Privacy

Scope

This Privacy Policy (hereinafter: Policy) applies to www.sooseszter.com and http://franciapolitika.sooseszter.com, as well as to all additional future subdomains of www.sooseszter.com (hereinafter Sites) and their Users. Sites are operated by Eszter Petronella Soós, self-employed entrepreneur.

What is the essence of this Policy?

  • Personal data are collected and treated in accordance with legal provisions of Hungary and the European Union. To understand when, why and how your data is handled, see details below.

  • We maintain the security of your data. No data will be transferred to unauthorized third parties.

  • Direct advertising will be sent to you only if you expressly agree to receive them.

  • If you want information about what data is stored about you, or want us to delete your data, please contact us as soon as possible at sooseszter (-at-) sooseszter (-dot-) com!

What is the legal basis of this Policy? General information, legal basis

Please be informed that our processing personal information I based on voluntary consent (under Article 20. (1) of Act CXII Of 2011 (hereinafter Information Act). Data processing is exclusively based on the User’s voluntary website browsing actions and subscriptions. Please be informed that handling of private data is regulated by the following Acts:

  • Act CXIX of 1995 on the use of name and address information serving the purposes of research and direct marketing (Direct Marketing Act);

  • Act CVIII of 2001 on electronic commerce activities and information society services (Electronic Commerce Act);

  • Act XLVIII of 2008 on the essential conditions and certain limitations of business advertising activities (Business Advertising Act);

  • Act CXII of 2011 on the right of information self-determination and freedom of information (Information Act).

When the User visits the Sites, they implicitly consent to the handling of certain data. If you do not consent to data processing, please do not use the Sites, do not comment on them, do not give any personal information away, and make sure to delete your browser cookies.

Please be informed that according to the Article 6 of the Information Act

(1) Personal data may be processed if obtaining the subject’s consent is impossible or it would give rise to disproportionate costs, and if the processing of personal data is necessary:

a) for compliance with a legal obligation pertaining to the data controller, or

b) for the purposes of the legitimate interests pursued by the controller or by a third party, and enforcing these interests is considered proportionate to the limitation of the right for the protection of personal data.

Article 20. (4) of the Information Act also applies to our Sites:

(4) If the provision of personal information to the data subject proves impossible or would

involve disproportionate costs, the obligation of information may be satisfied by the public disclosure of the following:

a) an indication of the fact that data is being collected;

b) the data subjects targeted;

c) the purpose of data collection;

d) the duration of the proposed processing operation;

e) the potential data controllers with the right of access;

f) the right of data subjects and remedies available relating to data processing; and

g) where the processing operation has to be registered, the number assigned in the data protection register, with the exception of Article 68. (2).

These provisions do not apply to newsletter-services which contain business commercials and to voluntary shared personal data. Your expressed prior consent is necessary for the legal use of these services.

Definitions

Our Policy uses the following definitions of the Article 3. of the Information Act:

1. ‘data subject’ shall mean any natural person directly or indirectly identifiable by reference to specific personal data;

2. ‘personal data’ shall mean data relating to the data subject, in particular by reference to the name and identification number of the data subject or one or more factors specific to his physical, physiological, mental, economic, cultural or social identity as well as conclusions drawn from the data in regard to the data subject;

7. ‘the data subject’s consent’ shall mean any freely and expressly given specific and informed indication of the will of the data subject by which he signifies his agreement to personal data relating to him being processed fully or to the extent of specific operations;

8. ‘the data subject’s objection’ shall mean a declaration made by the data subject objecting

to the processing of his/her personal data and requesting the termination of data processing, as well as the deletion of the data processed;

9. ‘controller’ shall mean natural or legal person, or organisation without legal personality which alone or jointly with others determines the purposes and means of the processing of data; makes and executes decisions concerning data processing (including the means used) or have it executed by a data processor;

10. ‘data’ processing’ shall mean any operation or the totality of operations performed on the data, irrespective of the procedure applied; in particular, collecting, recording, registering, classifying, storing, modifying, using, querying, transferring, disclosing, synchronising or connecting, blocking, deleting and destructing the data, as well as preventing their further use, taking photos, making audio or visual recordings, as well as registering physical characteristics suitable for personal identification (such as fingerprints or palm prints, DNA samples, iris scans);

