Privacy Policy

Privacy Policy

Effective date: 01.10.2023

Last modified: 01.06.2025

 

In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter as: “GDPR”) present privacy policy (hereinafter as: “Policy”) contains all information regarding the processing of personal data provided to

 

Company name: ULab Korlátolt Felelősségű Társaság

Registered seat: 1036 Budapest, Perc utca 2. III. em.

Company registration number: 01-09-329599

Tax number: 26513320-2-41

Registered at: Metropolitan Court of Budapest as Company Registration Court

Képviseli: László Nagy managing director

E-mail: info@compacttv.hu 

(hereinafter as: “Service Provider”)

 

by anyone visiting the website (hereinafter as: „Website”) of the Service Provider under the domain  https://compacttv.hu/hu/ or by persons contacting the Service Provider by e-mail or telephone, requesting the Service Provider to send them a summary (hereinafter referred to as: “Summary”) made by the Service Provider in various topics or who are subscribing to the Service Provider’s newsletter (hereinafter collectively referred to as: “Data Subject”). The aim of the Policy is to give a clear picture about why, how and how long we process personal data of individuals who come into contact with our company.

 

1. A few data privacy related definitions to better understand the Policy

 

Personal data

means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

 

Processing

means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

 

Controller

means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by EU or Member State law.

 

Processor

means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

 

Third Party

means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

 

Data forwarding

Means the disclosure of personal data to specific third parties.

 

Data Subject

Everybody who shares his/her personal data with the Service Provider through the Website or via other channels or whose personal data is processed by the Service Provider otherwise. For example, You who reads this Policy.

 

Consent of the data subject

means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

 

Sensitive data

personal data referring to racial origin, nationality, political opinions or membership in any political party, religious or other beliefs, membership of an advocacy organization, sex life, personal data concerning health, pathological data.

 

Genetic data

means personal data relating to the inherited or acquired genetic characteristics of a natural person which give unique information about the physiology or the health of that natural person and which result, in particular, from an analysis of a biological sample from the natural person in question.

 

Biometric data

means personal data resulting from specific technical processing relating to the physical, physiological or behavioral characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopy data.

 

Personal data breach

means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.

 

Most of the above definitions are used by the GDPR. The full text of the GDPR is available at https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN The above list is not complete so should you need more information or explanation do not hesitate to contact us.

 

We would like to inform You that during our processing we do not process or request from You any sensitive, genetic or biometric data.

 

1. Principles of data processing

 

The Service Provider shall process the personal data of the Data Subject in accordance with the following principles laid down in Article 5 Section (1) of the GDPR:

 

• processes personal data lawfully and fairly and in a transparent manner (“lawfulness, fairness and transparency”);
• collects personal data only for specified, explicit and legitimate purposes and does not process them in a way incompatible with those purposes (“purpose limitation”);
• the personal data processed are adequate, relevant and limited to what is necessary for the purposes for which they are processed (“data minimisation”);
• ensure that the personal data are accurate and, where necessary, kept up to date and take all reasonable steps to ensure that personal data which are inaccurate for the purposes for which they are processed are erased or rectified without undue delay (“accuracy”);
• store the personal data in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the personal data are processed (“limited storage”);
• process personal data in a manner to ensure appropriate security of personal data, including protection against unauthorised or unlawful processing, accidental loss, destruction or damage, by implementing appropriate technical or organisational measures (“integrity and confidentiality”) 

 

III. In which cases do we process personal data?

 

The Service Provider shall process the personal data of the Data Subject in the following cases, taking into account the principles described in Chapter III above:

 

• Browsing the Website;
• Contacting by e-mail or phone;
• Reqiuesting and sending Summary;
• Newsletter subscription;
• Cookies

 

1. Which data, for which purpose and for how long do we process?

 

In each of the cases set out above, the legal ground for processing personal data may be:

 

• In accordance with article 6 Section (1) Point a) of the GDPR the freely given, specific, informed and unambiguous consent of the Data Subject (hereinafter as: „Consent”).
• In accordance with article 6 Section (1) Point b) of the GDPR processing is necessary for the performance of a contract to which the Data Subject is party (hereinafter as: „Performance of Contract”).
• In accordance with article 6 Section (1) Point c) of the GDPR processing is necessary for compliance with a legal obligation to which the controller is subject (hereinafter as: „Compliance”).
• In accordance with article 6 Section (1) Point f) of the GDPR processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (hereinafter as: „Legitimate Interest”).

