Privacy notice

Dr. Rövid és Társai Ügyvédi Társulás (registered office: 1055 Budapest, Honvéd u. 18.; hereinafter referred to as „Data Controller”) is a data controller in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the „GDPR„), the Controller hereby informs visitors to the Controller’s website („Data Subject„) about the processing of their personal data.

  1. Name and contact details of the Data Controller:

Dr. Rövid és Társai Ügyvédi Társulás (registered office: 1055 Budapest, Honvéd u. 18.)

E-mail: hello@rvdpartners.com

Website: https://immigration.rvdpartners.com

  1. Name and contact details of the Data Protection Officer:

RVD Partners Kft. (head office: 1055 Budapest, Honvéd utca 18.; represented by: Márton László Urbán; email: dpo@rvdpartners.com)

  1. The scope of the personal data processed, the legal basis for the processing, the purpose and duration of the processing:

Scope of personal data processed

Legal basis for processing

Purpose of data processing

Duration of data processing

·         Full name

·         Electronic notification address (email address)

Article 6 Section (1) paragraph (a) of the GDPR.

To answer questions or provide other information requested by the Data Subject.

The data will be processed until consent is withdrawn. The data will not be processed longer than 30 (thirty) days following the last contact by the Data Subject.

The Data Subject may withdraw their consent at any time. The withdrawal of consent shall not affect the lawfulness of the processing prior to the withdrawal.

Only the legal representative is entitled to register a minor – in the case of family membership – and to provide their personal data (full name and date of birth) as per Act V of 2013 on the Civil Code.

  1. Automated decision-making (including profiling):

No automated decision making, including profiling, takes place during the processing.

  1. The transfer of personal data, the recipients of personal data and the categories of recipients:

The Data Controller uses the following data processor in connection with data processing:

  • RVD Partners Kft. (registered seat: 1055 Budapest, Honvéd u. 18.; registration no. 01-09-380920) data processing activity: participating advisor in fulfilment of contract; e-mail: hello@rvdpartners.com
  • VelvetRock Zrt. (registered seat: 1055 Budapest, Honvéd u. 18.; registration no. 01-10-143086) data processing activity: participating advisor in fulfilment of contract; e-mail: hello@rvdpartners.com
  • Rövid Ügyvédi Iroda (registered seat: 1055 Budapest, Honvéd u. 18.; registration no. 3313) data processing activity: participating advisor in fulfilment of contract; e-mail: hello@rvdpartners.com
  • Comprel Bt. (registered seat: 1135 Budapest, Jász u. 65. 3. em. 5. ajtó; registration no. 01-06-764965) data processing activity: IT specialist, web hosting; e-mail: szbalint@comprel.hu.

Personal data will be transferred to the following recipients:

Personal data will not be transferred to any third countries (i.e. outside the European Union) or to any international organisations.

  1. The Data Subject’s rights in relation to data processing:

The Data Subject may request the Controller to:

  1. a) provide them access to their personal data,
  2. b) rectify their personal data; and
  3. c) erase or restrict of the processing of their personal data, except for mandatory processing.

Right of access:

The Data Subject has the right to receive feedback from the Data Controller as to whether or not their personal data is being processed and, if such processing is ongoing, has the right to access the personal data. The Data Controller shall provide the Data Subject with a copy of their personal data which is the subject of the processing. For additional copies requested by the Data Subject, the Controller may charge a reasonable fee based on administrative costs. If the Data Subject has made the request by electronic means, the information shall be provided in a commonly used electronic format, unless the Data Subject requests otherwise.

Right to rectification:

The Data Subject shall have the right to obtain from the Data Controller, upon their request, the rectification of inaccurate personal data relating to them without undue delay.

Right to erasure:

The Data Subject shall have the right to obtain from the Data Controller, upon their request, the erasure of personal data relating to them without undue delay, and the Data Controller shall be obliged to erase personal data relating to the Data Subject without undue delay if aby of the following applies:

  1. a) the personal data is no longer necessary for the purposes for which they were collected or otherwise processed;
  2. b) the Data Subject withdraws their consent pursuant to Article 6 Section (1) paragraph (a) or Article 9 Section (2) paragraph (a) of the General Data Protection Regulation and there is no other legal basis for the processing;
  3. c) the Data Subject objects to the processing on the basis of Article 21 Section (1) of the GDPR and there are no overriding legitimate grounds for the processing, or the Data Subject objects to the processing on the basis of Article 21 Section (2) of the GDPR;
  4. d) the personal data has been unlawfully processed;
  5. e) the personal data must be erased in order to comply with a legal obligation under European Union or Member State law to which the Data Controller is subject;
  6. f) the personal data was collected in connection with the provision of information society services referred to in Article 8 Section (1) of the GDPR (conditions for the consent of children).

