According to the provisions of Hungarian and European law, before any data processing is initiated, You – the data subject must be clearly and thoroughly informed of all the facts related to your data processing, in particular the purpose and legal basis of the data processing, the data controller and the person entitled to process it, the duration of the data processing, and who can know the data. The information should also include the rights and remedies available to the data subject in question.
1. The Company
The Bigitcon Consulting Limited Liability Company (hereinafter referred to as the Company)
company registration number: 01 09 333428,
registered address: 1121 Budapest, Hunyad lejtő 1.
Details of person entitled to representation: Manager, dr. Gergely Babos (her mother”s name: Katalin Mária Néhrer, address: 1121 Budapest, Hunyad lejtő 1.).
2. LEGAL BACKGROUND
- REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of natural persons with regard to the processing of personal data and on the free movement of such data;
- Act LXIII of 1992 on the protection of personal data and the publicity of public data;
- Act CXII of 2012 on informational self-determination and the freedom of information
- Act CXIX of 1995 on the use of name and telephone information serving the purposes of research and direct marketingon the promulgation of Act CXIX of 1981 of the Convention on the Protection of Individuals with regard to automatic processing of personal data, Strasbourg, 28 January 1981;
- Act XLVIII of 2008 on the basic requirements and certain restrictions of commercial advertising activities.
3. EXPLANATORY PROVISIONS
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”); a natural person may be identified, directly or indirectly, based on one or more factors relating to the physical, physiological, genetic, intellectual, economic, cultural or social identity of an identifier such as name, number, positioning data, online identifier;”Data processing” means any operation or operation carried out in an automated or non-automated manner on personal data or data files, such as collecting, recording, systematizing, compiling, storing, modifying or altering, querying, inspecting, using, communicating, transmitting, distributing or otherwise by way of making available, by way of coordination or by interconnection, restriction, deletion or destruction;
“Restriction on data processing” means the designation of stored personal data to restrict their future processing;
“Registering System” means any personal data file organized in any way, centralized, decentralized or functional or geographic, accessible on the basis of specified criteria;
“Data controller” means any natural or legal person, public authority, agency or any other body that determines the purposes and means of processing personal data individually or with others; where the purposes and means of data processing are defined by EU or national law, the data controller or the particular aspects of the designation of the data controller may also be defined by Union or national law; “Data processor” means a natural or legal person, a public authority, agency or any other body that processes personal data on behalf of the data controller;
“Consignee” means a natural or legal person, a public authority, agency or any other body with whom or which personal data is communicated, whether it is a third party or not;
“Third party” means any natural or legal person, public authority, agency or any other body other than the data subject, the data controller, the data processor or any person authorized to process personal data under the direct control of the data controller or data processor;
“Consent of the data subject” means any freely given, specific, informed and unambiguous indication of the data subject”s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
“Personal data breach” means a breach of security resulting in accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data transmitted, stored or otherwise handled;
“Supervisory authority” means an independent public authority established by a Member State.
4. Principles of data processing
Personal data must only be processed for a specific purpose, for the exercise of right and for the fulfillment of obligation. At all stages of data processing, the purpose of data processing must be met, data entry and processing must be fair and legitimate.
Only personal data that is essential for achieving the purpose of data processing can be processed to achieve this goal. Personal data can only be processed to the extent and for the duration required to achieve the purpose.
The Company registers data processing made by the Company. The Company shall ensure the confidentiality of the personal data provided by the data concerned in the present and in the future, in accordance with applicable national and European legislation.
5. DATA PROCESSING, DEADLINES RELATED TO DATA PROCESSING
The Company”s website (bigitcon.hu) places on the visitors’ computer a small computer file, “Cookie” with the visitors’ permission that can serve a variety of purposes.
Some cookies are essential for the site to work properly (“process cookies”), others collect information about using the site to make the site more comfortable and useful (statistical cookies), while additional cookies serve to show targeted advertising content. Some cookies are temporary and disappear by closing your browser, while there are permanent versions that will remain on your computer for an extended period of time.
The placement of the cookies is required for the main function of the website, IP address journaling is done exclusively for the purpose of the operation of the website, ensuring the functionality of the website, its basic functions and the security of the computer system. In this regard, the legal basis for the management of cookies is the legitimate interest under Article 6 (1) (f) of the GDPR. In the case of the cookies mentioned above, the validation of a legitimate interest has priority compared to the right of personal data as without it, it is not possible to fully operate the website and its security. Personal data managed for this purpose can be transferred to a third party only in the scope of the purpose (for example, a server operator, a police officer). Data processed for this purpose and legal basis can not be used for other purposes.
