Privacy Policy

Introduction

Főnix Rendezvényszervező Közhasznú Nonprofit Kft. (HU-4026 Debrecen, Hunyadi utca 1-3., hereinafter referred to as the Service Provider), as a data controller, acknowledges that the content of this privacy policy is binding. It takes the liability that all the data processing related to its activities complies with the requirements set out in this policy and the applicable legislation.

Főnix Rendezvényszervező Közhasznú Nonprofit Kft. is committed to the protection of the personal data of its customers and partners and considers it extremely important to respect the information rights of its customers.

Főnix Rendezvényszervező Közhasznú Nonprofit Kft. processes the personal data of its customers and partners confidentially and takes all technical and organizational and security measures that guarantee the security of the data.

Name and contact details of the data controller

Name of the data controller: Főnix Rendezvényszervező Közhasznú Nonprofit Kft.
Postal address of the data controller: HU-4026 Debrecen, Hunyadi utca 1-3.
E-mail address of the data controller: info@fonixinfo.hu
Data Protection Officer: Beáta Keczeli

The purpose, legal basis, and duration of data processing, as well as the scope of personal data

The data processing of the activities of Főnix Rendezvényszervező Közhasznú Nonprofit Kft. is based on voluntary consent. In some cases, however, the processing, storage, and transfer of a set of provided data is required by law, of which we will notify the users separately.

We would like to draw the attention of submitters to the fact that if they do not provide their own personal data, it is the duty of the submitter to obtain the consent of the person affected.

This Privacy Policy of Főnix Rendezvényszervező Közhasznú Nonprofit Kft. is in accordance with the applicable data protection legislation, in particular the followings:

Regulation (EU) 2016/679 of the European Parliament and of the Council

  • Act CXII of 2011 on Information Self-determination and Freedom of Information
  • Act CLV of 1997 on Consumer Protection
  • Act C of 2000 on Accountancy
  • Act V of 2014 on the Hungarian Civil Code
  • Act XIX of 1998 on the Hungarian Criminal Law
  • Act CVIII of 2001 Act CVIII of 2001 on Electronic Commerce and on Information Society Services
  • Act C of 2003 on Electronic Communication
  • Act CXXXIII of 2005 on the personal and property protection and the private detective activities
  • Act XLVIII of 2008 on the essential conditions and certain limitations of Business Advertising Activity

Ticket sales

Aim of data processing: issue of invoices to the customer
Legal basis of data processing: provisions under Act CXII of 2011 on information self-determination and freedom of information and Act C of 2000 on accountancy
Type of personal data processed: name and address of the customer
Period of data processing: 8 years
Legal base of data transfer: data processing is necessary for the performance of the contract Article 6, 1 (b) under GDPR

Events

The Visitor acknowledges that video and audio recording of the event will be made at the free events of Főnix Rendezvényszervező Közhasznú Nonprofit Kft., In which the Visitor may also appear. By participating at the free event, the Visitor acknowledges that a video and audio recording may be made, which Főnix Rendezvényszervező Közhasznú Nonprofit Kft. may use, reproduce, publish, and distribute without further compensation.

Legal base of data processing: the voluntary contribution of the person concerned by participating in the event in question.

Type of data processed: Visitor’s image and soundtrack

Period of data processing: until the withdrawal of the consent of the person concerned.

Electronic monitoring system

An electronic monitoring system is used in the buildings operated by Főnix Rendezvényszervező Közhasznú Nonprofit Kft., which includes the installation of cameras. The exact location and the names of the monitored areas are available in the handout on the information desk of Főnix Rendezvényszervező Közhasznú Nonprofit Kft.

Personal data controller

Purpose of data processing: to protect human life and health, as well as property, and to prevent and detect offences, catch offenders, prove offences, identify those entering the territory of the buildings, record the fact of entry, document the activities of unauthorised visitors, and examine the circumstances of possible occupational and other accidents.

Legal base of data processing: Regarding visitors, the consent of the person by the entry to the building; in case of employees, Section 11 of Act 1 of 2012 on the Hungarian Labour Code, as well as Article 6 (1) f under the GDPR whereas Főnix Rendezvényszervező Közhasznú Nonprofit Kft. has a legitimate interest in property protection

Type of personal data processed: the face of the person visible in the image recordings entering the building and other personal data recorded by the monitoring system.

Duration of data processing: 3 working days if data are not used (according to 31 § (3) c in Act CXXXIII of 2005 on the personal and property protection and the private detective activities.)

