Privacy Policy

Please read this notice carefully to understand how we process your data and know your rights in data processing.

1) Aim of the Privacy Policy

Runge Nadja e.v. (2045 Törökbálint, FSD Park 4, hereinafter referred to as “Controller”), as the data controller acknowledges the contents of this legal notice as binding. It undertakes to ensure that any data processing relating to its activities complies with the requirements of this policy and the applicable national legislation and European Union acts.

The Data Protection Policy relating to the processing of personal data by the Data Controller is permanently available at https://nadjarunge.com/privacy-policy.

The Data Controller reserves the right to modify this policy at any time, provided that it notifies users of any changes in due time.

The Data Controller is committed to protecting the personal data of its users and partners and attaches the utmost importance to respecting the right of data subjects to informational self-determination. The Data Controller treats personal data confidentially and takes all security, technical and organisational measures to ensure the security of the data.

As a data controller, the Operator of the website https://nadjarunge.com respects the privacy of all persons to whom personal data are disclosed and is committed to protecting them. Pursuant to Articles 13-14 of the General Data Protection Regulation of the European Union (Regulation No 679/2016, hereinafter “GDPR”), the following information is provided:

2) Data Controller Information

Company name: Nadja Runge e.v.

Address: FSD Park 4., 2045 Torokbalint

No.: 55116404

Tax number: 54397680-1-33

Website: https://nadjarunge.com

E-mail: [email protected]

Data Protection Officer: the Controller is not obliged to appoint a Data Protection Officer under Article 37 GDPR.

Data Protection Requests: if you have any requests or questions regarding processing your data, you can send your request by post or e-mail to the contact details provided above. We will respond to your request immediately, but within 30 days at the latest, to the address, you have provided.

Data processing: we outsource our accounting, and the accountant is responsible for preparing and submitting our tax returns, reports and tender statements. The accountant does not process any special data, and we do not pass on any data about our clients to the accountant.

Transfers abroad: none

3) What personal data does our company process?

The personal data processed by our company can be divided into the following categories:

a) Future potential customers’ data

You can request a quote from our company for online marketing, online training, consulting, coaching or other services through our website nadjarunge.com; you can do this by using the contact form available on our website. Please fill in your name, e-mail address, telephone number and the subject of your request.

b) Details of our existing customers and suppliers

We process your data as our existing customer in order to fulfil our contract. These data are your natural person identification data, or in the case of a company, company data, e-mail address, telephone number and any other data relating to our existing contractual relationship.

c) Applicant data

If you apply to us for one of our open positions, we will process the data you provide in your application (natural person data, biographical data).

d) Publicly available contractor data

In addition to the above, we process the data (name, address, telephone number) of companies and entrepreneurs in Hungary who have voluntarily provided such data on various websites. Given that they cannot be linked to natural persons, these data are not subject to the GDPR.

Technical data

Our company selects and operates the IT tools used to process personal data in the provision of the service in such a way that the data processed:

– is accessible to those authorised to access it (availability),

– (authenticity of processing),

– its integrity can be verified (data integrity),

– protected against unauthorised access (data confidentiality).

Our company takes appropriate measures to protect data against unauthorised access, alteration, disclosure, disclosure, deletion or destruction and against accidental destruction.

The Data Controller shall ensure the security of data processing by technical, organisational and organisational measures that provide a level of protection appropriate to the risks associated with the processing.

The Controller shall retain during processing:

– confidentiality: it shall protect information so that only those who are entitled to access it have access to it,

– integrity: to protect the accuracy and completeness of the information and the method of processing,

– availability: it ensures that when the authorised user needs it, he has adequate access to the information and the means to obtain it.

Cookies (cookies)

The function of cookies:

– collect information about visitors and their devices,

– remember visitors’ individual preferences, which are used, for example, when they make online transactions, so that they do not have to be re-entered,

– facilitate the use of the website,

– provide a quality user experience.

To provide a personalised service, a small piece of data, called a cookie, is placed on the user’s computer and read back during a subsequent visit. If the browser returns a previously saved cookie, the cookie provider can link the user’s current visit to previous visits but only to its own content.

