Future: Hungary Privacy Policy
Preamble
Data controller
Future Hungary Projects Nonprofit Kft, hereafter: Future: Hungary
Registered address: Wesselényi utca 17, 1077 Budapest, Hungary
Website: www.futurehungary.org
Email: management@futurehungary.org
Tax number: 27925315-2-42
How Future: Hungary works
Future: Hungary is a non-profit organisation with the mission of transforming brain-drain into brain-gain by creating unique opportunities and solutions that combine the power of ideas with valuable talent and human capital. The organisation’s flagship event - the Future: Hungary Conference - offers Hungarian companies the chance to meet Hungarian students from all over the world and connect with them through our services. These include interactive workshops, and online careers fair and online speed dating sessions.
This Privacy Policy, together with our terms of use for this website and our cookies policy, sets out how exactly we use and protect your personal information.
All information is used in compliance with Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (Hungary), and, as of 25 May 2018, with the General Data Protection Regulation (EU) 2016/679 (hereafter ‘GDPR’).
What principles do we follow in our data management?
Future: Hungary follows the following data management principles:
We treat personal information in a lawful, fair and transparent manner.
We treat and process personal data only for specific, clear and legitimate purposes. We also ensure that data are not treated in any way that is incompatible with the stated purposes, and that our data management activities are limited to what is strictly necessary for these purposes.
Future: Hungary shall take all reasonable steps to ensure that the data we manage are accurate and, where necessary, kept up to date, and that inaccurate personal data are deleted or corrected without delay.
We store your personal information in a form that permits us to identify you only for as long as is necessary to achieve the purposes for which your personal data have been collected.
We ensure that your personal data is adequately protected against unauthorised or unlawful handling, accidental loss, destruction or damage by applying appropriate technical and organisational measures.
Why does Future: Hungary handle your personal data?
Future: Hungary manages your information on the basis of your pre-informed and voluntary consent, only to the extent necessary and in all cases in a targeted manner.
In some cases, the collection of personal data is based on statutory requirements and is therefore mandatory, in which case we will draw your attention to this fact.
In some cases, your personal data may be of legitimate interest to Future: Hungary or to a third party, for example as regards the operation, development and security of our website.
What if you choose not to provide personal data?
You do not have any legal or contractual obligation to provide data to Future: Hungary (except where the collection of data is based on statutory requirements). However, if you choose not to provide the information in question, we may not be able to process your request or your application properly, or in some cases at all.
Definitions
Personal data: ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (Art. 4 GDPR)
Processing: ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (Art. 4 GDPR)
Data controller: ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law. (Art. 4 GDPR)
Data processor: ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. (Art. 4 GDPR)
Third party: ‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data. (Art. 4 GDPR)
Consent: ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. (Art. 4 GDPR)
Your rights
According to the law on data protection, you are entitled to:
Request access to your personal data,
Ask for the rectification, modification, portability or addition of any personal data we manage,
Object to the processing of your personal data and ask for the deletion or restriction thereof (except in the case of mandatory data management),
Appeal to a court,
Make a complaint to the Hungarian supervisory authority or initiate proceedings (see https://naih.hu/panaszuegyintezes-rendje.html).
The contact details of the Hungarian supervisory authority (hereafter ‘the Authority’) are as follows:
Nemzeti Adatvédelmi és Információszabadság Hatóság
Seat: Szilágyi Erzsébet fasor 22/c, 1125 Budapest, Hungary
Address: 1530 Budapest, Pf.: 5.
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
Email: ugyfelszolgalat@naih.hu
Website: https://naih.hu/
At your request, you are entitled to obtain the following information about your personal data:
The categories of personal data stored about you,
The source(s) of personal information,
The purposes of the collection, processing, use and storage of your personal data,
The envisaged period of storage for your personal data and the rationale for determining the storage period,
The recipients (name, address) or categories of recipients to whom your personal data has been or may be transmitted, along with the location of those recipients.