The use of records

Entitled to view the live image of the cameras: staff of Főnix Rendezvényszervező Közhasznú Nonprofit Kft.

Entitled to view the camera records: staff Főnix Rendezvényszervező Közhasznú Nonprofit Kft.

Entitled to save the camera records on data media: Főnix Rendezvényszervező Közhasznú Nonprofit Kft.

Authorised persons may solely view the stored records of the camera monitoring and recording system operated by Főnix Rendezvényszervező Közhasznú Nonprofit Kft. to prove offences committed against human life, physical health, or property and to identify the offenders. Those data subjects, whose rights or legitimate interests are affected by the image records may request the data controller not to destroy the records or delete them until the court or competent authority is contacted but not longer than 30 days. The person appear in the record may request information about the records made of him/her and may request a copy or, if other persons are also appeared in the record, they may view the records. The data subject may request the record featuring him/her to be deleted, the data related to the record to be modified and may also object to data processing.

The data controller shall record the inspection of the stored records, the name of the person assigned to the process and the reasons and time of inspection, in the report.

Data transfer: in case of infringement or criminal proceedings, towards the authorities conducting them.
Set of data transferred: the records taken by the camera system and containing relevant information

Legal base of data transfer: 71 § (1), 151 § (2) a) and 171 § (2) under the Criminal Law, and 75 § (1) a) and 78 § (3) under the Act of Accountancy

The legal background, legal basis and purpose of data processing performed on the website, the scope of processed personal data and the duration of data processing

Information on cookies

What is a cookie?

A cookie is an alphanumeric information package of varied content sent by the web server, which is recorded on the user’s computer and stored for a pre-determined period. The use of cookies makes it possible to request certain data of the visitor and track his/her internet use. As a result, the use of cookies makes it possible to precisely determine the range of interests, the internet use habits and the history of website visits of the given user. As a cookie operates as a kind of tag with which the website can recognise visitors returning to the site, their use also makes it possible to store the username and password valid on the given site.

If the user’s browser returns the previously stored cookie during a visit to the website, the sender’s service provider sending the cookie may link the current visit with previous; however, as cookies are attached to the domain, it is only able to do this regarding its own contents. The cookies are not suitable to identify the user; they are only suitable to recognise the visitor’s computer.

The legal background and legal basis of cookies

The background for data processing is set by Act CXII of 2011 on the right of informational self-determination and on the freedom of information (InfoAct) and Act CVIII of 2001 on certain aspects of electronic commerce and information society services. The legal basis of data processing is your consent in accordance with 5§ (1) a) under InfoAct.

Main characteristics of cookies on the website

ga, _gid, _gat: Google Analytics tracking cookie

Data processing related to order and invoicing

Legal background and legal basis of data controlling: The background for data processing is provided by Act CXII of 2011 on the right of informational self-determination and on the freedom of information (InfoAct) and Act C of 2000 on Accountancy. The legal basis of data processing is your consent in accordance 5 § (1) a) of the InfoAct and, in case of the withdrawal of your consent, the performance of the legal obligation of the Data Controller determined in the Accountancy Act in accordance with 6 § (5) of the InfoAct.

Purpose of data processing: Issuing invoices in accordance with legal regulations and performing the obligation of retaining accounting documents. Based on 169 § (1)-(2) under the Accounting Act, companies shall retain the accounting documents directly and indirectly supporting their accounts.

Set of data processed: name, address, e-mail address, phone number.

Duration of data processing: Based on 169 § (2) under the Act on Accountancy, the issued invoices shall be retained for 8 years after issuance. We hereby inform you that in case you withdraw your consent to issue the invoice, the Data Controller shall be entitled to store your personal data supplied during the issuance of the invoice for 8 years according to 6§ (5) (a) of the InfoAct.

Possible consequences of the failure to supply data: failure to buy tickets.

Data processing related to newsletters

Legal background and legal basis of data controlling: The background of data processing is provided by the Act CXII of 2011 on the right of informational self-determination and on the freedom of information (InfoAct) and Act XLVIII of 2008 on the basic conditions and certain restrictions of commercial advertising activities. The legal basis of data processing is your consent in accordance with 5. § (1) a of InfoAct and 6§ (1)-(2) of the Commercial Act.

The purpose of data processing: The purpose of data processing is to keep you informed about the latest and best offers and campaigns.

