Privacy policy

Subject to the provisions of Act CXII of 2011 on the right to informational self-determination and freedom of information, the Joint Venture Association (registered office: H-1051 Budapest, Szent István tér 11/b., 1st Floor, Hungary, Tel.: +36 (1) 489-0368, Fax: +36 (1) 489-0369, email: jvsz@jointventure.hu; represented by Péter Tálos, President; the ‘JVSZ’) publishes the following privacy notice (the ‘Privacy Notice’) in order to inform the data subjects about the personal data managed by the Association and to fulfil its obligation under Section 20(2) and (4) of Act CXII of 2011.

1. Scope of Privacy Notice – fact of data collection and those affected by it

The scope of this Privacy Notice extends to the data management activities performed on the website of the JVSZ
(www.jvsz.hu), the Facebook page of the JVSZ (https://hu-hu.facebook.com/jointventureszovetseg/) and the LinkedIn page of JVSZ (https://www.linkedin.com/company/joint-venture.-sz-vets-g); when the JVSZ is contacted; regarding the members of the JVSZ; and the professional and legislative consultations conducted by the JVSZ, as well as to the data subjects affected by such data management (the ‘User’). The Privacy Notice takes effect upon its posting on the website of the JVSZ.

The Privacy Notice remains in force and effect until further action by the Joint Venture Association. Date of publication:  XX November 2016

2. Interpretative provisions

Act CXII of 2011: Act CXII of 2011 on the right to informational self-determination and freedom of information;
personal data:: data related to the person concerned, in particular, the name and ID number of the person concerned, and one or more pieces of information characterising his or her physical, physiological, mental, economic, cultural or social identity as well as conclusions that may be drawn from the data and relate to the person concerned;
special data: personal data relating to race, nationality, political opinion or affiliation, religious or other ideological beliefs, membership in advocacy organisations and sexual life; personal data relating to health condition and pathological addiction; and criminal personal data;
consent: the voluntary and definite expression of the will of the person concerned, which is based on appropriate information and with which he or she gives his or her unambiguous approval to the full management of his or her personal data or their management including certain operations.
objection: a declaration by the person concerned in which he or she objects to the management of his or her personal data and requests the termination of data management and the deletion of the data managed;
data controller: data controller: a natural person or legal entity or unincorporated organisation that sets the goal of data management on their own or together with others, makes and carries out the decisions on data management (including the equipment used) or has them carried out by the data processor. During the term of this Privacy Notice, the JVSZ qualifies as data controller and meets the legislative requirements for data controllers;
data management: irrespective of the procedure applied, any procedure or all procedures performed on data, in particular, their collection, survey, capture, organisation, storage, alteration, use, query, transmission, disclosure, coordination or connection, blocking, deletion and destruction, prevention of the further use of data, taking of photographs and sound or video recording and recording of physical parameters suitable for the identification of individuals (e.g. finger or palm prints, DNA sample, iris image);
data transmission: aking data accessible for specific third parties;
disclosure: making data accessible for anyone;
data deletion: making data unrecognisable in such a way that their restoration is no longer possible;
data tagging: : provision of the data with identification tags in order to distinguish them;
data blocking: provision of the data with identification tags in order to limit their further management definitely or for a specific period;
data destruction: total physical destruction of a data carrier containing data;
data processing: performance of technical tasks associated with data management procedures, irrespective of the method and equipment used for carrying out such procedures and the location of use, provided that the technical task is performed on data;
data processor: a natural person or legal entity or unincorporated organisation that performs data processing under a contract, including a contract concluded on the basis of legislative provisions;
data set: all data managed in a single registry;
third party: a natural person or legal entity or unincorporated organisation other than a person concerned, the data controller or the data processor.

 

3. Person of data controller

 

The JVSZ acts as data controller during the term of this Privacy Notice. The data controller determines the method of managing the personal data relating to natural persons managed by it, the means of data management, and prevents unauthorised access to personal data, and the alteration, unauthorised disclosure or use of data.

