Data Processing Policy, Privacy Statement
Based on the applicable provisions of the Hungarian legislation being in force, after the registration on the websites and subscription to the newsletters of the AIRPORT HOTEL BUDAPEST **** Szállodaüzemeltető Kft. (seat: 1074 Budapest, 51 Hársfa utca, 2 ground floor, registry authority: Company Registry Court of Budapest Capital Regional Court, Company Registration Number: 01-09-995833), you agree that AIRPORT HOTEL BUDAPEST **** Szállodaüzemeltető Kft. will use your data for editorial purposes, market research, direct marketing, or mail advertising, as required, subject to compliance with the regard legal requirements.
Please note that the disclosure of information is voluntary, and you have the right to request information on data management at any time and to request rectification or cancellation of data by sending a letter to AIRPORT HOTEL BUDAPEST **** Szállodaüzemeltető Kft. or an e-mail to firstname.lastname@example.org. We are not considered responsible for the accuracy of the information you have provided.
Contact customer service: address: 2220 Vecsés, 130/a Lőrinci street, phone number: +36 30 371 6903, e-mail: email@example.com
The registration number of the data management: NAIH-111668/2017.
1. DATA CONTROLLER
This Data Processing Policy and Privacy Statement (hereinafter referred to as the "Data Processing Policy") includes the data processing policy and the privacy statement in accordance with the Act CXII of 2011 (hereinafter referred to as: Info tv.) on informational self-determination and freedom of information related to the management of personal data - as defined in this Data Processing Policy - of the users (hereinafter referred to as: the User) of the websites www.vip-parkolo.hu, www.vip-parking.hu, www.vip-parkplatz.hu, www.vip-parcare.hu and other websites (hereinafter referred to as "the Website") accessible on addresses as determined there, operated by AIRPORT HOTEL BUDAPEST **** Szállodaüzemeltető Kft. (1074 Budapest, 51 Hársfa street, 2 ground floor, data protection registration number: NAIH-111668/2017; e-mail address: firstname.lastname@example.org), as data controller.
2. GENERAL PROVISIONS
The Data Controller shall use the personal data of the User based on this Data Processing Policy in accordance with Act CXII. (hereinafter referred to as: “Info.tv.” - Law CXII of 2011 on the right to self-determination as regards information and freedom of information), taking into account the information provided by the data protection authority (currently: National Authority for Data Protection and Freedom of Information, whose seat is at 1024 Budapest, 22/C Szilágyi Erzsébet fasor, website: www.naih.hu) and including the published case law. By accepting this Data Processing Policy, the User consents to the management of the data by the Data Controller in accordance with the Data Processing Policy.
Please also read the User Statement in Section 6 to understand your statements made by accepting this Data Processing Policy!
Data Controller reserves the right to unilaterally amend this Data Processing Policy, in addition to providing information to Users on the Website. The Data Controller shall publish the modified Data Processing Policy on the Website no later than the fifth (5th) day prior to the entry of the amended Data Processing Policy into force. The Data Controller may also notify the Registered Users of the Website of any changes to this Data Processing Policy not later than the fifth (5th) day prior to the entry of the amended Data Processing Policy into force. The User declares that he / she has the Internet access required to use the Website and regularly checks the Website and / or his User Account. The User agrees that he / she will consent to maintain contact through the User Account or through the contact details he provided at the registration or when using the Website by accepting this Data Processing Policy.
4. SCOPE OF USERS
The User may register (hereinafter referred to as "Registration") once on the Website in one way. Based on the information he provided during the Registration, the Registered User may use the services of the Website (hereinafter referred to as the "Services") in accordance with the conditions of use regulating the use of the Website (hereinafter referred to as the "Agreement"). Both the Registered User and the User using Unregistered Services agree to be bound by the terms of this Data Processing Policy by visiting and / or logging on to the Website for the purpose of searching for information and then he / she continues using the Website for further activities. In such a case, the term "User" also means an unregistered User visiting or using the Website.
The User registered under this Data Processing Policy may be the one who has provided the information required for Registration and has made the statements set forth in Section 6 of this Data Processing Policy (all together hereinafter referred to as the "Statements") before using the Website and is bound by the provisions of the applicable Agreement, and the terms and conditions of this Data Processing Policy.
