Privacy Statement – for data management in connection with events
1. PURPOSE OF THE STATEMENT
The purpose of this Statement is to provide information about the principles of data protection and data management applied by the Tempus Public Foundation regarding the events (conferences, seminars, workshops etc.) organized by it.
The Tempus Public Foundation (hereafter referred to as Data Controller) manages the personal data of those who register for the events while using the www.tka.hu website (hereinafter referred to as the “website”), and of those who participate in the events.
2. THE DATA CONTROLLER’S NAME
Name: Tempus Public Foundation
Headquarters and mailing address: 1077 Budapest Kéthly Anna tér 1.
Phone number: + 36-1-237-1300
represented by: Dr. Tamás Dezső president
Data protection officer: Dóra Tomcsik
E-mail address: email@example.com
3. SCOPE OF THE PERSONAL DATA MANAGEMENT
In connection with the event organization, we will manage the following personal data:
- e-mail address
- phone number
- special needs (disability, food intolerance/allergy, special food needs)
In connection with the data process detailed in Article 4.5, we will manage the following personal data:
- e-mail address
If any modification or change occurs in the data management period of the data handled by the Data Controller, please notify us immediately of the above availability.
4. THE LEGAL BASIS, OBJECTIVE AND METHOD OF DATA MANAGEMENT
4.1. The Management of data is based on your voluntary, informed statement, which includes your explicit consent for the use of your personal data provided during the event organization. Legal Basis for the management of data: the voluntary consent of the person concerned according to Article 6 (1) (a) of Regulation (EU) 2016/679 (General Data Protection Regulation).
Your contribution to the newsletter subscription by voluntarily providing the information in question regarding the data handling regarding the sending of newsletters will be voluntary bypassing the contributing declaration. Without these data you are unable to attend on the events.
The legal basis for data processing regarding the special needs is that the Data Handler also provides meals during the event. By filling in the field of food allergies to the registration form you have the right to inform the Data Manager about any food allergy. The Data Manager only handles your name and food allergy type in order to avoid serving certain foods to you.
If you arrive with a wheelchair at the event, the Data Controller provides barrier-free access. The legal basis for data handling is your explicit consent to the GDPR Article 9 (2) (a), which can be done by filling in the accessibility form of the registration form clearly. This information is not mandatory. You can withdraw your consent at any time by emailing to the firstname.lastname@example.org e-mail address.
Healthcare data is accessible to the data controller or its internal staff to whom the data process is related to his / her job responsibilities. The consent will be given by registering voluntarily to the event.
4.2. The purpose of data management is to organize conferences, workshops, trainings related to the dissemination of the activities of the data controller - including the follow-up activities of the relevant event -, and to provide adequate food or barrier-free transport on special demand. The follow-up of the event takes place in the form of an e-mail inquiry, to which the response is voluntary. The data controller uses the data you have provided exclusively for the purpose of sending you the newsletter.
4.3. The data controller may not use or use the provided personal data for purposes other than those set out in these points. Disclosure of personal data to a third party - unless otherwise provided by law - is only possible with your prior express consent.
4.4. The data controller does not verify the personal information you provide. The authenticity of the data given is your sole responsibility. When submitting your e-mail address, you also assume liability for being the sole user of the e-mail address provided. With respect to this liability, any entry from an e-mail address will be attributed solely to you to as the person who registered the e-mail address.
4.5. When registering online for the event, you have the opportunity to request a notice on a volunteer basis about similar events held by the Data Controller. The notification will be sent by email to the contact you provide. You can do so by signing up for the event, so your related data management will be based on your voluntary, informed statement. The Data Controller processes your name and email address. Legal Basis for Data Processing: According to Article 6 (1) (a) of Regulation (EU) 2016/679 (General Data Protection Regulation), the voluntary contribution of the person concerned. You can withdraw your consent at any time by emailing the email@example.com e-mail address.
5. THE DURATION OF THE DATA MANAGEMENT
The personal data you provide will be processed until the completion of a professional evaluation following the completion of the event or if you have consented to notify you about similar events of your Data Manager until your consent has been withdrawn as written in Article 4.5.
6. SCOPE OF PERSONS WITH ACCESS TO THE DATA, DATA TRANSFER AND DATA PROCESSING
It is primarily the Data Controller and its internal staff who are entitled to have access to the data because it is part of their job to manage such data.
7. THE RIGHTS AND RECOURSE TO LAW AVAILABLE TO THE PERSONS CONCERNED
7.1. You are entitled at any time to request information about your personal data managed by the Data Controller and may modify such data at any time by sending an e-mail request addressed to the contact details provided in Point 7.3.
7.2. At your request, the Data Controller must provide you with information regarding your personal data it manages, the data processed by the data processor entrusted by it, the source of such data, the purpose, legal basis and duration of the data management, the data processor’s name, address and activities in connection with the handling of the data, the circumstances and effects of the data protection incident, the measures taken to remedy the incident, and – in the case of transmission of the personal data – the legal basis and the recipient of the data transfer. The service provider must provide the requested information in writing within 30 days of the submission of the request.
The Data Controller - through its data protection officer - keeps a record to supervise and keep you informed of any measures taken in connection with the data protection incident including the scope of personal data concerned, the scope and number of persons affected by the data protection incident, the date, circumstances and effects of the data protection incident and the measures implemented in order to remedy the incident, as well as any other data specified in the laws governing the management of data.
7.3. You can exercise your rights via the following contact details:
E-mail address: firstname.lastname@example.org
You may contact the Data Controller’s data processing officer with any questions or observations regarding the processing of data via the contact details provided in Point 7.3.
7.4. You are entitled at any time to request the correction or erasure of any incorrectly recorded data. The Data Controller corrects or erases the data within one month of the receipt of the request at the email@example.com email address.
If the Service Provider refuses to comply with the Concerned Person’s request for correction or erasure, it must justify in writing the factual and legal grounds for such refusal of the cancellation within one month of receipt of the request.
You may object to the handling your personal information. The Data Controller must examine the objection within the shortest time but no later than one month from the submission of the request, make a decision on its validity and inform the applicant in writing.
7.5. You may apply to the National Privacy and Information Authority (1125 Budapest, Erzsébet Szilágyi fasor 22 / c, www.naih.hu).
7.6. If you have provided third-party data for the use of the service, the Data Controller is entitled to seek damages from you. In such cases, the Data Controller must provide all available assistance to the competent authorities for the purpose of establishing the identity of the infringing person.
8. OTHER PROVISIONS
8.1. In all cases where the Data Controller intends to use the data provided for purposes other than the purpose of the original data collection, it will notify and obtain from you your prior express consent, and will provide you the opportunity to prohibit such use.
8.2. The Data Controller undertakes to ensure the security of the data, to implement technical measures to ensure the protection of the recorded, stored or managed data, and to do everything in its power to prevent the destruction, unauthorized use and unauthorized alteration of the data. The Data Controller also undertakes to call on any third party to whom the data may be transferred or handed over to comply with these obligations.
8.3. The Data Controller reserves the right to unilaterally modify the rules and information on its website regarding the management of data.
Utolsó módosítás: 2018.09.28.