Please read the information carefully, so You know how we manage your personal data and what are your rights regarding data processing.
According to the provisions of art. 13 of EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data (hereinafter GDPR), as well as the provisions of art. 20, par. (4) of Law 112/2011 on the right to informational self-determination and freedom of information (hereinafter Infotv.), Pearl Home Szolgaltato Kft. as data controller (hereinafter Data controller) issues the following information regarding data processing within the Varázskő Apartment House Gyula.
I. Data processing connected to the use of the website
- Name of the Data controller
Pearl Home Szolgaltato Kft.
Postal Address: 5600 Békéscsaba, Petőfi utca 4., 3. emelet 9.
Phone: +36 30 714 4408
2. Legislation regarding data processing
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Law 108 of 2001 on certain aspects of electronic commerce services and information society services.
Law 100 of 2003 on electronic communication.
Law 47 of 2008 on prohibition of dishonest economic activity towards consumers.
Law 48 of 2008 on the basic conditions and limits of commercial advertising.
Law 112 of 2011 on the right to informational self-determination and freedom of information.
3. The scope and legal basis of the processed data
3.1. The purpose of data processing
The purpose of data processing is to be able to answer to the inquiries received through the form for requesting quotation on the website, as well as being able to answer queries received through the form located on the contact page of our website, as well as to be able to identify those sending the messages.
3.2. Legal basis for data processing
Art. 6, par. (1), p. a) of the GDPR: the data subject has given consent to the processing of his or her personal data for one or more specific purposes. Processed data: name and e-mail address.
3.3. Subjects of data processing
Those persons who request an offer via the webpage or send a message via the contact form.
3.4. Duration of data processing
Until the offer is finalised, but not more than 90 days.
There are two basic types of cookies, one of which are those that don’t require the user permission. When you first visit our homepage information is presented regarding these types of cookies, some of these are the user input” cookies, authentication cookies, user safety cookies, multimedia session cookies, load balancing session cookies, or cookies that aid the personalisation of user interface.
The other type of cookies are those that require consent from the user, about which, if the data processing starts with accessing the homepage, we offer the users information and ask for their permission. Such cookies are social media data sharing and tracking cookies, cookies connected to external adverts, our own session analysis cookies.
Accepting cookies is not mandatory, but we would like to inform you that the lack of permission for cookies may have an effect on the operation of the webpage, thus we are not responsible for cases when in the lack of cookie permission the webpage does not function as expected.
4.1. Cookies Used
|Session cookies||Cookies essential for service.||Not required||These cookies are needed to enable the user to use the website.||Ensuring the operation of the webpage.||Ending the browsing session.|
|Tracking cookie for session analysis (from third parties)||Google Analytics (_gay and _ga).||Required||Collect information regarding the use of the website, respectively the activity of the user.||During the visit of the website it connects to third party services (e.g. Google).||2 years|
|External behavioural advertising cookies (from third parties)||Google Remarketing, Facebook Pixel, Google conversion tracking||Required||Behavioural advertising||Behavioural advertising that increases the effectiveness of ads.||180 days|
Detailed information about third party cookies are found on the following link:
Google Analytics – https://policies.google.com/technologies/types?hl=hu
Google remarketing - https://policies.google.com/technologies/types?hl=hu
Facebook Pixel – https://www.facebook.com/policies /cookies
Google Conversion Tracking – https://policies.google.com/technologies/types?hl=hu
5. Technical and Organisational Measures Connected to Data Processing
The data controller ensures and supports the exercise of rights regarding data processing by the person in question, especially in connection with information and objection.
The Data controller undertakes that in order to protect the rights and freedoms of the affected persons, it shall issue employee information related to data protection in the most careful way.
The Data controller is going to organise instructions for the employees, in order for them to be informed regarding their obligations connected to data management and to be prepared related to right of the affected persons.
6. In regards of the processing of personal data the rights of the clients are the rights of the persons affected
In case the Data controller processes your information, according to the GDPR you have the following rights:
- access – you have access to your processed personal data, you are informed regarding the purpose of the processing, the scope of the processed data, the duration of their storage, respectively access to information regarding third parties with whom the data has been shared or is going to be shared (art. 13-15 of the GDPR),
- rectification – you have the right to request your incorrect data to be rectified, or incomplete data to be completed (art. 16 of GDPR),
- erasure – in some defined cases you have the right to request for your processed data to be erased, forgotten (art. 17 of GDPR),
- restrict processing – if certain conditions are met you have the right to restrict the processing of your personal data (art. 18 of GDPR),
- data portability - you shall receive the processed data in a machine-readable format, respectively you can transfer these to another data controller without any restrictions from the original data controller (art. 20 of GDPR),
- objection against data processing – you can object to the processing of your personal data, respectively to automated decision making and profiling (art. 21 of GDPR),
- legal remedy – you can seek legal remedy at a competent court regarding the processing of your personal data and the protection of your rights.