 

Considering that we are unable to limit the scope of personal data sent to us by individual Data Subjects through certain means of communication—since we have no control over the personal data that a Data Subject may voluntarily disclose—we kindly ask you to pay special attention to only share the minimum necessary data and information specified by the Service Provider in this Policy when contacting us in any way. Under no circumstances should you disclose any personal information to our company that we do not request or intend to process as per this Policy. If, despite this explicit request set out in this section, you still send us information involving personal data whose processing is not necessary, and this results in any damage to our company, by accepting this Notice you agree to indemnify our company against any potential harmful consequences, in particular the payment of fines, and to hold us harmless.

 

IV.1. Browsing the Website 

 

Scope of data processed	Purpose of processing	Legal ground for processing	Naming the legitimate interest	Duration of processing
IP address of the Data Subject	Protection of the IT systems of the Service Provider and securing the Website	Legitimate Interest	Securing the operation of the Website	30 days from visiting the Website

 

The Website may be freely visited and browsed by the Data Subject without expressively providing any personal data to the Service Provider. However, when visiting the Website at any time, the Data Subject’s computer or mobile device sends a request to the Service Provider. It is like sending a letter to which You wish to get the content of the Website as an answer. The Service Provider can only answer this request if the Data Subject provides his/her address. This address is the Data Subject’s internet identifier address, IP address for short. The Service Provider sends the requested Website to this IP address. This is an automatic process, by typing the domain of the Website to the web browser or by clicking to a link published anywhere that is directing to the Website the Data Subject gives his/her consent to provide the IP address for this purpose and to be processed by the Service Provider. To make this „correspondence” smooth the servers of the Service Provider store the IP address of the Data Subject in log files.

 

The identification and storing of IP addresses is necessary to protect the IT systems of the Service Provider and the Website as well. Protection against possible malicious activities against the Website is partly ensured by that the Service Provider is logging the operation of the Website and in this log, it lists the IP addresses from which requests to its servers were made. If the Service Provider detects an activity from an IP address that interferes with the secure operation of the Website, he addresses will be blacklisted. Any malicious activity is prevented and resolved through legal action. If nothing unordinary occurs, the Service Provider deletes the log files and the IP addresses. IP addresses stored in log files will not be used by the Service Provider for any other purpose and will be automatically deleted within 30 days and we keep it only if the Data Subject has performed any prohibited activity from that IP address. These activities are either listed above or other activities that violate local, state, national or international law.

 

IV.2. Contacting by e-mail or phone

 

In order to assist Data Subjects, provide information, and enable them to exercise their rights, the Service Provider allows them to make contact via email or telephone—even in the absence of a contractual relationship. The Service Provider handles such inquiries through telephone and email communication.

 

IV.2.1. In case of contacting by e-mail

 

When the Data Subject contacts the Service Provider in e-mail at info@compacttv.hu with any inquiry he/she acknowledges the processing of his/her data by sending the e-mail. In order to fulfill the requests, we need to process certain personal data. Without them, we will not be able to fulfill Your  request, as we would not be able to contact You.:

 

Scope of data processed	Purpose of processing	Legal ground for processing	Specifying legitimate interest	Duration of processing
First and last name of the Data Subject	Identification of the Data Subject fulfillment of request	Performance of contract (in case of an existing business relationship) / Legitimate interest (without business relationship)	The legitimate interest of the Service Provider in providing the Service at an appropriate standard and in establishing new business relationships.	Until an objection is raised by the Data Subject but for quality assurance for 6 months from the receipt of the request
E-mail address of the Data Subject	Identification of the Data Subject fulfillment of request	Performance of contract (in case of an existing business relationship) / Legitimate interest (without business relationship)	The legitimate interest of the Service Provider in providing the Service at an appropriate standard and in establishing new business relationships.	Until an objection is raised by the Data Subject but for quality assurance for 6 months from the receipt of the request
The social media contact of the Customer / Data Subject possibly shared in his/her e-mail „signature”	–	Performance of contract (in case of an existing business relationship) / Legitimate interest (without business relationship)	The legitimate interest of the Service Provider in providing the Service at an appropriate standard and in establishing new business relationships.	Until an objection is raised by the Data Subject but for quality assurance for 6 months from the receipt of the request

 

The Service Provider will process the data indicated above as personal data only if the provided e-mail address contains the name of a natural person. If the provided e-mail address is general format (e.g. info@example.hu or finance@example.hu), the Service Provider processes the data, however, the data does not qualify as personal data

 

IV.2.2. When contacting by phone

 

If the Data Subject contacts the Service Provider by phone or if the Service Provider calls the back the Data Subject, then we draw the attention of the Data Subject that for quality assurance purposes and to fulfill the request the following data will be processed. We inform the Data Subject that the phone conversation will not be recorded.

