International Property Network Zrt.
I. Objective of the policy
The aim of the present policy is to record the data protection and management principles applied by International Property Network Zrt. (8-10 Polgár St. Budapest 1033, hereinafter referred to as Company) and the data protection and management policy which the Company undertakes to comply with.
When formulating the present rules the Company has paid special attention to Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information ("Privacy act"), Act CXIX of 1995 on the Use of Name and Address Information Serving the Purposes of Research and Direct Marketing, Act VI of 1998 on the protection of individuals with regard to the computer processing of personal data, the agreement established in Strasbourg on the date of 28th January 1981 and Act XLVII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities and the provisions of the "ONLINE PRIVACY ALLIANCE".
The aim of the present Policy is to ensure that the rights and fundamental liberties, especially the right to privacy of each individual shall be respected while the computer processing of their personal data concerning every field of the services provided by the Company (data protection) at every location, without regard to the individual's nationality or residence.
The Data protection registration ID of the Company: [NAIH-60954/2012.]
II. Definition of terms
Personal data or data: the data relevant to the specific natural entity (hereinafter referred to as Concerned Party) and the conclusion regarding the Concerned Party, which is deductible from such information. The personal data shall retain this quality, as long as its connection to the Concerned Party may be restored;
Database: the total data processed within one database;
Data management: regardless of the method applied, any operation or sum of operations of personal data belong in this category, thus especially the collection, recording, organization, storage, alteration, use, query, forwarding, public disclosure, alignment, combination, blocking, deletion, destruction of personal data, or preventing the further use of data;
The Company's data management is carried out by the Company without the use of external data managers.
Data manager: the natural or legal entity, or company without a legal entity, who, alone or in association with others determines the aim of the management of data, makes decisions regarding data management (including the device used) and implements them, or has them performed by the data manager;
Data processing: The data management operations, the performance of technical tasks, regardless of the method and device used to carry out the operations, and the location of implementation, provided that the technical tasks are carried out on the data.
Data termination: The complete physical destruction of the media containing the data;
Data forwarding: The data is made available to a specific third party;
Publication: The data is made available to anyone;
Data processor: the natural or legal entity, or company without legal entity, who or which performs the processing of personal data by the order of the data manager;
Deletion of data: making the data unrecognizable in a manner that their recovery is not possible;
Automatized database: the set of data undergoing automatic processing;
Computer processing: includes the following operations, if carried out partly or completely by automatized devices: the storage of data, the logical or arithmetical operations performed on the data, the alteration of the data, its deletion, retrieval and dissemination.
System: the total of technical solutions which operate the internet pages and services of the data managers and their partners.
User: the natural entity, who registers for the use of any of the services provided by Net Media Plc. (portfolio.hu, penzcentrum.hu, agrarszektor.hu, resourceinfo.hu), and provides their data listed in section III within present framework.
III. The scope of personal data managed
3.1 The User may manage the following data based on their decision regarding the requested services provided by the Company: user name, password, first name, last name, birth name, mother's maiden name, address, place of residence, place and date of birth, type and number of personal identity card, e-mail address, occupation category, age, sex, commercial services, phone number, mailing address, markets considered interesting, duration of trading, position, conferences attended, dates of entries, name of contact person, invoice name, tax identification number, invoice address, payment account number, company name).
IV. The scope of additional data managed by the Company
4.1 In favor of customizable service, the Company places a small data package (called "cookie") on the computer of the User. The purpose of the cookie is to ensure for the page to operate on a standard as high as possible in order to increase user experience. The User is able to delete the cookie from their own computer, i.e. may set their browser to disable the application of cookies. By disabling the application of cookies, the User acknowledges that the operation of the webpage is not fully functional.
4.2 Data to be recorded during the operation of the systems: those data of the login computer of the User which generate during the use of the service and which are recorded by the system of the Data Manager as automatic results of technical processes. The data to be automatically recorded shall be recorded by the system during the login and logout of the User, without the specific declaration or act of the User. The data may only be accessed by the Data Manager.
