Privacy policy
1. Identification of data controller and this website
1.1. We inform you that this website
Drotar Consulting Ltd.
Tax number: 32384587-2-09
Registration number: 09-09-035510
Headquarters: 4200 Hajdúszoboszló, Fertő street 68.
Website: http://www.drotar.hu
E-mail: info @ drotar.hu
(hereinafter: Data Manager) operates.
1.2. This website:
http://www.drotar.hu
website available at
2. Provision of Hungarian law, scope of this information
2.1. The service of the above-defined Data Controller (hereinafter: Data Controller) operating the website available at the above-defined internet address (hereinafter: the website) is directed to Hungary and is provided from Hungary. According to this, Hungarian law governs the provision of the service and the Users when using the service (including data management). The data controller primarily handles user data
- CXII of 2011 on information self-determination and freedom of information. law (Infotv.),
- VI of 1998 on the promulgation of the Convention dated January 28, 1981 in Strasbourg on the protection of individuals during the machine processing of personal data. law,
- CVIII of 2001 on certain issues of electronic commercial services and services related to the information society. law (Eker. tv.)
is managed based on its provisions.
2.2. The scope of this information applies to the use of the website's interface and the data management performed during the use of the electronic services made available there.
2.3. According to this information, User: natural persons browsing the website, regardless of which service of the website they use, or natural persons who only browse the website and do not use any service.
3. Legal basis for data management
3.1. The legal basis for data management by the Data Controller is CXII of 2011 on the right to self-determination of information and freedom of information. Act (hereinafter: Infotv.), according to point a) of § 5, paragraph (1), the voluntary consent of the User.
3.2. Voluntary consent is given by the User by ticking the checkbox before the data management statement. The User can read the data management information at any time by clicking on the inscription "Data Management Information" that appears at the bottom of each page of tomorrow, or by clicking on the link marked with the text "Data Management Information" in the data management statement mentioned in this point, with which the Data Controller provides the User with clear and detailed preliminary information. By checking the box before the data management statement, the User declares that he has read the data management information and, knowing its content, consents to the processing of his data as described in this information.
3.3. Infotv. Based on Section 6 (1), we also inform you that personal data can be processed even if obtaining the consent of the data subject would be impossible or disproportionately expensive, and the processing of personal data is necessary for the purpose of fulfilling a legal obligation for the Data Controller, or the Data Controller or a third party has the right to it is necessary for the purpose of enforcing its interest, and the enforcement of this interest is proportionate to the limitation of the right to the protection of personal data.
3.4. CVIII of 2001 on certain issues of electronic commercial services and services related to the information society. Act (hereinafter: Act) 13/A. Based on §, the Data Controller also informs the User of the following.
For the purpose of providing the service, the data controller may process the personal data that is technically absolutely necessary for the provision of the service. If the other conditions are the same, the data controller must choose and in all cases operate the tools used in the provision of the service in such a way that personal data is only processed if this is absolutely necessary for the provision of the service and the fulfillment of other purposes defined in this law, however in this in this case, only to the extent and for the necessary time. (Additional rules for technically necessary data management are defined in the information on the use of cookies.)
The data controller may process data related to the use of the service for any purpose other than those specified above - in particular to increase the efficiency of its service, to deliver electronic advertising or other addressed content addressed to the user, for the purpose of market research - only with the prior determination of the purpose of data management and on the basis of the user's consent.
3.5. In addition, the legal basis for data management in the relevant cases is mandatory data management based on point b. of § 5 (1) of the referenced law. In some cases, the data controller may be obliged to carry out mandatory data processing required by law. In addition, the Data Controller is obliged to comply with any official requests, which may also involve the processing and transmission of personal data, this is also a legal obligation of the Data Controller.
4. Data management related to receiving and replying to messages
4.1. The scope of data processing: Users who send messages to the Data Controller using the messaging interface available from the "Contact" menu item of the website, or via e-mail using the e-mail address(es) indicated on the website.
