INFORMATION ON DATA HANDLING

Contents

1.Introduction

2. Definitions

3. Principles during the data handling by the Újmajori Szabadidőpark Kft. (Hotel Pagony)

4. The circle of personal data, the purpose, legal title and term of data handling

4.1. Data of the visitors of the websites

4.2. Data related to the nights spent by the guests

4.2.1. Offer for nights spent by the guests and its confirmation

4.2.2. Record of the nights spent by the guests

4.3. Security cameras of the hotel

4.4. Newsletter

4.5. Prize competitions

4.6. Data of the visitors of the website

4.7. “Cookie” handling on the website

4.8. Found objects

4.9. Correspondence of the Újmajori Szabadidőpark Kft. (Hotel Pagony) with the clients

4.10. ROOMSOME

4.11. OPTIMONK

4.12. RCI guest

4.13. Mailchimp correspondence system

5. Manner of storage of the personal data, security of data handling

6. Data and contact details of the data controller

7. The rights of the data subjects, possibilities of assertion of their rights

7.1 Right to receive information

7.2 The right of the data subjects to access

7.3 The right to correction

7.4 The right to deletion

7.5 The right to limitation of data handling

7.6 The right to carriage

7.7 The right to objection

7.8 Automated decision-making in particular cases, profiling

7.9 The right to withdrawal

7.10 The right to apply to the court

7.11 Official procedure related to data protection

8. Other provisions

1. Introduction

The Újmajori Szabadidőpark Kft. (Hotel Pagony) (service provider data controller), as data controller, acknowledges the content of this legal communication as binding on them. They assume obligation that data handling in relation to their activity shall meet the requirements set forth in this document and in the authoritative provisions of law.
The Újmajori Szabadidőpark Kft. (Hotel Pagony) reserves the right to modify this information, which shall be updated continuously according to the current provisions of law.

Újmajori Szabadidőpark Kft.
Újmajori Szabadidőpark Turisztikai Szolgáltató Korlátolt Felelőségű Társaság (Újmajori Leisure Park Tourist Service Provider Limited Liability Company)
Abbreviated name: Újmajori Szabadidőpark Kft.     
Seat: H-1055 Budapest, Stollár Béla Street 4. Ground-floor no. 5
Company registry number: 01-09-983750
VAT number: 23910481-2-41

Újmajori Szabadidőpark Kft.  (Hotel Pagony) is committed to the protection of the personal data of its clients and partners and it deems the respect of the right to informational self-determination of its clients especially important. It handles the personal data confidentially and it takes every security, technical and organizational measure guaranteeing the safety of the data.

Újmajori Szabadidőpark Kft.  (Hotel Pagony) presents its principles related to data handling below, it presents the requirements drafted towards it as data controller and met by it. Its principles related to data handling correspond to the effective provisions of law related to data protection, thus, in particular to the following:

- Act CXII of 2011 – on informational self-determination and freedom of information (Infotv.); - Decree of the European Parliament and Council (EU) no. 2016/679 (27th April 2016); - Civil Code – Act V of 2013 (Ptk.); - Act CL of 2017 – on the rules of taxation (Art.); - Act C of 1990 – on the local taxes; - Act II of 2007 – on the admission and right of residence of third-country nationals; - Act CXXXIII of 2005 on the rules of person and property protection and the private detective’s activity (SzVMt.); - Act XLVIII of 2008 – on the elementary conditions and certain restrictions of economic advertising (Grt.). The statutory background of the NTAK: Act CLVI of 2016.

If you would approach to our Company, in relation to data protection you can contact our colleague at the following contact details: Újmajori Szabadidőpark Kft.  (Hotel Pagony): e-mail: konyveles@hotelpagony.hu, by post, in letter: Újmajori Szabadidőpark Kft.  (Hotel Pagony) H-4403 Nyíregyháza, Pf: 39.

