We kindly ask you to read carefully this information about data processing, in which our company informs its website visitors and application- or webinar users about processing and protecting data, and about the right of the data’s subject. If you are under 18, please read this information with your legal representative.
In case of any questions or comments, please contact us: email@example.com,
phone: +36 1 2250210.
Let us introduce ourselves: whom you process your personal data and how you can contact us.
Diamond Congress Ltd. (seated: 1012 Budapest, Vérmező út 8, central and head office: 1015 Budapest, Csalogány utca 28.) is a Hungarian resident business company providing conference organizing services as core activity for more decades. Since 2020 beside the traditional face to face events our conferences are organized online through applications as well.
Diamond Congress Ltd.
Seat: HUNGARY, 1012 Budapest, Vérmező út 8. II/4/a
Contact address and central office: HUNGARY, 1015 Budapest, Csalogány utca 28.
EU VAT number: HU10946130
Contact details: firstname.lastname@example.org, +3612250210, www.diamond-congress.hu
Represented by: Attila Varga, managing director, Róbert Hohol, executive officer
In case of data protection queries, please contact us above or our consultant:
Dr. Zsuzsanna Árva
Whose data are subject of data processing?
Our data procession information governs the procession of natural person’s data, i.e. governs all data processions in which our company acquires data that may be connected to natural persons, may identify natural persons. During providing our activities, first of all, we acquire data of conference participants that are necessary to fulfil the services ordered by them. We mainly acquire data from the natural person himself/herself registering in the conference database. Sometimes we acquire personal data from the former organiser of the given conference or the professional organising body, if the data’s subject has given his consent to data processing to the future organizers.
Which regulations govern the data procession?
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data
Law Nr CXII from the Year 2011 about the information self-governing right and the freedom of information
Opinions of the Commission’s Working Group Nr 29 and of the National Data Protection Office.
Which principles are regarded by us during data procession?
Our company processes data according to the regulations of the GDPR regarding the following principles:
Why are my data processed?
You have consented the data processing as follows:
Our webpage visitors (hereinafter: visitors) and application or webinar users may register at their own will and give voluntarily data, with which they may be identified (name, e-mail address, contact data, address, profession, working place) other data given by the visitor voluntarily). With providing the data voluntarily the visitor consents that the exclusive operator of the webpage i.e. our company processes the data according to the principles set up in this information. Please take all the necessary measures to keep your user id and password confidential. Please give us only those data that are necessary to keep contact with you.
Abstracts, posters, e-mails
As it is common by scientific conferences, participants may publish lectures, studies, posters that may be collected in abstract books. The programme book of the conference includes furthermore the name and e-mail address, sometimes scientific degree or other data of the participants.
Lectures, posters, programme and abstract books will be preserved during the Diamond Congress Ltd. exists because of legal interest to reference. We draw your attention that these materials together with the above mentioned personal data will be provided to the participants, i.e. it becomes publicly available.
For our webinar users: in case of every online conference it will be published how long the lectures, posters and other scientific materials submitted and published on the website by the data’s subject himself will be open to webinar participants on the website. After this deadline Diamond Congress Ltd erases all materials, do not preserve any poster or lecture.
Please note, Diamond Congress Ltd takes all efforst to keep these materials confidential and public only to webinar participants, however by the recent technology Diamond Congress Ltd cannot take any financial and non-financial responsibilities for materials and personal data illegal copy or acquisition by third person.
Our company processes the data to fulfil the conference services:
We have to process your data to fulfil the conference services. Data processed: name, address, contact information (telephone, e-mail), invoice address, and card number in case of credit payment by mail order authorisation, scientific degree. Other eventual necessary data: data of workplace.
Furthermore our company may process your data if it may prove the legal interest regarding your data processing, e.g. because of reference we preserve printed abstract books, program leaflets.
In case of invoicing the data processing is a legal obligation to us to fulfil tax and duties administration.
We may process your data as well if you consented e.g. you given your consent to process your data to future organizers.
Legal interest as base of data processing
We may process your data because we have legal interest to do so. It occurs in the following cases:
How do we process your data?
Our company processes the provided personal data and information only in connection with the goal of the data providing of the participants, and uses only to fulfil the requests of the participants, to communicate with her/him. The goal of the data processing is the fulfilment of the information requests, communication with the visitor, and fulfilment of the services (conference participation).
Diamond Congress Ltd. collects, processes, stores and deletes the data according to its contracts or the legal regulations.
Diamond Congress Ltd. processes the data to third persons only in the following cases:
Please contact us if you wish to be informed about our data administrators. With our data administrators in every case we conclude data procession contract, in which our administrators oblige themselves to process the data according to legal regulations and this information is given to you.
Diamond Congress Ltd. erases the data if the data’s subject requests us in writing to do so, except we are obliged to preserve the data by the law. We erase the data also, if there are no legal obligations or they are not necessary to prove the delivery of contracted services, or we also erase the data which are processed exclusively according to your consent and you ask us in writing to do so.