11. ‘data transfer’ shall mean ensuring access to the data for a third party;

13. ‘data deletion’ shall mean making data unrecognisable in a way that it can never again be restored;

14. ‘tagging data’ shall mean marking data with a special ID tag to differentiate it;

15. ‘blocking of data’ shall mean marking data with a special ID tag to indefinitely or definitely restrict its further processing;

16. ‘data destruction’ shall mean complete physical destruction of the data carrier recording the data;

17. ‘data processing’ shall mean performing technical tasks in connection with data processing operations, irrespective of the method and means used for executing the operations, as well as the place of execution, provided that the technical task is performed on the data;

18. ‘data processor’ shall mean any natural or legal person or organisation without legal personality processing the data on the grounds of a contract, including contracts concluded pursuant to legislative provisions;

21. ‘data set’ shall mean all data processed in a single file;

22. ‘third party’ shall mean any natural or legal person, or organisation without legal personality other than the data subject, the data controller or the data processor;

24. ‘third country’ shall mean any State that is not an EEA State.

Third parties

Please be informed that according to the Article (8) of the Information Act:

1) Personal data may be transmitted by a data controller covered by this Act to a data controller or processor operating in a third country, or may be transferred to a data controller or processor operating in a third country if:

a) the data subject has given his explicit consent, or

b) the conditions laid down in Article 5 and/or Article 6 for data processing are satisfied and – save where Section (2) of Article 6 applies – the adequate level of protection of the personal data have been ensured in the third country during the course of the control and processing of the data transferred.

With regard to the Privacy Shield convention concluded between the U.S. and the European Union, under certain conditions, there is no impediment to data processing in third countries (the United States).

Changes to the Policy

We may modify the Policy from time to time. We highly recommend that you periodically review the Policy posted on our website (www.sooseszter.com/privacy_en). We encourage you to review our Privacy Policy to stay informed about our information practices and the ways you can help protect your privacy.

Who is the controller?

The identity of the controller:

Eszter Petronella Soós (self-employed entrepreneur)
1139 Budapest, Frangepán utca 27. I/4.
Tax number: 60036865-1-41
Government registration ID: 17710896
Qualification: Political scientist (ELTE, Hungary, 2009)

National Authority for Data Protection and Freedom of Information IDs (data processing IDs):
NAIH-105202/2016: “direkt marketing a www.sooseszter.com oldalon és aldomainjein. Vegyesen marketing és sales célú, illetve tájékoztató hírlevelek küldése a feliratkozottaknak”.
NAIH-105203/2016: “beérkező üzenetek kezelése. Médiakapcsolatok, ügyfélérdeklődés fogadása, levelezés érdeklődőkkel, ajánlatkérések teljesítése”.

Besides Eszter Petronella Soós (hereinafter the Data Controller), only the Data Processors may get to know the processed data, which are mentioned by name in this Policy. For data security reasons, Eszter Petronella Soós as Data Controller makes every effort to ensure that her employees have as little as possible access to detailed information in the data set.

The security of your personal data is important to us. We take precautions to protect your information against unauthorized access, alteration, disclosure or destruction.

Our Sites may contain links to third-party websites. Please be aware that we are not responsible for the security, the privacy practices and the materials of those third-party websites.

Users’ rights and remedies related to data processing

The Users of the Sites have the right to ask for information with regards to their personal data stored and managed by Data Controller.

The Data Controller immediately gives out the information. All Users may request revision, update, correction, sequestration or deletion of their personal data. The Data Controller have 15, but by no means more than 25 days to comply with that request.

The security of your personal data is important to us. If you have any questions about the type of personal data we hold about you or if you wish to request deletion etc. of the personal data we hold about you, please send a written request to sooseszter (-at-) sooseszter (-dot-) com.

In case of complaints related to the protection of your personal data, you may contact:

  • The National Authority for Data Protection and Freedom of Information (1121 Budapest, Szilágyi Erzsébet fasor 22/C., Mailing Address/Postal Address: 1530 Budapest, Pf.: 5., +36(1) 391-1400, ugyfelszolgalat@naih.hu, www.naih.hu), or

  • on the basis of Article 22 of the Information Act you may turn to the court (please note that you have the right to initiate the lawsuit in your place of residence instead of the court with territorial jurisdiction).