2. Definitions

2.1. data subject: a natural person identified or directly or indirectly identifiable by any specific personal data;

2.2. personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, a number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2.3. consent: any voluntary and definite indication of the data subject's wishes, based on appropriate information by which he or she distinctly gives consent to the handling of personal data relating to him or her as a whole or in relation to certain tasks;

2.4. objection: means the statement of the data subject by which he or she objects to the handling of his or her personal data and he/she requests the termination of data handling and the deletion of the handled data;

2.5. data controller: means the natural or legal person, or organization without legal personality which, alone or jointly with others, determines the purposes of data handling and makes and implements the decisions on data handling (including the applied means) or have these decisions implemented by the data processor appointed by him/her;

2.6. data handling: any operation or set of operations on the personal data, irrespective of the applied procedure, such as collection, recording, organisation, storage, alteration, use, inquiry, transmission, disclosure, harmonization or connection, blocking, erasure and destruction as well as prevention of the further use of the data, making photo, sound or image recordings and recording the physical characteristics suitable for the person’s identification (such as fingerprint or palm print, DNA sample, iris image);

2.7. data transmission: making the data available to a certain third person;

2.8. disclosure: making the data available to anyone;

2.9. data erasure: making the data unrecognizable so that they could never be restored;

2.10. data indication: affixing an identifier to the data for the purpose of distinction;

2.11. blocking of data: affixing an identifier to the data for the final restriction of its further handling or for its restriction for a definite period;

2.12. data destruction: total physical destruction of the data carrier containing the data;

2.13. data processing: the completion of technical tasks related to the data handling operations, irrespective of the method and means applied for the completion of the operations and of the place of their application, provided that that the technical tasks are completed on the data;

2.14. data processor: the natural or legal person, or organization without legal personality which processes the data pursuant to the contract concluded with the data controller, including the conclusion of a contract pursuant to a provision of law;

2.15. third person: the natural or legal person, or organization without legal personality which is not identical with the data subject, data controller or data processor;

2.16. third country: every state which is not a EEA-state.

3. Principles during the data handling by the Újmajori Szabadidőpark Kft.  (Hotel Pagony)

Personal data can be handled if:

a) the data subject gives his/her consent to it or

b) it is ordered by law or a decree of the local government, pursuant to the authorization by law, within the scope determined in it, for a purpose based on public interests (compulsory data handling).

Personal data can also be handled if the obtainment of the data subject’s consent is impossible or it would cause unreasonable costs and the handling of the personal data is necessary for the completion of legal obligation of the data controller or for the enforcement of the lawful interests of the data controller or of a third person and the enforcement of this interest is proportionate to the limitation of the right related to the protection of the personal data.

For the statement of a person disable from acting and of a person able to act, under the age of 16 the consent of their legal representative is necessary excluding those parts of the service where the statement refers to data handling happening in great number in everyday life and it does not require special consideration.

If the data subject is not able to give his/her consent due to legal incapacity or due to other unavoidable reason, then the personal data of the data subject can be handled to the extent necessary for the protection of his/her own or other persons’ vital interests and for the avoidance or prevention of direct danger threatening the life, physical soundness or assets of the persons while the obstacles of the consent exist.

If the personal data is recorded with the consent of the data subject, for the lack of provisions of law to the contrary, the data controller is allowed to handle the recorded data:

a) for the completion of any legal obligation concerning him/her or

b) for the enforcement of the lawful interests of the data controller or of a third person if the enforcement of these interests is proportionate to the limitation of the right to the protection of the personal data without specific consent and the data can be handled after the withdrawal of the data subject’s consent as well.

Personal data can only be handled for a specific purpose, for exercising any right and for the purpose of the completion of an obligation. Data handling has to correspond to this purpose at every stage and the data have to be recorded and handled fairly.

Only such personal data can be handled which are indispensable for the realization of the purpose of data handling, which is suitable for the attainment of the purpose and only to the extent and during the term necessary for the attainment of the purpose. Personal data can only be handled with consent based on proper information.

