Legal Notice - The Long Brief

BTFold Média Korlátolt Felelősségű Társaság (registered seat: 1036 Budapest, Bécsi út 85. fszt. 5., Registration number: 01-09-398755, tax number: 27805798-1-41, represented by individually: Árki Tamás managing director), as Data Controller of personal data (hereinafter referred to as the: „Data Controller”) with the present notice informs Data Subjects about its data processing activity under the title of the notice, about measures being made in connection with the protection of personal data in possession of the Data Controller, and about the possibilities of the Data Subject to obtain redress.

Definitions

Definitions found in the present notice shall be interpreted by the following:

1.1 Data Controller: operator and provider of the website https://longbrief.com BTFold Média Limited Liability Company (registered seat: 1036 Budapest, Bécsi street 85. ground floor door nr. 5., company registration number: 01-09-398755, tax number: 27805798-1-41)

1.2 TAC: General Terms and Conditions regarding the use of https://longbrief.com online portal, the service via the readers of the website are able to access certain articles in exchange for a fee, and the subscription of the newsletter each provided by the Data Controller.

1.3 Data Subject: that person, whose personal data is being processed by the Data Controller.

1.4 Registered Profile: A profile created by natural or legal persons on the Website through registration.

1.5 Website: website operated by the Data Controller under the domain https://longbrief.com

1.6 Personal data: any information or data relating to the Data Subject; or any data from which the Data Subject can be identified, or conclusion to the Data Subject can be drawn.

1.7 Service: access to certain articles which are accessible solely for a fee provided by the Data Controller

1.8 Newsletter: A newsletter provided by the Data Controller, issued periodically, which contains news and articles published on the Website

Commitments of the Data Controller

2.1 Data Controller commits that all of its data processing activity meet the requirements of the provisions in the present privacy notice, national law in effect, and the legal acts of the European Union.

2.2 Data Controller is entitled to modify the Data Protection Statement without the consent of the Data Subject. In such case the Data Controller informs the Data Subject about the modification at https://longbrief.com website, at least 8 days prior to the date of effect. The Data Subject is considered to accept the amended Data Protection Statement by using the services of the Data Controller after date of effect.

2.3. Data Controller is committed to the protection of Data Subject’s personal data and attach great importance to the respect of Data Subject’s right to informational self-determination. Data Controller processes the Personal Data confidentially and takes all security, technical and organizational measures that guarantee the security of Personal Data. This Privacy Notice contains the Data Controller’s processing practices.

2.4. Data Controller’s data processing is based on the legal basises determined in the GDPR and its limited to it’s purpose.

2.5 Data Controller undertakes to inform the Data Subjects in a clear, unequivocal way prior to any recording, handling and processing of Personal Data, which includes information about the method, the purpose, and the principles of the processing.

2.6 If Data Controller intends to further process the Personal Data for a purpose other than that for which the Personal Data were obtained, the Data Controller provides the Data Subject with information on that other purpose and asks for prior consent to further processing, also provides an opportunity to the restriction of further processing.

Data Controller

Name of the Data Controller: BTFold Média Limited Liability Company
Registered seat and postal address: 1036 Budapest, Bécsi street 85. ground floor door nr. 5.
Registration authority: Company Registry Court of the Metropolitan Court of Budapest
Registration number: 01-09-398755
Tax number: 27805798-1-41
Website: https://longbrief.com

Place and contact of the complaint handling service:
e-mail address: [email protected]

Legal base and purpose of the processing, the processed personal data, term of the processing, the ones, who are eligible to get to know the personal data

4.1 Data process by the Data Controller

4.1.1 We inform you that by using the Website, the Service and by subscribing to our Newsletter we process your Personal Data for various purposes and on various legal grounds.

4.1.2 Present Privacy Policy is available during the registration, and on the Website via the following link: https://longbrief.com/privacy-policy

4.2 Data process regarding Registration

4.2.1 Legal base of the data processing:

Voluntary consent of the Data Subject based on Article 6 (1) a) GDPR.

