Napsugár Hotel Privacy Policy
Napsugár Hotel Privacy Policy
Details of the service provider as data controller Napsugár Hotel Bt.
Headquarters: 5904 Orosháza, Hűvös utca 2-4.
Company registration number: Cg. 04-06-006052
Tax number: 20634672-2-04.
Phone number: (68) 412 - 422
e-mail: info @ napsugarhoteloroshaza. hu
Represented by: Lászlóné Molnár Managing Director (hereinafter: the “Data Controller”)
The Data Controller, as the operator of Napsugár Hotel (hereinafter: Hotel), hereby informs its customers, guests and visitors to its website (hereinafter collectively: data subject (s), user (s) or guest (s)) that it respects the personal rights of its guests. , therefore, in the course of its data management, it acts in accordance with the following data management regulations (hereinafter: the Regulations). The Data Controller reserves the right to change the Regulations due to the harmonization of the legal background and other internal regulations to be amended in the meantime. The current version of the data protection policy is available on the website www.napsugarhoteloroshaza.hu, as well as on paper at the reception of the Hotel.
These regulations regulates the data management activities related to the services provided by the hotel called Napsugár Hotel located in 5904 Orosháza, Hűvös utca 2-4.
I. PURPOSE OF THE REGULATIONS
1. The primary purpose of these regulations is to define and comply with the basic principles and provisions concerning the processing of the data of natural persons and Guests in contact with the Hotel in order to ensure that the privacy of natural persons is protected in accordance with the relevant legal provisions.
2. With reference to point I.1, the purpose of these rules is to ensure that the Hotel complies in all respects with the data protection provisions of the applicable legislation, in particular, but not limited to:
• Act CXII of 2011 on the right to information self-determination and freedom of information. law,
• Act CVIII of 2001 on certain issues of electronic commerce services and information society services. law,
• Act XLVII of 2008 on the Prohibition of Unfair Commercial Practices against Consumers. law,
• Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activity. provisions of this Act.
3. The Data Controller therefore considers it extremely important, at the same time committed to complying with Article CXII of 2011 on the right to information self-determination and freedom of information, provided by the data subject through the website or other forum or otherwise. protect the data required by law and respect the right of data subjects to self-determination of information. In this context, it contributes to the creation of safe internet access for data subjects in full compliance with
II. SCOPE OF THE REGULATIONS
1. Temporal validity: These Regulations are valid from August 1, 2019 until further provisions and revocation.
2. Personal scope: The scope of these Regulations extends to the Hotel, the persons whose data are contained in the data processing covered by these Regulations, as well as the persons whose rights or legitimate interests are affected by the data processing.
3. Material scope: The scope of these Regulations extends to the processing of data containing all personal data in all organizational units of the Hotel.
III. DEFINITIONS
• Data subject or User or Guest: any specific natural person identified or - directly or indirectly - identifiable on the basis of personal data;
• Personal data: data that can be contacted with the data subject, in particular the name, identification mark and knowledge of one or more physical, physiological, mental, economic, cultural or social identities, and the conclusion that can be drawn from the data;
• Hotel: 2-4. Hűsvös utca, 5904 Orosháza. located under Napsugár Hotel, operated by the Data Controller;
• Consent: a voluntary and explicit statement of the data subject's will, based on adequate information and giving his or her unambiguous consent to the processing of personal data concerning him or her, in whole or in part;
• Data controller: a natural or legal person or an organization without legal personality who, alone or together with others, determines the purpose of data processing, makes and implements decisions on data processing (including the means used), or with a data controller entrusted by him. for the purposes of these regulations and the Hotel: Napsugár Hotel Bt. 5904 Orosháza, Hűvös utca 2-4. Company registration number: Cg. 04-06-006052 Tax number: 20634672-2-04.