On the Company”s website you will be able to subscribe to the newsletter sent by the Company. At any time the subscribers can opt out of the newsletter, at firstname.lastname@example.org email address, or at the Company”s postal address 1121 Budapest, Hunyad lejtő 1. by postal mail, in which case the Company will stop sending the newsletter immediately, and the person is deleted from the newsletter subscribers. On the website, newsletter subscribers are required to provide their family name, forename and email address for the Company, which are handled by the Company for the purposes of sending newsletters and identifying the user.
Downloading some of the content on this site is only available to users subscribing to the newsletter, which is explicitly acknowledged and accepted by the users.
For visitors to this site, Google Analytics records pageviews, pageview time, IP address on the bigitcon.hu website, but this does not mean personal identification. In this case, the data processing also is performed by Google Inc. (1600 Amphitheater Parkway, Mountain View , CA94043).
The Company also uses external service providers (eg. Facebook, LinkedIn, Youtube) to provide services on its website, which are governed by the guidelines of the external service providers.
At events organized by the Company, anyone can participate, first providing his or her name, e-mail address and telephone number. At the events, pictures and audiovisual recordings (photos, videos) are taken with the participants. Participants agree that the pictures and audiovisual recordings taken on these events may appear and be viewed on the Company”s website (bigitcon.hu), the Facebook page of the Company (https://www.facebook.com/bigitcon), the Youtube channel of the Company and the LinkedIn page of the Company (https://www.linkedin.com/company/bigitcon-ltd). Participants expressly acknowledge and accept, and agree that the above mentioned pictures and audiovisual recordings are accessible to the Internet visitors on the designated media.
A person whose right or legitimate interest is concerned with the recording and publishing audio and / or video recordings about him or her, may request that these audiovisual recordings and / or images be destroyed or deleted from the given media.
In the surveys organized by the Company, the participants can fill in questionnaires on the website, where the answers in the questionnaires may contain personal data. The persons concerned agree to the recording and processing of the personal data by the Company based on the above questionnaires for the purposes indicated in the questionnaires. In this case, the legal basis for data processing is the consent of the party concerned.
In case of recruitment, you provide your cv and/or cover letter including your name, address, telephone number, email address, competences, qualifications, skills, work experience, education, and references. We may also maintain records of your consents, preferences and setting in relation to, for example compensation, types of positions and preferred ways to be contacted by Bigitcon. Bigitcon may process your personal data for communicating with you, recruitment and resourcing activities, legal and regulatory compliance. Bigitcon processes your personal data with your consent or as necessary to take steps to recruit you to a position you have applied or to complete any other transaction you have requested or authorized. We take reasonable steps to keep the personal data we possess accurate and to delete incorrect or unnecessary personal data. We will only retain your personal data for as long as necessary to fulfill the purposes outlined in this paragraph or otherwise communicated to you, unless a longer period is required by law.
The purpose of data processing related to the use of the website
The purpose of data processing related to cookies
a) the process cookies facilitate the navigation, thereby the use of the website by recording visitors” settings and usage habits,
b) statistical cookies collect information to improve user experience by providing statistical tools for analyzing how visitors use the site, which pages they visit or use most often, so that the site”s development and fine-tuning will be in accordance with the visitors’ needs,
c) the targeted and relevant selection and display of advertising content on our site for you.
The Company collects the information provided by the subscribers for the newsletter to show the current announcements and offers of the Company. By the 2. paragraph of Act XLVIII of 2008 on the Fundamental Terms and Limitations of the Business Advertising, the newsletter can be sent only with the consent of the party concerned.
The Company does not use personal information for purposes other than those indicated, it does not allow access to third parties beyond any statutory obligation.
Cookies used on the website:
Session cookies are such process cookies that are required to browse the site and use the features, among other things, allow to record visitors’ actions made in features or services of the site. Without using session cookies, the proper use of this site cannot be guaranteed. Their validity period lasts for the duration of the visit, the “cookies” are automatically deleted at the end of the session or when the browser is closed.
The site uses the following session cookies:
- JSESSIONID: “technical cookie” containing session ID
- LFR_SESSION_STATE + Visitor ID: containing the last session activity date and time
These process cookies allow our website to remember the mode of operation the visitor chooses (eg. using the Hungarian orEnglish version of the website). This is done so that you do not have to re-enter these at the next visit. Without the information contained in the “cookies” storing preferences, our website is less smooth but it can work.
