Welcome on our website! First of all, let us thank you for your visit to our nagydijsorozat.hu website
operated by Hungarian Athletics Association.
Hungarian Athletics Association gives increased emphasis to the protection of your personal data.
Therefore, we try to give you wide information about the data processing of Hungarian Athletics
Association (hereinafter referred to as: HAA or Controller) in a clear, transparent and intelligible
This Privacy Notice regarding the operation of www.nagydijsorozat.hu webpage (hereinafter
referred to as: Webpage) was made by HAA in compliance with and in consideration to the
regulations of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April
2016 on the protection of natural persons with regard to the processing of personal data and on the
free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as: GDPR)
which is to be applied from 25 May 2018 and Act CXII of 2011 on Information Self-determination
and Freedom of Information (hereinafter referred to as: Infotv.)
As the internet and the laws, regulations are changing, improving from time to time, we must also
modify this Privacy Notice from time to time. We reserve the right to the unilateral modification,
amendment of this Privacy Notice if it is necessary.
HAA processes those personal data which have been given voluntarily by third people (hereinafter
referred to as: User or Users) and in compliance with the principles of data protection and data
1. Legal basis and purpose of data processing
On the Webpage, Users may give personal data to the Controller in connection with the use of the
Webpage, as – by visiting respectively by the usage of any of the Webpage – the Users may give
information, data regarding them (anonymous data collection).
1.1. Anonymous data collection and processing
Should the User visit any part of the Webpage, no personal data of the User is collected or
processed by the Controller, based on which data the User could be personally identified.
During the anonymous data processing only the following data is collected and processed:
name of internet-provider, IP-address, the name of the webpage from which the User visited
our Webpage, name of the webpage which the User visited after our Webpage.
Therefore, you may use our Webpage without the disclosure of any personal data. Using of our
Webpage does not depend on providing personal data, except if personal data is required in order
to fulfill your requests, as well as to provide more information requested by the User.
By visiting our Webpage, you acknowledge that the Controller processes data, information stated
in this section, moreover to applies cookies which are needed for the collection of these data. These
data, information is not connected with other personal user data, the User cannot be identified based
on these data, information. Only the Controller has right to access these data, information.
The primary purpose of the process of such data is the proper, safe and smooth operation of the
Webpage. For the sake of this purpose it is necessary to track visitor data and to defecate the abuses
in connection with the usage of the webpage. The legal bases of the anonymous data processing are
section (1) f) of Article 6. of GDPR, namely the legitimate interest of HAA.
identifiers which can be sent by our webserver to your computer in order to identify the computer
which uses the website. Most of the browsers accepts these cookies automatically as per its basic
settings. Information stored in the cookies are stored on the affected computer, but they do not
contain virus nor cause damages. Storage of cookies can be switched off, and you can also set in
your browser to receive notification before cookies are to be stored on your computer.
the optimal and user-friendly operation of the webpage, sending proposals upon request of the
Users, making statistics.
We use the following cookies:
1. Cookies originating from third parties:
a. Cookies used by Google with visitor-analysis purposes (__utma, __utmb, __utmc,
__utmz, PREF, NID, GAPS). Google stores these cookies in your browser for two
b. Cookies used by Facebook for the use of Facebook-functions, such as like, share (datr,
reg_ext_ref, reg_fb_gate, reg_fb_ref). These Cookies are stored in your browser for
2. In case of banner appearances, the identification of the user and identification of the clicks
(banner), which is stored in your browser for one year.
3. Registration cookie – Identification of the user’s activity on the webpage until registration
(registration_cookie). The cookie is stored for one year.
4. Cookies for supporting the workflow of the webpage (PHPSESSID). It is deleted when you
close the browser or if you leave the webpage.
3. Rights of the Users, as data subjects
You, as User (data subject) have the following rights:
a) Right for information, right of access
The data subject has the right to ask for information from the Controller about his/her data
processed by the Controller for free of charge.
This means that the data subject has the right to obtain from the Controller confirmation as to
whether or not personal data concerning him/her are being processed, and, where that is the case,
access to the personal data and the following information:
– the purposes of the processing,
– the categories of personal data concerned,
– the recipients or categories of recipient to whom the personal data have been or will be
disclosed, in particular recipients in third countries or international organizations,
– the envisaged period for which the personal data will be stored, or, if not possible, the criteria
used to determine that period,
– the existence of the right to request from the controller rectification or erasure of personal
data or restriction of processing of personal data concerning the data subject or to object to
– the right to lodge a complaint with a supervisory authority,
– where the personal data are not collected from the data subject, any available information as
to their source,
– the existence of automated decision-making, including profiling, referred to in Article 22(1)
and (4) of GDPR and, at least in those cases, meaningful information about the logic
involved, as well as the significance and the envisaged consequences of such processing for
the data subject.
b) Right to rectification
The data subject has the right to obtain from the Controller without undue delay the rectification of
inaccurate personal data concerning him/her. Taking into account the purposes of the processing,
the data subject has the right to have incomplete personal data completed, including by means of
providing a supplementary statement.
c) Right to erasure, right to be forgotten
The data subject has the right to obtain from the Controller the erasure of personal data concerning
him/her without undue delay and the Controller has the obligation to erase personal data without
undue delay where one of the following grounds applies:
– the personal data are no longer necessary in relation to the purposes for which they were
collected or otherwise processed,
– the data subject withdraws consent on which the processing is based according to point (a)
of Article 6(1) of GDPR, or point (a) of Article 9(2) of GDPR, and where there is no other
legal ground for the processing,
– the data subject objects to the processing pursuant to Article 21(1) and there are no overriding
legitimate grounds for the processing, or the data subject objects to the processing pursuant
to Article 21(2) of GDPR,
– the personal data have been unlawfully processed,
– the personal data have to be erased for compliance with a legal obligation,
– the personal data have been collected in relation to the offer of information society services
referred to in Article 8(1) of GDPR.