 

Scope of data processed	Purpose of processing	Legal ground for processing	Specifying legitimate interest	Duration of processing
First and last name of the Data Subject	Identification of the Data Subject fulfillment of request	Performance of contract (in case of an existing business relationship) / Legitimate interest (without business relationship)	The legitimate interest of the Service Provider in providing the Service at an appropriate standard and in establishing new business relationships.	Until an objection is raised by the Data Subject but for quality assurance for 6 months from the receipt of the request
Phone number of the Data Subject	Identification of the Data Subject fulfillment of request	Performance of contract (in case of an existing business relationship) / Legitimate interest (without business relationship)	The legitimate interest of the Service Provider in providing the Service at an appropriate standard and in establishing new business relationships.	Until an objection is raised by the Data Subject but for quality assurance for 6 months from the receipt of the request

 

We kindly request the Data Subjects that do not share any additional personal information in addition to the above especially if it is not requested by us. Unsolicited data will be immediately and irrevocably deleted and at the same time we also exclude any liability regarding data that we became aware of this way.

 

IV.3. Requesting and sending Summary

 

In order for the Service Provider to send the Summary to the Data Subject, the following data must be provided, which the Service Provider processes as follows:

 

A kezelt adatok köre	Az adatkezelés célja	Az adatkezelés jogalapja	Az adatkezelés időtartama
First and last name of the Data Subject	Contacting the Data Subject for the purpose of participation in the research, sending the Summary	Consent	Until withdrawing consent but for a maximum of 30 days from sending the Summary
E-mail address of the Data Subject	Contacting the Data Subject for the purpose of participation in the research, sending the Summary	Consent	Until withdrawing consent but for a maximum of 30 days from sending the Summary
Employer of the Data Subject	Contacting the Data Subject for the purpose of participation in the research	Consent	Until withdrawing consent but for a maximum of 30 days from sending the Summary

 

If the Data Subject wishes to receive the Summary from the Service Provider, the Service Provider will request the Data Subject’s consent to process the above data in connection with sending the Summary. If consent is given, the Service Provider will send the Summary to the Data Subject at the email address provided by them.

 

The Service Provider will process the above data of the Data Subject until the consent is withdrawn. Further information regarding the withdrawal of consent can be found in Section VI of this Notice. In the absence of withdrawal of consent, the Service Provider will delete the Data Subject’s data within 30 days following the sending of the Summary.

 

IV.4. Newsletter subscription

 

Scope of data processed	Purpose of processing	Legal ground for processing	Duration of processing
First and last name of the Data Subject	Sending informative and educational messages to the Data Subject	Consent	Until withdrawing consent i.e. unsubscribing from the newsletter
E-mail address of the Data Subject	Sending informative and educational messages to the Data Subject	Consent	Until withdrawing consent i.e. unsubscribing from the newsletter

 

IV.5. Cookies

 

Cookies are data packages that are sent by our webservers to Your computer automatically, where they are stored – depending on the type of the cookie – for a definite period of time.

 

Cookies do not hold any security risk to Your computer or not cause any malfunction.

 

In order to ensure the smooth operation of the Website, certain cookies (known as session cookies) are automatically installed on Your computer when You visit the Website. The purpose of such cookies is to ensure the security of the Website, to preserve the data recorded on our online forms, to display multimedia content and to balance the traffic on the Website. Personal data collected through the use of these cookies (in particular the IP address of Your computer) will be processed for our legitimate interest in the safe and smooth operation of the Website for the duration of Your stay on our Website. Closing Your browser will automatically delete them from Your computer.

 

With Your consent given on the Website, the following types of cookies may be installed on Your computer for the following purposes:

• Cookies for web analytical measurements and for statistical purposes (e.g., Google Analytics). These are important to us because we are provided with information about the specific characteristics of our visitors (IP address, city, type of device, browser, operating system You are using, and what sub-pages You have visited on our site). We use these data anonymized for statistics and reports to improve the Website our marketing strategy.
• Remarketing cookies (such as Google AdWords) allow us to analyze how You use our site and, consequently, to display personalized content to You, including advertising on online platforms outside our site (e.g., other websites or social media).

