Introduction
The data controller manages the data of individuals registered on the website to provide them with appropriate services during its operation. The data controller fully intends to comply with the legal requirements for the handling of personal data, particularly those outlined in Regulation (EU) 2016/679 of the European Parliament and of the Council. This privacy policy is prepared based on Regulation (EU) 2016/679 of the European Parliament and of the Council concerning the protection of personal data and the free movement of such data, taking into account the provisions of Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information.
Name and contact information of the data controller
Company Name: AGORA Educational Institute Consulting and Adult Education Ltd.
Headquarters: 9700 Szombathely, Malom Street 5.
Mailing Address: 1024 Budapest, Keleti Károly Street 8.
Email: [email protected]
Phone: +36 1 786 46 95
Website: https://www.agoraintezet.hu
Tax Number: 11950923-2-18
Definitions
GDPR (General Data Protection Regulation) is the new Data Protection Regulation of the European Union.
Data processing: Any operation or set of operations performed on personal data or data sets, whether automated or not, including collection, recording, organization, structuring, storage, alteration or modification, retrieval, consultation, use, disclosure, transmission, distribution, or other means of making accessible, coordination or combination, restriction, deletion, or destruction.
Data processor: A natural or legal person, public authority, agency, or any other body that processes personal data on behalf of the data controller.
Personal data: Any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, particularly by reference to an identifier such as a name, number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Data controller: A natural or legal person, public authority, agency, or any other body that determines the purposes and means of the processing of personal data, either alone or jointly with others; if the purposes and means of processing are determined by Union or Member State law, the data controller or the specific criteria for the designation of the data controller may also be provided for by Union or Member State law.
Consent of the data subject: A voluntary, specific, informed, and unequivocal indication of the data subject’s wishes, by which the data subject signifies agreement to the processing of personal data relating to them, by a statement or a clear affirmative action.
Data protection incident: A security breach that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data that has been transmitted, stored, or otherwise processed.
Recipient: A natural or legal person, public authority, agency, or any other body to whom personal data is disclosed, regardless of whether they are a third party. Public authorities that may receive personal data in the context of a specific inquiry in accordance with Union or Member State law are not considered recipients; the processing of such data by those public authorities must comply with the applicable data protection rules according to the purposes of the processing.
Third party: A natural or legal person, public authority, agency, or any other body that is not the data subject, the data controller, the data processor, or those persons who, under the direct authority of the data controller or the data processor, are authorized to process personal data.
Data processing principles
The data controller declares that it manages personal data in accordance with the provisions set forth in this privacy policy and complies with the relevant legal requirements, paying particular attention to the following:
Personal data must be processed lawfully, fairly, and transparently in relation to the data subject.
Personal data collection can only occur for specified, explicit, and legitimate purposes.
The purpose of personal data processing must be appropriate and relevant, and limited to what is necessary.
Personal data must be accurate and kept up to date. Inaccurate personal data must be deleted without delay.
Personal data storage must be in a form that allows identification of data subjects only for as long as necessary. Personal data may be stored for a longer period only if it is for public interest archiving, scientific and historical research purposes, or statistical purposes.
Personal data processing must be carried out in such a way that appropriate technical or organizational measures ensure the adequate security of personal data, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage.
The principles of data protection must be applied to any information relating to an identified or identifiable natural person.
Important Data Management Information
The purpose of data management is to enable the data controller to provide additional services to registered users on the website.
The duration of data management and data deletion depend on the specific user purpose; however, data must be deleted immediately once the original purpose has been achieved. The individual concerned may withdraw their consent to data processing at any time by sending an email to the designated contact email address. If there is no legal obstacle to deletion, the data will be removed.
Those authorized to access the data include the data controller and its employees.
The individual concerned may request access to, correction, deletion, or restriction of their personal data, object to the processing of such data, and exercise their right to data portability.
The individual concerned may withdraw their consent to data processing at any time, without affecting the legality of data processing conducted based on prior consent.
The individual concerned has the right to file a complaint with the supervisory authority.
If the individual wishes to use the benefits of registration and the website’s related services, they are required to provide the requested personal data. Providing personal data is not mandatory and will have no adverse consequences if omitted. However, some website features are not accessible without registration.
The individual has the right to request that the data controller promptly correct or supplement any inaccurate personal data concerning them.