• Data management: any operation or set of operations on data, regardless of the procedure used, in particular the collection, recording, systematisation, storage, alteration, use, interrogation, transmission, disclosure, coordination or linking, blocking, deletion and destruction, and to prevent the further use of data, the taking of photographs, sound or images and the recording of physical characteristics capable of identifying a person;
• Data transfer: making the data available to a specific third party;
• Data processing: the performance of technical tasks related to data management operations, regardless of the method and means used to perform the operations and the place of application, provided that the technical task is performed on the data;
• Data erasure: making data unrecognizable in such a way that it is no longer possible to recover it;
• Data blocking: the identification of data to limit their further processing permanently or for a specified period of time;
• Data destruction: complete physical destruction of the data carrier;
• Data set: the totality of the data managed in one register;
• Third party: a natural or legal person or an organization without legal personality who is not the same as the data subject, the controller or the processor;
• Data protection incident: unlawful handling or processing of personal data, in particular unauthorized access, alteration, transmission, disclosure, deletion or destruction, and accidental destruction and damage;
• Website: the portal www.napsugarhoteloroshaza.hu and all its sub-pages operated by the Data Controller;
• Facebook page: the page at https://www.facebook.com/napsugarhotel.
IV. PRINCIPLES OF DATA MANAGEMENT
1. Proportionality, the principle of necessity: Only personal data which are indispensable to the purpose of the processing and suitable for that purpose may be processed. Personal data may only be processed to the extent and for the time necessary to achieve the purpose.
2. Purpose limitation principle: Personal data may only be processed for specified purposes, in order to exercise a right and fulfill an obligation. At all stages of data processing, the purpose of the data processing must be appropriate, and the recording and processing of the data must be fair and lawful.
3. Personal data shall retain their quality during data processing as long as their relationship with the data subject can be restored. The connection with the data subject can be restored if the data controller has the technical conditions necessary for the restoration.
4. Processing shall ensure that the data are accurate, complete and, where necessary, kept up to date and that the data subject can be identified only for the time necessary for the processing.
5. Principle of voluntariness: The provision of data is voluntary for the data subject. The data controller handles personal data with the consent of the data subject. Voluntary consent, as consent, means the user's conduct by which the user accepts, by using the website, that all rules relating to the use of the website automatically apply to him.
V. STATEMENTS BY THE DATA CONTROLLER
1. The Data Controller declares that
a. Act CXII of 2011 on the right to information self-determination and freedom of information in data management. act in accordance with the provisions of this Act.
b. the personal data obtained by the Data Controller during the data processing may be disclosed only to those persons who have an employment relationship with the Data Controller and who have a duty in connection with the given data processing.
c. ensure that the rules in force at any time are available to the person concerned at all times, thus giving effect to the principle of transparency.
d. the website treats the personal data of visitors confidentially, in accordance with the legal regulations in force, ensures their security, takes technical and organizational measures, and establishes rules of procedure in order to fully comply with the principles of data protection.
e. handles the personal data of the Guests staying in the Hotel confidentially, in accordance with the legal regulations in force, ensures their security, takes technical and organizational measures, and establishes procedural rules in order to fully comply with the principles of data protection.
f. in order to preserve the data managed by it, it shall take and ensure all measures promoting the IT and other secure data management related to data storage, processing and data transmission.
g. it shall use its best endeavors to protect the personal data processed by it against unauthorized access, alteration, disclosure, deletion, damage or destruction, in order to guarantee the necessary technical conditions.
h. does not verify the personal data provided to him, excludes his responsibility for their accuracy.
i. transfers personal data to a third party only in exceptional cases and in such cases, and connects the database managed by it to another data controller only if the data subject expressly consents to it or is permitted by law, and if the conditions of data processing for each personal data They met.
j. it operates exclusively in Hungary, it does not belong to a multinational hotel chain, therefore it is not necessary to introduce and operate mandatory organizational regulations.
k. does not transfer personal data to a controller or processor in a third country.
l. keep a record of the data protection incident measures and inform the data subject, including the scope of personal data of the data subject, the number and number of data subject incidents, the date, circumstances, effects of the data protection incident and the measures taken to prevent it, and the data processing legislation specified other data.
