PRIVACY NOTICE
FOR REQUESTING AN OFFER ON THE WEBSITE
This Privacy Notice contains provisions on the rules of data processing activities related to contacting us for an offer on the https://helloparks.com/en/ website operated by HelloParks Management Korlátolt Felelősségű Társaság.
The Controller is entitled to amend this Privacy Notice from time to time with various updates, unilaterally, without prior notice. With a view to this, it is recommended that you visit the website regularly and monitor the acceptability of the changes.
1. Contact details of the Controller
1.1. Controller’s name: HelloParks Management Kft. (hereinafter: “Controller”)
Registered address and mailing address: 1082 Budapest, Futó utca 47-53. VII. em.
Email address: info@helloparks.com
Telephone: +36 70 654 4444
Website: https://helloparks.com/en/
2. Data Processors and their contacts
2.1. Name of Data Processor: DONE DIGITAL Kft.
Registered address and mailing address: 1095 Budapest, Gát utca 21. fszt. 1.
Email address: hello@thisisdone.com
Telephone: +36 30 200 8218
Website: https://thisisdone.com/
Scope of data processing: develop the website affected by data processing
2.2. Name of Data Processor: Hidden Design Kft.
Registered address: 1095 Budapest, Gát utca 21. fszt. 1.
Mailing address: 1094 Budapest, Tűzoltó utca 66. földszint 4.
Email address: hidden@hidden.hu
Telephone: +36 20 426 1580
Website: https://www.hidden.hu/
Scope of data processing: operate the website affected by data processing
2.3. Name of Data Processor: Wavemaker Hungary Kft.
Registered address and mailing address: 1123 Budapest, Alkotás út 53. B. ép. III. em.
Email address: info.budapest@mecglobal.com
Telephone: +36 30 407 8733
Scope of data processing: operate the website affected by data processing
3. Processing the data of the Data Subject
3.1. Scope of Data Subjects
The Controller will process the personal data of natural persons (hereinafter: the “Data Subject”) – with your prior consent and based on your prior consent – who request an offer and a newsletter during contact and interaction on the https://helloparks.com/en/website (hereinafter: the “Website”) operated by the Controller under the logistic services offered by its company.
When filling in the contact form, the data marked with an asterisk, i.e. surname and first name, company name, email address and telephone number, are mandatory fields.
3.2. The scope of processed data, the purpose and legal basis of processing, broken down by purpose
During the operation of the Website, the Controller shall process the following data of the Data Subjects set out in Section 3.1. for the following purposes and on the following legal bases:
3.2.1. Data processing for the purpose of contacting and interacting with the Data Subject
personal data (mandatory)
|
the purposes of processing
|
legal basis
|
surname and given name | your name is needed for contacting you | Pursuant to Article 6(1) (a) of Regulation (EU) 2016/679 of the European Parliament and of the Council1 (hereinafter: GDPR), the processing is based on the Data Subject’s consent, i.e. your consent. |
email address | the email address is needed for contacting you, for the interaction between the Controller and you and making an appointment | |
phone number | the phone number is needed for contacting you, for the interaction between the Controller and you and making an appointment |
3.2.2 Data processing related to sending a newsletter
personal data
|
the purposes of processing
|
legal basis
|
email address | the email address is needed for direct marketing purposes by sending a newsletter | Pursuant to Article 6(1) (a) of the GDPR and Section 6(1) of Act XLVIII of 2008 on Essential Conditions of and Certain Limitations to Business Advertising Activity, the processing is based on the Data Subject’s consent, i.e. your consent. |
3.3. The period for which the personal data will be stored
3.3.1. For data processing related to contacting you and keeping in touch with you
The Controller will process and store personal data for the purpose of making contact and keeping in touch until the Data Subject revokes his/her consent to data processing for such a purpose, or prohibits the processing of his/her data for the purpose of making contact and keeping in touch, or requests the erasure of his/her data.