The individual also has the right to request that the data controller delete inaccurate personal data concerning them without undue delay, and the data controller is obliged to do so if there is no other legal basis for data management.
Modifications or deletion of personal data can be initiated by email, phone, or mail using the contact options provided above.
Registration on the website
The purpose of data management is to provide additional services and facilitate contact.
The legal basis for registration data management is your consent (Article 6(1)(a) of the General Data Protection Regulation).
Scope of individuals concerned: registered users of the website.
Duration of data management: Data will be managed until consent is withdrawn.
You may withdraw your consent to data management at any time by sending an email to the designated contact email address.
Data deletion occurs when consent for data management is withdrawn, which can be done at any time by sending an email to the contact address.
Those authorized to access the data include the data controller and its employees.
Data storage method: electronic.
Modifications or deletion of personal data can be initiated via email, phone, or mail using the contact options provided above.
Providing personal data is essential for identification in databases and for communication purposes. Accurate company name and address are required for billing, which is a legal obligation.
| Scope of managed data | Specific purpose of data management |
|---|---|
| Name | Identification, communication, billing. |
| Company name | Identification, communication, billing. |
| Address | Identification, communication, billing. |
| Identification, communication | |
| Phone | Identification, communication |
| Registration date | Technical information operation. |
| IP address | Technical information operation. |
Placing an order
The purpose of data management is to provide additional services, facilitate communication, and send confirmation emails. We can only fulfill your order if you provide your contact and billing information, which is essential for communication and billing purposes.
The legal basis for data management is your consent (Article 6(1)(a) of the General Data Protection Regulation). In the case of billing, data management is based on legal requirements (Article 6(1)(c) of the General Data Protection Regulation).
Scope of individuals concerned: registered users of the website.
Duration of Data Management: Data will be managed in accordance with legal requirements until your consent is withdrawn. You may withdraw your consent to data management at any time by sending an email to the designated contact address.
Data deletion occurs when consent for data management is withdrawn. You can withdraw your consent at any time by sending an email to the contact address. The deletion of billing data may occur in accordance with legal requirements.
Those authorized to access the data include the data controller and its employees.
Data storage method: electronic.
Modifications or deletion of personal data can be initiated via email, phone, or mail using the contact options provided above.
| Scope of managed data | Specific purpose of data management |
|---|---|
| Names | Identification, communication, billing. |
| Company address | Identification, communication, billing. |
| Address | Identification, communication, billing. |
| Identification, communication. | |
| Phone | Identification, communication. |
| Registration date | Technical information operation. |
| IP address | Technical information operation. |
The user can provide their consent for data management by intentionally checking the empty checkbox specifically designated for this purpose on the website.
As the data subject, you have the right to object to the processing of your personal data. In this regard, you are entitled to follow the procedures outlined in the data management information detailed above, as well as the legal regulations mentioned in this notice.
Participation in training sessions
The trainer undertakes the responsibility for conducting the training program specified in the contract, ensuring the quality of the program and the activities of the contributors. The participant is required to attend the training sessions punctually, actively contribute, and cooperate as necessary during the training.
In the case of breach of contract by the adult education institution, the provisions of Act LXXVII of 2013 on Adult Education and its implementing regulations, as well as the Civil Code (Ptk.), are applicable.
During the completion of the training, personal data will be managed in full compliance with the laws concerning personal data management, particularly the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as well as Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (hereinafter referred to as “Infotv.”).
The participant acknowledges that the necessary data for statistical reporting will be managed by the trainer in accordance with applicable adult education regulations until the end of the eighth year following the start of the training. The data will be stored electronically by the trainer in accordance with data management regulations.
Invoice issuance
The purpose of data management is to issue and send electronic invoices as email attachments. The legal basis for data management is mandatory data processing based on legislation (Article 6(1)(c) of the General Data Protection Regulation).
Scope of Individuals Concerned: Customers of the service provider.
Duration of Data Management: Data will be managed in accordance with legal requirements until your consent is withdrawn. You may withdraw your consent to data management at any time by sending an email to the designated contact address.
Data deletion occurs when consent for data management is withdrawn. You can withdraw your consent at any time by sending an email to the contact address. The deletion of billing data may occur in accordance with legal requirements.
Those authorized to access the data include the data controller and its employees.
Data storage method: electronic.