4.2. Legal basis for data management: Infotv. Consent of the User based on point a) of paragraph (1) of § 5. By voluntarily providing the data requested on the messaging interface, by checking the checkbox in front of the data management statement and by voluntarily sending the message, the User consents to the voluntary sending of the e-mail in the case of a message sent by e-mail, as well as any other information indicated by the user in the message to manage your data.
Services related to this:
- sending messages on the messaging interface ("Contact" page),
- receiving a message sent by e-mail (using the e-mail address(es) indicated on the website),
- responding to messages sent to the Data Controller in the above ways, which the Data Controller fulfills, - in the case of a User's message containing a more complex request, answering the User's request over the phone.
4.3. Definition of the scope of managed data: In the case of messaging users, data management concerns the range of personal data and contact information to be filled in on the above-referenced messaging interface, as well as any additional data the User may provide in the message (including the e-mail message).
Scope of data:
- surname first name
- phone number
- e-mail address
- organization or company, business name.
Designate a separate contact for the evening:
- contact person's last name - contact person's first name
- contact person's phone number - contact person's e-mail address.
Management of the data of a person other than the User: If the User provides the data of a separate contact person (surname, first name, telephone number and e-mail address), the User must obtain the consent of the third party concerned, which the Data Controller assumes, regarding the provision of such third party data to the Data Controller when receiving the data. The Data Controller is not responsible for the consequences related to the lack of consent to the processing of such data.
With regard to the additional data that the User may provide in the message (e-mail), the Data Controller necessarily performs data management only in relation to the content of the sent message when it is received, however, the Data Controller does not ask the User to provide any personal data that may have been communicated there. When such unexpected personal data is communicated, the Data Controller does not store the unexpected personal data, but deletes it from its IT system immediately.
4.4. Purpose of data management: Enabling the User to exchange messages with the Data Manager. The purpose of managing the voluntarily provided personal data and contact information of the User visiting the website is to enable the concerned User to use the website's messaging services.
4.5. Duration of data management: The data controller manages the data until the goal is achieved. Accordingly, in the case of Users who send messages, the duration of data management lasts until the message is answered. After answering the message, the data controller deletes the data processed for this purpose. If the exchange of information takes place with several messages on related topics, the Data Manager will delete the data once the exchange of information is complete.
4.6. How the data is stored: In a separate data management list in the Data Controller's IT system, until the end of the information exchange period.
5. Data management related to ensuring the operation of information technology services
5.1. Scope of data processing: All Users who visit the website, regardless of the use of services available on the website.
5.2. Legal basis for data management: Infotv. Consent of the User based on point a) of paragraph (1) of § 5. By accepting the information and statement that pops up when browsing the website, or by continuing to browse, the user gives his voluntary consent to data management.
5.3. Definition of the scope of managed data: Information technology data management concerns the scope of data required for the operation of the "cookies" used to operate the website and the use of log files used by the web hosting provider.
Data managed to enable user-friendly browsing: - the web pages visited during the visit to the website and the order in which they were opened - the IP address of the device used by the user.
Scope of data processed to measure website visits:
- the web pages visited during the visit to the website and the order in which they are opened
- the frequency of viewing certain web pages of the website
- from which other website the User came to this website
- determination of the geographical location of the User visiting the website (based on the data of the Internet service provider, only approximate data regarding the location of the device used for browsing)
- the time you started browsing the website
- the time you leave the website (end your browsing).
- duration of website browsing.
Data processed in order to check access rights to the website: - username and password (may be stored at the User's discretion)
- User's e-mail address - IP address of the device used by the user.
5.4. Purpose of data management: The use of "cookies" and log files are necessary for the user-friendly and secure operation of the website. The purpose of the data management implemented with these is to ensure the user-friendly operation of the website for the concerned User, as well as to collect anonymous data about the use of the website.
