MENU
A38

Privacy policy

COMPANY NAME: Zászlóshajó Kft.
HEADQUARTERS: 1117 Budapest, Irinyi József u. 36. C. ép. I. em. 6.
COMPANY REGISTRATION NUMBER: 01 09 697406
TAX NUMBER: 12664423-2-43
REPRESENTED BY: Dániel Lozsádi
CEO

Privacy Information and Know-how Related to  Website Usage

Purpose and Scope of the Information

This information is prepared for the purpose of compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation - GDPR) on the protection of natural persons with regard to the processing of personal data, and with Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information.

Use of our website:

  • A prerequisite for using certain Services available on our Website, as well as for visiting and using certain web pages/links, and for maintaining contact, is the provision of your personal data.
  • You, as a "Visitor" or "User", voluntarily provide your personal and/or special data for the use of our services. We ask you to read the information contained in this Policy in all cases. Please note that providing data during contact with us implies voluntary acceptance of the terms set out in this Policy.
  • Our company undertakes to process personal data in accordance with this Policy and applicable laws that come into the possession of the Data Controller during the use of the website.
  • In this Policy, we present the data processing system related to the operation of our website, as well as the enforcement of data security requirements.
  • The scope of this Policy extends to Data Processing on the Website, as well as when you contact us through the Website, ask questions, request information, or order access through any website operated by us.
  • This Policy and the know-how related to the use of the Website may be unilaterally modified by the Data Controller from time to time, without prior notice, due to various updates. Therefore, it is recommended to regularly visit the Website and monitor the acceptability of changes.
  • During the visit to our Website, our internet server automatically registers the Visitors' IP address and the type of their computer's operating system, as well as the time of visiting the Website. The Data Controller monitors the traffic of the Website pages through server logs.
  • If a Visitor contacts the Data Controller by e-mail regarding any Service, the Data Controller records the Visitor's e-mail address, which is processed to the extent necessary and for the duration required to provide the Service.
  • There are links on our Website that point to pages providing useful information for our Visitors. This Policy does not extend to external pages; the Data Controller is not responsible for any damage caused by visiting, using, or accessing data on external pages.

Explanation of relevant legal terms:

  • Data processing: the execution of technical tasks related to data processing operations, regardless of the method and means used for executing the operations, as well as the place of application, provided that the technical task is performed on the data;
  • Data processor: a natural or legal person, or an organization without legal personality, who or which processes personal data on behalf of the controller, including when determined by provisions of law;
  • Data processing: any operation or set of operations performed on personal data, irrespective of the procedure applied; in particular but not exclusively collecting, recording, organizing, storing, modifying, using, querying, disclosing, transmitting, aligning or combining, blocking, deleting and destroying, as well as preventing the further use of the data, taking photos, making audio or visual recordings, as well as recording physical characteristics suitable for personal identification (e.g. fingerprint, palm print, DNA sample, iris image, etc.);
  • Data controller: a natural or legal person, or an organization without legal personality, who or which, alone or jointly with others, determines the purposes of the processing of personal data, makes decisions concerning the processing (including the means used) and implements such decisions itself or engages a data processor to execute them;
  • Data transfer: making personal data available to a specific third party;
  • Data subject: an identified or identifiable natural person based on specific personal data;
  • GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);
  • Third party: a natural or legal person, or an organization without legal personality, who or which is not identical with the data subject, the controller or the processor;
  • Authority: the National Authority for Data Protection and Freedom of Information, established by constitutional provisions to ensure the enforcement of rights to the protection of personal data and access to data of public interest;
  • Consent: the voluntary and definitive expression of the data subject's wishes based on appropriate information, whereby he or she gives unambiguous consent to the processing of personal data relating to him or her - either covering all operations or limited to certain operations;
  • Personal data: any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly;
  • Service: Services operated by the Data Controller and available on the website.

