This Privacy Notice applies to all personal data you provide to us and also to all personal data which we collect about you, either about how you use our website (using “cookies”) or about your use patterns if you check our.
1. WHO WE ARE?
The (below defined) Website is owned and operated by Ákos Tallár (domiciled at: H-1147 Budapest, Öv utca 180.; born on 14 May 1993; hereinafter referred to as the Operator) who acts as data controller. It means Operator decides how your personal data is processed and for what purposes. For the purposes of these Privacy Notice: Website shall mean the akostallar.com and tallarakos.hu domains including any sub-domain thereof which shall also include the mobile websites.
2. HOW TO CONTACT US
2.1. Contact details of Operator
In respect of data protection related questions, to exercise your rights or file a complaint, please contact us by contact us by post at the Operator’s address or by Contacting us on the respective contact panel on the Website.
3. YOUR PERSONAL DATA – WHAT IS IT?
Personal data relates to a living individual who can clearly be identified from that data, in particular your name, address, phone number, email address. Identification can be made by the information alone or in conjunction with any other information otherwise in the data controller’s possession or likely to come into such possession.
4. HOW DO WE COLLECT PERSONAL DATA?
We collect your data on our website, via email and post.
5. WHY DO WE COLLECT PERSONAL DATA? (DATA PROCESSING PURPOSES)
We collect and use your personal data for the following purposes:
a) To communicate with you if you contact us via the contact form on the Website. For this purpose, we collect the following data: name and e-mail address.
b) To communicate with you to carry out visitor satisfaction survey for analytical purposes, for quality improvements, for service developments, to improve the performance of the Websit. For this purpose we collect the following data: name and contact details and historic use details.
c) To support administrative and legal purposes for example anti-fraud screening, for safety and security purposes. For this purpose, we collect the following data: IP address, geolocation data.
6.1. PROFILING
Profiling is any form of automated processing of your personal data, consisting of the use of personal data to evaluate certain personal aspects relating to you, in particular to analyse or predict aspects concerning personal preferences, interests, behaviour or your location/movements.
We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device’s IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.
For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.
7. LEGAL BASIS OF DATA PROCESSING
The legal basis of data processing activities indicated in point a) of Section 5 of this Privacy Notice lies in Subsection (a) Paragraph (1) of Article 5 and Subsection (a) Paragraph (2) of Article 5 of the Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (hereinafter the “Freedom of information Act”), i.e. based on your consent, and commencing from 25 May 2018 also Article 6 (1) (a) and Article 9 (2) (a) of the General Data Protection Regulation (Regulation No. 2016/679 of the European Parliament and of the Council) (“GDPR“), i.e. such processing activities will be based on your consent.
The legal basis of data processing activity indicated in point b)-c) of Section 5 of this Privacy Notice lies in Subsection (a) Paragraph (5) of Article 6 of the Freedom of Information Act, i.e. based on your consent, and commencing from 25 May 2018 also Article 6 (1) (f) of the GDPR, i.e. such processing activity will be based on Operator’s legitimate interest. If the legal basis is the legitimate interest of Operator, we will carefully consider your interests and fundamental rights and freedoms, and whether these override such legitimate interests (balancing test).
8. FOR HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We process your personal data for the time required consistent with the purposes set out in this Privacy Notice or for the period of limitation prescribed in the relevant laws.
We store correspondence data until the respective matter is completed (i.e. the communication between us is successfully completed, but in no case longer than 1 year).
We store internet search data collected concerning you for four days.
If a court or disciplinary procedure is initiated, then the personal data will be retained until the termination of the proceedings, including the duration of any possible remedy, which data thereafter, in the case of civil claims, will be deleted after the civil law statute of limitation runs.
In the case of other consent-based data processing, personal data will be processed until the consent is withdrawn.
9. FURTHER PROCESSING OF PERSONAL DATA
If we wish to use your personal data for a new purpose, not covered by this Privacy Notice, we will provide you with a new notice explaining all conditions relating to the new processing prior to the new processing takes place. If required, we will seek your consent before commencing the new data processing activity.
10. YOUR PERSONAL DATA PROTECTION RIGHTS
Pursuant to the applicable data protection law you may have the right:
- to request access to your personal data,
- to request rectification of your personal data,
- to request erasure of your personal data,
- to request restriction of processing of your personal data,
- to request data portability,
- to object to the processing of your personal data (including objection to profiling as well as other rights in connection with automated decision-making),
- to withdraw your consent, and to lodge a complaint with the supervisory authority.
10.1 Right to access
You may have the right to obtain from us confirmation as to whether or not personal data concerning you is processed, and, where that is the case, to request access to the personal data.
You may have the right to obtain a copy of the personal data undergoing processing. We may request additional information from you for identification or for further copies requested by you, we may charge a reasonable fee based on administrative costs
10.2. Right to rectification
You may have the right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal data completed, including by means of providing a supplementary statement. Your right to rectification is provided by us free of charge.
10.3. Right to erasure (right to be forgotten)
Under certain circumstances you may have the right to request from us the erasure of your personal data and we may be obliged to erase such personal data. In such cases we will not be able to further provide you with certain services or make contact.
