Data Controller (Service Provider)
Name of Service Provider: Gábor Varga E.V.
Registered Office: 6000 Kecskemét, Kőhíd Street 22.
Site: 6000 Kecskemét, Kőhíd Street 22.
Postal Address: 6000 Kecskemét, Kőhíd Street 22.
Registration Number: 53628349
Tax Number: 69748202-1-23
Email Address: gaborautomentes@gmail.com
Website: gaborautomentes.hu
Phone Number: +36 70 291 33 91
Name of Hosting Provider: OneWeb Ltd.
Address of Hosting Provider: 2800 Tatabánya, Komáromi Street 64.
- Principles of Data Management; Data Security
1.1. The Service Provider, as a Data Controller, undertakes to handle personal data obtained during its activities in accordance with current legal provisions – as specified in the data protection information.
The Data Controller processes personal data exclusively for specific purposes, in the interest of exercising rights and fulfilling obligations.
Data processing and recording – at all stages of data management – comply with the requirements of fairness and legality.
The Data Controller only processes personal data that is indispensable for achieving the purpose of data management and is suitable for this purpose. The Data Controller processes personal data only to the extent and for the duration necessary for achieving the purpose.
The Data Controller ensures at all stages of data management that the data subject can always learn which types of data are processed by the Data Controller for which data management purposes, and can prohibit data management at any time – except for mandatory data management.
The purpose of data management and the scope of processed data are included in point 2./ of this Data Protection Information.
This data protection information is in accordance with and consistent with the following laws:
• Act CVIII of 2001 on certain aspects of electronic commerce services and information society services
• Act CXII of 2011 on the right of informational self-determination and on freedom of information
1.2. The Data Controller plans and executes data management operations in a way that ensures the protection of private life of the affected parties.
The Data Controller ensures the security of data and implements the technical and organizational measures and procedural rules necessary to enforce Act CXII of 2011 and other data and secrecy protection regulations.
The Data Controller takes appropriate measures to protect data from unauthorized access, alteration, transmission, public disclosure, or deletion or destruction, as well as from accidental destruction, damage, and becoming inaccessible due to changes in the applied technology.
- Legal basis for data management; Purpose; Processed data
2.1. Personal data can be processed if the data subject consents to it, or if it is mandated by law or – within the scope defined by law based on its authorization – by a local government decree for a public interest purpose.
2.2. The consent of a minor data subject who has reached the age of 16 does not require the consent or subsequent approval of their legal representative.
2.3. In the case of registration on the website and sending newsletters, data processing is based on the voluntary consent of the data subject – provided with appropriate information. The data subject gives their consent to the Data Controller prior to registration by clicking an “X” in a small square appearing next to the Data Protection Information during registration. The Data Controller can read and become familiar with the contents of the current Data Protection Information in detail before giving consent. The data subject accepts the content of the Data Protection Information by giving the aforementioned consent.
This Data Protection Information is continuously accessible in the footer of the website.
In case the User wishes to receive a newsletter, they can consent to this during and/or after registration on the website by clicking an “X” in a small square next to “Subscribe to newsletter.”
2.4. The Data Controller processes the following data:
In case of registration: the data subject’s name (surname, first name); email address; county and city; reference to having reached the age of 16.
In case of sending a newsletter: the data subject’s name (surname, first name); email address; county and city
2.5. Objectives of data processing: Registration on the website (first objective) and sending of the newsletter (second objective)
Legal basis for data processing: voluntary consent of the data subject
Duration of data processing:
In case of registration: Until the deletion of the user account – initiated by the user
In case of sending a newsletter: Until the day of unsubscribing from the newsletter
2.6. Persons authorized for data processing and data processing: The current managing director of the service provider and its employees. Only the current managing director and employees are acquainted with the processed data.
2.7. The Data Controller does not transfer data related to the use of the service to third parties. The Data Controller does not transmit the processed data to data controllers or data processors in third countries.
2.8. The Data Controller reserves the right – and also has the obligation – to unilaterally modify this data protection information in order to always comply with current legal requirements.
- Rights of the data subject
3.1. The data subject may request information from the Data Controller about the processing of their personal data. Upon the request of the data subject, the Data Controller provides information about the data processed or processed by it, the purpose of data processing, its legal basis, duration, the name and address of the data processor, and the activities related to data processing.
Upon the request of the data subject, the Data Controller provides the requested information in writing – within the shortest possible time from the submission of the request, but no later than within 25 days.
3.2. The data subject may request the Data Controller to correct their personal data.
If the personal data does not correspond to reality, and the personal data corresponding to reality is available to the Data Controller, the Data Controller corrects the personal data.
