fbpx
loader image
Data protection statement

which informs you, as a visitor to our website and as a user of our services, about our company's data management and privacy policy.

1. What principles do we follow in our data management?
  • Our Company follows the following principles in the processing of your data:
  • we process personal data lawfully and fairly and in a transparent manner for you.
  • personal data is collected only for specified, explicit and legitimate purposes and is not processed in a way incompatible with those purposes.
  • the personal data we collect and process is adequate, relevant and limited to what is necessary for the purposes for which it is processed.
  • Our Company will take all reasonable steps to ensure that the data we process is accurate and, where necessary, kept up to date, and we will promptly delete or correct inaccurate personal data.
  • personal data are stored in a form which permits identification of you only for the time necessary to achieve the purposes for which the personal data are processed.
  • we use appropriate technical and organisational measures to ensure adequate security of personal data against unauthorised or unlawful processing, accidental loss, destruction or damage.
  • Our Company will process your personal data
  • on the basis of your prior informed and voluntary consent and only to the extent necessary and in any event for the purposes for which it is collected, recorded, processed, stored and used.
  • in some cases, the processing of your data is based on legal requirements and is mandatory, in which case we will draw your attention to this fact.
  • or in certain cases, our Company or a third party has a legitimate interest in the processing of your personal data, such as the operation, development and security of our website.
2. Who are we?
  • Company name: MSZM ART
  • Office: 7200 Dombóvár Gyenis Antal utca 1,
  • Website: nszm.art
  • Postal address: 7200 Dombóvár Gyenis Antal utca 1,
  • E-mail address: nagy.szilard.mihaly@proton.me
  • Tax number: 84080027662
  • Company registration number:

Our Company is not obliged to appoint a Data Protection Officer under Article 37 of the GDPR.

Our company is a hosting provider:
  • Hosting provider name: DotRoll Kft.
  • Location: 1148 Budapest, Fogarasi út 3-5.
  • Hosting website: https://dotroll.com/
  • Email address of the hosting company: support@dotroll.com

Our Company uses the following data processors for the processing of data in order to provide our customers with high quality service:

  • Data Controller (1): DotRoll Kft
  • Address (1):1148 Budapest, Fogarasi út 3-5.
  • Responsibilities (1): All activities

Where we change the scope of our data processors, we will reflect the changes in this notice.

The data we process:

We only ask our website visitors for their personal information when they register, log in or enter a prize draw.

We cannot link the personal information you provide in connection with your registration or use of our marketing services and we do not aim to identify our visitors.

If you have any questions about data processing, you can request further information by sending an e-mail or postal mail to nagy.szilard.mihaly@proton.me, and we will respond within 15 days (but no later than 1 month) to the contact details you provide.

3. What are cookies and how do we handle them?

Cookies are small data files (hereinafter "cookies") that are transferred to your computer through the use of the website by your website by being saved and stored by your internet browser. Most commonly used internet browsers (Chrome, Firefox, etc.) accept and allow the download and use of cookies by default, but it is up to you to modify your browser settings to refuse or block them, or to delete cookies already stored on your computer. For more information on the use of cookies, please refer to the "help" section of each browser.

Some cookies do not require your prior consent. Our website will provide you with brief information about these cookies when you first visit our site, such as authentication cookies, multimedia player cookies, load balancing cookies, session cookies to help you customise the user interface, and user-centric security cookies.

Our Company will inform you and ask for your consent about cookies that require your consent - if the processing starts when you visit the site - at the beginning of your first visit.

We do not use or allow cookies that enable third parties to collect data without your consent.

Acceptance of cookies is not mandatory, but our Company is not responsible if our website does not function as expected without cookies.

What cookies do we use?

Name: _ga

Service provider: nszm.art

Purpose: To register a unique identifier that generates statistics on how the visitor uses the site.

Expiry: 2 years

Type: HTTP

Name: _gat

Service provider: nszm.art

Purpose: To store the thottle request rate used by Google Analytics.