We respectfully ask you, before contacting the Authorities or suing us, toplease contact us directly. If we made errors while processing your personal data, those errors will be corrected immediately and voluntarily.

What data are handled when visiting the Sites?

1. Indication of the fact that data is being collected and the range of data processed: operation of websites, hosting service as well as e-mail service are provided to the Sites by an external service provider, who also may participate in data storage and data processing. (For example after the username creation, in principle/theory, the external service provider may have access to the database of registered users, and to users’ content, such as users’ comments. In practice, however, the service provider does not work directly with these data.

2. The data subjects: all visitors and all registered users of www.sooseszter.com and its subdomains.

3. The purpose of data collection: the operation of the websites, to ensure the technical operation of the Sites.

4. The duration of the proposed processing operation: until the User’s cancellation request, or maximum until five years after the last visit of the website.

5. Operation of websites, hosting service as well as e-mail service are provided to the Sites by an external service provider, who also may participate in data storage and data processing. The server-provider may offer further information about the technical details of the server-service and their related security measures at the address below:

Netboard Bt.
1115 Budapest
Kelenföldi út 20-28.
webmester@netboard.hu

What data are handled through the Google Analytics and StatCounter system?

Like all websites, our Sites also use web analytics services for the purposes of website traffic/attendance measurement and analysis, visitors’ behaviour analysis, tracking visitors, and for the purpose of creating a better user experience. We make use of external data processing partners to carry out this tasks.

We prepare and analyse attendance statistics of our Sites with the Google Analytics and Statcounter web analytical systems. Users are not individually identifiable in the statistics.

1. The fact that data is being collected and the scope of the processed data:

  • User’s IP Address

  • User’s approximate geographical location

  • The name of the internet service provider

  • Date of visit, duration

  • The type of the User’s browser and operating system

  • Entry link (where the user enters our Sites)

  • Exit link (where the user left our Sites)

  • The User’s activity in our Sites (downloads, Site views)

  • If the user has agreed to our use of cookies, the system records the fact of the visit. If you are a returning User, and you agreed to our use of cookies, current visit data will be linked to prior visits.

2. The data subjects: all visitors of www.sooseszter.com and its subdomains.

3. The purpose of data collection: traffic/attendance measurement and analysis, visitors’ behaviour analysis, tracking visitors, and the purpose of creating a better user experience through the measurement of visitor behavior and demands.

4. The duration of the proposed processing operation: until the User’s cancellation request, or maximum until five years after the last visit of the website.

5. Possible data processors who are authorized to know personal data: external service providers give us web analytics services. Our data processing partners are:

Google Ireland,
Gordon House,
Barrow Street,
Dublin 4, Ireland

StatCounter
Guinness Enterprise Centre
Taylor’s Lane
Dublin 8, Ireland

6. The User may make inquiries / get to know more about Google’s privacy policy at the following link: https://www.google.com/intl/en/policies/privacy/.

The User may make inquiries about Google Analytics’s specific privacy policy at the following link: https://support.google.com/analytics/answer/6004245?hl=en.

The User may make inquiries about Statcounter’s privacy policy at the following link: http://statcounter.com/about/legal/#privacy.

The User may make inquiries about Statcounter’s cookie-policy at the following link: http://statcounter.com/about/cookies/.

What data is processed through the Google Adsense system when I see Google’ advertisement?

The Google Adsense system can place targeted advertisements on our Sites. They might be localized and personalized according to the User’s browser settings, use and settings of cookies.

1. The fact that data is being collected and the scope of processed data (the scope of data colleted depends on whether the user is logged in to his/her Google Account when he/she is browsing our Sites):

  • Visitor’s IP Address

  • The name of the internet service provider

  • The type of the Visitor’s browser and operating system

  • Collected cookies from third parties.

The operator of the Sites (the Data Collector) does not have direct access to these personal information, these data is collected by the data processor/controller named below in Article 6 (Google Ireland).