2. The Data Controller shall not be liable for the lawfulness of the data processing of the contractual partner having a legal relationship with the Data Controller.
3. In order to protect personal data stored in automated data files, the Data Controller shall ensure the prevention of accidental or unlawful destruction or accidental loss, as well as unauthorized access, alteration or distribution, by applying appropriate security measures.
VI. SCOPE OF DATA MANAGEMENT ACTIVITIES AND DATA
A. Use of hotel services
1. In the context of the provision of hotel services, the processing of all data relating to the data subject shall be based on voluntary consent and shall be intended to ensure the provision of the service and to maintain contact. The personal data contained in this section shall be kept by the Data Controller for a period of time in accordance with the current tax and accounting regulations, with the exceptions set out in each subsection, and shall be deleted after the deadline.
2. For each service, it is possible to provide additional data that will help to fully understand the needs of the Guest, but these are not conditions for the use of hotel services.
B. Request for quotation
1.A In the case of individual guests requesting a quote through the website, the Data Controller requests / may request the following data from the Guest:
• Name*
• Phone number *
• Address*
• E-mail *
• How did you find us? *
• Date of arrival *
• Date of departure *
• The number of adults*
• Number of children*
• Age of children
• Room type
• Packages
• Other request
• Adoption of the General Terms and Conditions and the Privacy Policy
• Captcha spam protection
Data marked with * are required.
1.B Request for quotation through the website In case of guests interested in weddings, the Data Controller requests / may request the following data from the Guest:
• Name*
• Title*
• E-mail *
• Phone number *
• Planned date of the wedding *
• Planned wedding number *
• Accommodation Demand
• Adoption of the General Terms and Conditions and the Privacy Policy *
• Captcha spam protection *
Data marked with * are required.
1.C Request for quotation through the website In case of corporate and family group events, the Data Controller requests / may request the following data from the Guest:
• Name*
• Corporate (organization) or family event *
• E-mail *
• Request for quotation details *
• Adoption of the General Terms and Conditions and the Privacy Policy *
• Captcha spam protection *
Data marked with * are required.
2. The request for quotation is voluntary.
3. The activity and process involved in data management are as follows:
the. By clicking on the "Request for Quotation" button on the website, the person concerned will get to the interface of the website where he / she has the opportunity to Provide the data specified in the Request for Quotation section, as well as accept the booking and cancellation conditions and these data management regulations. After entering the data, accepting the terms and conditions and the regulations, the data subject can send the named data to the Data Controller by pressing the "Request for Quotation" button.
b. The data sent to the Data Controller is handled by the Data Controller sales associate and the employees working in the receptionist position using the Synthesis Restaurant Assistant programs and self-created Excel spreadsheets. Based on the information received, an offer will be developed, which will be emailed to the guest and recorded after booking.
C. Login and Notification Form2
1. Upon arrival at the Hotel, the data subject shall fill in a hotel registration form prior to occupying his / her booked room, in which the Data Controller agrees that the Data Controller fulfills the obligations specified in the relevant legislation (especially and for the purpose of identifying the Guest, until the competent authority can verify compliance with the obligations laid down in the relevant legislation:
• Name*
• Date of arrival *
• Date of departure *
• Date and place of birth *
• Address*
• Vehicle registration number *
• Phone
• ID number*
• E-mail address
• "Newsletter subscribe"
• Children's names, date of birth *
2 Data marked with * are required.
2. The provision of the mandatory data by the Guest is a condition for the use of the hotel services.
3. By signing the application form, the guest consents to the data controller handling and archiving the data provided by filling in the application form within the time limit indicated above for the purpose of concluding the contract or proving its fulfillment or possible enforcement.
4. By entering the email address on the notification form, the guest has the opportunity to subscribe to the Data Controller's newsletter. The other things in the Newsletter section apply to the newsletter.
