The Élményakadémia Public Benefit Association (hereinafter referred to as the Data Controller) is committed to protecting the personal data of its members, volunteers, employees, agents, clients, and partners. We treat personal data confidentiality and take all necessary security, technical, and organizational measures to ensure the safety of the data, periodically reviewing these measures.
CONTACT DETAILS OF THE DATA CONTROLLER
Organization name: Élményakadémia Public Benefit Association
Headquarters, office, and mailing address: 1067 Budapest, Teréz krt. 27. fsz. 5.
Representative: András Csapi, Executive Director
Phone number: +36 30 4624119
Email address: hello@elmenyakademia.hu
Tax number: 18188837-1-42
Registration number: 01-02-0011799
Website: www.elmenyakademia.hu
LEGAL COMPLIANCE
Our data processing principles are in line with the applicable data protection laws:
● Act LXIII of 1992 on the Protection of Personal Data and the Disclosure of Data of Public Interest
● Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Information Society Services
● Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities
● Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information
Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR)
OUR DATA PROCESSING PRINCIPLES
LAWFULNESS, FAIRNESS, AND TRANSPARENCY
We collect and process data lawfully and fairly, and at all stages of data processing, we act in accordance with the purpose of data processing.
PURPOSE LIMITATION
We only process personal data for specific purposes and for the exercise of rights or the fulfillment of obligations.
DATA MINIMIZATION
We only process personal data that is necessary and sufficient to achieve the purpose of data processing and for the required duration.
ACCURACY
We strive to ensure the accuracy, completeness, and—if necessary for the purpose of data processing—up-to-dateness of the data.
STORAGE LIMITATION
We process personal data only to the extent and for the duration necessary for the purpose, and ensure that the data subject cannot be identified afterward.
INTEGRITY AND CONFIDENTIALITY
We implement technical, organizational, and structural measures to protect the security of data processing, providing a level of protection appropriate to the risks associated with data processing.
WHAT PERSONAL DATA DO WE PROCESS?
Personal data includes any information related to the data subject—especially the name, identification mark, and one or more pieces of information characteristic of their physical, physiological, mental, economic, cultural, or social identity—and any conclusions that can be drawn about the data subject from the data.
We only process personal data if the data subject has given their voluntary consent for us to use the data for the specified purpose (consent-based legal basis). In certain cases, however, the processing, storage, and transmission of a subset of the provided data are mandatory under legal regulations (legal obligation-based).
The Élményakadémia Public Benefit Association only processes personal data that is essential for the effective and efficient performance of its activities.
The range of processed data includes:
IN OUR OWN DATABASES
| Purpose of Data Processing | Type of Personal Data | Legal Basis |
| Data necessary for contact and information | name, phone number, email address | voluntary consent |
| Data necessary for maintaining and establishing cooperation | resume, cover letter (with name, email address, phone number) | voluntary consent, contractual basis |
| Data necessary for maintaining and establishing business relations | name, phone number, email address, workplace, position | voluntary consent |
| Data necessary for HR administrative tasks | contracts of members, employees, agents, salary data, etc. | contractual basis |
| Data necessary for accounting tasks and compliance with tax authority requirements | invoices, declarations, income statements, etc. | contractual basis |
| Data necessary for registering for training, events, programs (hereinafter: programs) and ensuring the safe conduct of programs | name, phone number, email address, name of the program, social security number, physical and health-related data | voluntary consent |
| Photos and video recordings of participants at our programs | content of photos and video recordings, recorded likenesses of data subjects, and in the case of video, their voice | voluntary consent |
SUBSCRIPTION TO NEWSLETTERS
We send newsletters to inform subscribers about our current projects and events, as well as volunteer, training, and support opportunities.
| Purpose of Data Processing | Type of Personal Data | Legal Basis |
| Sending newsletters | name, email address, organization | voluntary consent |
You can withdraw your consent or change your preferences using the link at the bottom of the newsletter or by sending an email to the association.
We send our newsletters partly through the Gmail service and partly using the MailChimp newsletter system. These services are committed to protecting personal data and prioritize data privacy. They do not share data, lists, or email addresses with third parties. You can read Gmail’s detailed privacy policy here. You can access MailChimp’s privacy policy here.
OTHER DATA PROCESSING
For data processing not listed in this information sheet, we provide detailed information at the time of data collection.
DATA SECURITY
We handle personal data with the utmost care, strictly confidentially, only to the extent necessary for using the services, and in accordance with the possible instructions of the person providing the consent.
We ensure the protection of personal data security and minimize the risks associated with data processing through IT, organizational, and structural measures. We regularly review and, if necessary, modify these measures and rules. This ensures that the processed data:
● is protected against unauthorized access (data confidentiality),
● is accessible to authorized persons (availability),
● its authenticity and authentication are ensured (authenticity of data processing),
● its unaltered state can be verified (data integrity).
DATA PROCESSORS
The Élményakadémia Public Benefit Association does not use data processing companies.
RIGHTS OF THE DATA SUBJECTS
Data subjects can exercise their rights by sending a letter to the Élményakadémia Public Benefit Association’s postal address (1067 Budapest, Teréz krt. 27. fsz. 5.) or by sending a message to the association’s email address
hello@elmenyakademia.hu.
INFORMATION
Everyone is entitled to request information about the data we process about them, particularly regarding the source of the data, the purpose of processing, the legal basis, the duration of the processing, the name and position of the data processor and their activities related to data processing, the circumstances, effects, and measures taken to mitigate any data protection incidents, and in the case of data transfer, the legal basis and recipient. Information can be requested through the contact details provided above. We provide the information as soon as possible, but no later than 30 days. We only refuse to provide information in cases mandated by law.
ACCESS
The data subject has the right to view their personal data at any time, provided they notify the Data Controller in advance through one of the provided contact details.
RECTIFICATION
If the personal data is incorrect, the data subject may request its correction through the Data Controller’s contact details. If accurate personal data is available, we will rectify the personal data without undue delay.
OBJECTION
The data subject may object to the processing of their personal data and request the cessation of data processing or the deletion of the processed data by submitting a written request to the Élményakadémia Public Benefit Association or by sending an email to hello@elmenyakademia.hu.
DELETION
Personal data must be deleted if:
● its processing is unlawful,
● the data subject requests its deletion, except in cases of mandatory data processing,
● it is incomplete or incorrect and this condition cannot be lawfully remedied, provided that the deletion is not excluded by law,
● the purpose of data processing has ceased, or the data storage period has expired, except if the data carrier must be archived,
● the deletion is ordered by a court or the Authority.
The data subject can initiate deletion by submitting a written request to the Élményakadémia Public Benefit Association or by sending an email to hello@elmenyakademia.hu. The data will be permanently deleted without undue delay.
REMEDIES
Complaints and remedies can be sought from the National Authority for Data Protection and Freedom of Information.
- Headquarters: 1055 Budapest, Falk Miksa utca 9-11.
- Mailing address: : 1363 Budapest, Pf.: 9.
- Phone number:
+36 (30) 683-5969
+36 (30) 549-6838
+36 (1) 391 1400 - E-mail: ugyfelszolgalat@naih.hu