top of page

Privacy Policy 

1. Purpose of this document

This Privacy Policy (hereinafter referred to as the “Policy”) sets the terms and conditions on how the data subject’s (hereinafter referred to as the “User” or “you”) personal or anonymous information is processed. Please read these terms and conditions carefully.

2. Definitions

General Data Protection Regulation or GDPR means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

NNG means NNG Software Developing and Commercial Limited Liability Company.

  • Registered office: H-1037 Budapest, Szépvölgyi út 35-37, Hungary

  • Court of registration: Budapest-Capital Regional Court (Fővárosi Törvényszék)

  • Company registration number: Cg.01-09-891838

  • Tax number: 13357845-2-44

  • Email address:

  • Website:


SheeldS means Sheelds Cyber Ltd. (formerly known as Arilou Information Security Technologies Ltd.)
SheeldS is a subsidiary of NNG and provides cyber security solutions.

User or "you" means a registered or not registered visitor of the Site.

3. Availability and updating of this document

The Data Controller reserve the right to amend this document unilaterally at any time. We suggest visiting the Site from time to time for the latest information

4. Data controller

The data provided on the Site is processed by SheeldS. The Data Controller determined the purposes and means of processing with special regard to their respective responsibilities for compliance with the obligations under the GDPR.
The provided data is accessible to the following persons: SheeldS or NNG’s employees involved in the data processing (including IT specialists performing a variety of IT tasks related to the operation and maintenance of NNG’s computer system) as part of their role within NNG in connection with performing their duties associated with the purpose of this Policy.​


5. Data processing activities

5.1 Communication with the User on the Site

5.1.2 Purpose of the data processing

The User can send messages to the Data Controllers on the Site in order to receive more information on the products offered by SheeldS by providing certain personal data listed in point

5.1.3. Scope of User’s processed personal data:

  • First and last name;

  • Email address;

  • telephone (optional);

  • company;

  • text of the message;

5.1.4. Legal basis of the data processing

The data is processed in compliance with GDPR and all relevant local laws. The legal basis of data processing is the User’s express consent given pursuant to point a) of Article 6(1) of the GDPR.

5.1.5. Duration of the data processing

  • Until the User’s request for deletion.

  • The User’s personal data will be deleted 2 years after the User’s last activity (e.g. opening a newsletter), should the Data Controllers notice that the User has not been active on the Site for at least 2 years.

​6. Consent to the provisions of this Policy

6.1. By sending communication via the Site you expressly and voluntarily give your consent to the Data Controller to process your personal data in compliance with the provisions of this Policy and rules of law on data protection.

6.2. Any personal information that you supply to the Data Controllers must be true, complete, and accurate in all respects.

7. Cookies

The Data Controller hereby inform you that if you download certain parts of the Site, small data files (hereinafter referred to as “Cookies”) will be automatically sent by the web server to your device. In certain cases, these data files may be considered as personal data. These data files are necessary for the proper operation of the Site, and are used to collect anonymous information on the User’s visits to the Site. You can control the use of Cookies by setting your browser, however, if you choose to disable Cookies, some website features or services may not function properly.

You can accept or refuse Cookies on a case-by-case basis, or refuse all Cookies by adjusting your browser settings. To find out how to do this and learn more on Cookies, please visit: If you choose to refuse all Cookies, access to some of the website's pages will be limited.


Type of Cookie: Google Analytics

  • Purpose of Cookie: The Site uses the Google Analytics tool to collect and analyze information on the User’s access to and use of the Site. We use the information to compile reports and improve the Site. The data is collected in an anonymous form, including the number of Users to the Site, where Users have come to the Site from, and the pages they visited within the Site. The collected data cannot be tracked back to the User. For further information on Google’s privacy policy, click here.

  • Cookie retention period: Google Analytics Cookies are created as soon as the User visits a website on which a valid Google Analytics tracking code is installed. The Cookies will be held on the User's device for a maximum period of 2 years from the above date. For further information, please click here.

Type of Cookie: Session

  • Purpose of Cookie: Session Cookies allow the User to be recognized within the Site, so the User will not be prompted to give the information he/she has already provided.

  • Cookie retention period: The information is saved until the end of the current session. A session means the time period during which the User is visiting the Site. After that, the collected information will no longer be available.

Type of Cookie: Persistent

  • Purpose of Cookier: Persistent Cookies remember the language settings applied by the User.

  • Cookie retention period: The Cookie is automatically deleted after 1 year.

Type of Cookie: Facebook pixel

  • Purpose of Cookier: The Facebook pixel is a code, which helps to track User’s behaviour and conversions. It enables Facebook to report the number of actions Facebook ads drive and allow Facebook to learn which of the visitors who have seen our ads are more likely to take a certain action, e.g. make a purchase, on our Site, and optimize the delivery of ads to trigger more of such actions.

  • Cookie retention period: The Cookie is held in the User's browser for a maximum period of 180 days.

Type of Cookie: Google AdWords remarketing Cookies

  • Purpose of Cookie: The Site uses these cookies to serve ads based on a User’s prior visits to the website. This allows us to make special offers and continue to market our services to those who have shown interest in our service.

