Sándor Farkas (hereinafter referred to as the “Data Controller”) considers the protection and confidential handling of personal data to be of paramount importance. The Data Controller acknowledges this legal notice as binding upon itself and undertakes to ensure that all data processing related to its services complies with the provisions of this policy and with applicable legislation. The Data Controller takes all necessary security, technical, and organizational measures to guarantee the security of personal data.
Except for the data transfers specified in this Privacy Policy and cases prescribed by law, the Data Controller shall not disclose personal data to third parties under any circumstances.
During the validity of this document, the Data Controller collects and stores data exclusively for its own purposes. If the user decides that the Data Controller should no longer contact them in the future based on the data provided, the Data Controller shall act in accordance with the user’s decision.
The Data Controller reserves the right to amend this Privacy Policy at any time, while providing timely information to the affected parties.
When the data subject visits the website or contacts the Data Controller, the Data Controller may request information about the data subject, including their name, email address, phone number, and IP address. Hereinafter, these data are collectively referred to as “Personal Data.”
Providing Personal Data to the Data Controller during contact is voluntary and not mandatory; therefore, data processing is based on consent. However, if certain information is not provided, the Data Controller may not be able to achieve the purposes set out in this policy or provide its services.
The Data Controller’s data processing activities are based on voluntary consent. In certain cases, however, the processing, storage, or transfer of specific data may be required by law.
Data providers are hereby informed that if they provide personal data that is not their own, they are obliged to obtain the consent of the data subject.
The Data Controller processes data for the following purposes:
Website traffic measurement
Contact
Communication
Marketing functions
Invoicing and payment
The Data Controller retains Personal Data for as long as necessary to achieve the purposes defined in this policy or until the data subject withdraws their consent to the processing of their Personal Data.
Within the organization of the Data Controller, access to Personal Data is limited exclusively to those persons who require such access in order to achieve the purposes set out in this policy, including internal control functions.
The Data Controller does not sell, trade, make accessible, or otherwise use Personal Data provided by the data subject in any form to third parties, unless the data subject has given prior explicit consent.
The Data Controller may share Personal Data with the following third parties: professional advisors (including accountants, auditors, legal advisors, and other similar professionals), authorities and governmental bodies (including regulatory authorities, other authorities, state bodies, and courts), as well as member companies, affiliated companies, and subsidiaries of Sándor Farkas.
The Data Controller uses the commonly applied technology known as cookies in order to obtain information about how users use the website.
The use of cookies and web server log files allows the Data Controller to monitor the traffic of its websites, tailor content to users’ personal needs, and display targeted advertisements on third-party websites.
A cookie is a file that often contains a unique identifier, type, and content associated with a website. When a user visits a website, the website requests permission to store this file on a designated area of the user’s computer hard drive reserved for cookies. Each website visited can send cookies to the user’s computer, provided that the user’s browser settings allow this.
To protect users’ data, browsers only allow a website to access the cookie it has placed on the user’s computer; websites cannot access cookies placed by other websites.
Browsers are typically set to accept cookies. If the user does not wish to accept cookies, they may configure their browser to refuse cookies or certain types of cookies. In this case, some elements of the website may not function properly. Cookies cannot access other information on the user’s hard drive and do not contain viruses.
Based on the above, the Data Controller uses the following cookies and services:
Google Analytics (purpose: website traffic measurement)
Facebook Pixel (purpose: website traffic measurement)
Google Fonts (purpose: accelerated font loading)
jQuery CDN (purpose: accelerated loading of jQuery scripts)
Smartsupp (purpose: providing live customer support)
LinkedIn Pixel (purpose: website traffic measurement)
Microsoft Clarity (purpose: website traffic measurement)
The Data Controller applies security measures to prevent unauthorized access to Personal Data and to prevent unlawful data processing, destruction, or damage.
Storage devices containing Personal Data are kept in physically protected, restricted-access premises and are not left unattended.
Personal Data (including the email servers of Sándor Farkas) are stored on servers located within the European Union. The virtual server is hosted on a physical server placed in a locked cabinet within a server room. Other users cannot access the data.
The Data Controller’s websites may contain links to websites not operated by the Data Controller or not governed by its data protection practices. Please note that this Privacy Policy does not apply to such websites. Users are advised to review the privacy policies of these websites before providing any personal data. The Data Controller is not responsible for any unlawful data processing, breaches of data security requirements, damages, or violations of personality rights committed by the operators of such websites.
Upon request, the Data Controller shall provide information about the data processed by it or by a data processor acting on its behalf, including the purpose, legal basis, duration of processing, the name and address (registered office) of the data processor, and information about data transfers. The Data Controller shall provide such information in writing, in a clear and understandable manner, as soon as possible but no later than 30 days from receipt of the request. This information shall be provided free of charge if the requester has not submitted a similar request regarding the same data area during the current year.
The Data Controller shall delete Personal Data if the processing is unlawful, if requested by the data subject, or if the purpose of data processing has ceased.
The Data Controller shall inform the data subject and all parties to whom the data were previously transferred for processing purposes of any rectification or deletion, unless such notification would not serve the legitimate interests of the data subject.
The data subject may object to the processing of their personal data if such processing or transfer is necessary solely for the enforcement of the rights or legitimate interests of the Data Controller or the data recipient, unless the processing is required by law; if the data are used or transferred for direct marketing, public opinion polling, or scientific research purposes; or if the exercise of the right to object is otherwise permitted by law.
Personal Data shall not be deleted if processing is required by law. However, the data may not be transferred to the data recipient if the Data Controller has upheld the objection or if a court has established the legitimacy of the objection.
In the event of a violation of their rights, the data subject may take legal action against the Data Controller. The Data Controller shall compensate for damages caused to others by unlawful data processing or by breaches of technical data protection requirements. The Data Controller shall be exempt from liability if the damage was caused by an unavoidable external reason beyond the scope of data processing. No compensation shall be due if the damage resulted from the intentional or grossly negligent conduct of the injured party.
Complaints and legal remedies may be submitted to the National Authority for Data Protection and Freedom of Information (NAIH).
Registered office: 1051 Budapest, Nádor Street 22.
Postal address: 1387 Budapest, P.O. Box 40.
All comments may be sent to Sándor Farkas by post to 1138 Budapest, Váci út 132, or by email to: mester@farkasdugulaselharitas.hu.
Effective from: September 1, 2022 (v1.1)