D. Magnetic card access system
1. After logging in to the Hotel, the receptionist employee of the Data Controller enters the following data of the Guest into the Fontacarte program:
• Name
and links to the following data:
• Number of rooms
• The date the magnetic card was written
• Date of arrival
• Date of departure
2. After this step, the employee of the Data Controller writes the magnetic card, ie he enters the room number and the date of arrival and expected departure on the magnetic card. The magnetic card does not contain the Guest's personal data.
E.Send Newsletter
1. The data subject may subscribe to the newsletter on paper, by e-mail or at the Hotel during the use of each service with the data specified below.
2. Scope of data processed3:
• Name*
• E-mail address*
3 Data marked with * are required.
3. Subscribing to the newsletter is voluntary.
4. The purpose of the data management related to the sending of the newsletter is to provide the recipient with full general or personalized information about the latest actions of the Data Controller.
5. The Data Controller sends the newsletter only with the consent of the sunscriber.
6. The Data Controller shall store the provided personal data in a separate list, separately from the data provided to the Data Controller for other purposes, this list may be accessed only by the authorized employees and data processors of the Data Controller.
7. The controller shall not transmit the list or data to a third party, unauthorized, and shall take all security measures to prevent unauthorized access.
8. The Data Controller only handles the personal data collected for e-purpose until the data subject has unsubscribed from the newsletter list.
9. The data subject may unsubscribe from the newsletter at any time, at the bottom of the e-mails and by sending a cancellation request to the e-mail address This email address is being protected from spambots. You need JavaScript enabled to view it..
10. You can unsubscribe from the newsletter by post at the following address: Napsugár Hotel, 5904 Orosháza, Hűvös utca 2-4.
11. The Data Controller reviews the list of newsletters every five years and requests confirmatory consent to send the newsletter after five years. The Data Controller shall delete the data of the data subject who does not give a confirmatory consent to the sending of the newsletter within 30 (Thirty) days after the delivery of such e-mail.
12. The Guest can subscribe to the feed published on the message board on the Facebook page by clicking on the “like” link on the page and by clicking on the “dislike” link on the message page, or by using the message wall settings. you can delete unwanted feeds that appear on the message board.
F. Credit card details
1. The data controller may use and use the bank, credit card / bank account data provided by the data subject to the Data Controller only to the extent and for the time necessary for the exercise of his / her rights and fulfillment of his / her obligations. The data is managed by the Data Controller's contractual banking partners. You can find information about this data management on the websites of the competent Bank.
2. Guests can get more information about the bank card data managed by certain subsystems of the data controller at the request sent to info @ napsugarhoteloroshaza.hu.
G. Loyal Guest Program4
1. The Data Management Loyal Guest Program is an exclusive service provided to the guests of the hotel - natural persons - with the aim of providing discounts for returning guests.
2. Participation in the regular guest program is voluntary.
3. Participants in the given program give their express consent to the processing of personal data provided for this purpose by the Data Controller for the purpose of operating the Loyal Guest System or for sending a newsletter specially prepared for Loyal Guests. The processing of personal data transferred on the basis of this consent lasts as long as the data subject participates in the given program.
4. The Loyalty Guest program membership status becomes inactive after 3 (Three) years from the last hotel service. The Data Controller's personal data is stored by the Data Controller for the period specified in the current tax and accounting regulations, and they are deleted after the deadline.
5. Personal data processed in the programs is used for communication. The following personal data may be managed by the Data Controller in the programs:
• Name*
• Time and place of birth
• Address*
• Phone
• E-mail address
• "Subscribe for a Newsletter"
• Loyalty card number (to be filled in by the data controller)
4 Data marked with * are required.
6. The entered data is stored by the Data Controller in a separate data file, separately from other entered data. This data file may only be accessed by authorized employees of the Data Controller.
7. The employee shall not pass on any data or the entire file to a third party and shall take all security measures to prevent unauthorized access.
8. The data managed by the Loyal Guest program is deleted by the Data Controller at the request of the Guest sent to the email address This email address is being protected from spambots. You need JavaScript enabled to view it..
