top of page

Privacy Policy

1. Purpose of the Privacy Policy

​

The Cultural Innovation Competence Center Association (7626 Pécs, Koller u. 5/2., hereinafter referred to as Association, service provider, data controller), as data controller, acknowledges the content of this legal notice as binding.
The Association commits to ensure that all data processing related to its activities complies with the requirements set forth in this policy and applicable national legislation, as well as the legal acts of the European Union.
The data protection guidelines related to the Association's data processing are continuously available at www.kikk.hu/kikk/adatkezeles.
The Association reserves the right to modify this notice at any time. Of course, it will notify its audience of any changes in due time. If you have any questions regarding this notice, please write to us, and our colleague will answer your question.

The Association is committed to protecting the personal data of its clients and partners, and considers respecting its clients' right to informational self-determination of paramount importance.
The Association treats personal data confidentially and implements all security, technical, and organizational measures that guarantee the security of data.
The Association describes its data processing practices below.

​

2. Data Controller Information

​

If you wish to contact our Association, you can reach the data controller at 72/212-863 and info@kikk.hu.
The Association deletes all received emails along with personal data after no more than 5 years from the date of data submission.

Name: KIKK Association
Headquarters: 7624 Pécs Széchenyi tér 7-8.
Registration number: 2643
Registering court: Baranya County Court
Tax number: 18328040-1-02
Phone number: 72/212-863
Email: info@kikk.hu

​

3. Scope of Personal Data Processed

​

3.1. Personal Data Required When Filling Out the Contact Form on the Website


Contact with our Association through the website is made via a form that requires the following mandatory data:

  • name

  • email address

optional data:

  • phone number

We do not collect more data than necessary.

​

3.2. Technical Data

​

The Association selects and operates IT tools used for personal data processing in service provision so that the processed data:

  • is accessible to authorized persons (availability);

  • authenticity and authentication are ensured (authenticity of data processing);

  • integrity can be verified (data integrity);

  • is protected against unauthorized access (data confidentiality).

The Association protects data with appropriate measures against unauthorized access, modification, transmission, public disclosure, deletion or destruction, as well as accidental destruction.
The Association implements technical, organizational, and structural measures to protect the security of data processing that provides an appropriate level of protection for risks associated with data processing.
During data processing, the Association maintains confidentiality:

  • protects information so that only those authorized can access it;

  • maintains integrity: protects the accuracy and completeness of information and processing methods;

  • ensures availability: ensures that when authorized users need it, they can actually access the desired information and related tools are available.

​

3.3. Cookies

​

3.3.1 Purpose of Cookies

​

  • collect information about visitors and their devices;

  • remember visitors' individual settings that may be used during online transactions, eliminating the need to re-enter them;

  • facilitate website usage;

  • provide quality user experience.

To provide customized service, it places a small data package, called a cookie, on the user's computer and reads it back during later visits. If the browser returns a previously saved cookie, the cookie service provider can link the user's current visit with previous ones, but only regarding its own content.

 

3.3.2 Essential Session Cookies

The purpose of these cookies is to allow visitors to browse the Association's website seamlessly and smoothly, use its functions, and access available services.
These types of cookies are valid until the end of the session (browsing), and when the browser is closed, this type of cookie is automatically deleted from the computer or other device used for browsing.

​

3.3.3 Third-Party Cookies (Analytics)

​

The KIKK Association's website also uses Google Analytics cookies as third-party cookies. Using Google Analytics statistical service, the Association collects information about how visitors use the websites.
This data is used to improve website development and user experience. These cookies also remain on the visitor's computer or browsing device in their browser until expiration or until the visitor deletes them.

​

3.4. Newsletter-Related Data

The Association's newsletter is sent through the Mailchimp mailing system, which operates in compliance with GDPR regulations, collecting and storing data provided by the Data Subject accordingly.
Newsletter subscription is done through the Association's website, requiring the following mandatory data:

  • name

  • email address

Also based on GDPR principles, the Data Subject can unsubscribe from the newsletter or modify their data at any time through the link in the newsletter footer or by directly requesting it at info@kikk.hu.

 

4. Planned Use and Retention Period of Processed Data

 

Contact form data for communication: Data Subject's consent 1 year
Newsletter email address/name for sending newsletters: Until Data Subject's withdrawal of consent

We only retain your data as long as we need it or are legally obligated to keep it. After that, we delete it, and you can request deletion of your personal data at any time.

​

5. Purpose, Method, and Legal Basis of Data Processing

 

5.1. General Data Processing Principles

​

The Association's data processing activities are based on voluntary consent or statutory authorization. In cases of data processing based on voluntary consent, data subjects may withdraw their consent at any stage of processing. In certain cases, the processing, storage, and transfer of certain data is mandatory by law, about which we separately notify our clients.
We draw the attention of those providing data to the Association that if they provide personal data of others, it is the data provider's responsibility to obtain the consent of the data subject. Its data processing principles comply with current data protection legislation, particularly:

  • Act CXII of 2011 on Information Self-determination and Freedom of Information;

  • Regulation (EU) 2016/679 of the European Parliament and Council (April 27, 2016) - GDPR;

  • Act V of 2013 - Civil Code;

  • Act C of 2000 - on Accounting;

  • Act LIII of 2017 - on Prevention of Money Laundering and Terrorist Financing;

  • Act CCXXXVII of 2013 - on Credit Institutions and Financial Enterprises.

