EuroCharter

DATA PROCESSING POLICY

EuroCharter Limited Liability Company (registered seat: 6724 Szeged, Rókusi körút 29., company registration no.: 06-09-019389, 24129084-2-06, authorised to sign: József Gőgh), as the operator of the website www.eurocharter.hu, shall define in this notice the data protection and processing rules and regulations that shall govern the use of its website and Facebook page, the data processing of the personal data of users collected via Facebook, the organisational and technical measures taken with the aim of protecting personal data and the legal remedies.

For the purposes of this policy, a user (hereinafter referred to as User) shall be the person who uses the services of EuroCharter Ltd. via www.eurocharter.hu or Facebook (i.e. accesses the website or Facebook page) or contacts the data controller.

The controller shall process personal data in accordance with the principles of good faith, fairness and transparency and with the provisions of the laws in force and of this information notice.

To use this service, the user must provide the service provider with certain personal data. This information shall be kept confidential by the service provider, in full compliance with applicable legislation, and shall be used only for the purpose of providing the service concerned and operating the Facebook page.

The Service provider shall process data as defined in this Data Processing Policy, in full accordance with the provisions of Act CXII of 2011 on Informational Self-determination and Freedom of Information, Act CVIII of 2001 on Electronic Commerce and on Information Society, and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 17th 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as “GDPR”).

The service provider is committed to protecting the privacy of its users and considers it of the utmost importance to respect the right of its customers to self-determination. The provider shall keep personal data confidential and shall take all security, technical and organizational measures to ensure the security of the data.

The provision of personal data is always voluntary.

The user assumes responsibility for having voluntarily provided the data and only after having received information regarding it. Only the person who provided the data shall be responsible for the correctness of the data provided. In view of this liability, the provider shall not be liable for any misstatement in the content of the information provided.

The personal data of a person under the age of 18 may be processed only upon the consent of the adult having the parental authority over him or her. The controller is not in a position to verify the authority or content of the declaration of such person, due to which the user or the person exercising parental authority over him/her is to guarantee that the consent complies with the legislation. In the absence of a declaration of consent, the controller shall not collect any personal data relating to a data subject under 18 years of age, with the exception of the IP address used, which is automatically recorded due to the nature of the Internet services.

Purpose of data processing and the scope of the data processed

The following personal data shall be processed when using individual communication channels:

Communication channel used for the request

The personal data processed upon using the communication channel

Request submitted via postal mail:

 personal data of the requesting person as sender (name, postal address),
  • subject of the request,
  • time of the request,
  • and the data/information in the request qualifying as personal data

Request submitted via telephone:
  • phone number of the requesting person,
  • time of the request,
  • any data/information communicated in the request qualifying as personal data

Request submitted via email:
  • e-mail address of the requesting person,
  • time of the request,
  • subject of the request,
  • any data/information in the request qualifying as personal data

The purpose of the processing of contact information is to allow the service provider to respond to requests of a general nature sent to one of the communication channels published in the ‘CONTACT’ section of the Ltd.’s website, after receiving and registering such requests, by contacting the requesting person via the contact details provided.

Further purpose:

  1. Use of the services and information provided on the company’s website and Facebook page by the user;
  2. online content services;
  3. User identification, provision of information to the user;
  4. identification of user rights (user-available services);
  5. collecting information on how to improve the user experience by means of statistical tools and improving and fine-tuning the website in line with visitors’ habits;
  6. the collection and recording of information technically essential for the use of the website features and of the operations carried out;
  7. the handling and management of individual user requests;
  8. the exercise of the legitimate interests of the controller. 

Scope of processed data:

  • The personal data provided by the User
  • The data controller places small text files, called cookies, on the computer of their visitors, which serve multiple purposes. Some cookies are essential for the proper functioning of the site (process cookies), others collect information about the use of the site to make the site more comfortable and useful (statistical cookies), while others serve to display targeted advertising content (advertising cookies). Some cookies are temporary and disappear when you close your browser, while there are some permanent versions that remain on your computer for a long time. The User can delete cookies from the device or set the browser to disable cookies. The controller, in the scope of its own activity, does not collect data through the use of cookies, and the cookies are only used in the user-facing service process (the user’s device and browser). The cookies are present in the user’s system for an unlimited period of time or until the user has deleted the cookies.
  • the data of the user’s log-on computer and mobile devices generated during service use and recorded by the service provider’s system as an automatic result of technical processes.

The legal basis for the processing of data

The consent of the User in accordance with Section 5 (1) of Act CXII of 2011 on Informational Self-determination and Freedom of Information (Info tv.) and Section 13/A (3) of Act CVIII of 2001 on Electronic Commerce and on Information Society (hereinafter referred to as Elker tv.). The processing of data is carried out in full accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 2016 April 17 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as “GDPR”) and Act CXII of 2011 on Informational Self-determination and Freedom of Information.

The legal basis for the processing of personal data under this policy is Article 6(1)(a) of GDPR, based on which you have given your consent to the processing of your personal data for one or more specific purposes. This consent is considered to be given by you, when you disclose your personal data to us.