For the validity of statements containing the consent of minor Users under the age of 16 and other, incapacitated Users subject to guardianship the consent or approval of their legal representative (usually the parent) is required, thus, to become able to use the Website, getting the consent or approval of the legal representative is a prerequisite for their successful Registration or use of the Service. Accordingly, the Data Controller shall interpret the User's Registration and the use of the Website of a minor under the age of 16 or other person with limited capacity being incapacitated due to other reasons, as they would have previously obtained the consent or approval of their legal representative to use the Services, which shall include the complete liability for the activity of the User and which shall be made available to the Data Controller at any time upon request of the Data Controller. The User with limited capacity (a minor under the age of 14 or incapacitated) may not register on the Website alone, may not make legal statements, only his / her legal representative (usually the parent) may register on the website or make legal statements on his / her behalf and the legal representative takes responsibility for the User's activities.
5. PURPOSE OF THE DATA PROCESSING POLICY
The purpose of this Data Processing Policy is to determine the scope of the User's personal data according to Clause 8 and the personal data managed by the Data Controller, the means of data processing, and to ensure the respect for the privacy of the natural person Users in accordance with Info tv and other applicable laws, data protection and data security requirements, and to prevent unauthorized access to the personal data of the User, alteration and unauthorized disclosure or use of these data.
6. USER'S STATEMENT
With the Registration, the User consents to the management of his / her personal or other data having been voluntarily provided to the Data Controller for the purpose of science, public opinion survey or market research, direct marketing, advertising newsletters and telemarketing / telesales. This consent, of course, may be withdrawn at any time on any of the contact details provided in Section 1 of this Data Processing Policy.
The User declares that the information provided during the Registration is true and does not violate the rights of any other person.
Registered Users declare that they are responsible for the User activities of other Users who use their User Account with their knowledge and shall be fully liable to the Data Controller.
Data Controller may use alphanumeric information packages, i.e. cookies with variable contents, sent by the Web Server and stored on the user's computer for a predetermined period of time. For more information about the types of cookies used by the Data Controller, their operation and how to disable them, see the section "Anonymous User ID (cookie) setting".
The User declares that he / she understands the information provided by the Data Controller and, after having become aware of it, agrees that the Data Controller will place the cookies on his / her terminal device (device) for the use of the Services for one (1) year and agrees to the management of the related data.
Of course, the User is allowed to withdraw his / her consent at any time by disabling the cookies. Please note that disabling cookies may have a technical impact on the extent to which the Data Controller may continue to perform certain Services for that particular User.
7. PURPOSE OF DATA MANAGEMENT
Management of the Users' personal data by the Data Controller is required for the purpose of accessing, providing, maintaining and protecting the Services offered on the Website, for complying with the provisions set out in the Agreement, for further development of the Services and the development of new services, for the protection of the Data Controller and the User, for supporting the Data Controller's activity related to the Services, in particular displaying content uploaded on the Website, preparing, conducting activities on the Website, the activities of the Data Controller and for related promotional purposes (sending newsletters, participating in promotional activities, offering products / services).
The Data Controller shall use the anonymised personal data of the User for statistical purposes.
8. SCOPE OF PERSONAL DATA PROCESSED
The provisions regarding the protection of the personal data of the Users apply only to natural persons, taking into consideration that the personal data can be interpreted only with respect to natural persons, therefore, this Data Processing Policy applies only to the processing of personal data of natural persons.
The Data Controller only records such personal data that are provided voluntarily by the User. By providing his / her personal data, the User consents to the inclusion of his / her personal data in the Data Controller's Database in accordance with this Data Processing Policy.
8.1. Personal data processed to identify Users
The Data Controller manages the following personal data of Users for identification purposes:
(1) User's natural identification data: surname and first name.
(2) User's email address provided during Registration.
(3) User's address and postal address.
(4) User's username and password.
(5) The User's direct telephone and fax number.
(6) Personal information provided by the User voluntarily (for example address for notification, occupation, position, interest) and other data.
