Fueling the growth
of the Hungarian startup ecosystem

GENERAL TERMS AND CONDITIONS

I.	General information

1.	The website that is the subject of the present GTC (hereafter referred to as: Website) can be found at:
www.startuphungary.io

2.	The operator of the Website:
Name: Startup Hungary Foundation
Registered seat: 16 Wesselényi St., H-1077 Budapest, Hungary
Registration number: soon to be published
Tax ID number: soon to be published
Court of registry: Budapest-Capital Regional Court (Hungary)

3.	The Service Provider:
The operator of the Website.

4.	User:

The private person, legal entity, economic company without legal entity or other person or organisation that enters the Webpage and – if available – registers thereto, uses the service provided on the Website and uses the functions of the Website.

II.	General terms of use

1.	By visiting the Website and using any of the functions available thereon, the User accepts the terms of use set out herein. 

2. 	Any and all visual, written or other content found on the Website, as well as the structuring and layout thereof, moreover the trademarks, logos, characters, service marks, as well as any and all intellectual property displayed on the Website is protected by copyright, trademark law and other intellectual property legislation, which are the exclusive property of the Service Provider.

3.	The User is entitled to browse the Website, and to make private usage excerpts of its contents by way of printing or saving to hard drive. This entitlement is subject to the condition that User leaves the copyright and other legal proprietary notices intact, and that User leaves Startup Hungary Foundation displayed on the excerpts as legal proprietor thereof. The contents of the Website may not be used in any way, means or form that exceeds the fair use criteria set out in Act LXXVI of 1999 on copyright, and User shall comply with the regulations of the copyright act at all times when browsing or using the Website. 

4.	Any excerpts or copies of any part of the Website are prohibited from being sold or used for commercial purposes, said excerpts or copies may not be modified, and may not be used or adapted in any other works, publications or websites.

5.	Under no circumstances may contents of the Website be construed or interpreted in such a way that would mean the granting of a licence or a permission of use to anyone regarding the trademarks or copyright protected works displayed on the Website. User is expressly prohibited from (unlawfully) using the trademarks displayed on the Website or on any of the contents available on the Website, with exceptions set out in the present terms and conditions. We inform the Users moreover, that Startup Hungary Foundation shall enforce its intellectual property rights to the fullest possible extent of the law.

6.	Any communication or material of a non-personal nature that are forwarded to the Website by the User by electronic mail or other means – including any data, inquiries, comments or recommendations or otherwise – do not constitute confidential information or information under legal protection, and shall be construed by Startup Hungary Foundation as such. Any information or data forwarded to the Website or uploaded as a comment thereto constitutes the property of Startup Hungary Foundation, who shall be entitled to use them for any purpose – including, but not limited to reproduction, transfer, forwarding, transmission, dissemination to the public and publication. Startup Hungary Foundation shall moreover be entitled to use the communicated thoughts, works, inventions, developments, ideas or concepts for any purpose (including product development, production and marketing). The party communicating the used information shall not be entitled to any remuneration. By forwarding said information, the communicating party warrants that they are the sole rights holder over the communicated material/content, that these materials/contents do not serve to offend, and that the usage thereof by Startup Hungary Foundation does not infringe upon any third party rights or legal regulations. Startup Hungary Foundation shall be under no obligation to use the information communicated by use of the Website. 

III.	Correctness, completeness, and actuality of data

1.	Startup Hungary Foundation makes every reasonable effort to ensure the correctness, completeness and actuality of the data found on the Website, but accepts no liability for any damage whatsoever that may occur due to or be attributable to any incorrect, incomplete or out of date information or data. User may refer to the data and material on the Website at their own risk. User accepts that the following of any changes occurring to the materials, data, and information on the Website shall be their responsibility.

2.	The information, data and conditions displayed on the Website serve exclusively as general information, Startup Hungary Foundation accepts no liability for any damage or expense whatsoever that may occur due to or be attributable to these being incorrect or incomplete. Startup Hungary Foundation shall not be liable for any damages, losses or expenses that result from the use of the Website, the unavailability of the Website, the malfunction or service disruption thereof, nor from any unauthorised alterations of the data thereon, nor from any lateness of information being forwarded, from computer viruses, line- or system failures or any other similar reasons.

