Zsófia Lakatos motivational speaker

Privacy policy

The website is maintained and operated by Zsófia Lakatos.

Registered office: Emerald PR Kft, 1116 Budapest, Bükköny u. 28.

Email address: zsofia.lakatos@emeraldpr.hu

Tax number: 25432372-2-43

1. Purpose of this Privacy Notice

The purpose of this document is for Zsófia Lakatos, as data controller (hereinafter uniformly referred to as the Data Controller), to describe the data protection rules, procedures, and safeguards applied and operated within the Data Controller’s organization in relation to data qualifying as personal data.

In this document, the Data Controller also informs its clients, partners, and all natural and legal persons who are in any legally interpretable relationship with the Data Controller and who become data subjects during the processing of personal data, about the rules governing the processing of personal data handled by it, the safeguards and procedures applied, and the manner of data processing.

The Data Controller considers the rules, provisions, and obligations described in this Privacy Notice to be legally binding on itself and applies them in the course of its operations. The Data Controller further declares that the data protection rules and procedures described and applied in this document comply with the applicable national and European Union data protection laws. The Data Controller also declares that it considers the right to informational self-determination to be important, especially with regard to personal data, and within its own sphere of activity takes all available organizational, operational, regulatory, and technological measures to ensure the observance and enforcement of these rights.

The current version of the Privacy Notice is always available at: zsofialakatos.com/privacy-policy.html. The Data Controller may amend the Privacy Notice at any time, subject to the obligation to publish the changes and inform the data subjects.

2. Details of the Data Controller

2.1. Company details of the Data Controller

Registered office: Emerald PR Kft, 1116 Budapest, Bükköny u. 28.

Email address: zsofia.lakatos@emeraldpr.hu

Tax number: 25432372-2-43

2.2. Contact details of the Data Controller

For data protection matters, the Data Controller can be contacted at the following contact details:

Email address: zsofia.lakatos@emeraldpr.hu

The Data Controller retains incoming data protection inquiries sent to it by email for 6 months. After this period, they are irreversibly deleted.

2.3. Data Protection Officer of the Data Controller

Name: Zsófia Lakatos

Email address zsofia.lakatos@emeraldpr.hu

3. Data Processing Activities of the Data Controller and the Personal Data Processed

3.1. Data related to online administration

There is no such data processing.

3.2. Browser Cookies

3.3.1. Purpose of cookies

An HTTP cookie (cookie) is a small data packet created by the server hosting the visited website through the client’s web browser during internet browsing, upon the first visit, if enabled in the browser. Cookies are stored on the user’s computer in a predefined location that may vary depending on the browser type. During subsequent visits, the browser sends the stored cookie back to the web server together with various information about the client. Cookies enable the server to identify the given user, collect various information about them, and prepare analyses based on such information. The main functions of cookies are:

collecting information about visitors and their devices;
remembering visitors’ individual settings, which may be used, for example, when using online transactions, so they do not have to be re-entered;
making the use of the website easier, simpler, more convenient, and smoother;
making it unnecessary to re-enter data already provided;
generally improving the user experience.

By using cookies, the Data Controller carries out data processing, the main purposes of which are:

identifying the user
identifying individual sessions
identifying the devices used for access
storing certain provided data
storing and transmitting tracking and location information
storing and transmitting data necessary for analytics measurements

Legal basis for processing: the data subject’s opt-in consent.

Purpose of processing: improving the operation of the website.

Possible consequences of failure to provide data: no material consequences.

Data processed in connection with cookies:

Cookie	Type	Duration	Description
_ga	Google Analytics	2 years	Used to distinguish users.
_ga_G-G-KKQYKV13G3	Google Analytics	2 years	Used to preserve session state.
cookie_consent_level	Cookie Consent	1 year 1 month	This cookie is used to store the user’s consent status for the different categories of cookies used on the website, indicating which types of cookies the user has authorized.

3.3.3. Possibility of disabling cookies and setting cookie-related rules

The data subject has the option to set rules for certain types of cookies, for example to avoid the use of cookies, disable cookies, etc., through the appropriate settings of the browser used. Information on how to set selective or general blocking of cookies can be found in the Help menu of the given browser. Using these settings, cookies can be:

generally disabled;
configured as to how cookies are accepted (automatic acceptance, ask one by one, etc.);
individually disabled;
individually or collectively deleted;
and other cookie-related actions can also be carried out.

4. Purpose, Method and Legal Basis of Data Processing

4.1. General principles of data processing

In the data processing activities listed in Section 3, the Data Controller processes personal data in every case for the purpose specified in the relevant data processing activity and on the legal basis indicated there, in accordance with the legislation listed in Section 4.2.

The processing of personal data always takes place on the basis of the voluntary consent of the data subject, which consent the data subject is entitled to withdraw at any time.

In certain cases and under exceptional circumstances, the Data Controller may be required by law to process, transfer, disclose, or store certain personal data in a manner different from that described in the relevant data processing activities. In such cases, the Data Controller shall ensure that the data subjects are notified, provided that the applicable legal provisions allow this or do not expressly prohibit it.

4.2. Legislation providing the legal basis for data processing

The Data Controller processes personal data on the basis of the following legislation:

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council (27 April 2016)

Act V of 2013 – the Civil Code of Hungary

5. Data Storage and Security

5.1. Physical storage locations of data

The Data Controller stores personal data in its integrated IT system. The elements of the system are located at the following geographical, physical locations:

Branch office of the Data Controller – Emerald PR Kft, 1116 Budapest, Bükköny u. 28. – service

5.2. Method of IT storage of data and logical security

The Data Controller processes personal data primarily through a properly established and protected IT system. During the operation of the IT system, it ensures an appropriate level of the fundamental information security attributes of the data stored, processed, and transmitted therein, namely:

integrity, ensuring the authenticity and unchanged nature of the data;
confidentiality, meaning that only those entitled to do so may access the data, and only to the extent of their authorization;
availability, meaning that the data is accessible and available to entitled persons within the expected period of availability. The necessary IT infrastructure is available and operational.

