We kindly ask you to read carefully this information about data processing, in which our company informs its website visitors about processing and protecting data, and about the right of the data’s subject. If you are under 18, please read this information with your legal representative.
In case of any questions or comments, please contact us: firstname.lastname@example.org,
phone: +36 1 2250210. Company registration number for data handling NAIH-89669/2015.
Let us introduce ourselves: whom you process your personal data and how you can contact us.
Diamond Congress Ltd. (seated: 1012 Budapest, Vérmező út 8, central and head office: 1015 Budapest, Csalogány utca 28.) is a Hungarian resident business company providing conference organizing services as core activity for more decades.
Diamond Congress Ltd.
Seat: HUNGARY, 1012 Budapest, Vérmező út 8. II/4/a
Central office: HUNGARY, 1015 Budapest, Csalogány utca 28.
EU VAT number: HU10946130
Contacts: details: email@example.com, +3612250210, www.diamond-congress.hu
Company registration number for data handling NAIH-89669/2015.
Represented by: Attila Varga, managing director, Róbert Hohol company leader
In case of data protection queries, please contact us above or our consultant:
Dr. Zsuzsanna Árva
Whose data are subject of data processing?
Our data procession regulation and information governs the procession of natural person’s data, i.e. governs all data processions in which our company acquires data that may be connected to natural persons, may identify natural persons. During providing our activities, first of all, we acquire data of conference participants that are necessary to fulfil the services ordered by them. We mainly acquire data from the natural person himself/herself registering in the conference database, sometimes by the former organiser of the given conference or the professional organising body.
Which regulations govern the data procession?
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data
Law Nr CXII from the Year 2011 about the information self-governing right and the freedom of information
Opinions of the Commission’s Working Group Nr 29 and of the National Data Protection Office.
Which principles are regarded by us during data procession?
Our company processes data according to the regulations of the GDPR regarding the following principles:
Why are my data processed?
You have consented the data processing as follows:
Our webpage visitors (hereinafter: visitors) may register at their own will and give voluntarily data, with which they may be identified (name, e-mail address, contact data, address, profession, working place) other data given by the visitor voluntarily). With providing the data voluntarily the visitor consents that the exclusive operator of the webpage i.e. our company processes the data according to the principles set up in this information. Please take all the necessary measures to keep your user id and password confidential. Please give us only those data that are necessary to keep contact with you.
Abstracts, posters, e-mails
As it is common by scientific conferences, participants may publish lectures, studies, posters that may be collected in abstract books. The programme book of the conference includes furthermore the name and e-mail address, sometimes scientific degree or other data of the participants.
Lectures, posters, programme and abstract books will be preserved during the Diamond Congress Ltd. exits because of legal interest to reference. We draw your attention that these materials will be provided to the participants, i.e. it becomes publicly available.
Our company processes the data to fulfil the conference services:
We have to process your data to fulfil the conference services. Data processed: name, address, contact information (telephone, e-mail), invoice address, and card number in case of credit payment by mail order authorisation. Other eventual necessary data: data of workplace.
Furthermore our company may process your data if it may prove the legal interest regarding your data processing.
Sometimes the data processing is a legal obligation to us to fulfil tax and duties administration.
How do we process your data?
Our company processes the provided personal data and information only in connection with the goal of the data providing of the participants, and uses only to fulfil the requests of the participants, to communicate with her/him. The goal of the data processing is the fulfilment of the information requests, communication with the visitor, and fulfilment of the services.
Diamond Congress Ltd. collects, processes, stores and deletes the data according to its contracts or the legal regulations.
Diamond Congress Ltd. processes the data to third persons only in the following cases:
Please contact us if you wish to be informed about our data administrators. With our data administrators in every case we conclude data procession contract, in which our administrators oblige themselves to process the data according to legal regulations and this information is given to you.
Diamond Congress Ltd. erases the data if the data’s subject requests us in writing to do so, except we are obliged to preserve the data by the law. We erase the data also, if there are no legal obligations or they are not necessary to prove the delivery of contracted services, or we also erase the data which are processed exclusively according to your consent and you ask us in writing to do so.