4.2.2 Purpose of the data processing

You can create a registered profile on https://longbrief.com. With a registered profile you will be able to purchase certain articles on the Website.

4.2.3 Processed personal data

-name

-email address

-password

4.2.4 Erasure deadline of the data

Data Controller is processing Data Subject’s Personal Data until the deletion of the registered profile due to any reason. When the registered profile is deleted, data associated to them will be removed without a prior notice.

4.2.5 Those who are entitled to access the data

The Data Controller’s collaborators, employees and agents are entitled to get acquainted with the Personal Data, who are entrusted with the operation of the Website, the operation of the Newsletter and whose operation requires it to become acquainted with the Personal Data or is unavoidable due to the nature of their activities.

4.2.6 Right to withdrawal

4.3 Data process regarding the Service

4.3.1 Purchasing with the Service, Invoicing

4.3.1.1 Legal ground for processing Personal Data:

Pursuant to Article 6 (1) b) of the GDPR, the legal basis for the Data Controller’s data process is the performance of the contract concluded electronically between the parties and the fulfillment of obligations under the applicable accounting legislation according to Article 6 (1) c) GDPR.

4.3.1.2 Purpose of the data processing:

Purpose of data processing is to provide the documentation of the order and the payment, and to perform accounting obligations.

4.3.1.3 Processed personal data:

name
address (country, postcode, town, street address, county)
email address
telephone number
company name (optionally provided)
account username

Data processed regarding the invoicing:

first and second name
invoicing address
date
tax number in case of invoice with VAT.

4.3.1.4 Erasure deadline of the data:

Data controller shall process the data for 5 years, until the expiration of the right to impose a tax based on Section 202. § (1) act No. CL of 2017 on the System of Taxation. According to Section 169. § (1) act No. C of 2002 on Accounting, Data Controller is obliged to keep the documents necessary for the accounting for 8 years.

4.3.1.5 Those who are entitled to access the data

The Data Controller’s collaborators, employees and agents are entitled to get acquainted with the Personal Data, who are entrusted with the operation of the Website and whose operation requires it to become acquainted with the Personal Data or is unavoidable due to the nature of their activities.

4.4 Data process regarding the subscription of the Newsletter

4.4.1 Legal ground for processing Personal Data:

Voluntary consent of the Data Subject based on Article 6 (1) a) GDPR.

4.4.2 Purpose of the data processing:

Purpose of data processing is to provide the periodically issued newsletter to those who subscribe and would like to get commercial offers, news about the Website and get informed about the content appearing on the Website.

4.4.3 Processed personal data:

name
email address

4.4.4 Erasure deadline of the data:

4.4.5 Those who are entitled to access the data

The Data Controller’s collaborators, employees and agents are entitled to get acquainted with the Personal Data, who are entrusted with the operation of the Website and the Newsletter and whose operation requires it to become acquainted with the Personal Data or is unavoidable due to the nature of their activities.

4.4.6 Right to withdrawal

Given that the legal basis for data processing is the data subject’s consent, the Data Subject is entitled to withdraw the consent at any time. Withdrawal of consent shall not affect the lawfulness of the data processing prior to withdrawal. The Data Subject may withdraw his / her consent in the form of a statement to this effect sent to one of the contact details of the Data Controller specified in Section 3. If you revoke your consent, you will automatically unsubscribe from the Newsletter.

4.5 Cookies

4.5.1 The Data Controller in order to serve the clients customized, place a small data package (so called the « cookie ») at the computer of the Data Subject. The task of the cookie is to collect information about visitors and their devices; they remember the individual settings of the visitors, so that it can be used during online transactions, the visitor does not have to type data again; they make it easier to use the website and provide a quality user experience. If the web browser send back a previously saved cookie, it makes it possible for the Data Controller who handle the cookie to join the actual visit of the Data Subject, but only in connection with its own content.

4.5.2 During visiting the website, the Data Subject can give his consent to the use of the cookies on its computer and make the Data Controller access to them by clicking on the cookie warning button at the Website.

4.5.3 Purpose of the data processing:

To identify and differentiate the Data Subjects, identify the actual work session of the users, to store the given data during actual work session, to prevent loss of data, to identify and monitor users.