H. Gift voucher5
1. Hotel allows the Guest to purchase various gift vouchers that can be used for the Hotel service at a given value.
2. Ordering and using the gift voucher is voluntary.
3. Ordering the gift voucher and the scope of data involved in data management:
The person concerned can order a voucher in the Hotel in person, by phone, by e-mail to info @ napsugarhoteloroshaza.hu and on the hotel's website, with the amount or service content specified by him, with the following information:
In case of personal order:
• Name *
• Billing name and address *
When ordering by phone or email
• Name *
• E-mail address*
• Phone number *
• Billing name and address *
• Delivery name and address *
5 Data marked with * are required.
In the case of a request for a gift voucher via the website, the Data Controller requests / may request the following data from the Guest:
• Name*
• Title*
• Phone number *
• E-mail *
• Gift voucher type *
• Adoption of the General Terms and Conditions and the Privacy Policy *
• Captcha spam protection *
Data marked with * are required.
4. Data contoller prepars an invoice and after the payment of the amount it posts to the given address.
5. The Data Controller stores the voucher quotetations and data in a separate files wich is only reachable from authorized employees of the Data Controller.
6. Employees are not permitted to transmit these date to any third person and they are required to preserve it safe.
7. The Data Controller shall store the data for a period of time in accordance with the applicable tax and accounting regulations and shall delete them after such period.
8. The Data Controller will provide more information on the data management related to the Gift Voucher upon request sent to the e-mail address This email address is being protected from spambots. You need JavaScript enabled to view it.. Deletion from the data file can also be requested here.
I. Guest questionnaire, evaluation system
1. As part of the quality assurance process applied at the Data Controller, interested parties may provide their views through a paper-based guest questionnaire or the evaluation system.
2. When filling in the questionnaire, no data is recorded, the questionnaires are filled in anonymously. The guest can enter the following information in the comment box:
• Name
• Date of visit
• Number of rooms
3. The provision of data is not obligatory, they only serve the accurate investigation of possible complaints and the provision of a response by the Data Controller to the guest.
4. The Data Controller may also use the opinions received in this way and the related data that may be provided, which cannot be traced back to the given Guest and cannot be linked to the name of the Guest, for statistical purposes.
5. The Data Controller stores the provided personal data in a separate data file, separately from other provided data. This data file may only be accessed by authorized employees of the Data Controller.
6. The employee shall not pass on any data or the entire file to a third party and shall take all security measures to ensure that it is not disclosed to an unauthorized person.
J. Camera system
1. Cameras are operated in the area of the Hotel operated by the Data Controller for the personal and property security of the Guests. for their operation, information boards draw the attention of those concerned. Regarding the lawful operation of the space surveillance system, the Data Controller shall act in accordance with the provisions made in these regulations and the camera regulations and shall make them available to the data subjects.
2. Scope of managed data: A touch image recorded by the operated camera system.
3. Special rules for the operation of the camera surveillance system:
a. In accordance with the provisions of these regulations, the camera surveillance system is governed by a separate regulation, the current version of which is available at the reception of the Hotel.
b. The camera system captures an image.
c. The purpose of data management: protection of persons and property.
d. The place of storage of the recording: 5904 Orosháza, Hűvös utca 2-4, operated by the Data Controller. located under Napsugár Hotel.
e. Legal basis for data management: the voluntary consent of the data subject based on the information provided by the Operator in the form of tables. Consent may also be given in the form of implied conduct. Indirect behavior, in particular, when the person enters or stays in the units affected by the camera surveillance system.
f. The Operator must ensure that the personal data of the person concerned, in particular his or her private secrets and privacy, are protected from unauthorized disclosure.
g. An electronic surveillance system shall not be used in places where surveillance may violate human dignity, in particular in changing rooms, showers and washbasins, toilets and rest areas. Camera surveillance is proportionate to its purpose, unlimited and direct surveillance is not carried out by the Data Controller.
h. Duration of storage of the recording: The recorded image must be destroyed or deleted no later than 3 working days after recording if it is not used. Use is considered to be the use of the recorded image and other personal data as evidence in court or other official proceedings.
i. A person whose right or legitimate interest is affected by the recording of an image or other personal data may, within 15 working days of the recording, request that the data not be destroyed or deleted by the data subject by proving his or her right or legitimate interest. j. At the request of a court or other authority, the recorded recording and other personal data shall be sent to the court or authority without delay. If no request is made within thirty days of the request for non-destruction, the recorded image and other personal data shall be destroyed or deleted, unless the time limit laid down in the regulations has expired.