4. Purposes of data management

The purpose of recording and managing personal data is to provide the services of the JVSZ available through its website, also including data management activities performed on the Facebook and LinkedIn pages of the JVSZ, including:

  • the fulfilment of requests and enquiries submitted via the website and electronic contact points of the JVSZ;
  • liaison with users;
  • provision of information about timely events;
  • registration and entry in events;
  • prevention and filtering out of unwanted registration and misuse;
  • handling of complaints, if any;
  • for direct marketing purposes (e.g. advertising an event) and on the basis of the User’s specific consent to sending newsletters;
  • participation in professional and legislative consultations.

5. Legal basis for data management

During the term of the Privacy Notice and unless otherwise indicated, data management is based on voluntary consent.

The User grants his or her consent to the management of his or her personal data (i) in a specific consent to data management, (ii) using the website or (iii) making available his or her personal data voluntarily and sending them to the JVSZ. If the User provides the personal data of a third party to the JVSZ, the User warrants that he or she has obtained such third party’s consent to data management or has other statutory grounds for transmitting the data.

The legal grounds for the management of personal data are the voluntary consent of the User concerned (on the basis of Section 5(1)(a) of Act CXII of 2011 and Article 6(1)(a) of Regulation (EU) 2016/679 applicable as of 25 May 2018 (‘General Data Protection Regulation’)), where such consent may be withdrawn at any time without limitation. If the person concerned provides his or her personal data voluntarily to the JVSZ, but withdraws his or her consent later, it may be necessary to continue the management of personal data (on the basis of Section 6(5) of Act CXII of 2011 or Article 7(f) of Directive 95/46/EC or Article 6(1)(f) of the General Data Protection Regulation as of 25 May 2018) in order to fulfil the legal obligation applicable to the JVSZ or to enforce the priority lawful interests of the JVSZ or a third party, about which to JVSZ provides specific information to the person concerned.

Unless otherwise indicated, the User makes a separate declaration on accepting the contents of this Privacy Notice during registration. If registration is not possible or the User does not register, the JVSZ will presume the User’s consent granted for the management of his or her personal data made available in the case instituted at the request of the User concerned, such as when the User registers for an event or other programme or contacts the JVSZ (under Section 6(6) of Act CXII of 2011). Unless specifically otherwise indicated, the events of the JVSZ are public; therefore, the JVSZ also considers the consent of the person concerned granted with respect to the personal data disclosed or provided for disclosure by such person during his or her exposure to the public eye (Section 6(7) of Act CXII of 2011). Such data management is also governed by the terms and conditions of this Privacy Notice.

If, as part of his or her work for the JVSZ, a User participates in professional consultations relating to legislation or the communication of an authority, unless expressly otherwise provided for by the person concerned, the JVSZ will consider, on the basis of Section 6(7) of Act CXII of 2011, his or her voluntary consent to the transfer of his or her name and contact details to the body conducting the professional consultations and the disclosure of the data in connection with the consultations granted.

In the case of newsletters and messages qualifying as direct marketing, such as by electronic correspondence or communication by an equivalent individual means of communication, the legal basis for the management of personal data is the User’s voluntary consent granted in a separate declaration on the basis of Section 6(1) and (2) of Act XLVIII of 2008.

6. Scope of personal data managed

The JVSZ manages the User’s following voluntarily provided personal data:

Data managed

Data management goals

User name:

It is used for the identification of the person concerned in respect of all data management goals specified in Section 4.

User’s address:

It is used for the identification of and liaison with the person concerned in respect of all data management goals specified in Section 4.

User’s electronic contact information:

It is used for the identification of and liaison with the person concerned in respect of all data management goals specified in Section 4.

User’s telephone number:

It is used for liaison with the person concerned.

User’s occupation:

It is used for the identification of the professional competence of the person concerned for the purpose of forwarding targeted communication or participation in professional consultations.

User’s opinion:

As part of his or her participation in professional and legislative consultations, the User may voluntarily give his or her opinion or position, which will be used in order for the JVSZ to take a position.

User’s case and complaint:

The case or complaint specified in the letter of the person concerned and what he or she is requesting from the JVSZ.

