The purpose of this Privacy Statement is to set out the principles and rules governing the processing of personal data and other data provided by users of the https://www.inwave.hu/ site in the course of using the site and managed by the website operators (InWave Kft.).
I) Personal data may only be processed for a specific purpose, for the exercise of a right and for the fulfillment of an obligation. At all stages of data management, the purpose of data management must be appropriate, and the recording and processing of data must be fair and lawful.
II) Only personal data that is necessary for the fulfillment of the purpose of the data management and suitable for the purpose may be processed. Personal data may be processed only to the extent and for the time necessary to achieve the purpose.
III) Personal data will retain this quality during data management until the relationship with the data subject can be restored. The data subject can be restored if the controller has the technical conditions necessary for the restoration.
IV) Data processing must ensure the accuracy, completeness and, where necessary for the purposes of data processing, the up to date state of the data and that the data subject can be identified only for the time necessary for the purposes of the data processing.
I. GENERAL PROVISIONS
Data Controller Name: InWave Service Provider Limited Company (“Data Controller”)
Address of the data controller: 2096 Üröm, Völgyliget sétány 31/A
Contact details of the controller: email: firstname.lastname@example.org
Tel: +36 (30) 381 61 80
Legal basis for data management: Article 1/A, paragraph 5 of Act CXII of 2011 on Information Self-Determination and Freedom of Information, the consent of the data subject. Subject to data processing: every data subjects sending a message through the website’s contact form. Consent to Data Management: By completing and submitting a contact form, Users explicitly consent to the processing of their personal data by the Data Controller as described in this Notice. Purpose of data management: contact. Method of data management: manual data processing.
2. SCOPE OF PERSONAL DATA PROCESSED:
When submitting a User Voluntary Data Submission, you may provide the following information (on a voluntary basis, but required for use of the Service) to use the Contact Form at https://www.inwave.hu/:
|Data||Purpose||Legal basis||Retention time|
|Name||contact, identification||consent||until revocation|
|E-mail address||contact||consent||until revocation|
|Telephone number (optional)||contact by phone||consent||until revocation|
3. PERSONNEL OF THE DATA PROCESSORS (TECHNICAL TASKS CONCERNING DATA PROCESSING OPERATIONS):
InWave Kft. (2096 Üröm, Völgyliget sétány 31/A)
Tax number: 27076631-2-13
4. DURATION OF THE DATA PROCESSING:
The data provided will be processed by the Data Controller for an indefinite period of time or until the data subject’s consent is withdrawn.
5. TRANSMISSION OF DATA TO FOREIGN COUNTRIES:
No data transfer.
6. RIGHTS OF STAKEHOLDERS:
The data subject may apply to the Data Controller
- a) information on the processing of their personal data,
- b) rectification of their personal data; and
- c) the deletion or blocking of their personal data, except for the mandatory data processing.
At the request of the data subject, the Data Controller shall provide information on the data controled by the Data Controller or on data processed by the Data Controller, or a Data Processor commisioned by the Data Controller, their source, purpose, legal basis, duration, name and address and processing activities of the processor, the circumstances of the data protection incident, its effects and the measures taken to rectify it, and, in the case of the transfer of personal data of the data subject, the legal basis and the recipient of the data transfer.
The Data Controller, where it has an internal data protection officer, shall keep records, through the internal data protection officer, for the purpose of monitoring and informing the data subject of the data protection incident, including the personal data concerned, and their number, the date of the data protection incident, its circumstances and effects, and the measures taken to remedy it, as well as any other information specified in the data protection law.
The Data Controller shall provide the information in writing, at the request of the data subject, in a comprehensible form, within the shortest possible time, but not more than 25 days from the submission of the request.
The information shall be provided free of charge if the person requesting the information has not yet submitted a request for information to the Data Controller concerning the same data set in the current year. In other cases, the Data Controller may charge a fee.
The Controller will delete your personal data if
- i) its management is unlawful;
- ii) at the request of the person concerned;
- iii) its incomplete or erroneous, which cannot be legally remedied, unless cancellation is excluded by law;
- iv) the purpose of the data processing has ceased to exist or the statutory period for storing the data has expired;
- v) ordered by a court or the Authority.