(7) The Data Controller may also request other personal data of Users for certain activities (for example, the User's address or other personal information for prize competitions, promotions, the User's place and date of birth in the case of an offer for a specific age range) but the provision of these data happens on a voluntary basis, and the Data Controller shall use the personal data provided only for the purpose and activity stated and for the duration required for them. These data processing policies are also governed by this Regulation.
8.2. Processed data to gain access to Services
(1) The IP address of the User's computer,
(2) the starting and ending dates for logging in to the Website, and
(3) the type of the browser and the operating system, depending on the configuration of the User's computer,
(4) data related to the User's activity on the Website (for example, tracking the number of banner clicks).
These data are automatically logged by the system. Such information is not suitable for personal identification, and Data Controller does not link the data contained in the log file to other personal data, uses the data only for trend analysis, site usage statistics, service administration, analysis and satisfaction of User needs, which contributes to improving the quality of the Services.
8.3. Data related to Bug Reports made by the User
The Data Controller manages the following data regarding bug reports:
- the surname and forename of the applicant;
- e-mail address;
- telephone number.
8.4. Consumer Complaints
For the purpose of investigating consumer complaints, the data processed in accordance with the provisions of subsection (5) of section 17 / A. of Act CLV of 1997 on Consumer Protection (hereinafter referred to as Fgy. tv.).:
(1) the consumer's name and address;
(2) the place, time and means of lodging the complaint;
(3) a detailed description of the consumer's complaint, a list of the papers, documents and other evidence submitted by the consumer;
(4) a statement issued by the company about its position regarding the consumer's complaint in, case an immediate investigation of the complaint is possible;
(5) the signature of the person and, with the exception of any oral complaint made by telephone or other electronic communications service, the signature of the customer;
(6) place and date of the protocol;
(7) in the case of an oral complaint made by telephone or other electronic communications service, the data suitable for unique identification.
The Data Controller can commission external advertising companies to publish its advertisements. These companies may use certain data about the User's visits to these or other websites (but may not use the User's name, email address or telephone number) to provide appropriate (and interesting for the User) advertisements. If you would like to have more information about this practice and the possibility that companies should not use the information, please write to one of the contact details in section 1 of this Data Processing Policy.
The Data Controller may send notice to the email address provided by the User for the following purposes:
- sending system messages as part of the service;
- registration, the confirmation of registration and sending information related to the User Account or updating;
- service reminders;
- answers to information requested, service related information;
- promotional offers.
System messages are sent to all Users by the Data Controller and it is not possible to be unsubscribed from such notification list as they meet the elementary communication needs related to the Service to enforce Users' interests. However, the Data Controller undertakes to use such communication facilities only to the necessary extent and not to use such opportunities for marketing purposes.
The Data Controller guarantees the possibility to unsubscribe from any advertisement or promotional e-mail, in case it is sent to the User, so that the User will no longer receive it. Registration forms, order forms: on these pages the provision of personal data (depending on the type of registration, the name, name at birth, date of birth, place of birth, date, mother's name, gender, document ID, email address) is required to contact you. For the use of pay services, we may also ask for additional personal data, such as credit card number. These data are required to facilitate the performance and closure of the payment process and contractual fulfilment of the notification requirements.
Newsletter: The Data Controller also operates a newsletter service on the Website. If the User intends to receive a newsletter regarding the use of the Services and any news related to the Services, the Data Controller will only request the email address from the User for which he expects to receive the newsletter. The newsletter may include advertising offers or promotional offers. By accepting this Data Processing Policy, Users expressly consent that the Data Controller contact them through advertising newsletters on his own behalf at the contact details they have provided to receive the newsletter. Users who, at any time after ordering any newsletter service offered on the Website, decide not to receive the newsletters, can cancel the service as indicated in the newsletter and on the Website or with writing an e-mail or postal letter to the Data Controller to one of the contacts specified in Section 1 of these Terms and Conditions.
Direct Marketing: By accepting this Data Processing Policy, Users expressly consent to the Data Controller managing their personal data for their own business. Consent may be granted or withdrawn at any time during the term of the User Relationship on the Website or at the contact details specified in Section 1 of this Data Processing Policy. The Data Controller may send out information materials to Users from time to time about the news related to the Services. Users who do not wish to receive such letters may, at any time in the future, cancel this information service by sending an email to the email address listed in Section 1 of this Data Processing Policy.
