Data Processing

 

I. INTRODUCTION

 

Bitai Ügyvédi Iroda / Bitai Law Firm (hereinafter referred to as „Law Firm”) is committed to protecting

personal data of its clients and partners, with special regard to respecting the right of informational self-

determination of its clients. The Law Firm manages personal data as confidential information and takes

all safety, technical and organizing measures to ensure the protection of data.

Bitai Law Firm hereby informs its clients and the visitors about the personal data processed by it, the

practice followed in course of processing personal data, the measures taken in order to protect

personal data, and about the way and possibilities of exercising the rights of data subjects.
 

This document on privacy policy sets out the following:

 

·         The type of your personal data we collect and process in the course of partnership or client

·         relationship related to our website, newsletter and online services;

·         Where we gain such data from;

·         What we use such data for;

·         How we store such data;

·         Whom we forward such data to/ provide access to such data;

·         How we observe your data protection rights;

·         How we comply with data protection provisions.

 
The privacy policy principles are in line with effective data protection regulations, thus especially with

the following:

✦ Act CXII of 2011 on the Right of Informational SelfDetermination and on Freedom of Information

(hereinafter referred to as Privacy Act);

✦ Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on

the protection of natural persons with regard to the processing of personal data and on the free

movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation,

GDPR);

✦ Act V of 2013 on the Civil Code (Civil Code);

✦ Act C of 2000 on Accounting (Accounting Act);

✦ Act CXXXVI of 2007 on the Prevention and Combating of Money Laundering and Terrorist Financing

(PCMLTF);
 

II. DATA PROCESSOR

Name: Bitai Ügyvédi Iroda / Bitai Law Firm

Postal address: 1021 Budapest Tárogató út 47-49.

Managing Attorney at Law: Dr. Bitai Zsófia LL.M.

Registration: Budapest Bar Association, reg.no. 36057691

Email: info@bitailegal

www.bitailegal.com
 

III. WHAT TYPE OF PERSONAL DATA DO WE COLLECT?

 

Data management by the Law Firm is based on contract, voluntary consent, general business interest

of the parties involved and on relevant legislation. In case of data management subject to voluntary

consent you are entitled to revoke your consent at any stage of data management and you are entitled

to practice your right related to the access, rectification, restriction and erasure of your data.
Any information suitable for identifying you, e.g. your name, contact info etc. and information related to the usage of our website by which you are directly or indirectly identifiable, constitute personal data.

 

We may collect personal data when you browse our website, participate at our events, sign up for our legal newsletter or contact us etc.

 

 

We collect personal data, particularly the following type:

·         First name

·         Surname

·         Company name

·         Email address

·         Photo

·         Information related to browsing our website, our pages on Facebook and Linkedin;

·         Any form of communication with or addressed to us, in letter, email, by phone, or via social media.

·         Your location based on the real time IP address of your computer or device, when using location based services and allow this function on your computer or device.
 

IV. WHY, HOW LONG AND WHAT DO WE USE YOUR PERSONAL INFORMATION FOR?

 

Personal data is primarily used for direct business relationship based on contract, legitimate interest or user consent. No further notification is provided to you, all issues related to privacy policy are defined in this document. You have the right to decline the management of your data for general business or client relationship. In this case, your data will no longer be processed for such purposes.

If your data is collected for purposes other than business relationship, we notify you about the relevant regulatory provisions and request your preliminary written consent.

 

 
We may use your personal data for the following purposes:

·         keeping business contact,

·         attorney-client communication,

·         contacting, legal newsletters, organizing events, writing publications and articles,

·         organizing events connected to the professional activities of the Law Firm

·         Administrative and legal purposes: your data is used for statistical and marketing analyses, remarketing/marketing purposes, system testing, customer satisfaction surveys, maintenance and development purposes as well as for litigating disputed issues or legal claims. Please note that based on your data we may do profiling for statistical and marketing analyses. For profiling we will need your preliminary consent and we seek to use the data adequately. By submitting any personal data, you expressly agree that we may use them for profiling purposes in accordance with this privacy policy;

·         Security and administrative measures, health protection, prevention/detection of crime: in compliance with our legal obligation we are entitled to provide personal data to authorities and law enforcement agencies;

·         Client service communication: we use your data to keep in touch with you, our clients, and to improve our services and your user experience;

·         Marketing: from time to time we will send you marketing materials electronically about our services, legal news, our events etc., if you agreed to receive such materials. In this case you can indicate whether you wish to subscribe or unsubscribe from such emails. In addition, in all forms of electronic communication you may indicate that you do not want to receive direct marketing materials from us anymore
We process your personal data only for those purposes and cases in which we have the legal basis to do so. The legal basis depends on the purpose of collecting and processing personal data.