K. Facebook page
1. The Data Controller and the page operated by the Data Controller are also available separately on the Facebook community portal.
2. The purpose of data management is to share the content on the website. With the help of the Facebook page, the Guest can be informed about the latest promotions.
3. By clicking on the “like” link on the Data Controller's Facebook page, the data subject consents to the publication of the Data Controller's news and offers on his / her own message board.
4. The data manager also publishes pictures / movies about the various events on his Facebook page. In the case of non-mass recordings, the Data Controller will always ask for the written consent of the data subject before publishing the images.
5. Information on the privacy practices of the Facebook page can be found in the privacy policies and regulations on the Facebook website at www.facebook.com.
L. Website Visit and links
1. The Data Controller's website may also contain links which are not operated by the Data Controller, but only for the information of visitors. The Data Controller has no influence on the content and security of the websites operated by the partner companies and is therefore not responsible for them.
2. Please review the Privacy Policy and Privacy Statement of the sites you visit before providing any information on that site in any form.
Cookies / Cookies We use cookies on the website www.napsugarhoteloroshaza.hu. Cookies are used to operate the website, facilitate its use, track activity on the website and display relevant offers.
Types of cookies
Basic cookies
These cookies ensure the proper functioning of the website, facilitate its use and collect information about its use without identifying our visitors. Without the use of these cookies, many functions on our website may not work properly or at all (eg sending a request for quotation).
Cookies for statistical purposes
A data manager uses an analytical tool to track the website, which creates a series of data and tracks how visitors use the website. When the page is viewed, the system creates a cookie for the purpose of recording information about the visit (pages visited, time spent on our pages, browsing data, exits, etc.), which, however, cannot be used to contact the visitor. This tool helps to improve the ergonomics of the website, creating a user-friendly website to enhance the online experience of the visitors. The Data Controller does not use analytical systems to collect personal information. Most Internet browsers automatically accept cookies, but visitors have the option to delete them or reject them automatically. Because each browser is different, the visitor can set their cookie preferences individually using the browser toolbar. You may not be able to use certain features on our website if you choose not to accept cookies.
Advertising cookies
The purpose of these cookies is to make the ads even more interesting to you or relevant to you on the websites. These cookies cannot identify you personally. It allows us to get information about, for example, what content our visitors visit, how long their visit lasted, etc. We use advertising cookies from the following providers on our website:
Google Ads service With this service, we try to get / encourage our visitors to ask us for an offer. Detailed information about the service is available at the following link: https://policies.google.com/privacy?hl=en
Facebook
Detailed information about the service is available at the following link: https://www.facebook.com/help/cookies/
VII. STORAGE OF PERSONAL DATA, INFORMATION SECURITY
1. Personal data shall be processed only in accordance with chapter VI. in accordance with the activities of this Chapter.
2. The purpose of data management: contacting and keeping in touch with the data subject, marketing, raising the quality of the service that fits the profile of the Data Controller, conducting market research for this purpose and surveying consumer habits.
3. Legal basis of the data processing: the voluntary consent of the data subject based on the prior information of the Data Controller.
4. Duration of data processing: up to 15 working days from the termination of the customer relationship, if they are not used to enforce the rights and obligations arising from the customer relationship, or until the data subject's data is deleted or his data processing authorization is revoked.
5. It is possible to modify and delete personal data, to withdraw voluntary consent, and to request information on the processing of personal data by sending a notification to the contact details.
6. The Data Controller shall ensure the IT environment used for the management of personal data during the provision of the service in such a way that
• combine the personal data provided by the data subject only and exclusively with the data and in the manner specified in these regulations.