Our Principles:

  • Our company processes personal data according to principles of good faith, fairness, and transparent data processing. Surely every honest visitor understands that the use of the services we offer, information (e.g. sending newsletters) necessarily requires providing some identifiable personal data. The law refers to this as necessity tied to purpose
  • However, to achieve your goals, your (data subject's) consent is indispensable, so if you do not wish to provide this, it is advisable to leave our website.
  • We inform you that as data controllers, we only use your data for the purposes defined above with your consent. If you do not consent, we will not use your data for purposes other than those mentioned above, and in the case of a purpose differing from those mentioned above, we either obtain your consent or provide you with the possibility to prohibit such use
  • We inform you that we do not verify the personal data provided by you; the person providing the data is solely responsible for its appropriateness.
  • As data controllers, we take care of the security of your personal data, and we take all informational and organizational measures, procedural rules that ensure the protection of recorded, stored, or processed data, as well as prevent their accidental loss, unlawful destruction. We do everything to protect your personal data from unauthorized access, unauthorized use.

Use of our website:

Registration on our website is necessary to access our services on the internet. Registration requires providing personal data (especially name, e-mail address, password, area of interest, etc.). The purpose of registration is to maintain contact, as well as to provide certain information, professional materials, or documents (e.g. programs, making accessible, sending newsletters, as well as ensuring that special information found on the website (e.g. previous event recordings) can only be accessed by registered users.

During registration, providing data marked with an asterisk (*) is essential for registration, so providing them is mandatory, providing other data is optional.

Given that our goal is maximum security of personal data, you have the opportunity to report undesirable events on the Website, which we investigate within 48 hours after the report.

You certainly understand that a "Report" is not always anonymous, since when initiating a procedure, your identification may be necessary for the acting Authority.

You can make a report by phone at +36-1-464-3940 and by e-mail at info@a38.hu.

We forward the data provided in connection with the Report exclusively to the bodies determined by law and to our data protection officer.

The purpose of our Data Processing:

  • content provision on our website, information,
  • visitor identification and facilitating contact with the visitor,
  • identification of services used by the visitor,
  • preparation of statistics, analyses,
  • protection of visitors' rights,
  • enforcement of the Data Controller's legitimate interests,
  • technical development of the IT system.

Protection of Minors:

The services provided by our company are primarily not intended for minors. During data processing, we do not collect data - with the exception of IP address, which is automatically recorded due to the nature of internet services - about individuals who have not completed their 18th year of age.

If we notice that a user of our Website is a child who is using the Website without parental or guardian permission, we will make every effort to delete all information that has come into our possession through the child, and ensure that this information is not forwarded to others or used by us. We ask you to contact us immediately if you notice that a child has provided information about themselves through this Website without parental or guardian permission.

Visitor's Responsibility:

  • You may provide personal data in accordance with the relevant data protection laws and declare that you have appropriate and informed consent for the transfer of information.
  • By making information available, you declare and guarantee that your legal capacity in relation to making information available is not limited.
  • If you are legally deemed "incapable" or "limitedly capable" in relation to making information available, and you are not entitled to make an independent declaration regarding this, you are obliged to obtain the consent of relevant third parties (e.g. legal representative, guardian, parent) for making information available. In this context, you are obliged to consider whether the consent of any third party is needed for making the information available.

Use of Cookies:

A cookie vagy „süti" a Honlap meglátogatásakor a Honlap által az Ön számítógépére küldött információcsomag, amelynek használatával a Honlap bizonyos szolgáltatásai kényelemesebben elérhetővé válnak az Ön számára. Például lehetősége nyílik arra, hogy a Honlap regisztrációhoz kötött felületén a Honlap megjegyezze e-mail címét és jelszavát, azaz ezeket az adatokat – amennyiben Ön hozzájárul – nem kell minden egyes belépésnél megadnia. A cookie-k használatával az Ön igényei jobban felismérhetőek, Ön bármikor jogosult a cookie-kat engedélyezni, vagy azokat letiltani számítógépes böngésző programjának beállításaival, illetve azok módosításaival. Továbbá a böngésző beállításaival tudja lehetővé tenni, hogy a cookie-k használata előtt erre minden esetben egy felugró ablak figyelmeztesse Önt. Amennyiben nem adja hozzájárulását a cookie-k alkalmazásához, az a Honlap bizonyos funkcióinak nem teljes körű használatát eredményezheti. Ha többet szeretne tudni a témában, számos cikk hozzáférhető az interneten. Ilyen például a oldal.

