Data protection

1. In short

  • We only collect and process personal data in accordance with the law.
  • Direct messages will only be sent with your specific consent. However, we can send you a system message even without specific consent.
  • We store your data as securely as possible, and only disclose personal data to third parties with your consent.
  • Anyone will be informed about the data we store about them and can request the erasure of their data at any time.

2. Interpretative definitions

Data Subject/User: any natural person who is identified or can be identified, directly or indirectly, on the basis of specific Personal Data.

Personal Data: data which can be associated with the Data Subject, particularly their name, their identification mark and one or more factors specific to their physical, physiological, mental, economic, cultural or social identity, and the inference which can be drawn from the data concerning the Data Subject.

Consent: a voluntary and explicit declaration of the Data Subject’s intention, based on appropriate information, by which they give their unambiguous consent to the processing of Personal Data concerning them, either in full or in relation to specific operations.

Objection: a statement by the Data Subject objecting to the processing of their Personal Data and requesting the cessation of the processing or the erasure of the processed data.

Data Controller: a natural or legal person or an entity without legal personality who or which, alone or jointly with others, determines the purposes for which the data are to be processed, takes and implements decisions regarding the processing (including the means used) or has them implemented by a Data Processor on its behalf.

Data Processing: any operation or set of operations which is performed upon data, regardless of the procedure used, in particular any collection, recording, capturing, systemization, storage, alteration, use, interrogation, transmission, disclosure, alignment or combination, blocking, erasure or destruction of data, prevention of their further use, taking of photographs, sound recordings or images and physical features which can be used to identify a person (e.g. fingerprints, palm prints, DNA samples, iris scans).

Data Transfer: making data available to a specified third party.

Data Erasure: rendering data unrecognizable in a manner that there is no room for possible recovery.

Data Marking: distinction of data with an identification mark.

Data Blocking: marking of data with an identification mark in order to limit its further processing permanently or for a limited period of time.

Data Destruction: the complete physical destruction of the data medium containing the data.

Data Processing: the performance of technical tasks related to data processing operations, irrespective of the method and means used to perform the operations and the place of application, provided that the technical task is performed on the data.

Data Processor: a natural or legal person, or an entity without legal personality who or which processes data on the basis of a contract with the Data Controller, including a contract concluded pursuant to a legal provision.

Data Breach: unlawful processing or handling of Personal Data, in particular unauthorized access, alteration, transmission, disclosure, erasure or destruction, accidental destruction or accidental damage.

3. Purpose of the Privacy Policy

DKP Visual Ltd. (Seat: H-1137 Budapest, Katona József utca 39., Company Registration Number: 01-09-359566) (hereinafter “Service Provider”, “Data Controller”) as the Data Controller, acknowledges the contents of this legal notice as binding upon it. It undertakes to ensure that any processing of data relating to its activities complies with the requirements set out in this Policy and in the applicable national legislation and European Union acts.

The Privacy Policy of DKP Visual Ltd. in relation to its data processing is available continuously at www.donatkekesi.com/adatvedelem.

DKP Visual Ltd. reserves the right to change this information at any time. Any changes will be communicated to the public in due time.

If you have any questions about this notice, please contact us at info@donatkekesi.com and we will assist you.

DKP Visual Ltd. is committed to protecting the Personal Data of its customers and partners and attaches the utmost importance to respecting its customers’ right to informational self-determination. DKP Visual Ltd. treats Personal Data confidentially and takes all security, technical and organizational measures to guarantee the security of the data.

Please find the detailed data management practices of DKP Visual Ltd. below.

4. Data of the Data Controller

If you wish to contact us, you can contact the Data Controller at info@donatkekesi.com.

Name: DKP Visual Ltd.
Seat: H-1137 Budapest, Katona József utca 39.
Company registration number: 01-09-359566
Tax number: 27981841-2-41
Email: info@donatkekesi.com

4.1 Data Protection Officer

DKP Visual Ltd. does not engage in any activities that would justify the employment of a Data Protection Officer.

5. Scope of Personal Data Processed

5.1 Personal Data to be provided during online log in

The fact of data collection, the scope of the data processed:

Name (first and last name)
Email address
Phone number
Message
Date of completion of the form

Data Subjects: All Data Subjects using the form.

Purpose of the data collection: to maintain contact with you to better coordinate issues related to orders.

Duration of data processing, deadline for erasure of data: the Data Controller processes Personal Data until the Data Subject requests for erasure.

Description of Data Subjects’ rights in relation to data processing: Data Subjects may request the erasure or modification of their Personal Data in the following ways:

Email: info@donatkekesi.com
Address: H-1137 Budapest, Katona József utca 39.

Legal basis for processing: the User’s consent.

