Privacy Policy

Data management information from the Law Office of Dr. Zoltán László Németh on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, as well as Regulation (EU) 2016/679 on the repeal of Directive 95/46/EC ("GDPR") (``Information'').

1. INTRODUCTION, BACKGROUND
This Information Sheet was prepared and issued by the Law Office of Dr. Zoltán László Németh ("Data Controller") in order to inform the data subjects in accordance with Article 13 of the GDPR about the processing of their data and the rights they have in connection with data processing.
The Data Controller shall process the personal data it has come to know in accordance with the current legal provisions, in particular the GDPR, Article CXII of 2011 on the right to informational self-determination and freedom of information. is handled according to the provisions of the Act (“Infotv.”).

2. NAME AND CONTACT INFORMATION OF THE DATA CONTROLLER AND ITS REPRESENTATIVE
Based on point 7 of Article 4 of the GDPR, the data of the Data Controller in relation to the subject data management:
Law Office of Dr. Zoltán László Németh
• postal address: 1027 Budapest, Margit krt. 44. I. floor 4.
• e-mail address: zoltan.nemeth@drnemeth.net
• website address: www.drnemeth.net;
• phone number: +36 1 2661694
• representative's name: dr. Zoltán László Németh
• representative's contact information: +36 30 921-2575
Data management information from the Law Office of Dr. Zoltán Németh László on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, as well as Regulation (EU) 2016/679 on the repeal of Directive 95/46/EC ("GDPR") (``Information'').

3. NAME AND CONTACT INFORMATION OF THE DATA PROTECTION OFFICER
dr. Zoltán László Németh
• contact information: 1027 Budapest, Margit krt. 44. I. floor 4.
• e-mail address: zoltan.nemeth@drnemeth.net

4. SCOPE OF PROCESSED DATA, PURPOSE, LEGAL BASIS OF DATA PROCESSING, SOURCE OF DATA
In connection with the data processing covered in this Notice, the Data Controller processes the personal data of the data subjects (“Personal Data”) for the following purposes and on the basis of the legal basis:
4.1 Data management operation
Collection and management of the data necessary to maintain contact and to complete the transaction between the Parties
4.2 Purpose of data management
The purpose of personal data management is to provide legal advice to the data subject. Thus, in particular, the implementation of effective contact between the Data Controller and the Partner, the conduct of negotiations related to the transaction, which is an essential part of the fulfillment and possible modification of legal advice, is absolutely necessary.
4.3 Scope of processed data
The Data Controller only manages the personal data provided by the data subject, which is necessary for maintaining contact with the data subject and providing legal advice on the matter, i.e. no more than the name, telephone number and e-mail address of the data subject and the most necessary personal data arising in relation to the given case (state of facts).
4.4 Legal Basis
The legal basis for data management: Article 6 (1) point b) of the GDPR, i.e. the fulfillment of the "contract" between the Parties, and the taking of steps by the Data Controller at the request of the data subject before the conclusion of the transaction between the Data Controller and the data subject.
4.5 Source of data
Personal data can only be received from the data subject.

5. RECIPIENTS OF DATA, CATEGORIES OF RECIPIENTS
The personal data indicated in point 4 of the Information Sheet will be transferred to lawyers with relevant expertise and legal advice based on the order of the Data Controller.
5.1. Data processors:
We inform those concerned that at the time of issuing this information, the Data Controller does not employ a data processor for the processing of the subject personal data, however, the range of data processors may change. The current list of data processors will be available on the Data Controller's website.
The data controller may transfer the relevant personal data to the following third parties:
• authorities (eg: local government, police, consumer protection authority, tax authority, MEKH, construction authorities, etc.)
• courts
• prosecutor's offices

6. DATA SECURITY MEASURES
The data and documents stored electronically can only be accessed by the competent attorneys handling the case in order to provide legal advice (access authorization system). Access rights are issued in a regulated and logged manner. The granted accesses are reviewed at regular intervals.
The Data Controller developed detailed, internal data security measures based on the relevant standard (ISO 27001) in its regulations on the operation of the ISMS (Information Security Management System).

7. TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION / EUROPEAN ECONOMIC AREA OR TO PART OF AN INTERNATIONAL ORGANIZATION
Data is not transferred outside the European Union / European Economic Area or to an international organization.

8. PERIOD OF DATA MANAGEMENT
The Data Controller shall process the Personal Data until the data management purpose according to point 4 exists, but no later than:
In the case of contract-based data management:
• until the claims related to the Legal Relationship are enforced;
• until the enforceability of claims related to the Legal Relationship ceases.
After the expiration of the period specified above, the Data Controller shall delete the Personal Data within 25 days at the latest due to technical reasons.