Contact details of the User’s Facebook account:

It is used for the identification of and liaison with the person concerned.

Contact details of the User’s LinkedIn account:

It is used for the identification of and liaison with the person concerned.

IP address of the User’s computer, operating system, type of browser and address of the website visited.

They are used for the identification of the person concerned, the analysis of user practices, the preparation of hit statistics, the prevention and filtering out of unwanted registration and misuse. Further information about the handling of IP addresses is set out in Section 11 of the Privacy Notice.

 

The JVSZ does not collect special data, therefore, you are requested not to send special data to the JVSZ.

7. Data processing:

Of the User’s personal data subject to data management, the data required for the purpose of data management are processed by involving a data processor (the ‘Data Processor’).  The Data Processor is responsible for operating and maintaining the website under the jvsz.hu domain and electronically storing (hosting) personal data:

 

Name of Data Processor: Progressive Studio Kft.
Contact details of Data Processor: Head office: H-1066 Budapest, Nyugati tér 1., Skála Metró, 6th Floor; company register No: 01-09-877715;
Email: info@progressive.hu

 

8. Duration of data management: data storage, deadline for deleting the data

The JVSZ manages the personal data during the term of its legal relationship with the User and after the termination of the legal relationship if allowed by legislation.

Upon the deletion of the User’s registration, the personal data managed are deleted not later than within 30 days (i) unless the User withdraws his or her consent to data management earlier or (ii) if data management is prescribed by legislation or (iii) the preservation of data is allowed by legislation, e.g. in order to keep the accounting evidence produced during data management. Every document that documents the fact of an economic event qualifies as accounting evidence, and the JVSZ stores it for the period of custody specified in the tax and accounting rules, as in force. In this respect, data management to the required extent and for a specific purpose means that documents are kept for 8 years on the basis of Section 169(2) of Act C of 2000 on accounting. In particular, contracts, invoices, certificates, and the documents of inspections, audits and reviews qualify as such documents. Personal data may be managed throughout the period of limitation under civil law if the JVSZ has a legal claim against the User or if the User enforces a legal claim against the JVSZ.

9. Person of possible data controllers entitled to become familiar with data

The JVSZ does not transmit and does not make accessible your personal data to third parties without your consent or unless otherwise provided by the Website Terms of Use.

 Data management activities performed through facebook.com are governed by Facebook’s own data management notice (data controller: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland).

Data management activities performed through linkedin.com are governed by Linkedin’s data management notice published on its own website (data controller: LinkedIn Ireland Unlimited Company, Attn: Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland).

In the event of registration with a Facebook/LinkedIn account, the Webplayer/Website will have access to the following data: the User’s public data and email address.

When you visit the Website and/or register, the JVSZ (or its technical service provider) records the Users’ IP addresses, from which the persons concerned can be inferred in certain cases; in addition, it records the operating system, the browser type and the address of the visited site. Making backups has primarily technical purposes: it is essential for the continuous operation of the system. Another goal of making backups is to analyse user practices and to prepare hit statistics, which help the provision of service to an even higher standard.

10. Cookies

In order to ensure more efficient operation, to provide customised service and to enhance user experience, the website of the JVSZ uses small data packages called cookies.

During the operation of the website of the JVSZ, the system uses the cookies itemised in the Cookie Notice. These cookies preserve information in the manner and for a period specified there.

11. Data management relating to the Users’ IP addresses

When you visit the Website and/or register, the JVSZ (or its technical service provider, Google Analytics) records the Users’ IP addresses, from which the person concerned can be inferred in certain cases; in addition, it records the operating system, the browser type and the address of the visited site. Making backups has primarily technical purposes: it is essential for the continuous operation of the system. Another goal of making backups is to analyse user practices and to prepare hit statistics, which help the provision of service to an even higher standard.

As external service provider, Google Analytics helps the independent measurement of the hit and other web analytical data of the Website. Google Analytics does not record IP data by which the person concerned could be identified beyond any doubt.