The circumstances and effects of data protection incidents and the measures taken to prevent any data protection incidents,
The legal basis and the addressee of the transfer of your personal data,
The use of any automated decision-making and/or profiling.
We will provide information in the shortest possible time, and no later than 1 month after the submission of the request. Information may only be denied in cases provided by law, in which case we will indicate the place of law, as well as the possibility of judicial remedy and access to the Authority. No administration fee will be charged for the assessment and execution of the request.
In the event of any rectification, blocking, marking and deletion of personal data, Future: Hungary will inform you and those parties to whom we have forwarded your personal data for data processing.
You may withdraw your consent for data management at any time.
If you object to the processing of your personal information, we will examine the objection within 1 month of the request and inform you of our decision in writing. If we have decided that your objection is well-founded, the management of the data in question will be terminated and the data will be blocked. Those parties to whom we have forwarded the personal data and who are affected by the data management termination will be notified.
If we are unable to comply with your request for rectification, blocking or cancellation, we will provide you with written reasons within one month and will inform you of the possibility of judicial review and referral to the Authority.
We will refuse to execute the request if we are able to prove that the data management is justified by compelling legitimate reasons that take precedence over your interests, rights and freedoms, or which are related to the submission, validation or protection of legal claims. If you do not agree with our decision, or if we fail to comply with the deadline, you may apply to the court within 30 days of the date of the decision or the last day of the deadline.
Judicial review of data protection law falls within the jurisdiction of the Authority and may be initiated by you before the court of your place of residence. A foreign citizen may also lodge a complaint with the competent supervisory authority of his/her place of residence.
Before contacting the Authority or the court with your complaint, you are kindly requested to consult Future: Hungary in order to resolve the problem amicably as soon as possible.
What are the main laws guiding our activities?
Regulation (EU) 2016/679 of the European Parliament and of the Council on the processing of personal data of natural persons (GDPR)
Act CXII of 2011 on Information Self-Determination and Freedom of Information - (Info tv.)
Act V of 2013 of the Civil Code (Civil Code)
Act CVIII of 2001 on certain aspects of electronic commerce and information society services (Eker tv.)
Act C of 2003 on Electronic Communications (Ehtv.)
Act CLV of 1997 – the Consumer Protection Act (Fogyv tv.)
Act CLXV 2013 on Complaints and Notifications of Public Interest (FAs)
Act XLVIII on the basic conditions and limits of economic advertising * (Grtv.)
Managed data
Future: Hungary manages data only if the purpose of doing so is defined and justified by law. Data is only stored for the timeframe specified in this Privacy Policy. If the assignment contract is terminated, any data related to the action will also be deleted.
In order to perform its educational activities, Future: Hungary relies on the following types of data processors for data management:
|
Name and purpose of action |
Legal basis |
Managed data |
Duration |
|
Website visits To ensure the proper operation of the website To verify and improve our services To identify malicious visitors to our website To measure web traffic For statistical purposes |
Legitimate interest of Future: Hungary (Art. 6 (f) GDPR) |
Visitor’s IP addresses Date and time of visit Details of the subpages visited The type of operating system and browser used |
12 months |
|
Student participation To provide conference and HR services to clients To maintain a database of contacts |
Voluntary consent (Art. 6 (a) GDPR) |
Name University and subjects CV Photo and/or video appearance, if applicable ( Note 1.) |
24 months |
|
Corporate partners To provide conference and HR services to clients To maintain a database of contacts |
Contract (Art. 6 (b) GDPR) |
Name Position in company Photo and/or video appearance, if applicable ( Note 1.) |
Duration of contract |
|
Speakers To provide conference and HR services to clients To maintain a database of contacts |
Voluntary consent (Art. 6 (a) GDPR) |
Name Personal photo Short bio Photo and/or video appearance, if applicable ( Note 1.) |
1 year |
Note 1.
All participants at the conference consent to photos and videos being taken of them during the event. These photos and videos may later be used by Future: Hungary for marketing purposes.
