Data processing information
- Purpose of the Information and data processing
The purpose of this Notice is to record the data protection and management principles applied by Debreczeni Tibor EV (hereinafter: Data Controller) during its economic activities and on its websites, and the Data Controller’s data protection and management policy, which the Data Controller recognizes as binding on itself.
When developing these rules, the Data Controller took into particular consideration the provisions of national legislation, in particular Act CXII of 2011 on the right to informational self-determination and freedom of information (“Infotv.”) and Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR). - Data Controller’s data
Data controller: Debreczeni Tibor EV (Data Controller)
Registered office: 6097 Kunadacs, Deák F. u. 24.
Email address: tdebreczeni@gmail.com
The Data Controller is responsible for the preparation of this Data Management Notice (“Notice”), for compliance with its contents, for monitoring, and for implementing any necessary changes. The current version of the Notice is available at the Company’s headquarters and on the website www.anka.hu. - Definitions
The GDPR (General Data Protection Regulation) is the new Data Protection Regulation of the European Union;
Data processing: any operation or set of operations which is performed on personal data or data files, whether or not by automated
means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use,
disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or
destruction;
Data processor: the natural or legal person, public authority, agency or any other body which processes personal data on behalf
of the data controller;
Personal data: any information relating to an identified or identifiable natural person (data subject); an identifiable natural person
is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, a number, location
data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic,
cultural or social identity of that natural person;
Data controller: the natural or legal person, public authority, agency or any other body which, alone or jointly with others, determines
the purposes and means of the processing of personal data; if the
Consent of the data subject: any freely given, specific, adequately informed and unambiguous indication of the data subject’s wishes by which the data subject, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data concerning him or her;
Data protection incident: a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to, personal data transmitted, stored, or otherwise processed.
Recipient: the natural or legal person, public authority, agency or any other body to which personal data are disclosed, whether or not a third party. Public authorities which may have access to personal data in the context of an individual investigation in accordance with Union or Member State law shall not be considered recipients; the processing of such data by such public authorities shall be in accordance with the applicable data protection rules in accordance with the purposes of the processing;
Third party: a natural or legal person, public authority, agency or any other body other than the data subject, the controller, the processor or the persons who, under the direct control of the controller or processor, are authorised to process personal data.
- Data processing guidelines
The data controller declares that it processes personal data in accordance with the data processing information and complies with the provisions of the relevant laws, with particular attention to the following:
Personal data must be processed lawfully, fairly and in a manner that is transparent to the data subject.
Personal data may only be collected for specified, explicit and legitimate purposes.
The purpose of processing personal data must be adequate and relevant and limited to what is necessary.
Personal data must be accurate and up-to-date. Inaccurate personal data must be deleted immediately.
Personal data shall be stored in a form which permits identification of data subjects only for the period necessary. Personal data may be stored for a longer period only if the storage is for archiving purposes in the public interest, scientific and historical research purposes or statistical purposes.
Personal data must be processed in such a way that appropriate technical or organizational measures are used to ensure the
appropriate security of personal data, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage to the data.
The principles of data protection must apply to all information relating to an identified or identifiable natural person. - basic data processing information
The purpose of data management is to enable the Data Controller to provide appropriate additional services to persons who apply/register on the website during the operation of the website.
The legal basis for data processing is the consent of the person concerned.
The scope of data processing includes the website’s registered/applicant users.
Duration of data processing and deletion of data. The duration of data processing always depends on the specific user purpose, but the data must be deleted immediately if the originally intended purpose has been achieved. The data subject may withdraw his/her consent to data processing at any time by sending a letter to the contact e-mail address. If there is no legal obstacle to deletion, in this case his/her data will be deleted.
Those entitled to access the data are the data controller and those specified in the data controller’s data protection policy.
The data subject may request from the controller access to, rectification, erasure or restriction of processing of personal data concerning him or her, and may object to the processing of such personal data, as well as the data subject’s right to data portability.
The data subject may withdraw their consent to data processing at any time, but this does not affect the lawfulness of the data processing carried out on the basis of consent before the withdrawal.
The data subject may exercise the right to lodge a complaint with the supervisory authority.
If the data subject wishes to use the benefits of registration, i.e. to use the website’s services in this regard, it is necessary to provide the requested personal data. The data subject is not obliged to provide personal data, and failure to provide data will not have any adverse consequences for him. However, the use of certain functions of the website is not possible without registration.
The data subject has the right to obtain from the controller, at his or her request, the rectification or completion of inaccurate personal data concerning him or her without undue delay.
The data subject has the right to obtain from the controller, upon request, the erasure of inaccurate personal data concerning him or her without undue delay, and the controller is obliged to erase the personal data concerning the data
subject without undue delay, unless there is another legal basis for the processing.
