Valid from: November 2024, 15
1. Data of the Data Controller
Company name: RKB Media Kft.
Headquarters: 1089 Budapest, Sárkány utca 6-10. 6th em. Door 26
Business Registration Number: 01-09-291509
Tax number: 13567020-2-42
Represented by: Gergő Bicsérdy, managing director
E-mail address: [email protected]
(hereinafter: Data Controller)
2. Purpose of the data management information
This data management information sheet contains data management related to the visitors of the www.rendeljkinait.hu website, the Data Controller's customers, subcontractors, contractual partners, and job applicants (hereinafter collectively: Data Subject).
In this data management information, the Data Controller informs the Data Subject about which data management activities it performs, in what manner and legal basis, and under what technical conditions.
3. Concept definitions
- Personal data: any information relating to an identified or identifiable natural person. A natural person can be identified who, directly or indirectly, in particular on the basis of an identifier such as a name, number, location data, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person can be identified.
- Data management: any operation or set of operations performed on personal data or data files in an automated or non-automated manner, such as collection, recording, systematization, segmentation, storage, transformation or change, query, insight, use, communication, transmission, distribution or making accessible in any other way by item, coordination or connection, restriction, deletion or destruction.
- Data controller: the natural or legal person, public authority, agency or any other body that determines the purposes and means of processing personal data independently or together with others. If the purposes and means of data management are determined by EU or member state law, the data manager or the special aspects regarding the designation of the data manager may also be determined by EU or member state law.
- Data processing: performing technical tasks related to data management operations (regardless of the method and tool used to perform the operations, as well as the place of application).
- Data processor: the natural or legal person, public authority, agency or any other body that processes personal data on behalf of the data controller.
- Data subject: any natural person identified on the basis of specific personal data or otherwise - directly or indirectly - identifiable. A person can be considered identifiable in particular if he can be identified - directly or indirectly - on the basis of a name, identification mark, or one or more factors characteristic of his physical, physiological, mental, economic, cultural or social identity.
4. Rights of the Data Subject
During data management, the Data Controller continuously ensures the rights set out in the GDPR, which are as follows:
- Right to information (GDPR (60) recital): The principle of fair and transparent data management requires that the Data Subject receives information about the fact and purposes of data management.
- The Data Subject's right of access (GDPR Article 15): The Data Subject has the right to receive feedback from the Data Controller as to whether his personal data is being processed, and if such data processing is in progress, he is entitled to access the personal data and the following get access to information:
- the purpose of data management,
- categories of Personal Data Subject,
- the recipients to whom the personal data were disclosed,
- the planned period of storage of personal data.
- Right to rectification (GDPR Article 16): The Data Subject has the right to have inaccurate personal data corrected without undue delay upon request by the Data Controller. Taking into account the purpose of the data management, the Data Subject is entitled to request the completion of incomplete personal data, including by means of a supplementary statement.
- The right to erasure ("the right to be forgotten") (GDPR Article 17): The Data Subject has the right to have the Data Controller delete the personal data relating to him without undue delay at his request, and the Data Controller is obliged to delete it without undue delay if any of the following reasons apply:
- the personal data are no longer needed for the purpose for which they were collected,
- the Data Subject withdraws his previously given consent and there is no other legal basis for data processing,
- the Data Subject objects to the data processing and there is no overriding legal reason for the data processing,
- personal data were handled illegally,
- it is necessary to delete the data to fulfill a legal obligation prescribed by EU or member state law.
- The right to restrict data processing (GDPR Article 18): The Data Subject has the right to request that the Data Controller restrict data processing if one of the following is met:
- dispute the accuracy of the data,
- considers the data processing illegal, but for some reason does not request the deletion of the data.
- The right to data portability (GDPR Article 20): The data subject has the right to receive the personal data concerning him/her provided to a data controller in a segmented, widely used, machine-readable format, and also has the right to transfer this data to another data controller forward it.
- The right to object (GDPR Article 21): The data subject has the right to object to the processing of his personal data at any time for reasons related to his own situation.
- Automated decision-making (GDPR Article 22): The data subject has the right not to be subject to the scope of a decision based solely on automated data management, including profiling, which would have legal effects on him or significantly affect him.
