IMPORTANT! Please be sure to read the information below before using the http://www.fultumconsulting.hu website so that you fully understand the purposes for which we process your personal data and the conditions under which we do so. Instead of using the legal term “data subject,” we address you personally (hereinafter: “you”). If you do not wish for us to process your personal data, please do not use the services available on this website.

BRIEF OVERVIEW: When you submit a request for information or other inquiry, you provide your personal data. The purpose of this data processing is to enable the data controller to respond substantively to your inquiry and to contact you in connection with it. The legal basis for this data processing is your consent. The details of data processing are explained in detail below; please read them carefully. If you have any questions, we are happy to assist you at info@fultumconsulting.hu. You may withdraw your consent to data processing at any time in accordance with the terms set forth in this notice. Since fulfilling requests for information or other inquiries is meaningless and therefore impossible without the provision of the data strictly necessary for this purpose, it is not possible to fulfill the request or inquiry without the provision of such data. You may exercise your right to file a complaint with the supervisory authority at any time. For your information, you may exercise the additional data subject rights listed in this notice at any time in accordance with the terms set forth herein.

1. Data Controller

Please be advised that your personal data is processed by Fultum Consulting Zrt. as the data controller (registered office: 1117 Budapest, Sopron út 40; Tax ID: 26669146-2-43; represented by: Zoltán Monostori, CEO; email address: info@fultumconsulting.hu, website: http://www.fultumconsulting.hu (hereinafter: Data Controller).

2. Scope of processed data, purpose and legal basis of data processing:
3. A) Legal Basis

We process your data based on your consent, which you may withdraw at any time by sending a written message to info@fultumconsulting.hu. Please note that if you withdraw your consent, this will not affect the lawfulness of our data processing activities carried out prior to receiving your statement of withdrawal, based on your consent.

1. B) Purpose

We process your personal data for the purpose of responding to your inquiry, contacting you, and providing you with the necessary information, whether in general or regarding a specific matter.

1. C) Scope of Processed Data

Name

Email

Personal data shared in the message sent

Date of contact

3. Duration of data processing

We will process your personal data until you withdraw your consent; however, even in the absence of such withdrawal, we will process your data only until we have fulfilled your request for information or other inquiry. Upon expiration of the data processing period, we will delete the personal data or, if that is not possible, we will anonymize the data in a manner that makes it impossible to identify you in the future.

4. Recipients of Data
5. A) Data Processors

Web hosting provider, email service provider:

The data you provide is stored on a server operated by the web hosting provider. The data may be accessed by the staff of our data processing partner who operates the server, and they are responsible for ensuring the secure handling of the data.

Please be advised that the data processor may process the data exclusively in accordance with the Data Controller’s instructions and the provisions of the data processing agreement concluded with it.

1. B) Employees of the Data Controller

Your data is accessible to our employees, all of whom are responsible for ensuring the secure handling of the data.

7. Security of Data Processing

The Data Controller and its employees are required to comply with the same data protection and confidentiality obligations as the Data Controller. The Data Controller shall take all necessary measures to protect the personal data it processes against unauthorized access, alteration, disclosure, deletion, damage, or destruction, as well as to protect other data against deletion, damage, or destruction. In the course of these activities, the Data Controller shall take, in particular but not exclusively, the following measures:

Mirroring: To prevent the loss of personal data, the network server (hereinafter “server”) shall be continuously mirrored on a data storage medium physically separate from it.

Fire protection: Data and databases must be stored in a room equipped with fire protection and property protection systems.

Virus protection: The computer equipment of administrators and employees handling personal data must be kept free of viruses.

Access protection: Data may only be accessed with valid, personal, and identifiable authorization. Network resources may only be accessed with a valid username and password.

Network protection: Using the IT equipment available at all times, unauthorized persons must be prevented from accessing servers that store data and are accessible via the network.

8. Your rights:
9. Request for information: You may request information from us via the contact details provided regarding what data we process, on what legal basis, for what purpose, from what source, and for how long. We will respond to your request via email without undue delay, but no later than within one month of receiving it
10. Right to Rectification: You may request that we correct any of your data via the contact details provided. We will act on your request without undue delay, but no later than within 1 month of receiving it, and will send you a notification to your email address.
11. Right to erasure: You may request that we erase any of your data by contacting us via the contact details provided. We will act on your request without undue delay after receiving it, but no later than within 1 month, and will send you a notification to your email address.
12. Right to restrict processing: You may restrict the processing of your personal data in the following cases and for the following periods:

– if you become aware that your data is being processed inaccurately, until the accuracy of the personal data has been verified, or

– if unlawful data processing has occurred, but you expressly request that we not erase your data, or

– if we no longer need the data for the purposes specified in this notice, but you require the data to assert, exercise, or defend your legal claims.

Please note that in the event of a restriction on data processing, we will continue to store the data but will not perform any other operations on it. If you have submitted a request to us to restrict data processing, we may process your personal data only with your consent, or for the purpose of asserting, exercising, or defending legal claims, or for reasons of substantial public interest. Please be advised that if the grounds for restricting data processing no longer exist, we will notify you in writing of the lifting of the restriction and the date thereof no later than 15 days prior to the lifting.

1. Right to withdraw consent: You may withdraw your consent to the processing of your data at any time by sending us an email
2. Complaints and remedies: You may submit a complaint regarding data processing directly to us via the email address provided in the contact information. We will investigate your complaint and inform you of the outcome in writing without undue delay after receiving your complaint, but no later than within one month.

If you believe that the lawful status cannot be restored, you have the option of filing a complaint with the authority using the contact information below:

National Authority for Data Protection and Freedom of Information

Mailing Address: 1363 Budapest, P.O. Box 9. Address: 1055 Budapest, Falk Miksa Street 9-11

Phone: +36 (1) 391-1400

Fax: +36 (1) 391-1410

Email: ugyfelszolgalat@naih.hu www.naih.hu

If you disagree with our decision resulting from the investigation, you may appeal to the court. The adjudication of the case falls within the jurisdiction of the court. The case may be brought—at your discretion—before the court having jurisdiction over the Data Controller’s registered office or your place of residence or current location.

9. Name and contact information of the Data Protection Officer

Name: Dr. Fanni Eszter Molnár, Attorney at Law

molnar.fanni.e@gmail.com

The Data Protection Officer participates in and assists with decision-making related to data processing, ensures the rights of data subjects, and monitors compliance with data protection laws, internal data protection and data security policies, and data security requirements. The Data Protection Officer investigates reports received and, upon detecting unauthorized data processing, calls on the data controller or data processor to cease such processing; may propose amendments to the internal data protection and data security policy; maintains the data protection register; and ensures training on data protection.

10. We may unilaterally amend our Privacy Policy after notifying you in advance, so that you have the opportunity to learn about the changes made to the information provided in the Privacy Policy.
11. Legal basis for data processing

GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Info Act: Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information. (under amendment)

Public Records: Act LXVI of 1995 on Public Records, Public Archives, and the Protection of Private Archival Materials.

Public Service: Government Decree No. 335/2005 (December 29) on the General Requirements for Records Management by Bodies Performing Public Service Functions.