3.	The information on the Website regarding professional courses, classes and programs are also of a merely informational nature, including the participation fees and participation conditions, if applicable. The information regarding the participation fees and participation conditions professional courses, classes and programs are not exhaustive, the organiser is to be consulted regarding the above. 

IV.	Automatically collected data

When visiting the website, one or more cookies – small files containing a string of characters – may be sent to the User’s computer, by which their browser may be uniquely identified. These cookies are only sent by the system to the User’s computer upon visiting certain sub-pages, thus, these only contain the time and occurrence of the visit having taken place, with the Website storing no further information in them. Third party providers, including Google, use these cookies to store whether the User had already visited the advertisers’ websites, and use these to display advertisements on the websites of the partners of external providers – including Google.

2.	Cookies and their use are governed by a separate Cookie Policy, which is available on the Website.

V.	Protection of Personal Data

1.	Visiting the Webpage is not tied to any registration and does not entail the User handing over any personal data. However, it is possible to contact the Service Provider via the Website, thus, should any personal data come into the possession of Startup Hungary Foundation, the data processors shall process those in accordance with the regulations of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereafter as: GDPR), and with Act CXII of 2011 on the right to information self-determination and the freedom on information, and with the regulations of the Privacy Policy of the Company, governing the data processing of the Company regarding their online platform, which may be found on the Website under http://www.startuphungary.io?open=privacy-policy.

2.	Startup Hungary Foundation shall process any data forwarded to them via the internet with the same level of care as if they were forwarded to them via any other means. 

VI.	Warranty and limitation of liability

1.	User shall use the Website at their own, sole risk. 

2.	The present Website is provided by Startup Hungary Foundation “As Is” and “As Available”, accordingly, Startup Hungary Foundation accepts no warranty – be it express, implied, based on legislation or otherwise (e. g. warranties on marketability, quality or suitability for a given purpose) – for the completeness, correctness, reliability, up-to-date nature, legal compliance of the Website, for any disruptions in availability, for any faults, errors or viruses, nor for the correctness or reliability of any advice or opinions stated on the Website. Startup Hungary Foundation expressly waives any responsibility or connection for any such warranties or remarks.

3.	Startup Hungary Foundation reserves the right to restrict, suspend or deny access to the present Website or any part or function thereof at any time of their choosing without any prior notice being provided.

4.	Startup Hungary Foundation and/or any third parties involved in the design, production or the making available of the present Website expressly reject any liability to the fullest possible extent allowed by applicable law regarding any direct, consequential, indirect, special or punitive damages, expenses, losses or obligations that may emerge in connection to the access to the Website or any other websites visited by way of a link found on the Website, or from the usage or the unavailability thereof, or from any changes to their contents, nor for any actions having been taken or not taken per any electronic mail sent by the User to Startup Hungary Foundation.

5.	Startup Hungary Foundation and/or any third parties involved in the design, production or the making available of the present Website are under no obligation to uphold or to maintain the material and services provided on the website, nor to conduct any fixes, actualisation or updates thereon. Contents on the Website are subject to change without prior notice.

6.	Startup Hungary Foundation accepts no liability for any damages or losses that may emerge in relation to usage of or access to the Website, nor from any material being downloaded from the Website resulting in the User’s computer or any other persons’ property being infected by any computer viruses. Users shall download any and all material from the Website at their own sole risk.

7.	User shall, to the fullest extent afforded by applicable legislation, waive the right to assert any claim towards Startup Hungary Foundation and their officers, directors, employees, subcontractors or programmers based on any usage of, or access to the Website.

VII.	Miscellaneous and closing provisions

1.	User is prohibited from engaging in any behaviour held unilaterally by Startup Hungary Foundation to be improper, and/or any behaviour that is considered illegal or prohibited by any applicable laws..

2.	Startup Hungary Foundation is entitled to unilaterally amend the present legal notice at any time, in any way, of which they shall not be required to notify the Users in advance. Any such amendments shall enter into force upon having been published on the Website. 

3.	By visiting the Website, Users accept the present GTC as legally binding towards their person. 

4.	Should any provision of the present GTC become void, this provision shall not affect any other provisions of the GTC. 

5.	The present GTC shall enter into force upon having been published on the Website.


Budapest, 30th of June 2020.

