Privacy policy

The Hungarian Geological Society and Intercomp Ltd. Privacy and data protection conference
Release date: 1 January 2017.
 
Introduction
The Hungarian Geological Society portal to Drupal Internet portal engine made using the application (hereinafter referred to as "Portal"). The portal service provides the Hungarian Geological Society (1015 Budapest, Csalogány u. 12. I. em. 1, hereinafter referred to as the service provider, data), the background technology, operation and data processing tasks in part by Intercomp Ltd. (1149 Budapest, Angol u. 32, hereinafter processor) performs.

The service and data management are committed to ensure that all their activities in the management, processing of data related to performed in accordance with this statement and with applicable legislation. The contents of this statement may change at any time, notify users about the service portal published notice.

The portal and the entire contents are protected by copyright, any substance or form elements without the prior written permission of the owner used. the provider and the data processor assumes no liability for any damages resulting from the site visit and / or use.

The provider of data management and considered to be important to the visitors of the portal and users' right to informational self-determination are respected. A personal or business data alike are treated confidentially and take all the measures that guarantee the security of the data.

This information includes the portal and the processing of data management principles and practices and the rules that you expect and have complied with their work. These principles and practices are in accordance with current legislation on data protection. (1992 year LXIII. Law CVIII. Act 2001, Act XLVIII. 2008).

Concepts

Personal data
Anyone natural person associated with the data, this data is deductible by the person to the conclusion, which is related to that person. A person is considered to be identifiable if it can be (directly or indirectly) the name, an identifying mark (tax code, etc), or in one or more characteristic properties identified on the basis of (physical, economic, cultural, social, etc.).
Contribution
voluntary and determined, based on appropriate information in the statement is a natural person, which clearly agrees to a full or partial management of personal data concerning them.
Protest
Statement by the natural person handling personal data which criticizes the termination and data management, as well as managed data deletion requests.
Data Manager
Any natural or legal person (or organization without legal personality) who or which defines the purpose of the data processing, to take the decisions on data processing and performs, or a contracted data processor to implement.
Data handling
Regardless of the technical process used any operation or a combination of those (eg. data collection, data capture, data storage, use, transfer, data, etc.) performed on data in the data management of photos, sound or video recording is also.
Data processing
technical tasks related to data processing operations, regardless of the technical means and methods, and the location of processing staff.
data Processing
Any natural or legal person (or organization without legal personality) who or which processes personal data on behalf of the controller.
data transmission
The activity as a result of the data made available to third parties.
disclosure
In the activity, and as a result make the data available to the public.
Third person
Any natural or legal person (or organization without legal personality) who is or is not identified by the same person on the basis of the data, the data controller or data processor.
Clear data
The activity as a result of the data is made unusable so that the restoration is no longer possible.
Adatzárolás
Preventing data management in a final or definite period of time.
data destruction
The physical destruction of data or entire data carrier containing them.

The portal data management principles

The portal personal data may only be processed if the data subject has consented. To ensure adequate information in this prospectus, available in the portal to all available (download PDF) without registration.

The MFT portal consent during registration, and takes this information into account in adopting done (check box on the registration form filling).

The portal personal information only purpose of the data processing realization is essential for achieving the goal, only to the extent and duration necessary to achieve that purpose.

The scope of personal data, data management purpose, title and duration

The portal is based on the files of the voluntary contribution (an open portal) or contractual obligation (project site).

Automatic data management
Automatic Data Management is designed to provide service to secure the visitors' data to the operation of the service monitoring (statistics and the quality of service to improve the technical support equipment to optimize the operation) and prevent abuses during the site visit and regulated by the portal for each of your content access. The automatic data processing independently of a portal intended use and function of each other.
CVIII 2001 on certain aspects of automatic data handling legal basis for consent, and the information society services. Law 13 / A. § (3).
The scope of managed data for all visitors (attendance log):
  • date of the visit (of a second);
  • the client computer's IP address;
  • visited the site address;
  • the previously visited page address,
  • Technical data on the user's operating system and browser (type, version number, etc.).
For the duration of the attendance log data management: up to 180 days from the látogatástól. A visitor log information will be kept beyond the 180 days of aggregate (not suitable for identifying a person) in the form of statistical methods.

The so-called portal. Web beacons (web beacons) are not used. Cookies only identify the user sessions used (session id), it's the end of the session (when the browser closes) obsolete.

Service-level data management portal
The service level data management portal will be implemented through the services provided by each of the modules you. Ready for the treatment of personal data modules:
  • authorization system;
  • directory module;
  • mail merge module;
  • guest book.
eligibility system
managed by the entitlement system data:
  • User ID;
  • user password;
  • user's e-mail address.
The eligibility system data managed by the user during registration, consent on the registration form by completing a checkbox enter. The authorization system is designed to provide service to certain content on the portal or access to certain users to regulate their breakdown (allow or prevent). Storing the password is encrypted one-way encryption is done (hash). Check your e-mail address automatically: the registration, the user receives a letter confirming your email address, in reply to "arm" of the registration.
The authorization system (the attendance log data over) with the following data sets is called an operational diary for registered users:
  • the user ID;
  • The time the user log in;
  • Out of date for the user;
  • the operation carried out by the user identification;
  • the operation carried out by the user parameters.
For the duration of the operation log data management: a portal full life.
directory module
The directory module manages the portal users to use contact "contacts". Enter the information is voluntary, it is performed by the user himself, a special feature dedicated to (and thus also contribute to the information given in the management and publishing of other users). The managed data (the full name and the e-mail address for the module is mandatory, the others are optional):
  • full name;
  • e-mail address;
  • title;
  • solicitation;
  • for academic degrees;
  • Experts mark rights;
  • telephone number;
  • fax number;
  • Telephone electronic identification;
  • Address: country, city, postcode, street name and number;
  • mailing address;
  • website address (URL);
  • photo.
The use of the directory module is only provided for registered users. Duration of data management: the discretion of the person concerned, unless otherwise arrange, the portal life.
Merge Module
The circular module in groups sent letters to use, capable of both internal users and external (non-registered) people to send mail.
The managed data:
  • recipient's name;
  • Recipient's e-mail address.