Google can eventually place cookies on your computer. If your Google account is logged in at the time of your visit, it is possible that Google connects the previously collected data about you with the data in the cookies collected on our Sites. Please make sure to can read about Google’s relevant policy here: https://www.google.com/intl/en/policies/privacy/partners/. If you are wary of this data collection practice, read Article 6 for the solution.

2. The data subjects: all visitors of www.sooseszter.com and its subdomains.

3. The purpose of data collection: Targeted, personalized, location, person or context-sensitive advertising.

4. The duration of the proposed processing operation: the data are managed and controlled by Google according to Google’s privacy policy (please make sure to read Article 7 below).

5. Possible data processor/controller who is authorized to know the data:

Google Ireland,
Gordon House,
Barrow Street,
Dublin 4,
Ireland

6. Method of the data processing: the use of cookies and web beacons. Targeted advertising can be stopped by disabling cookies. Cookies can be disabled by the User in browser settings. Furthermore, it is possible to manually delete them. If the User disables the cookies, the User acknowledges that without cookies the Sites may not provide a 100% browsing experience, services. The User agrees to our use of cookies by clicking on Okay, got it!”, or „Oké, értettem”.

7. You can read more about Google’s general Privacy Policy here: https://www.google.com/intl/en/policies/privacy/.

What data is processed when I make an offer or fill out the contact formula?

1. The fact that data is being collected and the scope of processed data: should the User get in touch with the Data Controller through the contact formula (http://www.sooseszter.com/contact/), the following data would be forwarded to the Data Controller:

  • Name

  • E-mail address

  • User‘s IP address and host

  • The type of the User‘s browser, platform and operation system.

2. The data subjects: Persons who get in touch with the Data Controller through the contact-formula. (http://www.sooseszter.com/contact/).

3. The purpose and the method of data collection: we ask your name for identification, your e-mail address to know where to send the reply. The external IP address and host is recorded, as well as the type of the browser, the platform and the operation system to prevent abuses and malicious attacks (for technical reasons).

4. The duration of the proposed processing operation: until purpose is achieved.

5. Possible data processor/controller who is authorized to know the data:

E-mails services with ending of @sooseszter.com and hosting-services (either directly or through redirection) are provided by external service providers, so in principle external service providers may also have access to the sent data (in practice, however, it is unlikely that they come into direct contact with your messages or personal data). Our external service providers are:

Netboard Bt.
1115 Budapest
Kelenföldi út 20-28.
webmester@netboard.hu

Yahoo! Inc.
701 First Avenue Sunnyvale,
CA 94089, USA.
www.yahoomail.com

6. You can read more about Yahoo!’s Privacy Policy here: https://policies.yahoo.com/us/en/yahoo/privacy/index.htm.

What data is processed when I subscribe to the Newsletter service?

According to the Article 6. (1) of the Act XLVIII of 2008 on the essential conditions and certain limitations of business advertising activity:

Except where otherwise regulated by statute, advertisements may be communicated to natural persons by the method of directly contacting them as the addressees of those advertisements (hereinafter: “direct solicitation”), in particular by electronic mails or equivalent individual means of communication, with the exception defined in Article (4), only if the addressees of the advertisement gave their preliminary consent, clearly and expressly, to being contacted in this way.”

Therefore, if you would like to receive our newsletters with business advertising content, we have to ask your prior consent.

1. The fact that data is being collected and the scope of processed data:

  • Name (nickname)

  • E-mail address

  • The date of the subscription

  • The fact of opening an e-mail and the platform used

  • The fact of clicking on an external link, and the location of the external link

  • The type of the platform and the operation system you use

2. The data subjects: Users subscribed to the newletter.

3. The purpose and the method of data collection: to send e-newsletters containing business advertising for those who are interested, to send updates from the Sites, furthermore, to stay in touch.

We make use of the MailChimp newsletter service system. MailChimp places a code in the html-format letters, which allows us to measure whether the recipients opened the letter or not, which external links they opened, and in what proportion. The aggregated information on the openings, external links, and on the operation system or the platforms used is collected and analysed to better understand consumers’ needs, to improve the quality of newsletter campaigns, and to send targeted business advertisements.

4. The duration of the proposed processing operation: until the User’s cancellation request, or maximum until five years after the subscription.