4.5.4 Legal ground for processing Personal Data:

Voluntary consent of the Data Subject based on Article 6 (1) b) GDPR.

4.5.5 Processed Personal Data:

identification number
date
previously visited website

4.5.6. Erasure deadline of the data

Data Controller is processing data until the use of the data for such purpose, until it is prohibited by the Data Subject by unsubscribe.

4.5.7 Those who are entitled to access the data

The Data Controller’s collaborators, employees and agents are entitled to get acquainted with the Personal Data, who are entrusted with the operation of the Website, and whose operation requires it to become acquainted with the Personal Data or is unavoidable due to the nature of their activities.

4.5.8 Right to withdrawal

4.6 Transmission of the personal data, the ones who are eligible to get to know the data

4.6.1 Within the use of the Service user consents to the transfer of his/her data to Data Controller’s partners in the payment method. Legal base for the transfer is the performance of the contract, based on Article 6 (1) b) GDPR.

4.6.2 The Data Controller shall only transfer the personal data of the customer, which are essential to identify the person and the person’s data in order to succeed the payment. Only those personal data are transferred to the partner, which must be known by the partner to perform the payment. Data Controller – to the request of the Data Subject – informs the Data Subject about its transferred personal data, to which partner was it transferred, and how can the Data Subject contact that certain partner.

4.6.3 The Processor, as controller is entitled and obliged to transfer any available and legally stored personal data to the competent authorities if the law or a legally binding official decision requires the transmission. The Controller shall not be responsible for such transfer and for its consequences.

4.6.4 Other data transfers are exclusively based on the preliminary and properly informed consent of the Data Subject.

Data Subject’s rights

5.1 Right to information:

The controller shall take appropriate measures to provide any information referred to in Articles 13 and 14 and any communication under Articles 15 to 22 and 34 of GDPR relating to processing to the Data Subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language. The Data Subject shall require information through contact details mentioned in the Article 3. of this Privacy Notice. When requested by the Data Subject, the information may be provided orally, provided that the identity of the Data Subject is proven by other means.

5.2 Right of access by the Data Subject

The Data Subject shall have the right to obtain from the controller confirmation as to whether or not Personal Data concerning him or her are being processed, and, where that is the case, access to the Personal Data and the following information:

– the purposes of the processing;
– the categories of Personal Data concerned;
– the recipients or categories of recipient to whom the Personal Data have been or will be disclosed, in particular recipients in third countries or international organisations;
– the envisaged period for which the Personal Data will be stored
– the existence of the right to request from the controller rectification or erasure of Personal Data or restriction of processing of Personal Data concerning the Data Subject or to object to such processing;
– the right to lodge a complaint with a supervisory authority;
– information about the source of the Personal Data;
– the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the Data Subject.

The request for information by e-mail shall be considered trustworthy only via the registered e-mail address of the Data Subject. The request for information must be sent to the following address: Bécsi street 85. ground floor, door nr. 5., Budapest, Hungary, post code: H-1036. If Personal Data are transferred to a third country or to an international organisation, the Data Subject shall have the right to be informed of the appropriate safeguards relating to the transfer. The Data Controller shall provide a copy of the Personal Data undergoing processing. For any further copies requested by the Data Subject, the controller may charge a reasonable fee based on administrative costs. Where the Data Subject makes the request by electronic means, the information shall be provided in electronic form. The Data Controller provides the information within a maximum of one month from the date of receipt of the request.

5.3 Right to rectification

The Data Subject is entitled to obtain from the controller the rectification of inaccurate and completion of deficient Personal Data concerning him or her via the e-mail address of the Controller mentioned in Article 3. of the Privacy Notice.
If the Personal Data is inaccurate, and the appropriate personal data is available, the Data Controller shall perform the rectification.