9. APPLICABLE RIGHTS
In connection with the processing of Personal Data specified in the Information Sheet, we provide the following rights to the data subject:
• Right of access;
• Right to information;
• Right to rectification;
• Right to erasure;
• The right to restrict data processing;
• Right to data portability;
Some of the rights of the data subjects are detailed below:
9.1. Right of access and information
At the request of the data subject, the Data Controller will provide information on whether their data is being processed. If so, in addition to providing access, the Data Controller informs the data subject about the categories of data processed, the purpose of data management, the recipients of data management or the category of recipients, the duration of data storage, or the criteria for determining the duration, the exercise of the rights of the data subject, the National Data Protection and Complaint to the Freedom of Information Authority (NAIH) about the right to report, the source of the data, and the fact of automated decision-making, including profiling. In case of data transmission outside the European Union or the European Economic Area, the data subject will also be informed about the appropriate guarantees provided in connection with the data transmission.
9.2. Right to rectification
The data subject has the right to request correction of his/her data from the Data Controller in case of inaccuracy.
If it is necessary to correct the Personal Data managed by the Data Controller, the person concerned may request the correction of the data in writing (by post or e-mail) by indicating the correct data.
The data subject is obliged to notify the Data Controller in writing (by post or e-mail) of any change in his/her Personal Data managed by the Data Controller immediately, but no later than within 5 days of the change. The defaulting data subject shall be liable for the damage caused to the Data Controller due to the failure or late delivery of this notification.
9.3. Right to erasure
The data subject has the right to request that the Data Controller delete the personal data concerning him without undue delay, and the Data Controller is obliged to delete the personal data concerning the data subject without undue delay in the following cases:
• the personal data are no longer needed for the purpose for which they were collected or otherwise processed;
• the data subject withdraws the consent that forms the basis of the data management, and there is no other legal basis for the data management;
In the event that the Data Controller has made the Personal Data public, i.e. forwarded it to third parties, in the event of exercising the data subject's right to deletion, the Data Controller will take the reasonably expected steps to inform the further data controllers to whom the Personal Data has been forwarded that the data subject requested from them the deletion of the links to the personal data in question or the copy or duplicate of this personal data.
9.4. The right to restrict data processing
The data subject is entitled to request that the Data Controller restricts data processing if
• the data subject disputes the accuracy of the personal data;
• data management is illegal;
• the data controllers no longer need the personal data for the purpose of data management, but the data subject requires them to submit, enforce or defend legal claims;
• the data subject objected to data processing.
9.5. Right to data portability
The data subject has the right to receive the personal data concerning him/her provided to the Data Controller in a segmented, widely used, machine-readable format, and is also entitled to transmit this data to another data controller without the Data Controller preventing this, if:
• data management is based on consent; and
• data management is automated.
In connection with the exercise of the rights listed above, the data subject is entitled to contact the Data Controller a
• Dr. Németh Zoltán László Law Office (postal address: 1027 Budapest, Margit krt. 44. I. emelet 4.), also at
• via e-mail address zoltan.nemeth@drnemeth.net.
The Data Controller shall provide information on the measures taken as a result of the request in a form that can be understood in writing without undue delay, but no later than 1 month after the submission of the request.

10. THE RIGHT TO APPLY TO THE DATA PROTECTION SUPERVISORY AUTHORITY, COURT
Those concerned can make use of the possibility of legal redress and complaints regarding data management at the National Data Protection and Freedom of Information Authority (NAIH), whose contact details are as follows:
• postal address: 1530 Budapest, Pf.: 5.
• address: 1125 Budapest Szilágyi Erzsébet fasor 22/c.
• phone number: +36 1 391 1400
• fax: +36 1 391 1410
• e-mail address: ugyfelszolgalat@naih.hu
• website: http://naih.hu

We would also like to inform you that, in addition to and without prejudice to the above, you have the right to go to court in connection with the processing of your Data in violation of the GDPR, and also, if you have suffered material or non-material damage due to the violation of the GDPR by the Company, to assert a claim for compensation against the Company.

Law Office of Dr. Zoltán László Németh

Areas of expertise of the Law Office

Economic criminal law
Representation of economic companies and civil organizations
Civil litigation representation
Administrative law
Victim representation
Real estate law
Company formation
Whistleblower protection

Whistleblower Protection
  • The legislation mandates the investigation of abuses and complaints as follows:

  • For organizations employing more than 250 employees and falling under the scope of the Labor Code, as of July 24, 2023.
  • For companies employing 50-250 employees, in effect from December 17, 2023.
Useful sites

© Copyright 2023
Dr. Zoltán László Németh
LAW OFFICE