Including:
- Identification of the user's device used for browsing, note of identification data - until the time of browsing: based on the IP address. This makes browsing smoother, because without it, the User would have to identify himself or repeat processes on each page visited.
The data required for the following purposes are recorded anonymously and cannot be linked to a person:
- Measurement of website visits, measurement of the viewing frequency of individual pages of the website and measurement of the browsing time of individual pages of the website so that the website can be adapted to meet the needs of the Users as much as possible by the Data Controller.
- Determining the location of the user (browsing device), regional mapping of the level of interest in the Data Controller's services, for the purpose of market research.
- Identification of the website from which the User came to this website in order to learn about other topics of interest to Users interested in the Data Manager's services, and to measure the effectiveness of the activity promoting the Data Manager's services for market research purposes.
Data Manager's IT system uses Google Analytics (Google Inc.) tools to measure this data.
The data controller uses the Google Maps service on the website to illustrate its availability. Google Maps also uses cookies. These cookies are also used by Google Inc. to remember the preferences and information indicated by the user when viewing pages containing Google Maps, which also means knowing anonymous data managed to measure website visits and map browsing habits.
The above anonymous data is also accessed by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA), the owner and operator of Google Analytics and Google Maps tools. Google Inc. uses the above data in addition to the aforementioned analyzes for the purpose of delivering targeted advertisements to the browser user. In doing so, Google Inc. establishes the scope of interests that can be discovered based on the browsing habits of the device used for browsing by connecting the anonymous data and the IP address of the device used for browsing, and then delivers targeted advertisements to the device in this way. Google Inc. does not have access to the additional data mentioned in this information apart from the anonymous data written in this section.
Cookies that facilitate visiting the data manager's social page and sharing and liking this website on social media (facebook button, facebook share button, facebook like button) are provided by the Facebook Inc. service, so for the anonymous data managed by these cookies, Facebook Inc. (1601 Willow Road, Menlo Park, CA 94025, USA) can also be accessed.
Through this service of Facebook Inc., you therefore have access to the range of anonymous data described above, managed to measure website visits and map browsing habits. In addition to the aforementioned analyses, Facebook Inc. also uses the above data for the purpose of delivering targeted advertisements to the browser user. In doing so, Facebook Inc. establishes the scope of interest that can be discovered based on the browsing habits of the device used for browsing by connecting the anonymous data and the IP address of the device used for browsing, and then delivers targeted advertisements to the device in this way. Apart from the anonymous data written in this point, Facebook Inc. does not have access to the additional data mentioned in this information.
The data assigned to the following purposes are recorded in a way that can be linked to the User's person:
- possible storage of username and password for easier access (according to the User's decision)
- Checking the user's access rights (username, e-mail address, password).
5.5. Duration of data management: The Data Manager manages part of the data for the duration of browsing, and stores certain data for a variable period of time, but no more than 2 years.
The data necessary to ensure the user-friendly operation of the website (IP address, order of pages visited on the website during browsing) are recorded for the duration of the browsing session (i.e. for the duration of browsing the website) and are deleted when it ends. Such data is managed by the Data Controller's IT system using its own tools, and no third party has access to it, except in the case of IT data processing (see below in the chapter entitled "Using a Data Processor").
The data required to check access rights and ensure usage rights are recorded for the duration of the browsing session (i.e. for the duration of browsing the website) and are deleted when it ends. Such data is managed by the Data Controller's IT system using its own tools, and no third party has access to it, except in the case of IT data processing (see below in the chapter entitled "Using a Data Processor").
The user name and password can be permanently stored at the User's discretion, this is stored by cookies on the User's device, and the User can arrange for their deletion in the settings of his browser, thus controlling the time of data storage.
The Data Controller's IT system records the data that is the basis for the measurement of attendance and the mapping of habits regarding the use of the website anonymously from the beginning, they cannot be linked to any person. Data Manager's IT system uses Google Analytics tools to measure this data. The Data Manager stores this data permanently, but for a maximum of 2 years, with the help of cookies, which are stored on the User's device used for browsing. The User can ensure the deletion of these cookies at any time in the settings of his browser.