PRIVACY POLICY
 
The operator of the www.startuphungary.io website (hereinafter referred to as: Website), the Startup Hungary Foundation (registered seat: 16 Wesselényi St., H-1077 Budapest, Hungary; registration number: soon to be published]; tax ID number: soon to be published; hereinafter referred to as: Foundation/Service Provider) informs Users below regarding the data processing conducted in relation to the Website and to the activities conducted by the Service Provider pursuant to the regulations of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereafter as: GDPR), and with Act CXII of 2011 on the right to information self-determination and the freedom on information (hereinafter as: Infotv.)
 
Terms and definitions
 
For the purposes of the present Notice, the terms below shall mean the following:
Personal data: any information relating to an identified or identifiable natural person (hereinafter referred to as: data subject); an identifiable person meaning one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.;
Data processing: any operation or set of operations performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
Data controller: the natural or legal person, government body, agency or any other organisation, which determines the purposes and means of the data processing either solely or jointly with others; if the purposes and means of the data processing is regulated by EU or state laws, such EU or state laws may set out the data processor to be appointed, or may set out the specific aspects per which the data processor is to be appointed;
Data processor: the natural or legal person, government body, agency or any other organisation, which processes personal data on behalf of the data controller; 
Data erasure: the complete physical destruction of the media containing the data;
Data forwarding: the making available of the data to a given third party;
Data deletion: rendering the data incomprehensible in a way that allows for no reinstation thereof;
User: the person visiting, browsing the Website (Data subject);
Online interface: the Website operated by the Foundation (www.startuphungary.io).
 
General provisions

The Website of the Foundation may be accessed by anyone – without having to hand over their personal data – and may freely gain information thereon without restriction.

Regarding any data processing that may occur on the Website, the Service Provider shall be deemed as data controller. Regarding the provision of Services, the Service Provider shall also be deemed as the data controller.

Users are solely liable for the data handed over to them and the contents the upload, for which Service Provider expressly denies any liability.

Service Provider is entitled to amend the present privacy policy unilaterally, at any time. Service Provider issues the amendments of the present privacy policy by publishing them on the Website, in a separate menu item. Users are kindly requested to carefully consult the privacy policy upon any visit to the Website.

The present privacy policy is continuously available on the Website. Users may open, view, print or save the present privacy policy, but may not amend or alter it, this is the sole prerogative of the Service Provider.

Categories of personal data processed by Service Provider, the purpose, legal basis, mode and timeframe of processing 
 
The legal bases for our data processing are the following:
a) 	GDPR Article 6 (1) a), where the processing is based on the informed consent of the data subject (hereafter referred to as: Consent);
b) 	GDPR Article 6 (1) b), where processing is necessary for the performance of a contract to which the data subject is party (hereafter referred to as: Conclusion of Contract)
c) 	GDPR Article 6 (1) c) where data processing is necessary for the fulfilment of or compliance with a legal obligation of the data controller (e.g. obligations with tax statues – hereafter referred to as: Compliance)
d) 	GDPR Article 6 (1) d), where processing is necessary in order to protect the vital interests of the data subject or of another natural person (hereafter referred to as: Vital Interest);
e) 	GDPR Article 6 (1) e), where processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (hereafter referred to as: Public Interest);
f) 	GDPR Article 6 (1) f) where data processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, (hereinafter referred to as: Lawful Interest)
 
Data processing regarding direct marketing and newsletters 
 
We inform the Users that we send newsletters to persons having expressly subscribed to these newsletters. Users may subscribe to the newsletters on the Website by checking the appropriate checkbox and clicking the appropriate button. 

Subscribers to the newsletter may freely unsubscribe at any time by clicking the unsubscribe link found at the end of every newsletter.

Service Provider will send no further newsletters to any persons that have unsubscribed from them.

After having revoked consent, consent may be re-given at any time. Consent is not a prerequisite condition to the usage of any Service. E-mail address and name must be provided when giving consent, without which the giving of consent is not possible. Revocation of consent shall also require the provision of an e-mail address and name for the purposes of identification. 
 
