Information on data management and data protection

1. Introduction

REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (hereinafter “the Regulation”) on the protection of individuals with regard to the processing of personal data and on the free movement of such data repealing Regulation (EC) No 95/46 sets forth that the Data Controller takes appropriate measures to provide the data subject with all information concerning the processing of personal data in a concise, transparent, comprehensible and easily accessible form and that the Data Controller facilitates the exercise of rights of the data subject.

 

2. Data of the data controller

Company name: ETK Szolgáltató zRt.
Headquarters: 1149 Budapest, Angol u 34.
Tax number: 1236389-2-42

 

Contact info
Phone number: +36 1 222-40-43
Email: miskolczit@etk-rt.hu
Represented by Tamás Miskolczi

3. Certain data management activities

3.1. Data management associated with contact
Definition of data management:
The Data Controller answers the questions and information requests received in the way requested by the person requesting the information (by phone, e-mail).

 

Legal background of data processing: Data processing is governed by Regulation (EU) 2016/679 (Regulation) of the European Parliament and of the Council of 27 April 2016 and Act CXII of 2011 on the right to information self-determination and freedom of information. (Hereinafter: Infotv.).

 

Legal basis for data processing:
The legal basis for data processing is your consent in accordance with Article 6 (1) (a) of the Regulation.

 

Purpose of data management:
The purpose of data management is to be able to answer your questions.

 

Scope of data managed:
When contacting, you must provide a name and contact information (e-mail address or telephone number).

 

Duration of data management:
Messages sent during the contact are stored for a maximum period of one month, but you can request the deletion of personal data provided during the contact at any time.

 

3.2. Data management connected to registration


Definition of data management:
In order to apply for the conference, some data of participants need to be managed.

 

Legal background of data management:
The background of data management is specified by the Regulation and the provisions of Act CXII (hereinafter: Infotv).

 

Legal basis for data processing:
The legal basis for data processing is your consent in accordance with Article 6 (1) (a) of the Regulation.

 

Purpose of data management:
The purpose of data management is to identify the user and keep the contact during the use of the services.

 

Scope of data managed:
Name, e-mail address, telephone number of the contact person; billing name (company name) and address, in the case of a business organization, tax number, telephone number.

 

Duration of data management:
The data provided during registration will be stored until January 31 of the calendar year following the 5th year after registration, but you can request the deletion of the personal data provided at any time.

 

3.3 Data Management for Billing

 

Definition of data management:
The Data Controller issues the documents required by law on the sales made by him.

 

Legal background of data management:
The background of data management is specified by the Regulation and the Infotv. and the provisions of Act C of year 2000 on Accounting (hereinafter Sztv.).

 

Legal basis of data management:
The legal basis of data management is the fulfillment of the legal obligation of the Data Controller set out in the Act pursuant to Article 6 (1) (c) of the Regulation.

 

The purpose of data management:
To issue an invoice in accordance with the law and to fulfill the obligation of storing the accounting documents. Pursuant to Section 169 (1) – (2) of Sztv. companies must keep the accounting document directly and indirectly supporting the accounting records.

 

Scope of managed data:
Invoicing name and address are required for issuing the invoice, in case of a business organization a tax number is also required.

 

Duration of data management:
The issued invoices must be stored for 8 years from the date of issue of the invoice in accordance with Section 169 (2) of Sztv.
We are informing you that the Data Controller is entitled to keep the personal data obtained during the issuance of the invoice for 8 years pursuant to Article 6 (1) (c) of the Regulation and the Section 6 (5) (a) of Infotv.


Data Controller shall store the data until 31 January of the calendar year following the 8th year after the performance of the contract.

4. Data processor of ETK

ETK uses a data processor to maintain and manage its website, which provides IT services (hosting services) and in this regard, it handles the personal data provided on the website for the duration of our contract with it. The action it takes is to store personal information on the server.

 

Company name: MAZE Kft.

Headquarters: 2612 Kosd, Táncsics Mihály utca 26.

Tax number: 12691290-2-13

Website: maze.hu

Phone number: +36 20 555 MAZE [6293]

Represented by Zsolt Ziaja

5. Credit card payment via SimplePay

I acknowledge the following personal data stored in the user account of ETK Zrt. (1149 Budapest, Angol u 34.) in the user database of https://etk-rt.hu will be handed over to OTP Mobil Ltd. and is trusted as data processor. The data transferred by the data controller are the following:

 

  • Name,
  • Email address,
  • phone number.
  •  
The nature and purpose of the data processing activity performed by the data processor in the SimplePay Privacy Policy can be found at the following link: http://simplepay.hu/vasarlo-aff

6. ETK shall ensure the enforcement of the rights of data subjects

According to the Regulation, the rights of data subjects are:

 

1. Facilitate transparent information, communication and the exercise of the data subject’s rights;
2. Right to prior information – if personal data are collected from the data subject;
3. Informing the data subject and about the information provided if the personal data have not been obtained from him or her by the controller;
4. The data subject’s access rights;
5. Right of making corrections;
6. Right of cancellation (“right to forget”);
7. Right of restricting data processing;
8. Obligation of notifying affected entities in connection with modification or erasure of personal data or restrictions on data processing;
9. The right of data portability;
10. Right to protest;
11. Automated decision making in individual cases, including profiling;
12. Restrictions;
13. Informing the data subject about potential data protection incident;
14. Right to complain to the supervisory authority (right to an official legal remedy);
15. The right to an effective judicial remedy against the supervisory authority;
16. The right to an effective judicial remedy against the controller or the processor.

 

Budapest, September 1, 2020

 

Tamás Miskolczi, President