Privacy policy - Mito Group
Swipe down for the privacy policy of Mito Creative, Mito Performance, Mito Digital and Mito Next.
Swipe down for the privacy policy of Mito Creative, Mito Performance, Mito Digital and Mito Next.
Mito Group Zrt. (hereinafter referred to as the “Data Controller“) considers it of paramount importance to respect the right of its partners and visitors to informational self-determination. The Data Controller shall process personal data confidentially in accordance with applicable European Union, and domestic law and relevant data protection (official) practices and shall take all information security and organizational measures to ensure the security, confidentiality, integrity, and availability of the data.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (hereinafter referred to as the GDPR) and Act CXII of 2011 on the right to information self-determination and freedom of information (hereinafter: The Information Act) and the provisions of other legislation relevant to the main activities of the Data Controller, in order to protect the personal data processed, publishes the following Privacy Policy (hereinafter: The Privacy Policy).
The Privacy Policy is effective from July 1, 2024 until revoked regarding the processing of personal data of those involved in the main activities of the Data Controller.
The Data Controller reserves the right to unilaterally change this Privacy Policy at any time. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by adding a notice on the homepage or by sending you an email notification. We will also keep prior versions of this Privacy Policy in an archive for your review. We encourage you to review our Privacy Policy to stay informed about our information practices and the ways you can help protect your privacy.
The purpose and legal basis of data processing
By accepting this Privacy Policy, you agree that the personal data you have provided when signing up can be used by data controller, for the purpose of get in touch with you.
Pursuant to Art. 6 (1) a) of the GDPR the data processing related to the service available at mito.digital/privacy-policy is based on the voluntary informed consent of the users concerned.
The Data Controller shall not be liable in any form for any errors or damages resulting from incorrectly or incorrectly provided data, and any liability arising therefrom shall be borne by you.
Information about the data controller
Company name: Mito Group Zrt.
Registry number: 01-10-141288
Registered offices: 9 Károlyi street, 4th floor, Budapest 1053
Tax number: 29178234-2-41
E-mail address: adatvedelem@mito.hu
Data processed
We process the following personal data:
Categories of data subjects: Only persons who have written message to us.
The source of the personal data processed: the data subject.
Purpose of data processing: Data Controller can receive personal data via its own websites from those who request contact. Data Controller collect information about you when you input it into the Message or otherwise provide it directly to us. The purpose of data processing is for the Data Controller and the given person to contact each other.
Legal basis for processing: the voluntary informed consent of the data subject under Article 6 (1)(a) of the GDPR.
Duration of data processing
The data will be stored until withdrawn, but after 1 year after giving consent, they will be automatically deleted. You can revoke your consent for data processing at any time and you can request for your data to be deleted by writing to adatvedelem@mito.hu.
We will send a message confirming the deletion of the provided personal data. Exceptions to this are possible enforcement of rights or claims, proceedings before a court, prosecutor’s office, investigating authority, infringement authority, administrative authority, the National Data Protection and Freedom of Information Authority, or other bodies
Access
The processed personal data is primarily accessed by the Data Controller.
Transmission
Personal data will not be transferred to third parties unless otherwise provided in the contract between the data subject and the Data Controller or under the authority of any law or claim, court, public prosecutor’s office, investigating authority, misdemeanor authority, administrative authority, national data protection and freedom of information authority, or other bodies authorized by law.
Processing method
The Data Controller shall process the personal data of the data subject electronically.
Profiling
Pursuant to Art. 22(1) of GDPR, the data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. The Data Controller does not make a decision based solely on automated processing in connection with the data subject and does not profile the data subject on the basis of the personal data available.
Rights of the data subject
In the context of data processing, data subjects may exercise the rights to withdraw consent, access, rectification, erasure, restriction of data processing, data portability. The data subject can exercise the above rights by sending an e-mail to adatvedelem@mito.hu, by post to the Controller's head office or by visiting the Controller's head office in person. The Controller shall investigate and act on the data subject's request without undue delay after receipt of the request. The Controller shall inform the data subject of the action taken on the basis of the request within 30 (thirty) days of its receipt. Where the Controller is unable to comply with the request, it shall inform the data subject of the reasons for the refusal and of his or her rights of appeal within 30 (thirty) days.
Within 5 (five) years of the death of the data subject, the rights of the deceased as set out in this Privacy Policy, which the data subject enjoyed during his or her lifetime, may be exercised by a person authorised by the data subject by means of an administrative order or a declaration in a public or private document of full probative value made to the Data Controller or, if the data subject made several declarations to the same controller, by a declaration made at a later date. If the data subject has not made a corresponding declaration, his or her close relative within the meaning of Act V of 2013 on the Civil Code may, even in the absence of such a declaration, exercise the rights under Articles 16 (right of rectification) and 21 (right of access to data) of the GDPR. (right to object) and, if the processing was already unlawful during the lifetime of the data subject or if the purpose of the processing ceased to exist upon the death of the data subject, to exercise the rights of the deceased during his or her lifetime as provided for in Articles 17 (right of erasure) and 18 (right to restriction of processing) of the GDPR within 5 (five) years of the death of the data subject. The right to enforce the rights of the data subject under this paragraph shall lie with the next of kin who first exercises that right.
Data Security
The Data Controller is entitled to get acquainted with the personal data of the data subject to the extent necessary for the performance of the tasks falling exclusively and exclusively within their area of responsibility.
In the interest of data security, the Data Controller assesses and records all data processing activities performed by him.
Based on the record of data processing activities, the Data Controller performs a risk analysis in order to assess the conditions under which each data processing is carried out and which risk factors may cause harm and possible data protection incidents during the data processing. The risk analysis should be performed on the basis of the actual data processing activity. The purpose of the risk analysis is to define security rules as well as measures that effectively ensure the adequate protection of personal data in line with the performance of the Data Controller’s activity.
The Data Controller shall take appropriate technical and organizational measures to ensure and demonstrate that the processing of personal data is in accordance with the GDPR, taking into account the nature, scope, circumstances, and purposes of the processing and the varying probability and severity of the risk to the rights and freedoms of natural persons. happens. Including, where appropriate:
In determining the appropriate level of security, explicit account shall be taken of the risks arising from the processing, in particular arising from the accidental or unlawful destruction,
loss, alteration, unauthorized disclosure of, or unauthorized access to, personal data that have been transmitted, stored or otherwise processed.