Expiry: working session

Type: HTTP

Name: _gid

Service provider: nszm.art

Purpose: To register a unique identifier that generates statistics on how the visitor uses the site. 

Expiry: working session

Type: HTTP

Name: _fbp

Service provider: nszm.art

Purpose: Facebook uses it to provide advertising products to a third party (e.g. real-time ads)

Expiry date: 3 months

Type: HTTP

Name: fr

Provider: facebook.com

Purpose: Facebook uses this cookie to offer a range of advertising products (such as real-time referrals from third-party advertisers)

Expiry date: 3 months

Type: HTTP

Read more about third party cookies on this page you can read.

4. What else you need to know about our data management on our website

You provide us with personal data voluntarily when registering or contacting our Company, therefore we ask you to pay special attention to the truthfulness, accuracy and correctness of your data when providing them, as you are responsible for them. Incorrect, inaccurate or incomplete data may prevent you from using our services.

If you do not provide your own personal data but that of another person, we will assume that you have the necessary authorisation to do so.

You may withdraw your consent to data processing at any time, free of charge

  • by deleting the registration,
  • by withdrawing consent to the processing; or
  • by withdrawing or requesting the blocking of any consent to the processing or use of data that must be completed during registration.

For technical reasons, we have a 30-day deadline for registering the withdrawal of consent, but please note that we may process certain data after the withdrawal of consent in order to comply with a legal obligation or to pursue our legitimate interests.

In the event of the use of misleading personal data, or if one of our visitors commits a crime or attacks our Company's system, we will delete your data immediately upon termination of your registration or, if necessary, retain it for the duration of any civil liability or criminal proceedings.

5. What do you need to know about our data management for direct marketing and newsletter purposes?

You can give your consent to us using your personal data for marketing purposes by making a declaration during registration or by subsequently modifying your personal data stored in the newsletter and/or direct marketing registration area (i.e. by clearly indicating your intention to consent). In this case, we will also process your data for the purposes of direct marketing and/or sending you newsletters and will send you advertising and other mailings, information and offers and/or newsletters (§ 6 of the Grtv) until your consent is withdrawn.

You can give your consent to direct marketing and newsletter, either together or separately, or withdraw it/these free of charge and at any time.

In any case, the cancellation of the registration will be considered as a withdrawal of consent. Withdrawal of consent to data processing for direct marketing and/or newsletter purposes shall not be construed as withdrawal of consent to data processing in relation to our website. How is this? What and on what basis do we retain when newsletter consent is withdrawn? For consents, each consent is for a specific purpose, so registering for tomorrow and subscribing to the newsletter are two separate purposes, two separate databases, the two cannot be related.

For technical reasons, we have a 15-day deadline to register the withdrawal or cancellation of individual consents.

6. What do I need to know about prize draws?

Our Company may organise prize draws as part of a campaign, the terms and conditions of which are set out in a separate policy. The rules of the current promotion can always be found on the home page of our website, centrally located link.

7. Other data management issues

We may only transfer your data within the limits set by law and, in the case of our data processors, we ensure that they cannot use your personal data for purposes that are not in accordance with your consent by setting contractual conditions. For more information, see section 2.

Our company does not transfer data abroad.

The court, the prosecution and other authorities (e.g. police, tax authorities, National Authority for Data Protection and Freedom of Information) may contact our Company for information, data or documents. In such cases, we must comply with our obligation to provide information, but only to the extent strictly necessary to achieve the purpose of the request.

Our contractors and employees involved in the processing of your personal data are entitled to have access to your personal data to the extent specified in advance, subject to confidentiality obligations.

We will take appropriate technical and other measures to protect your personal data and to ensure its security, availability and to protect it from unauthorised access, alteration, damage or disclosure and any other unauthorised use.

As part of our organisational measures, we control physical access in our buildings, provide continuous training for our employees and keep paper documents locked away with appropriate protection. Technical measures include encryption, password protection and anti-virus software. Please note, however, that data transmission via the Internet cannot be considered a fully secure transmission. While we make every effort to ensure that our processes are as secure as possible, we cannot accept full responsibility for the transmission of data via our website, but we do maintain strict standards for the security of your data and the prevention of unlawful access to data received by us.