5. Principles for the management of personal data
GDPR II. Based on Article 5 of the chapter, the principles for the management of personal data:
Personal information:
- its handling must be carried out legally and fairly, as well as in a transparent manner for the Data Subject (legality, fair procedure and transparency);
- be collected only for a specific, clear and legal purpose (purpose limitation);
- they must be appropriate and relevant in terms of the purposes of data management and must be limited to what is necessary (data saving);
- they must be accurate and, if necessary, up-to-date (accuracy);
- its storage must take place in a form that enables the identification of the Data Subjects only for the time necessary to achieve the goals of personal data management (limited storage capacity);
- must be handled in such a way that adequate security of personal data is ensured through the application of appropriate technical or organizational measures, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage of data (integrity and confidentiality).
- The Data Controller is responsible for compliance with the principles, and must also be able to prove this compliance (accountability).
6. Data management activities at the Data Controller:
The Data Controller carries out the following data management activities concerning personal data.
Contact via email:
Purpose of data management: contact with the Data Controller, inquiries, requests for information
Categories of stakeholders: interested party, customer, partner
Types of personal data: name, email address, phone number, personal data provided in the message
Legal basis for data management: the Data Subject's consent [GDPR Regulation Article 6 (1) point a)]
Duration of data management: until consent is revoked, but at the latest until the end of the 1st year after the Data Controller replies to the message or the last contact
Contact via the "Contact" form on the website:
Purpose of data management: contacting the Data Controller for inquiries and requests for information
Categories of stakeholders: website visitor, interested
Types of personal data: name, email address, personal data provided in the message
Legal basis for data management: the Data Subject's consent [GDPR Regulation Article 6 (1) point a)]
Duration of data management: until consent is withdrawn, but at the latest until the end of the 1st year after the message is answered by the Data Controller
Contact via the "Media offer" form on the website:
Purpose of data management: contact with the Data Controller, request for cooperation, media offer
for the purpose of your request
Categories of stakeholders: interested person requesting an offer
Types of personal data: name, email address, personal data provided in the message
Legal basis for data management: the Data Subject's consent [GDPR Regulation Article 6 (1) point a)]
Duration of data management: until consent is withdrawn, but no later than the end of the 1st year after the offer was sent by the Data Controller, or - if cooperation takes place - until the end of the 5th year from the completion/termination of the contract
Data management related to Order China club membership:
Purpose of data management: Join the Order China club
Categories of stakeholders: A person joining the Order China club
Types of personal data: surname, first name, email address
Legal basis for data management: the Data Subject's consent [GDPR Regulation Article 6 (1) point a)]
Duration of data management: until consent is withdrawn, but at the latest until leaving the RendeljKínait club
Send newsletter:
Purpose of data management: sending a newsletter to Order China club members
Categories of stakeholders: Order China club member/newsletter subscriber
Types of personal data: surname, first name, email address
Legal basis for data management: the Data Subject's consent [GDPR Regulation Article 6 (1) point a)]
Duration of data management: until the withdrawal of consent, i.e. about sending the newsletter
until unsubscribing
Participation in a prize draw:
Purpose of data management: participation in a prize draw for RendeljKinait club members
Categories of stakeholders: Order China club member
Types of personal data: name, email address
Legal basis for data management: the Data Subject's consent [GDPR Regulation Article 6 (1) point a)]
Duration of data management: until the consent is withdrawn, but no later than the prize draw
until the end of the 1st year following its closure
Sending a prize product to the winner of a prize draw:
Purpose of data management: sending a prize product to the winner of a prize draw
Categories of stakeholders: prize draw winner
Types of personal data: name, email address, telephone number, postal address
Legal basis for data management: the Data Subject's consent [GDPR Regulation Article 6 (1) point a)]
Duration of data management: until the consent is withdrawn, but no later than the prize draw
until the end of the 1st year following its closure
In the case of some prize games, it may happen that the Data Controller forwards the winner's data to the partner providing the prize product in order to deliver the prize product to the winner. In order to obtain consent for data transmission, the Data Controller will contact the winner in advance. The data may only be forwarded to the partner based on the consent of the winning person. In such cases, the Data Controller provides the Data Subject with information about the identity and contact information of the partner providing the prize product.
Write an opinion in the People's History section:
Purpose of data management: writing reviews about products
Categories of stakeholders: person writing an opinion
Types of personal data: name, email address
Legal basis for data management: the Data Subject's consent [GDPR Regulation Article 6 (1) point a)]
Duration of data management: until the consent is withdrawn, i.e. until the opinion is requested to be deleted
In the Demography section of the website, the initials and first names of the Data Subject are displayed. The Data Subject can write a review by logging into their Facebook or Google account. The Data Controller does not see the data of the Data Subject's Facebook or Google account.
