The purpose of this guide is to help you understand all the important information about Cordelia Foundationcollecting and handling your personal data in connection with itsevents.
Cordelia Foundation for the Rehabilitation of Torture Victims:
- Address: 1133 Budapest, Kárpát street 1/b. VI/24.
- Tax number: 18083299-1-41
Management of your data takes place in line withRegulation (EU) No 2016/679/EU of the European Parliament and of the Council of 17 April 2016 (general data protection, hereinafter referred to as GDPR) on the repeal of Regulation 95/46/EC and the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as well as in line with CXII of 2011 on Information Self-Determination and Freedom of Information; Act (Infotv.).
This is possible under GDPR Article 6 (1), as you consent to the processing of your data. With respect to any data you manage, we provide, as warranted, the protection that GDPR establishes for the handling of special data.
What do we do and why?
We handle the following information:
- a) your name;
- b) your email address as contact information;
- c) (your) pictures taken at the event.
The purpose of the data managementis a) to ensure the visibility of the event on Cordelia’s communication surfaces; and ) to fulfil reporting requirements during an audit of our activities.
The legal basis for data management is a) thatCordeliacan provide a record of its activities during a donor audit [both Article 6 (1) c of the GDPR].]; b) your consent for the processing and handling of your personal data [Article 6 (1) (a) GDPR]; c) and that in the case of potential donor claims it is the interest ofCordelia to prove the provision of the service, as well as the payment event participants are entitled to according to the project documentation [Article 6 (1) (f) GDPR].
Who can access your data?
The data controller is Cordelia Foundation (registered office and postal address: 1133 Budapest, Kárpát street 1/b. VI/24.). Your data will be made available to the Cordelia staff who are responsible for event planning, communication, and implementation of the project concerned, or for an audit, by the staff of the audit organization. The managed data will not be made available by Cordelia in any other form than those listed without your express prior consent.
What organizational and security measures do we use to protect your data?
Only the persons listed above have access to your data. Cordeliahandles your personal information with access restrictions on the Foundation’s own server, as well as on paper in locked cabinets.
How long will we conduct your data?
Data will be handled until the consent is withdrawn, but no longer than five years from the date of the event organized by Cordelia. The data will also be retained for the withdrawal of consent for the purposes of verifying the participants of the event during the inspection for a period of five years under Article 6 (1) (c) and (f) of the GDPR. If at the end of the above deadlines, either a legal process initiated by Cordelia or by you or by others is still in submission, validation or protection by Cordelia, the data will be deleted upon final termination of this procedure takes place.
Can you request that your data be erased, corrected, or restricted?
You can request erasing of your data if you consider the data processing to be unlawful, when the data management is no longer necessary for the purposes for which the data processing was carried out or when the data should be deleted on the basis of a legal obligation of the European Union or the Member State.
To correct your data you canask for rectification of your data, in case of incorrect data recording or any change in your data.
You may also object to the management of the data after the provision of the service, in which case your data will be deleted, unless we can prove that the data management is justified by compelling legitimate reasons that take precedence over your interests, rights, or to bring legal claims, relating to the validation or protection of the contact.
How to access your personal information and what legal remedies are available?
You can request information from Cordelia Foundation about the personal data we are processing, the way we handle it and request a copy of the personal information. These requests are made free of charge.
Your privacy and access rights – just to protect your data – can only be provided after prior identification. Therefore, please submit your requests, statements, and complaints related to data management in writing.
If your personal information is unlawfully handled or in case of a violations of your rights of self-determination of information you can turn to the (Metropolitan) Court of Budapest(Fővárosi Törvényszék) (1055 Budapest, Markó u. 27. Mailing address: 1363 Bp. Pf. 16).
Alternatively, you may turn to the relevant court in your place of residence or to the National Authority for Data Protection and Freedom of Information(Nemzeti Adatvédelmi és Információszabadság Hatóság) (1135 Budapest, Szilágyi Erzsébet fasor 22 / C., www.naih.hu).