The scope of this Policy and who we are
We are International Property Network Inc. (hereinafter: “Company”, “We”), a digital media service provider. We organise conferences and other events, operate websites, send marketing materials and publish intermittent publications belonging to our portfolio. We are the controller in relation to the personal data processed in accordance with this Policy (except where this Policy provides otherwise). The aim of the present Policy is to explain how we collect, use, disclose and otherwise process personal data and to record the privacy principles we as data controller undertake to comply with.
International Property Network, Inc.
H- 1033, Budapest, Polgár Street 8-10.
dataprotection AT property-forum DOT eu
+36 20 235 8149
Unless otherwise stated, the present Policy does not apply to those services and data processing that are connected to the promotions, prize games, services, other campaigns and content published by third parties advertising or appearing on the websites listed below in the present Policy.
Unless otherwise stated, the present Policy does not apply to websites or the services and the data processing of service providers that are accessible by links embedded on the websites listed below in present Policy. In case of such services, the third party’s own data protection principles apply and the Data Controller is not liable for such data processing.
Database: the total data processed within one database.
Data processing: regardless of the method applied, any operation or sum of operations of personal data belong in this category, thus especially the collection, recording, organization, storage, alteration, use, query, forwarding, public disclosure, alignment, combination, blocking, deletion, destruction of personal data, or preventing the further use of data.
Data Controller: the entity, who, alone or in association with others, determines the purposes and means of data management.
As stated above, concerning the services mentioned in this Policy, the entity which qualifies as Data Controller is International Property Network Inc.
Personal Data or data: any data or information which makes a specific natural person – directly or indirectly – identifiable.
Data Processor: the provider that processes Personal Data on behalf of the Data Controller. Concerning the Services referenced in the present Policy, Data Processors are the entities listed in Section 6 of the present Policy.
Website(s): websites operated by the Data Controller (currently, www.property-forum.eu) and the social media platforms connected to the Websites.
Service(s): events organised by the Data Controller, online publications operated by the Data Controller, job opening posted by the Data Controller and all services provided by the Data Controller that are available on the Websites, at the events and in publications.
User: the natural person, who registers for the use of any of the Services provided by the Data Controller and provides their data listed in Section 3 of the present Policy.
Potential Employee: the natural person, who applies for a job opening posted by the Data Controller.
External Service Providers: third party service providers used by the Data Controller – directly or indirectly – for the organisation of events, the operation of websites and the provision of Services available through Websites and publications. Personal Data is forwarded or may be forwarded to External Service Providers and External Service Providers may forward Personal Data to the Data Controller. Service providers that have access to the Services’ websites and may collect data on Users which is, in itself or combined with other data, can be used to identify Users, also qualify as External Service Providers, even if they don’t have a relationship with the Data Controller.
Data Termination: the complete physical destruction of the media containing the data.
Data Forwarding: the data is made available to a specific third party.
Deletion of Data: making the data unrecognisable in a manner that their recovery in not possible.
Automatized Database: the set of data undergoing automatic processing.
Computer Processing: includes the following operations, if carried out partly or completely by automatized devices: the storage of data, the logical or arithmetical operations performed on the data, the alteration of the data, its deletion, retrieval and dissemination.
System: the total of technical solutions which operate the internet pages and services of the Data Controller and its partners.
The scope of Personal Data processed
We may collect and process your personal data in the following cases:
In case of Users:
If the User visits one of the Websites: the User’s IP address.
In case of using the Services through the Websites: name, address, place of residence, telephone number, e-mail address, content of the phone conversation between the User and the Data Controller (with the consent of the User).
If the User sends a message/reaches out to or calls the Data Controller: the User’s address, email address, telephone number and the time and date of the call.
Please note that if you do not share the data necessary for registering, you may not be able to create an account and we may not be able to comply with your request.
In case of speakers and participants of the events organized by the Data Controller:
Professional title, e-mail address, position, telephone number, secondary telephone number, name of the legal entity the speaker/participant is affiliated with, sectoral and activity interest, memberships that entitle the speaker/participant for discounts, professional CV of speakers.
Any other information the participant discloses to the Data Controller.
Please note that if you do not share the data necessary for participating at a conference or event, we may not be able to provide you the opportunity to take part in our events.
In case of contacts of contractual and business partners:
Name, telephone number and e-mail address of the legal or authorized representative and the point of contact of the parties in contract with the Data Controller.
If we do not have a point of contact of our contractual partners, we may not be able to exercise our contractual rights or fulfil our obligations.
In case of marketing campaigns:
If you decide to subscribe to our newsletters: e-mail address and any other contact information you share with us.
In case of our existing users, customers and partners: e-mail address, other type of contact information, the company they are affiliated with. If you are already our user, customer or partner, we make sure to only send you marketing materials that advertise products or services similar to what you have already acquired from us.