Data subject
Data category
Data source
Purpose of data processing
Legal basis of data processing
Timeframe of processing, time of deletion
Newsletter subscriber
Name
Data subject (User)
Sending of electronic direct marketing messages, newsletters
GDPR Article 6 (1) a): consent 
Until revocation of consent
E-mail address
Data subject (User)
Sending of electronic direct marketing messages, newsletters
GDPR Article 6 (1) a): consent 
Until revocation of consent
 
 
Processing of automatically collected data regarding the Website
 
Data subject
Data category
Data source
Purpose of data processing
Legal basis of data processing
Timeframe of processing, time of deletion
User visiting the Website
IP address, country, type and version number of browser, device and operating system used, language settings, time of visit
Data subject (User)
Statistics,
Website development, User identification and recognition
GDPR Article 6 (1) f), necessary for the purposes of the legitimate interests pursued by the controller
2 years from time of visit
IP address, country, type and version number of browser, device and operating system used, language settings, time of visit
Data subject (User)
Statistics,
Website development, User identification and recognition
GDPR Article 6 (1) f), necessary for the purposes of the legitimate interests pursued by the controller
2 years from time of visit
 
Service Provider uses cookies and other various programs in order to ascertain the Website’s Users’ preferences and conduct regarding the Website, and to develop the Website based thereon. Service Provider creates anonymous statistics of the Website visits.

The above data processing is the lawful business interest of the Service Provider since this serves to enable the Service Provider to improve the Website and to make it more secure. The scope of the collected data is not significant, these are only collected and processed by the Service Provider, with Service Provider collecting no behavioural preferences, and conducting no automated decision making based thereon, with no personalised offer being sent by the Service Provider to Users based thereon. Concordantly, this data processing does not affect User’s fundamental rights and freedoms adversely.

Further information is set out in the Cookie Policy, which Users can find on our website.



Processing of job applicants’ data

The CV’s and other data forwarded by those applying for a job at the Service Provider are processed as follows: 

We inform you that by forwarding your CV and job application to the Foundation, User (applicant) consents to the Foundation processing their personal data for the purposes of recruiting, communicating an offer, for contacting and identification, and to the Foundation sending messages and notifications to them via their given contact information.
Service Provider processes the data given by the data subject during the course of application to a given position, as well as the data collected by the Foundation for the duration of the recruiting procedure, with all data being deleted upon the conclusion of the recruiting procedure.

Should the recruiting procedure be drawn out and exceed a year’s time, the personal data shall only be processed by the Foundation for a year after them having been handed in by the data subject.

Users have the opportunity however to allow the Foundation to store and process their data for the purposes of future recruiting and sending of job offers regardless of the position which they apply to. For this, the Foundation shall ask for express consent. Should User give their consent thereto, the Foundation shall then be entitled to process their data for an additional 2 years for the purposes set out in the present section.

Should the Foundation enter into an employment agreement with the User, these data shall then be subject to and governed by the timeframe set out in the employees’ data policy, of which the Foundation shall inform User upon the conclusion of their employment agreement.

The legal bases for the data processing is set out by the Service Provider below, per data types and data processing purposes:

Data category
Data source
Purpose of data processing
Legal basis of data processing
CV data (degree, alma mater, previous positions, professional experience, hobbies, etc.) 


Applicant data subject
Recruiting
Job offer communication
Contact keeping
Identification
GDPR Article 6 (1) a): consent
Name
Applicant data subject Head-hunter, employment agent 
CV databases
Recruiting
Job offer communication
Contact keeping
Identification
GDPR Article 6 (1) a): consent
Address
Applicant data subject Head-hunter, employment agent 
CV databases
Recruiting
Job offer communication
Contact keeping
Identification
GDPR Article 6 (1) a): consent
Date and place of birth
Applicant data subject Head-hunter, employment agent 
CV databases
Recruiting
Job offer communication
Identification
GDPR Article 6 (1) a): consent
Nationality
Applicant data subject Head-hunter, employment agent 
CV databases
Recruiting
Job offer communication
Contact keeping
Identification
GDPR Article 6 (1) a): consent
Telephone number
Applicant data subject Head-hunter, employment agent 
CV databases
Recruiting
Job offer communication
Contact keeping
Identification
GDPR Article 6 (1) a): consent
E-mail
Applicant data subject Head-hunter, employment agent 
CV databases
Recruiting
Job offer communication
Contact keeping
Identification
GDPR Article 6 (1) a): consent
Photo
Applicant data subject Head-hunter, employment agent 
CV databases
Recruiting
Job offer communication
Identification
GDPR Article 6 (1) a): consent
Language proficiency
Applicant data subject Head-hunter, employment agent 
CV databases
Recruiting
Job offer communication


