PRIVACY POLICY
Privacy rules for the website 'hungarian-e-lawyer.eu' ("website")
maintained by Nagy Tibor Law Firm ("Law Firm")
RELEVANT REGULATIONS SERVING THE BASIS OF THESE RULES:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR);
- 2013. Act V of 2013 on the Civil Code (Civil Code);
- 2011. Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (hereinafter referred to as Privacy Act);
- 2000. Act C of 2000 on Accounting (Accounting Act);Act CXXXVI of 2007 on the Prevention and Combating of Money Laundering and Terrorist Financing (PCMLTF);
DATA PROCESSOR
Nagy Tibor Law Firm
5 Koris, Leanyfalu, Hungary H-2016
Managing partner: dr. Tibor Nagy
Registration no. at the Bar (KASZ): 36066025
E-mail: info@hungarian-e-lawyer.eu
website: www.hungarian-e-lawyer.eu
Data management by the Law Firm is based on contract, voluntary consent, general business interest of the parties involved and on relevant legislation. In case of data management subject to voluntary consent you are entitled to revoke your consent at any stage of data management and you are entitled to practice your right related to the access, rectification, restriction and erasure of your data.
Any information suitable for identifying you, e.g. your name, contact info etc. and information related to the usage of our website by which you are directly or indirectly identifiable, constitute personal data.
We may collect personal data when you browse our website, participate at our events, sign up for our legal newsletter or contact us etc.
Personal data is primarily used for direct business relationship based on contract, legitimate interest or user consent. No further notification is provided to you, all issues related to privacy policy are defined in this document. You have the right to decline the management of your data for general business or client relationship. In this case, your data will no longer be processed for such purposes.
If your data is collected for purposes other than business relationship, we notify you about the relevant regulatory provisions and request your preliminary written consent.
We may only use your personal data for the following purposes:
- keeping business contact,
- attorney-client communication,
- contacting, legal newsletters, organizing events, writing publications and articles,
- Organizing events connected to the professional activities of the Law Firm
- Administrative and legal purposes: your data is used for statistical and marketing analyses, remarketing/marketing purposes, system testing, customer satisfaction surveys, maintenance and development purposes as well as for litigating disputed issues or legal claims.
- Security and administrative measures, health protection, prevention/detection of crime: in compliance with our legal obligation we are entitled to provide personal data to authorities and law enforcement agencies;
- Client service communication: we use your data to keep in touch with you, our clients, and to improve our services and your user experience;
- Marketing: we might occasionally send you marketing materials electronically about our services, legal news, our events etc., if you agreed to receive such materials. In this case you can indicate whether you wish to subscribe or unsubscribe from such emails. In addition, in all forms of electronic communication you may indicate that you do not want to receive direct marketing materials from us anymore.
We process your personal data only for those purposes and cases in which we have the legal basis to do so. The legal basis depends on the purpose of collecting and processing personal data.
We retain your data until the consent is withdrawn or the statutory deadline expires. In case of applying for a job advertisement, we retain it until the end of the given job advertisement, or if consent is given for further data storage, then until the withdrawal of the consent.
We do not retain your data after the purpose of processing is achieved. When determining the appropriate retaining time, we take into account the quantity, nature and sensitivity of personal data and the purpose of processing them and we consider whether these purposes may be achieved by other means.
In order to comply with data protection purposes we may disclose your data to our contractors, associated and cooperating law firms and attorneys within the European Union in order to process data obtained through our website and/or to operate, maintain or manage our website, its services and content in accordance with this privacy policy. We do not disclose your personal data to third countries or international organizations outside the European Union. We will notify you before disclosing your personal data to any service provider located outside the European Economic Area.
When using external companies or professionals for processing those personal data which were not provided by you, these companies or professionals are entitled to process such data exclusively in the course of performing the particular task, ensuring compliance with this privacy policy.
Current permanent contractor
(hosting provider and operator of the website):
Webnode AG
Badenerstrasse 47, 8004 Zurich, Switzerland
info@webnode.com
Registration ID: CH-170.3.036.124-0
Commercial Register: Handelsregister
Kanton Zürich; Schöntalstrasse 5; Postfach 8022 Zürich
We
disclose personal data to countries outside the European Economic Area only if
the following conditions are met:
- if the transmit of data takes place at a location considered by the European Commission as secure for protecting personal data;
- or if we have taken the appropriate measures, for instance we entered into an agreement with a data recipient regarding the transmit of data corresponding to the measures defined by the European Commission or a data protection authority. You may request a copy of such agreements via our contact;
- or if you consented to the transmit of your data, or we are legally entitled to do so.
