NOTICE ON DATA PROTECTION - Dr. Tibor Firtkó

On the basis of Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC ("GDPR") .

Introduction, background

This Notice has been prepared and issued by dr. Tibor Firtkó attorney-at-law („Data Controller”) in order to provide data subjects with adequate information about the processing of their data and their rights in relation to the processing of their data pursuant to Article 13 of the GDPR in relation to the processing of the data detailed below.

The Data Controller shall process the personal data that have come to its knowledge in accordance with the applicable legal provisions, in particular the provisions of the GDPR, Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information ("the Information Act").

THE NAME AND CONTACT DETAILS OF THE CONTROLLER AND ITS REPRESENTATIVe

Pursuant to Article 4. (7) of the GDPR, in relation to the processing in question, the Data Controller's data are:

Dr. Tibor Firtkó, individual lawyer

  • Postal address: HU 1088 Budapest, Krúdy utca 4.

  • E-mail address: firtko@drfirtko.hu

  • Website address: www.drfirtko.hu

  • Name of representative: dr. Tibor Firtkó

  • Contact details of the representative: + 36706144352

Tárhelyszolgáltató:

Name: Rackforest Kft.

Address: HU 1132 Budapest, Victor Hugo u. 18-22.

Tax number: 14671858-2-41

Contact: +36 70 881 4184

NAME AND CONTACT DETAILS OF THE DATA PROTECTION OFFICER

dr. Tibor Firtkó lawyer

THE SCOPE OF THE DATA PROCESSED, THE PURPOSE OF THE PROCESSING, THE LEGAL BASIS AND THE SOURCE OF THE DATA

The Controller processes personal data of data subjects ("Personal Data") in relation to the processing covered by this Notice for the following purposes and on the following legal basis:

#

Data processing operation

Purpose of Data processing

Scope of data processed

Legal basis

Source of data

1.

Collection and processing of data necessary for the maintenance of the relationship and the performance of the transaction between the parties.

The purpose of personal data processing is to provide legal advice to the data subject. In particular, it is necessary to ensure effective communication between the controller and the (prospective) partner, to carry out the negotiations related to the transaction, which is an essential part of the provision of legal advice, and any modification thereof.

The Data Controller processes only the personal data of the data subject which are necessary for the purposes of contacting and providing legal advice on the matter and which are provided by the data subject, such as the name, telephone number and e-mail address of the data subject and the most necessary personal data relating to the case (facts).

The legal basis for the processing is Article 6(1)(b) of the GDPR, i.e. the performance of a "contract" between the parties or the taking of steps by the Data Controller at the request of the data subject prior to the conclusion of a transaction between the Data Controller and the data subject.

Personal data can only be obtained from the data subject.

 

2.

Data stored in cookies for the convenience of users.

Making the website more convenient for users.

the language of the previous session; data for automatic login; the last articles viewed by users; the appearance of the page; other data for the convenience of users.

The legal basis for processing is Article 6(1)(a) of the GDPR, i.e. the data subject's consent.

Personal data is generated solely from the use of the website.

3.

The messaging function works according to a simple mailing system, i.e. it sends an e-mail to the e-mail address provided by the website owner (Dr. Tibor Firtkó).

The data entered here (email address, name, content of the letter) will be sent to the website owner's email inbox.

Copies of this data are also stored in the technical mailbox of the data controller, which is created for this purpose and deleted by the data controller on a monthly basis.

The purpose of personal data processing is to provide legal advice to the data subject. In particular, it is necessary to ensure effective communication between the controller and the (prospective) partner, to carry out the negotiations related to the transaction, which is an essential part of the provision of legal advice, and any modification thereof.

email address,

name,

content of the letter.

The legal basis for processing is Article 6(1)(a) of the GDPR, i.e. the data subject's consent.

Personal data may only be obtained from the data subject.

 

4.

Statistically based data managed by or registered with services that process statistical data (Facebook Pixel, Google Analytics, etc.) may be stored by data controllers, using a tracking code embedded in the source code of the website.

Statistical targets

Statistical data processed by Facebook Pixel, Google Analytics, etc

Legal basis for processing: article 6(1)(a) of the GDPR, i.e. the data subject's consent.

Personal data is generated solely from the use of the website.

5.

Full name, e-mail address, telephone number, postal address and other personal messages are stored in order to respond to comments and complaints.