12. Provisions on data security

The JVSZ takes all necessary measures in order to protect the personal data managed by it against unauthorised access, alteration, disclosure, deletion, damage and destruction.

As data controller, the JVSZ and the data processor used by it treat the personal data specified in Section 6 confidentially. They take all security, technical and organisational measures that guarantee data security as required measures, in particular:

  • the JVSZ and the Data Processor store the personal data in electronic form. Of the employees of the Data Controller and the Data Processor, only the staff participating in the performance of services associated with the personal data managed may have access to the personal data managed;
  • In the interest of the security of personal data, the Data Controller and the Data Processor apply encryption and other physical and logical protection measures and use their best efforts that may be expected in the given situation, in order to prevent access by unauthorised persons to the personal data managed.

13. Users’ rights and their enforcement

The User may request information about the management of his or her personal data at any time and may request the correction or modification of his or her personal data at any time in a letter addressed to the Data Controller or by electronic means via the Data Controller’s following contact points:

JVSZ 

Péter Tálos, President

Email: jvsz@jointventure.hu    

Telephone: +36 (1) 489-0368

Fax: +36 (1) 489-0369

The User has the right to refuse to provide his or her personal data and to withdraw his or her declarations of consent made during registration unconditionally, free of charge, at any time, without stating reasons. The User can unsubscribe and can withdraw his or her declaration of consent at the following contact points: jvsz@jointventure.hu. The JVSZ may request that the User identify him or herself and, to this end, provide personal data.

The JVSZ deletes the data managed or has them deleted by the Data Processor if:

  • their management is unlawful;
  • they are incomplete or incorrect, and this condition cannot be corrected lawfully;
  • the purpose of data management has ceased to exist;
  • it has been ordered by the court or the National Authority for Data Protection and Freedom of Information; or
  • so requested by the User (not including mandatory data management ordered by law).

The User may request information about the management of his or her personal data at any time and may request the correction, freezing or deletion of his or her personal data at any time. In the case of a request for information, the JVSZ provides information in writing within the shortest period from the submission of the request, but not later than within 25 days.

If the personal data are not true and true personal data are available, the personal data will be corrected. The personal data are frozen instead of deletion if so requested by the User or if it can be assumed on the basis of the information available to him or her that deletion would infringe the User’s lawful interests. The personal data so frozen are managed only as long as the data management goal that excluded the deletion of personal data exists. The personal data managed will be marked if the User disputes their correctness or accuracy, but the incorrectness or inaccuracy of the disputed personal data cannot be clearly established. If the request for correction, freezing or deletion is not fulfilled, the JVSZ will state the factual and legal reasons for the rejection of the request for correction, freezing or deletion within 25 days of receipt of the request.

Not including the case of mandatory data management, the User may object to the management of his or her personal data at any time if the management or transmission of data is only required for the fulfilment of legal obligations applicable to the data controller or the enforcement of the lawful interests of the data controller, the data recipient or third parties as well as in other cases defined by law. The JVSZ will investigate the User’s objection not later than within 15 days from its submission. If the User does not agree with the decision made on his or her objection, the User may bring action against the JVSZ as data controller within 30 days of receipt of the decision.

In the event of the presumed violation of his or her rights, the User may initiate an investigation procedure under Section 52(1) of Act CXII of 2011 before the National Authority for Data Protection and Freedom of Information (address: H-1125 Budapest, Szilágyi Erzsébet fasor 22/C., Hungary, telephone: +36 (1) 391-1400, fax: +36 (1) 391-1410, email: ugyfelszolgalat@naih.hu) or the User may initiate proceedings with the court under Section 22 of Act CXII of 2011. The adjudication of the lawsuit falls within the competence of the court of law. The action may also be brought, at the User’s option, before the court of law with jurisdiction at the User’s residence (a list and the contact information of the courts of law may be viewed at the following link: http://birosag.hu/torvenyszekek).

14. Registration No of data management

The JVSZ has reported data management under this Privacy Notice to the data protection register. Registration No of data management: NAIH-108651/2016 and NAIH-108652/2016.