Electronic data are erased in such way that their restoration should not be possible; paper data will be erased by erasing machine or by companies whose main activity and profession is the erasing of official documents.
Data will be collected by Diamond Congress Ltd. electronically. Data connected to contracts may be available on paper as well. Paper data will be stored on the seat or subsidiary of Diamond Congress Ltd. in folders. Only the authorised employees may have access to the necessary data, other persons have no possibility to access (closed shelves and rooms).
Employees are informed about their right to access and about their obligation to hinder unlawful access (pay attention to key, not entitled third person may not be left alone by open shelves).
Electronically collected data are stored and protected as follows: they are stored on servers at the central office of Diamond Congress Ltd. A multi-level firewall system cares about the outer protection of the information net of Diamond Congress Ltd.
The protection of data in databases are ensured by a two-level access protection system. On data base level data can be accessed directly only by the system administrator, other persons may have access to stored data only through an application connected to the data-base. These applications use own user identification.
In the application zone the Apache server accepts real data and commands only from local terminals (from HAProxy), and after having built the secure data connection and having been convinced that the queries are real, will only serve towards the Internet. The software written in Apache PHP5.2 running environment communicates directly with the MySQL data base located in DB zone. Both the application zone and DB zone marked by green are totally isolated from the direct Internet side.
At the virtual conference space we provide access to the presentation videos, posters given by the authors themselves (and also abstracts, as mentioned above) and product information by our exhibitors. This access is limited in time as it is announced at the certain webinar information site. Entering the conference area is available only by having a proper username and password combination, this is generated randomly by the organisers and it is announced by e-mail before starting the event. Username is generated using user ID and the webinar's name it is not originated from e-mail address or other personal data. The password is never identical to the database password created by the participant. Diamond Congress Ltd. does not take responsibility for the content of these materials (e.g.: scientific reliability, originality, trade secrets, etc).
Erasure of data on request are fulfilled by an employee having access to data, in other cases, permanently, but at least the data will be supervised annually and if their storage is not necessary any more, they are erased by the entitled employees.
Do I have access to my data?
Conference participants may modify their data in the registration system. In case the modification does not work, please contact us, and we do the amendments.
How long are your data preserved?
In case your data are processed according to your consent and there is no other legal basis (e.g.: delivery of contract), we preserve your data, till you revoke your consent or there is no goal for the procession and you consent the erasure.
In case we process the data on contractual basis we preserve the data for 5 years from the termination of contract, those data which are bases for annual balance are preserved 8 years from the termination. After this time period we erase the data.
In case there is legal interest for the processing of data we preserve them till we may prove the legal interest; if there is no more legal interest, we store them for 5 years from the termination of the legal interest.
What shall I know about cookies, other loggings?
Furthermore during the use of our applications your browser may send us automatic information when you open or use a web address such data as: IP address, opened webpage, activity logging. We may get information about the used hardware as type, operation system, its settings or individual identities. These pieces of information depend on your settings, so we suggest to study the user’s menu, user’s guide regarding information-technology, -security before using the hardware.
Diamond Congress Ltd. informs you about cookies also on its homepage and ask for your consent. We do not collect, or store data accessed from cookies.
Why do I get newsletters, what rights do I have regarding newsletters?
Diamond Congress Ltd. sends newsletters (typically conference circulars) only if the data’s subject has given his consent (on paper in writing, in email, or ticked on the internet). We inform you at the bottom of the newsletter about your rights: about the possibility to unsubscribe, or to rectificate your data. In case you unsubscribe, your data will not be stored or processed any more for the goal of newsletter sending.
What kind of rights do I have regarding my data procession?
May unauthorized third person access to my personal data?
We speak about personal data breach in case your data is accessed by unauthorized third person, or there is a danger of accession.
No personal data breach occurred by Diamond Congress Ltd. in the last decades. The following possible risk may occur:
Hindering the above risks, Diamond Congress Ltd:
In case any of the employees of Diamond Congress Ltd. notice a personal data breach, they report it to the managing director, who appoints the person without delay, who is responsible for investigating within 24 hours: the data’s subject whose personal data have been injured, and the possible risks. She/he suggests without delay how to process the data breach and informs the director. The general manager decides about the necessary measures that are able to avoid, prevent but at least minder the damages.
In case the data breach has high risk for the rights and freedom of the data’s subject, Diamond Congress Ltd. informs the data’s subject about the data breach without reasonable delay with the following content at least: character of the breach, contact person and contact information, possible risks from the breach, measures for remedy.
Present data procession information enters into effect on the 20th of April 2020. Matters not regulated in the present information are governed by the GDPR and the relevant Hungarian regulations.
Budapest, 20 April 2020.
Attila Varga, managing director