The Data Controller shall implement appropriate technical and organizational measures to ensure that, by default, only personal data that are necessary for the specific data processing purpose are processed. This obligation applies to the amount of personal data collected, the extent to which they are processed, the duration of their storage, and their availability. In particular, these measures should ensure that, by default, personal data cannot be made available to an indefinite number of persons without the intervention of a natural person.
In the event of personal data damage or destruction, attempts should be made to replace the damaged data as far as possible from other available data sources. The replaced data must indicate the fact of the replacement.
Data Controller protects your internal network with multi-level firewall protection. In all cases, a hardware firewall (border protection device) is located at the entry points of the applied public networks. The Data Controller stores the data redundantly – ie in several places – in order to protect it from destruction, loss, damage or illegal destruction due to the failure of the IT device. It protects your internal networks from external attacks with multi-level, active protection against complex malicious code (eg virus protection).
The Data Controller will do everything with the utmost care to ensure that its IT tools and software continuously comply with the technological solutions generally accepted in the operation of the market.
Rights of the data subject in relation to data processing
It is important for the Data Controller that his data processing meets the requirements of fairness, legality, and transparency. In connection with data processing, the data subject may at any time:
Upon request for information, if it is not subject to restrictions in the interest specified by law, you can find out whether the processing of your personal data is in progress with the Data Controller and is entitled to receive information about the data processed concerning him/her:
The Data Controller shall respond to requests for information and access within 30 days at the latest. The Data Controller may charge a reasonable fee based on administrative costs for additional copies of the personal data processed about the data subject.
When requesting the correction (modification) of the data, the data subject must prove the reality of the data requested to be modified and must also prove that the person entitled to do so requests the modification of the data. This is the only way for the Data Controller to judge whether the new data is real and, if so, whether to modify the old one.
If it is not clear whether the processed data is correct or accurate, the Data Controller does not correct the data, only marks it, ie indicates that it has been objected to by the data subject, but it may not be incorrect. After confirming the authenticity of the request, the data controller shall, without undue delay, correct the inaccurate personal data or supplement the data affected by the request. The Data Controller shall notify the data subject of the correction or marking.
In case of requesting the deletion or blocking of the data, the data subject may request the deletion of his / her data, which means that the Data Controller is obliged to delete the data concerning the data subject without undue delay, if:
You can request a data processing restriction, which the data controller complies with if one of the following is met:
Where data are restricted, such personal data may be processed, with the exception of storage, only with the consent of the data subject or for the purpose of bringing, enforcing or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State. The Data Controller shall inform the data subject in advance of the lifting of the restriction of data processing.
If the data subject considers that the data processing is in accordance with GDPR or Infotv. If you violate the provisions of the Data Protection Act or consider it infringing the way the Data Controller processes your personal data, we recommend that you first contact the Data Controller with your complaint. Your complaint will be investigated in all cases.
Despite your complaint, you continue to complain about the way the Data Controller processes your data or would like to contact an authority directly, you can file a complaint with the National Data Protection and Freedom of Information Authority (address: 1055 Budapest, Falk Miksa utca 9-11., Postal address: 1363 Budapest, Pf. 9. E-mail: ugyfelszolgalat@naih.hu, website: www.naih.hu).
You have the option of going to court to protect your data, which will act out of turn in the case. In this case, you are free to decide whether to bring an action before the court of your place of residence (permanent address) or your place of residence (temporary address) (http://birosag.hu/torvenyszekek).
You can find the court of your place of residence or stay at http://birosag.hu/ugyfelkapcsolati-portal/birosag-kereso.
The Data Controller is not liable for the consequences of the inaccurate provision of data.
Annex 1.
Relevant legislation
In developing the Privacy Policy, the Data Controller has taken into account the relevant existing legislation and major international recommendations, in particular:
Annex 2.
Definitions relating to the processing of personal data
Budapest, July 1, 2024.
Privacy policy - Mito Creative
Mito Creative Zrt. (hereinafter referred to as the “Data Controller“) considers it of paramount importance to respect the right of its partners and visitors to informational self-determination. The Data Controller shall process personal data confidentially in accordance with applicable European Union, and domestic law and relevant data protection (official) practices and shall take all information security and organizational measures to ensure the security, confidentiality, integrity, and availability of the data.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (hereinafter referred to as the GDPR) and Act CXII of 2011 on the right to information self-determination and freedom of information (hereinafter: The Information Act) and the provisions of other legislation relevant to the main activities of the Data Controller, in order to protect the personal data processed, publishes the following Privacy Policy (hereinafter: The Privacy Policy).
The Privacy Policy is effective from July 1, 2024 until revoked regarding the processing of personal data of those involved in the main activities of the Data Controller.
The Data Controller reserves the right to unilaterally change this Privacy Policy at any time. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by adding a notice on the homepage or by sending you an email notification. We will also keep prior versions of this Privacy Policy in an archive for your review. We encourage you to review our Privacy Policy to stay informed about our information practices and the ways you can help protect your privacy.
The purpose and legal basis of data processing
By accepting this Privacy Policy, you agree that the personal data you have provided when signing up can be used by data controller, for the purpose of get in touch with you.
Pursuant to Art. 6 (1) a) of the GDPR the data processing related to the service available at mito.digital/privacy-policy is based on the voluntary informed consent of the users concerned.
The Data Controller shall not be liable in any form for any errors or damages resulting from incorrectly or incorrectly provided data, and any liability arising therefrom shall be borne by you.
Information about the data controller
Company name: Mito Creative Zrt.
Registry number: 01 10 140905
Registered offices: 9 Károlyi street, 4th floor, Budapest 1053
Tax number: 27989485-2-41
E-mail address: adatvedelem@mito.hu
Data processed
We process the following personal data:
Categories of data subjects: Only persons who have written message to us.
The source of the personal data processed: the data subject.
Purpose of data processing: Data Controller can receive personal data via its own websites from those who request contact. Data Controller collect information about you when you input it into the Message or otherwise provide it directly to us. The purpose of data processing is for the Data Controller and the given person to contact each other.
Legal basis for processing: the voluntary informed consent of the data subject under Article 6 (1)(a) of the GDPR.
