Bük, Bükfürdő Közhasznú Turisztikai Egyesület (head office: 9737 Bük, Eötvös u.11.; registration number: 18-02-0200231; hereinafter referred to as the Data Controller) respects the right of informational self-determination and access to personal information of persons who access and use the websites www.visitbuk.hu and a kartya.visitbuk.hu (hereinafter referred to as the Website) and use the booking system, card discount scheme and other online services operating on the Website (hereinafter referred to as the System) and carries out all data processing activities related to personal data and special data in full compliance with Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (https://net.jogtar.hu/jr/gen/hjegy_doc.cgi?docid=A1100112.TV) (hereinafter referred to as "Info-Law") and provisions of other applicable laws.
This Policy, in accordance with the provisions of Section 20 of the Info-Law, provides information on what Data Controller records, for what purpose, on what basis, how and for how long, to whom they transfer the data and who can access them. This Declaration and the provisions of the above mentioned legislation provide you with information on how to request clarification of the data processed and how to request that they be blocked or deleted from the Data Controller's register and what remedies are available to you in the event of violation of your rights in connection with data processing.
By adopting these Terms and Conditions, the user expressly consents to the recording, processing and transfer of their personal data as follows. The user is responsible for the accuracy of the data provided by the user to the Data Controller.
This Declaration does not apply to websites under a different domain that are accessible through links on the Website. Data Controller does not take responsibility for the contents of these websites, data processing or other activities carried out by their operators in any way or to any extent.
2.The Scope of the Personal Data Processed
(When visiting the Website, the server of the Website stores certain data automatically for system administration, statistical or security purposes. These data are the user's Internet service provider, sometimes the user's so-called IP address, version number of the user's browser, type of operating system, pages of the Website that the user visits and the search words used to access the Website. Visits to the Website or computers used to access the Website may only be inferred from these data, which are not considered personal data. Such data shall only be used anonymously. If the Data Controller transfers this information to third parties, it shall be done in full compliance with the relevant legal provisions. These data are stored by the Data Controller for a maximum of 2 (two) years from the visit. The legal grounds for data processing in this case is the provision stipulated in Section 13/A (3) of Act CVIII of 2001. on Certain Issues of Electronic Commerce Activities and Information Society Services.)
In order to facilitate the use of the Website, the Data Controller uses anonymous visitor IDs called "cookies". "Cookies" are small data that are temporarily placed on the user's computer hard drive during a visit to the Website and make browsing more convenient. The "cookies" used by the Data Controller are not capable of obtaining the user's personal information or identifying the user. Most browsers automatically accept anonymous visitor IDs. By changing browser settings, however, the user can eliminate the appearance of "cookies" on the hard drive of the user's computer. The user can remove cookies stored on their computer any time by deleting temporary Internet files from the hard drive of their computer.
3.The Purpose of Data Processing
The user's personal data is processed and used by the Data Controller only for the purposes of billing and keeping contact with the user, as well as, with the user's specific consent, for marketing purposes (sending newsletters and marketing material).
4.The Legal Grounds for Data Processing
The personal data provided by the user to the Data Controller shall not be processed by the Data Controller in addition to the framework established by the legislation or beyond the consent of the user and shall not be transferred to third parties, unless it is required by the provisions of the legislation of data processing, data using and data transfer, the authorities or the court.
Any transfer of the user's personal data shall be carried out by the Data Controller in full compliance with the relevant legal provisions.
Personal data is kept by the Data Controller on a protected server located in Hungary with an elevated level of protection and takes all necessary precautions to protect the data i.e. in order to prevent loss, unauthorized transfer, use, disclosure, modification, deletion or destruction of the data and to prevent unauthorized entry.
6.Persons with the Right of Access
The data registering, processing and transfer are carried out by the Data Controller and the Data Controller's employees and agents.
Personal data other than those mentioned above shall not be accessed by and those persons are obliged to keep the information they accessed confidential and shall not, under any circumstances, use it for purposes other than the purpose of data access.
7.Duration of Data Processing
The Data Controller stores and processes personal data until the consent of the user concerned is withdrawn.
8.Rights of the Person Concerned
During the processing of their personal data, the user may at any time be entitled to inquiries and information regarding the processing of their personal data, and to request the rectification of their personal data from the Data Controller. The user is also entitled to withdraw their consent for processing their personal data at any time and, with the exception of mandatory data processing, to request blocking their personal data and / or special data (limiting data processing permanently or for specified period of time) or deletion thereof from the Data Controller's database. For these questions, the data processing staff are happy to provide the user with in e-mail at firstname.lastname@example.org or by letter sent to the Data Controller's head office.
The user has the right to withdraw their consent to use their data for marketing purposes separately or to unsubscribe from newsletters sent to the user by the Data Controller using the link in the newsletters at any time.
In the event of violation of their rights in processing their personal information, in accordance with provisions of the Info-Law, the user has the right to appeal for legal redress to the Ordinary Court of Hungary.
9.The Data Controller
The person responsible for processing the user's data and the legality of the processing is the Data Controller, i.e. Bük, Bükfürdő Közhasznú Turisztikai Egyesület (head office: 9737 Bük, Eötvös u. 11., registration number: 18-02-0200231).
The Data Controller is obliged to register data protection; the Data Controller's data protection registration number is: NAIH-70690/2013.
The Data Controller reserves the right to check the information provided by users at any time, especially if there is any doubt as to the authenticity of the data provided. During the checking, the Data Controller is entitled to limit or suspend the user's access to any online trading site operated by the Data Controller, at most until the checking is completed.
Should you have any further questions regarding data processing by the Data Controller, please contact us by e-mail at email@example.com or by letter sent to the Data Controller's head office.