Modification or deletion of personal data can be initiated by e-mail, telephone or letter using the contact details provided in point 1. - Data processed by the Data Controller
The Data Controller processes data in connection with two main service activities.
6.1. Driver education activities of the Data Controller (preparation for theoretical and practical training exams)
The Data Controller and the Happy Car Driving School (hereinafter referred to as the Driving School) handle the data of the student (hereinafter referred to as the Student) applying for driver training with them confidentially and forward it to them in a manner and form specified by E-Educatio Information Technology Zrt.
The Data Controller treats the personal data received from the Driving School about the Student confidentially and uses it in the manner determined by the Driving School (e.g. exam administration, recording of driving data).
6.1.1. Application/registration via website
Application can be made using the form on the website.
The data provided on the form will be forwarded to the Driving School as described above.
Legal basis for registration data processing: Student’s consent
Data subjects: registered users of the website
Duration of data processing: data processing takes place until the consent is withdrawn.
The Student may withdraw his/her consent to data processing at any time by sending a letter to the contact email address.
Deletion of data: occurs when consent to data processing is withdrawn. The Student may withdraw his/her consent to data
processing at any time by sending a letter to the contact email address.
Those entitled to access the data are: the Data Controller and the Driving School
Modification or deletion of personal data: can be initiated by email, telephone or
Providing consent to data processing: by submitting the data on the form in accordance with the information on the form
Scope of processed data -Specific purpose of the data processing
Name Identification -contact, billing.
Address Identification -contact, billing.
Email Identification -contact.
Phone Identification -contact.
Purpose of education -To clarify the requested service
Registration date -Technical information operation.
IP address -Technical information operation.
6.1.2. By electronic mail
The personal data provided by the Student in the e-mail is treated confidentially by the Data Controller and forwarded to them in the manner and form specified by E-Educatio Information Technology Zrt. Purpose of data processing: providing additional services and contacting you Legal basis for registration data processing: Student’s consent
The scope of data processing: students applying for training Duration of data processing: data processing takes place until the consent is withdrawn. The Student may withdraw his/her consent to data processing at any time by sending a letter to the contact e-mail address.
Deletion of data: occurs when consent to data processing is withdrawn. The Student may withdraw his/her consent to data processing at any time by sending a letter to the contact email address.
Those entitled to access the data are: the Data Controller and the Driving School
Providing consent to data processing: by submitting the data on the form in accordance with the information on the form
Scope of processed data -Specific purpose of the data processing
Name Identification -contact, billing.
Email Identification -contact.
Other data requested by the driving school -Course registration on the eTitán platform used by the driving school
6.2.
6.2.1. Contact form
The data provided on the form is treated confidentially by the Data Controller and will not be disclosed to third parties. Purpose of data processing: providing additional services and contacting you Legal basis for registration data processing: Visitor’s consent Scope of data processing: website users who intend to contact us Duration of data processing: data processing takes place until the consent is withdrawn. The Visitor may withdraw his/her
consent to data processing at any time by sending a letter to the contact e-mail address.
Deletion of data: occurs when consent to data management is withdrawn. The Visitor may withdraw their consent to data management at any time by sending a letter to the contact e-mail address. Those entitled to access the data are: the Data Controller
Modification or deletion of personal data: can be initiated by e-mail, telephone or Providing consent to data processing: can be done by intentionally checking the empty checkbox located on the website and specifically intended for this purpose.
Scope of processed data -Specific purpose of data processing
Name Identification, -contact, billing.
Email Identification, -contact.
Message -Specify the requested service
Registration date -Technical information operation.
IP address -Technical information operation.
6.2.2. By electronic mail
Interested customers (hereinafter referred to as Interested Parties) who are contacting the Data Controller regarding its services may also contact the Data Controller by e-mail. The Data Controller will treat the personal data provided by the Interested Party/Customer in the e-mail as confidential and will not pass it on to third parties.
Purpose of data processing: providing additional services and contacting you Legal basis for registration data processing: Customer/Interested Party’s consent Data subjects: Customer, Interested party Duration of data processing: data processing takes place until the consent is withdrawn. The Customer/Interested Party may withdraw their consent to data processing at any time by sending an email to the contact email address.
in a letter sent to the address.
Deletion of data: occurs when consent to data processing is withdrawn
The Customer/Interested Party may withdraw their consent to data processing at any time by sending an email to the contact email address. in a letter sent to the address.
Those entitled to access the data are: the Data Controller
Modification or deletion of personal data: can be initiated by email, telephone
Providing consent to data processing: this can be done by intentionally checking the empty checkbox on the website
specifically designed for this purpose.