Please be informed that according to Business Advertising Act „Statements of consent within the meaning of Article (1) may be withdrawn cost free at any time without any limitation and without the need for the withdrawal to be reasoned. For such a case, the name and the personal data of the person making the statement shall immediately be deleted from the record specified in Article (5)”.

According to the Business Advertising Act your notice of withdrawal may be transmitted by way of the postal service or by e-mail – however, if it possible, please use the sooseszter (-at-) sooseszter (-dot-) in order to speed up the administration.

5. Possible data processor who is authorized to know the data:

The Rocket Science Group, LLC
512 Means St., Suite 404 Atlanta, Georgia, 30318, USA
www.mailchimp.com

6. You can read more about MailChimp’s Privacy Policy here: https://mailchimp.com/legal/privacy/.

You can read more about MailChimp’s Privacy Policy regarding to the E.U. here: http://kb.mailchimp.com/accounts/management/about-mailchimp-and-eu-safe-harbor.

7. If the User becomes a Client of the Data Collector, User’s personal data might be accessed by an external service provider providing bookkeeping services. Data will be transferred to the extent required by the Accounting Act. In this case, the User (the Client) receives separate privacy information with regards to the handling of client data.

What information is processed when I comment?

We use the Facebook’s comment plugin service to promote civilized commentary. We are moderating comments according to the spirit of the commentary rules of the privacy policy of the 444.hu site.

1. The fact that data is being collected and the scope of processed data:

  • Name on Facebook

  • Facebook URL

2. The data subjects: all commenting Users of www.sooseszter.com and its subdomains.

3. The purpose of data collection: to promote a civilized, troll-free” discussion.

4. The duration of the proposed processing operation: until the User’s cancellation request, or maximum until five years after the last visit of the website.

5. Possible data processor who is authorized to know the data:

Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland

6. You can read more about Facebook’s Privacy Policy here: https://www.facebook.com/privacy/explanation.

What data is processed by Facebook and Google Adwords services?

1. The fact of that the data is being collected and the scope of processed data: Google Adwords and Facebook may place remarketing-codes (cookies) on the User’s computer, provided the User’s browser settings permit this.

2. The data subjects: all visitors of www.sooseszter.com and its subdomains.

3. The purpose and the method of data collection: publishing personalized ads on other websites.

The Sites use so-called “cookies” to carry out these services, to improve user experience, as well for the purpose of personalized content services. These “cookies” are placed to make the browsing easier for the User (for example to restore previous settings) by the Sites or by the previously mentioned partners who are responsible for these services.

Cookies can be disabled by the User in the browser settings, furthermore, it is possible to manually delete them. If the User disables the cookies, the User acknowledges that without cookies the Sites may not provide a 100% browsing experience or services. The User agrees to our use of cookies by clicking on Okay, got it!”, or „Oké, értettem”.

4. The duration of the proposed processing operation: until the User’s cancellation request, or maximum until five years after the last visit of the website.

5. Possible data processors authorized to know the data:

Google Ireland,
Gordon House,
Barrow Street,
Dublin 4, Ireland

Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland.

How do the Sites use cookies?

The User may meet Facebook and Twitter plugins, with the Like-button, and with embedded YouTube videos on the sites. These services are often placing cookies on the computers of the visitors. These cookies are serving the purpose of tracking the visitors’ online behaviour, placing targeted ads and improving users’ experience.

You can read more about Facebook’s Privacy Policy here: https://www.facebook.com/privacy/explanation.

You can read more about YouTube’s Privacy Policy here: https://www.youtube.com/static?template=privacy_guidelines.

You can read more about Twitter’s Privacy Policy here: https://twitter.com/privacy?lang=en.

The Sites use so-called “cookies” to carry out these services, to improve user experience, as well for the purpose of personalized content services. These “cookies” are placed to make the browsing easier for the User (for example to restore previous settings) by the Sites or by the previously mentioned partners who are responsible for these services.

Cookies can be disabled by the User in the browser settings, furthermore, it is possible to manually delete them. If the User disables the cookies, the User acknowledges that without cookies the Sites may not provide 100% browsing experience, services. The User agrees to our use of cookies by clicking on Okay, got it!”, or „Oké, értettem”.