Privacy Policy

This document contains information related to the data management activities of the Üzleti ErtékMegörző Közhaznú Foundation (hereinafter: Data Controller) for registration for events, donations, when sending out newsletters sent by the Data Controller, and during contact with its partners.

The information on data management was prepared in accordance with the rules of the General Data Protection Regulation No. 2016/679 (hereinafter: the Regulation).

Our contact details:
Address: 1038 Budapest, Ibolya u. 11.
E-mail address: jozsef_toth@t-online.hu

The scope of the managed data, the legal basis and purpose of the data management, and the duration of the data management

1.1. Event registration _ Description of the scope of data management, purpose of data management The Data Controller may link participation in events organized by it to registration, during which the Data Subjects provide personal data along with their application. The purpose of the data management is to conduct the event properly, to prepare for insurance measures, to maintain proper contact with the applicants, and to inform the stakeholders.
For these purposes, the Data Controller treats the Data Subject's name, email address and telephone number as personal data.

Legal basis for data management
The legal basis for data management is the legitimate interest of the Data Controller according to Article 6 (1) point f) of the Regulation.

Duration of data management
Data management lasts until the end of the orderly conduct of the given event.

Data processors
When handling the data, we use as a data processor:
Üzleti ErtékMegörző Közhaznú Foundation
server operator: SmartMBSE Rendszermérnök Ltd.
1024 Budapest, Rómer Flóris u. 4., Hungary
Reg No: 01-09-193747
TAX No: 24997610-2-41

Tárhely.Eu Szolgáltató Kft.
1144 Budapest, Ormánság u. 4. X./241., Hungary
Reg.No: 01-09-909968
Tax No: 14571332-2-42

1.2. Fundraising - Description of the scope of data management, purpose of data management
The Data Controller collects donations for the benefit of the Foundation, and in case of cooperation, also for other organizations (so that the Data Controller does not forward personal data), during which it is necessary to manage the donors' personal data.

For these purposes, the Data Controller treats the Data Subject's name, the amount of the donation, and the company name of the company indicated in relation to the Data Subject as personal data.

Legal basis for data management
The legal basis for data management is Article 6 (1) point c) of the Regulation, since data management is necessary for the performance of a contract (Gift) in which the Data Subject is one of the parties.

Duration of data management
The duration of data management is adjusted to the relevant legal regulations: the effective Civil Code. 6:22 a.m. §, the general statute of limitations is 5 years, and based on § 169 (1) of the Accounting Act C of 2000, the obligation to retain the receipt is 8 years.

Data processors
When handling the data, we use as a data processor: • server operator: Üzleti ErtékMegörző Közhaznú Foundation 1.3. Description of the scope of data management, purpose of data management The Data Controller sends e-mails related to events, events, and newsletters related to the operation of the Foundation to the Data Subjects who subscribe to it. The data controller can send letters under several "event brands", the data management information applies to all letters sent under "event brands". For these purposes, the Data Controller treats the Data Subject's name and email address as personal data.

Legal basis for data management
The legal basis for data management is the voluntarily given consent of the subscriber, which can be given on the website, according to Article 6 (1) point a) of the Regulation. The consent applies to all emails sent by the Data Controller under the "event brand".

Duration of data management
Data management takes place until unsubscription or withdrawal of consent in another way.

Data processors
When handling the data, we use as a data processor:

  • server operator: Üzleti ErtékMegörző Közhaznú Foundation

Your rights in relation to data management
Within the period of data management, you are entitled to the following rights according to the provisions of the Regulation:
  • access to personal data and information related to data management,
  • right to rectification,
  • restriction of data management,
  • right to erasure,
  • right to portability,
  • right to protest,
  • the right to withdraw consent - where data processing is based on the Data Subject's consent.

If you wish to exercise your rights, it involves your identification, and we must necessarily communicate with you. Therefore, it will be necessary to provide personal data for identification purposes (but the identification can only be based on data that we manage about you anyway), and your complaints about data management will be available in our email account within the period specified in this information regarding complaints. Complaints related to data management will be answered within 30 days at the latest.

The right to withdraw consent
You have the right to withdraw your consent to data management at any time, in which case the data provided will be deleted from our systems.

Access to personal data and information
You have the right to receive feedback on whether your personal data is being processed, and if it is being processed, you are entitled to:
  • get access to the managed personal data and
  • inform you of the following information: o the purposes of data management;
    • categories of personal data processed about you;
    • information about the recipients or categories of recipients to whom or to whom the personal data have been disclosed or will be disclosed;
    • the planned period of storage of personal data, or if this is not possible, the criteria for determining this period;
    • your right to request the correction, deletion or restriction of processing of your personal data and, in case of data processing based on a legitimate interest, to object to the processing of such personal data;
    • the right to submit a complaint to the supervisory authority;
    • if the data was not collected from you, all available information about its source;
    • about the fact of automated decision-making (if such a procedure is used), including profiling, as well as, at least in these cases, comprehensible information about the logic used and the significance of such data management and the expected consequences for you.
The purpose of exercising the right may be aimed at establishing and checking the legality of data management, therefore, in case of multiple requests for information, we may charge a fair fee in exchange for providing the information. Access to personal data is ensured by sending the processed personal data and information to you by e-mail after your identification. Please indicate in your request that you are requesting access to personal data or information related to data management.