Data management related to applying for a job application:
Purpose of data management: application for a job application
Categories of stakeholders: a person applying for a job application
Types of personal data: name, email address, other data provided by the job applicant in the CV: personal data, contact details, data on competences, education and practical experience, photo
Legal basis for data management: the Data Subject's consent [GDPR Regulation Article 6 (1) point a)]
Duration of data management: in the case of an unsuccessful application: until the end of the 1st month after the end of the recruitment procedure, in the case of a successful application: until the end of the 1st year after the termination of the employment relationship
The Data Controller may use a subcontractor to filter the application materials and conduct the admission process, which subcontractor is considered a data processor in terms of handling personal data. If the Data Controller uses a subcontractor, it will provide job applicants with specific information about the fact, as well as the person and contact information of the data processor.
(contractual) cooperation with partners, subcontractors, and other persons
processing of personal data obtained during:
Purpose of data management: contact necessary to fulfill the contract
Categories of stakeholders: partner (customer, supplier principal, subcontractor, service provider) contact person
Types of personal data: name, email address, telephone number, position
Legal basis for data management: legitimate interest [GDPR regulation Article 6 (1) point f)
Duration of data management: until the end of the 1st year from the completion/termination of the contract
7. Appearance of the Data Controller on social media platforms:
The operators of social media interfaces are considered independent data controllers, therefore the data management principles of the respective service providers apply to the activities carried out on social media interfaces.
The Data Controller is available on the following social media platforms:
Facebook: operated by: Meta Platforms Ireland Ltd. (head office: Merrion Road, Dublin 4 D04 X2K5, Ireland)
Instagram: operated by: Meta Platforms Ireland Ltd. (head office: Merrion Road, Dublin 4 D04 X2K5, Ireland)
YouTube: operated by Google Ireland Ltd. (head office: Gordon House, Barrow Street, Dublin 4, Ireland)
8. Data processors:
The Data Controller uses the following data processors for data management activities:
Name of data processor | Data processor data | Data processing task |
DigitalOcean, LLC. | Headquarters: 101 6th Ave New York, NY 10013 | hosting service (The data processor in regards to that GDPR on the part of the data controller 44-49. according to its articles data is being transferred.) |
Zoho Corporation BV | registered office: Beneluxlaan 4B, 3527 HT Utrecht, Netherlands | mail system service |
Google Ireland Ltd. | Headquarters: Gordon House, Barrow Street, Dublin 4, Ireland | mail system service |
SalesAutopilot Kft. | seat: 1016 Budapest, Zsolt utca 6/A. 5th em. Door 1 company registration number: 01-09-286773 | newsletter system operation |
9. Information about cookies:
The website uses necessary cookies typical of news portals, which ensure the optimal functioning of the website and do not contain personal data. However, some services provided by third parties may use additional cookies that can even collect personal data, which is detailed in the sections for each service.
Cookies are small data files that are transferred to the computer of the website visitor (hereinafter: Visitor) via the website, and are saved and stored by the Visitor's internet browser. The majority of the most commonly used Internet browsers (Chrome, Firefox, etc.) accept and enable the download and use of cookies as a default setting, but it is up to the Visitor to refuse or disable them by changing the browser's settings, and the Visitor can delete the cookies already stored on the computer you can also delete cookies. The "help" menu item of each browser provides more information on the use of cookies.
Purpose of data management: identification of users, monitoring of visitors, ensuring the proper functioning of the site
Categories of stakeholders: website visitor
Types of personal data: identification numbers, dates, times
Legal basis for data management: CVIII of 2001 on certain issues of electronic commercial services and information society services. Act (Elkertv.) 13/A. (3) of § Consent from the Data Subject is not required if the sole purpose of the use of cookies is the transmission of information via an electronic communication network or if the service provider absolutely needs it to provide a service related to the information society specifically requested by the subscriber or user.
Duration of data management: the period until the end of the relevant visitor session
Description of the Data Subject's rights related to cookie settings: The Data Subject has the option to delete cookies in the Tools/Settings menu of the browser, usually under the settings of the Data Protection menu item. Furthermore, it is possible to enable/disable the use of cookies per category or as a whole in the footer Consent settings by clicking the button. Please note that essential cookies are always used to ensure the basic functionality of the website, but they do not contain personal data.
List of cookies used on the website
10. Application of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses so-called "cookies", which are text files placed on your computer, to help the website analyze how users use the site.
The information generated by the cookie about the website used by you is typically stored and stored on a Google server in the USA. By activating IP anonymisation on the Website, Google will first abbreviate the User's IP address within the European Union or in other states party to the Agreement on the European Economic Area.
