Bankszámlaszám: CIB Bank Zrt.
11102003-18578726-10000001
Adó 1%
adószám: 18578726-2-10
Privacy policy
Information on data protection
Media service provider Szent István Radio and Television (Hungarian Catholic Radio Foundation), as the operator of the website - hereinafter referred to as the "Data Controller" - informs the visitors - hereinafter referred to as the "User" - about the data protection issues arising from the use of the websites www.szentistvanradio.hu
and www.szentistvantv.hu, as well as the mobile application of Szent István Radio.
The Data Controller will treat the data obtained from the use of certain functions of the website exclusively for the purpose and for the period indicated, in accordance with the applicable legal provisions, and will not disclose it to third parties under any circumstances, except in the cases provided for by law. By using the websites www.szentistvanradio.hu and www.szentistvantv.hu, as well as by using the mobile application of Szent István Radio, and by subscribing to the Newsletter, the user accepts the terms and conditions of the Privacy Policy.
1. RELEVANT LEGISLATION
Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information - available for download at www.njt.hu;
Act CVIII of 2001 on Certain Aspects of Electronic Commerce Services and Information Society Services - available for download at www.njt.hu;
Act CXIX of 1995 on the Processing of Name and Address Data for Research and Direct Marketing Purposes - available at www.njt.hu;
EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) - available at https://eur-lex.europa.eu
2. DEFINITIONS
Data processing: any operation or set of operations which is performed upon personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
Data Controller: a natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of the processing are determined by Union or Member State law, the controller or the specific criteria for designating the controller may also be determined by Union or Member State law;
Data breach: a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed;
User's Consent: a voluntary, specific, informed and unambiguous indication of the data subject's wishes, by which the data subject signifies, by a statement or by an act expressing his or her unambiguous consent, that he or she gives his or her consent to the processing of personal data concerning him or her;
Personal data: any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Objection: a statement by the data subject objecting to the processing of his or her personal data and requesting the cessation of the processing or the erasure of the processed data.
3. DATA CONTROLLER
Hungarian Catholic Radio Foundation
Registered seat: 1 Széchenyi street, Eger HU-3300
Registration number: 10-01-0000519
Tax number: 18578726-2-10
4. SCOPE OF PERSONAL DATA PROCESSED, PURPOSE, DURATION AND LEGAL BASIS OF THE PROCESSING
- Newsletter
Processed data and purposes of processing: The Data Controller processes the personal data (name, e-mail address) provided by the User when subscribing to the Newsletter for the purpose of regular information and communication through the Newsletter. The Newsletter may also contain advertising and promotional offers. By subscribing to the Newsletter, the User acknowledges that the provision of his or her data is based on a free, specific and informed decision in which he or she expressly consents to the processing of his or her personal data (name and e-mail address) by the data controller and data processor for the purposes described above.
Duration of processing: The Data Controller will process the User's personal data only to the extent and for the duration necessary for the purposes described above. The data provided by the user will be deleted immediately after unsubscribing from the newsletter.
Legal basis of data processing: The legal basis for data processing in the context of sending the Newsletter is the data subject's voluntary, explicit consent pursuant to Article 6(1)(a) GDPR.
Access to the data is granted to the employee(s) of the Data Controller responsible for editing the newsletter.
5. CONTACT
The processed data and the purposes of processing: the data provided voluntarily by users will be processed exclusively for purposes directly related to their request (e.g. complaints, information, general information, customer satisfaction).
Duration of processing: the Data Processor does not record any data relating to electronic or postal letters, short messages (SMS), telephone calls or messages sent by media service providers, website operators and online commercial activities of users that could be used to identify the Data Subject. In the event of a complaint, the Data Controller will keep the data necessary for the investigation and identification of the complainant until 31 December of the 5th year following the investigation of the case.
Legal basis for processing: voluntary explicit consent pursuant to Article 6(1)(a) of the GDPR.
Access to data: The data may be accessed by the Data Processor's customer service staff and staff investigating complaints.
6. USE OF COOKIES
When accessing the website www.szentistvanradio.hu and www.szentistvantv.hu, the websites may automatically store information about the User's computer or browsing device (tablet, smartphone). Both sites use so-called computer "cookies" for this purpose. A cookie is a small packet of information sent by the server to the browser, which stores it in a separate directory on the User's computer. Cookies allow the website to recognise you if you have visited it before. Cookies make it easier and more efficient to use the Internet. Cookies do not store any personal data. If the Visitor wishes to disable, block or delete cookies, they can do so using their browser.
7. INDIRECT DATA COLLECTION (LOG FILES)
During a visit to the website, the following information about the visitor is automatically recorded by the computer tools used by the data processor
- browser type
- time of access to the site - time of exit
- the name and the URL of the file requested,
- the website/application from which the visitor came to our site (referrer URL)
- the visitor's IP address.