Otherwise, we only send B2B marketing e-mails to business e-mail addresses. In this case we specifically target companies and other organizations with materials regarding the real estate market. However, these e-mail addresses may include personal data e.g. a name or partial name of an employee within the targeted organization and therefore our B2B marketing involve the processing of some personal data.
If you do not subscribe to our newsletters, we may not be able to update you on our recent events, conferences, services or products that may be of interest to you.
In case you contact us via telephone, e-mail, post, in person:
Any contact information and free text that you choose to share with us.
Please note that if you do not leave any contact information, we may not be able to answer your inquiries and requests.
In case of potential Employees and visitors of our offices:
Please see Section 12 of this Policy.
Cookies and other tracking technologies
When you visit our Website, we place a small data package (called "cookie") on your computer with your consent. The purpose of the cookie is to ensure that the Website is displayed properly and operates on a high standard in order to increase user experience. However, you can delete the cookies and you may also set your browser to disable the application of cookies. By disabling the application of cookies, however, you must acknowledge that the webpage may not be fully functional.
Via cookies, we may collect the following personal data:
information related to personal interest, habits and preferences (based on browsing history),
the operating system and browser used by the User,
data of the websites that direct the User to our Websites and also the date of visits and time spent on our Websites.
Purposes and legal grounds of the data processing
We may process your personal data for one or more of the following purposes:
to contact you in relation to our business activities
identification of the User, contact with the User
identification of User privileges (Services available to the User)
provision of Services available through our Websites
display personalised content and advertisements
facilitation of the personalisation of advertisements and Services used by the Users, use of convenience functions
management and handling of unique User requests
compilation of statistics and analyses
to contact you for the purpose of solicitation of business, marketing (for example newsletter, eDM, etc.)
recruitment and selection of the Data Controller’s Potential Employees
technical development of the IT system
protection of your rights, answering your questions and inquiries
legal enforcement of our rights and legitimate interests
facilitation of the signing and settlement of contracts related to our business activities.
We may process your personal data based on one or more of the following legal bases:
In some cases, based on your consent (e.g. if you subscribe to our newsletters). If we share the data with any third-party we collected based on your consent, we make sure that your consent extends to this data sharing.
We process personal data as is necessary to perform our contracts with you (e.g. if you register on our Websites or use our Services and we have to deliver your orders).
We will process your personal data where necessary for the purposes of our legitimate interests (for example when operating our Websites, especially in order to screen for misuse or illegal content, facilitating our marketing/sales activities in a B2B manner). Where we rely on legitimate interest, we have carried out an appropriate legitimate interest assessment (“LIA”) to demonstrate that we have compelling legitimate grounds for the processing which override the fundamental rights and freedoms of the people whose personal data we process. The LIA is made available to you upon request.
Based on a legal obligation to which we are subject (for example our statutory accounting obligations).
If the data processing is necessary for the protection of your vital interests or those of another person.
If the data processing is necessary for the performance of a task carried out in the public interest, insofar as the processing has a basis in Union or Member State law.
By providing their e-mail address or Personal Data during registration, every User takes responsibility for ensuring that:
a./ the data and consent given are given by the User and are accurate,
b./ only they will use the Service based on the data provided.
Regarding this responsibility, all responsibilities regarding the entries made using a specified e-mail address and/or data are to be worn by the User who registered the e-mail address and data. If during registration the User has given the data of a third party for the use of the Service, the User is liable and the Company is entitled to seek damages from the User. In such case the Data Controller should provide all the help it can for the acting authorities with the aim of identifying the wrong-doer.
Please note that we may conduct research activities and create anonymous statistics (hereinafter referred to as Research Activities) using the data processed by us with the aim of further development of products, evaluation, improvement and extension of services. When conducting Research Activities, we may only use data in an anonymous way where unique Users cannot be identified. We are entitled to use the anonymous research results, created by Research Activities, for the development of services and the introduction of new services, for the sending of online and traditional advertisements and to sell anonymous research results to third parties.
Data disclosures and transfers to third countries
We may disclose your personal data to the following entities and with the following purposes:
With your specific consent, to the entities and for the purposes contained in your consent.
To courts and other competent authorities, required by law or based on their official decision.
To the following Data Processors, who help us in our data processing activities based on appropriate agreements concluded with them (our Data Processors may solely use the personal data we share with them based on our instructions and in order to fulfil their tasks specified in these agreements, after which they shall destroy all personal data shared with them):
Our online functions and thus all computer-based Data Processing are executed by Net Média Inc. (1033 Budapest, Polgár u. 8-10, C. r. no. 01-10-.044439).
For the sending of larger amounts of direct online inquiries we use Wanadis Kft. (1112 Budapest, Budaörsi út 153.).