- In addition, we may disclose your personal data to the following external parties in accordance with the objectives of this privacy policy:
- Government authorities, regulatory bodies; we disclose your data in compliance with legal provisions when it is required for the prevention and detection of fraud or criminal offense and/or for the maintenance of network and data security;
- Reliable service providers assisting our work, including agencies to support postal or courier services, newsletter distribution, promotions, games with marketing, remarketing and email marketing service providers of cloud based services;
- Legal and other specialized advisors, courts and enforcement agencies;
- Social media: you may access social media services of third parties via our website. Please check out the privacy policy of such social media service providers in order to learn more about the procedures.
The Law Firm performs electronic data processing and storing with the help of an IT software conforming to data security provisions. The software ensures that under controlled conditions only authorized persons shall have access to the specific data when it is necessary for them to perform their work. IT systems are protected by firewall and virus protection. The IT systems and other data storage devices are located at the registered seat, its branch office and its data processors. The Law Firm ensures that under controlled conditions only authorized persons shall have access to the specific data when it is necessary for them to perform their work.
When selecting and operating IT tools for personal data management the Law Firm pays special attention to ensure that:
- processed data is accessible only for authorized persons (availability);
- the validity and authentication of data is guaranteed (credibility of data management);
- the integrity of processed data can be verified (data integrity);
- processed data is protected against unauthorized access (data confidentiality).
The Law Firm takes all necessary measures to protect personal data, in particular from unauthorized access, rectification, forwarding, publishing, erasure or destruction, as well as from accidental destruction, damage or inaccessibility due to the changing of applied technology.
In order to protect electronically managed data in its registers the Law Firm ensures that stored data cannot be directly linked to data subjects – unless it is permitted by law.
With regard to the current development level of technology the Law Firm ensures the protection of data by technical, organizational and structural measures providing appropriate level of protection against any data management risks that may occur.
If the data protection incident is classified by the Law Firm as high risk of affecting rights and freedoms of natural persons, we will inform you about the data protection incident without undue delay and notify you about the information referred to in point b), c) and d) of paragraph (3) of Article 33 of the GDPR.
You can contact data processor via the contact information indicated in this
document and on the website.
The Law Firm deletes all received emails with the name and email address of the sender, the date, time and any other personal data contained in the email after maximum five years.
On other data management not included here, we inform the data subject when submitting such data.
For providing customized services the service provider places small files (so called cookies) to the user's computer which carry information from one visit to the next. When the browser sends a previously saved cookie, the service provider may link the user's visit to previous one(s) related exclusively to its own content.
Purpose of data management: to identify users, differentiate them, to identify the current sessions of users, to store data submitted during these sessions, to prevent data loss, the track users and to conduct web analytics.
The legal basis for data management: data management for statistical and direct marketing purposes, provision of appropriate user experience and proper functioning of the website (legitimate interest of data subjects) and/or the consent of data subjects. Managed personal data: IP address.
The HTML code of websites operated by data processor may contain external links from independent, external servers with reference to external servers for web analytics purposes. Analytics cover the tracking of conversions. The web analytics service provider manages data exclusively related to web browsing and does not manage personal data suitable for identifying users. Currently, web analytic services are performed by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043), in the course of Google Analytics services.
Data processor may run remarketing advertisements via Facebook and Google AdWords advertising channels. These service providers may collect or gain data from the website of data processor and other sites through cookies, web beacons and related technologies. By gathering and analyzing such data they provide analytic services and target advertisements. Ads targeted this way are then launched on multiple sites within the partner network of Facebook and Google. Remarketing lists do not contain personal data of visitors, they are not suitable for personal identification.
Users may block the usage of cookies on their own computer/device and may prohibit them with their browser. These settings –depending on the particular browser- can typically be reviewed at Tools/Settings/Privacy/History/Customized settings tab.
Potential consequences of the lack of data management: the functions of the website are not completely available, analytics are inaccurate.
The websites of our Law Firm may use Google Analytics services, provided by
Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)
("Google") as web analytics services. Google Analytics uses cookies. Your IP
address is identified by Google Analytics cookies. Before storing or analyzing
the address it is shortened hence anonymized, when it is technically possible.
After anonymizing personal data, they lose personal attributes.
Anonymization takes place within the European Union and the European Economic Area. The complete IP address is transmitted for shortening to the Google server located in the U.S. only in exceptional cases.
We use data collected by Google Analytics cookies to analyze user behavior of visitors to our website.
Google does not merge your IP address gained from its browser related to Google Analytics services with other data.
