The aim of the present Data Processing Statement is to lay down the rules and principles of processing personal and other data given by the users of the website www.tolnatext.hu as contact details for the operators of the website (Tolnatext Bt.).
Personal data are processed with the observation of the following basic principles.
I) Personal data may be processed exclusively for well-defined purposes, in order to exercise rights and to meet obligations. In each case of data processing the purpose thereof must be met, recording and processing of data must be fair and legal.
II) Only such personal data may be processed which are essential and suitable for fulfilling the purpose of data processing. Personal data may be processed only to the extent and only for the period as it is necessary for meeting the purpose.
III) During the processing of data the personal data will retain their quality as such as long as the connection thereof with the data subject can be restored. The connection with the data subject is restorable if the data controller has the technical facilities necessary for such restoration.
IV) During data processing also the correctness and completeness of the data must be ensured and – if needed by the purposes of data processing – even the up-to-dateness as well as the condition that the data subject can be identified only for a period of time as necessary for meeting the purpose of data processing.
1. GENERAL PROVISIONS
Name of data controller: Tolnatext Fonalfeldolgozó és Műszakiszövet-gyártó Bt. (hereinafter referred to as: Data Controller)
Address of data controller: HU-7130 Tolna, Bezerédj Pál tér 1.
Contact details of the data controller:
email: info@tolnatext.hu
tel: +36 (74) 540-200
website: www.tolnatext.hu
Legal basis of data processing: the data subject’s consent based on Section 5 (1) a) of Act CXII of 2011 on The right of Informational Self-determination and on Freedom of Information.
Scope of persons affected by the data processing: those who need GDPR information
Consent to data processing: Upon getting in contact with the Users through their given contact details they expressly give their consent so that their personal data may be processed by the Data Controller in the way as specified in the present information material.
Purpose of data processing: sending the information material in an e-mail, establishing connections (upon request)
Way of data processing: manual data processing
2. SCOPE OF PERSONAL DATA PROCESSED
Purpose of operating the website www.tolnatext.hu is to introduce the organisation and its activity.
Establishing connections is possible exclusively through one of the contact details given in the contact menu item. When visiting the website no personal data are given or collected. .
Scope of personal data processed upon voluntary contacting:
telephone number
e-mail address
name
3. DATA PROCESSERS (THOSE PERFORMING THE TECHNICAL TASKS RELATED TO DATA PROCESSING OPERATIONS)
Tolnatext Bt.
HU-7130 Tolna, Bezerédj Pál tér 1.
4. PERIOD OF DATA PROCESSING:
The given data are processed by the Data Controller either for an indefinite period or until withdrawal of the data subject’s consent.
5. DATA TRANSFER ABROAD:
There is no such data transfer.
6. RIGHTS OF THE DATA SUBJECTS:
The data subject may apply to the Data Controller
a) for providing information on the processing of his personal data,
b) for correcting his personal data, and
c) for deleting or blocking his personal data – except for the cases of compulsory data processing.
Upon the data subject’s request the Data Controller will provide information on the controlled, processed data of the data subject, on the source thereof, the purpose, legal basis, period of data processing, on the data processor’s name and address, on its activity associated with the data processing, on the circumstances, effects of data protection incident and on the measures taken for the elimination thereof, and furthermore – if the affected party’s personal data are transfered – the legal basis and addressee of such data transfer.
In order to supervise the measures related to the data protection incident and to inform the data subject the Data Controller keeps records which include the scope of personal data of the affected party, the scope and number of persons affected by the data protection incident, the date, circumstances, effects of the data protection incident, the measures taken for eliminating it, as well as other data stipulated in the rules of law pertaining to data processing. Upon the data subject’s request the Data Controller is obliged to give written information in an easily recognisable form within the shortest possible period of time after the submission of the application, but within 25 days the latest. Such information is provided free of charge if the applicant has not lodged request for information for the same scope of data in the current year to the Data Controller. In other cases the Data Controller may claim the payment of costs.
The Data Controller deletes the personal data if
I) the processing thereof is illegal;
II) the data subject requests it;
III) those are either incomplete or false – and this situation cannot be legally remedied – provided that such deletion is not excluded by the applicable provisions of law;
IV) the purpose of data processing has ceased or the period of storing the data as stipulated in the rules of law has expired;
V) it has been ordered either by a court or an Authority.
Both the data subject and the parties who transferred the data for processing purposes earlier must be informed on the correction, blocking, marking and deletion. Such notification may be omitted if it does not violate the data subject’s legitimate interests in view of the purpose of data processing.
