Information guide about data controlling and processing
Contacting via website
The purpose of this information guide about data protection – data management is, that Szaka József (as data controller) shall inform the persons involved regarding controlling, using and transferring of the data stored on their website, as well as regarding the registration by the Data Controller as wide a range as possible.
1. The name, headquarters and representative of data controller
Name: Szaka József
Headquarters: 1141 Budapest, Paskál utca 44.
Legal representative: Szaka József (firstname.lastname@example.org)
dataset: all the data processed and controlled in a single registry;
data processing: accomplishing technical duties regarding data processing operations, regardless of the methods and means completing the operations as well as the place the procedure applied;
data processor: the natural or legal person, or any organisations having no legal personality, who or which – including any assignments in accordance with legal regulations as well – processes personal data on behalf of the data controller;
data processing and controlling: any operation or set of operations that is performed on personal data regardless of the procedure applied; in particular collecting, recording registering, organising, storing, modifying, using, transferring, disclosing, synchronising or connecting, blocking, erasing and destroying the data, as well as preventing their future use. Taking photos and making audio or visual recordings as well as registering physical characteristics suitable for personal identifications (such as fingerprints or palm prints, DNA samples or iris scans) are considered to be data processing;
data controller: the natural or legal person, or any organisations having no legal personality, who or which determines the purposes of processing personal data, makes decisions concerning data processing (including the means and devices used) and implements such decisions or has them implemented by the processor assigned;
data destruction: the complete physical destruction of the data or the data medium that contains the data;
data transfer: providing access to the data for a designated third party;
data erasure: making the data unrecognisable in such a way that their restoration is no longer possible;
data blocking: making transferring, getting to know, disclosing, modifying, altering, erasing, destroying, connecting or synchronising and using data either no longer or for a determined period possible;
third party: the natural or legal person, or any organisations having no legal personality, who or which is other than the data subject, the data controller or data processor;
consent: any freely given, specific, informed and unambiguous indication of the data subject's wishes, which are based on adequate information and by which they, by a statement or a clear affirmative action, signify agreement to the processing of personal data relating to them – completely or covering certain operations;
sensitive data: all data falling in the special categories of personal data that are personal data revealing racial origin, belonging to a national and an ethnic minority group, political
opinion or political party, religious belief or worldview, or trade union membership, as well as genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, any harmful addictions or data concerning a natural person’s sex life or sexual orientation as well as personal data in criminal records;
disclosure: if data are made accessible to anyone;
registration: providing the necessary and sufficient identification data to the data controller required for the identification of the persons involved using the service;
personal data: any information related to any identified or identifiable natural person (identified or identifiable), any conclusions, considering the person involved can be drawn from the data. The personal data can maintain this quality during data processing as long as the connection with the persons involved can be retrieved. Data subjects can be considered to be identifiable – directly or indirectly – especially by reference to an identifier such as a name, an identification number, or one of several special characteristics, which expresses the physical, physiological, genetic, mental, commercial, cultural or social identity of these natural persons;
objection: the declaration of the data subject objecting the processing of their personal data, and requiring the termination of data processing and controlling, or the cancellation of the data processed and controlled.
3. Definition of controlled data:
Name, phone number and e-mail address of the person inquiring on the website of www.szakafoto.hu
4. Purpose of controlling data:
Contact the interested party.
5. Legal basis of controlling data:
The consent of the person involved (the legal basis of controlling data is in accordance with the Subsection a, of Section (1) in Article 6 of the Decree 2016/679 of the European Parliament and Council (EU)
6. Legal consequences of failed supplying data:
No contacting shall happen in this case
7. Data transfer:
No data shall be transferred
8. Duration of controlling and processing personal data:
Data shall be controlled and processed until the consent of the person involved is annulled
9. Information about the rights of the person involved:
The person involved is entitled
to get information from the data controller, whether their personal data are being controlled, and if such data controlling and processing is in progress, they are entitled to get access to personal data;
that the data controller shall correct the inaccurate regarding personal data upon request without undue delays;
that the data controller shall delete the regarding personal data upon request without undue delays; the data controller is also obliged to delete the personal data regarding the person involved in case of the completion of other conditions without undue delays;
that the data controller shall restrict data processing and controlling upon request if
the person involved disputes the accuracy of personal data, /restriction shall last until the data controller checks the accuracy of personal data,
the data processing and controlling is unlawful, and the person involved disagrees on deleting the data, and they shall ask for the restriction of the use of the data instead,
the data controller does not need the personal data any more, however, the person involved shall require them to submit, enforce or protect legal claims;
the person involved has objected to data processing and controlling; in this case the restriction shall concern the period, until it is established, whether the lawful reasons of the data controller shall take a precedence over the lawful reasons of the person involved;
to get the regarding personal data, made available to the data controller, in a detailed, commonly used format, and to forward these data to another data processor, without being hindered by the data controller to whom the personal data were provided, if data processing and controlling is based on a voluntary contribution or on an agreement and it is accomplished in an automatized way;
to object to processing and controlling the regarding personal data, if processing and controlling personal data is accomplished in favour of direct marketing, including profiling as well, if it is connected to direct marketing.
that no scope of a decision based on only automatized data processing and controlling, including profiling, shall apply to the person involved, which would have a legal effect on them or involve them to a significant extent.
10. Information in connection with profiling and automatized decision making:
No profiling or automatized decision making shall take place.
11. Data storage, data security:
Szaka József shall store the data on their own IT devices and in paper-based format, at their headquarters. Szaka József shall choose and operate the IT devices used in a way that the controlled and processed data can be accessed by the authorized persons, their credibility and their authentication shall be secured, their constancy has to be proved and they shall be protected against unauthorized access. Data are protected against unauthorized access, being changed, transferred, published, deleted or destroyed, and against being destroyed or damaged accidentally, furthermore, becoming inaccessible as a result of the change of the technology used so that the data controller shall ensure the protection of the security of data processing and controlling having such technical, organising and organizational actions considering the actual development of the technology, which can provide an appropriate protection level to the risks occurring in connection with data processing and controlling.
12. Entitlement to taking the case to an authority:
If the rights of the person involved are violated, they are entitled to take the case to the court against the data controller. The judgement on the lawsuit shall belong to the jurisdiction of the court of justice. In accordance with the decision of the person involved the lawsuit can be commenced at the court with the territorial jurisdiction over the residence or stay of the person involved as well. The courts shall act in the case immediately.
In case of any legal remedies or complaints you shall appeal at the Hungarian National Authority for Data Protection and Freedom of Information: Name: Hungarian National Authority for Data Protection and Freedom of Information. Headquarters: 22/C Erzsébet Szilágyi Alley, 1125 Budapest Correspondence address: 1530 Budapest, P.O. Box: 5. Phone number: +3613911400 Fax: +3613911410, E-mail: email@example.com website: http://www.naih.hu