You may block the storage of Google Analytics cookies in your browser settings (for more information please read point VI. on cookies). Please note that by blocking cookies you may not be able to use all functions of the website.
In addition, you may refuse to have your data analyzed by Google Analytics by downloading and installing the browser tool from here: https://tools.google.com/dlpage/gaoptout?hl=en.
You may request information on the use of their personal data, furthermore may request correction and, with the exception of compulsory data processing, erasure or revocation of such, may exercise your right to recording and to object as indicated at the time of data recording a well as via the contacts of data processor specified above
You have the right to obtain confirmation from data processor as to whether or not your personal data are being processed, and, where that is the case, access to the personal data and the following information: purposes of the processing; the categories of personal data concerned; the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations; the envisaged period for which the personal data will be stored; the right to request rectification or erasure or restriction of processing of personal data; the right to lodge a complaint with a supervisory authority; any available information as to the source of data; the existence of automated decision-making, including profiling, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing. Where personal data are transmitted to a third country or to an international organization, you have the right to be informed about the appropriate safeguards relating to the transmitting.
The Law Firm shall provide you a copy of the personal data undergoing processing. For any further copies requested by you, data processor may charge a reasonable fee based on administrative costs.
The Law Firm shall provide information to data subject by electronic means.
You may request from the Law Firm to rectify or complete the processed personal data.
You have the right to obtain from the Law Firm the erasure of personal data concerning you without undue delay where one of the following grounds applies:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- you withdrew consent on which the processing is based and where there is no other legal ground for the processing;
- you object to the processing and there are no overriding legitimate grounds for the processing;
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in Union or Member State law;
- the personal data have been collected in relation to the offer of information society services.
- The previous (erased) data can no longer be recovered after the request for erasure or modification has been completed. Erasure of the data cannot be requested if the processing is necessary for either of the following reason: for compliance with a legal obligation which requires processing by Union or Member State law, if the data processing is necessary for the establishment, exercise or defense of legal claims of the Law Firm, if the data processing is necessary for the submission, enforcement and protection of legal claims; the data processing is necessary due to significant public interest based on Union or Member State law, if the data processing is necessary due to public interest concerning the field of public health; and or for archival purposes of public interest, for scientific or historical research purposes or for statistical purposes.
You are entitled to request the Law Firm to restrict processing where one of the following applies:
- you contest the accuracy of the personal data, for a period necessary to verify the accuracy of the personal data;
- the processing is unlawful and you object to the erasure of the personal data and request the restriction of their use instead;
- data processor no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims; or
- you objected to processing; in this case restriction shall apply for a period enabling the verification whether the legitimate grounds of data processor override those of the data subject.
- where processing has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person.
- The Law Firm informed you before the restriction of processing is lifted.
You have the right to receive the personal data concerning you, which you provided to data processor, in a structured, commonly used and machine-readable format and have the right to transmit those data to another processor.
You are entitled to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, including profiling based on those provisions. Data processor shall no longer process the personal data unless data processor demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Where the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
Data processor shall provide information on action taken on a request under Articles 15 to 22 to the data subject without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests.
Data processor shall inform you about any such extension within one month of receipt of the request, together with the reasons for the delay. If you submit the request by electronic means, the information shall be provided by electronic means where possible, unless otherwise requested.
If data processor does not take action on your request, data processor shall inform you without delay and at the latest within one month of receipt of the request of the reasons for not taking action and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.
The Law Firm shall provide the requested information and any communication free of charge. Where your request is manifestly unfounded or excessive, in particular because of its repetitive character, data processor may charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested or refuse to act on the request.
Data processor shall communicate any rectification or erasure of personal data or restriction of processing carried out to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. Data processor shall inform the data subject about those recipients if the data subject requests it.
Data processor shall provide a copy of the personal data undergoing processing. For any further copies requested by the data subject, data processor may charge a reasonable fee based on administrative costs. Where the data subject makes the request by electronic means, and unless otherwise requested by the data subject, the information shall be provided in a commonly used electronic form.
For any issues concerning the privacy measures of the Law Firm, please feel free to contact us.
In case of infringement of data subject's rights, the data subject may bring these to the attention of the court. The court shall hear the case without delay.
Data protection authority procedures:
Complaints may be made to the National Authority for Data Protection and Freedom of Information:
Name: National Authority for Data Protection and Freedom of Information
Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.
Postal address: 1530 Budapest, Pf.: 5.
Phone: +36 1 391 1400
Fax: +36 1 391 1410
Email: ugyfelszolgalat@naih.hu
Website: https://www.naih.hu
This privacy policy may be amended from time to time. We will announce any changes to the privacy policy on our website or we will notify you via email.