Before starting data handling, the data subject has to be informed whether data handling is based on consent or it is compulsory. The data subject has to be informed about every fact in relation to the handling of his/her data clearly, plainly and in details, in particular about the purpose and legal ground of data handling, the person entitled to handle and process data, the duration of data handling, whether the data controller handles the personal data of the data subject with his/her consent and for the completion of a legal obligation binding on the data controller or for the enforcement of the lawful interests of a third person and about the persons who may know the data. The information has to cover the rights of the data subject in connection with data handling and the possible legal remedies as well.

During the data handling the correctness and completeness of the data has to be ensured, the data have to be up-to-date and it also has to be ensured that the data subject could be identified only for the term necessary for the purpose of data handling.

Personal data can be forwarded to a data controller or a data processor handling or processing the data in a third country if the data subject gives his/her express consent or if the above written conditions of data handling are met and during the data handling or data processing the proper protection of the forwarded data is ensured in the third country. Data transmission to EEA states has to be considered as if the data would be forwarded within Hungary.

4. The circle of personal data, the purpose, legal title and term of data

Data handling within the activity of the Újmajori Szabadidőpark Kft.  (Hotel Pagony) is partially based on voluntarily given consent. In certain cases, however, handling, storage and transmission of a circle of the delivered data are made compulsory by the requirements of contracts, provisions of law or of the safe operation, about which we inform our partners.

We draw the attention of the persons forwarding data to the Újmajori Szabadidőpark Kft.  (Hotel Pagony) that if they do not deliver their own personal data, the informant is obliged to obtain the data subject’s consent.

4.1. Data of the visitors of the websites

www.hotelpagony.hu.

The purpose of data handling: when you visit the website, for checking the service’s operation, for the customized service and for the prevention of misuse the service provider records the visitors’ data.

The legal ground of data handling: the consent of the data subject and article (3) of §13/A of Act CVIII of 2001 on certain issues of the electronic commercial services and of the services related to the information society.

Circle of the data handled: date, time, IP address, the address of the visited site, the address of the previously visited site, data related to the user’s operation system and browser.

The term of data handling: 30 days from visiting the website.

The Újmajori Szabadidőpark Kft.  (Hotel Pagony) does not connect the data occurred during the analysis of log files with other information, it does not attempt to identify the user.

(The IP address is such a number sequence by which the computers of the users entering the internet can be identified clearly. With the IP addresses the visitor using the given computer can be localized even geographically. Merely the addresses of the visited pages and the date and time are not suitable for the identification of the data subject but connected with other data (given for registration) they are suitable for conclusions to be drawn about the user.

Data handling by external service providers:

The html code of the portal contains also references independent from the Újmajori Szabadidőpark Kft.  (Hotel Pagony), received from external servers and pointing to external servers. The servers of the external service providers are in direct connection with the user’s computer.

We inform our visitors that the service providers of these references are able to collect the users’ data due to the direct connection from their server and the direct communication with the user’s browser. The contents incidentally customized to the user are served by the server of the external service provider. The connection between the Újmajori Szabadidőpark Kft.  (Hotel Pagony) and the server of the external service provider covers exclusively the importation of the code of the latter one, thus personal data are not forwarded, transmitted.

The independent measurement and audit of the data related to the frequency of visits of the www.hotelpagony.hu website and of other web-analytical data is supported by the server of the www.google.com as an external service provider. About the handling of the measurement data the data controller can render detailed information at the http://www.google.com/analytics/ address. In order to facilitate the user’s experience and usability, the code of the service provider available at the www.chat4support.hu address has been included in the website. In order to facilitate the use of the community service, the code of the service provider available at the www.facebook.com address has been included in the website. 

4.2. Data related to the nights spent by the guests

4.2.1. Offer for nights spent by the guests and its confirmation

The purpose of data handling: recording the bookings of the guests for rendering accommodation service, their distinction from each other and contact necessary for booking.

The legal ground of data handling: voluntary consent of the data subject, paragraph (2) of §169 of Act C of 2000 on accountancy and paragraph (5) of §6 of Act XLVIII of 2008 on the elementary conditions and certain restrictions of economic advertising.

Circle of the data handled: name, telephone number, e-mail address, date of booking, data of the bankers’ card.

