DATA PROCESSING INFORMATION FOR MARKETING COMMUNICATIONS, EVENTS, AND WEBSITE VISITS
HT Division Private Limited Company (hereinafter: Data Controller) provides the following information to data subjects regarding data processing related to personalized marketing communications, event participation, and website usage:
Data Controller: HT Division Private Limited Company
Registration Number: 01-10-049780
Registered Address: 1068 Budapest, Városligeti fasor 38., Hungary
Email Contact: eva.elias@htdivision.com
Website: HTDIVISION.COM
Legal Representative: Karakus Suat Gökhan, Chief Executive Officer
I. DATA PROCESSING ACTIVITIES
1. Marketing Communications Data Processing (Newsletter)
Purpose of Processing: Establishing effective marketing communication, sending personalized messages to data subjects based on their behavior on the Data Controller's platforms.
Legal Basis: Your consent (Article 6(1)(a) of EU Regulation 2016/679).
Data Processed:
| Data Type | Purpose |
|---|---|
| Full Name | User identification |
| Email Address | Personalized communication |
Retention Period: Until withdrawal of consent.
Consequences of Not Providing Data: The data subject will not receive personalized service and promotions from the Data Controller.
2. Event Participation Data Processing
Purpose of Processing: Efficient service provision to participants at events, event documentation, promotion of events on the Data Controller's online platforms.
Legal Basis: Your consent (Article 6(1)(a) of EU Regulation 2016/679), which extends to unlimited use of photographs and video recordings of the data subject by the Data Controller.
Data Processed:
| Data Type | Purpose |
|---|---|
| Event Name | Ensuring proper entry on event day |
| Full Name | User identification |
| Email Address | Personalized communication |
| Photographs and Video Recordings | Event documentation and promotion |
Retention Period: Until withdrawal of consent.
Consequences of Not Providing Data: Event documentation and promotion will not be possible.
3. Cookie Management
Purpose of Processing: Efficient and user-friendly operation of the Data Controller's website.
Legal Basis: Your consent (Article 6(1)(a) of EU Regulation 2016/679).
Data Processed:
| Data Type | Purpose |
|---|---|
| Website usage information (visit time, duration, page views, clicks, search usage) | Ensuring users encounter relevant information on the website |
| Technical information (IP address, cookie ID, browser type, device type, Google/Facebook IDs, source page) | Ensuring users encounter relevant information and personalized offers |
| Statistical data usage | Statistical analysis |
| Automatically recorded technical data (IP address, session ID) | System operation and security |
Retention Period: Until withdrawal of consent.
Consequences of Not Providing Data: The data subject will not receive relevant information.
II. DATA PROCESSING
The Data Controller is entitled to engage data processors for certain technical operations or service provision in accordance with applicable regulations. Data processors are only authorized to execute the Data Controller's instructions and decisions.
The Data Controller engages the following data processors:
| Data Processor Name and Address | Scope and Purpose of Processing | Personal Data Categories | Processing Location | Legal Basis for Data Transfer |
|---|---|---|---|---|
| [To be specified] | e.g., security services | e.g., identification data | Hungary | Contract between Data Controller and Data Processor |
III. DATA SUBJECT RIGHTS
Data subjects may request information about the processing of their personal data and request rectification, deletion (at eva.elias@htdivision.com), restriction of processing, data portability, and legal remedy. In case of complaints, they may contact the National Authority for Data Protection and Freedom of Information in Hungary or a court of their choice.
1. Information and Access to Personal Data
Data subjects have the right to know what personal data the Data Controller stores about them and related processing information. Requests for access must be submitted in writing (email or postal mail). The Data Controller provides information in widely used electronic format, unless the data subject requests it in writing on paper.
Access rights cover:
- Scope of processed data, purpose, duration, and legal basis
- Data transfers: to whom data has been or will be transferred
- Data source identification
2. Right to Rectification and Completion
Upon written request, the Data Controller will rectify inaccurate personal data without undue delay and complete incomplete data as specified by the data subject.
3. Right to Restriction of Processing
Data subjects may request restriction of data processing in writing if:
- The data subject contests the accuracy of personal data
- Processing is unlawful and the data subject opposes deletion
- The Data Controller no longer needs the data but the data subject requires it for legal claims
- The data subject objects to processing pending verification of legitimate grounds
4. Right to Erasure (Right to be Forgotten)
The Data Controller will delete personal data without undue delay upon request if:
- Personal data is no longer necessary for the original purpose
- The data subject withdraws consent and there is no other legal basis
- The data subject objects to processing and there are no overriding legitimate grounds
- Personal data has been unlawfully processed
- Data was collected in relation to information society services directly offered to children
5. Right to Data Portability
Data subjects have the right to:
- Receive their personal data in a structured, commonly used, machine-readable format
- Transmit data to another data controller
- Request direct transmission to another data controller where technically feasible
6. Right to Object
Data subjects may object to processing of their personal data when processing is based on:
- Public interest (GDPR Article 6(1)(e))
- Legitimate interests (GDPR Article 6(1)(f))
IV. REQUEST FULFILLMENT DEADLINES AND PROCEDURES
The Data Controller will inform data subjects about actions taken without undue delay, but within one month of receiving any request under Section III.1-6. This period may be extended by two additional months if necessary, considering the complexity and number of requests.
V. LEGAL REMEDIES
Data subjects may exercise their rights through written requests sent by email or postal mail to the Data Controller.
Based on applicable laws, data subjects may:
- Contact the National Authority for Data Protection and Freedom of Information (1125 Budapest, Szilágyi Erzsébet fasor 22/c.; www.naih.hu)
- Enforce their rights in court
VI. COMPENSATION AND DAMAGES
Anyone who suffers material or non-material damage as a result of a violation of the Regulation is entitled to compensation from the Data Controller or data processor for the damage suffered.
VII. DATA BREACH MANAGEMENT
A data breach is a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data. The Data Controller maintains records of data breaches for monitoring, supervisory authority notification, and data subject notification purposes.