Duration of data processing
The data will be stored until withdrawn, but after 1 year after giving consent, they will be automatically deleted. You can revoke your consent for data processing at any time and you can request for your data to be deleted by writing to adatvedelem@mito.hu.
We will send a message confirming the deletion of the provided personal data. Exceptions to this are possible enforcement of rights or claims, proceedings before a court, prosecutor’s office, investigating authority, infringement authority, administrative authority, the National Data Protection and Freedom of Information Authority, or other bodies
Access
The processed personal data is primarily accessed by the Data Controller.
Transmission
Personal data will not be transferred to third parties unless otherwise provided in the contract between the data subject and the Data Controller or under the authority of any law or claim, court, public prosecutor’s office, investigating authority, misdemeanor authority, administrative authority, national data protection and freedom of information authority, or other bodies authorized by law.
Processing method
The Data Controller shall process the personal data of the data subject electronically.
Profiling
Pursuant to Art. 22(1) of GDPR, the data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. The Data Controller does not make a decision based solely on automated processing in connection with the data subject and does not profile the data subject on the basis of the personal data available.
Rights of the data subject
In the context of data processing, data subjects may exercise the rights to withdraw consent, access, rectification, erasure, restriction of data processing, data portability. The data subject can exercise the above rights by sending an e-mail to adatvedelem@mito.hu, by post to the Controller's head office or by visiting the Controller's head office in person. The Controller shall investigate and act on the data subject's request without undue delay after receipt of the request. The Controller shall inform the data subject of the action taken on the basis of the request within 30 (thirty) days of its receipt. Where the Controller is unable to comply with the request, it shall inform the data subject of the reasons for the refusal and of his or her rights of appeal within 30 (thirty) days.
Within 5 (five) years of the death of the data subject, the rights of the deceased as set out in this Privacy Policy, which the data subject enjoyed during his or her lifetime, may be exercised by a person authorised by the data subject by means of an administrative order or a declaration in a public or private document of full probative value made to the Data Controller or, if the data subject made several declarations to the same controller, by a declaration made at a later date. If the data subject has not made a corresponding declaration, his or her close relative within the meaning of Act V of 2013 on the Civil Code may, even in the absence of such a declaration, exercise the rights under Articles 16 (right of rectification) and 21 (right of access to data) of the GDPR. (right to object) and, if the processing was already unlawful during the lifetime of the data subject or if the purpose of the processing ceased to exist upon the death of the data subject, to exercise the rights of the deceased during his or her lifetime as provided for in Articles 17 (right of erasure) and 18 (right to restriction of processing) of the GDPR within 5 (five) years of the death of the data subject. The right to enforce the rights of the data subject under this paragraph shall lie with the next of kin who first exercises that right.
Data Security
The Data Controller is entitled to get acquainted with the personal data of the data subject to the extent necessary for the performance of the tasks falling exclusively and exclusively within their area of responsibility.
In the interest of data security, the Data Controller assesses and records all data processing activities performed by him.
Based on the record of data processing activities, the Data Controller performs a risk analysis in order to assess the conditions under which each data processing is carried out and which risk factors may cause harm and possible data protection incidents during the data processing. The risk analysis should be performed on the basis of the actual data processing activity. The purpose of the risk analysis is to define security rules as well as measures that effectively ensure the adequate protection of personal data in line with the performance of the Data Controller’s activity.
The Data Controller shall take appropriate technical and organizational measures to ensure and demonstrate that the processing of personal data is in accordance with the GDPR, taking into account the nature, scope, circumstances, and purposes of the processing and the varying probability and severity of the risk to the rights and freedoms of natural persons. happens. Including, where appropriate:
In determining the appropriate level of security, explicit account shall be taken of the risks arising from the processing, in particular arising from the accidental or unlawful destruction,
loss, alteration, unauthorized disclosure of, or unauthorized access to, personal data that have been transmitted, stored or otherwise processed.
The Data Controller shall implement appropriate technical and organizational measures to ensure that, by default, only personal data that are necessary for the specific data processing purpose are processed. This obligation applies to the amount of personal data collected, the extent to which they are processed, the duration of their storage, and their availability. In particular, these measures should ensure that, by default, personal data cannot be made available to an indefinite number of persons without the intervention of a natural person.
In the event of personal data damage or destruction, attempts should be made to replace the damaged data as far as possible from other available data sources. The replaced data must indicate the fact of the replacement.
Data Controller protects your internal network with multi-level firewall protection. In all cases, a hardware firewall (border protection device) is located at the entry points of the applied public networks. The Data Controller stores the data redundantly – ie in several places – in order to protect it from destruction, loss, damage or illegal destruction due to the failure of the IT device. It protects your internal networks from external attacks with multi-level, active protection against complex malicious code (eg virus protection).
The Data Controller will do everything with the utmost care to ensure that its IT tools and software continuously comply with the technological solutions generally accepted in the operation of the market.
Rights of the data subject in relation to data processing
It is important for the Data Controller that his data processing meets the requirements of fairness, legality, and transparency. In connection with data processing, the data subject may at any time:
Upon request for information, if it is not subject to restrictions in the interest specified by law, you can find out whether the processing of your personal data is in progress with the Data Controller and is entitled to receive information about the data processed concerning him/her:
The Data Controller shall respond to requests for information and access within 30 days at the latest. The Data Controller may charge a reasonable fee based on administrative costs for additional copies of the personal data processed about the data subject.
When requesting the correction (modification) of the data, the data subject must prove the reality of the data requested to be modified and must also prove that the person entitled to do so requests the modification of the data. This is the only way for the Data Controller to judge whether the new data is real and, if so, whether to modify the old one.
If it is not clear whether the processed data is correct or accurate, the Data Controller does not correct the data, only marks it, ie indicates that it has been objected to by the data subject, but it may not be incorrect. After confirming the authenticity of the request, the data controller shall, without undue delay, correct the inaccurate personal data or supplement the data affected by the request. The Data Controller shall notify the data subject of the correction or marking.
In case of requesting the deletion or blocking of the data, the data subject may request the deletion of his / her data, which means that the Data Controller is obliged to delete the data concerning the data subject without undue delay, if:
You can request a data processing restriction, which the data controller complies with if one of the following is met:
Where data are restricted, such personal data may be processed, with the exception of storage, only with the consent of the data subject or for the purpose of bringing, enforcing or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State. The Data Controller shall inform the data subject in advance of the lifting of the restriction of data processing.