V. Legal grounds, aim and method of Data management
5.1 The Data Management may take place based on the voluntary declaration of the Users of the Company based on proper information; which declaration shall contain the explicit consent of the Users regarding the personal data they disclosed during the use of the webpage and the data generated about them to be used by the Company. The legal basis of Data Management is the voluntary consent of the concerned Party according to section a) of paragraph (1) of Article 5 of the Privacy Act.
5.2 The purpose of the data to be automatically recorded is the provision of services accessible through the internet pages of the Company, the display of personalized content and advertisements, compilation of statistics, the technological development of the IT system and the protection of the rights of the Users. The data made accessible during the use of the service by the Users may be used by the Company to form user groups and display targeted content and / or advertisements for the groups on the webpages of the Company.
5.3 The Data Manager may not use the provided personal data for purposes different from those described in these sections. The disclosure of personal data to third parties or authorities - unless the law provides otherwise - is only possible based on an Authority Decision or with the prior, explicit consent of the User.
5.4 The Data Manager shall not inspect the Personal data provided. The person providing the data shall be exclusively responsible for the compliance of the data provided.
5.5 By providing their e-mail address, every User takes responsibility for ensuring that only they will use the service from the provided e-mail address. Regarding this responsibility, all responsibilities regarding the entries made using a specified e-mail address are to be worn by the User who registered the e-mail address.
VI. Principles of data management
6.1 Personal data may only be obtained and processed fairly and lawfully.
6.2 Personal data shall only be stored for specified and lawful purposes and shall not be used otherwise.
6.3 The Personal data shall be proportionate to the purpose of their storage; they have to comply with this objective and shall not be expanded beyond it.
6.4 The adequate security measures have to be taken in favor of the protection of the Personal data stored in the automatized data storages to prevent accidental or unauthorized destruction, accidental loss, unauthorized access, alteration or dissemination.
VII. Data protection principles applied by the Company
7.1 The Personal data essential for using the services provided by the Company may only be used by the Company based on the consent of the concerned Parties and only in a purpose-bound manner.
7.2 The Company as Data Manager agrees to manage the Personal data in their possession in accordance with the provisions of the Privacy Act and with the data protection principles laid down in present Policy, and shall not disclose them to third parties except the Data Managers specified in present Policy.
The use of the personal data which takes place in a statistically summarized form and shall not contain the name or any other data suitable for identification of the concerned User in any form, forms an exception from under the provision included in present section, thus shall neither qualify as Data Protection, nor as Data Forwarding.
7.3 The Company in certain cases - official judicial or police inquiries, legal proceedings, copyright- , property- or other infringements, or harm to the interests of the Company, etc. or endangerment regarding the provision of their services due to the well-founded suspicion of these - shall make the available Personal data of the concerned User accessible to third parties.
7.4 The system of the Company may collect data about the activity of the Users which shall not be connected with other data provided by the Users upon registration or with data generated upon using other webpages or services.
7.5 The User shall be informed about the purpose of Data Management ad about the persons who will manage and process the data. The information about the Data Management shall be provided by the fact that the legislation provides about the Data Management already in existence - and Personal data recording by forwarding or linking.
7.6 In every case when the Company intends to use the data provided for a purpose different from the purpose of the original data recording , shall notify the User and shall acquire their prior, explicit written consent and provides the User with the option to forbid the use of the data.
7.7 The Company as Data Manager shall comply with the limitations laid down the legislations during collecting, recording and managing the data.
7.8 The Company undertakes to ensure the security of Personal data, furthermore, shall take all technical and organizational measures and establish the rules of procedure which ensure for the collected, stored i.e. managed Personal data to be protected, i.e. prevents their termination, unauthorized use and unauthorized alteration. They also commit themselves to notify every third Party to whom the Personal data shall potentially be forwarded or transferred by them, to fulfill their obligations in this regard.
7.9 The Data Manager shall block the Personal data if requested by the concerned Party or if it can be assumed based on the available information that the deletion would violate the legal interests of the concerned Party. The Personal data blocked in this manner may only be managed until the data management purpose excluding the deletion of the data, persists.
7.10 The concerned User and everyone to whom the data has been forwarded earlier for the purpose of Data Management, has to be notified about the correction, blocking or deletion of the managed Personal data. The notification can be omitted if it does not violate the legitimate interests of the concerned Party regarding the purpose of Data Management.
