1. Applicable Laws
1.1 The processing of data performed by SZTAKI is regulated by the Hungarian legal regulations in force, especially the following rules and regulations:
- Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information (hereinafter referred to as the Privacy Act);
- Act VI of 1998 on the promulgation of the 1981 Convention for the protection of individuals with regard to automatic processing of personal data;
- Act V of 2013 on the Civil Code (hereinafter referred to as the Civil Code)
- recommendations of the Hungarian National Authority for Data Protection and Freedom of Information.
- Data processing shall mean the technical operations involved in data control, irrespective of the method and instruments employed for such operations and the venue where it takes place provided that such technical operations are carried out on the data;
- Processing of data shall mean any operation or set of operations that is performed upon data, irrespective of the process applied, such as in particular collection, recording, organization, storage, alteration, use, retrieval, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction, and blocking them from further use, photographing, sound and video recording, and the recording of physical attributes for identification purposes (such as fingerprints and palm prints, DNA samples and retinal images).
- Data controller shall mean the natural or legal person, or unincorporated body which alone or jointly with others determines the purposes of the processing of data, makes decisions regarding the processing of data (including the used instrument) and implements such decisions itself or engages a data processor to execute them – which is in this case:
Institute for Computer Science and Control
registered seat: H-1111 Budapest, Kende utca 13-17.
registration number: 300399000
- Data disclosure by transmission shall mean making data available to a specific third party.
- User shall mean each person who visits or registers the Website in order to visit the interfaces of the Website which are available only in case of registration.
- Personal data shall mean any information relating to the User (in this paragraph: data subject), in particular by reference to his/her name, an identification number or to one or more factors specific to his/her physical, physiological, mental, economic, cultural or social identity, and any reference drawn from such information pertaining to the data subject. In the course of processing of data, the data in question shall be treated as personal as long as the data subject remains identifiable through it. The data subject shall – in particular – be considered identifiable if the Data controller is in possession of the technical requirements which are necessary for identification.
3. The legal basis and the purposes of the Processing of data
3.1 The legal basis of Processing of data is the consent of the data subject defined in paragraph a) of Subsection (1) of Section 5 of Privacy Act, i.e. the Processing of data performed by SZTAKI is based on the consent of the User.
3.2 The purposes of the Processing of data are the identification of the Users and distinguishing the Users from each other, development of the services provided to the registered Users, tracking the visitors and measuring and monitoring the habits of the visitors.
4. Scope of the processed data
4.1 Personal data
4.1.1 Visiting the Website is not conditional on the provision of any of his/her Personal data by the User to SZTAKI, however numerous contents of the Website are available only in case of registration which includes the provision of Personal data.
4.1.2 In case the User registers the Website, SZTAKI processes the following Personal data in each cases:
- e-mail address,
- IP address,
- user name.
4.1.3 In case the User registers the Website, SZTAKI may process the following Personal data depending on the User’s decision:
- phone number,
- working place.
4.1.4 The Data controller processes the Personal data for the duration necessary to achieve its purpose, or up to other date specified by applicable rules and regulations.
4.2 Other data and cookie technologies
4.2.1 The Website may be visited by any person without providing any Personal data to SZTAKI, however, in this case SZTAKI still records and stores data other than Personal data regarding the User (hereinafter referred to as the Other data). Other data means the data of the User’s computer which are generated in the course of visiting the Website, in particular: data in connection with the usage of the Website and browsing habits of the User (e.g. date of visiting, viewed pages, used browser).
4.2.2 Other data reaches the Data controller by means of so-called “cookie technology” consisting of sending and placing an identification file (“cookie”) comprising one or more character string on the computer or other electronic device eligible for visiting the Website in case the User gives his/her consent thereto and as a result the User’s browser becomes identifiable.
4.2.4 The User may delete the cookie from his/her own computer and may disable its use. Generally the cookies may be set at Privacy Settings menu item at Tools / Settings menu of the browser.