Modifications or deletion of invoice data can be initiated via email, phone, or mail using the contact options provided above.
| Scope of managed data | Specific purpose of data management |
|---|---|
| Names | Identification, communication, billing. |
| Company names | Identification, communication, billing. |
| Address | Identification, communication, billing. |
| Identification, communication. | |
| Phone | Identification, communication. |
| Tax number/tax identification number | Identification of the customer. |
| Invoice data | Identification of the invoice. |
| Invoice issuance date | Technical information operation. |
Newsletter sending
As the operator of the website, we declare that we fully comply with the relevant legal provisions during the publication of information and descriptions. We also declare that we cannot verify the authenticity of the contact data when subscribing to the newsletter or determine whether the provided data pertains to a private individual or a business. We treat businesses contacting us as client partners.
The purpose of data processing is to send professional descriptions, electronic messages containing advertisements, information, and newsletters, from which you can unsubscribe at any time without consequences. You can unsubscribe without any consequences even if your business has ceased to exist, you have exited the business, or someone has provided your contact information to us.
The legal basis for data processing is your consent (General Data Protection Regulation Article 6 (1) (a)).
We inform you that the user may give prior and explicit consent for the service provider to contact them with advertising offers, information, and other correspondence at the email address provided during registration. Consequently, the user may consent to the service provider processing the necessary personal data for this purpose.
We inform you that if you wish to receive newsletters from us, you are required to provide the necessary data. If you do not provide the data, we cannot send you a newsletter.
The duration of data processing: Data processing will continue until the consent is revoked. You may revoke your consent for data processing at any time by sending a letter to the contact email address.
Data deletion occurs when the consent for data processing is revoked. You can revoke your consent for data processing at any time by sending a letter to the contact email address.
The consent may also be revoked via the link included in the newsletters sent.
The entities entitled to access the data are the data controller and their employees.
The method of data storage: electronic.
Requests for modification or deletion of data can be initiated via email, phone, or letter using the contact information provided above.
The data processor used: https://www.agoraintezet.hu
| Scope of managed data | Specific purpose of data management |
|---|---|
| Name | Identification, communication. |
| Identification, communication. | |
| Subscription date | Technical information operation. |
| IP address | Technical information operation. |
We inform you that neither the username nor the email address needs to contain any information that identifies you as a person. For example, it is not necessary for the username or email address to include your name. You have complete freedom to choose whether to provide a username or email address that contains information hinting at your identity. The email address, which serves communication purposes, is essential for ensuring that newsletters or professional information sent to you reach their destination.
Cookies
Cookies are placed on the user’s computer by the visited websites and contain information such as page settings or login status.
Cookies are small files created by the websites visited. They enhance the user experience by saving browsing data. With the help of cookies, the website remembers site settings and offers locally relevant content.
The service provider’s website sends a small file (cookie) to the visitor’s computer to determine the fact and time of the visit. The service provider informs the website visitor about this.
The data subjects involved in data processing are the visitors of the website.
The purpose of data processing is to provide additional services, identification, and tracking of visitors.
User consent is not required if the use of essential cookies is absolutely necessary for the service provider.
Data scope: unique identifier, timestamp, setting data.
Users have the option to delete cookies from their browsers at any time in the Settings menu.
Data storage method: electronic.
Social media
A social media is a medium where messages are disseminated through social users. Social media utilizes the internet and online presence opportunities to transform users from content consumers to content creators.
Social media is a platform for internet applications that contain user-generated content, such as Meta (Facebook), Instagram, Twitter, Pinterest, etc. The forms of social media presentation can include public speeches, presentations, demonstrations, and descriptions of products or services.
The forms of information published on social media can include forums, blog posts, images, videos, audio materials, message boards, email messages, etc.
Accordingly, the scope of processed data may include the user’s public profile picture in addition to personal data.
Affected individuals: all registered users.
The purpose of data collection is to promote the website or the related webpage.
The legal basis for data processing is the voluntary consent of the data subject (General Data Protection Regulation Article 6(1)(a)).
Duration of data processing: according to the regulations visible on the respective social media platform.
Deadline for data deletion: according to the regulations visible on the respective social media platform.
Those entitled to access the data: according to the regulations visible on the respective social media platform.
Rights related to data processing: according to the regulations visible on the respective social media platform.
Data storage method: electronic.
It is important to consider that when a user uploads or submits any personal data, they grant the operator of the social media platform a worldwide valid permission to store and utilize such content. Therefore, it is crucial to ensure that the user has full rights to disclose the published information.