Complaints handling

full name,

e-mail address,

phone number,

mailing address,

and other personal messages

Legal basis for processing: article 6(1)(c) GDPR, i.e. processing is necessary for compliance with a legal obligation to which the controller is subject.

Personal data can only be obtained from the data subject.

TECHNICAL CONCEPTS

  1. hosting provider: the data provided by the Users are stored on the data provided by the Users is stored on a server operated by the hosting provider. The data may be accessed by the staff operating the server, but they are also responsible for the secure handling of the data.

  2. IP address (Internet Protocol address) is a unique network identifier. Computers using the Internet provide their IP address when they access a website, which can be used to identify the location and owner of the computer (User). In practice, a significant number of computers regularly receive a new IP address from their Internet Service Provider (ISP), so identification is only possible with the cooperation of the ISP, who can only provide the information in response to a police request and in other well-defined cases. However, IP addresses are considered personal data in many countries, including Hungary.

  3. cookie: a cookie is a packet of information consisting of letters and numbers that the website sends to the Users' browser in order to save certain settings, facilitate the use of the website and help to collect some relevant statistical information about the Visitors. These are saved by the User's Internet browser and stored on the User's computer.

  4. session cookies - session cookie. The purpose of these cookies is to enable Users to browse the website, use its functions and services fully and smoothly. This type of cookie is valid until the end of the session (browsing) and is automatically deleted from the computer or other browsing device when the browser is closed.

  5. session id: this is a random code, which is stored on the server or on the user's computer (session cookie), and is used to technically identify the User's session. In the absence of any other accompanying data, it is no longer able to identify the User after the current session.

DATA PROCESSING PRINCIPLES

  1. The processing of data is carried out exclusively for specified purposes, for the exercise of rights and the performance of obligations. The processing of data is carried out for a clear purpose for all data subjects and the data are kept only for the period required by law.

  2. The controller declares that it will use its best endeavours to comply with the legal requirements for the processing of personal data. It further declares that it processes personal data lawfully, fairly and as necessary and in a transparent manner for the data subject. Only personal data that is necessary for the purposes for which it is processed will be processed. The processing of personal data is only carried out to the extent necessary to achieve the purpose. In all cases where the Data Controller intends to use the data provided for purposes other than those for which they were originally intended, the Data Controller shall inform the User in advance and obtain his/her consent and shall give him/her the opportunity to object to the use of his/her data.

  3. The Data Controller declares that it will treat the personal data confidentially and will take all security, technical and organisational measures to the best of its knowledge to ensure the safe handling and complete security of the data throughout the entire period of Data Processing.

  4. Unless otherwise stated, this Policy does not cover services and data processing related to promotions, sweepstakes, services, other campaigns and content published by third parties other than the owner of the website or the Data Controller service provider, advertising or otherwise appearing on the websites in this Policy. In the absence of similar information to the contrary, the scope of this Policy does not extend to the services and data processing of websites, service providers to which there is a link on the websites covered by this Policy. Such services shall be governed by the provisions of the third party service provider's Privacy Policy and the Data Controller shall not be liable for any such processing. The Data Controller shall not be liable for the content published on the websites, for the personal data processed in connection therewith, for the processing of which the owner or administrator of the website is solely responsible.

RECIPIENTS OF THE DATA, CATEGORIES OF RECIPIENTS

The personal data indicated in point 4 of the Notice may be disclosed to lawyers providing legal advice on behalf of the Data Controller who have expertise relevant to the case in question.

  1. Data Processors:

Data subjects are informed that, at the time of issuing this notice, the Data Controller does not employ a data processor for the processing of the personal data in question, but the scope of the data processor may change. The current list of data processors will be available on the Controller's website.

The Controller may transfer the personal data concerned to the following third parties:

  • public authorities (e.g. local authorities, police, consumer protection authorities, tax authorities, MEKH, building authorities, etc.)

  • courts

  • public prosecutors' offices

DATA SECURITY MEASURES

Access to electronically stored data and documents is limited to the competent lawyers and the lawyers in charge of the case, who may be involved, in order to provide legal advice (access rights system). Access rights are granted in a controlled and logged manner. The access rights granted are reviewed at regular intervals.

TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION/EEA OR TO AN INTERNATIONAL ORGANISATION

No data will be transferred outside the European Union/European Economic Area or to an international organisation.

