Privacy Notice, and Terms&Conditions
for the use of Expat-Press website „www.expat-press.com” (hereinafter: Privacy Notice) Inter Relocation Kft. (hereinafter referred to as: INTER RELOCATION or Data Controller), as the operator of the website under the domain name of www.interrelo.com (hereinafter referred to as: Website), hereby discloses the Website rules and the rules relating to data processing as part of Websiterelated services, data protection principles as well as data processing information.
Processing of personal data during and related to your use of this Website shall be governed by present Privacy Notice and the data processing consent you provided during your use of the Website.
The current version of this Privacy Notice is available at https://expatpress.com/wp-content/uploads/2018/05/2018-05-06-01-Expat-Press-GDPRwebsite-privacy-notice.pdf
1. Identity and contact details of the Data Controller, Data Processors 1.1. The Data Controller The Data Controller is INTER RELOCATION, operator of the Website. As Data Controller, INTER RELOCATION determines the purposes and means of the processing of personal data that users provide by the use of the Website.
1.2. Contact details of the Data Controller: Registered office: H-1063 Budapest, Felsőerdősor u. 12-14. Company registration number: 01-09-704894 Registering authority: Companies’ Registry Court of the Municipal Tribunal of Budapest, Hungary Represented by: Stuart McAlister, Managing Director E-mail address: email@example.com Registration number of data management relating to sending out electronic newsletters: NAIH-134665/2017 Registration number of data management relating to prize draws: NAIH-133860/2017.
1.3. Data Processors Data are generally processed by INTER RELOCATION. The Data Controller utilises the services of Techsource Kft (site: 1068 Budapest, Király Utca 80, Company registration number: 01-09-305959) as a web hosting company and data processor. Data entered through the Website are not stored or processed further by Techsource Kft but forwarded directly to INTER RELOCATION for processing.
1. Categories of Personal Data processed in this Website
2.1. Data submitted by users during use of the Website’s services
2.1.1. Data processed when participating in a prize draw: When participating in a prize draw, we process the the following personal information provided by you: • Full name • Date of birth • City of residence • E-mail address
2.1.2. Newsletters – subscription online When registering for newsletters, we process the following personal information provided by you on the Website: • Surname • First name • E-mail address
2.1.3. Newsletter – subscribing in person When personally subscribing to newsletters, we process the following personal information provided by you: • Full name • Telephone number • E-mail address • Date • Signature
2.2. Personal Data provided by you and processed by the Data Controller in connection with the use of the Website and visiting the Website (cookies) „Cookies” are small computer files sent by the Website to the User’s web browser that hold a small amount of data specific to the User and the Website.
Automatically registered data are automatically logged by the system – without the separate declaration or action of the User – upon visiting the Website. Such data will not be connected to personal user information, i.e. the User cannot be identified based on these data. Such data may only be accessed by external service providers managing cookies and by the Data Controller.
In connection with the Website, the Data Controller shall use the services of the Google Analytics system, whereby cookies managed by Google Analytics help with the assessment of the number of visitors to the Website and other web analytical data (e.g. from which other website did the User come to the Data Controller’s Website, which pages were viewed, and how long the browsing lasted for, etc.). Information collected by cookies is stored on external servers operated by Google. Google Analytics can provide further information on the management of such data: https://www.google.com/analytcs Electronic advertisements of the Data Controller are published by the external service provider (Google) on internet web pages, using cookies to target advertisements.
2.2.1. Category: Preferences Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in. Cookie name: wfvt_# Cookie purpose description: Remembers the user’s submitted data when a comment is submitted in a blog post. The purpose is to aut o-populate form fields for subsequent comments, in order to save time for the user.
2.2.3. Category: Statistics Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously. Cookie name: _ga Cookie purpose description: Registers a unique ID that is used to generate statistical data on how the visitor uses the website. Cookie name: _gat Cookie purpose description: Registers a unique ID that is used to generate Cookie name: _gid Cookie purpose description: Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
2.2.3. Category: Marketing Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers. Cookie name: _hjIncludedInSample Cookie purpose description: Determines if the user’s navigation should be registered in a certain statistical place holder. Cookie name: r/collect Cookie purpose description: Unclassified
2.2.4. Category: Miscellaneous (language, cookie handling, security) Cookie name: pll_language Cookie purpose description: Provides multilingual support for the Website. Cookie name: viewed_cookie_policy Cookie purpose description: Monitors cookie consent, set to “yes” when the Cookie law info bar has been viewed and accepted.