The term of data handling:

  • as regards the invoicing data, for the period of prescription of the right to the determination of tax,
  • data of the bankers’ card: by the last day of the booking period,
  • as regards inquiries for the purpose of direct marketing, for the period determined in article 4.7. of this information.

Data transmission: in the case of payment by bankers’ card the payer’s identifier, the amount, date and time of the transaction towards the OTP Bank.

The legal ground of data transmission is the consent of the data subject.

4.2.2. Record of the nights spent by the guests

The purpose of data handling: rendering accommodation service, recording and distinction of the guests, rendering services to the hotel guests, contact, analysis of customs, more targeted service, guaranteeing and fulfilment of bookings, payment, completion of accounting obligation and inquiries for direct marketing purposes. In the case of guests arriving from countries that are not EU members and from EEA member states the recorded data are supplemented with the following ones: name at birth, passport number, gender, place and date of birth, nationality, mother’s maiden name, place and date of entering the country and the visa’s number. In accordance with a legislative measure (Act II of 2007 on the admission and right of residence of third-country nationals) these data are sent to the aliens policing authority.

The legal ground of data handling: voluntary consent of the data subject, paragraph (2) of §169 of Act C of 2000 on accountancy and paragraph (5) of §6 of Act XLVIII of 2008 on the elementary conditions and certain restrictions of economic advertising.

Circle of the data handled: name, address, e-mail address, telephone number, date, time, the registration number of the hotel guest’s car, nationality, number of identity card or passport, date of birth, data related to the use of the services (such as date of arrival and departure, customs related to consumption and sporting), payment data (date, time, description of the items on the invoice, amount), serial number of the voucher/coupon/cheque/bon, data indicated on the traveller’s cheque (serial number, name, validity, signature), the opening-closure data handled by the card access control system and the date and time related to them as well as the consent given for the inquiries for direct marketing purposes.

The term of data handling:

  • as regards the inquiries for direct marketing purposes, for the term determined in chapter 4.7 of this information;
  • in the case of employing accommodation service, from the last night spent by the guest until the period of prescription of the right to the determination of the tax;
  • as regards the invoicing data, until the period of prescription of the right to the determination of the tax.

Data transmission:

  • for the determination and collection of tourist tax, the serial number, name, address and date of birth of the data subject as well as the number of nights spent by the guest to the tax authorities of the local government,
  • if payment by bankers’ card is chosen, the payer’s identifier, the amount, date and time of the transaction to the SIX PAY.
  • in the case of data supply to the NTAK, the name, address, place and date of birth, nationality and gender of the guest are forwarded.

The legal ground of data transmission: as regards the tourist tax, Act C of 1990 on the local taxes and Act CL of 2017 on the rules of taxation, in the case of data transmission to the NTAK Act CLVI of 2016 and in further cases the consent of the data subject.

AIn the case of the users’ consent to the direct marketing inquiries the data of the data subject necessary for its fulfilment (name, e-mail address, date, time) are recorded in the DM data base of the newsletter as per article 4.4. of this information.

The prohibition of forwarding direct marketing messages and the erasure or modification of the personal data can be requested at the following contact details:

  • by post at the following address: Újmajori Szabadidőpark Kft. (Hotel Pagony) H-4403 Nyíregyháza, Pf: 39,
  • via e-mail: on the marketing@hotelpagony.hu e-mail address,
  • with using the references placed in the footing of the sent newsletters (Unsubscribe button).

4.3. Security cameras of the hotel

For the security of the operation, on the basis of the aspects of property protection and accident prevention, video surveillance system has been worked up on the territory of the Hotel Pagony. Boards inform the guests about the use of the video surveillance system at each relevant point. The system stores the video recordings for three days. 

4.4. Newsletter

The purpose of data handling: sending e-mail newsletters, containing economic advertisement as well, to the persons interested, notice about the current information.

The legal ground of data handling: voluntary consent of the data subject and paragraph (5) of §6 of Act XLVIII of 2008 on the elementary conditions and certain restrictions of economic advertising.