Should you require any additional information on data management, you may contact Future: Hungary by email or post, as indicated above, and we will respond to your request within 1 month.
Third party data transfers
Future: Hungary’s partners are devoted to our mission of bringing talented young Hungarians back to the country. As such, Future: Hungary might share your personal data with some of its current partners. The current partners are listed on the website of the conference. Please note that we only share your personal data with third parties if you have given explicit voluntary consent while signing up.
|
Third party |
Legal basis |
Scope of data |
Duration |
|
Corporate Partners To provide opportunities for interested students to find potential employers |
Voluntary consent (Art. 6 (a) GDPR) |
Name University and subjects CV |
12 months |
How we protect your data
Future: Hungary has taken all reasonably necessary steps to make sure that your data are treated securely and in accordance with this Privacy Policy.
Your personal information will not be retained by Future: Hungary for longer than is necessary to carry out the purposes for which it was originally collected, or for which it was processed further. Your data may only be transmitted within the limits set by law and, in the case of our data processors, based on contractual terms that have been designed to prevent your personal data from being used for purposes contrary to your consent.
Since all personal information is provided voluntarily by you during your interactions with Future: Hungary, we ask you to continuously monitor the authenticity, correctness and accuracy of your data. Incorrect, inaccurate or incomplete data may make it impossible for us to provide our contractual services.
If you provide personal information other than your own, we assume that you have the necessary authority or permission to do so.
In the case of misleading personal data, or if a visitor to our sites commits a crime or attacks Future: Hungary’s systems, the data of that visitor will be retained for the purpose of establishing civil liability or conducting criminal proceedings.
The contributors and employees of Future: Hungary who are involved in data management and/or data processing are only entitled to know your personal data to the extent that was previously established, subject to the obligation of confidentiality.
Your personal data will be protected by appropriate technical and other measures, and we will ensure the security, availability and protection of your data against unauthorised access, alteration, damage or disclosure, as well as any other unauthorised use.
In the framework of organisational measures, we control physical access to our facilities, train our employees continuously, and store paper-based documents with adequate protection measures in place. We use encryption, password protection and anti-virus software as part of our technical measures. However, no data transmission over the internet can ever be considered fully secure. While Future: Hungary will do its utmost to make its processes as secure as possible, we cannot take full responsibility for the transmission of data through our website. Once your data has been received by Future: Hungary, we will comply with all legal requirements to protect your data and prevent any unauthorised access.
Data storage and data management systems
Future: Hungary does not operate its own server and instead stores data on different cloud-based platforms. Future: Hungary’s internal policies ensure that only appropriately qualified employees have access to the data and that all access is on a ‘need-to-know’ basis, meaning that employees only have access to data that is strictly necessary for the performance of their tasks.
Future: Hungary may utilise the services of various data processors and external service providers to handle and process your personal data for specific purposes. The personal information collected from you may be transferred to, and stored at, a destination outside the European Economic Area (‘EEA’). It may also be processed by individuals operating outside the EEA who work for us or are working on our behalf. This includes staff engaged in, among other things, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing and processing of your data at a location outside the EEA.
Where we use an external service provider to act on our behalf, we will disclose only the personal information necessary to deliver the service and will have a contract in place that requires the provider to comply with Future: Hungary’s data protection and information security requirements. This information is processed in accordance with all applicable legislation and is disclosed to third parties only with your consent, or where Future: Hungary is under a statutory or legal obligation to disclose the data.
The court, the prosecutor’s office and other authorities (e.g. the police, the tax office or the National Data Protection and Freedom of Information Authority) may contact Future: Hungary for information, disclosure or access to documents. In these cases, we must fulfil our reporting obligations, but only to the extent strictly necessary to achieve the purpose of the request, and will inform you accordingly.
