Privacy Policy

• The purpose of this privacy notice is to provide information about the scope of personal data processed by the Data Controller and the rights of the Data Subjects.

• The fundamental principle of data processing is to ensure the protection of personal data in accordance with applicable laws and regulations.

• The Data Controller undertakes to ensure, in the course of data processing and record keeping, that:

  • data security is maintained;

  • the privacy of Data Subjects is protected;

  • data is safeguarded against unauthorized access, alteration, transmission, disclosure, deletion, or destruction;

  • appropriate technical and IT measures are implemented.

According to this policy, the Data Controller is:

Data Controller 1:
Name:	Aliante Kft
Registered office:	2100. Gödöllő, Ibolya utca 7.
Company registration number:	13-09-143180
Tax number:	23083855-2-13
Managing Director:	Benke Gábor
Website:	www.aliante.hu
Email:	info@aliante.hu
Phone:	+36 30 011 2100

Data Processor:
A natural or legal person, public authority, agency, or any other body that processes personal data on behalf of the Data Controller.

Regarding the personal data processed by the Data Controller, the data required for invoicing are processed by an office located at 1037 Budapest, Bojtár utca 56., operating under a contractual relationship with the Data Controller.

The websites are hosted by Rackhost Zrt.
Hosting provider's address: 6722 Szeged, Tisza Lajos körút 41.
Tax number: 25333572-2-06

 

3.1. The Data Controller processes the personal data of individuals with whom it has a contractual relationship for the purpose of fulfilling obligations arising from the contractual relationship.

For quotation requests and the establishment of contractual relationships, the data subject is required to provide their personal data to the Data Controller. Failure to provide the required personal data may prevent the fulfillment of contractual obligations.

The Data Controller may also process the personal data of the data subject based on their informed prior consent.

3.2. Scope of personal data processed:

In connection with their joint provision of entertainment, leisure, marketing, and event services, the Parties process the following personal data of customers (data subjects) who engage with them:

• Surname
• First name
• Date of birth
• Phone number
• Email address
• Tax identification number
• Residential address
• Gender

3.3. Purpose of data processing:

• Fulfillment of contractual obligations
• Issuance of invoices
• Sending information and updates related to activities and products

3.4. Duration of data processing:

• From the start of the quotation request/service usage
• Until the fulfillment of contractual obligations and issuance of the invoice
• Until the end of the statutory retention period for invoices
• Until consent is withdrawn

4.1. Right of access
The Data Subject shall have the right to obtain confirmation from the Data Controller as to whether or not personal data concerning them are being processed, and, where that is the case, access to the personal data and the following information:

• the purposes of the processing;
• the categories of personal data concerned;
• the recipients or categories of recipient to whom the personal data have been or will be disclosed;
• the envisaged period for which the personal data will be stored;
• the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the Data Subject or to object to such processing;
• the right to lodge a complaint with a supervisory authority;
• where the personal data are not collected from the Data Subject, any available information as to their source;
• the existence of automated decision-making, including profiling.

4.2. Right to rectification
The Data Subject shall have the right to obtain from the Data Controller without undue delay the rectification of inaccurate personal data concerning them. Taking into account the purposes of the processing, the Data Subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

4.3. Right to erasure (‘right to be forgotten’)
The Data Subject shall have the right to obtain from the Data Controller the erasure of personal data concerning them without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

• the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
• the Data Subject withdraws consent on which the processing is based and where there is no other legal ground for the processing;
• the Data Subject objects to the processing and there are no overriding legitimate grounds for the processing;
• the personal data have been unlawfully processed;
• the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
• the personal data have been collected in relation to the offer of information society services.

4.4. Right to restriction of processing
The Data Subject shall have the right to obtain from the Data Controller restriction of processing where one of the following applies:

• the accuracy of the personal data is contested by the Data Subject, for a period enabling the controller to verify the accuracy of the personal data;
• the processing is unlawful and the Data Subject opposes the erasure of the personal data and requests the restriction of their use instead;
• the Data Controller no longer needs the personal data for the purposes of the processing, but they are required by the Data Subject for the establishment, exercise or defence of legal claims;
• the Data Subject has objected to processing pending the verification whether the legitimate grounds of the controller override those of the Data Subject.

4.5. In the event of a violation of rights concerning the personal data processed, the Data Subject may lodge a complaint with the Data Controller.

Within this framework, the Data Subject may request the Data Controller to:

• provide information about the processing of their personal data;
• rectify their personal data;
• delete or block their personal data, except in cases of mandatory data processing.

4.6. The Data Subject shall have the right to request the restriction of the processing of their personal data in the following cases:

• concerning inaccurate data, until such data are rectified or supplemented;
• if they do not consent to the erasure of their data, yet the data processing is unlawful;
• if the data are required by the Data Subject, independently of the Data Controller, for the purpose of asserting, enforcing, or defending future legal claims.

 

4.7. The Data Controller shall notify all parties to whom the personal data have been disclosed about any rectification, erasure, or restriction of the processing of the Data Subject’s personal data.

4.8. The Data Subject shall have the right to receive the personal data concerning them, in a structured, commonly used and machine-readable format, in order to transmit those data to another data controller, such as a new controller or a personal income tax accountant.

The Data Controller may transfer the personal data of the Data Subjects to a third-party service provider following prior notification of the Data Subject in accordance with this information notice.

The Data Controller does not intend to transfer the personal data of the Data Subject to any third country or international organisation.