The purpose of the Data Management and Data Protection Rules is to specify the data considered to be the personal data of the person registered in the Website and the rules of data management; furthermore to ensure that the constitutional principles of data protection and data safety are complied with, and to prevent any unauthorized access to any such data, their unauthorized alteration, unauthorized disclosure and/or unauthorized use.
Data Protection Laws
- Section 83 of Act IV of 1959 on the Hungarian Civil Code;
- Act LXIII of 1992 on the Protection of Personal Data and the Disclosure of Information of Public Interest (the “Data Protection Act”);
- the dispositions set out in Section 154 of Act C of 2003 on Electronic Communications;
- Government Decree 226/2003. (XII.13.) on the electronic management of data from communication service providers and special conditions for electronic communications.
- Personal Data shall mean any information relating to an identified or identifiable natural person and any reference drawn, whether directly or indirectly, from such information. In the course of data processing, such information shall be treated as personal data as long as the data subject remains identifiable through it. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;
- Data Management shall mean any operation or set of operations that is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, deletion or destruction, and blocking them from further use. Photographing, sound and video recording, and the recording of physical attributes for identification purposes (such as fingerprints and palm prints, DNA samples and retinal images);
- Data Processing shall mean the technical operations involved in data management, irrespective of the method and instruments employed for such operations and the venue where it takes place;
- Disclosure by Transmission shall mean making data available to a specific third party;
- Public Disclosure shall mean making data available to the general public;
- Data Controller shall mean a natural or legal person or unincorporated organization that determines the purpose of the processing of personal data, makes decisions regarding data management (including the means) and implements such decisions itself or engages a processor to implement them;
- Data Processor shall mean a natural or legal person or unincorporated organization that is engaged in the processing of personal data on behalf of a controller – including when ordered by virtue of legal regulation;
- Automatic Processing includes the following operations if carried out in whole or in part by automated means: storage of data, carrying out of logical and/or arithmetical operations on those data, their alteration, erasure, retrieval or dissemination;
- Destruction of Data shall mean the complete physical destruction of data or the medium containing the data.
Managed Data and Data Management Goals
The Company may manage the personal data necessary and sufficient for the identification of the user or subscriber with a view to the conclusion of the service agreement, the specification of its contents, its amendments, the monitoring of its performance, the billing of the fees originating from it and the enforcement of the related claims.
The Company may manage the following data of subscribers that allow identification of the same:
- name, permanent address or registered office;
- in the event that the subscriber is a natural person: name (maiden name); mother’s maiden name; place and date of birth;
- in the event that the subscriber is not a natural person: Trade Register Number or any other registration number; bank account number.
The Company shall register any further personal data only upon express approval or request from the subscriber, for easier contact and communication.
Data Management Methods
Subscribers shall grant their consent to the management of their data as set out by law, by compiling the form available in the website and also upon conclusion of the individual VPS agreement.
Personal data may be used or transferred for the purposes of direct marketing, public opinion polling or scientific research only upon express approval and consent of the subscriber.
No messages for the purposes of directly soliciting business or providing information in respect of the subscriber shall be forwarded to the subscriber by telephone or by any other means of electronic communication without the express approval and consent of the subscriber.
Duration of Data Storage by the Service Provider
The Company shall store the aforementioned data until termination of the respective agreement and/or until expiry of the term available for the submission of claims, as set out by the applicable statute of limitations.
Transfer of Data, Disclosure by Transmission
The personal data managed by the Company may be transferred, whether in a single or in a set of operations, if the data subject has given his consent or if the transfer is legally permitted, and if the safeguards for data processing are satisfied with regard to each and every personal data.
The Company shall transfer the subscriber data pursuant to the applicable laws in the following events:
- for the purposes of defense;
- for the purposes of national security;
- for the prevention, investigation, detection and prosecution of criminal offences;
- to the competent national security agencies, investigating authorities for the purposes of prosecuting any unauthorized and unlawful use of the electronic communications system; to the courts and court bailiffs in accordance with the applicable laws governing the execution of court decisions.
The receivers of the aforementioned data shall be bound by the same confidentiality and data protection obligations applicable to the service provider.
Obligations of the Company
Any and all employees, subcontractors and/or agents of the Company, as set out in these Terms and Conditions, shall be bound by the same confidentiality and data protection obligations applicable to the Company.
The Company shall adopt any and all necessary measures in order to protect the personal data of subscribers against unauthorized access, alteration, transfer, disclosure by transmission or deletion, as well as damage and accidental destruction.
Rights of the Subscriber
Pursuant to Section 24(5) of the Data Protection Act, the subscriber shall be authorized
- to request notification relative to the management of his/her personal data and inspect said data;
- to modify his/her declaration of consent relative to the management of his/her personal data;
- to request correction of his/her personal data, and – to the extent permitted by law –
- submit a protest
- in order to provoke enforcement of the applicable laws by the competent authorities.