In relation to security issues, we ask for your help in carefully remembering your password to access our website and not to share this password with anyone.

8. What are your rights and remedies?

About data processing

  • request information on,
  • may request the rectification, modification or integration of their personal data processed by us,
  • may object to the processing and request the erasure and blocking of their data (except for mandatory processing),
  • have a right of appeal to a court,
  • complain to the supervisory authority or initiate proceedings (https://naih.hu/panaszuegyintezes-rendje.html).

Supervisory Authority: National Authority for Data Protection and Freedom of Information

  • Head office: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.
  • Postal address: 1530 Budapest, Pf.: 5.
  • Phone: +36 (1) 391-1400
  • Fax: +36 (1) 391-1410
  • E-mail: ugyfelszolgalat@naih.hu
  • Website: https://naih.hu/

At your request, we will provide you with information about the personal data that we process about you or that we - or our data processors - process.

  • about your data,
  • their source,
  • the purposes and legal basis of the processing,
  • and, if this is not possible, the criteria for determining this period,
  • the names and addresses of our data processors and their data processing activities,
  • the circumstances and effects of data breaches and the measures we have taken to prevent and respond to them; and
  • the legal basis and recipient of the transfer of your personal data.

We will provide you with information within 15 days (but not more than 1 month) of the request. The information will be provided free of charge unless you have already submitted a request for information on the same data in the current year. We will reimburse you for any charges you have already paid if we have processed the data unlawfully or if the request for information has led to a correction. We may only refuse to provide information in cases provided for by law, by indicating the legal position and by informing you of the possibility of judicial remedy or recourse to the Authority.

Our Company will notify you and all those to whom it has previously disclosed the data for processing purposes of the rectification, blocking, marking and erasure of personal data, unless the non-notification is not in your legitimate interest.

If we do not comply with your request for rectification, blocking or erasure, we will provide you with the reasons for our refusal in writing or, with your consent, by electronic means within 15 days (but not more than 1 month) of receipt of your request and inform you of the possibility of judicial remedy and of recourse to the Authority.

If you object to the processing of your personal data, we will consider your objection within 15 days of your request (but not later than 1 month) and inform you in writing of our decision. If we have decided that your objection is justified, we will stop the processing, including further collection and transfer, and block the data, and notify the objection and any action taken in response to it to all those to whom we have previously disclosed the personal data to which the objection relates and who are under a duty to act in order to exercise the right to object.

We will refuse to comply with a request if we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. If you do not agree with our decision or if we fail to comply with the time limit, you have 30 days from the date of notification of the decision or the last day of the time limit to take legal action.

Data protection litigation falls within the jurisdiction of the courts, which may, at the option of the data subject, be brought before the courts of the place of residence or domicile of the data subject. A foreign national may also lodge a complaint with the supervisory authority of his/her place of residence.

Please contact our Company before lodging a complaint with the supervisory authority or the courts to discuss and resolve the problem as quickly as possible.

 

9. What is the main legislation governing our activities?
  • Regulation (EU) 2016/679 of the European Parliament and of the Council on the processing of personal data of natural persons (GDPR)
  • Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (Info tv.)
  • Act V of 2013 on the Civil Code (Civil Code Act)
  • Act CVIII of 2001 on certain aspects of electronic commerce services and information society services - (Eker tv.)
  • Act C of 2003 on electronic communications - (Ehtv)
  • Act CLV of 1997 on Consumer Protection (Fogyv tv.)
  • Act CLXV of 2013 on complaints and notifications of public interest (Pktv.)
  • Act XLVIII of 2008 on the Basic Conditions and Certain Restrictions on Commercial Advertising (Grtv.)
10. Amendments to the Privacy Notice

Our Company reserves the right to modify this Privacy Notice and will inform the data subjects accordingly. Information on data processing is published on the nszm.art website.

Dated: Budapest, 2024.10.10.