5.4 Right to erasure

The Data Subject shall have the right to obtain from the controller the erasure of Personal Data concerning him or her without undue delay and the controller shall have the obligation to erase Personal Data without undue delay where one of the following grounds applies:

– the Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
– the Data Subject withdraws consent on which the processing is based, and where there is no other legal ground for the processing;
– the Data Subject objects to the processing and there are no overriding legitimate grounds for the processing,
– the Personal Data have been unlawfully processed;
– the Personal Data have to be erased for compliance with a legal obligation in European Union or EU Member State law to which the controller is subject;
– the Personal Data have been collected in relation to the offer of information society services

In case of erasure or modification of the personal data, the former data shall no longer be restored.
The erasure shall not be performed if the processing is necessary regarding to the following cases: there exists a legal obligation which requires processing by European Union or EU Member State law to which the Data Controller is subject; or the processing is necessary regarding to the establishment, exercise or defence of the Data Controller’s legal claims and interests.

5.5 Right to restriction of processing

The Data Subject shall have the right to obtain from the controller restriction of processing where one of the following applies:

– the accuracy of the Personal Data is contested by the Data Subject, for a period enabling the controller to verify the accuracy of the Personal Data;
– the processing is unlawful and the Data Subject opposes the erasure of the Personal Data and requests the restriction of their use instead;
– the controller no longer needs the Personal Data for the purposes of the processing, but they are required by the Data Subject for the establishment, exercise or defence of legal claims;
– the Data Subject has objected to processing, pending the verification whether the legitimate grounds of the controller override those of the Data Subject.

5.6 Right to data portability

The Data Subject shall have the right to receive the Personal Data concerning him or her, which he or she has provided to a Data Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

5.7 Right to object

The Data Subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her, including profiling based on those provisions. The controller shall no longer process the Personal Data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of legal claims. Where Personal Data are processed for direct marketing purposes, the Data Subject shall have the right to object at any time to processing of Personal Data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where the Data Subject objects to processing direct marketing purposes, the Personal Data shall no longer be processed for such purposes.

5.8 Automated individual decision-making, including profiling

The Data Subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. The Data Subject is not entitled to exercise the above right if the decision:

– is necessary for entering into, or performance of, a contract between the Data Subject and a Data Controller;
– is authorised by European Union or EU Member State law to which the controller is subject and which also lays down suitable measures to safeguard the Data Subject’s rights and freedoms and legitimate interests; or
– is based on the Data Subject’s explicit consent.

5.9 Right to withdraw

The Data Subject shall have the right to withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Other data processing

6.1 About those data processing, which are not indicated in the present privacy notice, we inform the Data Subject simultaneously with the recording of the data. We inform our customers, that the court, the prosecutor, the investigative authority, the offence authority, the public administration authority, the Hungarian National Authority for Data Protection and Freedom of Information and other bodies which are authorized by law may require certain data, information or documents from the Data Controller. Data Controller – when the authority indicated the purpose and the set of data properly – only deliver those Personal Data, which are essential to fulfil the request of the authority.

6.2 Data Controller does not check the given personal data. For the compliance of the data only the person is liable, who gives the data. Data Subjects are liable for the access of their email address, which is given to the Data Controller to contact them. According to this, the user, who registrated the certain email address is the only responsible for the access to that email account. In case user does not report their own Personal Data, they shall provide the consent of the Data Subject.

6.3 The ones with any kind of employment relationship with the Data Controller and the partner, which co-operates with the Data Controller in the payment are entitled to get to know the given Personal Data.

Possibilities for enforcement of claims

7.1 With your questions and comments, please feel free to contact with the colleague of the Data Controller at [email protected] e-mail address.

7.2 Right to judicial remedy: In case the Data Subject considers that his or her rights under GDPR have been infringed, each Data Subject has the right to an effective judicial remedy against the Data Controller. The court is dealing with such case with priority.

7.3 Proceeding of the data protection authority: Data Subject have the right to lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information.

Name: Hungarian National Authority for Data Protection and Freedom of Information
Seat: 1055 Budapest, Falk Miksa utca 9-11.

Postal address cím: 1363 Budapest, Pf.: 9.
Telephone: 06-1-391-1400
Fax: 06-1-391-1410
E-mail: [email protected]
Website: http://www.naih.hu

Date: 08.01.2022.