For the sending of transaction newsletters we use the Postmarkapp service of Wildbit (225 Chestnut Street, Philadelphia, PA 19106.). Further information is available on the Data Processor’s website: https://postmarkapp.com/privacy-policy.
For keeping in touch with the participants of events organised by us, we use the Whova service of Whova Inc. (6540 Lusk Blvd. Suite C214, San Diego, CA 92121), which is entitled to access the following data: first name, last name, e-mail address, position, date and time of registration. The Data Processor only has access to the User’s Personal Data if the User specifically requests the use of this service and the User explicitly consents to sharing their Personal Data with the Data Processor.
For the sending of push notifications we use OneSignal (2194 Esperanca Avenue, Santa Clara, CA 95054), which, through the subscription banner placed on the Websites and based on the User’s consent, is entitled to access the following data: browser ID, IP address. Further information is available on the Data Processor’s website: https://onesignal.com/privacy_policy
The Data Controller’s servers are held in the server rooms of Magyar Telekom:
Address: 55 Krisztina Boulevard, 1013 Budapest
Company registration number: CG 01-10-041928
Magyar Posta Zrt.
Address: 2-6 Dunavirág Street, 1138 Budapest
Company registration number: CG 01-10-042463
For the recording and storage of our phone calls, we use Opennetworks Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság.
Address: 50-52 Fehérvári Road, 1117 Budapest
Company registration number: 01-09-723926
When conducting Research Activities we may use the services of additional Data Processors for processing, analysing and evaluating data. However, our Research Activities only include the processing of completely anonymized data. We may also disclose completely anonymized data for other purposes to third-parties.
In many cases we use External Service Providers for the provision of certain Services, who are usually separate or joint data controllers:
In the fields of web analytics and ad servers, our External Service Providers are entitled to access the User’s IP address. In addition, they ensure the personalisation and assessment of Services by using cookies in many cases and by using web beacons, clicktags and other click meters in some cases.
The cookies placed by these External Service Providers may be deleted by the User at any point and Users can also opt to disable the application of cookies in their browsers. The identification of a cookie placed by the External Service Provider may be done based on the domain connected to given cookie. It is not possible to disable web beacons, clicktags and other click meters.
Google Doubleclick for Publishers
In order to ensure payment services, our payment service providers are entitled to access Personal Data (such as name, bank card number, bank account number, etc.) and they process this data in line with their own data protection principles, on which further information is available on the website of each payment service provider.
Voxinfo Kft. (SMS payment)
In order to provide us with other services adding value to ours (e.g. by connecting the User’s private account to the Services with the User’s consent).
Facebook Ireland Inc.
Infogram Software Inc.
Twitter International Company
Viber Media LLC.
Yahoo! EMEA Ltd.
In certain cases, for example in case of official judicial or police inquiries, legal proceedings, copyright-, property- or other infringements, or potential harm to our interests, etc. or endangerment regarding the provision of the Services due to the well-founded suspicion of these, we shall make the available Personal Data of the concerned User accessible to third parties.
The Personal Data we process in relation to you may be transferred to a country outside the European Economic Area ("EEA") that may not be subject to equivalent data protection law. In these cases, we take all steps reasonably necessary to ensure that your rights are afforded appropriate safeguards and that your personal data is treated securely and in accordance with this Policy, for example relying on a recognized legal adequacy mechanism. This may include entering into Standard Contractual Clauses (“SCCs”) adopted by the European Commission. Following the Judgment of the Court of Justice of the European Union (“CJEU”) in Case C-311/18, we have reviewed our existing SCCs and also adopted additional measures to ensure maximum compliance with the new requirements regarding international data transfers arising out of the above Judgment of the CJEU.
The Data Controller shall not inspect the Personal Data provided. The person providing the data shall be exclusively responsible for the compliance of the data provided.The term of Data Processing
We only process your personal data for a period necessary for the purpose(s) for which they were collected:
In case of inquires sent via e-mail, we shall delete your e-mail address after 90 days of closing the issue referred to in the e-mail, except for unique cases where our legitimate interest justifies the further processing of the Personal Data.
We shall delete your Personal Data from our System if you unsubscribe from the Service - with the user name provided - or request the Deletion of Data.
The Personal Data of the participants of the events organised by us shall be processed until the end of given event, except for when the User consents to Data Processing with other purposes.
Personal Data shall be processed for marketing purposes and for the purpose of direct solicitation as long as the User does not request the deletion of their data.
In case of the use of illegal, misleading Personal Data or in case of crime or attack against the System committed by the User, we are entitled to immediately delete the data of the User at the same time of the termination of their registration, meanwhile - in case of suspicion of crime or suspicion of the violation of civil liability – we are entitled to preserve the data for the period of the procedure to be performed.
The Personal Data to be automatically, technically recorded during the operation of the System, shall be stored in the System from their creation until the end of the duration necessary for the System to operate. The Data Controller shall ensure that these automatically recorded data shall not be linked with other Personal Data - except in cases where it is made obligatory by the law.
