Privacy statement15:49 August 10, 2021
General Data Management Information
On 25th May 2018, Regulation 2016/679 of the European Parliament and Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC Regulation (EU) 2016/EU of the European Parliament and of the Council became mandatory in Hungary. Based on the above, I wish to inform you about the following:
In order to protect your personal data and thus your rights and liberties, the data managers of the defence.hu will make all reasonable efforts. Data managers are committed to protecting your personal information and taking responsibility for the security of your information. Their data management is based on the triple principle of necessity, proportionality, and adequacy. Their data management processes are fair and transparent.
They manage data in accordance with the most complete compliance with the European Union and Hungarian data protection regulations!
- Terms and definitions
the physical protection of data of any subject, stored in any form, against destruction, unauthorized access, data failure, or unauthorized alteration
a natural person or legal entity, public authority, agency, or any other body that processes personal data on behalf of a data manager
any operation or set of operations on personal data or files, whether automated or non-automated, such as collecting, recording, organizing, segmenting, storing, transforming, altering, retrieving, accessing, using, communicating, transmitting, disseminating or other harmonization, interconnection, restriction, deletion or destruction
a natural person or legal entity, public authority, agency or any other body which alone or in cooperation with others determines the purposes and means of the processing of personal data; if the purposes and means of data processing are determined by EU or Member State law, the data manager or the specific criteria for the designation of the data manager may also be determined by Union or Member State law
Restriction of data processing:
marking of stored personal data in order to limit their future processing; (data storage only)
the complete physical destruction of a data carrier
Deletion of data:
making data unrecognizable in such a way that prevents them from recovering
making data available for a specific third party
prevention of illegal processing of personal data, protection of privacy
Data protection incident:
unlawful handling or processing of personal data, in particular: unauthorized access, alteration, transmission, disclosure, deletion, destruction, or accidental destruction and damage
personal data resulting from specific technical processing relating to the physical, physiological, or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopic data;
the data may be accessed, used or disposed of only by those authorized to it and only in accordance with their authorization
any natural person, legal entity, public authority, agency, or any other body to whom personal data are communicated, regardless of the fact whether a third party or not
personal data concerning the physical or mental health of a natural person, including data relating to health services provided to a natural person, which contain information on the health of a natural person
any natural person identified or identifiable, directly or indirectly, via personal data
a natural person, legal entity, public authority, agency, or any other body other than the data subject, the data manager, the processor, or persons authorized to process personal data under the direct control of the data manager or processor
any state that is not an EEA state
a voluntary, specific, and unambiguous statement of the will of the well-informed data subject, indicating, by means of a statement or an act unequivocally expressing his / her agreement on the processing of personal data concerning him / her
personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as genetic and biometric data, health data, and personal data concerning the sexual life or sexual orientation of natural persons allowing for their unique identification
a collection of personal data – centralized, decentralized, arranged either functionally or geographically – accessible according to specific criteria
the processing of personal data – e.g. by statistical methods – that the provisions on erasure apply, i.e. all links with individual persons has been eliminated and this connection cannot be restored
ensuring that the necessary data are available to those authorized to them in the form required by them, and in due time
the criterion of the existence, authenticity, integrity and completeness of the data
any information relating to an identified or identifiable natural person ("data subject"); a natural person is identifiable, who can be identified directly or indirectly, in particular via an identifier such as a name, number or locator data, online identifier, or via one or more factors relating to the person’s physical, physiological, genetic, mental, economic, cultural or social identity
making the data available to anyone
a statement made by the data subject exercising his / her right to object to the processing of his / her personal data at any time under Article 6 (1) (e) or (f) of the GDPR, including profiling based on those provisions, for reasons related to such a situation. In such a case, the data manager shall not further process the personal data unless the data manager proves that the processing is justified by overriding legitimate reasons which take precedence over the interests, rights and liberties of the data subject, or which are necessary to bring, assert or defend legal claims
- Our data management
You can view the data management information HERE (click). Here you can learn:
1 a) whose data are managed;
2 b) what data are managed;
3 c) the purpose of data management;
4 d) the legal basis for data management;
5 e) to whom the data are communicated and to whom they are forwarded;
6 f) how long data are managed.
Personal data are securely deleted or destroyed when are no longer needed by data managers.
III. Are your data in safety?
When processing personal data, data managers pay special attention to the security of your data, so that they are not damaged, destroyed or lost in any way. To ensure this, a number of protection measures are taken pursuant to Decree 94/2009 (XI. 27.) on the information security policy of the Ministry of Defence, as well as under Decree 3/2012 (I. 13.) on the definition of the general electronic information security requirements of the Ministry of Defence, and the specification of security regulations (e.g. technology, protection, firewall, passwords, etc.)
- Is your information transmitted, forwarded, or shared?
Information is provided on possible inquiries by official bodies (e.g. police, Public Prosecutor’s Office, court of justice). Records are kept of such cases.
No data are transferred to any third country.
- What external service provider (data processor) is used?
Regarding the operation of the website:
HM Zrínyi Cartography and Communication Service Public Benefit Nonproft Limited Liability Company
1087 Budapest, Kerepesi út 29 / B.
hosting and email services, website operation
The data processor fully complies with all data security requirements. The data processor may employ a data sub-processor.
- How are your rights and liberties enforced?
In certain cases, you have the right to:
- at any time request information from the data manager as to whether they manage your personal data and, if so, what data are managed and for what purpose.
- request access to your personal data, managed by the data manager.
- ask the data manager to modify your personal data, this way you can clarify or complement them.
- ask the data manager to delete your data if you have legitimately objected to the data processing.
- to object to the data processing.
Exercising your rights above is free of charge. However, the data manager may charge a reasonable fee for fulfilling excessive or unfounded requests, or in such cases the data manager may refuse to comply with your request.
If you consider that the processing of your personal data violates the General Data Protection Regulation and Act CXII of 2011 on the right to information self-determination and freedom of information, you can contact the data protection officer of the data manager, the court of justice competent according to your place of residence or stay. A complaint may also be filed with the National Authority for Data Protection and Freedom of Information (1055 Budapest, Falk Miksa utca 9-11., 1363 Budapest, Mailing address: Pf .: 9. tel .: +36 (1) 391-1400; e-mail: [email protected]; website: www.naih.hu).