Set of data processed: name, address, e-mail address, zip code

Period of data processing: withdrawal of the consent of the party concerned

Data controlling related to bookkeeping

Name of data controller: Főnix Rendezvényszervező Közhasznú Nonprofit Kft.

Postal address of data controller: HU-4026 Debrecen, Hunyadi utca 1-3.

E-mail address of data controller: info@fonixinfo.hu

Based on the written agreement concluded by and between the Data Controller, the Data Processor contributes to the processing of accounting documents. During this process, the Data Processor manages the name and address of the data subject as necessary for accounting records and for the period set in 169 § (2) under the Accounting Act; the related data are immediately deleted afterwards.

Marketing database

The data of persons giving their consent to interactions for direct marketing purposes are controlled by Főnix Rendezvényszervező Közhasznú Nonprofit Kft.

Purpose data processing: building a database of business purposes, sending email newsletters containing commercial advertisements for the party concerned, preparing tailored offers using online analytical data and forwarding the data controller’s and its partner’s offers.

Persons over the age of 16 may give their content to interactions for direct marketing purposes.

Legal base of data processing: the voluntary consent of the party concerned and 6 § (5) under the Commercial Act.

Set of data processed: ID number, name, address, email address, telephone number, consent given to interactions for direct marketing purposes; and the system stores the analytical data related to login and logout, messages sent, delivered, and opened and the online activity of the party concerned (e.g., date and time of events, viewed pages, IP address of computer, reason for the failure of delivery, shopping habits, demographical data, transaction data).

Duration of data processing: withdrawal of the consent of the party concerned.

Possible consequences of the failure to supply data: the party concerned does not get informed about the offers of the data controllers and their partners.

The withdrawal of the consent given to the forwarding of direct marketing messages and the deletion or amendment of personal data may be requested using the contact information below:

via e-mail: info@fonixinfo.hu and,
by post: Főnix Rendezvényszervező Közhasznú Nonprofit Kft., HU-4026 Debrecen, Hunyadi utca 1-3.

The independent measuring and auditing of the website visit and other web analytic data of Főnix Rendezvényszervező Közhasznú Nonprofit Kft. are assisted by the server of Google Analytics as an external service provider.

Data safety measures

The Data Controller declares that it has introduced appropriate safety measures to protect personal data from unauthorised access, modification, transfer, publishing, deletion, or destruction as well as accidental loss or damages and becoming inaccessible due to changes in the applied technology.

Your rights related to data controlling

During the period of data controlling, you are entitled to

  • the right to be informed,
  • the right to rectification,
  • the right of the erasure of data,
  • the right of blocking data and the right to object.

You may request information from the Data Controller regarding the processing of your personal data during the period of data processing. The Data Controller shall inform you in writing, in a comprehensible way, as soon as possible after the submission of the request, but not later than within 30 days, of the data processed, the purpose, legal basis, duration of the data processing and, if so, who and for what purpose they receive or have received the data.

During the period of data processing, you may request the Data Controller to rectify your personal data. The Data Controller shall meet your request within a maximum of 15 days.

You may request the erasure of your personal data, which the Data Controller shall meet within a maximum of 15 days. The right of erasure does not extend to the event when the Data Processor is obliged by the law to further store the data or when the Data Controller is entitled to further control the personal data in accordance with 6 § (5) of the InfoAct (for example in connection to invoicing).

You may request the Data Processor to block personal data if the final erasure of the data would infringe the legitimate interests of the party concerned. The blocked personal data may only be processed as long as the purpose that excluded the erasure of the personal data exists.

You may object to the processing of your personal data if the processing or transfer of the personal data is needed to satisfy the legal obligation related to the Data Controller or to exercise the legitimate interests of the Data Processor or a third person, except for obligatory data controlling in the case determined in 6 § (5) of the InfoAct; if the use or transfer of the personal data is for the purposes of direct marketing, public opinion survey or scientific research (without your consent).

The Data Controller shall examine the objection as soon as possible but no later than 15 days after the submission of the request and makes a decision regarding its justification and informs you about its decision in writing. If the data controller fails to satisfy the request of rectification, blockage, or erasure, he/she shall inform the party concerned about the factual and legal reasons for rejecting the request of rectification, blockage, or erasure in writing or electronically, with the consent of the party concerned, within the next 30 days.

