Privacy Policy

Privacy Policy

 

EAGT Gestalt Conference

19-22 September, 2019

 

By registering for the service related to the information content operated by Magyar Gestalt Egyesület / Hungarian Gestalt Association (address: 1146 Budapest, Zichy Géza u. 5. registry keeping authority: Metropolitan Court, company registration number: 01-02-0010812, e-mail: elnokseg@gestalt.hu) hereinafter: Operator or data controller), under domain https://gestaltconference2019.com/ (hereinafter: Website) you (hereinafter: User)

 

grant your expressed consent to Data Processing,

pursuant to the terms and conditions detailed in the Data Protection Information below:

 

I.            Data controller: Magyar Gestalt Egyesület/Hungarian Gestalt Association (address: 1146 Budapest, Zichy Géza u. 5., Registry keeping authority: Metropolitan Court, registration number: 01-02-0010812 219-03-72 e-mail: elnokseg@gestalt.hu)

II.            as Operator processes the personal data recoded by it in compliance with the provisions of the 679/2016 General Data Protection Regulation (GDPR).

III.            Consent to data processing is granted voluntarily in one of the following ways:

a)       Ticket purchase, registration for the conference

b)       Registration for holding a workshop

c)       Application for scholarship to the European Association for Gestalt Therapy

d)       Image and voice recordings at the Conference

 

a)       Ticket purchase, registration for the conference

1.       Data processed in relation to the purchase: name, email address, address, billing address, phone number, special meal requests, IP address. For students name of the training institution, registered office (town), scholarship application. Applications for workshops

2.       With the ticket purchase (following the payment of the ticket) the User Profile (My account) is established for the purpose of applying to the working groups of the Conference and providing and receiving information about it. In the account, the password and, from the email address, the user name, are generated automatically; the password can be modified after the first log in. The system stores only the encrypted print of the password.

3.       Purpose of data processing: to implement the EAGT (European Association for Gestalt Therapy) Gestalt Conference (hereinafter: Conference), and to offer the service relating to the information society through the Website, including

–    the distinction of users;

–    ticket purchase;

–    creating and maintaining a user profile page;

–    storing contents generated by the User;

–    handling potential customer complaints;

–    Implementation of the Conference

4.       Data transfer, disclosure: the Operator transfer the names of the registered individuals to EAGT; the names of registered individuals and their selected working groups are accessible to those who register for the conference, users can see that information by entering their personal profiles (My account) on the Website.

5.       Legal basis of data processing: voluntary consent of the data subject. Data processing relating to the ticket purchase is based on Acts on Act CXVII of 1995, Act C of 2000 and Act XCII of 2003 regulating the taxation and accounting obligations.

6.       Modification and rectification of data: based on a request addressed to the Operator

7.       Duration of data processing, data erasure:

–    the duration of Data Processing relating to the ticket purchase is 8 years.

–    the data included in the profile (My Account) automatically erased within 30 days after the Conference.

–    as a sanction: without any prior warning, when the User’s activity on the website is fraudulent, or infringes the law, or violates or imposes a threat to the right or legitimate interest of the Operator or a third party;

–    The Operator shall delete the profile upon the data subject’s request immediately after receiving the request or no later than within 14 days.

8.       The Operator shall send the important information relating to the operation of the Website and the Conference to the provided e-mail address in the form of system messages.

b)       Registration for holding a workshop.

The Data Subjects who purchased tickets and used them to register for the Conference may also apply to hold workshops.

9.       Scope of data and information processed: title and type of the presentation, number of presenters, minimum and maximum number of participants, pre requisites of participation, presentation of the workshop and the conditions required for it, name, gender, email address and country (of origin and current), occupation, highest qualifications of the presenter, Gestalt practice level, is there any relevant accreditation, former participation in Gestalt conference, introduction, description of the presentation, background of the experience, Harward referencing, purpose and expected results of the presentation, conflict of interest related to the workshop, violation of any law or ethical standard of practice in your profession.

10.    Purpose of data processing: to implement the EAGT Gestalt Conference (hereinafter: Conference), to manage applications to hold a workshop and to offer the service relating to the information society through the Website, including

–    the distinction of users;

–    registration to hold a workshop;

–    storing contents generated by the user;

–    implementation of the Conference

11.    Data transfer, disclosure to the public: the Operator transfers the data of the individuals registered to hold workshops and the characteristics of the workshops to EAGT; the professional information and introduction of the individuals registered to hold workshops and the workshop features are publicly accessible for the individuals registered for the Conference.

12.    Legal basis of data processing: voluntary consent of the data subject.

13.    Modification and rectification of data: based on a request addressed to the Operator

14.    Duration of data processing, data erasure:

–    the Operator shall erase the information about the characteristics of the workshops and the data of the individuals registered to hold workshops after 5 years from the date of the Conference.