Electronic data are erased in such way that their restoration should not be possible; paper data will be erased by erasing machine or by companies whose main activity and profession is the erasing of official documents.
Data will be collected by Diamond Congress Ltd. electronically. Data connected to employees and contracts are available on paper as well. Paper data will be stored on the seat or subsidiary of Diamond Congress Ltd. in folders. Only the authorised employees may have access to the necessary data, other persons have no possibility to access (closed shelves and rooms).
Employees are informed about their right to access and about their obligation to hinder unlawful access (pay attention to key, not entitled third person may not be left alone by open shelves).
Electronically collected data are stored and protected as follows: they are stored on servers at the central office of Diamond Congress Ltd. A multi-level firewall system cares about the outer protection of the information net of Diamond Congress Ltd.
The protection of data in databases are ensured by a two-level access protection system. On data base level data can be accessed directly only by the system administrator, other persons may have access to stored data only through an application connected to the data-base. These applications use own user identification.
In the application zone the Apache server accepts real data and commands only from local terminals (from HAProxy), and after having built the secure data connection and having been convinced that the queries are real, will only serve towards the Internet. The software written in Apache PHP5.2 running environment communicates directly with the MySQL data base located in DB zone. Both the application zone and DB zone marked by green are totally isolated from the direct Internet side.
Erasure of data on request are fulfilled by an employee having access to data, in other cases, permanently, but at least the data will be supervised annually and if their storage is not necessary any more, they are erased by the entitled employees.
Do I have access to my data?
Conference participants may modify their data in the registration system. In case the modification does not work, please contact us, and we do the amendments.
How long are your data preserved?
In case your data are processed according to your consent and there is no other legal basis (e.g.: delivery of contract), we preserve your data, till you revoke your consent or there is no goal for the procession and you consent the erasure.
In case we process the data on contractual basis we preserve the data for 5 years from the termination of contract, those data which are bases for annual balance are preserved 8 years from the termination. After this time period we erase the data.
In case there is legal interest for the processing of data we preserve them till we may prove the legal interest; if there is no more legal interest, we store them for 5 years from the termination of the legal interest.
What shall I know about cookies, other loggings?
Furthermore during the use of our applications your browser may send us automatic information when you open or use a web address such data as: IP address, opened webpage, activity logging. We may get information about the used hardware as type, operation system, its settings or individual identities. These pieces of information depend on your settings, so we suggest to study the user’s menu, user’s guide regarding information-technology, -security before using the hardware.
Diamond Congress Ltd. informs you about cookies also on its homepage and ask for your consent. We do not collect, or store data accessed from cookies.
Why do I get newsletters, what rights do I have regarding newsletters?
Diamond Congress Ltd. sends newsletters (typically conference circulars) only if the data’s subject has given his consent (on paper in writing, in email, or ticked on the internet). We inform you at the bottom of the newsletter about your rights: about the possibility to unsubscribe, or to rectificate your data. In case you unsubscribe, your data will not be stored or processed any more for the goal of newsletter sending.
What kind of rights do I have regarding my data procession?
May unauthorized third person access to my personal data?
We speak about personal data breach in case your data is accessed by unauthorized third person, or there is a danger of accession.
No personal data breach occurred by Diamond Congress Ltd. in the last decades. The following possible risk may occur:
Hindering the above risks, Diamond Congress Ltd:
In case any of the employees of Diamond Congress Ltd. notice a personal data breach, they report it to the managing director, who appoints the person without delay, who is responsible for investigating within 24 hours: the data’s subject whose personal data have been injured, and the possible risks. She/he suggests without delay how to process the data breach and informs the director. The general manager decides about the necessary measures that are able to avoid, prevent but at least minder the damages.
In case the data breach has high risk for the rights and freedom of the data’s subject, Diamond Congress Ltd. informs the data’s subject about the data breach without reasonable delay with the following content at least: character of the breach, contact person and contact information, possible risks from the breach, measures for remedy.
Present data procession information enters into effect on the 25th of May 2018. Matters not regulated in the present information are governed by the GDPR and the relevant Hungarian regulations.
Budapest, 25 May 2018.
Attila Varga, managing director