GDPR Article 6 (1) a): consent
Publications, presentations, projects
Applicant data subject Head-hunter, employment agent 
CV databases
Recruiting
Job offer communication
Contact keeping
Identification
GDPR Article 6 (1) a): consent
References
Applicant data subject Head-hunter, employment agent 
CV databases
Recruiting
Job offer communication
 
GDPR Article 6 (1) a): consent
Social media information
Applicant data subject Head-hunter, employment agent 
CV databases
Recruiting
Job offer communication
 
GDPR Article 6 (1) a): consent
 
Use of data publicly available on social media platforms 

In case of job applications, the Foundation may view the User’s (applicant’s) information on social media platforms, e. g. Facebook, LinkedIn profiles, their activity, posts, comments thereon in order to judge whether the applicant is suitable for the given position. The Foundation shall only view the publicly accessible information on these social media platforms, with the Foundation conducting no searches in closed groups or other semi-restricted sections. Moreover, the Foundation shall not save nor store the social media profiles of the applicants, neither shall they make notes thereof. No sensitive or special categories of data regarding the User are processed by the Foundation, including their social media platform data. The Foundation shall only view data on social media platforms that are of importance to the position being applied for.

Provision and revocation of consent

Regarding the processing of personal data for the above purposes, the User (applicant) gives their consent freely by actively submitting their application to the position. The User may revoke their consent at any time by sending an e-mail to hello@startuphungary.io, where the following data are mandatory and required: name, date of birth and e-mail address; in order to enable the Foundation to ascertain whose data is to be deleted.
In case of a User’s consent being revoked, all of their processed data shall be deleted. The deletion obligation shall extend to data stored both electronically and on paper.

Notifications on the success of an application

After the conclusion of a recruitment procedure, applicants are notified by the Foundation via e-mail whether the Foundation wishes to enter into an employment relationship with them, or not.

Data provided by completing forms 

In order to achieve their goals, the Foundation strives to reach as many domestic enterprises and enterprising individual as possible via the Website. To this end, the User has the opportunity to fill out the form found on the Website at https://www.startuphungary.io/#11 in order to get in touch with the Foundation, thus helping the efforts of the Foundation.

Data category
Data source
Purpose of data processing
Legal basis of data processing
Name
Data subject User
Statistics, marketing contact (with a personalised offer)
GDPR Article 6 (1) a): consent
E-mail address
Data subject User
Statistics, marketing contact (with a personalised offer)
GDPR Article 6 (1) a): consent
Users relationship with the startup community (regarding the type, name and website of the enterprise they are involved in) 
Data subject User
Statistics, marketing contact (with a personalised offer)
GDPR Article 6 (1) a): consent

Purpose of data processing
The scope of the collected and processed data is not substantial, these are used by the Service Provider to produce and to analyse anonymous statistics, moreover to conduct marketing communication, by which the User is contacted by the Foundation with a personalised offer based on the data provided by them.

Timeframe of data processing
The Foundation shall only store data provided via the form for a maximum of 2 years from their provision, following which they shall be deleted.

Provision and revocation of consent
Regarding the processing of personal data for the above purposes, the User gives their consent freely by actively filling out and submitting the form to the Foundation. The User may revoke their consent at any time by sending an e-mail to hello@startuphungary.io, where the following data are mandatory and required: name, date of birth and e-mail address; in order to enable the Foundation to ascertain whose data is to be deleted.

In case of a User’s consent being revoked, all of their processed data shall be deleted. 

The deletion obligation shall extend to data stored both electronically and on paper.

Data controller and data processors
 
Regarding the data specified under point III, the data controller is the Service Provider:

Startup Hungary Foundation
Registered seat: 16 Wesselényi St., H-1077 Budapest, Hungary.
Court of registry: Budapest-Capital Regional Court (Hungary)
Company registration number: soon to be published
Tax ID number: soon to be published
E-mail address: hello@startuphungary.io

On behalf of the Service Provider, the data of the User may be accessed by the employees of service provider to the extent that is necessary for the carrying out of their tasks. Access rights to personal data are regulated in a strict internal policy.
 