3.3.2. For data processing related to sending a newsletter
The Controller will process and store personal data for the purpose of direct marketing until the Data Subject revokes his/her consent to data processing for such a purpose, or prohibits the processing of his/her data for the purpose of direct marketing, or requests the erasure of his/her data.
4. Scope of data processing
4.1. DONE DIGITAL Kft. is responsible for website development, during which it has technical access to personal data, to the extent necessary for development, which are stored on the Website (Website database, data processed in connection with contacting customers, data processed in connection with registering for the newsletter), beyond which it shall not carry out any further activities in regard to the data.
4.2. Hidden Design Kft. provides hosting services, during which it has technical access to personal data, to the extent necessary for the service, which are stored on the Website (Website database, data processed in connection with contacting customers, data processed in connection with registering for the newsletter), beyond which it shall not carry out any further activities in regard to the data.
4.3. Wavemaker Hungary Kft. performs media planning and media purchasing tasks, as well as the subsequent assessment of media campaigns for the Website, during which it has technical access to personal data, to the extent necessary for the service, which are stored on the Website (Website database, data processed in connection with contacting customers, data processed in connection with registering for the newsletter), beyond which it shall not carry out any further activities in regard to the data.
5. Cookies used on the Website
5.1. We use cookies in certain pages of the Website. Cookies are files that store information in the web browser of the Data Subject. Cookies make it possible, for example, for the Website to recognise if the Data Subject has visited it previously, or, by allowing us to see which sites of the Website are the most popular, they help us understand which pages of the Website are visited and how much times visitors spend there. By studying this, we can better tailor the Website to the needs of the Data Subject and provide an even more diverse user experience for the Data Subject.
5.2. With the help of cookies, we can also ensure that the information displayed on your next visit to the site will meet your expectations (without identifying you personally). When you visit our Website, technical information may be gathered automatically that does not allow you to be personally identified, for example, the name of another website that directed you to this website, the location from where you accessed the website, and search queries completed on the website. Collecting this information helps us identify the preferred search habits of our website users without using their personal data. Such information is used strictly for internal purposes. Anonymous or general data from which your identity cannot be identified does not qualify as personal data and thus does not fall within the scope of this Privacy Notice.
5.3. You can change your web search configuration to either accept all cookies, delete all cookies, or receive a notification when cookies appear on your machine. Since all web search applications are different, please use the “Help” menu in your browser to adjust your cookie settings. You can change your web search configuration to either accept all cookies, delete all cookies, or receive a notification when cookies appear on your machine. Since all web search applications are different, please use the “Help” menu in your browser to adjust your cookie settings.
5.4. You can find further information on cookies and on disabling them at http://www.youronlinechoices.com/hu/. The Website was intended to operate with the use of cookies, so disabling them may affect the functionality of the Website, or prevent you from taking advantage of all its benefits.
Links for managing cookies in the case of the most frequently used browsers:
Mozilla Firefox
Google Chrome
Internet Explorer
Google Analytics provides an additional option of unsubscribing from the Google Analytics service: http://tools.google.com/dlpage/gaoptout?hl=en-GB.
The cookies used on the Website can be found in the Cookie settings.
6. Recipients of the personal data
6.1. The Controller does not transfer the personal data of the Data Subjects to other third parties or organizations, except for public authorities specified in law or in a binding legal act of the European Union, which may request personal data from the Controller for their investigation in individual cases.
7. Data security measures
7.1. Data processed by the Controller are protected by the restrictions applied to the access of information. For example, only those persons can have access to the data who need them in the interests of and for the purposes listed above.
8. Protection of the rights of Data Subjects
8.1. In accordance with Article 12–21 of the GDPR, the Data Subject may request from the Controller access to and rectification or erasure of personal data or restriction of processing concerning the Data Subject or to object to this processing, as well as exercise his/her right to data portability.