 

We may process your personal data for the following reasons, as well:

·         You agreed to the processing of your personal data (e.g. for marketing purposes);

·         To protect your or another person’s fundamental interests (e.g. in case of emergency);
Children of minimum 16 years of age may give their personal consent. For minors below this age, parents or legal guardians shall provide consent.

We retain your data until the consent is withdrawn or the statutory deadline expires.

 

We do not retain your data after the purpose of processing is achieved. When determining the appropriate retaining time, we take into account the quantity, nature and sensitivity of personal data and the purpose of processing them and we consider whether these purposes may be achieved by other means.
 

V. DISCLOSING YOUR PERSONAL DATA

 

In order to comply with data protection purposes we may disclose your data to other law firms included by the same network as the Law Firm, to our contractors, associated and cooperating law firms and attorneys within the European Union in order to process data obtained through our website and/or to operate, maintain or manage our website, its services and content in accordance with this privacy policy. We do not disclose your personal data to third countries or international organizations outside the European Union.
We will notify you before disclosing your personal data to any service provider located outside the European Economic Area.

When using external companies or professionals for processing those personal data which were not provided by you, these companies or professionals are entitled to process such data exclusively in the course of performing the particular task, ensuring compliance with this privacy policy.
 

International data exchange

 

We disclose personal data to countries outside the European Economic Area only if the following conditions are met:

 

·         if the transmit of data takes place at a location considered by the European Commission as secure for protecting personal data; or

·         if we have taken the appropriate measures, for instance we entered into an agreement with a data recipient regarding the transmit of data corresponding to the measures defined by the European Commission or a data protection authority. You may request a copy of such agreements via our contact; or

·         if you consented to the transmit of your data, or we are legally entitled to do so.
 

In addition, we may disclose your personal data to the following external parties in accordance with the objectives of this privacy policy:

Our permanent partners:

·         Hosting provider: MikroVPS Kft. (1096 Budapest, Sobieski János utca 19-21/A)

·         Accounting services: Globalprofit Kft. (1064 Budapest, Izabella utca 77. 3. em. 3.)

·         Web development services: Borítás Viktor

·         Marketing service providers: Princz Viktória

·         System Administrator: Kornos Péter

·         Associated/Cooperating Attorneys: Dr. Drjenovszky Katalin, Dr. Mosolygó Mónika and Dr. Tréki-Tóth Péter

·         Regulatory Manager: Dr. Tóth Karolina e.v. Amsztmann Róbert e.v. (1021 Budapest, Hűvösvölgyi út 64-66.)

·         Technical consulting: MIX Bt. (1224 Budapest Kakukkhegyi út 11.), Amsztmann Róbert e.v.

·         Email marketing platform: MailChimp (The Rocket Science Group, LLC 675 Ponce de Leon Ave

·         NE Suite 5000 Atlanta, GA 30308 USA)

·         Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2)

·         Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)

·         Government authorities, regulatory bodies; we disclose your data in compliance with legal provisions when it is required for the prevention and detection of fraud or criminal offense and/or for the maintenance of network and data security;

·         Reliable service providers assisting our work, including agencies to support postal or courier services, newsletter distribution, promotions, games with marketing, remarketing and email marketing service providers of cloud based services;

·         Legal and other specialized advisors, courts and enforcement agencies;

·         Social media: you may access social media services of third parties via our website. Please check out the privacy policy of such social media service providers in order to learn more about the procedures.
 

VI. STORING PERSONAL DATA, SECURITY OF DATA MANAGEMENT

 

The Law Firm performs electronic data processing and storing with the help of an IT software conforming to data security provisions. The software ensures that under controlled conditions only authorized persons shall have access to the specific data when it is necessary for them to perform their work. IT systems are protected by firewall and virus protection. The IT systems and other data storage devices are located at the registered seat, its branch office and its data processors. The Law Firm ensures that under controlled conditions only authorized persons shall have access to the specific data when it is necessary for them to perform their work.

 

When selecting and operating IT tools for personal data management the Law Firm pays special attention to ensure that:

·         processed data is accessible only for authorized persons (availability);

·         the validity and authentication of data is guaranteed (credibility of data management);

·         the integrity of processed data can be verified (data integrity);

·         processed data is protected against unauthorized access (data confidentiality).

