1. Data Controller

DATACENTER EVENT Kft. 

registered office: 2111 Szada, Rigó út 6/A

represented by: Kiss Ferenc

e-mail: office@datacenterevent.eu

(hereinafter referred to as „Data Controller”)

2. Data processing

This Information on data processing contains data management for the following website: https://datacenterevent.eu/

a.) Registration for the conference

Purpose of processing	Registration is required to access the conference.
Legal basis	For the performance of a contract between you and the Data Controller.  [Article 6(1)(b) GDPR]
Data subject and data	Registrant – title, first and last name, job title, from which country, language spoken, company information, contact name, email address, phone number, LinkedIn profile, job level, job function, how to arrive at the conference
Retention time	Until the end of the 1st year after the end of the conference.
Method of providing data, consequences	The data must be provided. If you do not provide the required information, you will not be able to use the registration service. If the registration process fails for any reason, the Data Controller will send a reminder email to the email address provided by the registrant.

b.) Registration for the conference app

Purpose of processing	Registration to use the conference app.
Legal basis	Consent. Consent may be withdrawn at any time by contacting us at one of the contact details indicated in point 1. Such withdrawal shall not affect the lawfulness of the processing that preceded it. [Article 6(1)(a) GDPR]
Data subject and data	Registrant – first and last name, email address, unique code
Retention time	Until the end of the 1st year after the end of the conference.
Method of providing data, consequences	The provision of data is voluntary. If you do not provide the data, you will not be able to use the application or participate in the competition.

c.) Photographs and videos taken at the conference

Purpose of processing	Taking and using photos and videos during the conference, documenting and promoting the event.
Legal basis	Consent. [Article 6(1)(a) GDPR]
Data subject and data	Photographic and video recordings of the natural person
Retention time	Until consent is withdrawn. You may withdraw your consent at any time, but such withdrawal shall not affect the lawfulness of the processing that preceded it.
Method of providing data, consequences	The provision of data is voluntary. If you do not give your consent, you will not be included in the photos and videos of the conference.

d.) Processing of conference speaker data

Purpose of processing	Processing of the data of a person participating as a speaker in organizing and running the conference.
Legal basis	For the performance of a contract between you and the Data Controller.  [Article 6(1)(b) GDPR]
Data subject and data	Speaker – title, first and last name, email address, phone number, company name, position, photo and video.
Retention time	Until the end of the 5th year after the end of the conference
Method of providing data, consequences	The data must be provided. If you do not provide the required information, you will not be able to participate as a speaker.

e.) Complaint handling

Purpose of processing	Handling any complaints about the conference.
Legal basis	Fulfilling a legal obligation. The rules on the processing of data are governed by the law on consumer protection – Act CLV of 1997, Section 17/A (6) [Article 6(1)(c) GDPR]
Data subject and data	Complainant – name, email address, phone number, username, text of the complaint, other personal data provided in the complaint.
Retention time	3 years pursuant to Section 17/A (7) of Act CLV of 1997 on Consumer Protection
Method of providing data, consequences	The data must be provided. If you do not provide the required information, the Data Controller may not be able to investigate your complaint.

f.) Subscribe to the newsletter

Purpose of processing	Sending newsletters, news and information about the conference, and possible future conferences on similar topics.
Legal basis	Consent. [Article 6(1)(a) GDPR]
Data subject and data	Subscriber – name, email address
Retention time	Until consent is withdrawn. You may withdraw your consent at any time, but such withdrawal shall not affect the lawfulness of the processing that preceded it.
Method of providing data, consequences	The provision of data is voluntary. If you do not provide the necessary data to subscribe to the newsletter, the Data Controller will not be able to send you a newsletter.

g.) Send feedback

Purpose of processing	Feedback from participants on the conference.
Legal basis	Consent. [Article 6(1)(a) GDPR]
Data subject and data	Person giving feedback – name, email address.
Retention time	Until consent is withdrawn. You may withdraw your consent at any time, but such withdrawal shall not affect the lawfulness of the processing that preceded it.
Method of providing data, consequences	The provision of data is voluntary. If you do not provide personal data, the Data Controller cannot take your opinion into account.

h.) Contractual relations

Purpose of processing	Maintaining communication and cooperation to achieve the contractual purpose between the Data Controller and the Partner.
Legal basis	Legitimate interests [Article 6(1)(f) GDPR]
Data subject and data	Partner contact person – name, position, phone number, email address
Retention time	Until the end of the 5th year following the performance or termination of the contract.
Method of providing data, consequences	The data must be provided. If you do not provide the personal data, the Data Controller will not be able to contact the partner.

i.) Social media 

We are available on YouTube and LinkedIn as “DATACENTER EVENT”.

