Privacy Policy

1. Data manager's name
Data manager's name: Polgár Judit Sakk Alapítvány
Data manager's company registration number: 01/03/11579
Data manager's seat: 1016 Budapest, Orom utca 20/b, Hungary
Data manager's contact details: This email address is being protected from spambots. You need JavaScript enabled to view it.
Data manager's representative: Attila Udvarhelyi (chair)

2. Privacy policy rules
This privacy policy is valid from 01 July, 2016. until withdrawn.
The Judit Polgar Chess Foundation (hereinafter referred to as: the "Company"), based on the Company's privacy policy, handle personal data in connection with this interface. The privacy policy covers all such processes conducted by any Company unit which involve personal data management as stipulated by Section 2, Article 3 of the Information Management Act.

Conceptual descriptions used in this policy are in line with definitions listed in Article 3 of the Information Management Act.

Personal data can only be handled in order to practise rights or fulfil commitments. Personal data managed by the Company cannot be used for private purposes. Data management shall, at all times, serve a particular purpose.

The Company shall manage personal data only for clearly defined purposes, to practise rights or to fulfil commitments, to the extent and for the time deemed necessary to reach the objective set. All data management phases serve a purpose, and when this purpose no longer exists or data management becomes illegal, data are deleted.

The Company shall only manage personal data as authorised by law or based on prior consent given by the relevant individual.

The Company shall, before registering any data, in advance, notify the relevant individual about the data management purpose and provide information about its legal background.

All staff members of the Company's organisational units and staff members of any organisation contracted by the Company to assist in any data management operation, shall handle personal data as commercial secrets. Individuals managing the personal data and individuals with access to such data shall sign a Confidentiality Agreement.

If an individual who falls under the scope of the privacy policy, is informed that the data managed by the Company are incorrect, incomplete or obsolete, s/he shall correct such data or initiate the correction at the staff member responsible for data registration.

Privacy requirements for natural and legal entities and organisations contracted by the Company to conduct data processing activities shall be outlined in a separate contract signed with the data processing entity.

The Company's General Manager, by taking Company specifics into consideration, shall define the data protection and management structures, data protection and related scopes, and shall appoint a staff member to be responsible for supervising the data management processes.

Company staff members shall, at all times during their work activities, ensure that no unauthorised persons can have access to the personal data, furthermore, they shall make sure that personal data storage ensures that data are not accessible, modifiable or deletable by unauthorised individuals.

The Company privacy policy and the data protection system are supervised by the individual responsible for privacy policies.

3. How individuals can exercise their rights
An individual can request information on how his/her personal data are handled, and can request the correction or - except for data management cases stipulated by law - the deletion of such data, by contacting the Company using the contact details provided.

Upon receiving a request or complaint, the Company shall submit it to the Head of the organisational unit with relevant data management scope within three days of receipt.

The Head of the organisational unit with relevant data management scope, in response to the request on personal data management and privacy, shall respond with a clearly put answer in writing within 15 days - or in the case of a complaint, within 5 days.
The information shall cover the items listed in Section (1), Article 15 of the Information Management Act, unless such information is to be withheld as stipulated by law.

Information provision, by law, is free of charge with the exception of cases defined by Section (5), Article 15 of the Information Management Act, where the Company charges a fee.

Any request submitted can be refused only for reasons listed in Section (1), Article 9 or Article 19 of the Information Management Act. In such case, the Company shall provide the explanation in writing, as stipulated by Section (2), Article 16 of the Information Management Act.

If the necessary information and official documents confirming this information are available, false data are corrected by the Head of the organisational unit responsible for data management, and if the situation as per Section (2), Article 17 of the Information Management Act requires, the Head of the unit shall initiate the deletion of the personal data.

For the period during which the complaint against personal data management is processed, the Head of the data management unit shall suspend data management (for a maximum of 5 days), shall examine the validity of the complaint, and shall make a decision, about which the individual submitting the complaint shall be informed as per Section (2), Article 21 of the Information Management Act.

Should the complaint be deemed to be valid, the Head of the data management unit shall proceed as stipulated by Section (3), Article 21 of the Information Management Act.

If, while exercising the rights of the individual, the opinion on the case is not clear, the Head of the organisational unit managing the data, by submitting his/her opinion and the relevant documents, shall request a statement from the internal privacy expert. This expert shall respond to the request within three days.

Any damage caused by the Company by infringing privacy rules or illegal data management, as well as compensation for personal right infringement caused by the Company or a contracted entity shall be paid by the Company. The data manager shall be exempt from its liability and its duties to pay compensation if the data manager finds that personal right infringement was due to unavoidable reasons beyond their control. Similarly, no compensation is to be paid if the damage was due to deliberate acts or gross negligence on the victim's side.

Complaints concerning Company data management practices can be submitted to the Hungarian National Authority for Data Protection and Freedom of Information:

Organisation: Hungarian National Authority for Data Protection and Freedom of Information
Site address: 1024 Budapest, Szilágyi Erzsébet fasor 22/C.

4. Issues not regulated by this notice
Any issues not regulated by this notice are governed by the Information Management Act and Company privacy policies.