Sending promotional offers, direct marketing: Depending on their consent, we may periodically send the Users newsletters about our new services, special offers, for informational purposes. For this purpose, we will manage the Users' email addresses, names and mailing addresses. If Users do not want to receive such promotional letters in the future, although previously they have not indicated their intention to do so, they may unsubscribe at the Data Controller at the contact details set forth in Section 1 of this Data Processing Policy.
Notification of the completion of registration, changes in service content: In the Services subject to registration, the new User will be sent a new welcome message to the provided email address. If we need to provide Users with information about any Service, regarding changes to the content, quality, or access to the Service, we will send an email notification to monitor and enforce User Interests, complying with the requirements of our obligations to provide information. Such service notices will be sent to all Users, and they cannot unsubscribe from such a "notification list", as it satisfies the elementary communication needs related to the Service to fulfil User Interests. However, the Data Controller undertakes to use such communication facilities only to the extent necessary and not to use such opportunities for marketing purposes.
By accepting this Data Processing Policy, the User agrees that the Data Controller will make the personal data available for the public on the Website, provided that it has been uploaded to the public, subject to the User's expressed, well-informed and voluntary consent provided in section 6 of this Data Processing Policy and his / her consent under this paragraph. In case the User consents to sharing his / her voluntarily provided data on other websites, he / she also acknowledges that other websites are bound by their own privacy policies for which the Data Controller shall not be made responsible. Based on this User consent, the Data Controller has the right to use the data having been provided as public for promotional purposes related to the Website or to the Data Controller's activities or operations.
Personal data recorded in a log file when using the Services will be stored for only statistical purposes. By accepting this Data Processing Policy, the User agrees that the Data Controller will collect anonymised statistical data required to operate the Services. The User may prohibit the use of his / her data for such purposes in accordance with section 14-15.
The User is solely responsible for the personal and other data that he / she voluntarily and purposefully has transferred to the Data Controller, whether they are his or her own or a third party's data, and for their transfer and in this respect he or she releases the Data Controller and warrants to any third party for a claim related to any such transfer or non-approval arising out of it.
Users may modify their data through the system of AIRPORT HOTEL BUDAPEST **** Szállodaüzemeltető Kft. or by using one of the contact details given in Section 1 of this Data Processing Policy.
The Data Controller may link the User Database to the customization subsystem of the Services. It is necessary to enhance the customised User Experience.
9. LEGAL BASIS AND METHOD OF DATA MANAGEMENT
The Data Controller shall process the User's personal data solely for the purposes set forth in Section 7 of this Data Processing Policy and for the period of time specified in Section 10 of this Data Processing Policy, and shall ensure that it is consistent with its purpose at all stages of the processing. By accepting this Data Processing Policy, the User hereby declares that granting his / her consent to the data management and the subsequent provision of data in all cases shall be based on the User's voluntary, well-informed and determined consent in accordance with subsection (1) of section 5 of Info tv. This voluntary, well-informed and determined consent constitutes the legal basis for the Data Controller's management of the data as set forth in this Data Processing Policy.
10. DURATION OF DATA MANAGEMENT
The duration of the data management is five (5) years from the termination of the use of the Service (in particular from the cancellation of the Registration), taking into consideration that from the termination of the Service this is the period of time when the Data Controller and a third party may have civil claims against the User, or, due to the activity of the user, against the Data Controller, thus it is ensured that the User's identity remains traceable and that the Data Controller may, if necessary, enforce any damages or other civil claims for the Data Controller or for a third party against the User.
Pursuant to a statutory obligation, the Data Controller shall keep the accounting document (including general ledger accounts, analytical and detailed records) which, directly and indirectly, confirms the bookkeeping accounts for a minimum of 8 years.