Strictly necessary, session cookies

The purpose of these cookies is to enable visitors to browse the https:// nadjarunge.com website and use its features and services thoroughly and seamlessly. This type of cookie is valid until the end of the session (browsing) and is automatically deleted from the computer or other browsing device when the browser is closed.

Third-party cookies (analytics)

The Data Controller also uses Google Analytics as a third-party cookie on its website. The company collects information about how visitors use the websites by using Google Analytics for statistical purposes. The data is used to improve the website and the user experience. These cookies will also remain on the visitor’s computer or other browsing device and browser until they expire or until the visitor deletes them.

4) Data management purposes

We process data for the following purposes in accordance with the law:

– to provide our current and future clients with information about our services (marketing purposes)

– to fulfil our contractual obligations,

– to protect our legal interests,

– to comply with our legal obligations, as we are required by law to carry out certain processing.

The following are the legal bases for the use of your personal data:

(a) to issue an invoice following accounting legislation: legal basis: Article 6(1)(c) GDPR

b) contacting you: legal basis: Article 6(1)(f) GDPR.

c) processing of data of contractual partners: legal basis Article 6(1)(b) GDPR

(d) Marketing activities: legal basis: Article 6(1)(a) and (f) GDPR.

A Facebook page is also operated for marketing purposes, but no separate database is created, and no profiling takes place.

6) General data processing policy

The data processing of our company’s activities is based on voluntary consent and legal authorisation. In the case of processing based on voluntary consent, data subjects may withdraw their consent at any stage.

In some instances, the processing, storage and transmission of some of the data provided are required by law, and we will inform our customers separately.

Data controllers are reminded that it is their responsibility to obtain the data subject’s consent when they do not provide their own personal data.

Our data management principles are in accordance with the applicable data protection legislation, in particular, the following:

– Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (Info tv.),

– Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Regulation (EC) No 95/46/EC (General Data Protection Regulation – GDPR)

– Act V of 2013 on the Civil Code (Civil Code)

– Act C of 2000 on Accounting (Accounting Act)

Physical storage locations of data

We may process your data (i.e. data that can be associated with you) in the following ways: on the one hand, technical data relating to the computer, browser program, Internet address and pages visited are automatically generated in our computer system in connection with the maintenance of the Internet connection, and on the other hand, you may provide us with your name, contact details or other data if you wish to contact us when using the website.

Data technically recorded during the system’s operation: the data of the data subject’s computer-generated during the voting process and recorded by the Data Controller’s system as an automatic result of technical processes. The system logs the automatically recorded data at the time of login or logout without any specific declaration or action by the data subject. This data cannot be linked to other personal user data except in cases required by law. Access to the data is limited to the Data Controller.

We use our computers during work and store electronic data on them.

7) Duration of data processing

We keep the invoices for at least eight years due to legal obligations. The documents on which the invoices are based are kept for eight years.

The retention period for data provided to maintain contact is a maximum of one year after the contact has been established.

Retention of data relating to the performance of a contract or the provision of our services is five years.

The retention period for data relating to the employment relationship is three years.

The data of contractors, as defined in point 3(d) will be kept in our database until an erasure request is made. The conversations recorded by our call centre are automatically deleted after six months.

8) Rights of persons affected

The data subject may request information about the processing of their data, request the rectification, erasure or withdrawal of their data, except for mandatory data processing, exercise their right to data portability and objection by the means indicated when the data were collected or by contacting the Controller at the above contact details.

Right to information

Our company takes appropriate measures to provide data subjects with all the information referred to in Articles 13 and 14 of the GDPR and each of the notifications referred to in Articles 15 to 22 and 34 of the GDPR concerning the processing of personal data in a concise, transparent, intelligible and easily accessible form, in clear and plain language.

Right of access

The data subject shall have the right to obtain from the controller feedback as to whether or not their data are being processed and, where such processing is taking place, the right to access the personal data and the following information: the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipients to whom the personal data have been or will be disclosed, including in particular recipients in third countries or international organisations; the envisaged period of storage of the personal data, the right to lodge a complaint, information on the data sources, the fact of automated decision-making, including profiling, and clear information on the logic used and the significance of such processing and its likely consequences for the data subject. The Controller shall provide the information within a maximum of one month from the date of the request.

