GDPR PRIVACY POLICY

Megapark Invest Ltd
Valid from 18th October 2021

Content
DGPR PRIVACY POLICY
Introduction
Data management related to the use of the website.
1. Name of the data handler
2. Legislation underlying data management.
3. Data management related to the completion of the contact form.
4. Use of cookies
5. Technical and organizational measures related to data management
6. Rights of data subjects

GDPR PRIVACY POLICY

Introduction
This prospectus provides information in connection with the personal data management related to the use of the website (www.mega-park.hu) of Megapark Invest Ltd (37-43 Andrássy út, Békéscsaba, 5600, Hungary; company registration number: 04-09-008711; Taxpayer reference: 14593064-2-04).
This website enables its visitors to obtain information about the services provided by Megapark Invest Ltd, or to contact the website operator by filling in the contact form.

I.    Personal Data Management related to the use of the website.

1.    The data handler
Data handler: Megapark Invest Ltd.
Head Office: 37-43 Andrássy út, Békéscsaba, 5600, Hungary
Company registration number: 04-09-008711
Taxpayer Reference: 14593064-2-04
E-mail: airpark@mega-park.hu

2.    Legislation underlying personal data management.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Act CVIII of 2001 on certain issues of electronic commerce activities and information society services.
Act C of 2003 on electronic communications.
Act XLVII of 2008 on the Prohibition of Unfair Business-to-Consumer Commercial Practices.
Act XLVIII of 2008 on the essential conditions and certain limitations of business advertising activity.
Act CXII of 2011 on information self-determination and freedom of information.

3.    Personal Data management related to the completion of the contact form
By filling out the Contact Form the website user can contact the data controller.

3.1.    Purpose of personal data management
The purpose of personal data management is to identify those who fill in the contact form and create the opportunity to keep in touch.

3.2.    Legal basis for personal data management
GDPR Article 6, (1) paragraph a): the data subject has given consent to the processing of his or her personal data for one or more specific purposes.

3.3.    Purpose of the data processed and personal data management
The range of data handled when completing the contact form.

Please note that email addresses do not need to contain personal information. For example, it is not necessary for the e-mail address to include the name of the data subject. The data subject is free to decide whether to provide an existing e-mail address that contains information indicating his or her identity.

3.4.    Use of a data processor
Website operator:
data processor: Aktiv Digital Media Ltd.
Head office: 5600 Békéscsaba, Lencsési út 35-37. 8. em. 46.
Company registration number: 04-09-014773
Taxpayer Reference: 26629827-2-04
e-mail: office@aktivdigital.hu
telephone: +36 30 / 360 9350

Data processor used as a hosting providers:
data processor: WebHostIcon Tárhely- és Domain Szolgáltató Ltd.
Head Office: 1081 Budapest, Légszesz u. 4.
Company registration number: 01-09-949386
Taxpayer Reference: 23023071-2-42
e-mail: ugyfelszolgalat@webhosticon.hu
telephone: +36 30 598 7210
data processor: Alföld.NET Ltd.
Head Office: 5600 Békéscsaba, Bartók B. út 46-50.
Company registration number: 04-09-014030
Taxpayer Reference: 25870484-2-04
e-mail: iroda@alfold.net
telephone: +36 66/520-600

3.5.    The Data Subjects
Individuals who complete the contact form and consent to personal data management.

3.6.    Duration of personal data management
For 1 year from the sending of the message and until the withdrawal of the consent.

3.7.    Method of personal data management
The personal data is processed automatically in electronic form in the data controller's mail system.

4.    Use of Cookies
HTTP cookies  are small blocks of data created by a web server while a user is browsing a website and placed on the user's computer or other device by the user’s web browser. 
The most frequently used browsers (Chrome, Firefox, etc.) support cookies and allow the user to disable them by changing the settings of the browser, or the user can choose to delete the cookies stored ont he computer. For more information on the use of cookies, see the "help" menu item in each browser.
There are basically two types of cookies. One group includes those that do not require user consent. We will inform you about these when you start your first visit to our website. Examples are "user input" cookies, authentication cookies, user-centric security cookies, multimedia player session cookies, load balancing session cookies, and user interface customization cookies.
The other group includes cookies that require the user's consent. If the data management already starts by visiting the page, we will inform the user about these at the beginning of the first visit and ask for the user's consent. Examples of such cookies are social content sharing tracking cookies, cookies related to third-party ads, and personal visit analysis cookies.
Acceptance of cookies is not mandatory, however, we inform users that failure to enable cookies may affect the operation of the website. Therefore, we do not accept any liability if, in the absence of cookies, our website may not function as expected.