If the data subject considers that the data processing is in accordance with GDPR or Infotv. If you violate the provisions of the Data Protection Act or consider it infringing the way the Data Controller processes your personal data, we recommend that you first contact the Data Controller with your complaint. Your complaint will be investigated in all cases.
Despite your complaint, you continue to complain about the way the Data Controller processes your data or would like to contact an authority directly, you can file a complaint with the National Data Protection and Freedom of Information Authority (address: 1055 Budapest, Falk Miksa utca 9-11., Postal address: 1363 Budapest, Pf. 9. E-mail: ugyfelszolgalat@naih.hu, website: www.naih.hu).
You have the option of going to court to protect your data, which will act out of turn in the case. In this case, you are free to decide whether to bring an action before the court of your place of residence (permanent address) or your place of residence (temporary address) (http://birosag.hu/torvenyszekek).
You can find the court of your place of residence or stay at http://birosag.hu/ugyfelkapcsolati-portal/birosag-kereso.
The Data Controller is not liable for the consequences of the inaccurate provision of data.
Annex 1.
Relevant legislation
In developing the Privacy Policy, the Data Controller has taken into account the relevant existing legislation and major international recommendations, in particular:
Annex 2.
Definitions relating to the processing of personal data
Budapest, July 1, 2024.
Privacy policy - Mito Digital
Mito Digital Zrt. (hereinafter referred to as the “Data Controller“) considers it of paramount importance to respect the right of its partners and visitors to informational self-determination. The Data Controller shall process personal data confidentially in accordance with applicable European Union, and domestic law and relevant data protection (official) practices and shall take all information security and organizational measures to ensure the security, confidentiality, integrity, and availability of the data.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (hereinafter referred to as the GDPR) and Act CXII of 2011 on the right to information self-determination and freedom of information (hereinafter: The Information Act) and the provisions of other legislation relevant to the main activities of the Data Controller, in order to protect the personal data processed, publishes the following Privacy Policy (hereinafter: The Privacy Policy).
The Privacy Policy is effective from July 1, 2024 until revoked regarding the processing of personal data of those involved in the main activities of the Data Controller.
The Data Controller reserves the right to unilaterally change this Privacy Policy at any time. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by adding a notice on the homepage or by sending you an email notification. We will also keep prior versions of this Privacy Policy in an archive for your review. We encourage you to review our Privacy Policy to stay informed about our information practices and the ways you can help protect your privacy.
The purpose and legal basis of data processing
By accepting this Privacy Policy, you agree that the personal data you have provided when signing up can be used by data controller, for the purpose of get in touch with you.
Pursuant to Art. 6 (1) a) of the GDPR the data processing related to the service available at mito.digital/privacy-policy is based on the voluntary informed consent of the users concerned.
The Data Controller shall not be liable in any form for any errors or damages resulting from incorrectly or incorrectly provided data, and any liability arising therefrom shall be borne by you.
Information about the data controller
Company name: Mito Digital Zrt.
Registry number: 01-10-140906
Registered offices: 9 Károlyi street, 4th floor, Budapest 1053
Tax number: 27989502-2-41
E-mail address: adatvedelem@mito.hu
Data processed
We process the following personal data:
Categories of data subjects: Only persons who have written message to us.
The source of the personal data processed: the data subject.
Purpose of data processing: Data Controller can receive personal data via its own websites from those who request contact. Data Controller collect information about you when you input it into the Message or otherwise provide it directly to us. The purpose of data processing is for the Data Controller and the given person to contact each other.
Legal basis for processing: the voluntary informed consent of the data subject under Article 6 (1)(a) of the GDPR.
Duration of data processing
The data will be stored until withdrawn, but after 1 year after giving consent, they will be automatically deleted. You can revoke your consent for data processing at any time and you can request for your data to be deleted by writing to adatvedelem@mito.hu.
We will send a message confirming the deletion of the provided personal data. Exceptions to this are possible enforcement of rights or claims, proceedings before a court, prosecutor’s office, investigating authority, infringement authority, administrative authority, the National Data Protection and Freedom of Information Authority, or other bodies
Access
The processed personal data is primarily accessed by the Data Controller.
Transmission
Personal data will not be transferred to third parties unless otherwise provided in the contract between the data subject and the Data Controller or under the authority of any law or claim, court, public prosecutor’s office, investigating authority, misdemeanor authority, administrative authority, national data protection and freedom of information authority, or other bodies authorized by law.
Processing method
The Data Controller shall process the personal data of the data subject electronically.
Profiling
Pursuant to Art. 22(1) of GDPR, the data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. The Data Controller does not make a decision based solely on automated processing in connection with the data subject and does not profile the data subject on the basis of the personal data available.
Rights of the data subject
In the context of data processing, data subjects may exercise the rights to withdraw consent, access, rectification, erasure, restriction of data processing, data portability. The data subject can exercise the above rights by sending an e-mail to adatvedelem@mito.hu, by post to the Controller's head office or by visiting the Controller's head office in person. The Controller shall investigate and act on the data subject's request without undue delay after receipt of the request. The Controller shall inform the data subject of the action taken on the basis of the request within 30 (thirty) days of its receipt. Where the Controller is unable to comply with the request, it shall inform the data subject of the reasons for the refusal and of his or her rights of appeal within 30 (thirty) days.
Within 5 (five) years of the death of the data subject, the rights of the deceased as set out in this Privacy Policy, which the data subject enjoyed during his or her lifetime, may be exercised by a person authorised by the data subject by means of an administrative order or a declaration in a public or private document of full probative value made to the Data Controller or, if the data subject made several declarations to the same controller, by a declaration made at a later date. If the data subject has not made a corresponding declaration, his or her close relative within the meaning of Act V of 2013 on the Civil Code may, even in the absence of such a declaration, exercise the rights under Articles 16 (right of rectification) and 21 (right of access to data) of the GDPR. (right to object) and, if the processing was already unlawful during the lifetime of the data subject or if the purpose of the processing ceased to exist upon the death of the data subject, to exercise the rights of the deceased during his or her lifetime as provided for in Articles 17 (right of erasure) and 18 (right to restriction of processing) of the GDPR within 5 (five) years of the death of the data subject. The right to enforce the rights of the data subject under this paragraph shall lie with the next of kin who first exercises that right.