Right to rectification
You are entitled to have inaccurate personal data about you corrected without delay upon your request.

Right to restriction of data processing
You have the right to restrict data processing at your request if one of the following is true:
  • You dispute the accuracy of the personal data, in which case the limitation applies to the period that allows us to verify the accuracy of the personal data, if the verification is not necessary, then no limitation is applied;
  • the data processing is illegal and you object to the deletion of the data and instead request the restriction of its use;
  • we no longer need the personal data for the purpose of the indicated data management, but you require them to submit, enforce or defend legal claims; obsession
  • You have objected to data processing, but our legitimate interest may also be the basis for data processing, in this case until it is established whether our legitimate reasons take precedence over your legitimate reasons, data management must be limited.


If data management is subject to restrictions, such personal data may only be processed with your consent, with the exception of storage, or to submit, enforce or defend legal claims, or to protect the rights of another natural or legal person, or in the important public interest of the Union or a member state.

We will inform you in advance (at least 3 working days prior to the lifting of the restriction) about the lifting of the restriction on data management.

Right to erasure - right to be forgotten
You have the right to have your personal data deleted without undue delay if one of the following reasons applies:
  • the personal data are no longer needed for the purpose for which they were collected or processed;
  • You withdraw your consent and there is no other legal basis for data processing;
  • You object to data processing based on legitimate interest, and there is no overriding legitimate reason (i.e. legitimate interest) for data processing,
  • personal data were handled illegally and this was established based on the complaint,
  • personal data must be deleted in order to fulfill the legal obligation prescribed by EU or member state law applicable to us.

If, for any legitimate reason, we have made public the personal data processed about you, and we are obliged to delete it for any of the above-mentioned reasons, we will take reasonable steps, including technical measures, taking into account the available technology and the costs of implementation, in order to inform the other parties handling the data. data controllers that you have requested the deletion of the links to the personal data in question or the copy or duplicate of this personal data.
As a general rule, we do not disclose your personal data. Deletion does not apply if data management is necessary:
  • for the purpose of exercising the right to freedom of expression and information;
  • fulfilling the obligation under EU or member state law applicable to us, which requires the processing of personal data (in this case, data processing in the context of invoicing, as the retention of the invoice is required by law), or for the purpose of performing a task carried out in the public interest or in the exercise of public authority granted to the data controller;
  • to present, enforce and defend legal claims (e.g. if we have a claim against you and you have not yet fulfilled it, or a consumer or data management complaint is in progress).


Right to protest
You have the right to object to the processing of your personal data based on legitimate interests at any time for reasons related to your own situation. In this case, we can no longer process the personal data, unless we prove that the data processing is justified by compelling legitimate reasons that take precedence over your interests, rights and freedoms, or that are related to the presentation, enforcement or defense of legal claims.

Right to portability
If the data management is necessary for the fulfillment of the contract, or the data management is based on your voluntary consent, you have the right to request that the data you provide to us be received in a machine-interpretable form, which we will make available to you in an accessible format, if this is technically feasible, then you can request that the data be forwarded in this form to another data controller.

Remedies
If, in your opinion, we have violated a legal provision regarding data management, or we have not fulfilled one of your requests, you can initiate the investigation procedure of the National Data Protection and Freedom of Information Authority (address: 1363 Budapest, Pf.: 9., e-mail: ugyfelszolgalat@naih.hu). We also inform you that you can also file a civil lawsuit in court.

Data security
During the operation of the IT systems, we provide the necessary authorization management, internal organization and technical solutions so that your data cannot get into the possession of unauthorized persons, and unauthorized persons cannot delete, save or modify the data. We also apply data protection and data security requirements to our data processors. We keep a record of possible data protection incidents, and if necessary, we inform you about the incidents that arise.

Other provisions
We reserve the right to modify this data management information in a way that does not affect the purpose and legal basis of data management. However, if we wish to carry out further data management for a purpose other than the purpose of their collection in relation to the collected data, we will inform you of the purpose of the data management and the following information before the further data management:
  • the period of storage of personal data, or if this is not possible, the aspects of determining the period;
  • your right to request access to your personal data, its correction, deletion or restriction of processing, and in the case of data processing based on legitimate interests, you may object to the processing of personal data, and in the case of data processing based on consent or a contractual relationship, you may request the right to data portability insurance;
  • in the case of consent-based data management, that you can withdraw your consent at any time,
  • on the right to submit a complaint to the supervisory authority;
  • whether the provision of personal data is based on legislation or a contractual obligation or is a prerequisite for entering into a contract, and whether you are obliged to provide personal data, as well as the possible consequences of failure to provide data;
  • the fact of automated decision-making (if such a procedure is used), including profiling, as well as, at least in these cases, comprehensible information about the logic used and the significance of such data management and the expected consequences for you.
Data management can only begin after this, if the legal basis of data management is consent, you must also consent to data management in addition to information. This Data Management Notice valid from 15.09.2023.