5. Data disclosure by transmission and Data processing
5.1 SZTAKI is entitled to and is obliged to disclose by transmission all the Personal data available and duly stored to the competent authorities in the event this Data disclosure by transmission is required by regulations or enforceable decision. SZTAKI shall not be liable for the Data disclosure by transmission or the consequences arising therefrom, and SZTAKI excludes its liability therefor.
5.3 With a view to exercising communication control and for the information of the data subject, the Data controller shall maintain a transmission log, showing the date of time of transmission, the legal basis of transmission and the recipient, description of the Personal data transmitted, and other information prescribed by the relevant legislation on Data processing.
5.4 In accordance with the applicable legal regulations SZTAKI is entitled to use data processor in the purpose of certain technical operations. The data processor only entitled to execute the decisions of SZTAKI in accordance with the orders of SZTAKI. Using the data processor does not affect the liability of SZTAKI.
6. Principles of Processing of data
6.1 Data controller endeavours to comply with the principles specified in this Section in the course of the Processing of data.
6.2 Data controller shall process and store the Personal data only for specified purposes in accordance with the applicable regulation.
6.3 The Processing of data shall comply with the purposes of Processing of data at all stages.
6.4 The recording and processing of data shall be lawful and fair.
7. User’s rights
7.1 According to the provisions of Section 14 of Privacy Act the User may request from the Data controller
- information when his/her Personal data is being processed,
- the rectification of his/her Personal data, and
- the erasure or blocking of his/her Personal data, save where processing is rendered mandatory.
7.2 According to the provisions of Section 15 of Privacy Act upon the User’s request the Data controller shall provide information concerning the data relating to him/her, including those processed by a data processor hired by the Data controller or by others based on its instructions, the sources from where they were obtained, the purpose, grounds and duration of processing, the name and address of the data processor and on its activities relating to Data processing, the circumstances surrounding the privacy incident, its impact, and the actions taken to rectify the situation, and – if the Personal data of the data subject is made available to others – the legal basis and the recipients.
7.3 SZTAKI shall provide the User with the information specified in the Sections 7.1 and 7.2 in the shortest possible time, within 30 (thirty) days from the submission of the request regarding the information at latest.
8. Data security
8.1 SZTAKI makes every necessary effort which may reasonably be expected of it in order for the security of the data processed, ensures the appropriate level of their protection, especially protects these data from unauthorized access, change, transmission, disclosure, deletion or dissolution as well as accidental distraction and damage.
8.2 SZTAKI provides for appropriate technical and organizational measures in order to maintain safety of the data.
8.3 In order for the security of the Personal data of the User, SZTAKI introduces its privacy guidelines to its employees and ensures that they comply therewith.
9. Third‑Party Sites and Services
9.1 The Website may contain links to third-party websites, products and services. The Website may also use or offer products or services from third parties Information collected by third parties, which may include such things as location data or contact details, is governed by their privacy practices; therefore SZTAKI does not take any responsibility in connection with such data collections. SZTAKI encourages you to learn about the privacy practices of those third parties.
10. Enforcement of right
10.1 Questions and complaints of objections by the Users may be submitted directly to the Data controller (see below the contact details). The Data Controller will do its utmost in order to terminate and remedy eventual legal offences of injuries. The Data Controller will look into the complaints received and inform the User of its point of view and the measures taken.
Hungarian Academy of Science Institute for Computer Science and Control
- mail address: H-1518 Budapest, PO box: 63.
- phone number: +36 1 279 6000
- facsimile: +36 1 466 7503
- e-mail address: firstname.lastname@example.org
10.2 The User is free – on the basis of Privacy Act – to turn to the National Authority for Data Protection and Freedom of Information (www.naih.hu; address: H-1125 Budapest, Szilágyi Erzsébet fasor 22/c.; phone number: +36-1/391-1400) or enforce his/her rights by means of the court.
11. Data protection register
11.1 SZTAKI has duly reported its activity on Processing of data to the register of the National Authority for Data Protection and Freedom of Information. Identification number of the register file: NAIH-115373/2017 .
12. Final provisions
14th March 2017