper functioning, security and improvement of the Service:
- Log data relating to the time of visit and features used
- Device and browser data (e.g. screen size, browser type)
- Session identifiers and authentication tokens
Cookies and tracking technologies
Our website uses cookies and similar technologies. Cookies are small text files stored in your browser that enable the functionality of the Service, measure its performance and improve the user experience. You can modify your cookie settings at any time through your browser settings or the cookie management panel on the site. Please note that disabling certain cookies may limit the availability of some features of the Service.
3. Purposes and Legal Bases of Processing
Each of our data processing activities is linked to an identifiable purpose and legal basis under Article 6 of the GDPR.
| Purpose of processing | Legal basis (GDPR Art. 6) | Retention period |
|---|---|---|
| Account creation and Service delivery | (b) performance of contract | Until account deletion or contract termination |
| Handling customer support inquiries | (f) legitimate interest / (b) contract | 3 years from case closure |
| Prevention and management of security incidents | (f) legitimate interest | Varies per incident, up to 5 years |
| Sending newsletters and marketing communications | (a) consent | Until consent is withdrawn |
| Fulfilling legal obligations | (c) legal obligation | As prescribed by law |
| Service improvement and performance analysis | (f) legitimate interest | In aggregated, anonymized form |
4. Data Transfers and Third Parties
We do not sell, rent or commercialize your personal data to third parties. We only transfer your personal data in the following cases:
Data processors
To provide the Service, we engage trusted data processing partners bound by contractual obligations (e.g. cloud infrastructure providers, email delivery systems). These partners may only process data for the purposes and under the conditions we define, and may not use it for their own purposes.
Authorities
We only disclose personal data to authorities when required by law or when ordered by a court or authority. Even in such cases, we only share the minimum amount of data strictly necessary.
Transfers to third countries
Where our data processors operate outside the European Economic Area, data transfers are carried out exclusively with the appropriate safeguards prescribed by Chapter V of the GDPR (e.g. Standard Contractual Clauses approved by the European Commission).
5. Data Security
To protect your data, we apply organizational and technical security measures that are appropriate to the risks of data processing and industry expectations. These measures include restricting access to data, encrypting data in transit, regular security reviews and incident management procedures.
It is important to note, however, that no method of internet transmission or electronic storage can guarantee absolute security. If we detect a data protection incident that may endanger your rights and freedoms, we will immediately notify you and the competent authority in accordance with Articles 33–34 of the GDPR.
6. Your Rights Regarding Data Processing
Under the GDPR, you are entitled to the following rights. Please send your request to privacy@rtq.app, and we will respond within 30 days.
- Right of access (GDPR Art. 15)
You have the right to receive confirmation as to whether we process your personal data, and if so, to access it and obtain information about the circumstances of processing. - Right to rectification (GDPR Art. 16)
You may request that we rectify inaccurate or incomplete personal data without undue delay. - Right to erasure – 'right to be forgotten' (GDPR Art. 17)
Under certain conditions, you may request the deletion of your personal data. This right is not absolute: it does not apply where processing is necessary for compliance with a legal obligation. - Right to restriction of processing (GDPR Art. 18)
In certain cases, you may request that we restrict processing – for example, when you contest the accuracy of data, or when you do not wish for deletion due to unlawfulness but only restricted use. - Right to data portability (GDPR Art. 20)
For automated processing based on consent or contract, you have the right to receive your data in a machine-readable format and to transmit it to another controller. - Right to object (GDPR Art. 21)
You may object at any time to processing based on legitimate interest. In the case of direct marketing, the objection is unconditionally enforceable. - Right to withdraw consent
If processing is based on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out prior to the withdrawal.
7. Handling Requests and Response Times
Please send your data protection requests to privacy@rtq.app. We will respond to incoming requests within the deadline set by the GDPR, generally within 30 days. In cases of particularly complex or numerous requests, this deadline may be extended by up to two months, of which we will inform you in advance.
Information and actions are provided free of charge as a general rule. If your request is manifestly unfounded or repetitive, we may charge a reasonable fee or refuse to act.
8. Right to Lodge a Complaint
If you believe that our data processing violates the provisions of the GDPR, you may lodge a complaint with the competent data protection authority:
| Authority: | Hungarian National Authority for Data Protection and Freedom of Information (NAIH) |
| Address: | 1055 Budapest, Falk Miksa utca 9–11., Hungary |
| Website: | www.naih.hu |
| Email: | ugyfelszolgalat@naih.hu |
You also have the right to judicial remedy, which may be exercised at the court having jurisdiction over your place of residence or stay, or at the court having jurisdiction over the seat of the data controller.
9. Protection of Children's Data
Our services are not directed at persons under the age of 16. We do not knowingly process personal data from children under 16. If we become aware that we have collected such data, we will delete it without delay. If you are a parent or guardian and believe that we are processing your child's data, please contact us at privacy@rtq.app.
10. Changes to This Policy
We reserve the right to modify this Privacy Policy from time to time, particularly in the event of legislative changes, introduction of new processing activities, or significant changes to the Service. In the event of material changes, we will prominently display a notice on our website and, for registered users, send an email notification. The amended Policy takes effect from the date of notification. We recommend that you review this Policy regularly.