Purpose of data logging: Data is logged for the purpose of monitoring the secure operation of the website, system security and stability. Log files are updated daily and generated monthly.
Data storage period: the data processor stores the data on its server for 1 year.
Legal basis for processing the IP address: Legitimate interest of the Data Processor (Article 6(1)(f) GDPR).
The data may be accessed by the employee responsible for the operation of the Data Controller's website.
8. DATA PROTECTION
The Data Controller shall treat the digital data content confidentially, using state-of-the-art data protection tools, and shall disclose it to third parties only in cases prescribed by law. The Data Controller shall only disclose personal data to public authorities, where the public authority has indicated the precise purpose and scope of the data, if and to the extent strictly necessary for the purpose of the request.
9. ACCESS TO INFORMATION
The Data Controller shall, upon request, provide the User with information on the data processed by the Data Controller, the purposes, legal basis and duration of the processing, the name, address (registered office) and activity of the Data Processor in relation to the processing, as well as the persons who receive or have received the data and for what purposes (Article 15 GDPR). The data controller must provide the information in writing, or in an intelligible form in the case of an electronic request, within 15 days of the request. The information must be provided free of charge, but in the event of a request for information in the same area in the current year, the data controller may charge a fee.
10. CORRECTION AND COMPLETION OF DATA
At the request of the Data Subject, the Data Controller shall correct inaccurate personal data without undue delay. Taking into account the purpose of the processing, the User may also request the completion of incomplete personal data by means of a supplementary declaration (Article 16 GDPR). The Data Controller shall notify the User of the rectification or completion, as well as all those to whom the data were previously transmitted for processing. It shall refrain from such notification where this does not harm the legitimate interests of the data subject in relation to the purposes of the processing.
11. DELETION OF STORED DATA
The Data Controller shall delete personal data within 5 working days
- if the processing is unlawful,
- at the request of the User,
- if the purpose of the processing has ceased to exist, or
- if the legal period for storing the data has expired,
- if ordered by court or the Data Protection Commissioner.
Data Controller shall notify the user of the deletion and all those to whom the data has previously been communicated for processing purposes. Data Controller shall refrain from notifying the Data Subject, unless this would be contrary to the Data Subject's legitimate interests with regard to the purposes of the processing (Article 17 GDPR).
12. LIMITATION OF PROCESSING
The User may request the restriction of processing if he/she disputes the accuracy of the personal data or if the processing is unlawful, but does not request the deletion of the data.
You may request the restriction of processing if the personal data are no longer necessary for the purposes for which they were collected, but are necessary for the establishment, exercise or defence of a legal claim, or if you have objected to the processing but it has not yet been determined whether the Data Controller's legitimate grounds override the legitimate grounds for the processing (Article 18 GDPR).
13. PORTABILITY OF DATA
The User has the right to receive personal data concerning him/her and provided by him/her in a structured, commonly used, machine-readable format and the right to transfer such data to another controller,
- if the processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(a) of the GDPR or on a contract pursuant to Article 6(1)(b) and
- the processing is carried out by automated means. When exercising the right to data portability, the user has the right to request the direct transfer of personal data between controllers, where technically feasible (Article 20 GDPR).
14. OBJECTION
The User may object at any time to the processing (Article 21 GDPR) if
- the processing (transfer) of personal data is necessary solely for the purposes of the exercise of a right or legitimate interest pursued by the controller or the recipient, unless the processing is required by law;
- the personal data are used or further processed for direct marketing, public opinion polling or scientific research purposes;
- the exercise of the right to object is otherwise permitted by law.
The Data Controller shall examine the objection without delay, and at the latest within 15 days from the date of the request, and shall inform the applicant in writing of the outcome of the objection, with a simultaneous suspension of the processing.
If the objection is justified, the Data Controller shall terminate the processing, including further collection and further transmission, block the data and notify the objection and the measures taken on the basis of the objection to all those to whom the personal data concerned by the objection have been previously disclosed and who are obliged to take measures to enforce the right of objection. If the data subject does not agree with the decision of the data controller, he or she may, within 30 days of its notification, challenge it before a court of law.
The Data Controller may not delete the Data Subject's data if the processing is required by law. However, the data may not be disclosed to the data recipient if the controller has agreed to the objection or if the court has ruled that the objection is justified.
15. LEGAL REMEDY
In the event that Users believe their personal data has been or is at risk of being processed in violation of their rights, they may initiate an investigation with the National Authority for Data Protection and Freedom of Information.
- Registered seat: Szilágyi Erzsébet fasor 22/c, Budapest, HU-1125
- Postal address: 1530 Budapest, PO Box 5
- Telephone:+36(1)391-1400
- Fax: +36(1)391-1410
- E-mail: ugyfelszolgalat@naih.hu
- URL: www.naih.hu
The User has the right to seek the protection of their personal data before a civil court.
The Data Controller reserves the right to modify this Privacy Policy.
Budapest, 25th May 2018