A cookie or "cookie" is an information package sent to your computer by the Website when visiting the Website, through the use of which certain services of the Website can be made more conveniently accessible to you. For example, it allows the Website to remember your e-mail address and password at the registration-bound interface of the Website, i.e., this data - if you consent - does not need to be provided at each login. Cookies can be controlled according to your needs; you are entitled to allow or disable cookies by setting your browser's settings, as well as modifying them. Additionally, you can set your browser settings to always alert you with a pop-up window before cookies are used. If you do not consent to the use of cookies, it may result in not having full access to certain functions of the Website. If you want to know more about the topic, many articles are available on the internet. For example, the http://www.allaboutcookies.org page

We use cookies on the page for the following reasons:

  • to collect statistics,
  • to store user settings,
  • to store consent related to cookies.

You can allow or prohibit cookies by changing your browser settings. Since the possibilities vary by browser, please visit your browser's Help menu for more information.

Legal Basis of Data Processing:

The legal basis for the processing of personal data is the data subject's voluntary, prior, informed consent based on appropriate information. As a visitor, you are entitled to withdraw your consent at any time, which withdrawal does not affect the legitimacy of data processing prior to the withdrawal.

By using the website, you declare that you have read and understood this Policy (valid at the time of data provision) and voluntarily, expressly consent to the use of your personal data provided by you and data generated about you. You may provide personal data in accordance with the relevant data protection laws and declare that you have appropriate and informed consent for the transfer of information.

The Data Controller records your IP address when you access the Website in connection with the provision of the Service, with regard to the Data Controller's legitimate interest and for the legitimate provision of the Service, without your separate Consent. Within the framework of content provision and in connection with it, Data Processing is based on the data subject's voluntary consent. In addition to the legitimate interest of the Data Controller, the fundamental rights to information and freedom of expression, the legislation also defines the framework. If the legal basis of Data Processing is the Data Controller's legitimate interest, the Data Controller has performed and will perform in the future the balancing test, which demonstrates that the Data Controller's given legitimate interest is stronger than the data subject's rights and freedoms related to Data Processing. Upon request in this direction, the Data Controller provides information according to what is written in this Policy.

Duration of Data Processing

As Data Controllers, we process the data provided by you until the realization of the Data Processing purposes, or until the withdrawal of your consent, or until your request for data deletion. We inform you that if you request the deletion of your data, we can fulfill it within 48 hours.

During the operation of the system, data that is automatically recorded technically from the time of their generation is stored for a period justified from the perspective of ensuring the operation of the system. The Data Controller ensures that these automatically recorded data cannot be combined with other personal data - except in cases made mandatory by law.

If a court or authority legally orders the deletion of personal data, the Data Controller executes the deletion. Instead of deletion, the Data Controller - with the notification of the Data Subject - restricts the use of Personal data, if the Data Subject requests it, or if based on the available information, it can be assumed that deletion would harm the legitimate interest of the Data Subject. The Personal data is not deleted by the Data Controller as long as the Data Processing purpose that excludes the deletion of the Personal data exists

Use of Data Processor

In connection with the operation of our website, Data Processing is carried out by an external service provider (in the name of the Data Controller), but the Data Controller only employs Data Processors who provide appropriate guarantees for compliance with the GDPR requirements for Data Processing. The Data Processor cannot engage another data processor without the prior written specific or general authorization of the Data Controller

Possibility of Data Transfer

The Data Controller is entitled and obliged to transfer all Personal data at its disposal and legally stored to the competent authorities, which Personal data must be transferred by law or by an authoritative obligation. Such data transfer, as well as any consequences arising from it, cannot make the Data Controller liable. The Data Controller transfers your data in your place of residence (country) or, depending on the headquarters of the European Economic Area or a corporate group member, also to a database outside the country. The Data Controller only transfers your data to a third-country business as a data controller or data processor where appropriate level of data protection is ensured. The contractual partners and corporate group members do not transfer your data to third parties except for mandatory data transfer based on law.