Future: Hungary uses the following systems to store and manage data:
Google (apps, mailing), Google LLC, Mountain View, California, USA
Hopin (online event solutions), Hopin Ltd, London, England,
Stripe (online payment), Stripe Payments Europe, Ltd., Dublin, Ireland
Mailerlite (newsletter), MailerLite UAB, Vilnius, Lithuania
The processing of data by these third parties may also be governed by their own privacy policies. Please review the privacy policies on the third party websites directly for more information about their data processing practices.
Our website may include links to other websites, not owned or managed by Future: Hungary. Whilst we try our best to only link to reputable websites, we cannot be held responsible for the privacy of data collected by sites not managed by Future: Hungary, nor can we accept responsibility or liability for those policies.
Cookies
We use cookies to ensure the efficient functioning of our website, and we capture and store IP addresses to provide you with a more personalised service.
What are cookies and how do we handle them?
Cookies are small text files that are downloaded to your browser when you visit our site. Most standard browsers (Chrome, Firefox, etc.) will accept and allow the download and use of cookies by default. However, you can refuse or disable cookies by changing your browser settings, and you can also delete the cookies already stored on your device. For more information on the use of cookies, see the ‘Help’ menu of each browser.
Some cookies do not require your prior consent. At the start of your first visit to our website, we will briefly inform you about the cookies we use. The same is true for cookies that do require your consent, in which case we will inform you accordingly and ask for your consent during your first visit to our website.
Future: Hungary does not use or allow cookies that enable third parties to collect data without your consent.
The acceptance of cookies is not mandatory, but if you disable them, you may have to manually adjust some preferences every time you visit our site and some services and functionalities may not work.
What cookies do we use?
|
Type |
Name |
Consent |
Description |
Purpose |
Duration |
|
System cookies |
__cfduid; wordpress_google _apps_login; wordpress_test _cookie |
Not required |
Web application firewall session cookie to prevent abuse of cross-references |
To ensure the functioning of the website |
End of browser session |
|
Analytical cookies |
_ga; _gid; _gat |
Required |
To enable Google Analytics to distinguish between users and sessions |
Analytics for statistical purposes |
Specified by third party |
|
Remarketing cookies |
_fbp; _fr |
Required |
To identify users during the operation of Facebook Pixel |
Facebook ads targeting |
Specified by third party |
For more information about these third party cookies, see https://www.google.com/policies/technologies/types/ and https://www.facebook.com/business/help/471978536642445, respectively.
You can find out more about how Google and Facebook manage your data here https://www.google.com/analytics/learn/privacy.html?hl=en_US and here https://developers.facebook.com/docs/facebook-pixel/implementation/gdpr/
Direct marketing and newsletter management
You may consent to your personal information being used for marketing purposes by making a statement at the time of registration or by modifying your personal data at a later date. Until the consent is withdrawn, we may process your data for the purpose of direct marketing and/or the sending of newsletters, and we may send you promotional and other mailings as well as newsletters (Section 6 of Grtv.).
Future: Hungary relies on the following types of registration:
|
Type of registration |
Legal basis |
Description and purpose |
Duration |
|
General newsletters for website visitors |
Voluntary consent (Art. 6 (a) GDPR) |
Signing up for our newsletter in order to receive the latest Future: Hungary news |
Duration of subscription |
Should you decide to cancel your registration, this will automatically be considered as withdrawal of your consent. Withdrawal of consent for the purposes of direct marketing and/or the sending of newsletters shall not be construed as withdrawal of the data management consent related to our website. All registrations are for a specific purpose, and registration on the website and signing up for the newsletter constitute two separate purposes, with two separate databases.
For technical reasons, it may take up to 15 working days for cancellations of individual registrations to become effective.
Disclosure
Future: Hungary reserves the right to change this Privacy Policy at any time. Information on modifications can be obtained on Future: Hungary’s updated website. Each time you visit our site, you should consult this Privacy Policy to verify that no changes have been made to any sections that are of importance to you. Where appropriate, we will notify you of any changes by email.