 

The Law Firm takes all necessary measures to protect personal data, in particular from unauthorized access, rectification, forwarding, publishing, erasure or destruction, as well as from accidental destruction, damage or inaccessibility due to the changing of applied technology.

In order to protect electronically managed data in its registers the Law Firm ensures that stored data cannot be directly linked to data subjects – unless it is permitted by law.

With regard to the current development level of technology the Law Firm ensures the protection of data by technical, organizational and structural measures providing appropriate level of protection against any data management risks that may occur.
When managing data, the Law Firm ensures

·         confidentiality: protects data so that only authorized persons can have access to them;

·         integrity: protects the accuracy and integrity of data and of the method of processing;

·         availability: ensures that when an authorized person needs to access information they are able to do so, and all necessary tools are available.
 

VII. CONTACTING

 

You can contact data processor via the contact information indicated in this document and on the website.

The Law Firm deletes all received emails with the name and email address of the sender, the date, time and any other personal data contained in the email after maximum five years.
 

VIII. OTHER DATA MANAGEMENT

On other data management not included here, we inform the data subject when submitting such data.

Please note that required by the court, prosecutor’s office, investigating authority, offence authority, administrative authority, the Hungarian National Authority for Data Protection and Freedom of Information, the Central Bank of Hungary and relevant regulations data processors may be required to provide access to personal data.

 

If the authority indicated the exact purpose and type of required data, the Law Firm may disclose such data only to the extent that is absolutely necessary for the purpose of the request.
 

XI. COOKIES, TRACKING, WEB ANALYTICS, SOCIAL MEDIA INTEGRATION AND GOOGLE ADWORDS COOKIES

 

For providing customized services the service provider places small files (so called cookies) to the user’s computer which carry information from one visit to the next. When the browser sends a previously saved cookie, the service provider may link the user’s visit to previous one(s) related exclusively to its own content.
 

Purpose of data management: to identify users, differentiate them, to identify the current sessions of users, to store data submitted during these sessions, to prevent data loss, the track users and to conduct web analytics.

The legal basis for data management: data management for statistical and direct marketing purposes, provision of appropriate user experience and proper functioning of the website (legitimate interest of data subjects) and/or the consent of data subjects.

Managed personal data: 185.51.191.25
The HTML code of websites operated by data processor may contain external links from independent, external servers with reference to external servers for web analytics purposes. Analytics cover the tracking of conversions. The web analytics service provider manages data exclusively related to web browsing and does not manage personal data suitable for identifying users. Currently, web analytic services are performed by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043), in the course of Google Analytics services.
Data processor runs so called remarketing advertisements via Facebook and Google AdWords advertising channels. These service providers may collect or gain data from the website of data processor and other sites through cookies, web beacons and related technologies. By gathering and analyzing such data they provide analytic services and target advertisements. Ads targeted this way are then launched on multiple sites within the partner network of Facebook and Google. Remarketing lists do not contain personal data of visitors, they are not suitable for personal identification.
Users may block the usage of cookies on their own computer/device and may prohibit them with their browser. These settings –depending on the particular browser- can typically be reviewed at Tools/Settings/Privacy/History/Customized settings tab. Potential consequences of the lack of data management: the functions of the website are not completely available, analytics are inaccurate.
 

Google Analytics

 

The websites of our Law Firm may use Google Analytics services, provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) („Google“) as web analytics services. Google Analytics uses cookies.
Your IP address is identified by Google Analytics cookies. Before storing or analyzing the address it is shortened hence anonymized, when it is technically possible.

After anonymizing personal data, they lose personal attributes.

Anonymization takes place within the European Union and the European Economic Area. The complete IP address is transmitted for shortening to the Google server located in the U.S. only in exceptional cases.

We use data collected by Google Analytics cookies to analyze user behavior of visitors to our website.

Google does not merge your IP address gained from its browser related to Google Analytics services with other data.

You may block the storage of Google Analytics cookies in your browser settings (for more information please read point VI. on cookies). Please note that by blocking cookies you may not be able to use all functions of the website.

In addition, you may refuse to have your data analyzed by Google Analytics by downloading and installing the browser tool from here: http://tools.google.com/dlpage/gaoptout?hl=en.
 

Google Remarketing

 

On our website we use Google Remarketing, the remarketing service by Google, as well.

These service providers may collect or gain data from the website of data processor and other sites through cookies, web beacons and related technologies. By gathering and analyzing such data they provide analytic services and target advertisements. Ads targeted this way are then launched on multiple sites within the partner network of Facebook and Google. Remarketing lists do not contain personal data of visitors, they are not suitable for personal identification.

