The organiser of the CONTACT Conferences (hereinafter referred to as "CONTACT") is Protocall 2009 Web- und Telemarketing Kft. (hereinafter referred to as "Protocall") and Goodevent Rendezényszervező Kft. (hereinafter referred to as "Goodevent" and together hereinafter referred to as the "Organisers"), as the www.contactconferences.com and the www.contactconferences.hu The operator of this website (hereinafter referred to as the "Website") hereby describes the rules, data protection, data management principles and information on data management related to the registration for the Contact Customer Service Conference and other CONTACT-related professional events and training courses (hereinafter referred to as the "Event") advertised via the Website.
By registering on the Website, the registering user (hereinafter referred to as "User") acknowledges all the terms and conditions set out in this Privacy Policy (hereinafter referred to as "Policy"), and is therefore kindly requested to read this Policy carefully before registering. Only persons over the age of 16 are entitled to submit data on the Website.
The data controller is Protocall, the owner of CONTACT Conferences, and Goodevent, as the organiser of the Event, is referred to in this notice as the "Data Controller".
Protocall 2009 Web- und Telemarketing Kft.
Goodevent Rendezvényszervező Kft
2/1. When registering for an event When registering for a conference advertised on the Website, the following data can be provided (data marked with * are mandatory): - full name of the participant*;
The OTP Mobil Korlátolt Felelősségű Társaság
head office: 1093 Budapest, Közraktár utca 30- 32;
cégjegyzékszáma: Cg.01-09-174466;
+36 1/20/30/70 3-666- 611; hereinafter referred to as OTP Mobil Kft., as the operator of SimplePay, processes the following data in order to process the payment transaction:
Purpose of data processing: authorization of payment transactions in SimplePay, processing of payment transactions in SimplePay, monitoring and prevention of payment fraud in SimplePay. By using SimplePay, the User accepts the terms of use of OTP Mobil Kft., which are available at the following link: https://simplepay.hu/vasarlo-aff The Data Controller declares that in the case of payment by credit card, it does not process any card data necessary for the payment transaction, it does not have access to these data in any way, they are processed by OTP Mobil Kft. providing the possibility of credit card payment. The data processing policy of OTP Mobil Kft. is available at the following link: http://simplepay.hu/vasarlo-aff.
2/2. Newsletter subscription:
On the Website, the User has the possibility to subscribe to the newsletter of the Data Controller during registration. When subscribing to the newsletter, the Data Controller processes the following personal data of the User:
The Data Controller carries out profiling, which is any form of automated processing of personal data whereby personal data are used to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict characteristics associated with the economic situation, personal preferences, interests, location or movements of a natural person, in order to send a newsletter tailored to the interests of the persons who subscribe to the newsletter.
The Data Controller uses the data for the following purpose(s):
Recording registrations, registering the data of applicants, fulfilling applications, managing tasks related to the payment of participation fees, invoicing, and maintaining contact with Users in relation to the Event.
To send an electronic newsletter, direct marketing or marketing message - using the data processed in the profiling process according to profiles, groups and parameters automatically set for them - targeted to the e-mail address provided by the User, or to present said advertising message by telephone, SMS, MMS or other electronic channel (collectively, the "Newsletter"), for advertising purposes, about products, offers, services, promotions and competitions related to the Data Controller.
The Controller shall process personal data for the duration of the purpose of the processing, for the period necessary to achieve the purpose of the processing, in particular for the duration of the legal relationship with the User, or for the period specified in the legislation imposing mandatory processing. The personal data shall be deleted at the same time as the purpose of the processing ceases to exist or, subject to the conditions laid down in the data protection regulations, without undue delay in the event of the User's request, request for the deletion of his/her data or withdrawal of his/her consent, except for the data that the Data Controller is obliged to keep. The withdrawal of consent shall not affect the lawfulness of processing based on consent prior to its withdrawal. In order to comply with the retention obligation of the Data Controller, the Data Controller shall retain the User's data contained in the accounting voucher for a period of 8 years, solely for the purpose of fulfilling the accounting obligation, pursuant to Section 169 of Act C of 2000 on Accounting (hereinafter: the Act on Accounting). The Data Controller shall process the personal data of subscribers to the newsletter for the purposes set out in the newsletter subscription section of this Prospectus until the subscribers' consent is withdrawn.