The activities of the Data Controller comply with the requirements of the ISO27001 standard defining information security management systems. Pursuant to Info tv, if the personal data have been collected with the consent of the User, the Data Controller shall manage the data for the purpose of fulfilling its legal obligation (for example, to perform a contract or the data management required to fulfil any legal obligation of the Data Controller) or for the purpose to enforce a legitimate interest of the Data Controller or a third party, if such interest is proportionate to the restriction of the right to the protection of personal data, without further additional User's consent, and after the withdrawal of the User's consent.
11. DATA SECURITY
Pursuant to its obligation under Section 7 of the Info tv., the Data Controller shall make every effort to ensure the security of your data, and shall take all necessary technical and organizational measures and create those rules of procedures which are required to comply with the provisions of Info tv and to enforce other data and privacy policies.
The activities of the Data Controller comply with the requirements of the ISO27001 standard defining information security management systems.
The so-called cloud applications are also part of the Services. Cloud applications are typically international or cross-border, they serve, for example, for data storage purposes when the data storage is not the User's computer / business computing centre but a server centre located anywhere in the world. The main advantage of cloud applications is that they provide a geographically independent, highly secure, flexibly expandable IT storage and processing capacity.
The Data Controller shall, with the utmost care, select its partners providing cloud service, and shall make every effort to enter into a contract taking into account the data security interests of the Users, their data management policies shall be transparent and regularly monitored.
Links: There may be a link placed on the Data Controller's Website directing us to other sites maintained by other service providers (including sign-in buttons, buttons for sharing facilities, logos) where the Data Controller has no influence on the personal data management practices. We would like to draw the Users' attention that clicking on such links may lead to websites operated by other service providers. In such cases, we strongly recommend to read the privacy policies that apply to the use of these pages. This Data Processing Policy applies only to the Website operated by the Data Controller. If any of the User's data is modified, deleted by the User on an external website, it will not affect the data management carried out by the Data Controller, such changes shall be carried out on the Website, as well.
12. TRANSFER OF DATA, LINKING OF DATA
The User's personal data may be transferred to third parties only with the prior and well-informed consent of the User in accordance with this Data Processing Policy and in order to comply with the Data Processor's legal obligations, upon the request of the competent authorities, and the different data managements can be linked only in the case if the conditions of data management for each and every data are fulfilled. The Data Controller shall, before fulfilling the authority's requests for data, examine in the case of each data whether there is a legal basis or obligation to transfer the data.
By accepting this Data Processing Policy, the User declares that he or she is aware of the fact that the data managed by the Data Controller will be handed over to the bodies authorized for resolution of legal disputes or persons responsible for data processing, billing, accounting, claim handling, delivery, customer service. The recipients of personal data as stated above, provide services to the Data Controller and they operate primarily in Hungary or in the European Economic Area. These persons shall handle the data in accordance with the instructions of the Data Controller and shall not use the data for any other purpose, and they are bound by the obligation of confidentiality or privacy.
The Data Controller may link the User Database to the Customization subsystem of the Services. This is required to enhance the customised User Experience.
Please also read the Data Security and Anonymous User Identification (Cookie) sections regarding data transfer!
13. ANONYMUS USER IDENTIFICATION (COOKIE) LOCATION
13.1. Placing own cookies
The anonymous User ID (cookie) is a signal sequence of unique identification and profile information stored by service providers on the User's computer. It is important to know that such a signal sequence cannot in any way identify the User but is only suitable for recognizing the User's computer. In the Internet networking world, personal information and customised service can only be provided if service providers can uniquely identify their customers' habits and needs. Anonymous authentication is used by providers to learn more about their customers' habits of using information, in order to further improve their services and, on the other hand, offer their customers customization options.
For example, cookies may be used to store the Users' preferences and settings; these can help at signing in; display customised advertisements and analyse how the website works. To achieve this, we use services to collect and track information about User activities such as relevance, recommendations, searches, openings, and the most important and frequently used features.
We use Flash cookies to tell us, for example, whether the User has ever visited our website or to help identify the features / services that may be of most interest to the User. The search and Flash cookies enhance the online experience by preserving the information most preferred by the User while visiting a particular page. Neither the search engine nor the Flash cookies can personally identify the User and the User can refuse the browser cookies through the browser settings, but without such cookies he / she will not be able to use all the features of our website.