Data Security
The Data Controller is entitled to get acquainted with the personal data of the data subject to the extent necessary for the performance of the tasks falling exclusively and exclusively within their area of responsibility.
In the interest of data security, the Data Controller assesses and records all data processing activities performed by him.
Based on the record of data processing activities, the Data Controller performs a risk analysis in order to assess the conditions under which each data processing is carried out and which risk factors may cause harm and possible data protection incidents during the data processing. The risk analysis should be performed on the basis of the actual data processing activity. The purpose of the risk analysis is to define security rules as well as measures that effectively ensure the adequate protection of personal data in line with the performance of the Data Controller’s activity.
The Data Controller shall take appropriate technical and organizational measures to ensure and demonstrate that the processing of personal data is in accordance with the GDPR, taking into account the nature, scope, circumstances, and purposes of the processing and the varying probability and severity of the risk to the rights and freedoms of natural persons. happens. Including, where appropriate:
In determining the appropriate level of security, explicit account shall be taken of the risks arising from the processing, in particular arising from the accidental or unlawful destruction,
loss, alteration, unauthorized disclosure of, or unauthorized access to, personal data that have been transmitted, stored or otherwise processed.
The Data Controller shall implement appropriate technical and organizational measures to ensure that, by default, only personal data that are necessary for the specific data processing purpose are processed. This obligation applies to the amount of personal data collected, the extent to which they are processed, the duration of their storage, and their availability. In particular, these measures should ensure that, by default, personal data cannot be made available to an indefinite number of persons without the intervention of a natural person.
In the event of personal data damage or destruction, attempts should be made to replace the damaged data as far as possible from other available data sources. The replaced data must indicate the fact of the replacement.
Data Controller protects your internal network with multi-level firewall protection. In all cases, a hardware firewall (border protection device) is located at the entry points of the applied public networks. The Data Controller stores the data redundantly – ie in several places – in order to protect it from destruction, loss, damage or illegal destruction due to the failure of the IT device. It protects your internal networks from external attacks with multi-level, active protection against complex malicious code (eg virus protection).
The Data Controller will do everything with the utmost care to ensure that its IT tools and software continuously comply with the technological solutions generally accepted in the operation of the market.
Rights of the data subject in relation to data processing
It is important for the Data Controller that his data processing meets the requirements of fairness, legality, and transparency. In connection with data processing, the data subject may at any time:
Upon request for information, if it is not subject to restrictions in the interest specified by law, you can find out whether the processing of your personal data is in progress with the Data Controller and is entitled to receive information about the data processed concerning him/her:
The Data Controller shall respond to requests for information and access within 30 days at the latest. The Data Controller may charge a reasonable fee based on administrative costs for additional copies of the personal data processed about the data subject.
When requesting the correction (modification) of the data, the data subject must prove the reality of the data requested to be modified and must also prove that the person entitled to do so requests the modification of the data. This is the only way for the Data Controller to judge whether the new data is real and, if so, whether to modify the old one.
If it is not clear whether the processed data is correct or accurate, the Data Controller does not correct the data, only marks it, ie indicates that it has been objected to by the data subject, but it may not be incorrect. After confirming the authenticity of the request, the data controller shall, without undue delay, correct the inaccurate personal data or supplement the data affected by the request. The Data Controller shall notify the data subject of the correction or marking.
In case of requesting the deletion or blocking of the data, the data subject may request the deletion of his / her data, which means that the Data Controller is obliged to delete the data concerning the data subject without undue delay, if:
You can request a data processing restriction, which the data controller complies with if one of the following is met:
Where data are restricted, such personal data may be processed, with the exception of storage, only with the consent of the data subject or for the purpose of bringing, enforcing or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State. The Data Controller shall inform the data subject in advance of the lifting of the restriction of data processing.
If the data subject considers that the data processing is in accordance with GDPR or Infotv. If you violate the provisions of the Data Protection Act or consider it infringing the way the Data Controller processes your personal data, we recommend that you first contact the Data Controller with your complaint. Your complaint will be investigated in all cases.
Despite your complaint, you continue to complain about the way the Data Controller processes your data or would like to contact an authority directly, you can file a complaint with the National Data Protection and Freedom of Information Authority (address: 1055 Budapest, Falk Miksa utca 9-11., Postal address: 1363 Budapest, Pf. 9. E-mail: ugyfelszolgalat@naih.hu, website: www.naih.hu).
You have the option of going to court to protect your data, which will act out of turn in the case. In this case, you are free to decide whether to bring an action before the court of your place of residence (permanent address) or your place of residence (temporary address) (http://birosag.hu/torvenyszekek).
You can find the court of your place of residence or stay at http://birosag.hu/ugyfelkapcsolati-portal/birosag-kereso.
The Data Controller is not liable for the consequences of the inaccurate provision of data.
Annex 1.
Relevant legislation
In developing the Privacy Policy, the Data Controller has taken into account the relevant existing legislation and major international recommendations, in particular:
Annex 2.
Definitions relating to the processing of personal data
Budapest, July 1, 2024.
Privacy policy - Mito Performance
Mito Performance Zrt. (hereinafter referred to as the “Data Controller“) considers it of paramount importance to respect the right of its partners and visitors to informational self-determination. The Data Controller shall process personal data confidentially in accordance with applicable European Union, and domestic law and relevant data protection (official) practices and shall take all information security and organizational measures to ensure the security, confidentiality, integrity, and availability of the data.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (hereinafter referred to as the GDPR) and Act CXII of 2011 on the right to information self-determination and freedom of information (hereinafter: The Information Act) and the provisions of other legislation relevant to the main activities of the Data Controller, in order to protect the personal data processed, publishes the following Privacy Policy (hereinafter: The Privacy Policy).
The Privacy Policy is effective from July 1, 2024 until revoked regarding the processing of personal data of those involved in the main activities of the Data Controller.
The Data Controller reserves the right to unilaterally change this Privacy Policy at any time. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by adding a notice on the homepage or by sending you an email notification. We will also keep prior versions of this Privacy Policy in an archive for your review. We encourage you to review our Privacy Policy to stay informed about our information practices and the ways you can help protect your privacy.