Google Analytics
Our website uses Google Analytics.
In the case of Google Analytics:
Google Analytics compiles reports for its clients based on internal cookies about the habits of the website’s users.
On behalf of the website operator, Google uses the information to evaluate how users utilize the website. Additionally, it creates reports related to website activity for the website operator to fulfill further services.
The data is stored on Google servers in an encrypted format to make it difficult to misuse the data.
Google Analytics can be disabled as follows. Quoting from the site:
You can opt-out of having your site activity available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (gtag.js, analytics.js) that is running on websites from sharing information with Google Analytics about visit activity.
Using the Google Analytics opt-out browser add-on will not prevent site owners from using other tools to measure site analytics. It does not prevent data from being sent to the website itself or in other ways to web analytics services.
https://support.google.com/analytics/answer/6004245?hl=en
Google’s privacy policy: https://policies.google.com/privacy?hl=en
Detailed information about the use and protection of the data can be accessed through the links above.
Data processors
Hosting provider:
| Name / company address: | NETIDEA Informatikai Szolgáltató Kft. |
| Registered office: | 1121 Budapest, Bazin utca 13. |
| Phone: | +36 30 495 52 40 |
| E-mail: | [email protected] |
The data you provided is stored on a server operated by the hosting service provider. The staff operating the server can access the data, but they are all responsible for the secure handling of the data.
The name of the activity: hosting service, server service.
Data processing is carried out until the end of the website’s operation or according to the contractual agreement between the website operator and the hosting service provider. The data subject can request the deletion of their data by contacting the hosting service provider if necessary.
Accountant:
| Name / company address: | InterTax Hungaria Bt. |
| Registered office: | 1173 Budapest, 503 utca 5. |
| Phone: | +36 20 360 91 39 |
| E-mail: | [email protected] |
Your rights related to data processing
Right to Access
You can request information from us through the provided contact details regarding which of your data our company processes, on what legal basis, for what purpose, from which source, and for how long. We will provide you with this information without delay, but no later than 30 days, to the email address you provided.
Right to Rectification
You can request us to modify any of your data through the provided contact details. We will act on your request without delay, but no later than 30 days, and we will send you information to the email address you provided.
Right to Erasure
You can request the deletion of your data from us through the provided contact details. We will fulfill this request without delay, but no later than 30 days, and we will send you information to the email address you provided.
Right to Restriction of Processing
You can request us to restrict your data through the provided contact details. The restriction will last as long as the reason you specified necessitates the storage of the data. We will fulfill this request without delay, but no later than 30 days, and we will send you information to the email address you provided.
Right to Object
You can object to the processing of your data through the provided contact details. We will examine the objection within the shortest time possible, but no later than 15 days from the submission of your request, make a decision regarding its validity, and inform you of our decision via email.
Possibility of enforcing rights related to data processing
In the case of unlawful data processing that you have experienced, please notify our company so that we have the opportunity to restore the lawful state within a short period. We will do everything in our power to resolve the outlined issue in your interest.
If, in your opinion, the lawful state cannot be restored, please inform the authority using the following contact details:
Hungarian National Authority for Data Protection and Freedom of Information
Mailing address: 1363 Budapest, P.O. Box: 9.
Address: 1055 Budapest, Falk Miksa Street 9-11.
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
E-mail: ugyfelszolgalat (at) naih.hu
URL: https://naih.hu
Right to Judicial Remedy:
We inform you that you have the right to turn to a court to protect your personal data, which will handle the case as a matter of priority. In this case, you can freely decide whether to file your claim with the court competent according to your place of residence (permanent address) or your temporary residence, or the company’s registered office.
You can find the court corresponding to your place of residence or temporary residence at https://birosag.hu/birosagkereso.
Legal regulations underlying data processing
- REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (April 27, 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
- Act CXII of 2011 on the right to informational self-determination and freedom of information.
- Act LXVI of 1995 on the protection of public documents, archival materials, and private archival materials.
- Government Decree 335/2005 (December 29) on the general requirements for the management of documents by public authorities.
- Act CVIII of 2001 on certain issues related to electronic commerce services and services related to the information society.
- Act C of 2003 on electronic communications.
- Act LXXVII of 2013 on adult education.
Follow us on our social media pages!