Right to restriction of processing:

The Data Subject shall have the right to obtain from the Controller, at their request, the restriction of processing if one of the following conditions are met:

  1. a) the Data Subject contests the accuracy of the personal data, in which case the restriction applies for the period of time that allows the Data Controller to verify the accuracy of the personal data;
  2. b) the processing is unlawful and the Data Subject opposes the erasure of the data and requests instead the restriction of its use;
  3. c) the Data Controller no longer needs the personal data for the purposes of the processing, but the data subject requires the information for the establishment, exercise or defense of legal claims; or
  4. d) the Data Subject has objected to the processing pursuant to Article 21 Section (1) of the GDPR; in this case, the restriction shall apply for the period until it is determined whether the legitimate grounds of the Controller prevail over the legitimate grounds of the Data Subject.

If the processing is restricted, such personal data, except for storage, may only be processed with the consent of the Data Subject or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for important public interests of the Union or of a Member State.

Right to data portability:

The Data Subject is also entitled to receive the personal data concerning him or her which he or she has provided to the Controller in a structured, commonly used, machine-readable format and to transmit such data to another controller without hindrance from the controller to which he or she has provided the personal data, if: (i) the processing is in accordance with Article 6. (i) the processing is based on consent within the meaning of Article 6(1)(a) or Article 9(2)(a) of the General Data Protection Regulation or on a contract within the meaning of Article 6(1)(b) of the General Data Protection Regulation; and (ii) the processing is carried out by automated means.

Right to object:

The Data Subject shall have the right to object at any time, on grounds relating to their particular situation, to the processing of their personal data based on Article 6 Section (1) paragraph (e) or (f), including profiling based on those provisions. In such a case, the Controller may no longer process the personal data unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of legal claims.

Where personal data is processed for direct marketing purposes, the Data Subject has the right to object at any time to the processing of their personal data concerning for such purposes, including profiling when related to direct marketing. If the Data Subject objects to the processing of personal data for direct marketing purposes, the personal data may no longer be processed for those purposes.

General rules on the exercise of the right of Access:

The Data Controller shall inform the Data Subject of the action taken in response to their request without undue delay, but no later than one month from the date of receipt of the request. If necessary, taking into account the complexity of the request and the number of requests, this time limit may be extended by a further two months. The Data Controller shall inform the Data Subject of the extension of the time limit within one month of receipt of the request, stating the reasons for the delay. Where the Data Subject has submitted the request by electronic means, the information shall be provided by electronic means where possible, unless the Data Subject requests otherwise.

The Data Controller shall provide the Data Subject with information and action free of charge. Where the Data Subject’s request is manifestly unfounded or excessive, in particular because of its repetitive nature, the Controller shall, taking into account the administrative costs of providing the information or taking the action requested:

  1. a) charge a reasonable fee, or
  2. b) refuse to act on the request.

The burden of proving that the request is manifestly unfounded or excessive lies with the Data Controller.

If the Data Controller has reasonable doubts about the identity of the natural person making the request, it may request additional information necessary to confirm the identity of the Data Subject.

  1. Enforcement options:

The Data Subject may take the Data Controller to court in the event of a breach of their rights. The court shall rule on the case out of turn. The Data Controller shall prove that the processing complies with the law. The court of law, in the capital city the Metropolitan Court, has jurisdiction to decide the case. The action may also be brought before the court of the place of residence or domicile of the Data Subject.

The Data Controller shall compensate for any damages caused by the unlawful processing of the Data Subject’s data or by breaching the requirements of data security. The Controller shall be exempted from liability if it proves that the damage was caused by an unavoidable cause outside the scope of the processing. No compensation shall be due if the damage was the result of the intentional or grossly negligent conduct of the victim.

The Data Subject may also contact the National Authority for Data Protection and Freedom of Information in the event of a complaint regarding the processing of their personal data (Dr. Attila Péterfalvi, President of the National Authority for Data Protection and Freedom of Information, postal address: 1363 Budapest, PO Box 9, address: Falk Miksa utca 9-11., Budapest1055; telephone: +36 1 391 1400; fax: +36 1 391 1410; e-mail: ugyfelszolgalat@naih.hu; website: https://naih.hu).