The purpose and legal basis of data processing
By accepting this Privacy Policy, you agree that the personal data you have provided when signing up can be used by data controller, for the purpose of get in touch with you.
Pursuant to Art. 6 (1) a) of the GDPR the data processing related to the service available at mito.digital/privacy-policy is based on the voluntary informed consent of the users concerned.
The Data Controller shall not be liable in any form for any errors or damages resulting from incorrectly or incorrectly provided data, and any liability arising therefrom shall be borne by you.
Information about the data controller
Company name: Mito Performance Zrt.
Registry number: 01 10 140945
Registered offices: 9 Károlyi street, 4th floor, Budapest 1053
Tax number: 28741215-2-41
E-mail address: adatvedelem@mito.hu
Data processed
We process the following personal data:
Categories of data subjects: Only persons who have written message to us.
The source of the personal data processed: the data subject.
Purpose of data processing: Data Controller can receive personal data via its own websites from those who request contact. Data Controller collect information about you when you input it into the Message or otherwise provide it directly to us. The purpose of data processing is for the Data Controller and the given person to contact each other.
Legal basis for processing: the voluntary informed consent of the data subject under Article 6 (1)(a) of the GDPR.
Duration of data processing
The data will be stored until withdrawn, but after 1 year after giving consent, they will be automatically deleted. You can revoke your consent for data processing at any time and you can request for your data to be deleted by writing to adatvedelem@mito.hu.
We will send a message confirming the deletion of the provided personal data. Exceptions to this are possible enforcement of rights or claims, proceedings before a court, prosecutor’s office, investigating authority, infringement authority, administrative authority, the National Data Protection and Freedom of Information Authority, or other bodies
Access
The processed personal data is primarily accessed by the Data Controller.
Transmission
Personal data will not be transferred to third parties unless otherwise provided in the contract between the data subject and the Data Controller or under the authority of any law or claim, court, public prosecutor’s office, investigating authority, misdemeanor authority, administrative authority, national data protection and freedom of information authority, or other bodies authorized by law.
Processing method
The Data Controller shall process the personal data of the data subject electronically.
Profiling
Pursuant to Art. 22(1) of GDPR, the data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. The Data Controller does not make a decision based solely on automated processing in connection with the data subject and does not profile the data subject on the basis of the personal data available.
Rights of the data subject
In the context of data processing, data subjects may exercise the rights to withdraw consent, access, rectification, erasure, restriction of data processing, data portability. The data subject can exercise the above rights by sending an e-mail to adatvedelem@mito.hu, by post to the Controller's head office or by visiting the Controller's head office in person. The Controller shall investigate and act on the data subject's request without undue delay after receipt of the request. The Controller shall inform the data subject of the action taken on the basis of the request within 30 (thirty) days of its receipt. Where the Controller is unable to comply with the request, it shall inform the data subject of the reasons for the refusal and of his or her rights of appeal within 30 (thirty) days.
Within 5 (five) years of the death of the data subject, the rights of the deceased as set out in this Privacy Policy, which the data subject enjoyed during his or her lifetime, may be exercised by a person authorised by the data subject by means of an administrative order or a declaration in a public or private document of full probative value made to the Data Controller or, if the data subject made several declarations to the same controller, by a declaration made at a later date. If the data subject has not made a corresponding declaration, his or her close relative within the meaning of Act V of 2013 on the Civil Code may, even in the absence of such a declaration, exercise the rights under Articles 16 (right of rectification) and 21 (right of access to data) of the GDPR. (right to object) and, if the processing was already unlawful during the lifetime of the data subject or if the purpose of the processing ceased to exist upon the death of the data subject, to exercise the rights of the deceased during his or her lifetime as provided for in Articles 17 (right of erasure) and 18 (right to restriction of processing) of the GDPR within 5 (five) years of the death of the data subject. The right to enforce the rights of the data subject under this paragraph shall lie with the next of kin who first exercises that right.
Data Security
The Data Controller is entitled to get acquainted with the personal data of the data subject to the extent necessary for the performance of the tasks falling exclusively and exclusively within their area of responsibility.
In the interest of data security, the Data Controller assesses and records all data processing activities performed by him.
Based on the record of data processing activities, the Data Controller performs a risk analysis in order to assess the conditions under which each data processing is carried out and which risk factors may cause harm and possible data protection incidents during the data processing. The risk analysis should be performed on the basis of the actual data processing activity. The purpose of the risk analysis is to define security rules as well as measures that effectively ensure the adequate protection of personal data in line with the performance of the Data Controller’s activity.
The Data Controller shall take appropriate technical and organizational measures to ensure and demonstrate that the processing of personal data is in accordance with the GDPR, taking into account the nature, scope, circumstances, and purposes of the processing and the varying probability and severity of the risk to the rights and freedoms of natural persons. happens. Including, where appropriate:
In determining the appropriate level of security, explicit account shall be taken of the risks arising from the processing, in particular arising from the accidental or unlawful destruction,
loss, alteration, unauthorized disclosure of, or unauthorized access to, personal data that have been transmitted, stored or otherwise processed.
The Data Controller shall implement appropriate technical and organizational measures to ensure that, by default, only personal data that are necessary for the specific data processing purpose are processed. This obligation applies to the amount of personal data collected, the extent to which they are processed, the duration of their storage, and their availability. In particular, these measures should ensure that, by default, personal data cannot be made available to an indefinite number of persons without the intervention of a natural person.
In the event of personal data damage or destruction, attempts should be made to replace the damaged data as far as possible from other available data sources. The replaced data must indicate the fact of the replacement.
Data Controller protects your internal network with multi-level firewall protection. In all cases, a hardware firewall (border protection device) is located at the entry points of the applied public networks. The Data Controller stores the data redundantly – ie in several places – in order to protect it from destruction, loss, damage or illegal destruction due to the failure of the IT device. It protects your internal networks from external attacks with multi-level, active protection against complex malicious code (eg virus protection).
The Data Controller will do everything with the utmost care to ensure that its IT tools and software continuously comply with the technological solutions generally accepted in the operation of the market.
Rights of the data subject in relation to data processing
It is important for the Data Controller that his data processing meets the requirements of fairness, legality, and transparency. In connection with data processing, the data subject may at any time:
Upon request for information, if it is not subject to restrictions in the interest specified by law, you can find out whether the processing of your personal data is in progress with the Data Controller and is entitled to receive information about the data processed concerning him/her:
The Data Controller shall respond to requests for information and access within 30 days at the latest. The Data Controller may charge a reasonable fee based on administrative costs for additional copies of the personal data processed about the data subject.