If the Controller has made the personal data public and is obliged pursuant to erase the personal
data, the Controller, taking account of available technology and the cost of implementation, shall
take reasonable steps, including technical measures, to inform controllers which are processing the
personal data that the data subject has requested the erasure by such controllers of any links to, or
copy or replication of, those personal data.
d) Right to restriction of processing
The data subject has the right to obtain from the Controller restriction of processing where one of
the following applies:
– the accuracy of the personal data is contested by the data subject, for a period enabling the
Controller to verify the accuracy of the personal data;
– the processing is unlawful and the data subject opposes the erasure of the personal data and
requests the restriction of their use instead;
– the Controller no longer needs the personal data for the purposes of the processing, but they
are required by the data subject for the establishment, exercise or defense of legal claims;
– the data subject has objected to processing pursuant to Article 21(1) of GDPR pending the
verification whether the legitimate grounds of the Controller override those of the data
A data subject who has obtained restriction of processing, shall be informed by the Controller
before the restriction of processing is lifted.
e) Right to object
The data subject has the right to object, on grounds relating to his/her particular situation, at any
time to processing of personal data concerning him/her which is based on point (e) or (f) of Article
6(1) of GDPR, including profiling based on those provisions.
Should the data subject object to processing of personal data concerning him/her, the Controller
shall no longer process the personal data unless the Controller demonstrates compelling legitimate
grounds for the processing which override the interests, rights and freedoms of the data subject or
for the establishment, exercise or defense of legal claims.
Exercise of the rights
If you wish to exercise any of your rights, namely if you wish to ask for information, to access any
of your personal data processed by the Controller, wish the rectification, erasure or restriction of
data processing, or wish to obtain to the data processing, then you may exercise the right via a
written request in English. The request shall be sent to the Controller via post or e-mail.
The Controller shall provide information in writing (via mail or via e-mail) on action taken on your
request to you without undue delay and in any event within 30 days of receipt of the request. That
period may be extended by 60 further days where necessary, considering the complexity and
number of the requests. The Controller shall inform you of any such extension within 30 days of
receipt of the request in writing (via mail or via e-mail), together with the reasons for the delay.
If you make your request by electronic form means, the information shall be provided by electronic
means where possible, unless otherwise requested by you.
Upon your request, the information may be provided orally, provided that your identity is proven
by other means.
Information and any communication and any actions shall be provided and taken free of charge.
Should your request manifestly be unfounded or excessive, in particular because of their repetitive
character, the Controller may – considering the administrative costs of providing the information
or communication or taking the action requested – either:
– charge a reasonable fee, or
– refuse to act on the request.
If the Controller has reasonable doubts concerning the identity of the natural person making the
request, the Controller may request the provision of additional information necessary to confirm
the identity of the data subject.
Should the Controller or any co-worker violate your right, as data subject for the protection of
personal data, we kindly ask you to contact us in order to provide remedy for the problem.
In the event if you do not agree with the procedure of the Controller (processing, giving
information, deny of request regarding rectification, erasure or restriction), believe that the
Controller did not take the proper actions as requested by you, then you may lodge a complaint
with the Hungarian National Authority for Data Protection and Freedom of Information or may
seek judicial remedy at the courts of Hungary in accordance with the laws of Hungary.
Hungarian National Authority for Data Protection and Freedom of Information
seat: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.
postal address: 1530 Budapest, Pf.: 5
telephone: 06 -1- 391-1400
4. The period of data processing
HAA does not collect, process personal data form the Users. Data collected via anonymous data
collection are deleted after 30 days.
The Controller implements technical and organizational measure to protect the data subjects’
personal data from modification, harm, erasure, deletion and from access of unauthorized persons.
All personal data provided to the Controller will be encrypted upon data transfer in order to prevent,
hinder any possible abuse by any third person. The Controller regularly tests and evaluates the
effectiveness of security measures to be in compliance with the technical developments.
6. Data processor
Anonymous data in connection with the Webpage, and the personal data is processed by our
Hosting-provider: Bitadmin Kft.
seat: 1151 Budapest, Fő út 82. fszt. 2.
7. Contact details
Should you have any questions, proposals, requests, we kindly ask you to contact HAA at our email
address or any other contact provided on our website.
Should you have any questions for which the answer is not clear after reading this Privacy Notice,
please do not hesitate to contact us.
Hungarian Athletics Association
abbreviated name: HAA
seat: 1146 Budapest, Istvánmezei út 1-3.
registration number: 01-07-0000002
tax number: 18158407-2-42
representative: Miklós Gyulai, president
Contact details of the controller:
Postal address: 1146 Budapest, Istvánmezei út 1-3.