 

You may find information on Google Analytics cookies here:

https://deve1opers.google.com/ana1ytics/devguides/co1lection/ana1yticsjs/cookie-usage     

 

• Remarketing célú cookie-k (pl. Google Adwords), melyekkel elemezni tudjuk, hogyan használja Ön a honlapunkat, és ennek megfelelően Önnek személyre szóló tartalmat, hirdetést jeleníthetünk meg, akár a honlapunkon kívüli online felületeken is (pl. más weblapokon vagy közösségi médiában).

 

You may find information on Google AdWords cookies here:

 https://support.google.com/adwords/answer/2407785?h1=hu 

 

In addition, we distinguish between session-specific cookies and persistent cookies. A cookie valid for a single session only survives until the User closes the browser. Permanent cookies continue to live and are not automatically deleted when You close Your browser. Why do they stay there and what’s good about it? Well, such persistent cookies, for example, help to make the site run faster and remembering things that the User has set for himself/herself on the Website.

 

You can manage cookies in Your browser’s settings. How these settings are set depends on the type of Your browser.

 

Accepting or enabling the use of cookies is not mandatory. You can reset your browser settings to reject all cookies or to notify you when a cookie is being sent. Cookies can also be managed in your browser settings. The way to adjust these settings depends on the type of browser you use.

 

You may find information on cookie settings for the most popular browsers on the following link:

• Google Chrome: https://support.google.com/chrome/answer/95647?hl=hu-hu&p=cpn_cookies
• Firefox:  https://support.mozilla.org/hu/kb/sutik-informacio-amelyet-weboldalak-tarolnak-szami
• Internet Explorer / Edge: https://support.microsoft.com/hu-hu/help/17442/windows-internet-explorer-delete-manage-cookies
• Safari: https://support.apple.com/hu-hu/HT201265

 

1. Where and how my personal data is stored?

 

Personal data is stored either in paper form or electronically. If the data is stored in paper form, it is kept in a secure, locked location. Electronically, the data is stored by the Service Provider on cloud-based servers.

 

The Service Provider also uses its own internal servers for data storage.

 

The Service Provider takes all necessary technical and organizational steps and precautions to protect personal data and its quality, ensuring continuous availability of physical, electronic, and procedural safeguards that comply with regulations applicable to personal data. These include, among others, operating servers in secure locations and protecting IT equipment with passwords and firewalls.

 

Despite the above, the Service Provider does not accept liability for the damage, destruction, or unauthorized access of data in the event of technical failure, natural disaster, terrorist act, or criminal offense.

 

1. How can You withdraw Your consent if the ground for processing is based on consent?

 

If under present Policy the legal ground of processing is the consent of the Data Subject, then the Data Subject has the right to withdraw this consent. Depending on the purpose of processing there are many ways to do it. You may withdraw Your consent given at browsing at any time, free of charge and without limitation by revisiting the Website and clicking on the pop-up window. In addition, if You do not have the possibility to withdraw Your consent this way, you may withdraw it by sending a message to info@compacttv.hu or a mail sent to the Service Provider’s registered seat address or in case of newsletter subscription by clicking on the “Unsubscribe” button at the bottom of the email.

 

Please note that the withdrawal of consent does not affect the lawfulness of the data processing prior to the withdrawal.

 

VII. What rights do You have in connection with processing Your personal data?

 

Request for information (right to access): You may request information about the processing of Your personal data at any time, either in person, at our registered seat address, in writing by sending a registered letter or by email to info@compacttv.hu

 

Pursuant to Article 15 Section (1) of the GDPR, a request may include information on the data processed, their source, purpose, legal ground, duration, name and address of any processor, processing activities and Your rights in relation to processing. In the case of data transfer, to whom and for what purpose Your data have been or will be transferred.

 

A request for information is considered authentic by us if You are clearly identified by it. If the request is sent by e-mail or post, only the e-mail sent from Your registered e-mail address will be considered as authentic, and we will only be able to send information to the postal address registered by us. Unless You voluntarily verify Your identity otherwise, we will not be able to send information to an e-mail address or postal address that is not registered in our records in order to protect Your privacy.