3.3. The data subject may request the Data Controller to delete or block their personal data.
Personal data must be deleted,
• if its processing is unlawful;
• if requested by the data subject;
• if it is incomplete or incorrect
• if the purpose of data processing has ceased, or the storage deadline for the data has expired;
• if ordered by the court or the Authority.
The Data Controller can only refuse the data subject’s request to delete their data in cases of mandatory data processing (e.g., invoice retention obligation under the Accounting Act).
Instead of deletion, the Data Controller blocks the personal data if requested by the data subject, or if based on the available information, it can be assumed that deletion would violate the legitimate interests of the data subject. Personal data thus blocked can only be processed as long as the data processing purpose that excluded the deletion of personal data exists. If the Data Controller does not fulfill the data subject’s request for correction, blocking, or deletion, it shall communicate the factual and legal reasons for refusing the request for correction, blocking, or deletion in writing or electronically with the consent of the data subject within 25 days of receiving the request. In case of refusal of the request for correction, deletion, or blocking, the Data Controller informs the data subject about the possibility of legal redress and turning to the Authority.
- Legal enforcement in court; compensation; damages
4.1. In case of violation of their rights, the data subject may turn to the court against the Data Controller.
If the Data Controller causes damage to others with the unlawful processing of the data subject’s data or by violating the requirements of data security, it is obliged to compensate for it.
If the Data Controller violates the personal rights of the data subject with the unlawful processing of their data or by violating the requirements of data security, the data subject may demand compensation from the Data Controller.
4.2. Anyone can initiate an investigation with the National Data Protection and Freedom of Information Authority (NAIH) by claiming that a legal violation occurred in connection with the processing of personal data, or there is an immediate danger of it.
Contact details of NAIH:
Postal address: 1363 Budapest, Pf.: 9.
Headquarters: 1055 Budapest, Falk Miksa Street 9-11.
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
Email: ugyfelszolgalat@naih.hu
URL: http://naih.hu
- Terms used in this Privacy Notice
Data Subject: any identified or identifiable natural person based on personal data – directly or indirectly
Personal Data: any data that can be linked to the data subject – especially the name of the data subject, identification mark, and one or more physical, physiological, mental, economic, cultural, or social identity-specific knowledge – as well as conclusions drawn from the data about the data subject;
Consent: the voluntary and explicit expression of the data subject’s will, based on adequate information, by which they give their unambiguous agreement to the processing of their personal data – whether it is comprehensive or limited to certain operations
Objection: the statement of the data subject, by which they object to the processing of their personal data, and request the termination of data processing or the deletion of the processed data
Data Controller: a natural or legal person, or an organization without legal personality, who or which, alone or jointly with others, determines the purposes of data processing, makes decisions regarding data processing (including the tools used), and executes them or has them executed by a data processor
Data Processing: any operation or set of operations performed on the data, irrespective of the procedure applied, such as collection, recording, organization, structuring, storage, alteration, use, retrieval, transmission, disclosure, alignment or combination, blocking, erasure, and destruction, as well as preventing the further use of the data, taking photographs, sound or image recordings, and recording physical characteristics suitable for identifying the person (e.g., fingerprint or palm print, DNA sample, iris image);
Data Transmission: making the data accessible to a specified third party;
Data Erasure: making the data unrecognizable in a way that its restoration is no longer possible;
Data Blocking: marking the data with an identifying sign to limit its processing definitively or for a specified period;
Data Destruction: the complete physical destruction of the data carrier containing the data
Data Processing: the performance of technical tasks related to data processing operations, regardless of the method and device used for the execution of the operations, and the location of the application, provided that the technical task is performed on the data
Data Processor: a natural or legal person, or an organization without legal personality, who or which performs data processing on the basis of a contract – including a contract pursuant to legal provisions
Data File: the totality of data managed in one register
Third Party: a natural or legal person, or an organization without legal personality, who or which is not the same as the data subject, data controller, or data processor.
EEA State: a Member State of the European Union and another state party to the Agreement on the European Economic Area, as well as a state whose citizens enjoy the same legal status as citizens of a state party to the Agreement on the European Economic Area under an international treaty between the European Union and its Member States, and a non-party state to the Agreement on the European Economic Area
Third Country: any state that is not an EEA State.
If you have any questions regarding our data processing, please contact us. Our contact details:
Service Provider’s Name: Varga Gábor E.V.
Registered Office: 6000 Kecskemét, Kőhíd Street 22.
Email Address: gaborautomentes@gmail.com
Website: gaborautomentes.hu
Telephone Number: +36 70 291 33 91
Cookie decision modification: [cookies_revoke]