By registering for the Event, Users consent to the Controller processing their personal data. The processing of personal data is based on the User's voluntary consent given in the light of this information. The User is entitled to withdraw his/her consent to the processing of personal data. Pursuant to Section 169 of the Act on the Supervision of the Processing of Personal Data, the Controller is obliged to keep the User's data contained in the accounting records for 8 years, solely for the purpose of fulfilling the accounting obligation. If Users do not provide their own personal data, the data provider is obliged to duly inform the data subject and obtain his/her consent.
The Data Controller and its employees who have access rights related to the purpose of the processing, as well as the Data Processors it uses, are entitled to access the personal data in accordance with the applicable legislation. The Data Controller shall grant access to the extent strictly necessary for the performance of its activities. The Data Controller shall not use any processor acting on behalf of the Data Controller for the processing of the data. The Data Controller reserves the right to involve processors in the future, which it will inform Users of by amending this Notice. In the absence of an express legal provision, the Data Controller shall only disclose personally identifiable data to third parties with the express consent of the User concerned.
Pursuant to the law, the User has the right at any time to request access to, rectification, erasure or restriction of processing of his/her data, to object to the processing of personal data and to receive the data in a portable format. The Data Controller shall examine the request for the exercise of the rights submitted by the User within the shortest possible period of time from the date of submission, but not later than 25 days, and shall notify its decision in writing or, if the User has submitted the request electronically, by electronic means. The User may submit a request for access using the contact details set out in point 1.
The Data Controller shall, at the User's request, inform the User whether the Data Controller is processing his/her personal data and, if so, give him/her access to the personal data and inform him/her of the following information:
The Data Controller shall provide the User with a copy of the personal data subject to processing free of charge. For additional copies requested by the User, the Controller may charge a reasonable fee based on administrative costs. If the User has made the request by electronic means, the information shall be provided in a commonly used electronic format, unless the data subject requests otherwise.
The User has the right to request the Controller (using the contact details specified in point 1) to correct inaccurate personal data or to complete incomplete data (indicating the correct data), taking into account the purpose of processing, by proving his/her identity. The controller shall make the rectification in its records without undue delay and shall notify the data subject in writing of the rectification.
The User may request that the Data Controller delete personal data concerning him or her without undue delay and the Data Controller shall be obliged to delete personal data concerning the data subject without undue delay if one of the following grounds applies:
Personal data need not be deleted where processing is necessary:
The User is entitled to have the Data Controller restrict the processing of personal data instead of rectifying or erasing it, if one of the following conditions is met:
The Data Controller shall inform any recipient to whom or with which the personal data have been disclosed of the rectification, erasure or restriction of processing of the personal data, unless this proves impossible or involves a disproportionate effort. Upon request, the Controller shall inform the User of these recipients.
The User may object to the processing of his or her personal data if the processing.
If the processing of personal data is carried out for direct marketing purposes, the User has the right to object at any time to the processing of personal data concerning him/her for such purposes, including profiling, if it is related to direct marketing (Newsletter). If the User objects to the processing of personal data for direct marketing purposes, the personal data may no longer be processed for such purposes.
The User has the right to receive personal data concerning him/her provided to the Data Controller in a structured, commonly used, machine-readable format, if technically feasible, if the processing is based on consent and the processing is automated. The right to data portability under this point does not create an obligation for controllers to implement or maintain technically compatible data management systems.
The Data Controller shall inform the User without undue delay, but no later than 25 days from the receipt of the request, of the measures taken following the request for access, rectification, erasure, restriction, objection and portability. If necessary, taking into account the complexity of the request and the number of requests, this time limit may be extended by a further two months. The Data Controller shall inform the User of the extension of the time limit, stating the reasons for the delay, within one month of receipt of the request. If the User has submitted the request by electronic means, the information shall be provided by electronic means where possible, unless the data subject requests otherwise. If the Data Controller does not take action on the User's request, it shall inform the User without delay and at the latest within 25 days of receipt of the request of the reasons for the failure to act and of the right to lodge a complaint with a supervisory authority and to seek judicial remedy. At the User's request, the information, the information and the action taken on the basis of the request shall be provided free of charge. Where the User's request is manifestly unfounded or excessive, in particular because of its repetitive nature, the Controller may, taking into account the administrative costs of providing the requested information or information or of taking the requested action, charge a reasonable fee or refuse to act on the request. The burden of proving that the request is manifestly unfounded or excessive shall lie with the Controller.
