Privacy policy
The National Development Centre's Privacy Policy for its (personal) data processing in the course of the operation of https://svajcialap.hu/en
1. Introduction
The purpose of this Privacy Policy is to provide the National Development Centre as the operator (hereinafter referred to as the "Data Controller1" for the purposes of this Policy) with detailed information on the personal data processing in connection with the operation of the https://svajcialap.hu/en website, the rights of data subjects to the protection of personal data and the exercise of those rights.
2. Name of the controller
Data Controller: National Development Centre
Address (headquarters): 1077 Budapest, Wesselényi utca 20-22.
E-mail: svajcialap@nfk.gov.hu
Name and contact details of the Data Protection Officer
Data Protection Officer of the National Development Centre: dr. Krisztina Balázs
Direct availability: adatvedelem@nfk.gov.hu
3. The (main) legislation applicable to data processing
· Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: GDPR)
· Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information
· Government Decree 182/2022 (24 May) on the duties and powers of the members of the Government
· 25/2024. (31 July) KTM Instruction on the Organisational and Operational Rules of the National Development Centre
The data subject of this Privacy Policy is: anyone who contacts the organisation concerned as a data controller by electronic mail at the contact address under https://svajcialap.hu/en, requests information, submits a request or sends an attachment to the letter.
4. Scope of the personal data processed, purpose(s) of the processing, legal basis
In relation to this Policy, the Data Controller1 is responsible for the operation of the https://svajcialap.hu/en website.
Any entity contacted by the data subject on the basis of the contact details provided by the data subject on the site acts in its capacity as an independent Data Controller throughout the entire data processing process.
The Data Controller processes personal data voluntarily provided by the citizen requesting information, which typically include:
-e-mail address
- name
- any additional information provided in the e-mail
https://svajcialap.hu/en does not process (store) personal data.
4.1. Purpose of data processing
In order to ensure active and two-way communication for interested citizens, the main purpose of data processing is to maintain contact and to respond to letters and requests from citizens.
4.2. Legal basis for processing
The processing of personal data is processing based on the consent of the data subject - Article 6(1)(a) GDPR - however, the tasks related to grants financed by the Swiss Fund are a public task designated by law, and therefore the legal basis for the processing is the processing for the performance of a public task within the meaning of Article 6(1)(e) GDPR.
4.3. Source of personal data
Personal data are collected directly from the data subject.
4.4. Automated decision-making, profiling, transfer of personal data to third countries or international organisations
No automated decision making or profiling takes place during the processing.
The controller does not transfer personal data to third countries/international organisations.
5. Data retention/storage period
Personal data are processed by the Data Controller for the necessary period of time in accordance with the purpose limitation principle.
6. Processors used by the Data Controller, recipients of personal data
The website is operated as a data processor by Új Világ Nonprofit Szolgáltató Kft. (1077 Budapest, Kéthly Anna tér 1.).
7. Data security measures
Personal data may only be accessed by the Data Controllers' employees involved in the performance of their duties, to the extent necessary for the performance of those duties.
8. Transmission of data, use of data for statistical purposes
Data relating to data subjects may be used for statistical purposes in a non-personally identifiable way.
The Data Controller1 does not transmit or disclose personal data, facts or opinions concerning the data subject to third parties, with the exception of the provision of data based on statutory obligations (e.g. court, prosecutor's office, other body entitled to request data).
9. Data subject's rights in relation to data processing
9.1. Right of access: The data subject has the right to obtain from the Data Controller, through the contact details provided in point 2, information as to whether or not his or her personal data are being processed and, if such processing is taking place, the right to know what personal data are being processed by the Data Controller, on what legal basis, for what purpose, for how long, to know to whom, when, under what law, to which personal data the Data Controller has given access or to whom the Data Controller has transmitted his or her personal data, and the source of his or her personal data. In order to meet data security requirements and to protect the rights of the data subject, the Data Controller shall verify the identity of the data subject and of the person who wishes to exercise the right of access, and to this end, the provision of information, access to or copying of the data shall be subject to the identification of the data subject.
In order to enforce the legal requirements of data security and to protect the identity of the data subject ("to whom the personal data relates"), the procedure is subject to identification of the person making the request and the data subject in order to establish the identity of the data subject in the exercise of the right of information, access and copying. For the purposes of identification, the Data Controller is entitled to process additional personal data suitable for the purpose.
9.2. Right to rectification: the data subject may request the Data Controller to rectify any of his or her personal data. If the data subject can credibly demonstrate the accuracy of the corrected data, the Data Controller shall comply with the request within a maximum of one month and shall notify the data subject thereof using the contact details provided by the data subject.
9.3. Right to blocking (restriction of processing): the data subject may request that the processing of his or her personal data be restricted by the Data Controller (by clearly indicating the restriction of processing and ensuring that it is kept separate from other data) where.
- contests the accuracy of your personal data (in which case the Data Controller will limit the processing for the time necessary to verify the accuracy of the personal data);
- the data processing is unlawful and the data subject opposes the erasure of the data and requests instead the restriction of their use;
- the Data Controller no longer needs the personal data for the purposes of processing, but the data subject requires them for the establishment, exercise or defence of legal claims; or
- the data subject has objected to the processing (in which case the restriction applies for the period until it is established whether the legitimate grounds of the controller override those of the data subject).
9.4. Right to object: with regard to the processing for the purposes set out in point 4.1, the data subject may object to the processing through the contact details provided in point 2, if he or she considers that the Data Controller is processing his or her personal data for purposes other than those stated. In such a case, the Data Controller must demonstrate compelling legitimate grounds for processing the personal data which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
9.5. Right to erasure: In relation to the processing detailed in the Policy, the data subject may exercise his or her right to erasure only if the data is no longer necessary for the performance/execution of the public task of the Data Controller or for the exercise of official authority vested in the Data Controller.
9.6. Right to legal remedy: If the data subject considers that the Data Controller has infringed the applicable data protection requirements in the processing of his or her personal data, he or she may lodge a complaint with the National Authority for Data Protection and Freedom of Information (hereinafter referred to as the Authority).
Contact details of the Authority
National Authority for Data Protection and Freedom of Information
Postal address: 1363 Budapest, Pf 9.
Address: 1055 Budapest, Falk Miksa u. 9-11.
E-mail: ugyfelszolgalat@naih.hu
URL: https://naih.hu/about-the-authority
or
have the right to apply to the courts, which will rule on the matter out of turn, in order to protect your data. In such a case, you are free to choose whether to bring your action before the court having jurisdiction for your place of residence (permanent address) or the court having jurisdiction for your place of abode (temporary address). You can find the court of your domicile or residence at https://birosag.hu/birosag-kereso
10. Termination of data processing:
You may unsubscribe from our newsletter by sending an email to the contact email address provided (svajcialap@nfk.gov.hu ) or by postal mail to request the termination of data processing.