The data of the Data Processor (hosting provider) used for the processing:

Name: Netdoor Kft.
Seat: Akadémia u. 14, Budapest, Hungary 1054
Company registration number: 01-09-936833
Tax number: 22635813-2-41
Email: info@serverkraft.hu

5.2. Technical data

DKP Visual Ltd. selects and operates the IT tools used to process Personal Data while providing the service in such a way that:

  • the data processed is accessible to authorized persons (availability);
  • the processed data’s authenticity and verification is ensured (authenticity of processing);
  • the data processed can be verified to be unchanged (data integrity);
  • the data processed is protected against unauthorized access (data confidentiality).

DKP Visual Ltd. takes appropriate measures to protect the data against unauthorized access, alteration, transmission, disclosure, erasure, or destruction and against accidental destruction.

DKP Visual Ltd. ensures the security of data processing by technical, managerial and organizational measures that provide a level of protection appropriate to the risks associated with the processing.

In the course of data processing, DKP Visual Ltd. keeps

  • confidentiality: it protects information in a manner that only those who are entitled to it can access it;
  • integrity: it protects the accuracy and completeness of the information and the method of processing;
  • availability: ensuring that when the authorized user needs it, they can access the information and have the means to do so.

5.3 Cookies

The data controller uses the services of the Google Analytics system in connection with the website. Cookies managed by Google Analytics help measure website visits and other web analytics data. The information collected by cookies is transmitted to and stored on external servers operated by Google. Google primarily uses this information for the data controller to monitor website visits and to analyze website activity. Google is entitled to transfer this information to third parties if this is required by law. Google is also entitled to forward this data to third parties it uses to process the data. More information on the handling of data by Google Analytics is available by clicking here.

5.4 Data related to the newsletter

The Data Controller will send advertising or promotional (newsletter) mail by post, by email to the email addresses provided during registration, only with the explicit consent of the User, in cases and in a manner that complies with the legal requirements. The User may unsubscribe from the newsletter at any time by:

  • using the link at the bottom of the newsletter or
  • sending an email to info@donatkekesi.com or
  • by sending a mail to the following address: H-1137 Budapest, Katona József utca 39.

6. Intended Use And Retention Period of The Data Processed

The Data Controller processes Personal Data until the Data Subject requests for erasure.

7. Purpose, Method, And Legal Basis of Processing

7.1 General data processing policy

The data processing of the activities of DKP Visual Ltd. is based on voluntary consent and legal authorization. In the case of processing based on voluntary consent, Data Subjects may withdraw their consent at any time during the processing.

In certain cases, the processing, storage, and transmission of some of the data provided is required by law, and we will notify our clients separately.

Please note that if you provide Personal Data to DKP Visual Ltd., it is the responsibility of the data provider to obtain the consent of the Data Subject.

The data management principles of DKP Visual Ltd. comply with the applicable data protection legislation, in particular:

  • Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information;
  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR);
  • Act V of 2013 – on the Civil Code;
  • Act C of 2000 on Accounting;
  • Act LIII of 2017 on Preventing and Combating Money Laundering and Terrorist Financing;
  • Act CCXXXVII of 2013 on Credit Institutions and Financial Enterprises.

8. Physical Storage Locations of Data

Your Personal Data (i.e. data that can be associated with you personally) may be processed by us in the following ways: on the one hand, in connection with the maintenance of the internet connection, technical data relating to your computer, browser program, internet address and the pages you visit are automatically generated in our computer system, and on the other hand, you may also provide your name, contact details or other information if you wish to contact us personally when using the website.

Data to be technically captured during the operation of the system: the Data Subject’s computer data which are generated during the voting process and which are recorded by the DKP Visual Ltd. system as an automatic result of technical processes. The data that is automatically captured is automatically logged by the system at the time of entry or exit, without any specific declaration or action by the Data Subject. This data cannot be linked to other personal User data, except in cases required by law. The data is only accessible by the Donát Kékesi EV.

9. Data Transfer, Data processing, Scope of The Persons Familiar With The Data

When using the services of the websites, the Data Controller may use the following Data Processors:

As marketing software:

Name: Rocket Science Group
Seat: 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, United States
Web: https://mailchimp.com

As marketing software:

Name: SalesAutopilot Kft.
Seat: H-1089 Budapest, Golgota utca 3.
Web: https://ww.salesautopilot.hu/

10. Rights of The Data Subject and Means of Enforcement

The Data Subject may request information about the processing of their Personal Data, and may request the rectification, erasure, or withdrawal of their Personal Data, except for mandatory data processing, and may exercise their right to data portability and objection in the manner indicated when the data were recorded, or by contacting the Data Controller at the above contact details.