Cookies (Facebook button, Facebook share button, Facebook-like button) that facilitate visiting the data controller's social media page and sharing and liking this website on social media are also accessible by Facebook Inc. Anonymous data managed by Facebook Inc. to measure website visits and to map browsing habits .'s devices are stored permanently, but with the help of cookies that work for a maximum of 2 years, which cookies are recorded on the device used by the User for browsing. The User can ensure the deletion of these cookies at any time in the settings of his browser.
5.6. How the data is stored: on separate data management lists in the Data Controller's IT system, anonymously. Data necessary to ensure the user-friendly operation of the website (IP address, sequence of pages visited on the website during browsing) are not stored. The data provider cookies are stored locally on the User's device. The log files used by the web hosting provider are stored on the server of the hosting provider.
5.7. The user can find out more about the information technology data management process and the information technology data management using the tools of Google Analytics and Facebook Inc. from the warning bar that pops up when starting to browse the website, as well as from the information available by clicking on the "information about the use of cookies" on the website, as well as the Google Analytics https ://www.google.com/intl/hu_ALL/analytics/support and Facebook Inc. https://developers.facebook.com/products. The data manager only uses the functions recommended by Google Analytics and Facebook Inc. as described above.
6. Data management related to sending newsletters
6.1. Affected by the data management: the User who subscribes to the newsletter on the website, as well as the User who consents to the sending of the newsletter personally, in writing, when concluding a contract with the Data Controller, or without concluding a contract.
6.2. Legal basis for data management: Infotv. Consent of the User based on point a) of paragraph (1) of § 5. The User gives voluntary consent during the process of online registration on the website by accepting this data management information and ticking the consent statement for subscribing to the newsletter, or by ticking the consent statement for sending the newsletter included in the written contract and signing the contract, or by filling out a separate paper-based statement and enter with your signature. With this, the User declares that he consents to the processing of his data in accordance with the provisions of the data management information and the contract/declaration, and to the sending of newsletters.
In addition to sending useful information, the newsletter service also aims to obtain direct business from the Data Controller. The User can subscribe to this service regardless of the use of other services. The use of this service is based on a voluntary decision made by the User after adequate information. If the User does not use the service described in this point, this does not result in a disadvantage for the user in terms of using the website and using its additional services. The Data Controller does not set the use of its services aimed at obtaining direct business as a condition for registration or the use of any other services.
6.3. Definition of the scope of processed data: - name
- e-mail address.
6.4. Purpose of data management: sending newsletters by the Data Controller to the User by e-mail. Sending newsletters means sending information about the Data Controller's services, news and current events, attention-grabbing offers, and advertising content.
6.5. Duration of data management: The Data Controller manages the data processed for the purpose of sending the newsletter until the User's consent is withdrawn, or until the data is deleted at the User's request.
6.6. Method of data storage: In a separate data management list in the Data Controller's IT system, as well as by attaching paper-based contracts/declarations.
7. Data management related to registration on the website
7.1. Scope of data processing: Users wishing to use the website's services by using the website's registration interface available from the "Registration" menu item.
7.2. Legal basis for data management: Infotv. Consent of the User based on point a) of paragraph (1) of § 5. By voluntarily entering the requested data in the data fields of the registration interface available from the "Registration" menu item of the website, by checking the checkbox in front of the data management statement and sending the registration ("Send registration" button), the User agrees to the processing of his/her data.
7.3. Definition of the range of processed data: It concerns the range of personal data and contact information to be filled in the data fields of the registration interface available from the website's "Registration" menu item.
Scope of data:
- surname and first name/name of organization or company - tax number
- title
- billing address
- e-mail address
- password
- phone number,
When specifying a separate contact person, the contact person:
- your last name and first name - your e-mail address
- postal address
- your phone number.