Scope of processed data -Specific purpose of the data processing
Name Identification -contact, billing.
Email Identification -contact.
Service-related data -Provision of personalized service
- Cookies
Cookies are placed on a user’s computer by visited websites and contain information such as page settings or login status.
Cookies are files created by websites you visit. They improve your user experience by saving your browsing data. Cookies help the website remember your preferences and offer you locally relevant content.
The user has the option to delete cookies from browsers at any time in the Settings menu.
Scope of data processing: website visitors Purpose of data processing: additional services, identification, tracking of visitors
Legal basis for data processing: the user consents to the use of cookies by using the website and clicking the Accept button in the pop-up window providing information about this.
Scope of data: unique identification number, time, settings data
Data controllers authorized to view the data: does not process personal data using cookies. Data controller
Data storage method: electronic - Data processors
The Data Controller only uses data processors who provide adequate guarantees that data processing complies with the requirements of data protection laws in force at all times, ensure the protection of the rights of the data subjects, and take appropriate technical and organizational measures to protect personal data.
Hosting provider:
Name: Tárhely.eu Online Service Provider Ltd. Headquarters: 1097 Budapest, Könyves Kálmán körút 12-14 Phone: +36 1 789-2-789
Web: tarhely.eu
The data provided by the Student/Interested Person/Client is on a server operated by the hosting provider. stored.
The hosting provider processes this data in the manner shown in its data management information displayed on the tarhely.eu website. Those authorized to access the data: employees and employees operating the software Name of the activity: hosting service, server service Purpose of data processing: to ensure the operation of the website
Duration of data management and deletion of data: data management until the end of the website’s operation, or according to the contractual agreement between the website operator and the hosting service provider, the data subject may, if necessary, request the deletion of their data by contacting the hosting service provider.
Legal basis for data processing: consent of the person concerned or data processing based on law - Data transfer
By accepting this Privacy Policy, the User, having acknowledged our data protection principles, expressly consents to the Data Controller transferring data to service providers with whom he has a direct contractual relationship, in relation to the data provided. All data subjects may use the transferred data exclusively for the purpose of fulfilling the contractual task, and are not entitled to retain them for further use or pass them on to third parties in any form. The purpose of the data transfer: Fulfilling the contractual tasks of the Data Controller. We do not make the stored data accessible to any third party, except in cases specified by law (e.g. in the context of criminal proceedings) or for the fulfillment of contractual tasks.
The Data Controller transfers data to the following partners:
9.1. Upper-Kiskunsági Economic Development Foundation Hungary: the accountant of the Data Controller (6097 Kunadacs, Kossuth L. u. 51.)
The data controller only transmits to the above accounting firm the data necessary to fulfill its order, which are the financial documents of the enterprise and supporting documents.
It is not possible to list the scope of the transmitted data in detail. The purpose of the data transmission is to facilitate the fulfillment of the accountant’s assignment, to comply with the relevant legislation on taxation and accounting.
9.2. Happy Car Driving School
The data controller transmits the Student’s training-related data to the Driving School in the manner and form specified by the Driving School. The Driving School acts in relation to the data received in accordance with the data management information published on its website.
- Rights related to data processing
The Data Controller respects the rights of the Student, Interested Party, Customer (hereinafter referred to as User) regarding data processing.
10.1. Right to request information
10.2. Right to rectification
The User may request that the Data Controller modify any of his/her data via the provided contact details.
The Data Controller will take action on this request immediately, but no later than within 30 days, and will send information to the e-
mail address provided by the User.
10.3. Right to erasure
The User may request the deletion of their data via the contact details provided. Upon request, this will be done immediately, but no later than within 30 days, and the Data Controller will send information to the e-mail address provided by the User.
10.4. Right to lock
The User may request the blocking of his/her data via the provided contact details. The blocking will last until the reason indicated by the User makes it necessary to store the data. Upon the User’s request, this will be done immediately, but no later than within 30 days, and the Data Controller will send information to the e-mail address provided by the User.
10.5. Right to object
The User may object to the data processing via the provided contact details. The objection will be examined as soon as possible from the date of submission of the request, but no later than 15 days, and a decision will be made on its merits, and the Data Controller will inform the User of its decision by e-mail.
10.6. Legal remedies related to data processing
In case of unlawful data processing that you have experienced, please notify our company, so that the legal situation can be restored within a short time. We will do everything in your interest to resolve the outlined problem.
If, in your opinion, the legal status cannot be restored, please notify the authority using the following contact details:
Postal address: 1530 Budapest, P.O. Box: 5.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
E-mail: ugyfelszolgalat (at) naih.hu
URL https://naih.hu
coordinates: N 47°30’56”; E 18°59’57”
Comments are closed.