Data Security

On our website, we take the necessary steps to protect personal data transmitted from your computer and to protect the data stored in various records with appropriate technical solutions to ensure that data stored in the records - unless the law allows otherwise - cannot be directly connected and attributed to the data subject. We inform you that we use data networks with appropriate firewall and password protection, but we draw your attention to the fact that internet data transmission cannot be perfectly secure or flawless. Passwords, identifiers, or other special access methods are for your security; you are responsible for them, except if the damage was caused by the Data Controller's unlawful handling of the Data Subject's data or by violating the data security requirements.

Rights of the Data Subject:

  • You, as a data subject, can request information regarding Data Processing by sending an e-mail to info@a38.hu or by sending a registered letter to the above address of the Data Controller, requesting information regarding Data Processing.
  • You can request information about whether the Data Controller processes your Personal data, and if yes, provide access to it. The information request can extend to the scope of Personal data processed, their source, the purpose of Data Processing, its legal basis, duration, the designation of Data Processors, the activities related to Data Processing.
  • You can request the rectification or modification of your personal data processed by the Data Controller. Taking into account the purpose of Data Processing, the Data Subject can request the completion of incomplete Personal data.
  • You can request the deletion of your Personal data processed by the Data Controller. The Data Controller informs the Data Subject about the rejection of the deletion request in all cases, indicating the reason for the rejection. After fulfilling a request for Personal data deletion, the previous (deleted) data can no longer be restored.
  • The newsletters sent by the Data Controller can be unsubscribed through the unsubscribe link found in them. In case of unsubscription, the Data Controller deletes the Data Subject's Personal data from its newsletter database.
  • You can request that the Data Controller restrict the processing of your Personal data if the accuracy of the processed personal data is disputed. The restriction refers to the time period that allows the Data Controller to check the accuracy of the Personal data. The Data Controller indicates the Personal data it processes if you dispute its accuracy or correctness.
  • You can request that the Data Controller restrict the processing of your Personal data if the Data Processing is unlawful, but you oppose the deletion of the processed Personal data and instead request the restriction of their use.
  • You can request that the Data Controller restrict the processing of your Personal data if the purpose of Data Processing has been achieved, but you require them for the presentation, enforcement, or protection of legal claims.
  • You can request that the Data Controller provide you with the Personal data processed in an automated manner in a structured, widely used, machine-readable format and/or transfer it to another data controller.
  • You can object to the processing of your personal data if the processing of personal data is necessary solely for the fulfillment of a legal obligation concerning the Data Controller or for the enforcement of the legitimate interest of the Data Controller or a third party;
    • or if the purpose of Data Processing is direct business acquisition, public opinion research, or scientific research;
    • or if the Data Processing occurs in the interest of performing a task for the public good.
  • The Data Controller examines the legitimacy of your objection and, if it establishes the validity of the objection, terminates the Data Processing and blocks the processed Personal data, as well as notifies all those who have previously received the Personal data affected by the objection about the objection and the measures taken based on it.

We suggest that the Data Subject exercise judicial or authority remedies related to a question, observation, or complaint regarding Data Processing by contacting the Data Controller's colleagues at info@a38.hu e-mail address.

In case of violation of your rights related to your Personal data, you are entitled to turn to the National Authority for Data Protection and Freedom of Information (address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c., telephone: +36 (1) 391-1400, fax: +36 (1) 391-1410, e-mail: ugyfelszolgalat@naih.hu).

The Data Subject is entitled to turn to court in case of violation of their rights. The court has jurisdiction over the case. The lawsuit - according to the Data Subject's choice - can also be initiated before the court according to the Data Subject's place of residence or stay