Circle of the data handled: name, e-mail address, IP address, date, time, consent given for direct marketing inquiries.

The term of data handling: until unsubscription.

The prohibition of forwarding direct marketing messages and the erasure or modification of the personal data can be requested at the following contact details:

  • by post at the following address: Újmajori Szabadidőpark Kft. (Hotel Pagony) H-4403 Nyíregyháza, Pf: 39,
  • via e-mail: on the konyveles@hotelpagony.hu e-mail address,
  • with using the references placed in the footing of the sent newsletters (Unsubscribe button).

4.5. Prize competitions

The purpose of data handling: participation in the prize competitions organized by the Újmajori Szabadidőpark Kft. (Hotel Pagony), raffling and informing the winners, disclosure, fulfilment of accounting liability.

The legal ground of data handling: voluntary consent of the data subject.

A kezelt adatok köre: név, cím, e-mail cím, dátum, időpont, valamint játékonként eltérő adatkör, melyről az adott nyereményjáték meghirdetésekor adunk tájékoztatást.

Circle of the data handled: name, address, e-mail address, date, time and a circle of data different per games, about which we render information when the given prize competition is advertised.

The date of the data’s deletion: the data of the persons who did not win are deleted immediately after raffling; as regards the disclosed data of the winners, it is 6 months and in the case of the accounting vouchers related to the prizes it is 8 years, in accordance with §169 of the Accountancy Act.

Disclosure: as regards the winners’ name, the name and postal code of their town/village, for 6 months after raffling.

4.6. Data of the visitors of the website

The domains possessed by the Újmajori Szabadidőpark Kft. (Hotel Pagony) are as follows:

www.hotelpagony.hu; www.pagonyhotel.hu

The purpose of data handling: when you visit the website, for checking the service’s operation, for the customized service and for the prevention of misuse the service provider records the visitors’ data.

The purpose of data handling: when you visit the website, for checking the service’s operation, for the customized service and for the prevention of misuse the service provider records the visitors’ data.

Circle of the data handled: date, time, IP address, the address of the visited site, the address of the previously visited site, data related to the user’s operation system and browser, IP address of the user’s computer and the geographical location of the user.

The term of data handling: the IP address of the user’s computer is deleted when he/she finishes the visit, in the case of the other data this term is one month.

The Újmajori Szabadidőpark Kft.  (Hotel Pagony) does not connect the data occurred during the analysis of log files with other information, it does not attempt to identify the user.

The IP address is such a number sequence by which the computers of the users entering the internet can be identified clearly. With the IP addresses the visitor using the given computer can be localized even geographically. Merely the addresses of the visited pages and the date and time are not suitable for the identification of the data subject but connected with other data (such as ones given on a form for contact) they are suitable for conclusions to be drawn about the user.

Data handling by external service providers: The html code of the portal contains also references independent from the Újmajori Szabadidőpark Kft.  (Hotel Pagony), received from external servers and pointing to external servers. The servers of the external service providers are in direct connection with the user’s computer. We inform our visitors that the service providers of these references are able to collect the users’ data due to the direct connection to their server and the direct communication with the user’s browser.

The contents incidentally customized to the user are served by the servers of the external service providers. The connection between the Újmajori Szabadidőpark Kft. (Hotel Pagony) and the servers of the external service providers covers exclusively the importation of the codes of the latter ones, thus personal data are not forwarded, transmitted.

The independent measurement and audit of the data related to the frequency of visits of the website and of other web-analytical data is supported by the servers of the Google Analytics as an external service provider. About the handling of the measurement data the data controller can render detailed information at the www.google-analytics.com address.

For the fulfilment of their service, a small data package, cookie, is placed on the user’s computer by the external servers available at the following addresses: google.com, facebook.com, about whose data handling detailed information can be requested at the above addresses.

