Privacy Statement
- Data manager's name
Data manager's name: Judit Polgar Chess Foundation
Data manager's company registration number: 01/03/11579
Data manager's seat: 1016 Budapest, Orom utca 20/b, Hungary
Data manager's contact details:
Data manager's representative: Attila Udvarhelyi (chair)
- Privacy policy rules
This privacy policy is valid from 01 July, 2016. until withdrawn.
The Polgár Judit Chess Foundation (hereinafter referred to as: the "Company"), based on the Company's privacy policy, handle personal data in connection with this interface. The privacy policy covers all such processes conducted by any Company unit which involve personal data management as stipulated by Section 2, Article 3 of the Information Management Act.
Conceptual descriptions used in this policy are in line with definitions listed in Article 3 of the Information Management Act.
Personal data can only be handled in order to practise rights or fulfil commitments. Personal data managed by the Company cannot be used for private purposes. Data management shall, at all times, serve a particular purpose.
The Company shall manage personal data only for clearly defined purposes, to practise rights or to fulfil commitments, to the extent and for the time deemed necessary to reach the objective set. All data management phases serve a purpose, and when this purpose no longer exists or data management becomes illegal, data are deleted.
The Company shall only manage personal data as authorised by law or based on prior consent given by the relevant individual.
The Company shall, before registering any data, in advance, notify the relevant individual about the data management purpose and provide information about its legal background.
All staff members of the Company's organisational units and staff members of any organisation contracted by the Company to assist in any data management operation, shall handle personal data as commercial secrets. Individuals managing the personal data and individuals with access to such data shall sign a Confidentiality Agreement.
If an individual who falls under the scope of the privacy policy, is informed that the data managed by the Company are incorrect, incomplete or obsolete, s/he shall correct such data or initiate the correction at the staff member responsible for data registration.
Privacy requirements for natural and legal entities and organisations contracted by the Company to conduct data processing activities shall be outlined in a separate contract signed with the data processing entity.
The Company's General Manager, by taking Company specifics into consideration, shall define the data protection and management structures, data protection and related scopes, and shall appoint a staff member to be responsible for supervising the data management processes.
Company staff members shall, at all times during their work activities, ensure that no unauthorised persons can have access to the personal data, furthermore, they shall make sure that personal data storage ensures that data are not accessible, modifiable or deletable by unauthorised individuals.
The Company privacy policy and the data protection system are supervised by the individual responsible for privacy policies.
- How individuals can exercise their rights
An individual can request information on how his/her personal data are handled, and can request the correction or - except for data management cases stipulated by law - the deletion of such data, by contacting the Company using the contact details provided.
Upon receiving a request or complaint, the Company shall submit it to the Head of the organisational unit with relevant data management scope within three days of receipt.
The Head of the organisational unit with relevant data management scope, in response to the request on personal data management and privacy, shall respond with a clearly put answer in writing within 15 days - or in the case of a complaint, within 5 days.
The information shall cover the items listed in Section (1), Article 15 of the Information Management Act, unless such information is to be withheld as stipulated by law.
Information provision, by law, is free of charge with the exception of cases defined by Section (5), Article 15 of the Information Management Act, where the Company charges a fee.
Any request submitted can be refused only for reasons listed in Section (1), Article 9 or Article 19 of the Information Management Act. In such case, the Company shall provide the explanation in writing, as stipulated by Section (2), Article 16 of the Information Management Act.
If the necessary information and official documents confirming this information are available, false data are corrected by the Head of the organisational unit responsible for data management, and if the situation as per Section (2), Article 17 of the Information Management Act requires, the Head of the unit shall initiate the deletion of the personal data.
For the period during which the complaint against personal data management is processed, the Head of the data management unit shall suspend data management (for a maximum of 5 days), shall examine the validity of the complaint, and shall make a decision, about which the individual submitting the complaint shall be informed as per Section (2), Article 21 of the Information Management Act.
Should the complaint be deemed to be valid, the Head of the data management unit shall proceed as stipulated by Section (3), Article 21 of the Information Management Act.
If, while exercising the rights of the individual, the opinion on the case is not clear, the Head of the organisational unit managing the data, by submitting his/her opinion and the relevant documents, shall request a statement from the internal privacy expert. This expert shall respond to the request within three days.