What is the source of the personal data being processed? The personal data subject to data processing under this Policy originate directly from you, the data subject.

Please be informed that you may withdraw your consent any time, however, this withdrawal shall not affect the lawfulness of processing based on consent before the withdrawal.

Please note that your request cannot be answered after you have withdrawn your consent to process your personal information.

The duration of the processing

The service provider shall only process the data provided when the user established contact until the consent given has been withdrawn, otherwise until the request has been answered. If the customer provides unlawful, deceptive personal data or commits a crime or there is an attack on the system, the controller shall have the right to delete the user’s data without delay, but shall be entitled to retain the data for the duration of the procedure in the event of a suspected criminal offense or a suspicion of civil liability (and to notify the competent authority thereof).

Access to data

Access to the personal data processed shall be limited to the extent necessary for the service provider’s staff to perform its tasks. The data is processed by a service provider and is not accessible to a third party.

By visiting the website and Facebook page, the user gives consent to the service provider to use he processed data in conjunction with other data for statistical and information purposes, with the aim of ensuring the efficient operation of the system. The service provider states that such combined data are not considered personal data because they cannot be linked to the data subject. The service provider shall not in any form whatsoever disclose combined data to a third party, these shall only be accessible to the service provider’s staff. The provision shall not apply where a service provider complies with a request via a decision of an Authority or by any other official means.

Users may request information about or may inform the service provider of any changes in the data processing, its mode, content, time, location and any data management activity at any time.

The user may withdraw this consent at any time.

The user may exercise his/her rights at court in accordance with Act CXII of 2011 and the Hungarian Civil Code and request the assistance of a Nemzeti Adatvédelmi és Információszabadság Hatóság (National Data Protection and Freedom of Information Authority) on any personal data-related issue (1055 Budapest, Falk Miksa utca 9-11.). Any comments related to the data processing activities may be submitted to the service provider by e-mail at info@eurocharter.hu.

The service provider deletes the data upon request by the data subject, or the purpose of data processing has been carried out, or the data retention duration defined in the legislation has expired or other court or authority has ordered it to do so.

The rights of the user and exercising such rights

  1. The user may request information from the controller about the purposes for which it is processing his or her personal data and may request a copy of the data stored by the controller. The controller shall comply with these requests free of charge, if this is the first time the request is submitted per data.
  2. The user may request the rectification or modification of the personal data processed by the controller and may request the completion of incomplete data.
  3. The user may request that the personal data processed by the controller be deleted. Where the processing is necessary for the exercise of the right to freedom of expression and information, where the processing of personal data is authorized by law, or for the establishment, exercise or defence of legal claim, such erasure may be refused. The controller shall inform the user of any refusal to grant such deletion, indicating the reasons for the refusal. Once a request for deletion of personal data has been met, previous (deleted) data cannot be recovered.
  4. The user shall have the right to ask the service provider to restrict the processing of his personal data in the event that the user contests the accuracy of the personal data processed. The restriction applies to the period enabling the controller to verify the accuracy of the personal data. A restriction may also be requested where the user considers that the processing is unlawful, but the user opposes the deletion of the personal data processed. Restriction may also be petitioned where the purpose of the data processing has been met, but the data subject requests the controller to process the data for the purpose of the establishment, exercise or defence of legal claim.
  5. With the aim of protecting your data, your rights to dispose, rectify, and access such data may only be granted by the controller upon verifying your identity. If so requested, please indicate this in one of the following contact details: By electronic means at info@eurocharter.hu.

Personal data breach

A ‘personal data breach’ shall mean a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. The service provider is obliged to communicate to the user a personal data breach, without undue delay, where that personal data breach is likely to result in a high risk to the rights and freedoms of the natural person. Such communication shall include a clear and comprehensible description of the nature of the personal data breach and shall include the following information and measures:

  1. the name and contact details of the contact person providing information;
  2. the likely consequences of the personal data breach;
  3. the measures taken or proposed to be taken by the data controller to address the personal data breach.

The user need not be informed if any of the following conditions are met:

  1. the provider has implemented appropriate technical and organizational protection measures and those measures have been applied in respect of the data subject to the personal data breach;
  2. the provider has taken steps that ensure that the high risk to the rights and freedoms of the data subject will likely not materialise in the future;
  3. the information would require a disproportionate effort. In such cases, users shall be informed by means of publicly available information or a similar measure shall be taken to ensure that users are similarly, efficiently informed.

Amendment of the notice and other provisions

This Privacy Policy has been published by the service provider on its website (www.eurocharter.hu), where the current Policy is available on an ongoing basis. The service provider is entitled to amend this notice unilaterally, which modification is also published on the website and which the user accepts upon providing the data.

Please be informed that the use of our Facebook page and the protection of the data collected by Facebook is governed by Facebook’s privacy policy, which can be found at https://hu-hu.facebook.com/privacy/explanation and https://hu-hu.facebook.com/business/gdpr

The company does not have a data protection officer.

Szeged, 1. June 2021.

EuroCharter Limited Liability Company