The Data Controller undertakes to ensure the security of the data, to take technical and organisational measures and to establish procedural rules to ensure that the data recorded, stored or processed are protected and to prevent their destruction, unauthorised use or unauthorised alteration. It also undertakes to require all third parties to whom it transfers or discloses data on the basis of the consent of the Users to comply with the requirement of data security. The Data Controller shall ensure that the processed data cannot be accessed, disclosed, transmitted, modified or deleted by unauthorised persons. The processed data may only be accessed by the Data Controller, its employees and its Data Processor(s) and shall not be disclosed by the Data Controller to any third party not entitled to access the data. The Data Controller shall make every effort to ensure that the data are not accidentally damaged or destroyed. The Data Controller shall impose the above undertaking on its employees involved in the processing activity. The User acknowledges and accepts that, in the event of providing his/her personal data on the Website, despite the fact that the Data Controller has state-of-the-art security measures in place to prevent unauthorised access to or the disclosure of such data, the protection of such data on the Internet cannot be fully guaranteed. In the event of unauthorised access or disclosure of data despite our efforts, the Data Controller shall not be liable for any such acquisition or unauthorised access or for any damage suffered by the User as a result thereof. In addition, the above shall also apply if the User provides his/her personal data to third parties who may use it for unlawful purposes or in unlawful ways. Under no circumstances will the Data Controller collect sensitive data, i.e. data concerning racial or ethnic origin, membership of national or ethnic minorities, political opinions or party affiliations, religious or philosophical beliefs, membership of representative organisations, health, pathological addiction, sexual life or criminal records. For data security reasons, it is important that when using the Internet in public places on shared computers, you should always log out of the Website after use. If you are visiting our Site from your own computer, you may remain logged in for a period of time, depending on your application. Again, please exercise caution to ensure that strangers do not have access to your computer and are not able to carry out transactions on your behalf.
A personal data breach is any event that results in the unlawful processing or treatment of personal data processed, transmitted, stored or handled by the Data Controller, in particular unauthorised or accidental access, alteration, disclosure, deletion, loss or destruction, accidental destruction or accidental damage to personal data. The Data Controller shall notify the Data Protection Incident to the National Authority for the Protection of Individuals with regard to the processing of Personal Data (hereinafter referred to as the "NPAIH") without undue delay and no later than 72 hours after becoming aware of the Data Protection Incident, unless the Data Controller can demonstrate that the Data Protection Incident is unlikely to pose a risk to the rights and freedoms of natural persons. If the notification cannot be made within 72 hours, it shall state the reason for the delay and may provide the required information in detail without further undue delay. The notification to the NAIH shall contain at least the following information:
The Data Controller will make every effort to ensure that the processing of personal data is carried out in accordance with the law, if you feel that we have not complied with this, please write to us at info@goodevent.hu or at the postal address at 1162 Timur utca 74, Budapest.
The User has the right to request an investigation by the supervisory authority if he/she considers that the exercise of his/her rights in relation to his/her personal data is restricted by the Data Controller or his/her request for the exercise of these rights is rejected, or if the User considers at any time that a violation of his/her rights has occurred or is imminent in relation to the processing of his/her personal data.
Contact details of the Hungarian National Authority for Data Protection and Freedom of Information:
Head office: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.
Postal address: 1530 Budapest, Pf. 5
Telephone: +36 1 391 1400 Fax: +36 1 391 1410
E-mail: ugyfelszolgalat@naih.hu
Web: naih.hu
The National Media and Infocommunications Authority is responsible for advertising sent by electronic means, and the detailed regulations can be found in Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information and Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Information Society Services.
In addition to the above, the User shall have the right to a judicial remedy at any time against a legally binding decision of the supervisory authority concerning the User, and if the competent supervisory authority does not deal with the complaint or does not inform the User within three months of the procedural developments concerning the complaint or its outcome. The User may also have recourse to the courts if he/she considers that the Controller or a processor acting on his/her behalf or under his/her instructions is processing his/her personal data in breach of the provisions on the processing of personal data laid down by law or by a legally binding act of the European Union.
This Information Notice is governed by Hungarian law, in particular by the provisions of Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information, and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46/EC.
To provide you with the best user experience, we use technologies such as cookies to store and/or access device information. Consenting to these technologies allows us to process information on this site such as browsing behaviour or unique identifiers. Failure or withdrawal of consent may adversely affect certain features and functionality.