Data subjects’ rights and how you can exercise them
You may submit the following requests in relation to your Personal Data that we process. Your rights and our obligations under applicable law may depend on the exact circumstances:
You are entitled to withdraw consent at any point but that does not affect the legality of the Data Processing taken place prior to the withdrawal.
You may ask us whether we process any Personal Data in relation to you and request access to the Personal Data we process about you.
You may request that incorrect Personal Data be rectified.
You may request that we erase any Personal Data concerning you. Please note that we might deny your request (i) to enforce the freedom of expression and the right of information, or (ii) if the management of the Personal Data is allowed by the law, or (iii) to present, validate or protect legal claims. If we deny your request, we inform you about the reason for refusal.
You may request the restriction of processing of your Personal Data.
You may request to receive your Personal Data in a structured, commonly used and machine-readable format and to transmit those data to another data controller.
You may object to processing.
You may submit any of the above requests by contacting us in written form, by a postal letter or by a registered mail with return receipt requested, or by an e-mail sent to dataprotection AT property-forum DOT eu. We endeavour to answer your request as soon as possible, but always within the statutory deadlines. Please note that we might need to ask you for some additional information to be able to identify you or verify your request and to comply with your request. For example, the request for access shall be considered authentic if the User is clearly identifiable based on the request sent. The request for access sent via e-mail shall only be considered authentic if it has been sent from the registered e-mail address of the User, but this shall not rule out that we may use a different method to identify the User before answering questions.
In addition to the above tools, subscriptions to our newsletters may be cancelled by using the unsubscribe link, which we display at the end of every newsletter we send. In case of a cancellation of a subscription we shall delete your Personal Data from the newsletter database.
If you have any concerns about your privacy, you have further options. Please see Section 14.
Children under the age of 16
Where our data processing is based on consent, the Personal Data of a natural person under the age of 16 shall only be processed with the consent given by the holder of parental responsibility over the child. Please note that we do not inspect the legitimacy of the consenting person and the content of the statement. The User and the person exercising parental responsibility shall be exclusively responsible for the compliance of the content. In the absence of consent we do not knowingly process and collect data of persons under the age of 16. If you become aware that personal data of a child under 16 were collected, please contact us immediately at dataprotection AT property-forum DOT eu.
The Data Controller undertakes to ensure the security of Personal Data, furthermore, shall take all technical and organizational measures and establish the rules of procedure which ensure for the collected, stored and processed Personal Data to be protected, i.e. prevents their termination, unauthorized use and unauthorized alteration. The Data Controller also commits itself to notify every third party to whom the Personal Data shall potentially be forwarded or transferred, to fulfil their obligations in this regard.
Automated decision-making, including profiling
Data processing concerning the Data Controller’s Potential Employees and visitors of the Data Controller’s premises
The legal basis of the Data Processing concerning the Potential Employees is our legitimate interests to verify professional eligibility, conduct interviews and make our selection process possible. The purpose of the Data Processing is the recruitment and selection of the Data Controller’s Potential Employees.
In this context, we process data contained in your CV and other documents necessary for the job application- We may store these data for no longer than 2 years after the fulfilment of the position in question. We are entitled to use the Personal Data provided by the Potential Employee in their CV and other documents necessary for the job application in future scenarios which could facilitate the Potential Employee’s employment by us or the establishment of other legal working relations with us if the we believe that the Potential Employee is a suitable candidate. In this scenario, the aim of processing Personal Data is to establish whether the Potential Employee is a suitable candidate and to make direct contact with the Potential Employee possible.
The Data Controller may install and operate CCTV cameras in its offices and premises with the aim of protection of property. Should this be the case, we will supplement our present Policy or prepare a separate policy for the data processing carried out via CCTV.
Options for legal enforcement
You are free to contact us regarding any privacy issue by writing an e-mail to dataprotection AT property-forum DOT eu or by calling +36 20 380 6749.
If you are from the European Economic Area (“EEA”) and have any complaint about how we use your Personal Data, you may contact the competent supervisory authority, in particular in the European Union member state of your habitual residence, place of work or place of the infringement of your rights took place. The list of competent supervisory authorities is available here: https://edpb.europa.eu/about-edpb/board/members_enIf in Hungary, you may directly turn to the Hungarian supervisory authority: National Data Protection and Freedom of Information Authority (H-1055 Budapest, Falk Miksa utca 9-11.; tel.: +36-1-391-1400; e-mail: email@example.com; website: www.naih.hu).
Also, you may bring a legal proceeding against us, as Data Controller before the courts of the EU member state of our establishment or your habitual residence, if you consider that your rights under the GDPR have been infringed. Upon your request we shall inform you about your options and means of remedies.
Budapest, June 2021
Sign up today for the latest news