Rectification, blocking, marking and deletion shall be notified to the data subject and to those to whom data have previously been transmitted for data management purposes. Notification may be dispensed with if this is not contrary to the legitimate interests of the data subject, having regard to the purpose of the processing.
If the Data Controller does not comply with the request for rectification, blocking or deletion of the data subject, the factual and legal grounds for refusing the request for rectification, blocking or deletion shall be communicated in writing or with the consent of the data subject within 30 days of receipt. In the event of a refusing the request for rectification, erasure or blocking, the Data Controller shall inform the data subject of the possibility of a judicial remedy and of recourse to the Authority.
7. OBJECTION AGAINST PROCESSING OF PERSONAL DATA:
The data subject may object to the processing of their personal data,
- a) if the processing or transmission of personal data is necessary for the sole purpose of fulfilling a legal obligation to which the Data Controller is subject, or for the fulfillment of a legitimate interest of the Data Controller, the Recipient or a third party, unless in the case of mandatory data management;
- b) if the personal data are used or transmitted for the purpose of direct marketing, opinion polling or scientific research; as well as
- c) in other cases specified by law.
The Data Controller shall investigate the objection as soon as possible after filing the application, but within 15 days at the latest, and shall inform the applicant in writing of its decision.
If the Data Controller determines that the objection of the data subject is well founded, it shall terminate the data processing and block the data, including further data collection and transfer, and shall inform the persons to whom the personal data of the subject of the objection have previously been transmitted, and who are required to take action to enforce the right of protest.
If the data subject does not agree with the decision of the Data Controller or if the Data Controller fails to comply with the above deadline, the data subject may – within 30 days from the communication of the decision or the last day of the deadline – go to court.
If the data subject objects to the processing of the personal data of him/her or data subject seek legal redress, or if a third party requests to disclose data without the consent of the data subject, Data Controller may disclose the personal data to legal representatives appointed by the Data Controller in order to review the legality of the transfer of the requested data to the third party.
8. LEGAL REMEDIES:
Dear Users, If you feel that the Data Controller has violated your personal data protection rights, please contact us so that we can rectify any such breach.
We also inform Users that the data subject may take legal action against the Data Controller in case of violation of his / her rights. The court will deal with the matter out of turn. The trial court shall have jurisdiction over the case. Proceedings may also be brought before the courts of the place where the data controller is domiciled or, at the option of the data subject, of the place of residence or place of stay of the data subject. A person who does not otherwise have legal capacity may also be a party to a lawsuit.
If the Data Controller causes damage to another through the unauthorized processing of the data of the data subject or the violation of the data security requirements, he or she shall be liable for the damage. If the Data Controller violates the data subject’s privacy by unlawful processing of the data of the data subject or violation of the data security requirements, the data subject may claim damages from the Data Controller. The Data Controller shall be exempt from liability for damages and payment of damages if he proves that the damage or the violation of the privacy of the data subject was caused by an unavoidable cause outside the scope of the data management. There is no need to compensate for the damage or to claim damages to the extent that the damage was caused by the injured party or by a violation of privacy caused by the intentional or grossly negligent conduct of the data subject.
9. PROCEDURE OF THE AUTHORITY:
The person concerned may complain to and can also request information from the Authority:
Name: National Data Protection and Information Authority
Headquarters: 1125 Budapest Szilágyi Erzsébet fasor 22 / c.
Postal address: 1530 Budapest, Pf .: 5.
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
II. DETAILED DATA MANAGEMENT PROVISIONS
1. HANDLING OF COOKIES:
When you read inwave.hu, this may include using cookies or similar technologies to identify your browser or device. A cookie is a small file that is placed on your computer when you visit a website. When you visit that site again, the cookie will allow the site to recognize your browser. Cookies may store user preferences and other information. Other platforms, where cookies are unavailable or cannot be used, also use other technologies with a purpose similar to cookies, such as the ad ID on Android mobile devices. You can reset your browser settings to reject all cookies or to indicate when a cookie is being sent. However, some website features or services may not work properly without cookies.