Data processors

Service Provider engages various enterprises for the processing and storing of User’s data, with whom Service Provider concludes data processing agreements. The following data processors conduct data processing regarding the User’s data:
 
Name and address of data processor
Purpose of data processing
Categories of processed data
MailChimp (675 Ponce de Leon Ave NE, Suite 5000; Atlanta, GA 30308 USA)
Newsletter sending service
Data specified under point III. 2.
Google LLC. (USA, Google Data Protection Office, 1600
Amphitheatre Pkwy Mountain View, California 94043
- Google Analytics)
Google Analytics service
Data specified under point III. 2.
Strikingly Inc. (120 Clipper Drive Belmont, CA 94002 United States
Hosting service
Data specified under point III. 2.
Typeform Ltd. (Barcelona, ES (HQ)
163 Carrer de Bac de Roda)


Online form service
Data specified under point III. 4.
 
From the above data processors, the US-based companies Google LLC and MailChimp are all members of the USA- EU Privacy Shield List created on the basis of the adequacy decision of the European Commission according to Article 45 of GDPR and decision 2016/1260 of the European Commission. This means that data transfer to these entities shall not be deemed as data transfer to third countries outside the European Union and the affected persons’ specific consent is not required for the data transfer to these entities to be allowed. These entities have undertaken to ensure their compliance with the GDPR.
 
US-based data processors engaged by the Service Provider that are not on the Privacy Shield List:

Strikingly Inc. (120 Clipper Drive Belmont, CA 94002 United States) is a United States-based company, which is not found on the Privacy Shield List, with no binding corporate rules or compliance regulations of the European Committee being in place regarding the United States, as well as no adequate guarantees per Article 46 of the GDPR being given; thus, data forwarding to them may only take place based on specific consent per Article 49 (1) a) of the GDPR. Based on the above, data subjects are hereby informed of the following possible risks:

it cannot be ensured that the given enterprise complies with GDPR regulations,
it cannot be ensured that the given enterprise observes data security provisions,
it cannot be ensured that the given enterprise provides an adequate level of security regarding the processing of personal data,
it cannot be ensured that the legal regulations governing the given enterprise ensure the protection of fundamental rights and the protection of personal data,
it cannot be ensured that the given enterprise is under the supervision of a competent and independent supervisory authority or body that supervises the data processing of the given enterprise,
it cannot be ensured that the country in which the given enterprise operates is in observance of their international law obligations on the protection of personal data,
it cannot be ensured that the data subject is able to effectively and satisfactorily exercise their data privacy rights in the country in which the given enterprise operates.
 
The Foundation is entitled and obligated to hand over personal data in their possession and lawful storage to the competent authorities where they are compelled to by applicable law or a final authority decision. For any such data forwarding, and for any consequences thereto, the Foundation may not be held liable. No other data forwarding is conducted by the Foundation. 
 
 
Data privacy directives observed by the Foundation 
 
The Foundation respects the legally protected rights of their Users and of those who visit the online interfaces operated by them.
 
The personal data that is directly necessary for the usage of the services of the Foundation is processed by the Foundation per the consent of the data subjects, and strictly for the purposes pertaining thereto. The Foundation uses the personal data of the Users specified under point III hereto only per the means and purposes set out in the present Privacy Policy.
 
The Foundation as data controller undertakes to process the data in their possession per the provisions of the GDPR, of the Infotv. and other relevant legal regulations, and the regulations of the present Privacy Policy, and to refrain from making them available to any third parties not including those specified in the present Privacy Policy. The use of statistical compilations of data that do not contain the names or identifying data of Users in any way serve as an exception to the present point, as these do not constitute data processing, nor data forwarding.
 
The Foundation shall, in certain situations – e.g. official court or police inquiries, legal procedures regarding copyright, property or other disputes or the suspicion thereof concerning infringements upon the lawful interest of the Foundation, the endangerment of their provision of services, as well as per court or authority warrants –, as well as based on the User’s prior express consent, make User’s data available to third parties.
 
The Foundation shall make every reasonable effort to ensure that the processing and management of the Users’ data is given the protection set out by applicable law, to that end, the Foundation operate security systems.
 
Protection of personal data
 
The Foundation complies with their obligations deriving from the applicable privacy regulations by:

keeping personal data up to date;
safely storing and deleting them;
not collecting or storing excess amounts of data;
protecting personal data from loss, violation, unauthorised access or publication, as well as ensuring that adequate technical measures are in place, protecting personal data.

The Foundation carries out adequate technical and organisational measures in order to protect the Users’ personal data from accidental or unlawful destruction, loss or modification, as well as unlawful communication or access – especially where network communication thereof is a part of the processing –, and to protect data form any unlawful form of processing.