For the customized service, the external service providers place and read back a small data package, cookie, on the user’s computer. If the browser sends a previously saved cookie back, the service providers handling it can connect the current visit of the user with the previous visits but only in the case of their own contents. More information about the cookies can be obtained at the following address:

http://www.adatvedelmiszakerto.hu/cookie 

Users can delete the cookies from their computers and they can prohibit the application of the cookies in their browser. Generally, the cookies can be handled in the Tools/Settings menu of the browsers, in the settings of Data protection, under the “cookie” name.

4.7. “Cookie” handling on the website

For the customized service, the website’s operator places and reads back a small data package, so called cookie, on the user’s computer. If the browser sends a previously saved cookie back, the service provider handling the cookie can connect the current visit of the user with the previous visits but only in the case of their own contents.

The purpose of data handling: identification and distinction of the users, identification of the current session of the users, storage of the data given during the session, prevention of data loss, identification and shadowing of the users, display of offers customized by using the data recording during the visit to the website (__utma, __utmb, __utmc, __utmt, __utmz, PHPSESSID, _C4vId).

The legal ground of data handling: the consent of the data subject.

Circle of the data handled: identification number, date, time.

The term of data handling:

  • until the session is closed (__utmc, PHPSESSID),
  • ten minutes (__utmt),
  • thirty minutes (__utmb),
  • six months (__utmz),
  • one year (_C4vID),
  • two years (__utma).

More detailed information about the cookies can be obtained at the following address: http://www.adatvedelmiszakerto.hu/cookie 

Users can delete the cookies from their computers and they can prohibit the application of the cookies in their browser. Generally, the cookies can be handled in the Tools/Settings menu of the browsers, in the settings of Data protection, under the “cookie” name.

Graphic measurement points have been placed on the page, whose measurement results are recorded by the website’s server. According to the graphic measurement points the visitors of the website cannot be identified later.

4.8. Found objects

The purpose of data handling: Recording the objects found on the territory of the Hotel Pagony, notification to the owner and the person finding the object.

The legal ground of data handling: §5:54, §5:59 and §5:61 of Act V of 2013 on the Civil Code

Circle of the data handled: date and place of finding the object, the name and contact details of the person finding it, the data of the found object.

The term of data handling: one year.

4.9. Correspondence of the Újmajori Szabadidőpark Kft. (Hotel Pagony) with the clients

If during the employment of our services you have any questions or remarks, you can contact the data controller in the manner indicated on the website. The Újmajori Szabadidőpark Kft.  (Hotel Pagony) deletes the letters sent to it by post, the received e-mails, together with the name, address or e-mail address of the sender as well as with their other, voluntarily given personal data upon the expiration of maximum 5 years from the data supply if no such legal relationship exists under which these data have to be handled.

4.10. ROOMSOME

It is a system of call for offers and booking, supporting the online booking by the guests from the websites of the hotels. In the system of the Újmajori Szabadidőpark Kft. (Hotel Pagony) no personal data are stored on this interface. The system is operated by the Morgens Design Kft. on its own servers, in accordance with the rules of data protection. For more information see the www.morgens.hu and the http://roomsome.hu/adatvedelem pages.

4.11. OPTIMONK

Pop up data source. On the basis of voluntary data supply, it forwards data (name and email address) to the marketing data base of the Újmajori Szabadidőpark Kft. (Hotel Pagony). For more information see: Optimonk: https://www.optimonk.hu/privacy_policy

4.12. RCI guest

Technical data tablet for recording the bookings. The data, subject to consent: name, e-mail address, telephone number, membership number. It serves as data input to the Timeshare system. The list is deleted every week, by overwriting.

4.13. Mailchimp correspondence system

An engine used for sending letters for marketing purposes. More information: Mailchimp: https://mailchimp.com/legal/privacy/

5. Manner of storage of the personal data, security of data handling

The computer systems and other data storages of the Újmajori Szabadidőpark Kft. (Hotel Pagony) can be found at its seat, premises. The Újmajori Szabadidőpark Kft. (Hotel Pagony) chooses and operates the information tools applied for the handling of the personal data while rendering its service so that the data handled:

a) be available to the persons entitled (availability);

b) their authenticity and authentication be guaranteed (authenticity of data handling);

c) their invariance could be certified (data integrity);

d) be protected against unauthorized access (data confidentiality).

