Privacy notice on data management in relation to electronic newsletters

Members of the Illés & Németh Association of Attorneys-at-Law (separately: the „Controller”, jointly: the „Controllers”) provides the following information regarding their direct marketing activity according to articles 13 and 14 of the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).

Identity and the contact details of the Controllers

Name Illés Law Office Németh József Law Firm
Registered seat 1052 Budapest Galamb utca 3. 6. em. 4. 1052 Budapest Galamb utca 3. 6. em. 4.
Webpage https://visegradlegal.hu/ http://nemethlegal.hu/
Postal address 1052 Budapest Galamb utca 3. 6. em. 4. 1052 Budapest Galamb utca 3. 6. em. 4.
E-mail address illes@illes-law.hu jozsef.nemeth@nemethlegal.hu
Representative Dr. Illés Ádám irodavezető ügyvéd Dr. Németh József irodavezető ügyvéd

 

Data controllers are considered to be joint controllers who carry out data processing activities in the form of sending electronic information newsletter.

Description and purpose of data processing Legal basis Processed personal data Period of data processing

Sending newsletter

The purpose of the data processing is to inform, clients and interested parties about current legal issues, new legislation and court and administrative decisions of relevance to business life.

legitimate interest

·        name of representative of companies

·        name of data subject

·        e-mail address

until the data subject objects to the processing

(With the addition that Controllers review the necessity of the data processing every three years)

Source of the personal data processed by the Controller: the newsletter is sent by the Controllers to their existing clients and to potential clients interested in the legal services provided by the Controllers – the sending of the newsletter is based on the contact initiated by the clients.

Data processor:

Arsboni Kft.

Registered address: 1149 Budapest, Egressy út 46/B. 1. em. 3.

Email: arsboni@arsboni.hu

The Controllers process personal data on the basis of their legitimate interest of direct marketing activities for the purpose of informing the recipients about the economic activities of the Controllers. The Controllers have assessed the legitimate interests underlying the processing activity, the necessity of the processing and the impact of the activity on the rights and freedoms of data subjects.

The Data Controllers shall transmit the personal data processed to the competent authorities in cases specified by law, upon request by public authorities.

RIGHTS OF DATA SUBJECTS

The natural persons concerned by the data processing have the following rights related to the data processing.

1. Right of access:

Data subjects have the right to obtain confirmation using the given contacts as to whether or not personal data concerning them are being processed and, where that is the case, access to the personal data and the following information:

a) the purposes of the processing,

b) the categories of personal data concerned,

c) the recipients or categories of recipient to whom the personal data have been or will be disclosed,

d) the envisaged period for which the personal data will be stored,

e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing,

f) the right to lodge a complaint,

g) the existence of automated decision-making, including profiling, and information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.

Information shall be provided without undue delay, in one month from receiving your request. Primarily, Controllers provide information in the same form as the request is received.

Controllers provide information free for the first time in each calendar year. For requests filed repeatedly for the same scope of data, Controllers may charge administrational fees, provided that no infringement found and no rectification was necessary.

Gross administrational fee shall be 1,000 HUF per personal data

2. Rectification

In case personal data processed by the Controller is inaccurate, and accurate data is available or sent them, the Controller will rectify such personal data.

3. Erasure of personal data

Controller erase processed personal data if:

a)      it has been unlawfully processed;

b)     you withdraw your consent and there is no other legal ground for the processing;

c)      you object to the processing

d)     it is no longer necessary in relation to the purposes for which they were collected or otherwise processed;

e)      it has to be erased for compliance with a legal obligation.

4. Right to restriction

Restriction of the data processing shall take place in the following cases:

a) if the data subject contests the accuracy of the personal data (for the period of verifying accuracy)

b) if the processing is unlawful and the data subject do not request erasure,

c) if the Controllers do not need the personal data for the purposes of the processing any more, but they are required by you for the establishment, exercise or defence of legal claims;

d) if the data subject objects to processing (for the period of studying the objection assessing whether legitimate interests of the Controllers or the data subjects shall prevail)

In case of restriction of processing, the Controllers will not process the concerned personal data (except from storage). Controllers will send prior notification before lifting restrictions.

5. Objection

Data subjects may object to the process of your personal data, for the purpose of direct marketing. The data subject can communicate the objection by clicking on the link provided in the newsletter.

6. Lodging a complaint

In case the data subject believes that the data processing is detrimental, he/she may lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság)

7. Data portability

On request, Controllers will send the personal data concerning the data subjects, in a structured, commonly used and machine-readable format.

8. Compensation for damages, restitution

If the Controllers cause the data subjects or others any damage by unlawful or unsafe processing of personal data, the person suffered damage is entitled to claim compensation for damages. In case the harm affects rights relating to personality, the affected person shall be entitled to claim for restitution. Controllers shall not bear liability if the damages are the result of an unavoidable cause beyond the course of processing or caused by the data subject’s intentional or grossly negligent behavior

Exercising claims

1. Contacting the Controllers

If the data subjects believe that the Controllers do not act lawfully processing the personal data, they first should share their comment with the controllers first to deal with it the fastest and most effective way.

2. Hungarian National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság, NAIH)

In case of unlawful processing, data subjects may lodge a complaint with NAIH.

Contacts of NAIH:
webpage: http://www.naih.hu/
address: 1055 Budapest Falk Miksa u. 9-11.
postal address: 1363 Budapest, Pf.: 9.
e-mail: ugyfelszolgalat@naih.hu

3. Going to court

Data subjects are entitled to exercise their claims in front of court. General courts shall have competence of the procedure. Data subjects may initiate trial on the general court that has jurisdiction either in their residential address or the Controller’s registered seat.