  • Cookie retention period: Google AdWords remarketing Cookies are created as soon as the User visits a website on which a valid Google AdWords remarketing code is installed. The Cookies will be held on the User's device for a maximum period of 2 years from the above date.

Type of Cookie: LinkedIn Insight Tag

  • Purpose of Cookier: The LinkedIn Insight Tag creates a unique LinkedIn browser cookie on a visitor's browser and enables the collection of the following data for that cookie: metadata (such as IP address, timestamp, page events (like page views), and LinkedIn demographic information if there is an active member cookie present. Collected data is encrypted. For more information please click here.

  • Cookie retention period: This data is encrypted, then de-identified within seven days, and the de-identified data is deleted within 90 days.


8. Links

Please note that there are links on the Site that lead to other websites. Their respective data protection rules apply to the use of such external websites, therefore after you click on their link or the provided button, the Data Controllers will no longer have any influence over the collection, storage, or processing of any personal data transmitted by your click.

9. Data security

The Data Controller observe all applicable regulations regarding the security of personal data, therefore both the Data Controllers and their authorized data processor(s) implement appropriate technical and organizational measures to protect personal data, and establish adequate procedural rules to enforce the provisions of all applicable laws concerning confidentiality and the security of data processing.

10. Data processor is hosted on the platform. provides Sheelds us with the online platform that allows us to communicate its solutions. Your data may be stored through’s data storage, databases and the general applications. They store your data on secure servers behind a firewall.

11. Rights and enforcement

11.1. You may exercise your rights in respect of and against the Data Controller.

11.2. You may exercise the following rights in relation to the Data Controller's data processing activities:

  • Request information on the processing of his/her personal data;

  • Request the rectification of his/her personal data;

  • Request the deletion of his/her personal data or restriction of the processing of his/her personal data;

  • Object to the Data Proseccor's data processing;

  • Request data portability.

11.3. You are entitled to request information on data related to you and processing carried out by the Data Controller thereof, especially information as to what personal data relating to you is stored; the sources from which they were obtained; the purpose, grounds, and duration of processing; if your personal data is made available to others, the legal basis and the recipients; and any data protection incident in relation to your personal data by sending an email or mail to the email or postal address (registered office) specified in section 1. The Data Controller shall provide written information on the processing of your personal data within 1 months after receipt of the request. You may also request the correction of your personal data.

11.4. You are also entitled to request a structured, commonly used and machine-readable formatted copy of your personal data that the Data Controllers are processing subject to conditions set out in Article 20 of the GDPR.

You have the right to transmit your personal data to another controller or, where it is technically feasible, you can request the Data Controllers to transfer your personal data directly to another controller as specified in Article 20 of the GDPR.

11.5. If your personal data is inaccurate, you may request the Data Controllers to rectify such data, provided that the correct data is at the Data Controllers’ disposal.

11.6. Your personal data shall be deleted upon your request in accordance with applicable laws. Your request for data deletion may be submitted to the Data Controller by using the email or postal addresses (registered office) specified in section 1. The Data Controller shall delete all stored personal data in compliance with this Policy by obfuscating your personal data, by making it anonym in a permanent and non-reversible manner. Please be informed that your data will not be deleted if the processing thereof is required by law or other exceptions apply under applicable law.

11.7. You have the right to obtain restriction of processing from the Data Controller in the following cases:

  • you think that your processed personal data is not accurate, for a period enabling the Data Controller to verify the accuracy of your personal data;

  • the processing is unlawful and you oppose the erasure of your personal data, you are entitled to request restriction of their use instead;

  • the Data Controller no longer need your personal data for the purposes of processing, but you require the Data Controller to continue the processing for the establishment, exercise or defence of your legal claims;

  • you have objected to processing, for a period pending the verification whether the legitimate grounds of the Data Controller override those of yours.

11.8. At any time, you have the right to object to processing your personal data subject to certain conditions under applicable laws, you may separately object against processing your personal data for direct marketing purposes, including profiling. In this case, the Data Controller will no longer process your personal data unless the Data Controller demonstrate compelling legitimate grounds for the processing which override your interests, rights and data protection related freedoms or if the processing is necessary for the establishment, exercise or defence of legal claims.

11.9. You may lodge a complaint about the processing of your personal data to the National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság – NAIH; address: H-1055 Budapest, Falk Miksa utca 9-11.; postal address: 1374 Budapest, Pf. 603; phone: +36-1-391-1400; facsimile: +36-1-391-1410; email: or to the data protection authority of your home country or country of your residency.

11.10. Independently from lodging a complaint to the data protection authority, you may turn to court pursuant to the provisions set forth in the GDPR if your rights are infringed. Upon your decision, the procedure may be launched before the tribunal in whose jurisdiction you are domiciled, or you have a temporary address. Prior to initiating a legal procedure, it may be useful to discuss the complaint with the Data Controllers.

11.11. Your detailed rights and remedies are set out in Articles 15-21 of the GDPR.

12. Contacting the Data Controllers

We value your opinion. If you have any comments or questions, or wish to obtain more information on data processing from the Data Controllers, please use the Contact us menu on this Site or write to any official addresses of the Data Controllers. We will handle the submitted information confidentially. Our representative will contact you within a reasonable time.

This Policy was posted and is effective as of January 1, 2023

bottom of page