Privacy Statement – for data management in connection with the “Bridge for Transcarpathia - Higher Education Questionnaire”

1. PURPOSE OF THE STATEMENT

The purpose of this Statement is to provide information about the principles of data protection and data management applied by the Tempus Public Foundation regarding the completion of the “Bridge for Transcarpathia - Higher Education Questionnaire”.

The Tempus Public Foundation (hereafter referred to as Data Processor) manages the personal data of those who complete the ‘Study in Hungary - Students at Risk’ survey.

2. THE DATA CONTROLLER’S NAME

Name: Tempus Public Foundation
Headquarters and mailing address: 1077 Budapest Kéthly Anna tér 1.
Phone number: + 36-1-237-1300 Represented by: Károly Czibere
Data protection officer: Dr. Gábor Ugrai
E-mail address: adatvedelem@tpf.hu

3. SCOPE OF THE PERSONAL DATA MANAGEMENT

In connection with the questionnaire, we will manage the following personal data:

• name
• e-mail address(es)
• phone number(s)
• citizenship
• current studies

If any modification or change occurs in the data management period of the data handled by the Data Controller, please notify us immediately of the above availability.

4. THE LEGAL BASIS, OBJECTIVE AND METHOD OF DATA MANAGEMENT

4.1. The Management of data is based on your voluntary, informed statement, which includes your explicit consent for the use of your personal data provided during the questionnaire. Legal Basis for the management of data: the voluntary consent of the person concerned according to Article 6 (1) (a) of Regulation (EU) 2016/679 (General Data Protection Regulation).

4.2. The purpose of data management is to allow us to collect data for needs assessment from students at risk, who had a student status at a Ukrainian higher education institution on 24 February 2022 and wish to stay and continue their higher education studies in Hungary, and from scholars who wish to take part in mobility scholarships in Hungary. The data controller uses the data you have provided exclusively for the purpose of contacting you regarding educational opportunities in Hungary.

4.3. The data controller may not use or use the provided personal data for purposes other than those set out in these points. Disclosure of personal data to a third party (related Hungarian higher education institution) is needed.

4.4. The data controller does not verify the personal information you provide. The authenticity of the data given is your sole responsibility.

5. THE DURATION OF THE DATA MANAGEMENT

Personal data will be processed for 1 year.

6. SCOPE OF PERSONS WITH ACCESS TO THE DATA, DATA TRANSFER AND DATA PROCESSING

It is primarily the Data Controller and its internal staff who are entitled to have access to the data because it is part of their job to manage such data. Besides the authorized employees, the following parties may have access to your data:
- staff of the related Hungarian higher education institutions.

7. THE RIGHTS AND RECOURSE TO LAW AVAILABLE TO THE PERSONS CONCERNED

7.1. You are entitled at any time to request information about your personal data managed by the Data Controller and may modify such data at any time by sending an e-mail request addressed to the contact details provided in Point 7.3.

7.2. At your request, the Data Controller must provide you with information regarding your personal data it manages, the data processed by the data processor entrusted by it, the source of such data, the purpose, legal basis and duration of the data management, the data processor’s name, address and activities in connection with the handling of the data, the circumstances and effects of the data protection incident, the measures taken to remedy the incident, and – in the case of transmission of the personal data – the legal basis and the recipient of the data transfer. The service provider must provide the requested information in writing within 30 days of the submission of the request.

The Data Controller - through its data protection officer - keeps a record to supervise and keep you informed of any measures taken in connection with the data protection incident including the scope of personal data concerned, the scope and number of persons affected by the data protection incident, the date, circumstances and effects of the data protection incident and the measures implemented in order to remedy the incident, as well as any other data specified in the laws governing the management of data.

7.3. You can exercise your rights via the following contact details:

E-mail address: adatvedelem@tpf.hu

You may contact the Data Controller’s data processing officer with any questions or observations regarding the processing of data via the contact details provided in Point 7.3.

7.4. You are entitled at any time to request the correction or erasure of any incorrectly recorded data. The Data Controller corrects or erases the data within one month of the receipt of the request at the adatvedelem@tpf.hu email address.

If the Service Provider refuses to comply with the Concerned Person’s request for correction or erasure, it must justify in writing the factual and legal grounds for such refusal of the cancellation within one month of receipt of the request.

You may object to the handling your personal information. The Data Controller must examine the objection within the shortest time but no later than one month from the submission of the request, make a decision on its validity and inform the applicant in writing.

7.5. In case of complaint, you may apply to the

National Privacy and Information Authority (1055 Budapest, Falk Miksa u. 9-11. www.naih.hu, ugyfelszolgalat@naih.hu).

7.6. If you have provided third-party data for the use of the service, the Data Controller is entitled to seek damages from you. In such cases, the Data Controller must provide all available assistance to the competent authorities for the purpose of establishing the identity of the infringing person.

8. OTHER PROVISIONS

8.1. In all cases where the Data Controller intends to use the data provided for purposes other than the purpose of the original data collection, it will notify and obtain from you your prior express consent, and will provide you the opportunity to prohibit such use.

8.2. The Data Controller undertakes to ensure the security of the data, to implement technical measures to ensure the protection of the recorded, stored or managed data, and to do everything in its power to prevent the destruction, unauthorized use and unauthorized alteration of the data. The Data Controller also undertakes to call on any third party to whom the data may be transferred or handed over to comply with these obligations.

8.3. The Data Controller reserves the right to unilaterally modify the rules and information on its website regarding the management of data.

Utolsó módosítás: 2022.03.09.