The legal basis for the data management and the circular címcsoportokba subscriber consent of the persons that you sign up in a box filling entered. The circular letters sent by the module in a way that goes to all recipients a separate letter, so that the recipient can not be sure that those who were still outside their circle of that letter.

címcsoportokból on the circular exit (unsubscribe) possibilities and modalities of the circulars sent out clause in the leaflet. Opting out of the portal is a specialized function occurs.

The portal is sent out circulars to preserve the site during its lifetime. The confirmations received is logged in to the portal, from statistics calculated. 30 days after the statistics, the circular sent to the confirmation they have received a detailed list (e-mail address and the date of confirmation of receipt), after 30 days, only percentage (approx. "X sent the letter Y responses were received for a total of Z per cent" form).

Forms Management Module
The MFT Portal occasionally using some events happening in the forms of data needed for registration and participation fees billed the gathering. When such data collection, records the following data:
  • name;
  • e-mail address;
  • Data on employment or student status (and title company or institution and grade);
  • Data on organization membership discounts to take advantage of (name of organization and membership type).
The legal basis of data management for the user's consent by filling out the form and filling in a check box gives you. The begűjtött data in the event of the names of the MFT to compile and use billing, registration fees. After the retention time of the event forms up to 15 days and then deleted.
Guestbook module
The guestbook can leave a message for anyone portal providers and operators. Data recorded on the guestbook entry:
  • e-mail address;
  • Date of dispatch of the message;
  • The text message.
The appointed guest books administer users will see all the data function for displaying the scraps e-mail address will not display. The information disclosed is not checked, that is, the guestbook is formally correct, but otherwise non-existent e-mail address can be entered, so the data subject consent is not required.
other modules
The other modules of Portal users can edit content partially free, so you may find that there communicate personal data about themselves or others. These related to the provider assumes no responsibility, but at the request of the parties concerned shall be entitled to delete the content.
Other informations

The provider of e-mails received, the sender's name and e-mail address and other personal information voluntarily provided by with deleted after a maximum of two years from the date of the transmission of data.

The service provider accordance with the current legislation, the conditions and circumstances may be required to provide information to the authorities. The official (When exact purpose and scope of data) and personal data just gives you so much, which is indispensable for the purpose of the implementation of the request.

The service information systems, and other data storage locations at the headquarters, data processing provider and server park surroundings. The service is operated and elected by the managed data is protected against access to authorized persons, authentic, unaltered and unauthorized access to the devices used in providing the service. The service provides data protection measures that provide an adequate level of protection for applicants regarding data management risks. The service provider takes care of the security of server-level and application-level protection features.
Data Management data, contact information
Name: Hungarian Geological Society
Headquarters: 1015 Budapest, Csalogány u. 12. I. em. 1.
Data Processing data availability
Name: Intercomp Kereskedő- és Rendszerház Kft.
Headquarters: 1149 Budapest, Angol u. 32.
remedies

The information concerned may request personal information management, personal information and may request the correction or deletion or blocking and via the provider's customer service.

The data subject's written request to the service provider (Data Management) informs that it manages, including those processed by a contracted data processing data, data management purpose, grounds and duration of the data processing name, address, and other activities related to data management. The information also includes happened to the third party data transfers (who and for what purpose the data were received). The information in the shortest time from the filing of the application, but not later than 30 days written, easy to understand format. This information is free once a year, in other cases a charge.

The service will delete the personal data if their management is unlawful, it asks the question, the purpose of processing has ceased (deadline expired), or the court or the data protection commissioner. The provider of the cancellation of the stakeholders and inform all those who have been transferred for processing the data. The notification may be omitted if it is the purpose of the data processing having regard to the legitimate interest of the data subject are not prejudiced.

The protest against the handling of relevant personal data if the processing of personal data (transfer) is required only by the controller or by the third party rights or legitimate interests pursued unless the data processing ordered by law; if transmission or use of personal data for direct marketing, opinion poll or scientific research; if the exercise of the right to object is otherwise permitted by law.

The provider of data management in a simultaneous suspension of the protest as soon as possible after the submission of the written request, not later than 15 days shall examine and its outcome inform the applicant in writing. If the objection is justified, the controller of the data processing removes and blocks data and the protest or the findings made on the basis of measures to inform all those to whom the relevant personal data transmitted before, and who are required to take action to enforce the right to object.

Where the controller by tilting the person does not agree to go to court within 30 days of its notification.

The affected data provider does not erase when data management was ordered by law. The data is not transmitted if the controller agrees with the objection and the court of the protest justified.

In case of violation of the rights of data subjects against controllers go to court. Remedies, complain to the Privacy Commissioner's office can be made:
  • Adatvédelmi Biztos Hivatala (Privacy Commissioner's Office)
  • 1051 Budapest, Nádor u. 22.
  • 1387 Budapest, Pf .: 40.
  • Phone: (06-1) 475-7186, (06-1) 475-7100, fax: (06-1) 269-3541.
  • E-mail Address: adatved@obh.hu .