You can block the use of Google cookies in the Google ad settings. Via the unsubscribe tab of Network Advertising Initiative you can block the cookies of external service providers, as well.
 

Facebook Remarketing

 

On our website we use the so called Facebook pixel operated by Facebook Inc. (1 Hacker Way, Menlo Park, CA 94025, USA), or Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) („Facebook“) within the EU. By Facebook pixel Facebook can manage visitors to our website as a target group to launch ads (so called Facebook ads). Accordingly, we use Facebook pixel to ensure that embedded Facebook ads appear for those targeted users who may be interested to see our offers. Hence Facebook pixel is suitable for customizing Facebook ads to potential fields of interest of users and avoid irrelevant information spamming. In addition, with the help of Facebook pixel we can analyze the efficiency of our Facebook ads for statistics and market research revealing whether visitors to our website clicked on a Facebook ad to find us.

When opening our website Facebook directly embeds Facebook pixel which places a cookie (a small file) on your device. When signing in to Facebook again, or visiting Facebook sites while signed in, your visit to our website is recorded in your profile. Data gained about you this way are completely anonymous for us, therefore we are not able to identify you. Such data are stored and analyzed by Facebook thus they can be linked to the user’s profile. Facebook manages data in accordance with its own privacy policy. You may find more information on remarketing pixel and Facebook ads in general at: https://www.facebook.com/policy.php. You can block data storage by Facebook pixel and the usage of your data for targeting Facebook ads.

In order to do so open your Facebook page and follow the instructions on customizing settings at: https://www.facebook.com/settings?tab=ads, for the US site visit: http://www.aboutads.info/choices/, for the EU site visit http://www.youronlinechoices.com/. Settings are platform neutral hence they apply to computers and mobile devices alike.
 

Facebook button

 

Our websites display the social plugins of Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) („Facebook“). Plugins are displayed as Facebook icons (white letter „f” in a blue box, „Like” icon with a thumb up) and „Facebook Social Plugin“. The list and descriptions of Facebook social plugins are available here: https://developers.facebook.com/docs/plugins/.

 

When using a function which contains any of the above plugins, your device is directly linked to Facebook servers. The content of the plugin is transmitted to your device directly by Facebook. From the processed data user profiles can be generated. We cannot influence what kind of data is gained by Facebook by plugins therefore we inform users based on our information.

By embedding plugins Facebook is notified that you opened the particular website. If you are signed in to your Facebook account, the information on this visit can be linked to your Facebook account. When interacting with the plugin, for instance you click on the Like button or comment, the data are directly transmitted from your device to Facebook and will be stored by Facebook. If you are not registered to Facebook, your IP address may still be stored by Facebook.

 

For more detailed information on the objectives and scope of gaining, processing and using data by Facebook as well as on the right of protection of privacy and settings visit the privacy policy of Facebook at: https://www.facebook.com/about/privacy/.

If you are registered to Facebook and do not want Facebook to gain data when visiting our website and link them to your Facebook profile, please sign out of Facebook and delete cookies before using our online functions. For further settings and blocking of data for advertising purposes please visit your

Facebook profile settings: https://www.facebook.com/settings?tab=ads, the US site is available at: http://www.aboutads.info/choices/, the EU site is available at: http://www.youronlinechoices.com/. Settings are platform neutral hence they apply to computers and mobile devices alike.
For more information on Google and Facebook privacy policy visit: http://www.google.com/privacy.html and https://www.facebook.com/about/privacy/
 

X. SOCIAL MEDIA SITES

 

Our Facebook site:

Our Law Firm operates the following Facebook sites:

www.facebook.com/bitailegal

Only those data are available for us on your Facebook profile which are public, therefore the information accessible for us is subject to your Facebook account settings on your publicly available information. In Facebook privacy settings you can set which information you wish to display publicly and which you want to restrict (e.g. your photos, list of friends may be displayed for your friends only).
On our Facebook site we may gain data from you when you:

·         follow us

·         like our page

·         comment on, like our photos or posts

·         post a review of our page

·         upload a photo or other content to our page

·         send us a private message

·         add a visitor post to our page

 

In any case, we manage your data solely for the purpose of responding to you, your Facebook data will not be retrieved.
 

XI. YOUR PRIVACY RIGHTS, LEGAL REMEDIES

 

You may request information on the use of their personal data, furthermore may request correction and, with the exception of compulsory data processing, erasure or revocation of such, may exercise your right to recording and to object as indicated at the time of data recording a well as via the contacts of data processor specified above.