Management of the data of a person other than the User: If the User provides the data of a separate contact person (surname, first name, postal address, telephone number and e-mail address), the User must obtain the consent of the third party concerned for the provision of such third party data to the Data Controller, which Data controller assumes when receiving the data. The Data Controller is not responsible for the consequences related to the lack of consent to the processing of such data.
7.4. Purpose of data management: To enable the User to use the services provided on the website of the Data Controller.
Services related to this:
- Uploading the parameters and images of the goods the user wants to sell for the purpose of sale,
- Uploading the parameters and images of goods sought for purchase by the user for the purpose of purchase.
7.5. Duration of data management: The data controller manages the data until the goal is achieved. Accordingly, in the case of registered Users, the period of data management lasts until the User withdraws his consent, cancels his registration, or fulfills his request for the prohibition or deletion of his data.
7.6. How the data is stored: In a separate data management list in the Data Manager's IT system, for the duration of the registered status.
7.7. With regard to the data processing that may take place during the use of the Data Manager's services, and which affects the employees and customers of the User's company/company, the Data Manager is considered a data processor, so the User is responsible for the management of the data of the User's employees and customers.
8. Data management lists
8.1. List for message exchange: a list containing the data of users who send messages on the messaging interface - listed in point 4 - which contains the data of those affected by the ongoing information exchange, only for the duration of the information exchange. After the exchange of information, the data of the person concerned will be deleted from the list.
8.2. Lists related to information technology data management: anonymous lists containing data referring to the browsing habits of the Users listed in point 5, and a temporary list registering the IP addresses of the devices of the currently browsing Users during browsing, maintained exclusively in the information system of the Data Controller. In the latter list, data is processed only until the end of the browsing time. (The rest of the data is stored on the User's device, the Data Controller does not keep a list of them in its own possession.)
8.3. Newsletter list: kept with the data listed in point 6 for the purpose of sending newsletters, messages, information materials and attention-grabbing offers by e-mail. The data is managed by the Data Manager until the User's consent is revoked (unsubscribe) or the data is deleted at the User's request.
8.4. Registration list: a list containing the registration data of registered users - listed in point 7. The data will be included in this list until the registration is canceled or until the User's data management prohibiting or data deletion request is processed.
8.5. Prohibited list: a list of data that can no longer be processed for the purpose or purposes given at the request of the data subject (User). Its contents: the specific purpose or purposes for which data processing is prohibited, the definition of the range of data affected by the prohibition, the data concerned. The purpose of the prohibited list is to ensure that the data of the persons concerned on it are not repeatedly received, transferred to a third party, or added to a new contact or business acquisition list. It is not possible to ask for consent to receive mail for the direct purpose of acquiring business from those on the prohibited list, or to send advertising mail, unless the ban only applies to an individually defined purpose.
8.6. Data transfer register: The data controller keeps a data transfer register in order to check the legality of the data transfer and to inform the data subject, which contains the date of transfer of the personal data managed by it, the legal basis and recipient of the data transfer, the definition of the scope of the personal data transferred, and other data specified in the legislation requiring data management.
8.7. Data protection incident record: a record of the unlawful handling or processing of personal data and the measures taken to prevent them. It includes the scope of personal data affected by the incident, the scope and number of those affected by the data protection incident, the date, circumstances, effects of the data protection incident and the measures taken to prevent it, as well as - in the case of data processing based on legal obligations - other data specified in the law requiring data processing.
8.8. In order to achieve the data management goals, as described above, the data controller stores the data in the form of separate lists in separate databases for each data management purpose, in its IT system, as well as the data managed for the purpose of sending the newsletter by attaching paper-based contracts/statements.
9. Duration of data management
9.1. The duration of data management corresponding to individual data management purposes lasts as long as what is written above in the description of data management according to purposes. The Data Controller manages the data of the concerned User until the data management goals written above are achieved, or until the User's consent is revoked or deleted at the request of the concerned User.