10.4. Right to restrict processing
Under certain circumstances you may have the right to request from us the restriction of the processing your personal data. In this case the respective data will be marked and may only be processed by us for certain purposes.
10.5. Right to object and rights relating to automated decision-making
Under certain circumstances you may have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data, including profiling, by us and we can be required to no longer process your personal data.
Moreover, if your personal data is processed based on our legitimate interest, you have the right to object at any time to the processing of personal data concerning you for such purpose.
Furthermore, under certain circumstances in case of automated individual decision-making, you have the right to obtain human intervention.
We inform you that Operator does not apply an automated decision-making mechanism.
10.6. Right to data portability
Under certain circumstances you may have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format (i.e. in digital form) and you may have the right to request the transmission of that data to another entity without hindrance from us if such transmission is technically feasible.
10.7. Right to withdraw consent
When the processing of your personal data is based on your consent, you can withdraw your consent at any time without giving any reason to us, free of charge by way of email. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
10.8. Right to lodge a complaint with the supervisory authority
If you feel that your personal data rights have been breached, you can also contact and lodge a complaint with the local data protection authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.
You can also contact the Hungarian Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság, H-1125, Hungary, Budapest, Szilágyi Erzsébet fasor 22/C.; telephone: +36-1 391-1400; telefax: +36-1 391-1410).
11. HOW DO WE PROTECT YOUR PERSONAL DATA?
Operator complies with its obligations under the applicable data protection laws by
- keeping personal data up to date;
- storing and destroying it securely;
- not collecting or retaining excessive amounts of data;
- protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We take appropriate technical and organisational measures to ensure the protection of your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular but not limited to where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.
Operator, in line with this, among other things, applies different levels of access rights to the data, which ensures that only the appropriate authorised person has access to the data, whose knowledge of the data is necessary to fulfil his or her obligation arising out of or in connection with the performance of his or her job.
12. SHARING YOUR PERSONAL DATA
Operator, in the course of its operation, may utilise the services of various data processors and external service providers to handle and process your personal data for specific purposes, on behalf of and in accordance with the instructions of Operator.
The data processors shall process the personal data at most as long as the term of the data processing contract concluded with them is valid and in force, or until they are required to keep your data under the applicable data retention laws.
We may disclose your personal data to the following categories of third parties (recipients) for the purposes described below:
- third parties running customer surveys on our behalf;
- other third party service providers involved by us for data processing;
- third parties, such as law firms, courts, other bodies or service providers in order to enforce or apply any contract with you;
- government authorities or enforcement bodies such as the police and regulatory authorities, upon their request and only as required by the applicable law or to protect our rights or the safety of our visitors, staff and assets.
12.1. Data Processors
Operator engages certain third parties to provide assistance during the performance of the services bought from us. Such third parties provide the following services:
- provision of IT support services;
12.2. Government authorities and enforcement bodies:
We may transfer your personal data to government authorities or enforcement bodies such as the police and regulatory authorities, upon their request and only as required by applicable law; or to protect our rights or the safety of our visitors, staff and assets.
13. TRANSFERRING YOUR PERSONAL DATA TO THIRD COUNTRIES
The Operator will not transfer your personal data to any third country outside the European Economic Area.
14. COOKIES
When you use our website, cookies are stored by your browser on your device. Read more about the cookies used by Operator and how you can block them by clicking on the “Cookie Policy” icon on the Website. Please note that if you disable cookies our website may not function properly on your browser. Our aim is to ensure that our website offers visitors what they are looking for and provides them with the most relevant communication. In order to achieve this goal, we may store and use your data, building usage profiles for market research, for quality improvements of our website and our services, for service developments, to improve the performance of the website, to measure the success of our advertising campaigns or to tailor services to your needs.
The use of such data for the purposes described in the preceding sentence will be in pseudonymised form. That means we will replace your name and other features which may identify you with another identifier in order to make it impossible to identify you as a person and we will not bundle such usage profiles with other data we store about you.
You are entitled to object against the use of your data for building usage profiles as described above at any time.
We may also transfer your non-personally identifiable data such as, but not limited to, anonymous demographic information and online behaviour to our contracted partners (e.g. third party IT service providers) for the purpose of market research. “Non-personally identifiable data” in this respect means we modify your personal data so that the information concerning personal or material circumstances cannot be attributed to you or that such attribution would require a disproportionate amount of time, expense and effort. We store data sent by your browser and device to our website during the reservation process. No such data will be disclosed to third parties except in aggregate, non-personally identifiable forms.
15. CHANGES TO OUR PRIVACY NOTICE
If we change this Privacy Notice, we will publish the updated version of it on the Website.
17. THIRD PARTY WEBSITES
The Website may provide links to other websites for your convenience and information. Please be aware that these sites may be owned and run by other companies and organisations and have different security and privacy policies. Operator has no control over and takes no responsibility for any information, material, products or services contained on or accessible through those websites.
18. THIRD-PARTY LIABILITY
Operator is not responsible for third parties’ use of your data, where such use is permitted for their own purposes. In such cases that these third parties are also considered data controllers, please consult their privacy policies for further information.
This Privacy Policy is effective from 21 April 2020.