Cookies supporting use employed by this site are:
- COOKIE_SUPPORT: “this cookie tests cookie support”
- GUEST_LANGUAGE_ID: “this cookie contains the ID of the language currently used”
Performance cookies are statistical cookies to collect information about how our visitors use our site (such as how many pages the visitor viewed, how many pages they visited, which part of the page was clicked, how long the session time was, what error messages were received etc.). This is done in order to improve our website (available services, functions, etc.) to meet the needs of our visitors and provide them with a high quality, user-friendly experience.
For performance measurement, our website uses third-party “cookies” for each visit. Using “cookies”, we track the number of visitors to the site and what content they are interested in. All information is stored in anonymity and is used for anonymous analysis of visitor behavior to provide a high level of experience for users.
The website uses the analytical cookies of the following service provider:
- Google Analytics
you can find detailed information about the service via the following link:
Checking cookie settings, disabling cookies
Modern browsers allow cookie settings to be changed. Some of the browsers automatically accept cookies by default, but this setting can also be changed to prevent future automatic visitor acceptance. In the event of a changeover, the browser will always offer the choice of “cookie settings” each time.
We inform our visitors that since the purpose of cookies is to support and facilitate web site usability and processes, we cannot guarantee that the visitor will be able to fully use all features of the web site when cookies are disabled. In this case, the webpage may work differently than intended in the browser.
For more detailed information on cookie settings for the following browsers, visit the following links:
- Google Chrome
- Microsoft Internet Explorer 11
- Microsoft Internet Explorer 10
- Microsoft Internet Explorer 9
- Microsoft Internet Explorer 8
For detailed information on how to control cookie files on a mobile phone or other mobile device, see the User”s Guide for the particular telephone or mobile device.
Limiting the use of cookie files on a given device makes it impossible or greatly impedes proper use of the Website, for example, it may be impossible to maintain the login period.
Duration of data processing
Data provided during registration on the website will be retained or processed until the user requests deletion, in order to allow the use of the website. These data are only accessible to the administrators of the website, and the Company does not allow third parties access beyond any statutory obligation.
The information provided by the user of the website is stored on the Company”s own firewall protected servers.
6. REQUIREMENT TO INFORM THE DATA SUBJECT IN PRIOR NOTICE
Before any data processing is initiated, the data subject must be clearly and thoroughly informed of all the facts related to his or her data processing, in particular the purpose and legal basis of the data processing, the data controller and the person entitled to process it, the duration of the data processing, and who can know the data. The information should also include the rights and remedies available to the data subject in question.
7 .THE RIGHTS OF THE THE PERSON CONCERNED, AND USING THESE RIGHTS
At the request of the person concerned, the Company shall provide information about the data, the source, the purpose of the data processing, the legal basis, the duration of the data processing, the name and address of the data processor and his or her data processing of the data concerned, and, in the case of transmission of the personal data of the person concerned, the legal basis and the addressee of the data transfer.
Upon the data subject’s request, the Data Controller shall provide information as soon as possible after the submission of the request, or at the latest within 30 days in writing, in a clearly understandable form. The information is free.
In the event of non-disclosure, the data controller shall inform the data subject in writing on the refusal to provide information on what provision of the Act it has been made. In the event of refusal of information, the data controller informs the data subject of the judicial remedy and of the possibility of referral to the National Data Protection and Information Authority hereinafter: the Authority).The data controller shall annually notify the Authority of any refused requests until 31 January of the year following the reference year.
If the personal data are incorrect, while the correct personal data are available to the Data Controller, the personal data shall be corrected by the Data Controller.
Personal data must be deleted if
a) its processing is unlawful;
b) the concerned party, except in the case of data processing ordered by law, requests it;
c) the data are incomplete or incorrect – and this status can not be legally remedied, provided that the deletion is not excluded by law;
d) the purpose of processing has ceased or the duration for storing the data specified by law has expired
e) it has been ordered by the court or the Authority.
If the Data Controller does not fulfill – – the data subject’s request for correction, deletion within 30 days following the receipt of the request, the Data Controller shall provide in writing the factual and legal causes of the disapproval of the request for correction or deletion. In case of refusal of the request for correction or deletion, the Data Controller shall inform the person concerned of the judicial remedy and of the possibility of appeal to the Authority.