Cookie name: wordfence_verifiedHuman Cookie purpose description: Cookie set by the Wordfence Security WordPress plugin to protect the site against malicious attacks. ⁃
3. The purpose of processing Personal Data The Data Controller shall use data for providing services available on the Website and for the following purposes in particular: • liaising with the primary aim of duly informing Users, • dealing with any commercial and/or technical problems efficiently and quickly; • sending out electronic newsletters popularising expat related services and offers as well as containing professional materials, along with other promotional messages and business policy requests (hereinafter referred to as: Newsletters), if the User specifically agreed to this upon registration, for the duration until withdrawal of consent.
4. Duration of Processing of Personal Data ⁃ The Data Controller shall manage personal information whilst the purposes of data processing apply, thus primarily during the term of the legal relationship with the User (after which personal data submitted by the User concerned will be deleted), and until the User requests deletion of their data or withdraws their consent.
If a User has utilised services by the Data Controller, the Data Controller processes personal data for 6 (six) years after the completion of the last service provided to the user, due to taxation and accounting requirements. If the User withdraws his/her consent, or requests deletion of his/her data, the Data Controller shall continue to process the name and address of the User until taxation and accounting regulations require so.
5. Legal basis for processing Personal Data The legal basis for processing Personal Data of a User is the voluntary, affirmative consent given by User at the beginning of the use of the Website, with knowledge of this document. Users may only submit their own personal data on the Website. Users are responsible for the correctnes of their data submitted. When submitting Personal Data, the Users guarantee that it is their own, correct Personal Data.
The Data Controller preserves the right to use the Personal Data submitted by the User, or obtained from the user by use of the Website or its services, based on the legitimate interest of Data Controller. In such cases this Privacy Notice will be modified accordingly, users whose Personal Data are being processed will be notified in a notice on the Webpage, or a direct email if the User had consented to such notification. In such a case an assessment of the legitimate interest in view of the the rights and interest of the User.
7. Users’ rights associated with their Personal Data processed by Data Controller A User has the following rights with respect to Personal Data processed by Data Controller, where User has given a consent to the porcessing of Personal Data: • the right to access, • the right to rectification, • the right to erasure, • the right to restrict processing, • the right to object to processing, • the right to data portability, • the right to complain to a supervisory authority, and • the right to withdraw consent.
7.1. The right of access At the request of the User, the Data Controller shall provide information on the User’s data it processes, such as ⁃ if the User’s data is processed by the Data Controller, ⁃ purpose of processing ⁃ categories of Personal Data processed ⁃ recipients of Personal Data, ⁃ duration of processing Personal Data ⁃ rights of the User concerining his/her Personal Data, including the right of complaint at the supervisory authority, ⁃ if there is profiling or automated decision making concerning the Personal Data, ⁃ a first copy of the Personal Data processed free of charge, unless it adversely affects the rigths and freedoms of others.
You may request further information by e-mail at firstname.lastname@example.org and by post at the following address: H-1063 Budapest, Felsőerdősor u. 12-14., while also verifying your known data and indicating your postal address in both cases. The Data Controller shall respond in writing within 30 days of receipt.
7.2. The right of rectification Users may request the correction and/or completion of their inaccurate or incomplete Personal Data (indicating the correct data) by e-mail at email@example.com or by post at the following address: H-1063 Budapest, Felsőerdősor u. 12-14. Users must verify their known data and indicate their postal address in both cases. The Data Controller shall immediately make the correction in the records, and shall notify the party concerned in writing accordingly.
7.3. The right of erasure
7.3.1. Request for erasure 1. Users may request – complete or partial – erasure of their Personal Data without undue delay by e-mail at firstname.lastname@example.org or by post at the following address: H-1063 Budapest, Felsőerdősor u. 12-14., free of charge The Data Controller shall be obliged to erase the Personal Data of the User in the following cases: • the Personal Data are no longer necessary for the purposes for which they were collected or processed, • the User withdrew consent and there are no other legal grounds for processing, • the User objects to the processing under certain rules of applicable data protection law, • the Personal Data have been unlawfully processed, • the processing is for direct marketing purposes, In some cases required by law, erasure of data may be denied by the Data Controller. Such cases that may apply in the case of the Data Controller are, for example: • for exercising the right of freedom of expression and information, • for compliance with a legal obligation, or • for the establishment, exercise or defence of legal claims.
If the Data Controller does not correct or erase Personal Data at the request of the User, it shall state the factual and legal reasons for rejecting the request for correction or erasure in writing within 30 days of receipt of the request. If the request for correction, blocking or deletion is rejected, the Data Controller shall inform the User about how to seek judicial remedy and to apply to the Hungarian National Authority for Data Protection and Freedom of Information.
7.3.2. Unsubsribing from Newsletters Furthermore, Users may decide at any time that they no longer want to receive Newsletters from the Data Controller. Users can revoke their consent to receiving Newsletters free of charge and without reason or limitation at any time by clicking on “unsubscribe” at the bottom of newsletters, by e-mail at email@example.com, or by post at H-1063 Budapest, Felsőerdősor u. 12-14 (while also indicating accurate personal information necessary for identification).