If the User does not want to have such an identifier placed on his computer, he may configure his browser not to allow the unique identifier to be placed, but in this case the Services may not be accessed or not in the form as if the User had allowed the placement of identifiers.
The Services are used by a large number of Users in diverse software and hardware environments with different uses and areas. The development of the Services will be the best suited to the needs and possibilities of our Users if we have a comprehensive view of their usage habits and needs. However, due to the large number of our Users, besides personal inquiry and feedback, it is an effective complementary method to collect and analyse their habits and data about the environment in which the Services are run by automated means.
13.2. The placement of third party cookies
The Website uses a web analytics service called Google Analytics (hereinafter referred to as "Google Analytics), provided by Google, Inc. (hereinafter referred to as the "Google") (seat: 1600 Amphitheatre Parkway Mountain View CA 94043). Google Analytics also uses "cookies", text files placed on your computer, to help us analyse the use of the Website. The Data Controller informs the User and, by accepting this Agreement, the User expressly consents to the transmission and storage of information generated by the cookies and related to the use of the Website (including your IP address) generated by cookies on Google's servers in the United States. By using the Website, the User consents to the transmission of his or her data in the manner and for the purposes as set out above. Google will use this information to evaluate and analyse how the User is using the Website, to compile reports on activities on the Website, and to provide other services related to activities on the Website and use of the Internet. Google is responsible for the legality of the transmission and processing the data described above and for any damages or claims relating thereto. If you have any questions or requests regarding the above, please contact us at the email address specified in Section 1 of this Data Processing Policy.
The Data Controller may also use tracking IDs in its newsletter sent to the Users or in the case of other services for the purposes of developing and tracking user behaviour:
- Google Adsense,
- Google Co-op (search),
- Median Webaudit,
- Facebook (likebox, share),
- Addthis.com (share),
- Apple Inc. (meta tag).
14. USER'S RIGHTS, LEGAL ENFORCEMENT POSSIBILITIES
The User may request information on data management, and may request the rectification, blocking or cancellation of his / her personal data in case of false data. Data subjects may exercise their rights in connection with the processing of personal data by sending a notice to the email addresses provided during the Registration. The User shall send his / her request for information or cancellation by e-mail to the e-mail address provided in Section 1 of this Data Processing Policy.
The User shall request information on the management of his or her personal data on the basis of subsection a) of section 14 of the Info tv. Upon request, the Data Controller shall provide the User with information about the data it handles, the purpose, legal basis, duration of the data processing, the data processor's name, address (seat) and its data management activities, if the User's data is managed in accordance with the last paragraph of the section 7 of this Data Processing Policy, and about data processing activities, as well as about who receives or have received the data and for what purpose. The information also covers the User's rights and remedies in relation to data management. Requests for information about data management must be sent by email to the email address listed in Section 1 of this Data Processing Policy and the data subject will be answered within thirty (30) business days. This information is free of charge if the person requesting the information has not yet submitted a request for information to the Data Controller in the same year in the same area. In other cases, the Data Controller may make the request for information subject to reimbursement of costs. The information shall be provided within the period of data management specified in Section 10.
The Data Controller shall cancel the personal data if requested by the User with respect to point c) below. If personal data must be retained for any other reason in connection with a prior legal dispute or a statutory supervisory standards, or in connection with the performance of a contract still in force entered into with the User, or the data inseparably and indelibly includes personal data other than the User's (for example a picture), a requested cancellation does not necessarily mean that the recording will be completely unavailable, but that the recording can only be used for purposes excluding the purpose of cancellation. Cancellation shall be carried out free of charge by the Data Controller. The User shall notify the Data Controller of his / her request for cancellation of his / her personal data by using the menu item serving for this purpose on the Website or by e-mail at the e-mail address specified in Section 1 of these Data Processing Policy. The Data Controller shall cancel the data upon the voluntary decision and request of the User within thirty (30) days of receipt of its cancellation request. By withdrawing his / her consent to the management of personal data or by requesting the cancellation of his / her personal data, the User also waives his / her right to participate in any activity related to the Registration. Cancellation is always free of charge.
