1. Purpose of this privacy statement
The contents of this data management prospectus are recognized as binding on Balatonföldvár Cultural Service and Maintainer Nonprofit Ltd. (hereinafter, service provider, data controller) as data controller. It undertakes that all data processing related to its activities shall comply with the requirements set out in these regulations and in the applicable national legislation, as well as in the legal acts of the European Union. The data protection policies related to the data controller’s data management are constantly available at www.balatonfoldvarikilato.hu/en/privacy-policy The data controller reserves the right to change this information at any time. Of course, you will notify your audience in good time of any changes. If you have any questions regarding this post, please write to us and our colleague will answer your question. The data controller is committed to the protection of the personal data of its customers and partners, and it is of the utmost importance to respect the right of its customers to self-determination of information. The data controller treats personal data confidentially and takes all security, technical and organizational measures that guarantee the security of the data. Balatonföldvár Cultural Service and Maintainer Nonprofit Ltd. describes its data management practices below.
2. Data controller information
If you contact us, you can contact the data controller at +36 84 553 088 and at info@bknkft.hu . The data controller will delete all e-mails received together with the personal data provided no later than 1 year after the disclosure.
Name: Balatonföldvár Cultural Service and Maintenance Public Nonprofit Ltd.
Headquarters: 8623 Balatonföldvár, Petőfi S. utca 1.
Tax number: 24840752-2-14
Phone number: +36 84 553 088
Email: info@bknkft.hu
2.1 Data Protection Officer
Name: Kiss Tibor
Phone number: +36 84 553 088
3. Scope of personal information processed
3.1 Personal information to provide when contacting us
-
- Name – required to stay in touch
- Email address – to stay in touch
- Phone number – required to stay in touch
3.2 Technical Data
The data controller selects and operates the IT tools used to manage personal data during the provision of the service in such a way that the processed data:
- accessible to those eligible (availability);
- Authenticity and authentication are guaranteed (data management authenticity);
- Unchangeable (data integrity);
- Protected against unauthorized access (data confidentiality)
The controller shall take appropriate measures to protect the data against unauthorized access, alteration, transmission, disclosure, deletion or destruction and accidental destruction. The data controller shall ensure that the security of data processing is protected by technical, organizational and organizational measures that provide a level of protection appropriate to the risks associated with the data processing. The data controller retains it during data management
- Privacy: Protects information so that only those who have access to it can access it.
- Integrity: protects the accuracy and completeness of the information and the method of processing;
- Availability: Ensures that when an authorized user needs it, they can actually access the information they need and have the tools to do so.
3.3 Cookies
3.3.1 The role of cookies
- Collect information about visitors and their devices;
- Notes visitor custom settings that may be used when using online transactions so they don’t have to be re-typed;
- make the website easier to use;
- Provide a quality user experience.
In order to provide customized service, a small data packet, called places a cookie and reads it back at a later visit. If the browser returns a previously saved cookie, the cookie service provider has the option to link the user’s current visit to the previous ones, but only for their own content.
3.3.2 Absolutely necessary, session cookies
The purpose of these cookies is to allow visitors to fully and seamlessly browse the data controller’s website, use its functions and the services available there. These types of cookies last until the end of the session (browsing), and when you close the browser, these types of cookies are automatically deleted from your computer or other device used for browsing.
3.3.3 Third Party Cookies (Analytics)
The data manager also uses Google Analytics as a third party cookie on its website. Using Google Analytics for statistical purposes, the data controller collects information about how visitors use the web pages. Use the data to improve the website and improve the user experience. These cookies also remain on the visitor’s computer or other browsing device, its browser, or until the visitor deletes them until they expire.
3.4 Online Order Details
Our website does not offer online ordering, so we do not ask for information when ordering online.
3.5 Data for online administration
There is no online administration on our website, so we do not ask for information when we conduct online administration.
3.6 Newsletter Information
Newsletter delivery is not available on our website, so we do not record information when you sign up for a newsletter.
4. Intended use and retention period of the data processed
When we use our website, we only store contact information that we store for the duration of the connection.
5. Purpose, method and legal basis of data processing
5.1 General Privacy Guidelines
The data management of the data controller’s activity is based on voluntary consent and legal authorization. In the case of data processing based on voluntary consent, data subjects may withdraw their consent at any stage of the data processing. In some cases, the handling, storage and transmission of a set of provided data is required by law, of which we will notify our customers separately. The attention of informants to the data controller is drawn to the fact that if they do not provide their own personal data, the informant is obliged to obtain the consent of the data subject. Its data management principles are in line with existing data protection legislation, in particular:
- Annual CXII. Act on the Right to Self-Determination of Information and Freedom of Information (Infotv.);
- Regulation (EU) 2016/679 of the European Parliament and of the Council of April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46 (General Data Protection Regulation, GDPR);
- Act V of the year – on the Civil Code (Ptk.);
- Annual Act C – on Accounting (Accounting Act);
- LIII. Act on the Prevention and Suppression of Money Laundering and Terrorist Financing (Pmt.);
- Annual CCXXXVII. Act on Credit Institutions and Financial Undertakings (Hpt.).