 

6. Physical Storage Locations of Data

​

Your personal data (data that can be linked to you) may come under our management in the following ways: first, technical data automatically generated in our computer system related to maintaining internet connection with your computer, browser, internet address, and visited pages; second, you may provide your name, contact information, or other data if you wish to contact us while using the website.
We build our website within the Wix.com framework, whose current Privacy Policy can be found at https://www.wix.com/about/privacy.
We send our newsletters through the Mailchimp framework, whose current Privacy Policy can be found at https://mailchimp.com/legal/privacy/.

​

7. Data Transfer, Data Processing, Access to Data

​

Data obtained through the website is only accessed and managed by association staff; no data transfer occurs.

​

8. Data Subject Rights and Legal Remedies

​

The data subject may request information about their personal data processing and may request correction of their personal data or - except for mandatory data processing - deletion, withdrawal, may exercise data portability and objection rights in the manner indicated at data collection or through the data controller's contact information above.

​

8.1. Right to Information

The Association takes appropriate measures to provide all information referred to in Articles 13 and 14 of GDPR and any communication under Articles 15-22 and 34 relating to processing to the data subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language.

​

8.2. Right of Access

The data subject has the right to obtain confirmation from the controller as to whether personal data concerning them are being processed. If such processing is taking place, they have the right to access the personal data and the following information:

  • purposes of processing;

  • categories of personal data concerned;

  • recipients or categories of recipient to whom the personal data have been or will be disclosed, particularly recipients in third countries or international organizations;

  • planned period for which the personal data will be stored;

  • right to request rectification, erasure, or restriction of processing and to object;

  • right to lodge a complaint with a supervisory authority;

  • information about data sources;

  • existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject.

The controller shall provide the information within one month of the request.

​

8.3. Right to Rectification

The data subject has the right to obtain rectification of inaccurate personal data concerning them and to have incomplete personal data completed.

​

8.4. Right to Erasure

The data subject shall have the right to obtain erasure of personal data without undue delay where one of the following grounds applies:

  • personal data are no longer necessary for the purposes collected;

  • the data subject withdraws consent and there is no other legal ground for processing;

  • the data subject objects to processing and there are no overriding legitimate grounds;

  • personal data have been unlawfully processed;

  • personal data must be erased for compliance with a legal obligation;

  • personal data have been collected in relation to the offer of information society services.

Erasure cannot be requested if processing is necessary:

  • for exercising the right of freedom of expression and information;

  • for compliance with a legal obligation under Union or Member State law;

  • for reasons of public interest in the area of public health or archiving purposes, scientific or historical research, or statistical purposes;

  • or for the establishment, exercise, or defense of legal claims.

 

8.5. Right to Restriction of Processing

The Association shall restrict processing at the data subject's request if one of the following applies:

  • accuracy of personal data is contested;

  • processing is unlawful and data subject opposes erasure;

  • controller no longer needs the data but they are required by the data subject for legal claims;

  • or data subject has objected to processing.

Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with the data subject's consent or for legal claims, protection of another person's rights, or important Union or Member State public interest.

 

8.6. Right to Data Portability

The data subject has the right to receive their personal data in a structured, commonly used, and machine-readable format and transmit those data to another controller.

 

8.7. Right to Object

The data subject has the right to object to processing of their personal data for public interest tasks, exercise of official authority, or legitimate interests, including profiling.
If objection is made, the controller shall no longer process the personal data unless it demonstrates compelling legitimate grounds which override the interests, rights, and freedoms of the data subject or for legal claims.

 

8.8. Right to Withdraw Consent

The data subject has the right to withdraw their consent at any time.

 

8.9. Right to Legal Remedy

The data subject may take legal action against the controller for rights violations. The court shall handle such cases as priority.

 

8.10. Data Protection Authority Procedure

Complaints can be filed with the National Authority for Data Protection and Freedom of Information:
Name: National Authority for Data Protection and Freedom of Information
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.
Mailing address: 1530 Budapest, Pf.: 5.
Phone: 0613911400
Fax: 0613911410
Email: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu

​

9. Other Provisions

​

We provide information about data processing not listed in this notice at the time of data collection.
We inform our clients that courts, prosecutors, investigating authorities, administrative authorities, the National Authority for Data Protection and Freedom of Information, the Hungarian National Bank, or other bodies authorized by law may contact the controller for information, data disclosure, transfer, or document provision.
The Association provides personal data to authorities - if the authority specifies the exact purpose and scope of data - only to the extent absolutely necessary for achieving the purpose of the request.

bottom of page