The Data Controller shall notify the data subject of the rectification and cancellation, unless failure to do so would not prejudice the data subject's legitimate interest.
Instead of cancellation, the Data Controller shall block personal data if the User requests to do so or if, based on the information available, it is likely that cancellation would harm the legitimate interests of the User. Personal data blocked in this way will be managed by the Data Controller only for as long as the purpose of data management that precludes the cancellation of the personal data exists.
The Data Controller will mark the personal data handled by him if the User disputes its correctness or accuracy, but the impropriety or inaccuracy of the disputed personal data cannot be clearly established.
If the Data Controller does not comply with the User's request for rectification, blocking or cancellation, he / she shall, within thirty (30) days of receipt of the request, provide information in writing about the reasons for rejecting the request for rectification, blocking or cancellation and inform the User of the possibility of remedies and the possibility of turning to an authority responsible for data management.
15. THE RIGHT TO OBJECT AND REMEDIES
(a) The right to object
The User or anyone whose personal data has been transferred to the Data Controller may object to the management of his or her personal data if
- the management (transfer) of personal data is necessary only for the enforcement of the rights or legitimate interests of the Data Controller or the data recipient, unless the data management is authorized or ordered by law;
- the exercise of the right to object is otherwise permitted by law.
With the simultaneous suspension of the data management, the Data Controller shall investigate the objection within a maximum of fifteen (15) days from the submission of the application and shall inform the applicant in writing of the result thereof. If the objection is justified, the Data Controller shall terminate the data management and block the data. The Data Controller is obliged to inform anyone to whom he had transferred the personal data related to the objection and who must take steps to enforce the right to object about the fact of the objection and the measures having been taken based on it.
If the User disagrees with the decision of the Data Controller that he had made based on the objection, or the Data Controller fails to comply with the deadline set for the decision, he or she may appeal to the court within thirty (30) days from the announcement of the decision or the last day of the deadline.
(b) Enforcement of rights
The User can enforce his rights in accordance with the Info tv and the Civil Code (hereinafter: Ptk). In case of violating the User's rights, the User may apply to the court or to the data protection authority indicated in Section 2 of this Data Processing Policy. Anyone may file an inquiry with the Data Protection Authority, stating that there has been an impairment of a right related to the management of personal data or there is an imminent danger of it. Regarding the lawsuit, the court has jurisdiction where the Data Controller's principal place of business is located. At the choice of the data subject, the lawsuit may also be brought before the court in the place where the data subject is domiciled. The enforcement practices and the detailed statutory provisions governing the Data Controller's obligations are contained in Info tv. and the Ptk., Hungarian law shall prevail.
The data of the persons with restricted legal capacity having provided to access the Website may be reviewed by their legal representative upon sending a written request to the Data Controller and may exercise his / her right in relation to data management of Users, provided that they have been credibly verified as legal representatives. The data protection rights of incapacitated Users shall be exercised by their legal representatives and the obligations shall be fulfilled by them.
16. ADDITIONAL WARRANTY PROTECTING THE DATA SUBJECT
All Users have the right to
- become aware of the automated personal data file, its main purposes and the identity and usual domicile or place of residence of the person managing the data file;
- be informed, at reasonable intervals and without excessive delay or expense, if his / her personal data is stored in an automated data file and to be informed about such data in a manner that is understandable.
17. THE PERSON APPOINTED AT THE DATA CONTROLLER, RESPONSIBLE FOR DATA PROTECTION
The person responsible for data protection and appointed at the Data Controller shall provide assistance to the User in making data-related decisions and assuring the rights of data subject, by sending an e-mail to the e-mail address provided in Section 1 of this Data Processing Policy.
The User acknowledges and consents that any member of the group of companies of which the Data Controller is a member, through directly or indirectly, up to at least a 50% shareholding, or is the acquirer of all or a significant portion of the Data Controller's assets, is considered the beneficiary / recipient of the Data Controller, regarding the rights and obligations provided in this Data Processing Policy. Such businesses have the right to enforce directly or refer to any provision of this Data Processing Policy that involves any advantage or right for them. The User is not entitled to transfer or assign any of its rights and obligations to any third party under this Data Processing Policy.
18th January 2017