Dandan – Data Management Policy

DATA PROTECTION STATEMENT REGARDING THE PROCESSING OF PERSONAL DATA 

The operator of the website www.dandan.hu (hereinafter: “Website”) is Csorba Dániel EV (REGISTERED OFFICE: 2045 Törökbálint Kápolna utca 4, registration number: 37944481, AS “DATA CONTROLLER”) respects the constitutional right to the protection of personal data, according to which everyone has the right to decide on the disclosure and use of their personal data.

Legal basis for data processing:

In order to protect personal data, the Data Controller complies with Act CXII of 2011 on the right to self-determination in relation to information and freedom of information (Infotv.), as well as Act VI of 1998 on the promulgation of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, Act VI of 1998 on the promulgation of the Convention signed in Strasbourg on January 28, 1981, Act CXIX of 1995 on the processing of name and address data for research and direct marketing purposes, Act CVIII of 2001 on certain issues of electronic commerce services and information society services, Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activities, and the provisions of other applicable Hungarian legislation on data processing, as well as the data protection practices developed in the course of the activities of the Data Protection Commissioner, hereby establishes the following.

Legal basis for data processing

Data processing is carried out with the express and unambiguous voluntary consent of users who subscribe to the mailing list on the www.dandan.hu website. Registration includes filling out an identification form and accepting the terms of use (including data processing provisions).

The processing of personal data is therefore governed by the Infotv. 5. in accordance with Section 5 (1) (a) of the Infotv. Registration is required to access certain parts of the Website, or visitors may be required to provide certain personal data (e.g., name, address, email address, mobile phone number, etc.) in order to make full use of the services offered by the Website. When registering on the Website, the provision of data is always voluntary, and visitors are free to decide whether to provide the requested data. Data processing in the case of persons registered on the Website is only carried out on the basis of their voluntary, unambiguous, and explicit consent, after they have been provided with the relevant information in accordance with this policy.

By using the Website, you accept the terms and conditions set out in this policy.

Data processed

The data controller processes the following data provided during registration and further use.

During registration, the user must provide the following personal data:

full name

phone number

email address

address of the property for sale

Purpose of data processing

To send registered users email notifications about content published on the www.dandan.hu website, industry trends, and news related to the Dandan brand.

Duration of data processing

The processing of personal data provided during registration begins with registration and continues until the data is deleted.

Data may be deleted at any time at the user’s request or in cases specified by the data controller in the terms of use.

Data security

The Data Controller shall take all necessary measures to ensure the secure and damage-free handling of data and the establishment and operation of the data handling systems necessary for this purpose. The Data Controller shall ensure that unauthorized persons cannot access, disclose, transfer, modify, or delete the processed data. The processed data may only be accessed by the data controller and the relevant employees of the data processor, and the data controller shall not disclose the data to any third party who is not authorized to access it. The data is stored on a server in Denmark. The data controller shall do everything in its power to ensure that the data is not accidentally damaged or destroyed. The Data Controller also imposes the above obligation on its employees involved in data processing activities. Under no circumstances shall the Data Controller collect special data, i.e. data relating to racial origin, membership of a national or ethnic minority, political opinion or party affiliation, religious or other beliefs, membership of interest groups, health, addictions, sex life, or criminal record.

If the Data Controller becomes aware that a user has entered data classified as special data under the provisions of the Info Act into the database, it shall delete such data immediately and shall be entitled to delete the registration of the data subject.

Users’ rights:

The data subject may request information about the processing of their personal data, as well as request the correction of their personal data and the deletion or blocking of their personal data, with the exception of mandatory data processing.

At the request of the data subject, the data controller shall provide information on the data processed by it or by a processor commissioned by it, the purpose, legal basis and duration of the data processing, the name and address (registered office) of the data processor and its activities related to data processing, as well as information on who receives or has received the data and for what purpose. The data controller keeps a record of data transfers for the purpose of verifying the lawfulness of data transfers and informing the data subject, which includes the date of transfer of the personal data processed by it, the legal basis and recipient of the data transfer, the definition of the scope of the personal data transferred, and other data specified in the legislation prescribing data processing.

The data controller shall provide the information in writing, in an easily understandable form, as soon as possible after the request is submitted, but no later than 30 days.

The data controller may only refuse to provide information to the data subject if this is restricted by law, in the interests of external and internal security of the state, including national defense, national security, crime prevention or law enforcement, in the financial interests of the state or local government, or in the interests of protecting the rights of the data subject or others. The data controller shall inform the data subject of the reasons for refusing to provide information. In the event of a refusal to provide information, the data controller shall inform the data subject of the possibility of seeking judicial remedy and of appealing to the National Authority for Data Protection and Freedom of Information. The data controller shall notify the Authority of rejected requests by January 31 of the year following the year in question.

Users who feel that their right to personal data protection has been violated may turn to a civil court or request the assistance of the data protection commissioner. The adjudication of the case falls within the jurisdiction of the court. The case may be brought before the court of the place of residence or domicile of the data subject, at the discretion of the data subject.

Detailed legal provisions on this and on the obligations of the Data Controller are contained in Act CXII of 2011 on the right to self-determination in relation to information and freedom of information.

© Copyright 2023 | Csorba Dániel | Dandan