4.1.    Cookies applied
Type: Session cookies.
Name: Cookies that are essential to the service.
Consent: Not required
Description: These cookies are necessary to allow users to use the website.
Goal: Ensuring the operation of the website
Validity: Until the browsing session ends.

Type: Functionality cookies
Name: Cookies used to store previous settings. (e.g., remember passwords, custom settings, etc.)
Consent: required
Description: These cookies allow the browser to remember certain settings of the user on the website. For example, what cookies you accepted on your first visit.
Goal: The purpose is to memorize user settings.
Validity: It depends on the setting, but up to 2 years

Type: Tracking cookies for visit analysis (from third parties)
Név: Google Analytics (_gat és _ga)
Consent: required
Description: They collect information about the use of the site and about the user's activities.
Goal: When you visit this website, it is linked to the services of third parties (such as Google)
Validity: 2 years

You can find out more about third-party cookies (thirdpartycookie) at the following links: 
Google Analytics - https://policies.google.com/technologies/types?hl=hu 
Google Remarketing–https://policies.google.com/technologies/types?hl=hu
Facebook Pixel - https://www.facebook.com/policies/cookies/
Google Conversion tracking - https://policies.google.com/technologies/types?hl=hu

5.    Technical and organizational measures related to data management
The Company ensures and facilitates the exercise of the data subject's rights in relation to data processing, in particular the right to information and protest. The Company undertakes to include guarantees in its data protection regulations that guarantee the protection of the rights of the data subjects.

6.    Rights of data subjects
The data subject can exercise the rights described below at the address given in point 1. All claims related to enforcement will be processed within 25 days of receipt.

6.1.    Right to information
The principle of fair and transparent data management requires that data subjects be informed - before the data processing starts - about the fact and purpose of the data processing, as well as the identity of the data controllers, data protection officers, the scope of the data processed, the legal basis, time and manner of data processing. On the basis of the right to information, data subjects have the opportunity to request information regarding the processing of their data, in which case they will be provided with personal information.

6.2.    Withdrawal of consent
The data subject has the right to withdraw his or her consent at any time. Withdrawal of consent shall not affect the lawfulness of the data processing prior to withdrawal.

6.3.    Right of rectification
The data subject has the right to request the correction or supplementation of the data concerning him / her processed by us.

6.4.    Right of cancellation / forgetting
Data subjects have the right to request the deletion of their data processed by us. Please note that a request for deletion will be rejected if there is an obligation to store the data.

6.5.    Right to lock / restrict
The data subject has the right to request that we restrict / block the data processed (by clearly indicating the limited nature of the data processing and ensuring that the processing is separate from other data.) The blocking shall last as long as the reason given by the data subject so requires.

6.6.    Right to protest
The data subject has the right to object - for reasons related to his or her situation - to the processing of his or her personal data in the public interest or in the exercise of a public authority.

6.7.    The right to data portability
The data subject shall have the right to receive personal data concerning him or her made available to the controller in a structured, widely used machine-readable format. 
He or she is also entitled to transfer this data to another controller without being hindered by the controller to whom the personal data has been made available, if the processing is based on consent or a contract and the processing is automated.

6.8.    The right to lodge a complaint or the right to initiate proceedings
The data subject shall have the right to lodge a complaint or institute proceedings with a supervisory authority and to seek effective judicial redress if he or she considers that there has been an infringement of his or her rights in relation to the processing of his or her data or the exercise of his or her rights. In the event of a judicial remedy, the person concerned may bring a civil action, the jurisdiction of which falls within the jurisdiction of the tribunal. The action may, at the option of the person concerned, be brought before the court of his or her domicile. (you can view the list and contact details of the courts via the following link: http://birosag.hu/torvenyszekek).
Contact details of the competent supervisory authority:

Hungarian National Authority for Data Protection and Freedom of Information
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C
Postal address: 1530 Budapest, Pf.: 5
e-mail: ugyfelszolgalat@naih.hu
telephone: +36 (1) 391-1400

In order to resolve the problem as quickly as possible, complainants are asked to contact our Company with their complaints before going to the supervisory authority or court.