 

Rectification: You may at any time request the rectification, modification or amendment of Your data in the same manner described above. We can also do this only on the basis of a request from a credible source presented when submitting the request.

 

Restriction: You may request that we restrict the processing of our personal information in particular if:

1. 
   a) You argue the accuracy of the personal data we process. In this case, the limitation refers to the period during which the accuracy of the data is checked.
2. b) Although the legal ground for processing does not stand for us, but You are requesting us in writing to keep them for the purpose of filing, asserting or defending any legal claim You may have

 

Objection: If we process Your personal data on the ground of legitimate interest, You may at any time object to the processing of Your personal data. In such cases, we will review the legality of the objection and, if it is well established, we terminate the processing of data and notify anyone to whom the personal data subject to the objection may have been previously transmitted.

 

Deletion (“Right to be forgotten”): You may request the deletion of Your personal data at any time for any of the reasons set out in Article 17 Section (1) of the GDPR.

 

We may refuse deletion if the processing of Your personal data is required by law or if it is necessary to enforce our legal claims. We will always inform You about the refusal of the request for deletion. Once it is deleted, the data cannot be recovered.

 

Transfer of Personal Data (Portability): You may at any time request us to transfer the data processed in connection with You in a structured, widely used, machine-readable format to You or to another controller.

 

We kindly ask You to not exercise the above rights improperly, but only if it has a real ground or if any of the conditions set out in the GDPR actually exist.

 

VIII. What third-party social media plug-ins may be found on our Website?

 

To receive feedback on the contents we share on the Website and to share them we use social media sites meaning we use the services (plugins) of third party providers. The plugins are only active when You specifically click on the button to allow them to contact social media sites. The plugins of the following two social media sites can be found on our website: Facebook, Instagram, TikTok, Youtube.

 

If You are logged in to any of these sites, it may occur that Your visit on the site will be attached to Your personal profile. If you click on the specific button, your browser will forward the relevant information directly to that social media site and store them there.

 

Information about the scope and purpose of the data collected, further processing of Your data and use of Your data by the social media provider, and Your rights regarding personal data can be found in privacy statements of the social media providers, which are available at:

 

Facebook: https://www.facebook.com/policy.php 

Instagram: https://help.instagram.com/155833707900388 

TikTok. https://www.tiktok.com/legal/privacy-policy-eea?lang=hu 

YouTube: https://policies.google.com/privacy

 

1. To whom we transfer personal data and who has right to access them?

 

Your personal data will be treated confidentially and will not be disclosed to any third party, except as provided below.

 

IX.1. Correspondence (e-mail)

 

For e-mail communication the Service Provider uses the services of Google Inc. named Gmail GSuites, a business e-mail service provided by:

 

• • Company name: Google Ireland Ltd

• Registered seat: Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

• Registration number: 368047
• Represented by: Elizabeth Margaret Cunningham CEO
• Phone: +353 1 436 1000
• data center: Dublin, Ireland

(a továbbiakban: “Google”) 

 

Google carries out its data processing within the European Union through its servers located in Dublin, meaning within the EU. Google has no access to the data stored on the server in relation to the User; it cannot modify, delete, use, or otherwise process the data in any way. If, for any reason, Google processes personal data outside the European Union, such processing ensures protection in accordance with the provisions of the GDPR. More information is available here: https://policies.google.com/privacy/frameworks  

 

Google ensures data protection on multiple levels. For example, it physically secures the servers storing the data by keeping them in restricted areas monitored by security personnel and technicians. Access to server rooms is restricted among employees. At the infrastructure level, Google uses uninterruptible power supplies and other advanced technologies. At the data level, protection is ensured through restricted access, continuous system monitoring, encryption, and firewall protection. Google’s privacy policy is available at the following link: https://policies.google.com/privacy

 

If, for any reason, Google processes personal data outside the European Union, the Data Subject’s data will still benefit from the protection provided by the GDPR, in view of the European Commission’s adequacy decision on EU-U.S. data flows.

 

IX.2. Sending Summary and newsletters

 

The Service Provider forwards the Data Subject’s email address to its data processor partner for the purpose of sending the requested summary and, if the Data Subject has subscribed to the Service Provider’s newsletter, for delivering such newsletters. One such data processor is MailChimp, an email delivery service through which the Summary, system messages, electronic direct marketing (eDM) messages, and newsletters related to the Service Provider’s services and operations are sent.

 

MailChimp is not permitted to use the email address for any purpose other than fulfilling its task, nor may it make independent decisions regarding the personal data.