9.2. Pursuant to this, the data processing lasts until the withdrawal of the consent statement, the cancellation of the registration, the unsubscription from the newsletter, or until the fulfillment of the obligation prescribed by law in the relevant cases. The user can object to data management at any time, request the termination of data management, the termination of certain methods of data management, and the deletion of data for individual purposes. In such cases, the duration of data management lasts until the request with such content is received and processed - which the Data Controller will do immediately, but within a maximum of 10 working days. The user can unsubscribe from the newsletter at any time by using the unsubscribe link in the newsletters, as well as the info @You can also send your written request to the e-mail address primorfrukt.hu, as well as the objections or requests outlined above via e-mail. A request sent by e-mail is considered authentic by the Data Controller only if it is sent from the e-mail address provided by the User to the Data Controller using the website, or when subscribing to the newsletter or specified in the written contract/declaration and registered with the Data Controller, but at the same time the use of the other e-mail address is not means ignoring the request.
10. Method of data storage
10.1. The data manager stores the data in the form of separate lists, in separate databases for each data management purpose, in its IT system, as well as the data managed for the purpose of sending the newsletter, also by attaching paper-based contracts/declarations.
11. Deleting and blocking data
11.1. The data management shall cease in all respects and the data shall be deleted within 10 working days following the receipt of the User's request in this regard, including the deletion of the already transferred data with the new data manager (provided that the deletion is not precluded by law).
11.2. Instead of deletion, the Data Controller locks the personal data if the User requests this, or if, based on the information available, it can be assumed that the deletion would harm the User's legitimate interests. Locked personal data can only be processed as long as the data management purpose that precluded the deletion of personal data exists.
11.3. Furthermore, the Data Controller deletes personal data if
- its handling is illegal,
- the processed data is incomplete or incorrect - and this condition cannot be legally remedied - provided,
that the deletion is not excluded by law,
- the purpose of data management has ceased, or the statutory period for data storage has expired,
- it was ordered by the court or the National Data Protection and Freedom of Information Authority.
12. Data transfer
12.1. The data controller only transmits data to authorities in the event of a legal obligation.
12.2. The data manager does not transfer data to third parties for business or marketing purposes.
12.3. The data controller keeps the data transmission register defined in Infotv.
13. Use of a data processor
13.1. The scope of those affected by the data processing: Users who visit the website, regardless of the use of the services provided by the website, including those persons who consented to the sending of the newsletter in a written contract concluded with the Data Controller/in a written statement given to the Data Controller.
13.2. The data processor: Data Manager uses you as a data processor.
13.3. Legal basis for data processing: the consent of the concerned User. After reading the data management information, the user voluntarily consents to the use of the data processor with the consent given to the Data Controller regarding the processing of his data.
13.4. Definition of the range of data affected by the data processing: The data processing affects all the data specified in this information.
13.5. The purpose of data processing: To ensure the operation of the website in the information technology sense for the concerned User, through data management manifested in the technical operations necessary for the operation of the website and the provision of the services provided on it.
13.6. Duration of data processing: It is the same as the duration of data management as regulated in this information.
13.7. The processing of data only means the technical operations necessary for the operation of the website.
13.8. Data is not processed for any other purpose.
13.9. The Data Processor is not interested in the business activities of the Data Controller.
13.10. The Data Controller does not use any other data processor other than the Data Processor indicated above.
14. User rights related to data management
14.1. At the User's request, the Data Controller provides information about the User's data managed by it or processed by the Data Processor commissioned by it or at its disposal, its source, the purpose, legal basis, duration of data processing, the name and address of the Data Processor and its activities related to data processing, any data protection incident that may have occurred about its circumstances, effects and the measures taken to prevent it, and - in the case of transmission of the data subject's personal data - about the legal basis and recipient of the data transmission. The Data Controller shall provide the information in writing within 25 days of the submission of the request. Completing such a request submitted for the first time for a given data area in the current year is free, in other cases it costs HUF 1,000 (except: illegal data processing, or if a request leads to correction). The User can also request the correction of his/her processed data, which the Data Controller will do without delay, but within a maximum of 25 days. The user's rights defined in this point may be limited by law.
