- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation); and
- Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information (“Privacy Act”);
or legislation that will amend or replace the above mentioned in the future.
CongressLine Ltd as a data controller agrees to the content of this Legal Notice, undertakes the obligation to ensure that all data management activities related to compliance with the requirements of this informative and current legislation. In order to protect the privacy of their committed customers and partners, we find it with the utmost importance to protect the privacy of our clients’ information self-determination right. We treat personal information confidentially and will take all security, technical and organizational measures that guarantee the security of your data.
- Who is the data controller?
The controller of your personal data is CongressLine Ltd., having its registered seat at Révay köz 2, Postal Code H-1065, Budapest, Hungary, VAT No.: HU 14038905 (“CongressLine” or “we”).
In case of any requests relating to processing your personal data or in case of exercising your rights set out in the Clause 9 below, please contact us at +3614290146 or send us an e-mail to email@example.com.
- What personal data do we collect about you? For what purpose and for how long do we collect it?
We process your personal data (as attendees, abstract authors or co-authors, speakers or partners at the Event) only to the extent determined by the particular services we provide to you or other purposes of processing, namely:
- For the purpose of your registration to and participation in the Event (including accommodation) as an attendee, we process your personal data in the extent of gender, title, name, surname, nationality, contact details such as address, phone number and e-mail, birth date, citizenship, degree, education, area of work. You have the option to participate in the Event we are organising but your prior registration is required for your participation and further coordination. The attendee will receive a confirmation of the application by email. Legal basis for such processing is performance of a contract to which you are a party. The personal data will be processed for the period of the duration of the contractual relationship.
- For the purpose of your attendance and active participation (oral or poster) in the Event (including accommodation) as an abstract author or co-author, we process your personal data in the extent of gender, title, name, surname, nationality, contact details such as address, phone number and e-mail, birth date, professional career details, citizenship, degree, education, area of work. You have the option to participate in the Event we are organising but provision of your above mentioned personal data is required for your contribution and further coordination as author/co-author. Legal basis for such processing is performance of a contract to which you are a party. The personal data will be processed for the period of the duration of the contractual relationship.
- For the purpose of our cooperation during which you are helping us to organise or coordinate the Event as a coordinator/partner or its employee/co-worker, we process your personal data in the extent of gender, title, name, surname, phone number and/or e-mail. Your personal data are required for our cooperation. Legal basis for such processing is performance of a contract to which you or your employer is a party. The personal data will be processed for the period of the duration of the contractual relationship.
- For the purpose of compliance with obligations laid down by relevant legislation such as Accounting Act or Tax Code (e.g. for financial and invoicing purposes), we process your personal data in the extent of [name, surname, address, citizenship, e-mail and/or phone number, payment method details, tax identification, and/or passport or ID number. The processing is based on compliance with legal obligations to which we are subject.
- The personal data will be processed for a period specified by the particular legislation but no longer than 8 years.
One may freely enter the website and pages of the given events. We will do its utmost to ensure the authenticity, timeliness and credibility of the information contained on the website, however, visitors must rely on the information on the website at their own risk. We continuously operate and maintain the websites; however, there may be unforeseen events that make the site temporarily unavailable. CongressLine Ltd. will not take responsibility for any direct or indirect damages that may result to the websites’ visitors. Please note that CongressLine may modify and delete the information on its websites.
- Mobile application
During the Event, you may decide to use the offered mobile application. The purpose of this application is to provide you with all information in more concise way and always up to date. All users of the application can also communicate together and, if they arrange their settings, they can be even contacted via the app. For downloading the app, you need to provide us with your name and e-mail and you can use the app during the whole event.
- Using of pictures or videos from Events
All photos and/or video records from Events depicting you with your acknowledgment or consent shall be used solely for reporting, documentary or eventually our or our partner’s propagation purposes. You are not entitled to ask any reward for such use. You can revoke your consent anytime, however, if you ask for this without a justifiable reasoning, you are obliged to pay us all damages occurred to us by such withdrawal. In case we would like to make a picture or video exceeding these above mentioned purposes, we will ask you for a separate consent.