When requesting the correction (modification) of the data, the data subject must prove the reality of the data requested to be modified and must also prove that the person entitled to do so requests the modification of the data. This is the only way for the Data Controller to judge whether the new data is real and, if so, whether to modify the old one.
If it is not clear whether the processed data is correct or accurate, the Data Controller does not correct the data, only marks it, ie indicates that it has been objected to by the data subject, but it may not be incorrect. After confirming the authenticity of the request, the data controller shall, without undue delay, correct the inaccurate personal data or supplement the data affected by the request. The Data Controller shall notify the data subject of the correction or marking.
In case of requesting the deletion or blocking of the data, the data subject may request the deletion of his / her data, which means that the Data Controller is obliged to delete the data concerning the data subject without undue delay, if:
You can request a data processing restriction, which the data controller complies with if one of the following is met:
Where data are restricted, such personal data may be processed, with the exception of storage, only with the consent of the data subject or for the purpose of bringing, enforcing or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State. The Data Controller shall inform the data subject in advance of the lifting of the restriction of data processing.
If the data subject considers that the data processing is in accordance with GDPR or Infotv. If you violate the provisions of the Data Protection Act or consider it infringing the way the Data Controller processes your personal data, we recommend that you first contact the Data Controller with your complaint. Your complaint will be investigated in all cases.
Despite your complaint, you continue to complain about the way the Data Controller processes your data or would like to contact an authority directly, you can file a complaint with the National Data Protection and Freedom of Information Authority (address: 1055 Budapest, Falk Miksa utca 9-11., Postal address: 1363 Budapest, Pf. 9. E-mail: ugyfelszolgalat@naih.hu, website: www.naih.hu).
You have the option of going to court to protect your data, which will act out of turn in the case. In this case, you are free to decide whether to bring an action before the court of your place of residence (permanent address) or your place of residence (temporary address) (http://birosag.hu/torvenyszekek).
You can find the court of your place of residence or stay at http://birosag.hu/ugyfelkapcsolati-portal/birosag-kereso.
The Data Controller is not liable for the consequences of the inaccurate provision of data.
Annex 1.
Relevant legislation
In developing the Privacy Policy, the Data Controller has taken into account the relevant existing legislation and major international recommendations, in particular:
Annex 2.
Definitions relating to the processing of personal data
Budapest, July 1, 2024.
Privacy policy - Mito Next
Mito Next Zrt. (hereinafter referred to as the “Data Controller“) considers it of paramount importance to respect the right of its partners and visitors to informational self-determination. The Data Controller shall process personal data confidentially in accordance with applicable European Union, and domestic law and relevant data protection (official) practices and shall take all information security and organizational measures to ensure the security, confidentiality, integrity, and availability of the data.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (hereinafter referred to as the GDPR) and Act CXII of 2011 on the right to information self-determination and freedom of information (hereinafter: The Information Act) and the provisions of other legislation relevant to the main activities of the Data Controller, in order to protect the personal data processed, publishes the following Privacy Policy (hereinafter: The Privacy Policy).
The Privacy Policy is effective from July 1, 2024 until revoked regarding the processing of personal data of those involved in the main activities of the Data Controller.
The Data Controller reserves the right to unilaterally change this Privacy Policy at any time. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by adding a notice on the homepage or by sending you an email notification. We will also keep prior versions of this Privacy Policy in an archive for your review. We encourage you to review our Privacy Policy to stay informed about our information practices and the ways you can help protect your privacy.
The purpose and legal basis of data processing
By accepting this Privacy Policy, you agree that the personal data you have provided when signing up can be used by data controller, for the purpose of get in touch with you.
Pursuant to Art. 6 (1) a) of the GDPR the data processing related to the service available at mito.digital/privacy-policy is based on the voluntary informed consent of the users concerned.
The Data Controller shall not be liable in any form for any errors or damages resulting from incorrectly or incorrectly provided data, and any liability arising therefrom shall be borne by you.
Information about the data controller
Company name: Mito Next Zrt.
Registry number: 01-10-140946
Registered offices: 9 Károlyi street, 4th floor, Budapest 1053
Tax number: 28741277-2-41
E-mail address: adatvedelem@mito.hu
Data processed
We process the following personal data:
Categories of data subjects: Only persons who have written message to us.
The source of the personal data processed: the data subject.
Purpose of data processing: Data Controller can receive personal data via its own websites from those who request contact. Data Controller collect information about you when you input it into the Message or otherwise provide it directly to us. The purpose of data processing is for the Data Controller and the given person to contact each other.
Legal basis for processing: the voluntary informed consent of the data subject under Article 6 (1)(a) of the GDPR.
Duration of data processing
The data will be stored until withdrawn, but after 1 year after giving consent, they will be automatically deleted. You can revoke your consent for data processing at any time and you can request for your data to be deleted by writing to adatvedelem@mito.hu.
We will send a message confirming the deletion of the provided personal data. Exceptions to this are possible enforcement of rights or claims, proceedings before a court, prosecutor’s office, investigating authority, infringement authority, administrative authority, the National Data Protection and Freedom of Information Authority, or other bodies
Access
The processed personal data is primarily accessed by the Data Controller.
Transmission
Personal data will not be transferred to third parties unless otherwise provided in the contract between the data subject and the Data Controller or under the authority of any law or claim, court, public prosecutor’s office, investigating authority, misdemeanor authority, administrative authority, national data protection and freedom of information authority, or other bodies authorized by law.
Processing method
The Data Controller shall process the personal data of the data subject electronically.
Profiling
Pursuant to Art. 22(1) of GDPR, the data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. The Data Controller does not make a decision based solely on automated processing in connection with the data subject and does not profile the data subject on the basis of the personal data available.
Rights of the data subject
In the context of data processing, data subjects may exercise the rights to withdraw consent, access, rectification, erasure, restriction of data processing, data portability. The data subject can exercise the above rights by sending an e-mail to adatvedelem@mito.hu, by post to the Controller's head office or by visiting the Controller's head office in person. The Controller shall investigate and act on the data subject's request without undue delay after receipt of the request. The Controller shall inform the data subject of the action taken on the basis of the request within 30 (thirty) days of its receipt. Where the Controller is unable to comply with the request, it shall inform the data subject of the reasons for the refusal and of his or her rights of appeal within 30 (thirty) days.