You can subscribe to our news feed on the social channels message board by clicking on the “follow”/”unfollow”/”subscribe” link on the page, unsubscribe by clicking on the “unfollow”/”unfollow”/”unsubscribe” link on the same page, or delete unwanted message board posts by using the message board settings. 

Purpose of processing	To keep you up to date with the latest information and news that affects us, and to publish informative articles and materials.
Legal basis	Consent. [Article 6(1)(a) GDPR]
Data subject and data	Follower – profile data
Retention time	Our news and pictures will only appear in your news feed for as long as you want them to. If you do not follow us, our posts will not appear in your feed. You can reach our feed even if you do not follow us, but you will not receive a separate notification.
Method of providing data, consequences	The provision of data is voluntary. If you do not follow our channels, our news and pictures will not be displayed. By following us, your profile will be available to us, but no data will be processed or recorded in our internal system. We do not use it for any purpose other than to share our news.

3. Recipients (Processors and other data controllers):

 

Data processors:

• The companies that operate social networking sites are separate data controllers, you can find information on the data management of the site in the following place:
• LinkedIn (LinkedIn Corporation registered office: 2029 Stierlin Court, Mountain View, CA 94043, USA) – https://www.linkedin.com/legal/privacy-policy 
• YouTube (Google Ireland Limited registered office Gordon House, Barrow Street Dublin 4, D04 E5W5) – https://www.youtube.com/intl/ALL_hu/howyoutubeworks/user-settings/privacy/
• INNOLEADS EVENT MANAGER software will be used to organise the conference:

Zsu Consulting Korlátolt Felelősségű Társaság (Székhelye: 6100 Kiskunfélegyháza, Nefelejcs utca 13.) – https://event-manager.innoleads.eu/InnoLeads_Event_Manager_adatkezelesi_tajekoztato_2024.pdf

Data controller:

• The photos will be taken by ARADI BARNA (registered office: 2462 Martonvásár Fehérvári út 60.).

Other possible data transfers:

Personal data may be transferred to the exhibitors, speakers and other participants of the conference, if you have consented to the transfer of your data.

4. Rights

During data processing, you are entitled to the rights detailed in Sections 4.1-4.7. If you wish to exercise your rights, you can reach out to us using any of the contact details specified in Section 1.

Identification

Before complying with your request, we will always have to check your identity. If we cannot identify you, we will be unable to comply with your request.

Responding to a request

After identification, we will provide you with information concerning your request in writing, electronically or, if you so wish, orally. Please note that if you submitted your request electronically, we will respond electronically. Of course, even in that case you may request another form of communication.

Deadline for handling your request

We will inform you on the action taken on your request no later than within one (1) month after submission of the request. That period may be extended by two (2) further months where necessary, taking into account the complexity and number of the requests, and we shall inform you thereof within the one (1) month deadline.

We are also obliged to inform you within the one-month deadline if we do not take any action. You may lodge a complaint against this with NAIH (Hungarian National Authority for Data Protection and Freedom of Information) (Section 5.1.) or seek judicial remedy (Section 5.2).

Administrative fee

The requested information and measures are free of charge. An exception is made, however, for cases where the request is manifestly unfounded or excessive, in particular because of its repeated character. In this case, we charge you a fee or may refuse to comply with your request.

4.1. You may withdraw your consent 

For data processing carried out based on your consent, you may withdraw your consent at any time. In such cases, we immediately erase your personal data related to the data processing in question. We hereby inform you that the withdrawal does not affect the lawfulness of the data processing carried out before on the basis of the consent.

4.2. You may request information (access) 

Where the notification concerns a natural person, in exercising his or her right of information and access under the provisions on the protection of personal data, the personal data of the notifier shall not be disclosed to the person requesting the information.

You may request information as to whether personal data concerning you are processed, and if so:

• For what purposes?
• Exactly what data are being processed?
• To whom do we transfer such data?
• For how long do we store such data?
• What rights and legal remedies are available to you with respect to such data processing?
• Who transferred your data to us?
• Do we make automated decisions concerning you by using your personal data? In such cases, you may also request information on the logics (method) involved as well as the significance and the envisaged consequences of such processing.
• If you have found that your data are transferred to an international organisation or to a third country (non-EU member state), you may request a guarantee concerning the appropriate processing of your personal data.
• You may request a copy on your personal data processed by us. (For extra copies, we may charge you a fee based on the administrative costs.)