- Who do we share your personal data with?
Your personal data may be disclosed to reliable third parties that provide us with administrative or technical support, ensure marketing business activity for us. We may also share your personal data with payment institutions in order to process your payment of the Event fees, with travel and accommodation providers in order to ensure your safe travel and appropriate accommodation during your stay, or with other reliable third parties helping us to organise the Event. You will always have an option to unsubscribe from this contacting. If required by law, we may share your personal data with government authorities or law enforcement bodies, with external advisors and with other personnel who is subject to confidentiality obligation.
- For how long do we keep your personal data?
We retain your personal data for no longer than necessary to fulfil the purpose of the processing in question, i.e. typically for the period of performance of the contractual relationship or for the period explicitly required by the applicable legislation. Where we process your personal data based on your consent, such personal data will only be processed for the duration of the consent which you may revoke or restrict at any time. If you do so, we will stop processing the personal data concerned for the purposes you consented to.
- What are your rights in relation to the processing?
If you grant us your consent to the processing of your personal data, you do so entirely voluntarily, and you have the right to revoke or restrict the consent at any time by email addressed to firstname.lastname@example.org /email@example.com. Under certain conditions and circumstances, your other rights include: right to access your personal data, right to have your personal data rectified or erased, right to restrict the processing, right to data portability and right to lodge a complaint against us, as a data controller, with the Data Protection Authority. You may initiate an investigation with the Hungarian National Authority for Data Protection and Freedom of Information by claiming that there has been a violation or direct threat to the processing of personal data.
Contact details of the Hungarian National Authority for Data Protection and Freedom of Information:
Street address: 1125 Budapest, Erzsébet Szilágyi fasor 22/C.,
Correspondence Address: 1530 Budapest, Pf .: 5,
Phone: +361-391.1400, Fax: +361-391.1410,
E-mail: firstname.lastname@example.org, Website: www.naih.hu
- What if there are any changes to the data processing?
- The method of storage of personal data, security of data management
The computer systems and other data retention centres of CongressLine Ltd. can be found at its headquarters as well as on its relevant servers. We select and manage the IT tools used to manage personal data in the provision of the service so that the data treated:
- only accessible to authorized persons;
- authenticity and authentication is ensured;
- its immutability can be verified;
- protected against unauthorized access.
- Privacy incident
If a potential privacy incident occurs in CongressLine Ltd. is likely to be a high risk to the rights and freedoms of natural persons, the data controller informs the data subject of the data protection incident without undue delay.
- Procedural rules
The personal data is provided to the data controller for data transmission, deletion and correction of 30 days. If the data controller fails to comply with such claim, within 30 days he or she shall state the reasons for the rejection.
- Personal information: any information relating to an identified or identifiable natural person (“concerned”); a natural person may be identified, directly or indirectly, based on one or more factors such as name, number, positioning data, online identifier or natural person identified relating to the physical, physiological, genetic, intellectual, economic, cultural or social identity;
- Data management: any operation in any automated or non-automated way of personal data or data files, such as collecting, fixing, rendering, subdividing, storing, modifying or altering, querying, inspecting, using, transmitting communication, distributing or making it available by other means, coordination or by interconnection, restriction, deletion or annihilation;
- Restrictions on data management: the designation of stored personal data to limit their future management;
- Data controller: any natural or legal person, public authority, agency or any other member that determines the purposes and means of handling personal data individually or with others; where the purposes and means of data management are defined by the Union or national law, the data controller or the particular aspects of the designation of the data controller may also be defined by Union or national law;
- Processor: any natural or legal person, public authority, agency or any other member that manages personal data on behalf of the data controller;
- Third party: any natural or legal person, public authority, agency or any other member other than the data subject, the data controller, the data processor or persons who are under the direct control of the data controller or the data processor for the processing of personal data have been authorized;
- The data subject: a voluntary, specific and appropriate informed and unambiguous statement of the will of the data subject by which he or she indicates the statement in question or a statement of unambiguous effect by confirming his consent to the processing of personal data affecting him;
- Privacy incident: a breach of security resulting in accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data transmitted, stored or otherwise handled.