The Újmajori Szabadidőpark Kft. (Hotel Pagony) protects the data with proper arrangements, in particular against unauthorized access, alteration, transmission, disclosure, erasure or destruction as well as incidental destruction, damage and becoming unavailable due to the change of the applied technique. In order to protect the data files handled in its different registers electronically, the Újmajori Szabadidőpark Kft. (Hotel Pagony) guarantees with proper technical solution that the stored data, except when it is otherwise allowed by law, could not be connected directly and could not be dedicated to the data subject. With regard to the current advancement of technology the Újmajori Szabadidőpark Kft. (Hotel Pagony) ensures the safety of data handling with such technical, organizational and structural arrangements which offer adequate protection against the risks occurring in relation to data handling.
During the data handling the Company maintains:

a) confidentiality: it protects the pieces of information so that only authorized persons could have access to them;

b) integrity: it protects the accuracy and completeness of the information and of the method of process;

c) availability: it ensures that the authorized user would really have access to the requested information when he/she needs it and the means related to this would be available.

The information system and network of the Újmajori Szabadidőpark Kft. (Hotel Pagony) and its partners is protected against swindling supported by computer, espionage, sabotage, vandalism, fire and flood, as well as against computer viruses, hackings and attacks leading to refusal to perform service. The operator ensures safety with protection procedures at the level of the server and of the applications.

We inform the users that the electronic messages sent via the internet, irrespective of the protocol (e-mail, web, ftp, etc.), are fragile against network threats leading to unfair activity, contestation of a contract or disclosure, modification of any information. For the protection against such threats, data controller takes every reasonable precaution. The systems are observed in order to record every security deviation and to have evidences in the case of every security incident. In addition to this, the system observation allows the checking of the effectiveness of the applied precautions as well.

6. Data and contact details of the data controller

Újmajori Szabadidőpark Turisztikai Szolgáltató Korlátolt Felelőségű Társaság (Újmajori Leisure Park Tourist Service Provider Limited Liability Company)
Abbreviated name: Újmajori Szabadidőpark Kft.     
Seat: H-1055 Budapest, Stollár Béla Street 4. Ground-floor no. 5
Postal address: H-4403 Nyíregyháza, Pf:39.
Company registry number: 01-09-983750
VAT number: 23910481-2-41

7. The rights of the data subjects, possibilities of assertion of their rights

Data subjects can ask for information on handling their personal data and they can request the correction of their personal data or, excluding the compulsory data handling, their erasure or blocking in the manner indicated at the data’s recording or at the indicated contact details of the data controller.

7.1 Right to receive information

Újmajori Szabadidőpark Kft. (Hotel Pagony), as data controller, takes appropriate measures in order to render the information on handling personal data, mentioned in articles 13 and 14 of the GDPR regulation to the data subjects and in order to give the information as per articles 15-22 and 34 in brief, clear, understandable and easily accessible form, drafted clearly and plainly.

7.2 The right of the data subjects to access

Data subjects are entitled to receive feedback from the data controller about whether the handling of their personal data is in progress and if such data handling is in progress, they are entitled to have access to the personal data and to the following pieces of information: the categories of the affected personal data, the categories of the addressees to whom the personal data have been or will be disclosed, including, in particular, the addressees in third countries and the international organizations; the planned duration of the storage of the personal data; the right to correction, deletion or restriction of data handling and the right to objection; the right to file a complaint addressed to the supervisory authority; information on data sources; the fact of the automated decision-making, including profiling as well and understandable information about the applied logic about the importance of such data handling and what expected consequences it will bring to the data subjects. Data controller shall give the information maximum within one month from the submission of the request. This information is free of charge.

7.3 The right to correction

The Újmajori Szabadidőpark Kft. (Hotel Pagony) corrects the personal data if it is not true and the true personal is available. Data subjects can request the correction of the incorrect data concerning them, handled by the Újmajori Szabadidőpark Kft. (Hotel Pagony) and the supplementation of the defective data.