If you are sure that the Data Controller has infringed any legal provision related to data processing or failed to satisfy any of your requests, you can initiate investigation proceedings of the National Authority for Data Protection and Freedom of Information to eliminate the presumed illegal data controlling (postal address: HU-1530 Budapest, Pf.: 5., e-mail: ugyfelszolgalat@naih.hu).

In addition, we also inform you that, in case of infringing any of the legal provisions on data processing or if the Data Controller fails to satisfy any of your requests, you may also turn to the court against the Data Controller.

Right to be informed

If it is requested by the party concerned, Főnix Rendezvényszervező Közhasznú Nonprofit Kft. shall introduce appropriate measures to provide the party concerned with all the information mentioned in Sections 13 and 14 of the GDPR and all notifications according to Sections 15-22 and 34 in a brief, transparent, comprehensible, and easily accessible form clearly and in accessible language.

Right of access of the party concerned

The party concerned is entitled to receive feedback from the data controller whether the processing of his/her personal data is ongoing and if such data processing is ongoing, he/she is entitled to have access to the personal data and information.

Right to rectification

Főnix Rendezvényszervező Közhasznú Nonprofit Kft. shall rectify personal data if it is incorrect and if the correct personal data are available.

Right to erasure

In case of any of the following reasons, the party concerned is entitled to request Főnix Rendezvényszervező Közhasznú Nonprofit Kft. to erase the related personal data without undue delay:

  • the personal data are no longer needed for the purposes they were collected or otherwise controlled.
  • the party concerned withdraws his/her consent constituting the basis of the data processing and no other legal basis exists for data processing.
  • the party concerned objects to data processing and no priority legitimate reason to continue data processing.
  • personal data were processed illegally.
  • personal data shall be erased to satisfy the legal obligations set out in the legal regulations of the EU or the member state.
  • personal data are collected in connection with offering services related to the informational society.

Erasure of data may not be initiated if data processing is necessary: in order to exercise the freedom of expression and the right to information; to satisfy the legal obligation setting out the processing of data according to the law of the EU or the member state or to complete tasks performed for public interest or within the frameworks of exercising the permissions of legal authority granted to the data controller; for purposes concerning the field of public health or for archiving, scientific and historical research purposes or statistical purposes based on public interest; or in order to submit, exercise or protect legal claims.

Right to the restriction of data processing

If it is requested by the party concerned, Főnix Rendezvényszervező Közhasznú Nonprofit Kft. shall restrict data processing if any of the following conditions are met:

  • the party concerned has doubt about the accuracy of personal data, in which case the restriction applies to the period that makes it possible to check the accuracy of the personal data.
  • the data processing is illegal, and the party concerned objects to delete data, requesting the restriction of their use instead.
  • the party concerned no longer needs the personal data for the purposes of data processing, but the party concerned requests them to submit, exercise or protect his/her legal claim.
  • the party concerned objected to data processing.

If data processing is subject to restriction, personal data may only be processed with the consent of the party concerned or for the purposes of submitting, exercising, or protecting legal claims or to protect other natural or legal persons or if they may be controlled for the material public interests of the EU or a member state, except for storing them.

Főnix Rendezvényszervező Közhasznú Nonprofit Kft. shall previously inform the party concerned about the relaxation of the restriction of data processing.

Right to data portability

The party concerned is entitled to receive personal data related to his/her person and made available to the data controller in a structured, widely used, and machine-readable format and to forward these data to another data controller.

Right to objection

The party concerned is entitled to object to data controlling of his/her personal data necessary to complete tasks performed for public interest or within the frameworks of exercising the permissions of legal authority granted to the data controller or to exercise the legitimate interests of a third party due to any reason related to his/her own situation at any time.

Right to withdrawal

The party concerned is entitled to withdraw his/her consent at any time. The withdrawal of the consent does not concern the legitimacy of data controlling based on the consent and performed before the withdrawal.

Right to turn to court

If the rights of the party concerned are infringed, he/she may turn to the court (competent according to the registered office of the defendant or the data subject’s address) against the data controller. The court shall act with urgency in these cases. The legal proceedings initiated in connection with the protection of personal data are free of dues.

Proceedings of the data protection authority

Complaints may be submitted to the National Authority for Data Protection and Freedom of Information:
Name: National Authority for Data Protection and Freedom of Information
Headquarter: HU-1125 Budapest, Szilágyi Erzsébet fasor 22/C.

Amendment of the Privacy Policy

The Data Controller reserves the right to amend this Privacy Policy on data controlling.