The full IP address will only be transmitted and truncated to Google's server in the United States. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage.
Within the scope of Google Analytics, the IP address transmitted by the User's browser is not combined with other Google data. The User can turn off the storage of cookies by setting the appropriate settings in their browser, and delete cookies, but please note that in this case, not all functions of this website will be fully usable. You can also prevent Google from collecting and processing the User's website usage data (including IP address) through cookies by downloading and installing the option available at the following link browser plugin.
More information can be found in Google's Privacy Policy, which On this link available.
11. Application of Google Recaptcha v3
The Contact and Media Offer forms use Google Recaptcha v3 to filter out spam bots. Recaptcha is a Google service that, running in the background and invisible to the user, collects data about interactions on the page and analyzes this data to decide whether the user is a human or a robot. Recaptcha also uses cookies to collect data. Further details of data management by Google Privacy Policy and Terms of Service are found in documents.
12. Application of Facebook Pixel
On our website, we use the Facebook Pixel service, which is an analytical tool of Facebook that can be used to measure the effectiveness of advertising activity and to learn about the actions performed by visitors on the website. The Facebook Pixel uses so-called "cookies", text files that are saved on your computer, thus facilitating the analysis of the use of the website visited by the User.
The User can turn off the storage of cookies by setting the appropriate settings in their browser, and delete cookies, but please note that in this case, not all functions of this website will be fully usable.
Data management takes place on the Facebook social media site, so the duration and method of data management, as well as the options for deleting and modifying data, are subject to the regulations of the social media site.
13. Advertisements
We would like to inform you that on the Website Infinety Invest Kft. (headquarters: 1037 Budapest, Montevideo utca 3/B., company registration number: 01-09-176429) (hereinafter: Infinety Invest) places cookies on your computer and/or mobile device for direct business purposes in connection with external advertisements, which Infinety Invest may transfer it to third parties for the purpose of data sales or other use. These third parties are advertisers, agents and other business partners with a contractual relationship with Infinety Invest. We would like to inform you that Infinety Invest is the data controller for the management of these cookies. For more information about the cookies placed by Infinety Invest, please visit the website www.infinety.hu. Infinety Invest Privacy Policy
Rules On this link available.
On the Website, Natív Hirdetés Kft. (headquarters: 1064 Budapest, Podmaniczky utca 57. 2. em. 14., company registration number: 01-09-28181) places external advertisements, in order to secure which it is essential that it manages the Users' personal data. More information can be found in the Company's data management information sheet, which On this link available.
The Data Controller operates a Google Adsense account in order to place advertisements on the Website. Google and its partners use cookies to display personalized ads based on Users' visits to this and other websites. You can unsubscribe from personalized ads by In Google Ads Center. Alternatively, a www.aboutads.info you can also disable the use of third-party cookies for personalized advertising by visiting this website. More information from in Google's Privacy Policy It is located.
14. The right to complain about data management and the right to a legal remedy:
Right to complain:
The Data Subject can file a complaint about the handling of personal data with the National Data Protection and Freedom of Information Authority.
National Data Protection and Freedom of Information Authority contact information:
Headquarters: 1055 Budapest, Falk Miksa utca 9-11.
Postal address: 1363 Budapest, Pf. 9.
Phone: +36 1 / 391-1400
Email: [email protected]
More details here: www.naih.hu
Right to go to court:
The Data Subject may apply to court in case of violation of his rights by the Data Controller. The Data Subject is free to decide whether to file his claim with the competent court according to his place of residence or place of residence. The contact details of the courts: https://birosag.hu/ugyfeleknek/birosagok/torvenyszekek
15. Legislation on which data management is based:
- Regulation (EU) 2016/679 of the European Parliament and of the Council (April 2016, 27) on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, and on the repeal of Directive 95/46/EC (general data protection regulation, GDPR)
- CXII of 2011 law on the right to informational self-determination and the
on freedom of information (Info tv.) - Act V of 2013 on the Civil Code (Ptk.)
- CXIX of 1995 Act on the handling of name and address data for the purpose of research and direct business acquisition (DM Act)
- CVIII of 2001 Act on certain issues of electronic commercial services and services related to the information society (Elker Act)
- XLVIII of 2008 Act on the Basic Conditions and Certain Limitations of Economic Advertising Activities (Grt.)
- XLVII of 2008 Act on the Prohibition of Unfair Commercial Practices towards Consumers (Fttv.)
- Act C of 2003 on electronic communications