Privacy Notice
for participants of the event
In regard to the management of personal data the Data Manager informs participants of the conference and those accompanying them, pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: GDPR).
Name of data manager: EVACON Kft.
EVACON Event Organizer and Consulting Liability Company; EVACON Ltd.
Registered office: H-1136 Budapest, Tátra u. 34. 4. em 1.
Tax number: 25874938-2-41
Company registration number: 01-09-293854
Mailing address: H-1136 Budapest, Tátra u. 34. 4.em 1.
E-mail: eva@evacon.hu
Telephone: +36 30 9514480
I. Legislation underlying data management:
1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter: GDPR, the prevailing text of the Regulation is accessible at: http://eurlex.europa.eu/legalcontent/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG&toc=OJ:L:2016:119:TOC).
2. Act CXII of 2011 on Informational Self-Determination and the Freedom of Information (hereinafter: Information Act, the prevailing text of the Act is accessible at: http://njt.hu/cgi_bin/njt_doc.cgi?docid=139257.338504).
3. Act V of 2013 on the Civil Code (hereinafter: Civil Code, the prevailing text of the Act is accessible at: http://njt.hu/cgi_bin/njt_doc.cgi?docid=159096.348050).
4. Act LIII of 2017 on the Prevention and Combating of Money Laundering and Terrorist Financing (hereinafter: AML Act, the prevailing text of the Act is accessible at: http://njt.hu/cgi_bin/njt_doc.cgi?docid=165854.348587).
II. The purpose of personal data management
Recording, storing, transmitting, using and deleting data during the organisation, holding and management of conferences, professional and recreational programmes organised by EVACON Kft. in order to register and identify participants and those accompanying them and to communicate with participants (as well as to enable the provision of certain services, such as accommodation and transfer).
III. Legal grounds for the management, and source of, personal data, list and categories, as well as storage of data
1. The legal grounds for the management of personal data is provided for in Article 6 (1) a) of the GDPR, with the data subject’s consent.
2. Source of personal data: data supplied by the data subject
3. List of and need for personal data:
a) Full name (Data required on a mandatory basis for registration/logging in/downloads, indispensable for the identification of the person concerned and for communication with him or her.)
b) Place of work/Institution (Data required on a mandatory basis for registration, indispensable for forming groups of the applicants, for providing them with information and services.)
c) Contact data (Data required on a mandatory basis for registration, indispensable for communication.)
d) Telephone number (Data required on a mandatory basis for registration, indispensable for communication and the identification of the participant.)
e) E-mail address (Data required on a mandatory basis for registration, indispensable for communication and the identification of the participant.)
f) Portrait and contribution (Photos and sound recordings are taken during the conference, for the purpose of preserving its technical content.)
g) Personal data of accompanying persons (Required on a mandatory basis in some events of a conference, indispensable for participation in the events.)
4. The period of the storage of personal data:
a) Starting from registration for participation in the event, until the 90th day following its close.
b) Data specified in III.3.f) are kept for 30 days after receipt of the data subject’s written request for cancellation.
IV. How consent is given to the management of personal data
Your consent to the management of your personal data is based on your voluntary decision. You can give your consent after reading this information, by providing all of the required data and giving your express consent in the registration procedure. In case any of these requirements is not met, your registration cannot be accepted.
V. Withdrawal of consent, refusal to give consent
You may withdraw your consent on a voluntary basis at any point in time, without affecting, however, the lawfulness of data management before withdrawal. The provision of incomplete, inconsistent or meaningless data is regarded by the data manager as refusal to give consent to data management.
VI. Transmission of and access to personal data
1. Personal data may only be accessed by the data manager, along with service providers that are in contact with the data manager, and the employees of the latter, exclusively for the purposes of performing the tasks concerned.
2. Responsibility for the proper transmission of personal data in accordance with the applicable regulations lies with the data manager.
3. Personal data will be transmitted to a data processor in a third country in order to have services performed as required for the organisation and holding of the conference and to enable services to be provided for participants and those accompanying them.
4. The data manager may only exceptionally transmit the data of those applying to participate and those accompanying them. Exceptional cases include, for example, a legal dispute between the data manager and the data subject, in the course of which a court case is started and documents containing personal data of the data subject need to be handed over to the court acting in the case, or when data are transmitted to a legal representative engaged to assert or enforce the data manager’s legal interest.
5. The data manager does not apply automated decision making functions.
VII. Data security
1. The data manager stores personal data at its registered office.
2. The data manager provides for the protection of the data subjects by taking the necessary information security actions. It protects data against unauthorised access and alteration by applying a password-protected access procedure, keeping tracks of accesses by logging them.
3. To data processors the data are transmitted on data carriers protected by security codes.
VIII. The rights of the data subject
1. The data subject is entitled to request the following information concerning data pertaining to, given by and stored about, him or her:
a) whether the processing of his/her personal data is in progress.
b) he/she may request access to an information about the data specified in Chapter III.
2. The data subject has a right to request adjustments to the data kept about him/her; in cases specified by the applicable legislation he/she may ask for the deletion or for restriction of data, and to protest against unlawful data management.
3. The data subject may withdraw his/her consent given to data management at any time.
4. The data subject is entitled to file a complaint with the supervisory authority.
A complaint concerning a breach of the GDPR rules must be filed with the supervisory authority of the country in which the rules on data management have been violated, in particular, for instance, in the member state in which he/she has his/her customary place of stay or workplace, or were the assumed infringement took place.
In Hungary:
Nemzeti Adatvédelmi és Információszabadság Hatóság, NAIH (Hungarian National Authority for Data Protection and Freedom of Information)
address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C
mailing address: 1530 Budapest, Pf: 5.
e-mail: ugyfelszolgalat@naih.hu
telephone: +36 (1) 391-1400
fax: +36 (1) 391-1410
website: www.naih.hu
5. The data subject is entitled to institute civil lawsuit against the data management in the case of unlawful data management; this must always be preceded by a specific request, asking the data manager to put an end to the unlawful data management.
A civil lawsuit may – depending on the data subject’s choice – be instituted before the general court having jurisdiction over his/her place of residence. (For a list of general courts and their contact data visit: http://birosag.hu/torvenyszekek.)
6. Requests pertaining to data management should be sent to EVACON Kft’s official e-mail address.
Budapest, 05.04.2018
Éva Őri
EVACON Kft.