Should the Data Controller fail to meet the data subject’s request to correct, block or delete the data, it will have to provide information on the factual and legal reasons for rejecting the application for correction, blocking or deletion within 30 days after the receipt of the relative application either in writing or - with the consent from the data subject - electronically. In case of rejecting the application for correction, deletion or blocking the Data Controller will notify the data subject of the possibility to have legal remedy by a court and to turn the Authority.
7. OBJECTION AGAINST PROCESSING OF PERSONAL DATA:
The data subject may object against the processing of his personal data,
a) if the processing or forwarding of the personal data are necessary exclusively for meeting the legal obligation related to the Data Controller or for the enforcement of the rightful interest of either the data controller, data importer or of a third party, save the case of compulsory data processing;
if the personal data are either used or forwarded for the purposes of direct marketing, poll or scientific research; and
in other cases as defined in the applicable provisions of law.
The Data Controller shall examine the objection within the shortest possible period of time after the submission of the application, but maximum within 15 days, and shall decide on the well-foundedness thereof, and shall inform the applicant in writing.
Should the Data Controller establish that the data subject’s objection is well-founded, it will terminate the data processing – including also any further recording and forwarding of the data – it will block the data and will send information on the objection and the measures taken thereupon to all the parties to whom the personal data affected by the objection were forwarded earlier and who are obliged to take steps for enforcing the right of objection.
If the data subject does not agree on the data controller’s decision, or if the Data Controller fails to meet the period open for giving answer, the data subject may turn to court – within 30 days after the communication of the decision, or from the last day of the said period.
If the data subject objects against the processing of his personal data, or applies to court for legal remedy, and if any application for data provision is received from a third party which is based not on the data subject’s consent, then the data may be provided also to the legal representatives authorised by the Data Controller to the extent as it is necessary for judging the legality of the above.
8. LEGAL REMEDY BY A COURT:
We kindly request the honoured Users that if in your opinion the Data Controller has violated your right to protection of personal data, please contact us so that we can remedy the possible infringement.
Furthermore we wish to inform the Users that in case of breach of a data subject’s rights you can turn against the Data Controller in front of a court. The court will proceed in the matter out of turn. Judging the lawsuit belongs to the scope of powers of the court. The lawsuit can be instituted also in front of the court competent at the data subject’s seat, or - at the data subject’s discretion - in front of a court competent at the place of residence or stay of the data subject. Even an entity may be party to such suit who otherwise does not have legal capacity to be party to legal proceedings.
Should the Data Controller cause any damage to others by illegal processing of the data subject’s data, or by violating the data security stipulations, it will be liable to pay for that. Should the Data Controller violate the data subject’s personality rights by illegal processing of the data subject’s data or by breaking the data security stipulations, the data subject may lay claim against the Data Controller for recompense. The Data Controller will be exempted from the obligation to bear responsibility for the losses caused and to pay recompense if it verifies that such losses or the violation of the data subject’s personality rights were caused by unavoidable reasons beyond the sphere of data processing. No damages have to be paid and no recompense may be claimed to the extent and if the losses or the legal injury caused by violating the affected person’s personality rights arose from the data subject’s wilful or seriously negligent behaviour.
9. PROCEDURE BY THE AUTHORITY:
The data subject my lodge complaint to or may request information from the Authority, as well:
Name: Hungarian National Authority for Data Protection and Freedom of Information
Seat: HU-1125 Budapest Szilágyi Erzsébet fasor 22/c.
Postal address: HU-1530 Budapest, Pf.: 5.
Email:
Telephone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
Website: www.naih.hu
II. DETAILED PROVISIONS ON DATA PROCESSING
1. HANDLING COOKIES:
When you are surfing on the website gdpr.info.hu, we may use cookies or similar technologies to identify your browser or device. A cookie is a small file which is placed on your computer when you are visiting a website. When you visit the same website again, due to the cookie the website will be able to recognise your browser. Cookies may store user’s settings and other pieces of information, as well. On other platforms – where cookies are either not accessible or may not be used – other technologies are used, too, the purpose whereof is similar to that of cookies: like advertising ID on Android mobile devices. You may restore the settings of your browser to reject all the cookies, or to give notice when a system is sending a cookie. However, without cookies certain website functions or services may not satisfactorily operate.
On the website www.tolnatext.hu cookies used by Google Analytics operate
governed by the data protection directives of Google (https://support.google.com/analytics/answer/6004245?hl=hu).
2. USE OF EMAIL ADDRESSES FOR MARKETING PURPOSES
The Data Controller does not send mails including ads to the given e-mail address.
Tolna, 25.05.2018.
|