8.2. The Data Subject has the right to obtain from the Controller confirmation as to whether or not personal data concerning him or her are being processed. The information requested by the Data Subject must be provided in writing by the Controller, or by other means, including, where appropriate, by electronic means. Verbal information may also be provided upon your request, provided that your identity has otherwise been verified. Electronic identity verification will occur through a confirmation link that will be sent to the email address you have provided, which you must click to confirm your request for information. Confirmation is important because we must make sure that the person requesting the information is not a robot, is acting in his/her own name, is confirming the request through his/her own email account and is using a genuine email address. The confirmation link is valid for 48 hours. The deadline for receiving the information begins upon confirmation. If you do not confirm the information request within 48 hours, the link will expire and a new one must be requested. The Controller will inform you of any measures taken in response to your request without undue delay, but in any case within one month of the arrival of your application for the exercise of your rights (see GDPR, articles 15–22).
8.3. The Data Subject has the right to obtain from the Controller, without undue delay, the rectification of inaccurate personal data concerning him or her. The Data Subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
8.4. The Data Subject has the right to obtain from the Controller the erasure of personal data concerning him or her without undue delay, where one of the following legal grounds applies:
- the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
- you revoke your consent on which the processing is based and there is no other legal basis for the processing;
- you object to the data processing, and in the given case, there is no overriding legitimate reason for data processing;
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in Union or Member State law;
- the collection of personal data was associated with the offering of information society services.
8.5. The Data Subject has the right to obtain from the Controller restriction of processing where one of the following applies:
- you contest the accuracy of your personal data; in this case, the restriction shall apply to a period enabling the Controller to verify the accuracy of the personal data;
- the processing is unlawful and you object to the erasure of your personal data, and you request the restriction of their use instead;
- we no longer need your personal data for the purpose of the processing, but they are required by you for the establishment, exercise or defence of legal claims; or
- you have objected to the processing; in this case, the restriction shall apply for a period until it is established whether the legitimate grounds of the Controller override those of the Data Subject.
8.6. The Data Subject has the right to object, on grounds relating to his/her own situation, to the processing of his/her personal data based on a legitimate interest, including profiling. In this case, we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing, which override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of legal claims.
8.7. The Data Subject has the right to object, at any time, to the processing of personal data concerning him or her for direct marketing. When unsubscribing from advertising materials being sent, a confirmation link will be sent to the email address the Data Subject has provided, which the Data Subject must click to confirm his/her unsubscribe request. Confirmation is important because we must make sure that the person requesting the information is not a robot, is acting in his/her own name, is confirming the request through his/her own email account and is using a genuine email address. The confirmation link is valid for 48 hours. Unsubscription becomes valid upon confirmation. If the Data Subject does not confirm the unsubscribe request within 48 hours, the link will expire and a new one must be requested.
8.8. The Data Subject has the right to object, on grounds relating to his/her own situation, to the processing of his/her personal data based on a legitimate interest, including profiling. In this case, we shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of legal claims.
8.9. In the event of a violation of the rights of the Data Subject set out in the GDPR, the Data Subject may file a complaint with the Controller at the contact specified in Section 1.1.
8.10. In the event of a violation of the rights of the Data Subject set out in the GDPR, the Data Subject may file a complaint with the Controller at the contact specified in Section 1.1.
8.11. Additionally, the Data Subject is entitled to submit a complaint to the Hungarian National Authority for Data Protection and Freedom of Information (http://naih.hu/; 1125 Budapest, Szilágyi Erzsébet fasor 22/c; mailing address: 1530 Budapest, Pf.: 5.; Phone: +36 1 391 1400; Fax: +36 1 391 1410; Email: ugyfelszolgalat@naih.hu). The Data Subject also has the right to file a complaint with another supervisory authority, in particular the supervisory authority established in the Member State of his or her habitual residence.
8.12. The Data Controller may also be sued for violating the rules for the processing of personal data. The Data Subject may bring an action before the Metropolitan Court of Budapest or the court of his or her domicile. The contact details of the courts in Hungary can be found at http://birosag.hu/torvenyszekek. If the Data Subject habitually resides in another Member State of the European Union, the action may also be brought before the competent court of the Member State of habitual residence.
Budapest, 01 10 2020