VIII. The term of Data management
8.1 The management of the Personal data provided by the User shall persist until the User unsubscribes from the service - with the user name provided - and at the same time, requests the deletion of data. The date of deletion is 10 working days after the receipt of the User's request for deletion. In this case, the data shall be deleted at every Data Manager specified in present Policy.
In case of the use of illegal, misleading Personal data or in case of crime or attack against the system committed by the User, the Data Manager is entitled to immediately delete the data of the User at the same time of the termination of their registration, meanwhile - in case of suspicion of crime or suspicion of the violation of civil liability - is entitled to preserve the data for the period of the procedure to be performed.
8.2 The Personal data provided by the User - even in cases where the User does not unsubscribe from the service or upon deleting their registration, they only terminated the option of entry, the stored comments and uploaded contents shall persist - can be managed by the Data Manager until the User explicitly asks for the termination of the management of the data in writing. The request of the User regarding the termination of Data Management without unsubscribing from the service does not affect their rights regarding the use of the service; however, it may occur that due to the absence of Personal data, they may not utilize certain services. The deletion of data shall take place within 10 working days from the receipt of the regarding request.
8.3 The Personal data to be automatically, technically recorded during the operation of the system, shall be stored in the system from their creation until the end of the duration necessary for the system to operate. The Company shall ensure that these automatically recorded data shall not be linked with other personal data - except in cases where it is made obligatory by the law. If the User terminated their consent regarding the management of their Personal data or had unsubscribed from the service, their person - excluding investigative services and their experts - will not be identifiable.
IX. Disposal of personal data
9.1 Changes is personal data may be submitted or modified at the settings of access control systems of Net Media Plc. and the profile pages relevant to each service. The deletion of Personal data is also possible here.
9.2 The newsletter of the Company may be unsubscribed from using the subscribe link.
9.3 After the fulfillment of request for the deletion or modification, the previous (deleted) data can no longer be recovered.
9.4 The Users may request information about the management of their Personal data from both the Company and the Data Manager in a written form, by a registered letter or by a registered mail with return receipt requested, i.e. by an e-mail sent to the address "email@example.com". The request for information shall be considered authentic by the Company if the User is clearly identifiable based on the request sent. The request for information sent via e-mail shall only be considered authentic by the Data Manager if it has been sent from the registered e-mail address of the User. The request for information may include the data of the User managed by the Data Manager, their sources, the purpose of Data Management, its legal basis, its duration, the names and addresses of the relevant Data Managers, the activities related to Data Management and furthermore, in case of the forwarding of Personal data, the past or future recipients of the data of the User and the purpose of the receipt.
9.5 The Data Manager shall answer questions in connection with data management within 15 business days from receipt. In case of e-mails the date of receipt is the first business day after the e-mail has been sent.
X. Data processing
10.1 The Company does not use external data processors. The Company processes the data managed by them if needed.
XI. External service providers
11.1 The Company may cooperate with other service providers that make registration and login ease regarding the use of their services, (e.g. Facebook Inc., Google Inc., hereinafter referred to as "External service provider"). In the systems of the External service providers the external service providers' own data protection principles apply.
11.3 The Company may forward specific Personal data entered by the User to External service providers in connection with the operation of the service, but the External service provider may only use the transmitted data for purposes determined in the present Policy.
XII. Possibility of data forwarding
12.1 The Company, as Data manager is eligible and obliged to forward any available dully stored Personal data to the competent authority, to which data forwarding they are bound by legislation or effective administrative obligation. In case of such data forwarding and concerning its consequences the Data manager shall not be liable.
12.3 The Company shall keep records in order to verify the lawfulness of Data forwarding, and to inform the Concerned party.
XIV. Options for legal enforcement
14.1 The User may practice their options for legal enforcement based on the Privacy act, and Act IV of 1959 (Civil Code) in court and may request the help of the National Data Protection and Freedom of Information Authority regarding any issues related to Personal data. (22/C Szilágyi Erzsébet alley Budapest 1125; mailing address: P.o. box 5 Budapest 1530)
14.2 Regarding any questions, or comments in connection with data management, you may contact our Data manager colleagues at the e-mail address: firstname.lastname@example.org