The person concerned has access to all personal data registered by the data controller.
The Data Controller is required to provide personal data provided by the data subject – in widely used machine readable format – to the the person concerned if he or she requested.
You may object to the processing of your personal data and may request the termination of data processing or the deletion of the processed data.
If the Data Controller does not fulfill – – the data subject’s request for correction or deletion within 30 days following the receipt of the request, the Data Controller shall provide in writing the factual and legal causes of the disapproval of the request for correction or deletion. In the event of a rejection of an application for an objection, the data controller shall inform the person concerned of the judicial remedy and of the possibility of appeal to the Authority.
Restriction on data processing
The data subject may request restriction on his or her personal data, in which case the data controller will provide an identification mark in this case to restrict the processing of further data forever or for a fixed period.
If the Data Controller does not fulfill the data subject’s request within 30 days following the receipt of the request, the Data Controller shall provide in writing the factual and legal causes of the disapproval of the request for correction or deleting. In the case of refusal of the request for restriction of data processing, the data controller shall inform the data subject of the judicial remedy and of the possibility of appeal to the Authority.
8. DATA PROTECTION REGISTER
In order to provide information for persons concerned on personal data the Company maintains the register (hereinafter referred to as the Data Protection Register), which contains
a) the purpose of data processing,
b) the legal basis for data processing,
c)the parties concerned,
d)a description of the data concerning the data subject,
e) the source of the data,
f) the duration of the data processing,
g) the type and addressee of the data transmitted and the legal basis for the transmission, including the transfer of data to third countries,
h) the name and address of the data controller and the data processor, the actual data processing and the location of the data processing and the data processor”s activity related to data processing,
i) the nature of the data processing technology used.
9. PERSONAL DATA BREACH
The Company is required to keep register of personal data breach. This register shall include the scope of the personal data covered by the incident, the scope and number of persons involved in the personal data breach, the date, circumstances, effects of the personal data breach and the measures taken to remedy it. At the request of the person concerned, the Company shall provide information to the affected party on the basis of the register within 30 days of receiving the request.
10. DATA PROTECTION REGULATIONS
Data shall be protected, in particular, against unauthorized access, modification, transmission, disclosure, deletion or destruction, and against accidental destruction and damage.
The Company only uses software and online solutions that fully comply with the requirements of the Regulation.
The Company performs personal data on electronic devices operated by the Company. The Company uses electronic virus protection, firewall, and software updates on the electronic devices.
Defining privileges, generating passwords:
The rules related to the granting of access rights to employees of the Company, and related to the issuance of passwords related to access to the hardware and software assets of the Company are contained in the Company”s IT Rules.
11. THE AVAILABILITY OF THE COMPANY AS DATA CONTROLLER
Name: Bigitcon Consulting Limited Liability Company
Registered office: 1121 Budapest, Hunyad lejtő 1.,
Company registration number: 01 09 333428,
Phone: +36 30-160-2890
Data protection officer
12. Rights and remedies
The legal basis for data processing is the User”s consent that the User agrees in advance to manage the personal data listed above by the Data Controller under the terms of this Policy, based on the GDPR of Article 6, paragraph (1), article (a) . You have the right to revoke your consent at any time, which does not affect the lawfulness of the data processing performed on the basis of the consent before withdrawal.
You may sue at court for violations of your rights. Such court proceedings shall be conducted under priority. You may file a lawsuit for breaches of your personal data, or violation of right of informational self-determination to the Municipal Court of Budapest (1055 Budapest, Markó u. 27. Postal address: 1363 Bp. P.O. 16) or to the court competent for your place of residence (courts list and availability via the link below: http://birosag.hu/torvenyszekek)
The data controller shall be liable for any damage caused to a data subject as a result of unlawful processing or by any breach of data security requirements.
In the event of an infringement, the person concerned may turn to the following authorities to eliminate the offending situation:
Name: Office of the Commissioner for Fundamental Rights
Registered office: 1051 Budapest, Nádor street 22.
Mailing address: Phone: 36 1387 Budapest Pf. 40.
Phone: 36 (1) 4757-100
Fax: +36 (1) 269 1615
Name: National Authority for Data Protection and Freedom of Information
Registered office: Szilágyi Erzsébet fasor 22 / C.
Mailing address: 1530 Budapest, P.O. Box: 5.
Phone: 36 (1) 391-1400
Fax: +36 (1) 391 1410