14.2. All Users have the right to refuse or prohibit the inclusion of their name and address information and contact details in a business acquisition list, their use for direct acquisition of business - or for specific purposes defined within it, their use for sending newsletters, or their transfer to third parties, and also request the blocking of their personal data , the termination of the management of all or specific purpose lists in the possession of the Data Controller, including data transferred to third parties. The data manager must carry out the deletion within 10 working days of receiving the request, and then inform the affected User in writing within another 15 days of the fulfillment of the User's request.
14.3. The User's comments and requests can be sent by e-mail to the address info @ drotar.hu. A request sent by e-mail is considered authentic by the Data Controller only if it is sent from the e-mail address provided by the User to the Data Controller and registered there. In the case of e-mail, the date of receipt shall be considered the first working day after sending.
14.4. The Data Controller shall indicate the personal data it manages if the User disputes its correctness or accuracy, but the incorrectness or inaccuracy of the disputed personal data cannot be clearly established. The data controller notifies the affected User and all those to whom the data was previously forwarded for the purpose of data management about the correction, blocking, marking and deletion. The notification may be omitted if, in view of the purpose of the data management, this does not violate the legitimate interests of the concerned User.
14.5. The data controller deletes the personal data if the processing is illegal, the concerned User requests it, the purpose of the data processing has ceased, or the statutory period for storing the data has expired, it was ordered by the court or the data protection authority.
14.6. If the Data Controller does not comply with the relevant User's request for rectification, blocking or deletion, within 25 days of receiving the request, the Data Controller shall notify the factual and legal reasons for rejecting the request for rectification, blocking or deletion in writing. In case of rejection of the request for correction, deletion or blocking, the Data Controller informs the affected User of the judicial remedy and the Authority (National Data Protection and Information Freedom Authority 1125 Budapest, Szilágyi Erzsébet fasor 22/c., Mailing address: 1530 Budapest, Pf.: 5 ., Phone: +36 1 391 1400, Fax: +36 1 391 1410, E-mail: ugyfelszolgalat @ naih.hu) about the possibility of turning.
15. Data protection
15.1. As part of its data management and data processing activities, the data controller ensures the security of the data, takes the technical and organizational measures and establishes the procedural rules that are necessary to enforce the laws and other data and privacy protection rules. It takes appropriate measures to protect the processed data in particular against unauthorized access, change, transmission, disclosure, deletion or destruction, as well as against accidental destruction and damage, as well as against becoming inaccessible due to changes in the technology used.
15.2. In accordance with the above, it uses data management lists recorded in the form of separate, encrypted data files for each data management purpose, which can be accessed by specific employees of the Data Controller, who are responsible for data protection and responsible use in accordance with this information and the relevant legislation.
15.3. The Data Controller's IT system records the data that is the basis for the measurement of attendance and the mapping of habits regarding the use of the website anonymously from the beginning, they cannot be linked to any person.
15.4. The data is processed only in order to achieve the legal purpose defined here, to the extent necessary and proportionate, based on the relevant legislation and recommendations, with appropriate security measures.
16. Enforcement
16.1. The persons concerned exercise their rights under Act V of 2013 on the Civil Code and Act CXII of 2011 on the right to self-determination of information and freedom of information. they can exercise it in court on the basis of the law, and they can apply to the National Data Protection and Freedom of Information Authority:
National Data Protection and Freedom of Information Authority
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c. Postal address: 1530 Budapest, Pf.: 5.
Phone: +36 1 391 1400
Fax: +36 1 391 1410
E-mail: ugyfelszolgalat@ naih.hu Website: http://www.naih.hu/