• ensures that personal data of the Data Controller is accessed only by such employees of the Data Controller as are absolutely necessary for the performance of their duties arising from their job responsibilities.
• all changes to the data are made with the date of the change.
• erroneous data will be deleted within 24 hours at the request of the data subject.
• the data is backed up.
7. The Data Controller provides the required level of protection during the processing of the data - in particular their storage, correction, deletion - when requesting or protesting the relevant information.
8. Data shall be transferred with the consent of the data subject, without prejudice to his or her interests, in confidence, with the provision of a fully compliant IT system and in compliance with the purpose, legal basis and principles of data processing. The Data Controller shall not transfer the personal data of the data subject without his / her consent, nor shall he / she make them available to third parties, unless required by law.
9. Other unidentifiable data, hereinafter referred to as anonymous, which are not directly or indirectly related to the data subject shall not be considered personal data.
VIII. REMEDIES
1. The data subject may request information on the processing of his / her personal data, as well as request the correction or deletion or blocking of his / her personal data, except for statutory data processing, by e-mail or for certain data processing activities as set out therein.
2. At the request of the data subject, the Data Controller shall provide information on the data processed by him, the purpose, legal basis, duration, data controller's data if he has used a data processor, the circumstances, effects and measures taken to prevent the data protection incident - the legal basis, purpose and recipient of the transfer.
3. The Data Controller shall correct inaccurate personal data or delete the data if:
a. handling is illegal;
b. the person concerned requests;
c. incomplete or incorrect - and this condition cannot be legally remedied - provided that cancellation is not precluded by law;
d. the purpose of the data processing has ceased or the term for the storage of data specified by law has expired;
e. it was ordered by a court or the National Data Protection and Freedom of Information Authority.
4. The Data Controller shall notify the data subject of the rectification and erasure, as well as to all persons to whom the data have previously been transmitted for the purpose of data processing. The notification may be omitted if it does not harm the legitimate interests of the data subject in view of the purpose of the processing.
5. The data subject may object to the processing of his or her personal data if: the. the processing (transfer) of personal data is necessary only for the enforcement of the right or legitimate interest of the data controller or the data recipient, except in the case of mandatory data processing; b. the use or transfer of personal data is for the purpose of direct business acquisition, public opinion polling or scientific research; c. the exercise of the right to protest is otherwise permitted by law.
6. The Data Controller - with the simultaneous suspension of data processing - shall examine the protest as soon as possible after the submission of the request, but not later than within 15 working days, and shall inform the applicant in writing of the result. If the applicant's objection is substantiated, the Data Controller shall terminate the data processing, including further data collection and data transfer, and block the data, as well as notify all persons to whom the personal data affected by the objection have previously been transmitted, and who are obliged to take action to enforce the right to protest.
7. If the data subject does not agree with the decision of the Data Controller, or the Data Controller fails to comply with the deadline referred to in point 6, he / she shall be entitled to apply to a court within 30 days of its notification.
8. Enforcement: The person concerned can go to court if his or her rights are violated. The court is acting out of turn in the case. The Data Controller is obliged to prove that the data management complies with the provisions of the law.
9. In case of violation of the right to self-determination of information, you can file a complaint or complaint: National Data Protection and Freedom of Information Authority Address: 1125 Budapest, Szilágyi Erzsébet avenue 22 / c Phone: +36 (1) 391-1400 Fax: +36 (1) 391-1410 Website: http://www.naih.hu E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
10. In the event of a violation of the rights of minors, incitement to hatred, exclusion, content, reparation, the rights of a deceased person, violation of his or her reputation, he or she may file a complaint or complaint: National Media and Communications Authority 1015 Budapest, Ostrom u. 23-25. Mailing address: 1525. Pf. 75 Tel: (06 1) 457 7100 Fax: (06 1) 356 5520 E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it. IX.
OTHER PROVISIONS These regulations come into force on August 1, 2019. Orosháza, August 1, 2019 ,
Lászlóné Molnár managing director