 

Contact details of the data processor:

 

Company name: MailChimp c/o The Rocket Science Group, LLC
Registered seat: 675 Ponce De Leon Ave NE Suite 5000 Atlanta, GA 30308 USA

E-mail: privacy@mailchimp.com

Phone: +1 678 999 0141

represneted by: Ben Chestnut director

(Hereinafter as: “Mailchimp”)

Mailchimp’s privacy policy is available here: https://mailchimp.com/legal/privacy/

 

Although MailChimp’s servers may be located outside of the European Union, the processing of the Data Subject’s e-mail address complies with the provisions of the GDPR, while still ensuring the same level of protection as in Europe, in view of the European Commission’s adequacy decision on EU-U.S. data flows.

 

1. To whom and in what cases are we required to disclose personal data?

 

We are obliged to disclose the personal data we process to the competent authority upon request by such authority. We cannot be held liable for any such transfer and the consequences thereof. We will always inform You of the transfer when it becomes necessary.

 

1. What are the responsibilities with regard to the personal data You provide?

 

When You provide us Your personal data, You are responsible for ensuring that the information and contributions You make are true and correct.

 

We ask You to provide us third-party data only if specifically authorized to do so by the third party. The Service Provider assumes no liability for any resulting claims.

 

If a third-party objects the processing of personal data by credibly verifying its identity, we will immediately delete third-party data without notifying You. Please only provide third-party personal data only if you have informed the third party of the availability of this Policy.

 

Please do not provide us with any personal data in addition to the data requested by the Service Provider and specified in Chapter IV above. If you provide the Service Provider with any personal data in addition to the data requested by the Service Provider, the Service Provider will immediately render it unrecognizable and irretrievably delete it, and excludes its liability for data that the data subject has voluntarily provided to the Service Provider without the Service Provider’s request.

 

XII. Management of Personal data breach

 

Any personal data breach that may occur will be reported to the supervisory authority within 72 hours from becoming known to us in accordance with the law, and we will also maintain records of any breach that may occur. In the cases specified by law, we also inform the Data Subjects concerned.

 

XIII. Data Protection Officer (DPO)

 

Pursuant to Article 37 of the GDPR appointment of a DPO is mandatory if:

1. a) the processing is carried out by a public authority or body, except for courts acting in their judicial capacity;
2. b) the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale; or
3. c) the core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant to Article 9 and personal data relating to criminal convictions and offences referred to in Article 10.

 

With respect to that the Service Provider is not subject to any of the clauses above and because there is no other compelling reason to appoint a DPO we are not appointing anyone for this position.

 

XIV. Amendment of the Privacy Policy

 

If the scope of the data processed, the legal ground for the processing or other circumstances change, we will amend this Policy in accordance with the GDPR within 30 days and publish it on the Website and notify the Data Subject of the changes. In any case, please read the changes to this Privacy Policy carefully as they contain important information about the processing of your personal data.

 

1. Who You may contact for information regarding Your personal data or to exercise Your rights?

 

Please contact us with any inquiries in e-mail at info@compacttv.hu or by mail at 1036 Budapest, Perc utca 2. III. em.

 

The Data Subject is entitled to exercise his / her rights related to the processing of personal data against the Service Provider as controller. If You wish to exercise Your rights, You must notify the Service Provider first.

 

If You feel that Your rights have been violated, You can complain to the National Authority for Privacy and Freedom of Information:

 

Name: National Authority for Privacy and Freedom of Information 

Address: 1055 Budapest, Falk Miksa utca 9-11., Hungary

Mailing address: 1363 Budapest, PO box: 9., Hungary

Phone: +36 1 391 1400

E-mail: ugyfelszolgalat@naih.hu 

Website: http://www.naih.hu 

 

In the event of a dispute arising out of or in connection with this the present Privacy Policy, its breach, validity or interpretation, the User may bring the dispute to the competent court under Act CXXX of 2016 on the Code of Civil Procedure (Code of Civil Procedure): 

 

Name: Fővárosi Törvényszék (Metropolitan Court of Budapest Capitol)

Address: 1055 Budapest, Markó u. 27.

Mailing address: 1363 Bp. Pf. 16

Phone: +36 1 354 6000

E-mail: ft.elnokseg@birosag.hu 

Website: https://fovarositorvenyszek.birosag.hu/ 

---

Manage consent