–    as a sanction: without any prior warning, when the User’s activity on the website is fraudulent, or infringes the law, or violates or imposes a threat to the right or legitimate interest of the Operator or a third party;

–    the Operator shall delete the profile upon the data subject’s request immediately after receiving the request or no later than within 14 days.

15.    The Operator shall send the important information relating to the operation of the Website and the Conference to the provided e-mail address in the form of system messages.

c)       Application for scholarship

Data Subjects who purchase a tickets and use it to register for the Conference for scholarships (incomplete Hungarian sentence).

16.    The scope of processed data and information: name, email address, phone number, country, town, Skype name, requested amount, reason for the application.

17.    Purpose of data processing: to provide financial support to the participation in the Conference.

18.    Data transfer: the Operator transfers the scholarship applications to EAGT for assessment.

19.    Legal basis of data processing: voluntary consent of the data subject.

20.    Modification and rectification of data: based on a request addressed to the Operator

21.    Duration of data processing, data erasure:

–    EAGT shall erase the respective information and the data of the applicants in view of the settlement and bookkeeping obligations of the organisation 5 years after the date of the Conference;

–    the Operator shall erase the data after the implementation of the Conference;

–    prior to the supply of the scholarship, the Operator shall delete the profile upon the data subject’s request immediately after receiving the request or no later than within 14 days.

22.    The Operator shall send the important information relating to the scholarship to the provided e-mail address in the form of system messages.

d)       Image and voice recordings at the Conference

23.    Image and voice recording may be made at the Conference, capturing the visitors to the Conference, which will be used in a in a manner making them accessible by the general public. If you do not wish to be included in the recordings, then please wear the NO PHOTO badge, available at the registration point!

24.    If you intend to withdraw your consent later, you may do so by using the contact information included in this Data Processing Information, but please also take into account that the Data Processor may have the right to disregard the withdrawal of your consent pursuant to the provisions of the 679/2016 General Data Protection Regulation (GDPR) .

25.    Purpose of data processing: documentation of the Conference, information about the Conference, marketing.

26.    Legal basis of data processing: voluntary consent of the data subject.

27.    Duration of data processing, data erasure:

–    the Operator publishes the recordings and will store them for no more than 50 years for archiving purposes in the public interest, scientific or historical research purposes in line with Article 89. (1) of the GDPR;

–    if that is lawful, the Operator shall delete or modify the recording with the pixilation of the data subject upon the data subject’s request immediately after receiving the request or no later than within 14 days.

 

IV.            Only the User is responsible for the authenticity, accuracy of the personal data. The Operator does not assume any liability for any inadequacy in the data supply or for any consequence resulting from the erroneously submitted data.

The Operator shall take all necessary technical and organisational measures and will establish adequate procedural rules to ensure the security of personal data during the entire process of data processing. The databases containing the personal data are backed up once every calendar day and each backup is kept for 7 days.

V.            The Operator stores the personal data of users on a server, situated in the territory of Hungary, at the registered office of Webonic Kft. (8000 Székesfehérvár, Budai út 14., webonic@webonic.hu, details: http://letoltes.webonic.hu/adatvedelem.pdf) .

VI.            Data processor: Salesautopilot Kft. (1024 Budapest, Half-floor 4., Margit krt. 31-33., 5829 Other software issue ) , számlázz.hu (operator: KBOSS.hu Kft., tax number: 13421739-2-13, company registration number: 13-09-101824, registered office: 2000 Szentendre, Táltos u. 22/b), and web editor individual entrepreneur (Éva Szlafkai, 66853699-1-31 (tax number), 136564UA (personal identity card number.), 2851 Környe, Kisfaludy köz 1.)

VII.            Information may be requested on processing from the Operator in writing.

VIII.            In addition to the above, the Operator shall also erase the personal data of the User when

–    processing is unlawful for any reason;

–    the purpose of processing no longer exists;

–    the court or an authority ordered the erasure;

–    the processed data are incomplete or erroneous and that situation cannot be lawfully remedied and the erasure of data is not excluded by legislation.

IX.            Rights of the data subject and legal remedy options

A)       Right to information

1.         Upon the user’s request the Operator shall provide information concerning the user’s data relating to the service, including those processed by a data processor on its behalf, the sources from where they were obtained, the purpose, grounds and duration of processing, the name and address of the data processor and on its activities relating to data processing, and the legal basis of data transfer and the recipients.

2.         Based on an authorisation granted in the law, the Operator may be contacted to provide information, to disclose or transfer data or to make documents available. The Operator shall make available the personal data that are absolutely necessary for achieving the purpose of the request to the requesting body, provided that the exact objective and the scope of data were specified in the request.