The manner of this:

On newsletter list: our partners can change their data related to this in the newsletter automatically.

7.4 The right to deletion

Data subjects can request the deletion of their personal data at any time, except when data handling is necessary:

  • for the freedom of expression of opinion and for exercising the right to information;
  • for the completion of the obligation as per the law of the European Union or of the member state ordering the handling of the personal data, applicable to the data controller and for the completion of a task fulfilled as a public interest or during exercising a licence vested to the data controller by a public authority;
  • for research concerning public health, or archiving, scientific and historic research or for statistical purposes, based on public interest;
  • for the filing, enforcement and protection of legal claims.

7.5 The right to limitation of data handling

If it is requested by the data subject, the Újmajori Szabadidőpark Kft. (Hotel Pagony) limits data handling if any of the following conditions is met:

  • the data subject contests the accuracy of the personal data. In this case the limitation is valid for the period which makes the check of the accuracy of the personal data possible.
  • data handling is unlawful and the data subject objects to the erasure of the data and instead of it he/she requests the limitation of their use;
  • data controller does not need the personal data for data handling but the data subject requests them for the filing, enforcement and protection of legal claims;
  • the data subject objected to the data handling. In this case the limitation is valid for the period while it is stated whether the lawful reasons of the data controller have priority against the lawful reasons of the data subject.

If data handling is subject to limitation, personal data, excluding storage, can be handled only with the consent of the data subject or for the filing or enforcement of legal claims or for an important public interest of the Union or any member state.

7.6 he right to data carriage

Data subjects are entitled to receive personal data concerning them which they have provided to the data controller in a structured, commonly used, machine-readable format and to transmit these data to another data controller.

7.7 The right to objection

Data subjects are entitled to object, on grounds relating to their particular situation, at any time to the handling of their personal data for the completion of a task fulfilled as a public interest or during exercising a licence vested to the data controller by a public authority or to data handling necessary for the enforcement of the lawful interests of the data controller or of a third party, including also profiling based on the mentioned regulations.

In the case of objection the data controller is not allowed to handle the personal data any more, except when it is justified by such coercive lawful reasons which have priority against the interests, rights and freedoms of the data subject or which relate to the filing, enforcement or protection of lawful claims.

7.8 Automated decision-making in particular cases, profiling

Data subjects are entitled not to be subject to a decision based exclusively on automated data handling, including profiling as well, which would cause legal effect on them as well or would affect them to a similarly great extent.

7.9 The right to withdrawal

Data subjects are entitled to withdraw their consent at any time.

7.10 The right to apply to the court

If their rights are infringed, data subjects are entitled to apply to the court against the data controller. The court shall act in the case with priority.

7.11 Official procedure related to data protection

The Újmajori Szabadidőpark Kft. (Hotel Pagony) shall compensate the damages caused to other persons with the unlawful handling of the data of a data subject or with the violation of the data safety requirements. Data controller shall escape liability if the damage was caused by an unavoidable reason beyond data handling. The damage will not be compensated if it has resulted from the wilful or seriously negligent behaviour of the injured party.

Requests for legal remedy and complaints can be submitted to the National Authority for Data Protection and Freedom of Information:

Name: National Authority for Data Protection and Freedom of Information
Seat: H-1125 Budapest, Szilágyi Erzsébet fasor 22/C
Postal address: H-1530 Budapest, Pf 5.
Telephone: +36 1 3911400
Fax: +36 1 3911410
E-mail: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu

8. Other provisions

We hereby inform our clients that other organs may request the data controller to render, deliver information, data or documents pursuant to the authorization given by the court, prosecution, investigating authority, infraction authority, administrative authority, the National Authority for Data Protection and Freedom of Information or given by law.

The Újmajori Szabadidőpark Kft. (Hotel Pagony) shall deliver personal data to the authorities, if the authority indicates the exact purpose and the circle of the data, only in such quantity and to such extent which is essentially necessary for the fulfilment of the request’s purpose.

Nyíregyháza, 06.11.2019