Data Processing Information for visitors of the www.experiencebyterra.com website.

INTRODUCTION

The service provider/data controller processes user data during the operation of the website to provide appropriate services to users. The service provider aims to fully comply with legal regulations on the processing of personal data, especially those outlined in Regulation (EU) 2016/679 of the European Parliament and of the Council. This data processing information is prepared in accordance with the protection of personal data and the free movement of data under Regulation (EU) 2016/679, taking into account the content of Act CXII of 2011 on Informational Self-Determination and Freedom of Information.

SERVICE PROVIDER, DATA CONTROLLER IDENTIFICATION

  • Company Name: PRIME CATERING Ltd.
  • Headquarters: 1147 Budapest, Kerékgyártó utca 44. fsz. 4.
  • Tax ID: 26083184242
  • Website: www.experiencebyterra.com

CONTACT INFORMATION OF THE DATA CONTROLLER

  • Company Name: PRIME CATERING Ltd.
  • Headquarters: 1147 Budapest, Kerékgyártó utca 44. fsz. 4.
  • Mailing Address: 1147 Budapest, Kerékgyártó utca 44. fsz. 4.
  • Email: info@experiencebyterra.com
  • Phone: +36 70 414 1360

DEFINITIONS

  • GDPR (General Data Protection Regulation): The new Data Protection Regulation of the European Union.
  • Data processing: Any operation or set of operations on personal data, whether automated or not, including collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure, transmission, dissemination, or making available by other means.
  • Data processor: A natural or legal person, public authority, agency, or other organisation that processes personal data on behalf of the data controller.
  • Personal data: Any information related to an identified or identifiable natural person (data subject).
  • Data controller: A natural or legal person, public authority, agency, or other organisation that determines the purposes and means of the processing of personal data.
  • Consent of the data subject: Voluntary, specific, informed, and unambiguous expression of the data subject’s will, signifying agreement to the processing of personal data relating to them.
  • Data breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
  • Recipient: A natural or legal person, public authority, agency, or another organisation to whom the personal data are disclosed.
  • Third party: A natural or legal person, public authority, agency, or another organisation other than the data subject, data controller, data processor, or persons who, under the direct authority of the data controller or data processor, are authorized to process personal data. 

GUIDELINES FOR DATA PROCESSING

The data controller declares that data processing is carried out in accordance with the provisions of the data processing information and complies with the relevant legal requirements, with particular attention to the following:

  • Personal data must be processed lawfully, fairly, and in a transparent manner for the data subject.
  • The collection of personal data must only occur for specified, explicit, and legitimate purposes.
  • The purpose of processing personal data must be adequate and relevant, and limited to the extent necessary.
  • Personal data must be accurate and kept up to date. Inaccurate personal data should be deleted without delay.
  • Storage of personal data must be in a form that permits identification of data subjects for no longer than necessary. Personal data may be stored for a longer period only if it serves a purpose of public interest archiving, scientific or historical research, or statistical purposes.
  • Processing of personal data must be carried out in a manner ensuring appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
  • Data protection principles must be applied to all information concerning identified or identifiable natural persons.

IMPORTANT DATA PROCESSING INFORMATION

Purpose of Data Processing: The purpose of data processing is to provide additional services to users and inquiry submitters during the operation of the website.

Legal Basis for Data Processing: The legal basis for data processing is the consent of the data subject.

Data Subjects: Data subjects are users of the website and those submitting inquiries.

Duration of Data Processing and Data Deletion: The duration of data processing depends on the specific user’s purpose, but data must be promptly deleted once the originally defined purpose is achieved. Data subjects can withdraw their consent at any time by sending a letter to the contact email address. If there is no legal obstacle to deletion, the data will be erased.

Authorized Parties to Access Data: Authorized parties to access the data are the data controller and its employees.

Rights of Data Subjects: Data subjects have the right to request access to, correction, deletion, or restriction of their personal data. They can object to the processing of such data and have the right to data portability.

Withdrawal of Consent and Complaints: Data subjects can withdraw their consent to data processing at any time. Withdrawal does not affect the lawfulness of processing based on consent before withdrawal. Data subjects have the right to lodge a complaint with the supervisory authority.

Correction and Deletion of Personal Data: Data subjects have the right to request the correction or completion of inaccurate personal data without undue delay. They also have the right to request the prompt deletion of personal data if there is no other legal basis for the processing.

Modification or Deletion Requests: Requests for the modification or deletion of personal data can be initiated by email, phone, or mail using the contact details provided.

REQUEST FOR QUOTE ON THE WEBSITE

Purpose of Data Processing: The purpose of data processing is to provide additional services and facilitate contact for users requesting a quote.

Legal Basis for Data Processing: The legal basis for data processing is the consent of the data subject.

Data Subjects: Data subjects are users of the website submitting quote requests.

Duration of Data Processing: Data processing continues until the withdrawal of consent. Data subjects can withdraw their consent at any time by sending a letter to the contact email address.

Data Deletion: Data will be deleted upon the withdrawal of consent. Data subjects can withdraw their consent to data processing at any time by sending a letter to the contact email address.

Authorized Parties to Access Data: Authorized parties to access the data are the data controller and its employees.

Method of Data Storage: Electronic.

Necessity of Providing Personal Data: Providing personal data is necessary for identification in databases and for communication purposes.

Scope of Processed Data:

  • Name
  • Phone
  • Email
  • Registration date
  • IP address

User Consent: Data subjects can provide their consent for data processing by intentionally checking the empty checkbox on the website designed for this purpose.

Right to Object: Data subjects have the right to object to the processing of their personal data, and they are entitled to the procedure detailed in the provided data processing information and this notice, as well as in the relevant legal regulations outlined in the notice.