Upon receipt of a request for unsubscribing, the Data Controller shall immediately delete the data of the unsubscribing User from the database used for sending out Newsletters, and shall send out no further Newsletters to the User. If the withdrawal of the consent only affects data processing for Newsletter purposes, the Data Controller shall immediately delete the User only from the database used for sending out Newsletters, and may further manage the User’s data for due performance of quotes requested/orders made via the Website.
7.4. The right of restriction of processing The User may request the Data Controller to restrict the processing of the User’s Personal Data, under the following conditions:
• The User contests the accuracy of the User’s Personal Data, until accuracy is verified.
• The processing is unlawful and the User requests restriction instead of erasure.
• The Data Controller no longer needs the Personal Data for processing, but the User requires the Personal Data in relation to a legal claim.
• The User objected that the legitimate grounds of the Data Controller would override the rights of the User, until the legitimate grounds are verified. When processing is restricted, the Data Controller may only store the Personal Data, or may only process it with the consent of the User, or in relation to legal claims, for the protection of the rights of other persons, or in the public interest.
7.5. The right of objection to processing Users have the right to object to processing of their Personal Data relating to the User’s particular situation, if the legal basis for the processing is that the processing is
• necessary for the performance of a task carried out in the public interest, or in the exercise of any official authority vested in Data Controller; or
• necessary for the purposes of the legitimate interests pursued by the Data Controller by a third party. In case of such an objection, the Data Controller will cease to process the personal information unless the Data Controller can demonstrate compelling legitimate grounds for the processing which override the User’s interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims. Users have to right to object to processing of their Personal Data for direct marketing purposes.
Users have the right to object to processing of their Personal Data for scientific or historical research purposes or statistical purposes on grounds relating to the User’s particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
7.6. The right to data portability For Personal Data that
• the Data Controller is processing based on consent, or
• processing of which is necessary for the performance of a contract to which the User is a party or in order to take steps at the User’s request prior to entering into a contract, if the processing occurs by automated means, the User has the right to receive Personal Data from the Data Controller provided by the User in a structured, commonly used and machine-readable format, if it does not adversly affect the rights and freedoms of others.
7.7. The right to complain to a supervisory authority If the User finds that the Data Controller’s processing of Personal Data infringes on his/her rights or data protection laws, the User may lodge a complaint with a supervisory authority responsible for data protection in the EU Member State of the User’s habitual residence, place of work or the place of the alleged infringement. In Hungary the supervisory auhtority is „Nemzeti Adatvédelmi és Információszabadság Hatóság” („NAIH”, address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.; telephone: +36-1-391-1400; e-mail: firstname.lastname@example.org; webpage: www.naih.hu). In case of an infringement of the User’s rights, the User may file a claim at the municipal court („törvényszék”) competent accoding to the place of residence of the User.
7.8. The right to withdraw consent Where the legal basis for processing the User’s Personal Data is consent, the User has the right to withdraw his/her consent at any time.
7.9. Practicing User’s rights and the identification of the User when practicing User’s rights Rights of the User may be practiced by a written notice addressed and sent to the Data Controller. To avoid infringement on rights of other persons, when practicing such User’s rights, the User must duly and credibly identify him/herself.
7.10. Data Controller’s failure to respond to User’s practicing of his/her rights If the Data Controller does not take action on the request of the User, the Data Controller shall inform the User without delay and at the latest within one month of receipt of the request of the reasons for not taking action and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.
8. Links INTER RELOCATION will not take any responsibility for the content, data and information protection measures of external websites available from the Website. If INTER RELOCATION learns that a site it has linked or linking itself violates personal rights or effective legislation, it will immediately remove the link from the Website.
9. Data security The Data Controller shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:
• the pseudonymisation and encryption of personal data;
• the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
• the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
• a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
• The Data Controller shall take steps to ensure that any natural person acting under the authority of the Data Controller who has access to personal data does not process them except on instructions from the Data Controller, unless he or she is required to do so by law.
10. Legal remedies INTER RELOCATION does everything to ensure that personal data are managed in accordance with legal regulations. Apart from Users’ rights to lodge a complain or submit a claim to a court if they feel their rights were infiringed, as detailed in Section 7.7. above, if Users feel that INTER RELOCATION does not comply with them, they should report to the Data Controller by e-mail at email@example.com and by post at H-1063 Budapest, Felsőerdősor u. 12-14. 11. Other provisions The Data Controller shall preserve the right to unilaterally amend this Document at any time with prior notification to the parties concerned.
Budapest, 16 May 2018 Inter Relocaton Kft. as Data Controller