Website Data Management Prospectus
Our activities of management of personal data have been reviewed in accordance with the mandatory and applicable rules of the new European Union General Data Protection Regulation (GDPR) and we are committed to managing data in compliance with the requirements laid down by the Regulation and the Hungarian national legislation in force.
Data and contact information of the Data Controller:
Operator of the website (hereinafter: Data Controller): | Institute of Advanced Studies |
Our contact information: | |
Postal address: | H-9731 Kőszeg, P.O.B. 4 |
Email address: | [email protected] |
Telephone number: | +3694200520 |
Name of our Data Protection officer: | Péter Fejes PhD |
Contact info: | [email protected] |
Principles of data management
We are committed to protecting the personal data of website visitors and all persons concerned and consider the observance of their right of informational self-determination of exceptional importance.
Personal data are kept confidential and we take all security, technical and organisational measures ensuring the security of the personal data.
Should you have questions that are not clear based on the present data management prospectus, please make sure to contact us using the contact details provided above. We seek to respond as quickly as possible but if it takes longer to provide the appropriate answer for your question, then we undertake to give the answer within a maximum of 15 days.
You can request information regarding the management of your personal data in writing (via e-mail or a letter sent to our postal address) or orally (via phone) at any time. Please note that if you have a request via phone regarding data management (e.g. request for deletion of your data) – then, we need to identify you to be entitled to the request before it is accommodated. If identification is not possible, we can only provide general information about data management. Therefore, we recommend you indicate your question or request in writing if possible.
Applied legislation
We commit to managing personal data pursuant to the provisions of legislation in force at the time with special regard to the following:
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);
- Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information..
Complaint handling and further options of remedy
We commit to making all efforts in order to manage personal data in accordance with the relevant legislation. Should you consider that we have failed to do so, or a question has arisen regarding this matter, please make sure to report it to us using the contact details provided above.
In the event of violation of rights related to the protection of your personal data – in case the Data Controller fails to terminate the infringing conduct despite your report – you may resort to the Hungarian National Authority for Data Protection and Freedom of Information for a legal remedy using the contact details provided as follows:
Official name: | Hungarian National Authority for Data Protection and Freedom of Information (NAIH) |
Postal address: | H-1125 Budapest, Szilágyi Erzsébet fasor 22/c |
Telephone number: | +3613911400 |
Email: | [email protected] |
Website: | www.naih.hu |
Data managed on the website
The public content of our website can be accessed without providing your personal data, no registration or log-in is required.
In connection with visiting and using the website, the following data are managed in a line with the objective and period identified in this prospectus, moreover, your rights related to data management are implemented as follows:
Management of cookies
What is a cookie?
Cookie is a text file stored by the device (computer, smartphone) you are using to access and use our website which mostly contains information on the connection between the web server and your device or the operation of the website (e.g. session identifier that is a unique string including letters, numbers and further characters; the time of your access and visit of the website etc.). Its content is read occasionally by the web server when you are browsing our website or when you visit it again later. Through the content of the cookie the website (server) can improve the user experience and implement the services provided on the website. For example, when you make a purchase in a web shop, the web shop distinguishes among and manages the ongoing purchases by using these kind of cookies (the actual items in cart). If the internet connection is lost while shopping, the website can identify the products you added to the cart and the products you searched for, thus when the internet connection is restored you can continue shopping where you stopped the process.
Objective of data management
Objectives of data management include identification of and distinction among visitors of our website, identification of their current sessions as well as storage of data they provide and prevention of data loss.
Range of managed data
Cookies used on our website are so-called functional cookies supporting the operation of the website including the date of visit of the website, session ID and further information on the session to be interpreted by the program code of the website (strings of numbers and characters).
Information stored in functional cookies is not transferred to any third party.
Period of data management
One of the functional cookies used on our website is designed to store the optimal display settings of your device used for visiting our website for one week, while the other cookie aims to store the language settings you choose on our website for one year. These long-term cookies are only accessible to our website if you visit our website again from the same device and these cookies have not been deleted in the meantime.
Enforcement of rights
Most website browsers enable cookies automatically. However, you can change this setting at any point and disable and delete cookies. You can access, learn more about and read the cookies stored on your device at any time.
You can manage, disable and delete cookies under the settings menu of the well-known internet browsers, most often under the security, data protection and privacy settings sub menu.
You can read more on cookie management under the support menu of the given program and on the following links by clicking on the name of the program: Internet Explorer, Chrome, Mozilla Firefox, Edge.
Google Analytics service
In order to analyse and assess website visits, traffic data and performance we use the Google Analytics service. Pieces of information gained from the website are automatically transferred to Google, however, they do (may) not contain personal data. The gathered and transferred pieces of information do not identify website visitors as they only constitute statistical data designed to distinguish among sessions. You can read more on Google Analytics data management by clicking here
Objectives of data management
Objectives of data management include distinguishing website visitors and their sessions in order to measure website performance and to prepare statistics on its use.