The Data Controller protects the processed data through a structured system of:

organizational and operational
physical security
information security

protective measures. The Data Controller establishes and operates the system of protective measures, and the protection levels of the individual measures, in proportion to the risks arising from threats to the data to be protected. From a data protection perspective, these measures are primarily aimed at protection against accidental or intentional deletion, unauthorized access, intentional and malicious disclosure, accidental disclosure, data loss, and data destruction.

6. Data Transfers, Data Processing, and Persons Entitled to Access the Data

The data may primarily be accessed by the Data Controller and its internal staff members, to the extent permitted by authorization rules, the authorization system, and other internal regulations. The Data Controller has certain operations and tasks relating to some data carried out by third-party data processors. Apart from the foregoing, the Data Controller does not publish the data and does not transfer it to any other third parties.

7. Rights of the Data Subject

In relation to the personal data processed by the Data Controller, the data subject may exercise, among others, the rights described below.

7.1. Right of access of the data subject (Article 15 GDPR)

The data subject has the right to obtain confirmation from the Data Controller as to whether personal data concerning them is being processed, and, where that is the case, access to the personal data and the following information:

the purposes of the processing;
the categories of personal data concerned;
the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
the planned period for which the personal data will be stored;
the right of the data subject to request rectification, erasure or restriction of processing of personal data, and to object to such processing;
the right to lodge a complaint with a supervisory authority;
where the data are not collected from the data subject, any available information as to their source;
the existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

The Data Controller shall provide the data subject with one copy of the personal data undergoing processing. For any further copies requested by the data subject, the Data Controller may charge a reasonable fee based on administrative costs. If the data subject has made the request by electronic means, the Data Controller shall provide the information in a widely used electronic format, unless otherwise requested by the data subject, within a maximum of 30 days from submission.

7.2. Right to rectification (Article 16 GDPR)

The data subject has the right to obtain from the Data Controller without undue delay the rectification of inaccurate personal data concerning them and, taking into account the purposes of the processing, to have incomplete personal data completed.

7.3. Right to erasure (Article 17 GDPR)

The data subject has the right to obtain from the Data Controller the erasure of personal data concerning them without undue delay, and the Data Controller shall have the obligation to erase such personal data without undue delay where one of the following grounds applies:

the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
the data subject withdraws consent on which the processing is based, and there is no other legal ground for the processing;
the data subject objects to the processing, and there are no overriding legitimate grounds for the processing;
the personal data have been unlawfully processed;
the personal data must be erased for compliance with a legal obligation in Union or Member State law to which the Data Controller is subject;
the personal data have been collected in relation to the offer of information society services.

The erasure of data may not be requested where processing is necessary:

for exercising the right of freedom of expression and information;
for compliance with a legal obligation requiring processing under Union or Member State law applicable to the Data Controller, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
on grounds of public interest in the area of public health;
for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes;
for the establishment, exercise, or defence of legal claims.

7.4. Right to restriction of processing (Article 18 GDPR)

At the request of the data subject, the Data Controller shall restrict processing where one of the following applies:

the data subject contests the accuracy of the personal data, for a period enabling the Data Controller to verify the accuracy of the personal data;
the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
the Data Controller no longer needs the personal data for the purposes of processing, but they are required by the data subject for the establishment, exercise, or defence of legal claims; or
the data subject has objected to processing; in this case, restriction applies for the period until it is established whether the legitimate grounds of the Data Controller override those of the data subject.

Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with the data subject’s consent or for the establishment, exercise, or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or of a Member State.

7.5. Right to data portability (Article 20 GDPR)

The data subject has the right to receive the personal data concerning them, which they have provided to the Data Controller, in a structured, commonly used, machine-readable format and to transmit those data to another data controller.

7.6. Right to object (Article 21 GDPR)

The data subject has the right to object, on grounds relating to their particular situation, at any time to the processing of personal data concerning them, including profiling based on those provisions. In such a case, the Data Controller shall no longer process the personal data unless the Data Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or for the establishment, exercise, or defence of legal claims.

7.7. Automated decision-making in individual cases, including profiling (Article 22 GDPR)

The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.

7.8. Right of withdrawal

The data subject has the right to withdraw their consent relating to their personal data at any time.

7.9. Legal remedies

If their rights are violated, the data subject may request information, legal remedy, or lodge a complaint using the contact details provided in Section 2.2, or with the Data Protection Officer specified in Section 2.3. If these efforts are unsuccessful, the data subject is entitled to turn to a court or contact the Hungarian National Authority for Data Protection and Freedom of Information.

7.10. Contact details of the Hungarian National Authority for Data Protection and Freedom of Information (NAIH)

Name: Hungarian National Authority for Data Protection and Freedom of Information (NAIH)

Registered office: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.

Mailing address: 1530 Budapest, Pf.: 5.

Tel: +36 (1) 391-1400

Fax: +36 (1) 391-1410

Email: ugyfelszolgalat@naih.hu

Website: http://www.naih.hu

8. Miscellaneous Provisions

In the event of an official request or the request of another body based on a legal obligation, the Data Controller may be required or compelled to disclose data. In such cases, the Data Controller shall strive to disclose only such personal data, and only to the extent necessary, as is strictly required for compliance with the obligation to provide data.

26 November 2024