According to the provisions of art. 13-15 of the GDPR, the Data controller has the obligation to inform you whether the processing of your personal data is in progress. If it is then you are also entitled to receive information regarding the following:
- the purpose, legal basis of the data processing, respectively what legal consequences does the lack of data processing ensue,
- categories of personal data,
- recipients or recipient categories with whom the data has been or is going to be shared,
- duration (planned duration) of personal data storage,
- data subject’s enforceable rights,
- possibility to file a complaint at a competent supervisory authority,
- if the provider of the personal data was not You, then every information regarding the source where they came from,
- information regarding automated decision making and profiling,
- adequate guaranties in case of sharing with third party countries.
As the affected person you have the right to request the Data controller to rectify your incorrect data, or taking into consideration the purpose of the data processing to complete your incomplete personal data.
If certain conditions are met, you have the right to request for your personal data to be erased by the Data controller.
The conditions that justify erasure are as follows:
- the data are not needed anymore for the purpose they were collected
- you have withdrawn your consent for data processing and thus the processing has no legal basis,
- you object to data processing and there is no other legal basis for data processing,
- the personal data have been processed illegally,
- the data controller’s obligations oblige them to erase your data.
6.4. Restriction of Data Processing
If certain conditions are met, you as affected person have the right to restrict the processing of data by the Data controller.
The conditions that imply restriction of processing are the following:
- you dispute the accuracy of the data, in this case the restrictions apply for the period during which the Data controller verifies the accuracy of personal data,
- the data processing is illegal but you oppose their erasure, instead you request the restriction of data processing,
- the Data controller no longer needs the data for the purpose of data processing, but you need them for submitting, validating or protection of legal claims,
- you objected the processing of data, in this case the limitation is valid for the period during which it is established whether the claims of the Data controller enjoy an advantage over the claims of the affected person.
If the personal data are restricted, then besides storage any other operation involving these data requires your consent. In addition these data can be processed in order to submit, validate or protect legal claims, or to protect the rights of other natural persons, or in public interest within the EU or other member state.
6.5. Data Portability
As the affected person you have the right to request and receive the personal data processed by the Data controller in a widely used machine readable format, respectively you can transfer these data to another data controller without being restricted by the original data controller – as long as the processing of personal data or personal data category is based on your consent.
Please note that the right of data portability can be exercised with some limitations, taking into consideration the fact that in most cases the processing of personal data is done according to exercising local authority regulations.
6.6. Objection Against Data Processing
If certain conditions are met you have the right to object against the processing of data by the Data controller.
Objection is possible if the processing of data is based on your consent and the processing of you personal data or its transfer is exclusively needed for fulfilment of legal obligations by the Data controller, for validation of legal claims by the Data controller, by the recipient of the data or third party.
In case of objection the Data controller cannot continue to process the data, except if he can prove that the processing of data was justified by compelling legitimate reasons that have priority over the rights, interests and freedoms of the affected person, or are connected to submitting, validation or protection of legal claims.
6.7. Legal Remedy
Notification of the supervisory authority.
In Hungary the supervisory authority is the National Authority for Data Protection and Information Security (hereinafter: NAIH). The NAIH can be notified in connection with personal data processing by any citizen.
Nemzeti Adatvedelmi es Informaciobiztonsagi Hatosag
Postal address: 1530 Budapest, Pf. 5.
Headquarters: 1125 Budapest, Szilagyi Erzsebet fasor 22/c.
In connection with your personal data processing if you feel that your rights have been violated or there is an immediate danger for the rights to be infringed, you can notify the court, which will act out of turn. You can start a legal action at a competent court from your place of residence or place of habitation.
7. Submission of Notice, Application, Complaint
If you should need any information regarding the processing of your personal data, if you have questions or you would like to submit a complaint, application, please use the below addresses:
By mail: 5600 Bekescsaba, Petofi utca 4. 3. Emelet 9.
By e-mail: firstname.lastname@example.org
We are going to respond without delays or within 30 days from receiving your request, to the address provided by you.
8. Information on Data Protection Incidents
A data protection incident means “means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed” (art. 4 (12) of GDPR).
In case of data protection incident, if it can possibly have a high-risk impact on your rights, the Data controller is going to notify you without delay regarding the incident that affected your personal data.
During this notification the Data controller informs you on the name of the data protection officer or of other persons that can provide you with further details, the possible consequences of the data breach, as well as the measures taken or planned to be taken by the Data controller to minimise and remedy the incident, including measures taken to minimise the adverse consequences resulted from the incident.