Purpose of the Regulation
The purpose of this Regulation is to declare the data protection and data handling principles and the data protection and data handling policies of the Company (registered seat: 3525 Miskolc, Régiposta u. 9., company registration number: 05-09-027501, registering authority: Municipality Court of Miskolc as Company Registrar, tax number: 25076587-2-05).
The purpose of this Regulation is to ensure that the rights and civil liberties of every individual, especially the right to privacy, is respected during the machine processing of personal data (data protection) irrespective of their nationality or place of residence, in every field of service provided by the Company.
Name of data controller
Name: Codecool Kft.
Registered seat and mailing address: 3525 Miskolc, Régiposta u. 9.
Phone: +36 (20) 519 9119
E-mail address: [email protected]
Data protection registry number: NAIH-83340.
Scope of the controlled data
During registration, Users must provide the following personal data: name, e-mail address. Access to Facebook profile can also be provided.
Legal basis, purpose and method of data controlling
Data controller handles personal data only with the purpose of enabling data subjects to request the delivery of the information package related to the adult training services introduced on the www.codecool.com/www.codecool.hu website.
Data controller, or the person to whom these data are forwarded, can identify the data subjects as per the following:
− e-mail address submitted during the registration for keeping contact,
− name (first and surname of data subject) and password to identify the data subject at application.
Data controller – to the extent and for the term necessary to achieve the purpose – handles only such personal data that is necessary to realize the data handling purpose, and which is suitable to realize that purpose. Data controller handles the personal data only as long as the purpose of the data handling exists, and the personal data is destroyed at the same time as the purpose ceases to exist.
Providing the data for user registration is voluntary, data subjects are not required to consent to data handling, however, they acknowledge that by not providing certain data the relevant services cannot be used.
Handling technical data
During registration and when the page is visited, the IP address of data subject’s device, the starting and finishing time of the visit, and in some cases – based on data subject’s computer settings – the type of the browser and the operating system are recorded. These data are recorded in a log file and are only used for statistical purposes, and data controller shall only reveal it to third parties when explicitly required by legislative provisions.
Access to the handled data
Data controller shall only disclose the handled data to third parties with the express consent of the data subject or when required by law. Data controller maintains the right to engage the services of a data processor to carry out certain technical tasks.
Use of data by data controller
Data controller shall use the data provided by the data subject primarily for the services it provides, or in the cases stipulated in this Regulation.
Data controller – subject to data subject’s express consent – is entitled to send newsletters in connection with its service to the e-mail address that User provided at the registration. Data subject gives their permission to data controller to place ads at the bottom of newsletters or other e-mail notifications. In every newsletter, data controller offers an opportunity to unsubscribe from the newsletters.
Rights of data subjects, the protection of privacy
By sending a declaration to the e-mail address ([email protected]) of the data protection officer appointed by data controller, and by providing the correct data, data subjects can request data to be corrected that they cannot correct themselves. At the above address, data subjects may request information regarding the handling of their data at any time, and may request the deletion of their handled data at any time without the obligation to provide an explanation (by withdrawing their registration and revoking their consent).
Data controller shall immediately correct or delete the data and shall notify data subject of it, along with every party whom the data has been forwarded to with the purpose of data handling. Upon the request of data subject, data controller shall provide information on the data it handles, the purpose, legal basis, duration of the data handling, and the name, contact information, and data handling-related activities of any data processor, and, in addition, who have received or will receive the data and with what purpose. The information is provided at no charge if data subject has not yet submitted a similar request in the ongoing year for information regarding the same subject, in other case fees may apply.
Data controller accepts no liability for damages arising from failure by data subjects to sufficiently protect their data, for example if their login password can be deciphered easily, or they reveal it to third parties.
Data controller shall take every step necessary that it is reasonably expected to do to ensure the security of the data, and ensure that they are suitably protected especially against unauthorized access, modification, forwarding, disclosure, deletion or destruction, or accidental destruction or damage.
Duration of data handling
Data handling is for an unlimited term. If data subject requests the deletion of their registration, service provider shall delete it within three working days.
Data subjects can file their complaints directly to the data controller who will do everything in its power to discontinue and remedy any possible infringement. Data subjects can exercise their rights in court in accordance with Act CXII of 2011 on Right of Informational Self-Determination and the Freedom of Information, and the Civil Code of the Hungarian Republic, or file a complaint to the National Authority for Data Protection and Freedom of Information. More information is available on the website of the National Authority for Data Protection and Freedom of Information (www.naih.hu).
Miskolc, May 24, 2018.