COOKIES

Cookies are small files placed on the user’s computer by visited websites and contain information such as page settings or login status.

Cookies are small files created by the websites you visit. They improve the user experience by storing browsing data. Cookies help the website to remember site settings and offer locally relevant content.

The website provider sends a small file (cookie) to the visitor’s computer to determine the fact and time of the visit. The visitor is informed about this by the website provider.

Data subjects in data processing are the website visitors.

The purpose of data processing is to provide additional services, identification, and tracking of visitors.

The legal basis for data processing is the user’s consent, which is not necessary if the provider absolutely needs to use cookies.

Data scope: unique identifier, timestamp, setting data.

Users can delete cookies from browsers at any time in the Settings menu.

Authorized data controllers for data access do not handle personal data with the use of cookies.

Method of data storage: electronic.

SOCIAL MEDIA

Social media is a medium where messages are spread through community users. Social media uses the internet and online presence to transform users from content consumers to content creators.

Social media is an interface of internet applications with content created by users, such as Facebook, Twitter, Pinterest, etc.

Forms of information in social media include forums, blog posts, image, video, and audio materials, message walls, email messages, etc.

In line with this, the processed data may include the user’s public profile picture in addition to personal data.

Data subjects: all registered users.

The purpose of data collection is to promote the website or the associated web page.

The legal basis for data processing is the voluntary consent of the data subject.

The duration of data processing is according to the regulations visible on the specific social media platform.

The deadline for data deletion is according to the regulations visible on the specific social media platform.

Authorized parties to access data: according to the regulations visible on the specific social media platform.

Rights related to data processing: according to the regulations visible on the specific social media platform.

Method of data storage: electronic.

It is crucial to ensure that when the user uploads or submits any personal data, they have worldwide permission for the social media platform operator to store and use such content.

GOOGLE ANALYTICS

Our website uses the Google Analytics application.

In the case of Google Analytics:

Google Analytics compiles reports for its clients based on internal cookies regarding the habits of website users.

On behalf of the website operator, Google uses the information to evaluate how users use the website. Additionally, it creates reports related to the activity of the website for the website operator to fulfill further services.

Data is stored on Google’s servers in encrypted format to hinder and prevent misuse of the data.

Disabling Google Analytics can be done as follows: Quoted from the site:

Users who do not want Google Analytics to create reports about their data using JavaScript can install the Google Analytics Opt-out Browser Add-on. The add-on prevents Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sending information to the Google Analytics system. The browser add-on works in most modern browsers. The Google Analytics opt-out browser add-on does not prevent data from being sent to the website itself and other web analytics services.

Google Analytics Opt-out Browser Add-on

Google’s privacy policies: Google Privacy Policy

Detailed information on data usage and protection can be found at the above links.

Detailed privacy policy: Google Privacy Policy – PDF

DATA PROCESSORS

Hosting Provider:

  • Name / Company Name: DotRoll Kft.
  • Registered Office: 1148 Budapest, Fogarasi út 3-5.
  • Phone: +36-1-432-3232
  • Email: support@dotroll.com

The data you provide is stored on the server operated by the hosting provider. Only our employees and the hosting provider’s staff have access to the data, and they are all responsible for the secure handling of the information.

  • Activity Description: Hosting services, server services.
  • Purpose of Data Processing: Ensuring the operation of the website.
  • Processed Data: Personal data provided by the data subject.
  • Duration of Data Processing and Deadline for Deletion: Data processing continues until the end of the website’s operation or according to the contractual agreement between the hosting provider and the website operator. If necessary, the data subject can request data deletion from the hosting provider.
  • Legal Basis for Data Processing: Consent of the data subject and data processing based on legal regulations.

RIGHTS RELATED TO DATA PROCESSING

  1. Right to Request Information: You can request information about the data managed by our company, including its legal basis, purpose, source, processing duration, and deletion deadline. We will respond to the request within 30 days to the email address you provide.
  2. Right to Rectification: You can request the modification of your data. We will respond to the request within 30 days to the email address you provide.
  3. Right to Erasure: You can request the deletion of your data. We will respond to the request within 30 days to the email address you provide.
  4. Right to Restriction of Processing: You can request the blocking of your data. The blocking lasts as long as the reason indicated by you necessitates the storage of the data. We will respond to the request within 30 days to the email address you provide.
  5. Right to Object: You can object to data processing. We will examine the objection within 15 days of submission, make a decision, and inform you of the decision by email.
  6. Possibility to Enforce Rights Related to Data Processing: If you experience illegal data processing, notify our company so that the issue can be resolved as soon as possible. We will do everything in our power to address the problem in your interest.

If you believe that the legal situation cannot be restored, notify the authority at the following contact details:

National Authority for Data Protection and Freedom of Information

Please note that legal information and rights may change, and it is always advisable to be aware of the current regulations when asserting legal rights.

NATIONAL AUTHORITY FOR DATA PROTECTION AND FREEDOM OF INFORMATION

  • Mailing Address: 1530 Budapest, Pf.: 5.
  • Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
  • Phone: +36 (1) 391-1400
  • Fax: +36 (1) 391-1410
  • Email: ugyfelszolgalat (at) naih.hu
  • URL: https://naih.hu
  • Coordinates: N 47°30’56’’; E 18°59’57’’

LEGAL BASIS FOR DATA PROCESSING

  1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
  2. Act CXII of 2011 on informational self-determination and freedom of information.
  3. Act LXVI of 1995 on public documents, public archives, and the protection of private archival material.
  4. Government Decree 335/2005 (XII. 29.) on the general requirements for the document management of public bodies performing public duties.
  5. Act CVIII of 2001 on certain issues related to electronic commerce services and information society services.
  6. Act C of 2003 on electronic communications.