3.         The exercise of the right to information may be denied only in cases defined in Article 15(5) of the GDPR.

4.         Upon request, data subjects may view the Operator’s records of data processing relating to them pursuant to Article 30. (1) of the GDPR.

B)       Right of access

1.         Upon the data subject’s request the Operator provides information regarding whether or not their personal data are being processed, and if they are, the data subject has the right to access their personal data and the following information:

–   the purposes of data processing;

–   the categories of the respective personal data;

–   the recipients or the categories of thereof (including recipients from third countries and international organisations) who/which have received or will receive the data subject’s personal data;

–   where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;

–   the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;

–   the right to lodge a complaint with a supervisory authority;

–   if the personal data of the data subject are obtained from other sources than the data subject themselves, any available information regarding the data source;

–   the automated decision process, including the profiling process and information on the logics applied in such processes – at least in such cases – and the significance of such data processing activities as well as the expected consequences thereof, for the data subject.

2.                                 If the personal data are shared with third country recipients the data subject has the right to receive information on the guarantees regarding such sharing of their personal data,.

3.         The Operator shall provide the data subject with a copy of the personal data processed upon request. For any further copies requested by the data subject, the Operator may charge a reasonable fee based on administrative costs. If the data subject submits the request via an electronic channel the requested information shall be sent to them in a widely used electronic format unless the data subject requests a different format. The right to obtain a copy shall not adversely affect the rights and freedoms of others.

C)       Right to rectification and erasure

1.         Upon the data subject’s request, the Operator shall, without any unjustifiable delay, rectify the inaccurate personal data of the data subject and, by taking into account the purpose of processing, shall also arrange for the supplementation of incomplete personal data based on the data subject’s request to do so.

2.         Upon the data subject’s request the Operator shall erase personal data concerning the data subject without any unjustifiable delay if:

a)         the personal data requested to be deleted are no longer needed for the purpose they were obtained for and processed in any way;

b)         the data subject withdraws consent on which the processing is based and where there is no other legal ground for the processing;

c)         the data subject objects to the processing of their personal data and there is no prevalent legitimate reason for the processing of the data, or the data subject objects to the processing of data for direct marketing purposes;

d)         the personal data of the data subject are processed unlawfully;

e)         the personal data must be erased for compliance with a legal obligation in Union or Member State law to which the Operator is subject.

3.         The rights specified in this section may only be restricted when the exceptions defined in the GDPR prevail.

D)      Right to restriction of processing

1.         Upon the data subject’s request the Operator restricts data processing if

a)         the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;

b)         the data processing is unlawful and the data subject does not consent to the deletion of the data but requests the restriction of their use;

c)         the data controller no longer needs the personal data for processing purposes, but the data subject requests the data for the submission, enforcement or protection of legal claims.

E)       Right to data portability

Considering that the data subjects may have access to data without any difficulty, the Operator does not provide data portability.

F)     Right to object

The Operator does not process data or build profiles for any purpose in the interest of the public or for a legitimate interest, and therefore the data subject does not have any right to object.

G) Automated decision making and profiling

The Operator does not use and automated decision making procedure and does not make any decision based on profiling which would have a legal impact on the data subject or would affect them to a similarly significant extent.

X.            The Operator shall communicate any rectification or erasure of, or objection to, personal data or restriction of processing carried out to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The Operator shall inform the data subject about those recipients if the data subject requests it.

XI.            The Operator reserves the rights to alter or terminate any content element name or contact information of the website or modify its contents, themes or operation at any time, without any prior notification. Such changes do not have any impact on the objective of data processing or the consent to data processing stated herein.

XII.            In the case of any legal infringement the User may turn to the competent court or apply to the National Authority for data protection and freedom of information for an investigation (president: dr. Attila Péterfalvi, 1024 Budapest, Szilágyi Erzsébet fasor 22/C., ugyfelszolgalat@naih.hu, +36-1-3911400, www.naih.hu).

XIII.            The User’s browser stores a data package (cookie) based on the order of the server supporting the website in order top boost the user experience while the website is in use, or to customise the website. Such a data package (cookie) can identify the User’s computer and, in certain cases, the User, in an anonymous way. Used cookies:

–          storing of the log in data without the possibility of recovering the saved password;

–          Session cookie for a period of 24 minutes or until the browser is closed in order to identify log in to the Profile;

–          Collection of the data on the visits to the websites (Google Analytics).

The cookies may be deleted in the settings of the browser of the computer used by the User.

XIV.            Log in: the Operator regularly logs and, after 30 days deletes the data indicated below to support an error search or to prevent a fraud, and to perform a service or control its operation as well as for statistical purposes: date, IP address, indication of the browser’s technical ID, type of the operating system and used device, visited page.

Budapest, 17 May 2018

Privacy Policy can be downloaded here : LINK