4.3. You may request rectification 

You may request us to rectify or complete incorrect or incomplete personal data concerning you.

4.4. You may request erasure of your personal data (‘right to be forgotten’)

You may request us to erase your personal data if:

• The personal data are no longer necessary in relation to the purposes for which we collected or otherwise processed them;
• For data processing carried out based on your consent;
• If it is established that the personal data have been unlawfully processed;
• If your objection is successful;
• If required by EU or national law;
• Data may collect within the framework of IT service provision for children.

We cannot erase personal data if they are necessary for the following purposes:

• for exercising the right of freedom of expression and information;
• for compliance with a legal obligation which requires processing by Union or Member State law to which the Controller is subject or for the performance of a task carried out in the public interest;
• for reasons of public interest in the area of public health;
• for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in so far as the erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
• for the establishment, exercise or defence of legal claims.

4.5. You may request restriction of the data processing 

You may request restriction of the data processing where one of the following applies:

• The accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data;
• The processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
• We no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
• You have objected to processing pending the verification whether the legitimate grounds of the Controller override yours.

Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. We shall inform you of the eventual lifting of such restriction.

4.6. You may request us to transfer your personal data (right to data portability) 

You have the right to receive your personal data processed by us in a machine readable format, and you have the right to transfer such data to another controller or request us to do so, if the data processing is based on your consent or a contract concluded with you or in your interest, and takes place in an automated manner.

That right shall not apply to processing necessary for the performance of a task carried out in the public interest. The above right may not adversely affect the rights and freedoms of others.

4.7. You may object to the processing of your personal data

You may object to the processing of your personal data if the data processing is based on legitimate interest or is necessary for direct marketing purposes (such as sending newsletters) or the performance of a task in the public interest. In this case we shall erase the personal data, unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

You may also object to the processing of your personal data if the processing takes place for scientific or historic studies or statistic purposes. In this case, we erase the personal data, unless the data processing is necessary for the performance of a task in the public interest.

5. Remedies

 

5.1. You may lodge a complaint with NAIH

If you believe that the processing of your personal data conflicts with the provisions of the GDPR, you may lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH).

NAIH

chair: dr. Attila Péterfalvi

mailing address: H-1363 Budapest, Pf. 9.

address: 1055 Budapest, Falk Miksa utca 9-11.

Telephone: +36 (1) 391-1400

Fax: +36 (1) 391-1410

web: http://naih.hu

email: ugyfelszolgalat@naih.hu 

5.2. You may seek judicial remedy

If you believe that the processing of your personal data conflicts with the provisions of the GDPR, or your rights under this GDPR are infringed, you may seek judicial remedy.

In Hungary, such cases fall within the competence of regional courts (törvényszék). The proceeding may be initiated at the regional court of the data subject’s home address or place of habitual residence – at the choice of the data subject. People otherwise without capacity to be a party to legal proceedings may also be parties to these proceedings. The Authority may only be involved in the proceeding in order to ensure success of the data subject. In addition to the provisions of the GDPR, court proceedings shall be governed by the Second Book, Third Part, Title XII of Act V of 2013 on the Civil Code (Sections 2:51-2:54), and other legal provisions relevant to court proceedings.

5.3. Compensation for damages

If the Controller causes damage with the unlawful processing of the data subject’s data, or violates the data subject’s personality rights, compensation for damages may be claimed from the Controller. The Controller shall be exempted from liability for the damage caused and from compensation for damages, if it can demonstrate that the damage or the violation of the data subject’s personality rights was caused by an unpreventable cause falling outside the scope of data processing.

6. Security of personal data

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.

We process personal data in a confidential manner, with restricted access, encryption and maximising our resilience to the extent possible, and ensuring their recoverability in case of any problem. We regularly test our system in order to guarantee its security.

In assessing the appropriate level of security, we take into account the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed.

We shall take steps to ensure that any natural person acting under our authority who has access to personal data does not process them except on our instructions, unless he or she is required to do so by Union or Member State law.

7. Miscellaneous

The Controller is entitled to modify this Privacy Notice at any time. Modifications shall enter into force upon their publication.