In accordance with the provisions of Act CXII of 2011 on Informational Self-Determination and Freedom of Information, Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities, Act CVIII of 2001 on Certain Issues of Electronic Commerce Activities and Information Society Services, as well as other applicable legal regulations, the organizers of the Budapest Spring Festival – Müpa Budapest Nonprofit Ltd. (1095 Budapest, Komor Marcell utca 1.) and BFTK Nonprofit Ltd. (1052 Budapest, Városház utca 9–11.) –, hereby disclose their data protection and data management principles in the form of this Statement.
Müpa Budapest Nonprofit Ltd. and BFTK Nonprofit Ltd. (hereinafter jointly referred to as: “the Organizers”) shall handle such data only as has been voluntarily provided by the data subjects, and shall have their prior written consent for handling.
Visitors may subscribe to the newsletter of Budapest Spring Festival on its website, which requires the provision of personal data (email address) on the site. The Organizers shall manage and use the personal data provided by data subjects only until the latter revoke their authorisation for data processing, shall use them only for the realization of the objectives provided below, and only to the extent required for these objectives:
- to provide information on the programme of the Budapest Spring Festival and the CAFe Budapest Contemporary Arts Festival, as well as relevant facts about individual events (e.g. change of date, cancellation);
- to send publicity material (emails) about the events of the Budapest Spring Festival and the CAFe Budapest Contemporary Arts Festival, as well as about the activity of the Organizers, the events they organize and the services they provide. Such publicity material shall also provide for the appearance of such strategic partners of the Organizers that cooperate with them for the sake of providing high-quality cultural services.
The Organizers shall not forward any personal data made available to them to any third parties, unless authorized by the express prior written consent of the data subject.
Personal and other data provided by our visitors shall not be supplemented by, or linked with, data from other sources unless we are authorized by the express prior written consent of the data subject.
The Organizers shall provide the highest reasonable degree of protection during the management of personal data, as well as prevent unauthorized access thereto, by using high-standard technological protection measures and prudent internal regulations. The Organizers shall consider the protection and safe management of the personal data of its registered clients and contractual partners a top priority, and shall handle such data in strict confidence. By their applicable measures and procedural policy, the Organizers shall comply with European Union and international data protection requirements and standards, protecting thereby the interests of their clients and contractual partners, and meeting such obligations to maintain business confidentiality and retain know-how as they undertake within the framework of contractual freedom.
The Organizers shall only handle timely and accurate data, and only as long as it is necessary for the actual purposes of the data management. Whenever the purposes of data management cease to exist, the Organizers shall delete the relevant personal data without delay, but no later than 15 days, whether the data subject requests that they be deleted or not.
Upon request, the Organizers shall inform the data subject, without delay upon receipt of the request, but no later than 30 days, about the personal data they manage, the purposes of, and the legal grounds for, management, and the identity of the persons who manage and process these data, as well as the duration of management.
Upon request, the Organizers shall, without delay upon receipt of the request, but no later than 30 days, correct, modify or delete the personal data they handle. The data subject shall have the right, at any time, without offering an explanation, to request that their data, or parts thereof, be corrected, modified or deleted, as well as the right to withdraw their prior consent to data management.
Should the data subject find that any of the Organizers handle their personal data without authorization, they may protest against the handling of their personal data. Upon receipt of the protest, the Organizers shall immediately cease from handling the data, and shall, without delay, but no later than 15 days, carry out an investigation, whose results they shall share with the protesting subject, in writing. Should the Organizers fail to respond to the protest of the data subject within the period provided above, or fail to comply with the request of the protestor, the data subject may seek legal remedy at the Metropolitan Court of Justice (Fővárosi Törvényszék) or the competent court of justice of their place of residence.
Should the data subject or any third party find that any rights were infringed upon with regard to the handling of personal data, or there is an immediate risk of such infringement, they may request an investigation at the Hungarian National Authority for Data Protection and Freedom of Information (NAIH).
With regard to the data it handles, Müpa Budapest Nonprofit Ltd. receives queries, remarks and suggestions at the email address email@example.com, and the postal address 1453 Budapest, Pf.: 57.
With regard to the data it handles, BFTK Nonprofit Ltd. receives queries, remarks and suggestions at the email address firstname.lastname@example.org, and the postal address 1052 Budapest, Városház utca 9–11.