10.1 Right to information

Minta Kft. shall take appropriate measures to provide Data Subjects with all the information on the processing of Personal Data referred to in Articles 13 and 14 of the GDPR and all the information referred to in Articles 15 to 22 and 34 of the GDPR in a concise, transparent, intelligible, and easily accessible form, in a clear and plain language.

10.2 Right of access by Data Subject

The Data Subject shall have the right to obtain feedback from the Data Controller as to whether or not their Personal Data are being processed and, if such processing is taking place, the right to access the Personal Data and the following information: the purposes of the processing; the categories of Personal Data concerned; the recipients or categories of recipients to whom or with whom the Personal Data have been or will be disclosed, including in particular recipients in third countries or international organizations; the envisaged period of storage of the Personal Data; the right to rectification, erasure or restriction of processing and the right to objection; the right to lodge a complaint with a supervisory authority; information on the data sources; the fact of automated decision-making, including profiling, and clear information on the logic used and the significance of such processing and its likely consequences for the Data Subject. The Data Controller shall provide the information within a maximum of one month from the date of the request.

10.3 Right of rectification

The Data Subject may request the rectification of inaccurate Personal Data concerning them processed by Minta Kft. and the completion of incomplete data.

10.4 Right to erasure

The Data Subject shall have the right to have Personal Data concerning them erased by DKP Visual Ltd. without undue delay upon their request if one of the following grounds applies:

  • the Personal Data are no longer necessary for the purposes for which they were collected or otherwise processed;
  • the Data Subject withdraws the consent on which the processing is based and there is no other legal basis for the processing;
  • the Data Subject objects to the processing and there are no overriding legitimate grounds for the processing;
  • the Personal Data have been unlawfully processed;
  • the Personal Data must be erased in order to comply with a legal obligation under EU or Member State law to which the Data Controller is subject;
  • Personal Data are collected in connection with the provision of information society services.

The erasure of data may not be initiated if the processing is necessary: for the exercise of the right to freedom of expression and information; for compliance with an obligation under EU or Member State law to process Personal Data or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller; for public health purposes or for archiving, scientific or historical research purposes or statistical purposes in the public interest; or for the establishment, exercise or defense of legal claims.

10.5 Right to restriction of processing

At the request of the Data Subject, DKP Visual Ltd. will restrict the processing of data if one of the following conditions is met:

  • the Data Subject contests the accuracy of the Personal Data, in which case the restriction applies for the period of time necessary to allow the accuracy of the Personal Data to be verified;
  • the data processing is unlawful, and the Data Subject opposes the erasure of the data and requests instead the restriction of their use;
  • the Data Controller no longer needs the Personal Data for the purposes of processing, but the Data Subject requires them for the establishment, exercise or defense of legal claims; or
  • the Data Subject has objected to the processing; in this case, the restriction applies for the period until it is established whether the legitimate grounds of the Data Controller override those of the Data Subject.

Where processing is restricted, Personal Data, other than storage, may be processed only with the consent of the Data Subject or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or of an important public interest of the EU or of a Member State.

10.6 Right to data portability

The Data Subject has the right to receive Personal Data relating to them which they have provided to the Data Controller in a structured, commonly used, machine-readable format and to transmit such data to another Data Controller.

10.7 Right to objection

The Data Subject shall have the right to object at any time, on grounds relating to their particular situation, to processing of their Personal Data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller, or necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party, including profiling based on those provisions. In the event of an objection, the Data Controller may no longer process the Personal Data, unless there are compelling legitimate grounds for doing so which override the interests, rights, and freedoms of the Data Subject or for the establishment, exercise or defense of legal claims.

10.8 Automated decision-making in individual cases, including profiling

The Data Subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.

10.9 Right of withdrawal

The Data Subject has the right to withdraw their consent at any time.

10.10 Right to apply to the courts

The Data Subject may take the Data Controller to court if their rights are infringed. The court shall rule on the case out of turn.

10.11 Data Protection Authority procedure

You can lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information:

Name: Hungarian National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság)
Seat: H-1125 Budapest, Szilágyi Erzsébet fasor 22/C. Postal address: H-1530 Budapest, Post office box: 5.
Phone number: +3613911400
Fax: +3613911410
Email: ugyfelszolgalat@naih.hu
Web: https://www.naih.hu

11. Other provisions

Information about data processing not listed in this notice is provided at the time of recording.

We inform our clients that the court, the prosecutor, the investigating authority, the law enforcement authority, the administrative authority, the Hungarian National Authority for Data Protection and Freedom of Information, the Central Bank of Hungary (Magyar Nemzeti Bank), or other bodies authorized by law may contact the Data Controller to provide information, to disclose or transfer data, or to provide documents.

DKP Visual Ltd. will disclose Personal Data to public authorities only to and for the extent strictly necessary for the purpose of the request, provided that the public authority has indicated the exact purpose and scope of the data.