Privacy Policy
EliMo Angyali Hálakő Minden Gyermekért Foundation 2018.06.29.
I. Controller:
Mónika Murinai
EliMo Foundation
e-mail: elimohelpsma@gmail.com
telephone: +36-70-424-4493
address: 1173 Budapest, Oroszvár street 31.
registration number: 01-01-0012647
tax number: 19050302-1-42
II. Purposes of processing
Further information on the services and products of the EliMo Foundation can be found on the Foundation’s Facebook page, Facebook groups, newsletters, and the charity web shop of EliMo (this list is incomplete and only contains communication channels for which privacy policy is valid).
The EliMo Foundation employs an external supplier to take photographs, perform other communication tasks and offer accounting and transport services
III. Subjects
Data inventory – description of the data related to subjects
The EliMo Foundation and Mónika Murinai processes the following data:
Recipient’s family and given name
Recipient’s address
Recipient’s phone number
Copies of the Recipient’s medical records
Photos on the Recipient
Benefactor’s family and given name
Benefactor’s e-mail address
Benefactor’s address
Benefactor’s phone number
Benefactor’s billing details
IV. Data sources
Contact with interested parties occurs through Facebook, Messenger, newsletters, Instagram, e-mail and/or telephone. The controller will not initiate direct contact, those interested will have to get in contact themselves.
V. The goal, legal basis, and target deletion deadline regarding the handling of selected data
The name of the Recipient and Benefactor
Source of the data: The person in question will contact the organiser directly through Facebook, Messenger, newsletters, e-email and/or telephone and Instagram.
Goal of data processing: to maintain contact
Legal basis for data processing: On the one hand legitimate interest, and on the other voluntary consent through contact on behalf of the subject
Proposed deadline for data deletion: Data will be preserved until (based on legitimate interest) the owner and provider of the data does not decide otherwise.
E-mail of the Recipient and Benefactor
Source of the data: The person in question will contact the organiser directly through Facebook, Messenger, newsletters, e-email and/or telephone and Instagram.
Goal of data processing:
communication with the subject and/or
sending newsletters to the subject
Legal basis for data processing:
On the one hand legitimate interest as the controller uses the e-mail address that is the main channel of communication for their activities.
on the other hand, voluntary consent through contact on behalf of the subject
And thirdly the data owner’s consent on the web shop.
Proposed deadline for data deletion: Data will be preserved until (based on legitimate interest) the owner and provider of the data does not decide otherwise.
In order to send the newsletter, the processor requires an active contribution on behalf of the data owner in which they also inform them of the revocation of the contribution.
Customer billing information
Necessary for completing a purchase. Data processing occurs according to the provisions of the accounting law.
VI. Types of forwarded data
Customer information is only forwarded if it is billing information which is sent to the controller’s accountant.
Data forwarding
Data belonging to recipients, buyers and benefactors will not be forwarded to a third country inside or outside of the European Union.
VII. Technical and organisational measures
The controller will not use a third-party service provider to send newsletters. In the case of communication through Facebook, Instagram and Gmail, the privacy policy of Facebook and Instagram is authoritative.
Physical protection
The controller keeps the data in a locked metal cupboard in their own home which is equipped with a motion sensing alarm system.
Online protection
The controller will use their g-mail account for e-mailing and their Facebook page, group, Instagram page, WhatsApp to contact those interested, all of which are protected by a strong password.
Data protection documents
Data protection documents include the following:
A record of rescinded consents
A record of data protection incidences
Data protection manual
Privacy Policy
Data protection records
Consent tools
The subject is aware of and accepts that their active consent on the website – web shop (checking checkboxes) cannot be rescinded owing to the nature of online technology, and that the restrictions only binds the subject, therefore the controller to the period following the prohibitive statement.
Consent tools are provided physical protection as detailed above.
The consent tool, meaning the checkboxes on the website – web shop is also an active consent and can only be applied towards goals detailed there for the duration indicated in the consent tool unless the data owner revokes their consent. In this case their data will be deleted within 3 days at the maximum regarding which they will receiver an e-mail notification.
The subject is aware that they may request information on data handling, may request data correction and are aware that their consent is valid until it is rescinded. Furthermore, they are aware that they revoke their consent at any time for free and without justification by unsubscribing from the newsletter or by sending an e-mail to elimohelpsma@ gmail.com, and this binds the subject, thus the controller to the period following the prohibitive statement.
The revoked consents are technically collected separately by the controller who keeps a record of their revocation.
A record of data protection incidences
Contains the controller’s data, the date and time, duration and description of the incident, the categories of the affected personal data, the number and circle of those affected, the amount of data affected, possible consequences, possible risks, measures, and notifications. The incidence record is always kept up to date by the controller who will report an incident towards NAIH within 72 hours.
Privacy policy and privacy regulations
The data controller will at the minimum post a link to the privacy policy on their website, Facebook page, Facebook group and Instagram page.
Data protection records
The controller will continuously review and keep the records up to date. The controller will review the records once a month at a minimum.
Complaints
The owner may submit a complaint if their personal data is handled/used illegally.
Hungarian National Authority for Data Protection and Freedom of Information
1125 Budapest, Szilágyi Erzsébet avenue 22/c.
Mailing address: 1530 Budapest PO Box: 5.
Tel: 36/1-391-1400
E-mail: ugyfelszolgalat@naih.hu
Clause
The data controller maintains the right to change the privacy policy. This is likely to occur when the range of services is expanded or if the law requires it. A change in the privacy policy will not entail the handling of personal data outside of the established goal.