Data Processing Guide - Newsletter 

1. Name, registered office and representative of the data controller

Name: Kolping Hotel Kft.
Registered office: 8394 Alsópáhok, Fő utca 120., Hungary
Legal representative: Csaba Baldauf, managing director
Contact person on matters of data privacy: Judit Nyírő, deputy director in charge of operations

2. Data protection officer

Dr. Boldizsár Morvay – dpo@kolping.hotel.hu

3. Definition of the processed data

The name and e-mail address specified by the data subject.

4. The purpose of data control

Delivery of the newsletter on the chosen topics, sending special offers and other items, provision of current information, offers, sending items for direct marketing purposes, our own on-line research.

5. Legal basis of data control

Consent of the data subject.

6. Legal consequences of the lack of data supply 

You will not subscribe to the newsletter, there will be no data processing.

7. Data transfer

Data will only be transferred to the company that dispatches the newsletter

Name of the data processor providing the newsletter dispatch service: MORGENS Design Kft.
Registered office: 8800 Nagykanizsa, Csányi László utca 2.
Represented by: Katona Zoltán, ügyvezető
No data will be transferred to a third country.

Name of the data processor providing the newsletter dispatch service: Mailgun Technologies, Inc.,
Registered office: 535 Mission St., 14th Floor, San Francisco, California 94105.
The data will be transferred to a third country.

8. Legal basis of data transfer

Consent of the data subject.

9. Term of the processing of personal data

The data will be processed until the authorization of the data subject is withdrawn. You can unsubscribe the newsletter at the end of each issue, which also means that the data subject requests the deletion of his/her email address.

10. Guidance on the rights of the data subject

The data subject is entitled to

• obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data.
• obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.
• obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay.
• to obtain from the controller restriction of processing where one of the following applies:
  • the accuracy of the personal data is contested by the data subject /for a period enabling the controller to verify the accuracy of the personal data/,
  • the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
  • the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
  • the data subject has objected to processing pending the verification whether the legitimate grounds of the controller override those of the data subject.
• to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, if the basis of data control is voluntary consent or a contract, and it is performed automatically.
• where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
• not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

11. Information on profiling, automated decision-making

No profiling, automated decision-making will happen.

12. Data storage, data security

The data controller and the organisation involved as data processor will store the data on their own computing devices, which are located in their respective seats, or in the case of the data processor, in a rented server park. The data controller and the data processor will choose n operate the IT tools applied by them in such a manner that the processed data are accessible for the authorized persons, their authenticity and certification remain guaranteed, it is possible to verify that they are unchanged and protected against unauthorized access. The data shall be protected by the appropriate arrangements, especially against unauthorized access, modification, forwarding, publication, deletion or destruction, furthermore, against accidental destruction and damage and becoming unavailable owing to changes in the applied technology, in such a manner that the data controller will apply, with regard to current level of development of technology, such organising and organisational measures for the protection of the security of data control that provide an appropriate level of protection commensurate with the risks occurring concerning data control.

13. The right of seeking legal redress

The controller is entitled to initiate legal proceedings against the data recipient should the rights of the data subject be infringed. The litigation shall be decided by a Tribunal. (Contact details of the Tribunal of Zalaegerszeg: 1055 Budapest, Markó u. 25. 1363 Pf.: 16.). Litigation may also be started at a tribunal having jurisdiction for the location or place of residence of the data subject, as the data subject chooses. The court shall take priority action in such cases.

Legal remedies and complaints should be addressed to the National Authority for Data Protection and Freedom of Information:

Name: National Authority for Data Protection and Freedom of Information
Seat: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.
Mailing address: 1530 Budapest, Pf.: 5.
Telephone: 06.1.391.1400
Fax: 06.1.391.1410
E-mail: ugyfelszolgalat@naih.hu
http://www.naih.hu

14. The availability of the Data Protection Policy

The data protection policy is available on: https://kolping.hotel.hu/en/privacy-policy