Any damage caused by the Company by infringing privacy rules or illegal data management, as well as compensation for personal right infringement caused by the Company or a contracted entity shall be paid by the Company. The data manager shall be exempt from its liability and its duties to pay compensation if the data manager finds that personal right infringement was due to unavoidable reasons beyond their control. Similarly, no compensation is to be paid if the damage was due to deliberate acts or gross negligence on the victim's side.
Complaints concerning Company data management practices can be submitted to the Hungarian National Authority for Data Protection and Freedom of Information:
Organisation: Hungarian National Authority for Data Protection and Freedom of Information
Site address: 1024 Budapest, Szilágyi Erzsébet fasor 22/C.
Internet: www.naih.hu
- Issues not regulated by this notice
Any issues not regulated by this notice are governed by the Information Management Act and Company privacy policies.
Information on data processing for clients
We would like to inform you that your personal data are processed in connection with the provided service activity based on the following conditions:
Data processing in connection with the provided service activity
The data processing relating to the Company's service activities is based on voluntary consent. However, in certain cases, the processing, storage, and forwarding of a certain part of the data provided is prescribed by law. In such cases, we specifically inform our community.
We would like to notify those providing data to the Company which are not their own personal data, the data provider is obliged to obtain the consent of the data subject.
Number of the data processing assigned in the data protection register:
Purpose of data processing: The basic data of website visitors are registered who visit in connection with using the services connected to the above activities of the foundation.
Legal basis of data processing: The consent of the data subject.
Scope of processed data: Name, home address, telephone number, e-mail address, copy of Hungarian or foreign language documents.
The term of data processing: The term of data processing in connection with the service is 5 years following the closure of the active search period of the registered user.
The Company uses cookies during the registration process on the website. Data about the operating system and browser may be stored, and, even using a dynamic (changing) IP address, by using an individual identifier, which means that the data subject may be followed throughout the browsing process. Based on the aforementioned information, internet-based cookies will be considered as personal data, because they make it possible to identify the user more accurately than simply using the IP address. The cookies are only active in the Company's system when filling in forms, and are valid for a limited time. (Their period of validity is 16 minutes.)
Personal data can be forwarded to data controllers or data processors performing data processing in third countries only with the explicit consent of the data subject, or if the conditions of data processing prescribed above are fulfilled, and if in that third country the appropriate level of protection of personal data is guaranteed throughout the process of data management and processing. The forwarding of data to EEA Member States has to be viewed as if the forwarding of the data had taken place within the territory of Hungary.
Electronic data processing or data processing using IT technology
The Company has its own website, which can be accessed via the following address: http://old.globalchessfestival.com/.
Method of data storage: electronic
Data of those signing up for the newsletter:
Purpose of data processing: Sending newsletters to those who sign up.
Legal basis of data processing: The consent of the data subject.
Processed data: Name, e-mail address.
The term of data processing: The data of those who have signed up are stored for a period of 5 years after the active connection has ended. If the data subjects do not establish any active connections using the communication channels of the company for a period of more than 3 years, and they do not react to notices or information, they are placed for 3 years into a passive data set, and, after the expiry of 5 years, the data are placed into a status of final deletion.
Method of data storage: electronic
Cookie service of website visitors:
Number of the data processing assigned in the data protection register:
Purpose of data processing: Making it easier for website visitors to fill in forms and make reservations. It is a completely automatised process.
Legal basis of data processing: The consent of the data subject.
Processed data: Name, home address, telephone number, and e-mail address.
The term of data processing: The cookie designed to help fill in the form is deleted 16 minutes after saving.
Method of data storage: electronic
Establishing and keeping contact:
Visitors can contact the company at the telephone number and e-mail address indicated on the website.
Number of the data processing assigned in the data protection register::
Ppurpose of data processing: establishing and keeping contact.
Legal basis of data processing: the consent of the data subject.
Processed data: name, e-mail address, date and time, the subject and text of the message and any further personal data provided by the data subject.
Deadline of deleting the data: 2 years after the data were provided.
Method of data storage: electronic
You can file a complaint in connection with data processing using the following contacts: +3620/4935601(tel.)
Complaints can be filed or legal remedy may be sought at the National Authority for Data Protection and Freedom of Information:
Name: National Authority for Data Protection and Freedom of Information
Registered office: 1024 Budapest, Szilágyi Erzsébet fasor 22/C.
Website: http://www.naih.hu