Right of rectification

The data subject may request the correction of inaccurate personal data relating to them processed by the Controller and the completion of incomplete data.

Right to erasure (right to be forgotten)

The data subject shall have the right to obtain, upon their request and without undue delay, the erasure of personal data relating to them by the Controller on one of the following grounds:

– the personal data are no longer necessary for the purposes for which they were collected or otherwise processed,

– the data subject has withdrawn the consent based on which the processing was carried out, and the Controller has no other legal basis,

– the data subject objects to the processing, and there are no overriding legitimate grounds for the processing,

– the personal data have been unlawfully processed,

– the personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the Controller is subject,

– the personal data have been collected in connection with the provision of information society services.

The erasure of data cannot be initiated if the processing is necessary: for the exercise of the right to freedom of expression and information, for compliance with an obligation imposed on the Controller by Union or Member State law or in the public interest or for the performance of a task carried out in the exercise of official authority vested in the Controller, in the field of public health or for archiving purposes, scientific or historical research purposes, statistical purposes, in the public interest or for the establishment, exercise or defence of legal claims.

Right to restriction of processing

At the request of the data subject, we will restrict the processing if one of the following conditions is met:

– the data subject contests the accuracy of the personal data, in which case the restriction shall apply for the time necessary to allow the accuracy of the personal data to be verified,

– If the processing is unlawful and the data subject opposes the erasure of the data and requests instead the restriction of their use,

– the Controller no longer needs the personal data for processing, but the data subject requires them for the establishment, exercise or defence of legal claims,

– the data subject has objected to the processing, in which case the restriction shall apply for a period of time until it is established whether the Controller’s legitimate grounds override the data subject’s legitimate grounds.

Where the processing is subject to restriction, personal data, other than storage, may be processed only with the consent of the data subject or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or an important public interest of the Union or a Member State.

Right to data portability

The data subject has the right to receive personal data relating to them, which they have provided to the Controller in a structured, commonly used, machine-readable format and to transmit such data to another controller.

Right to object

The data subject shall have the right to object at any time, on grounds relating to their particular situation, to processing of their data necessary for the performance of a task carried out in the public interest or the exercise of official authority vested in the Controller, or necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, including profiling based on those provisions. In the event of an objection, the Controller may no longer process the personal data unless there are compelling legitimate grounds for doing so that override the interests, rights or freedoms of the data subject or for the establishment, exercise or defence of legal claims.

Rights relating to automated decision-making, profiling

The data subject shall have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.

Right of withdrawal

The data subject shall have the right to withdraw their consent at any time, in which case the Operator shall no longer be entitled to process the data based on the consent from the withdrawal date.

Data subjects also have the right to complain directly to the Data Controller, using the contact details provided in this policy, against processing their data that does not comply with this policy or the applicable law. The Controller shall inform the complainant in writing within 30 days of the resolution of the complaint.

If the data subject does not agree with our response, they may refer the matter to the data protection supervisory authority:

Nemzeti Adatvédelmi és Információszabadság Hatóság (National Authority for Data Protection and Freedom of Information, 1125 Budapest, Szilágyi Erzsébet fasor 22/C) [email protected].

The decision of the data protection authority may also be challenged in court. The data subject may choose to bring an action before the court of the place of residence or domicile of the data subject.

The information note was prepared by:

Dr. Klaudia Makó, lawyer

web: http://webugyved.com

Facebook: http://www.facebook.com/webugyved

e-mail: [email protected]

💫 The weekly Mindful Journal

Join a Community of Growth Seekers. Here I will share weekly experiences and insights on Entrepreneurship & Leadership. Above this, you won’t miss any Life Inspire articles and the soon-coming Growth Tools & Online Courses.

Facebook Instagram Linkedin Twitter
JOIN OUR LIFE INSPIRES COMMUNITY

 Shaping our future by shaping ourselves.

Nadja Runge © Life Inspires 2023 | Privacy Policy

Shaping our future by shaping ourselves.

Facebook Instagram Linkedin Twitter
JOIN OUR LIFE INSPIRES COMMUNITY

Nadja Runge © Life Inspires 2024 | Privacy Policy