6. Physical storage locations for data
Your personal data (ie data that can be contacted with you) may be processed in our way as follows: on the other hand, you may also provide your name, contact information or other details if you wish to contact us personally while using the Website. Data to be technically recorded during the operation of the system: the data of the computer of the relevant registrant, which is generated during the voting and which is recorded by the data management system as an automatic result of the technical processes. The data that is automatically recorded is automatically logged at entry and exit without a separate statement or action by the data subject. This data may not be linked to other personal user data, except as required by law. Only the data controller has access to the data.
7. Data transfer, data processing, circle of data learners
We will not pass on to third parties any personal information we hold in connection with your use of our website, nor will they gain access to the information stored on it.
8. Rights and Enforcement Options
The data subject may request information on the processing of his / her personal data, as well as request the correction or deletion or revocation of his / her personal data, exercise his / her right to carry data and protest in the manner indicated at the time of data collection or at the above-mentioned contact details of the data controller.
8.1 Right to Information
The controller shall take appropriate measures to provide data subjects with all information concerning the processing of personal data referred to in Articles 13 and 14 of the GDPR and Articles 15 to 22. and Article 34 shall be provided in a concise, transparent, comprehensible and easily accessible form, in a clear and comprehensible manner.
8.2 Right of access of the data subject
The data subject has the right to receive feedback from the data controller as to whether the processing of his or her personal data is in progress and, if such data processing is in progress, he or she has the right to access the personal data and the following information: purposes of data processing; the categories of personal data concerned; the recipients or categories of recipients to whom the personal data have been or will be communicated, including in particular third country recipients or international organizations; the intended period for which the personal data will be stored; the right to rectify, erase or restrict data processing and to protest; the right to lodge a complaint with the supervisory authority; information on data sources; the fact of automated decision-making, including profiling, and comprehensible information on the logic used and the significance of such data processing for the data subject. The controller shall provide the information no later than one month after the submission of the request.
8.3 Right of Correction
The data subject may request the correction of inaccurate personal data processed by him / her and the addition of incomplete data.
8.4 Right of cancellation
The data subject shall have the right, at the request of the controller, to delete personal data concerning him or her without undue delay if any of the following reasons exist:
- Personal data is no longer required for the purpose for which it was collected or otherwise processed;
- the data subject withdraws his or her consent to the processing and there is no other legal basis for the processing;
- the data subject objects to the processing and there is no overriding legitimate reason for the processing;
- Personal information has been processed unlawfully;
- personal data must be deleted in order to comply with a legal obligation imposed on the controller by applicable EU or Member State law;
- Personal data was collected in connection with the provision of information society services
Deletion of data may not be initiated if the processing is necessary: for the purpose of exercising the right to freedom of expression and information; for the purpose of fulfilling an obligation under Union or Member State law governing the processing of personal data or performing a task carried out in the public interest or in the exercise of official authority vested in the controller; in the field of public health or for archival, scientific and historical research or statistical purposes, in the public interest; or to bring, assert or defend legal claims.
8.5 Right to Restrict Privacy
At the request of the data subject, the controller shall restrict the processing if one of the following conditions is met:
- the data subject disputes the accuracy of the personal data, in which case the restriction shall apply for a period which allows the accuracy of the personal data to be verified;
- the processing is unlawful and the data subject opposes the deletion of the data and instead requests that their use be restricted;
- the data controller no longer needs the personal data for the purpose of processing the data, but the data subject requests it in order to make, enforce or protect legal claims; or
- the data subject has objected to the processing; in this case, the restriction shall apply for as long as it is established that the legitimate reasons of the controller take precedence over the legitimate reasons of the data subject
Where processing is restricted, personal data other than storage may be processed only with the consent of the data subject or for the purpose of making, asserting or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State.
8.6 Right to Carry Data
The data subject shall have the right to obtain the personal data concerning him or her made available to the controller in a structured, widely used machine-readable format and to transmit such data to another controller.
8.7 Right to Protest
The data subject shall have the right to object at any time, for reasons relating to his or her situation, to the processing of his or her personal data in the public interest or in the exercise of a public authority, or to profiling based on those provisions. is. In the event of an objection, the controller may not further process the personal data, unless justified by compelling legitimate reasons which take precedence over the interests, rights and freedoms of the data subject or which relate to the submission, enforcement or protection of legal claims.
8.8 Automated decision making in individual cases, including profiling
The data subject shall have the right not to be covered by a decision based solely on automated data processing, including profiling, which would have a legal effect on him or her or a significant effect on him or her.
8.9 Right of Withdrawal
The data subject has the right to withdraw his or her consent at any time.
8.10 Right to go to court
If the data subject’s rights are violated, he or she may take legal action against the data controller. The court is acting out of turn in the case.
8.11 Data Protection Authority Procedure
Complaints can be lodged with the National Data Protection and Freedom of Information Authority: Name: National Data Protection and Freedom of Information Authority Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22 / C. Mailing address: 1530 Budapest, Pf .: 5. Phone: 0613911400 Fax: 0613911410 E-mail: ugyfelszolgalat@naih.hu Website: http://www.naih.hu
9. Other provisions
We provide information on data processing not listed in the contents of this data management information when collecting the data. We inform our clients that the court, the prosecutor, the investigating authority, the infringement authority, the administrative authority, the National Data Protection and Freedom of Information Authority, the Magyar Nemzeti Bank, or other bodies may provide information, disclose data, transfer documents or documents they may contact the controller to make it available. The controller shall provide personal data to the authorities only if and to the extent strictly necessary for the purpose of the request, provided that the authority has indicated the precise purpose and scope of the data.