Accordingly, the Foundation emplaces various levels of access rights over the data, which ensures that the data are only accessed by persons having adequate clearance, who are required to access the data in order to carry out their job or to fulfil their related obligations.

Rights of the User

Pursuant to the data protection legislation in place, the data subject is entitled to:
request access to their personal data,
request corrections regarding their personal data,
request deletion of their personal data,
request the restriction of their personal data,
object to the processing of their personal data,
request the porting of their personal data,
revoke their consent regarding data processing
file a complaint regarding any grievances.

a)	Right of access
The data subject is entitled to receive feedback from the data controller on whether their personal data is being processed or not, and if so, to request access to their personal data.

The data subject is entitled to request copies of their personal data being processed. For the purposes of identification, the data controller may request additional information from the subject, and – with the exception of the first copy being handed out – to charge any warranted administrative fees that further copies may entail. 

b)	Right of correction
The data subject is entitled to request any of their erroneous personal data to be rectified by the data controller. Based on the given data processing purpose, the data subject may be entitled to request incomplete personal data to be amended.

c)	Right of deletion („right to be forgotten”)
The data subject is entitled to request the data controller to delete their personal data, and the data controller shall delete these. In any such case, the data controller will not be able to provide any further services to the User. 

d)	Right of restriction
The data subject is entitled to request the restriction of their personal data. In this case, the data controller shall mark the affected personal data, which shall only be processed for certain specific purposes.

e)	Right to objection 
The data subject is entitled to object at any time, for any reasons of their own, to the processing of their personal data per Article 6 (1) e) or f) of the general data protection regulation, including the profiling based on said regulations, and to request that the data controller no longer process their personal data.

Moreover, where the User’s data is processed by the Foundation per lawful interest, User is entitled to object to their data being processed per this basis.

Additionally, User is entitled to request human intervention in specific cases of automated decision making. We inform Users that data controller employs no automated decision making mechanisms.

f)	Right to data portability
The data subject is entitled to request that their given personal data be provided to them in an articulated, widely recognised, computer readable format (i.e. digital format) from the data processor, and is entitled moreover – where technically possible – to request these data to be forwarded to another data controller without the Foundation hindering this.

g)	Right to revoke consent
Where the processing of User’s personal data is conducted per their consent, User may revoke their consent at any time via the link found in newsletters, or by changing their website-profile or mobile device settings. Revocation of consent does not affect the legality of consent-based data processing conducted prior to the revocation of consent.

If User revokes their consent given to the Foundation, the services provided by the Foundation may partially or wholly be unavailable to be provided.

h)	Right to file a complaint with the supervisory authority
If the User believes that their personal data have been infringed upon, they may file a complaint with the local data privacy supervisory authority, primarily per their residence, their place of work or in the member state where the purported breach had taken place.

In Hungary, they may turn to the National Authority for Data Protection and Freedom of Information: H-1125, Hungary, Budapest, 22/C. Szilágyi Erzsébet fasor; telephone: +36-1 391-1400; telefax: +36-1 391-1410; e-mail: ugyfelszolgalat@naih.hu).

Contact keeping

Should the User wish to exercise their data privacy rights or to lodge a complaint, they may contact the Foundation’s appointed colleague via an e-mail sent to the e-mail address below. Moreover, User may seek out the Foundation by way of mail sent to the postal address below.

E-mail: hello@startuphungary.io
Postal address: Budapest, Wesselényi u. 16a, 1077
 
Miscellaneous provisions
 
In case of any data privacy incidents, the Foundation shall notify the supervising authority per the applicable legal regulations, within 72 hours from having gained knowledge of the incident; and shall keep records thereof. The Foundation shall notify Users thereof in cases specified by law.
 
The data processor shall regularly check their online platforms and the information published thereon and shall make every reasonable effort to ensure the information thereon are current and factual. However, User may find information on these online platforms that are out of date. The Foundation accepts no material liability for this information.
 
Visitors of the Foundation’s online platforms and Users may visit other websites from the Foundation’s online platforms that are not operated by the Foundation. The Foundation accepts no liability regarding the correctness of data found thereon, the contents of these pages, and for the security of any data provided there by visitors of the Foundation’s online platforms and Users. Thus, when using these websites, please take special care in consulting the privacy policies of the respective operating companies found thereon.
 

The present Privacy Policy shall enter into force on the 30th of June 2020!