Range of managed data
In order to measure website performance and to set up website statistics, Google Analytics service uses cookies containing pieces of information (unique strings including letters, numbers and further characters) that can be interpreted by the service.
Period of data management
The cookies used by Google Analytics service might differ in validity. There are cookies, validity of which expires after closing the page in your internet browser program. Also, there are some cookies, the validity of which is even shorter (1 minute) or much longer (e.g. 24 hours or for instance 2 years). At the same time, the content of cookies with a longer validity is only accessible to our website –including the Google Analytics service – if you visit our website again from the same device and these cookies have not been deleted in the meantime.
Enforcement of rights
If you do not want Google Analytics to collect data on your website visit, you can disable it by installing and using the relevant program. More detailed info on the browser extension designed to disable data collection by Google Analytics can be read by clicking here and you can install it from here.
You can disable the use of Google Analytics cookies including all the other cookies. You can access, learn more about, read and delete the cookies stored on your device at any time.
You can manage, disable and delete cookies under the settings menu, most often security, data protection and privacy settings sub menu of the well-known internet browsers.
You can read further info on cookie management under the support menu of the given program and via the following links by clicking on the name of the program: Internet Explorer, Chrome, Mozilla Firefox, Edge.
Images and videos at the website
At our website we regularly present news, events and programs connected to the activities of our Institute and publish the related images and video recordings.
We pay particular attention to fact that the content of image and video recordings published on our website must not violate personal rights or interests and their legitimate use is confirmed by permission and authorisation in each case.
Objective of data management
The objective of data management is to provide information to website visitors.
Legal basis of data management
Data management is based on voluntary consent in accordance with the General Data Protection Regulation of the EU and the Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information.
Range of data managed
Photographic images of natural persons identifiable and recognizable on the recordings.
Period of data management
Until withdrawal of permission by the persons concerned and deletion of the given content from our website.
Enforcement of rights
You can request information on the management of your data using the above contact details or from the organiser of the particular event if it was not organised by our Institute.
You can request deletion of your data and upon your request, recordings on which you can be identified or recognized will be deleted from our website.
Who is entitled to have access to the data?
The information published on our website can be accessed and viewed by anyone visiting the site.
Data managed for contact purposes
You can contact Us via any of the contact details given on our website or via the contact form available from the Contact menu. Your personal data provided during contact will be only used to communicate with you and will not be transferred.
Objective of data management
Keeping contact with clients.
Legal basis of data management
Upon request for and provision of information, data management is based on voluntary consent in accordance with the General Data Protection Regulation of the EU and the Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information.
Range of managed data
We manage the following data provided by you voluntarily for contact purposes:
- name (it is mandatory to provide on the Contact form),
- email address (it is mandatory to provide on the Contact form),
- telephone number,
- address (postal address).
Period of data management
The personal data provided voluntarily for contact purposes are managed for different periods depending on the nature of contact:
Following necessary provision of information, data will not be retained any longer, except when there is a legally enforceable claim regarding the ad hoc contact. In this case, data will be retained for a period of five years so that the claim can be verified.
Enforcement of rights
You can request information regarding the management of your personal data using the contact details provided above at any time.
Also, you can request correction of your data if you have given them incorrectly or they have been recorded inaccurately or incompletely.
Moreover, you can request deletion of your data and if there is no legal obstacle your request will be complied with promptly (in the opposite case you will be informed about the ground of refusal of deletion).
Who is entitled to have access to the data?
Only our employees are entitled to access the information you provide.
Security of data management
In order to ensure the security of personal data managed we take all technical and organisational measures to protect them against accidental deletion (destruction), unlawful use or modification. Through a system of access authorisation, only our staff is permitted to access data managed in our IT systems.
In accordance with the abovementioned, we ensure that unauthorized persons cannot access, disclose, transfer, modify or delete the managed data.
Transfer of data
We will not transfer your personal data to those with no authorisation for access and they will only be forwarded to a third party with your prior consent. Exception may be made in cases where legislation stipulates the transfer of data, for example within the framework of an official investigation where we must transfer the relevant data upon the determining authority’s (e.g. police, prosecution, court) formal request. This does not necessitate your separate consent as it is our statutory task.
Review of and access to the Data Management Prospectus
We reserve the right to review and modify this prospectus if necessary, which might be justified based on relevant legislation or our data management activities as well as due to changes in the applied technology. Should the modification concern your personal data managed based on your voluntary consent, you will be informed without delay and the management of your personal data will be suspended until you agree to it again.
The up-to-date Data Management Prospectus is always available here published on the website.