Within 5 (five) years of the death of the data subject, the rights of the deceased as set out in this Privacy Policy, which the data subject enjoyed during his or her lifetime, may be exercised by a person authorised by the data subject by means of an administrative order or a declaration in a public or private document of full probative value made to the Data Controller or, if the data subject made several declarations to the same controller, by a declaration made at a later date. If the data subject has not made a corresponding declaration, his or her close relative within the meaning of Act V of 2013 on the Civil Code may, even in the absence of such a declaration, exercise the rights under Articles 16 (right of rectification) and 21 (right of access to data) of the GDPR. (right to object) and, if the processing was already unlawful during the lifetime of the data subject or if the purpose of the processing ceased to exist upon the death of the data subject, to exercise the rights of the deceased during his or her lifetime as provided for in Articles 17 (right of erasure) and 18 (right to restriction of processing) of the GDPR within 5 (five) years of the death of the data subject. The right to enforce the rights of the data subject under this paragraph shall lie with the next of kin who first exercises that right.
Data Security
The Data Controller is entitled to get acquainted with the personal data of the data subject to the extent necessary for the performance of the tasks falling exclusively and exclusively within their area of responsibility.
In the interest of data security, the Data Controller assesses and records all data processing activities performed by him.
Based on the record of data processing activities, the Data Controller performs a risk analysis in order to assess the conditions under which each data processing is carried out and which risk factors may cause harm and possible data protection incidents during the data processing. The risk analysis should be performed on the basis of the actual data processing activity. The purpose of the risk analysis is to define security rules as well as measures that effectively ensure the adequate protection of personal data in line with the performance of the Data Controller’s activity.
The Data Controller shall take appropriate technical and organizational measures to ensure and demonstrate that the processing of personal data is in accordance with the GDPR, taking into account the nature, scope, circumstances, and purposes of the processing and the varying probability and severity of the risk to the rights and freedoms of natural persons. happens. Including, where appropriate:
In determining the appropriate level of security, explicit account shall be taken of the risks arising from the processing, in particular arising from the accidental or unlawful destruction,
loss, alteration, unauthorized disclosure of, or unauthorized access to, personal data that have been transmitted, stored or otherwise processed.
The Data Controller shall implement appropriate technical and organizational measures to ensure that, by default, only personal data that are necessary for the specific data processing purpose are processed. This obligation applies to the amount of personal data collected, the extent to which they are processed, the duration of their storage, and their availability. In particular, these measures should ensure that, by default, personal data cannot be made available to an indefinite number of persons without the intervention of a natural person.
In the event of personal data damage or destruction, attempts should be made to replace the damaged data as far as possible from other available data sources. The replaced data must indicate the fact of the replacement.
Data Controller protects your internal network with multi-level firewall protection. In all cases, a hardware firewall (border protection device) is located at the entry points of the applied public networks. The Data Controller stores the data redundantly – ie in several places – in order to protect it from destruction, loss, damage or illegal destruction due to the failure of the IT device. It protects your internal networks from external attacks with multi-level, active protection against complex malicious code (eg virus protection).
The Data Controller will do everything with the utmost care to ensure that its IT tools and software continuously comply with the technological solutions generally accepted in the operation of the market.
Rights of the data subject in relation to data processing
It is important for the Data Controller that his data processing meets the requirements of fairness, legality, and transparency. In connection with data processing, the data subject may at any time:
Upon request for information, if it is not subject to restrictions in the interest specified by law, you can find out whether the processing of your personal data is in progress with the Data Controller and is entitled to receive information about the data processed concerning him/her:
The Data Controller shall respond to requests for information and access within 30 days at the latest. The Data Controller may charge a reasonable fee based on administrative costs for additional copies of the personal data processed about the data subject.
When requesting the correction (modification) of the data, the data subject must prove the reality of the data requested to be modified and must also prove that the person entitled to do so requests the modification of the data. This is the only way for the Data Controller to judge whether the new data is real and, if so, whether to modify the old one.
If it is not clear whether the processed data is correct or accurate, the Data Controller does not correct the data, only marks it, ie indicates that it has been objected to by the data subject, but it may not be incorrect. After confirming the authenticity of the request, the data controller shall, without undue delay, correct the inaccurate personal data or supplement the data affected by the request. The Data Controller shall notify the data subject of the correction or marking.
In case of requesting the deletion or blocking of the data, the data subject may request the deletion of his / her data, which means that the Data Controller is obliged to delete the data concerning the data subject without undue delay, if:
You can request a data processing restriction, which the data controller complies with if one of the following is met:
Where data are restricted, such personal data may be processed, with the exception of storage, only with the consent of the data subject or for the purpose of bringing, enforcing or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State. The Data Controller shall inform the data subject in advance of the lifting of the restriction of data processing.
If the data subject considers that the data processing is in accordance with GDPR or Infotv. If you violate the provisions of the Data Protection Act or consider it infringing the way the Data Controller processes your personal data, we recommend that you first contact the Data Controller with your complaint. Your complaint will be investigated in all cases.
Despite your complaint, you continue to complain about the way the Data Controller processes your data or would like to contact an authority directly, you can file a complaint with the National Data Protection and Freedom of Information Authority (address: 1055 Budapest, Falk Miksa utca 9-11., Postal address: 1363 Budapest, Pf. 9. E-mail: ugyfelszolgalat@naih.hu, website: www.naih.hu).
You have the option of going to court to protect your data, which will act out of turn in the case. In this case, you are free to decide whether to bring an action before the court of your place of residence (permanent address) or your place of residence (temporary address) (http://birosag.hu/torvenyszekek).
You can find the court of your place of residence or stay at http://birosag.hu/ugyfelkapcsolati-portal/birosag-kereso.
The Data Controller is not liable for the consequences of the inaccurate provision of data.
Annex 1.
Relevant legislation
In developing the Privacy Policy, the Data Controller has taken into account the relevant existing legislation and major international recommendations, in particular:
Annex 2.
Definitions relating to the processing of personal data
Budapest, July 1, 2024.