DURATION OF DATA PROCESSING

The Data Controller shall keep the Personal Data for the purpose of the processing pursuant to point 4, but no later than:

In case of processing based on a contract:

  • Until the enforcement of claims relating to the Legal Relationship;

  • For the purposes of the Contract: until the claims relating to the Legal Relationship cease to be enforceable.

After the expiry of the period specified above, the Controller shall, for technical reasons, delete the Personal Data within 25 days at the latest

AFFECTED RIGHTS

In relation to the processing of Personal Data as set out in this Notice, we grant the data subject the following rights:

  • Right of access;

  • Right to information;

  • Right to rectification;

  • Right to cancellation;

  • Right to restriction of processing;

  • Right to data portability;

Some of the rights of data subjects are detailed below:

Right of access and information

At the request of the data subject, the Data Controller shall provide information on whether the processing of his or her data is ongoing. If so, the Data Controller shall, in addition to providing access, inform the data subject of the categories of data processed, the purposes of the processing, the recipients or categories of recipients of the processing, the duration of the storage of the data or the criteria for determining the duration, the exercise of the rights of the data subject, the right to lodge a complaint with the National Authority for Data Protection and Freedom of Information (NAIH), the source of the data and the fact of automated decision-making, including profiling. In the event of a transfer of data outside the European Union or the European Economic Area, the data subject will also be informed of the appropriate safeguards provided in relation to the transfer.

Right to rectification

The data subject shall have the right to request the Controller to correct his/her data in case of inaccuracy.

If the Personal Data processed by the Data Controller needs to be rectified, the data subject may request the rectification of the data in writing (by post or e-mail), indicating the correct data.

The data subject shall notify the Controller in writing (by post or e-mail) of any change in any Personal Data processed by the Controller without undue delay, but no later than 5 days after the change. The defaulting data subject shall be liable for any damage suffered by the Controller as a result of the failure to give or delay in giving such notification.

Right to cancellation

The data subject shall have the right to obtain from the Data Controller the erasure of personal data relating to him or her without undue delay and the Data Controller shall be obliged to erase personal data relating to him or her without undue delay in the following cases:

  • the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;

  • the data subject withdraws the consent on which the processing is based and there is no other legal basis for the processing;

In the event that the Controller has disclosed the Personal Data, i.e. transferred them to third parties, the Controller shall, in the event of the exercise of the data subject's right to erasure, take reasonable steps to inform the other controllers to whom the Personal Data have been transferred that the data subject has requested them to delete the links to or copies or replicas of the Personal Data in question.

Right to restriction of processing

The data subject shall have the right to obtain from the controller, at his or her request, the restriction of processing if

  • the data subject contests the accuracy of the personal data;

  • the processing is unlawful;

  • the data controller no longer needs the personal data for the purposes of the processing, but the data subject requires them for the establishment, exercise or defence of legal claims;

  • the data subject has objected to the processing.

Right to data portability

The data subject shall have the right to receive the personal data concerning him or her which he or she has provided to the Controller in a structured, commonly used, machine-readable format and the right to transmit such data to another controller without hindrance from the Controller, if:

  • the processing is based on consent; and

  • the processing is carried out by automated means.

In exercising the rights listed above, the data subject shall have the right to contact the Controller at the following address

  • Tibor Firtkó, lawyer (postal address: 1088 Budapest, Krúdy u. 4. IV. floor 23.), or at the following address

The Data Controller shall provide information on the measures taken in response to the request in writing and in an intelligible form without undue delay, but not later than 1 month from the date of the reque

THE RIGHT TO APPLY TO THE DATA PROTECTION SUPERVISORY AUTHORITY, THE COURTS

Data subjects have the right to lodge a complaint with the National Authority for Data Protection and Freedom of Information (NAIH), whose contact details are:

  • Postal address: 1363 Budapest, PO Box 9.

  • address: 1055 Budapest Falk Miksa str. 9-11.

  • telephone number: +36 1 391 1400

  • fax: +36 1 391 1410

  • e-mail address: ugyfelszolgalat@naih.hu

  • website: http://naih.hu

Please also note that, in addition to and without prejudice to the above, you have the right to take legal action against the Company for the processing of your Data in breach of the GDPR and, if you have suffered material or non-material damage as a result of a breach of the GDPR by the Company, to claim damages from the Company.

Dr. Tibor Firtkó lawyer

We also want to store cookies while using the site. Do you allow these?
For more information, read the Privacy Policy.