Privacy Statement

PRIVACY STATEMENT

This notice relates to the data processing on the website of and at the event named 18th Competitiveness Operational Programs International Conference (Budapest, 8-9 April 2025) organized by the NATIONAL DEVELOPMENT CENTRE - DIRECTORATE GENERAL RESPONSIBLE FOR THE IMPLEMENTATION OF ECONOMIC DEVELOPMENT PROGRAMS.

We inform you that the Data Controller regarding the personal data you provide is the National Development Centre, Directorate General Responsible for the Implementation of Economic Development Programs (hereinafter: "Data Controller").

Data Controller's contact details:

Data Controller's registered office (address): 1077 Budapest, Wesselényi street 20-22,

 Data Controller's email address: competitivenessop.conf@nfk.gov.hu

 Data Controller's website: https://competitivenessop-conf.gov.hu/

Please read this data protection notice (hereinafter: "Notice") carefully, which describes our practices regarding the processing of your personal data, as well as your rights and legal remedies under the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council, "GDPR").

This Notice describes how the Data Controller processes your personal data.

This Notice also provides information about your "data subject" rights and legal remedies related to data processing.

This Notice covers online and offline data collection, including personal data collected on the Data Controller's website and at events. Regarding the data processing described in this Notice, the Data Controller is the data controller.

If you have any questions, comments or complaints regarding our data protection procedures, please contact us at the contact details indicated above.

Below, we describe the purposes for which we collect and process your personal data, and the criteria according to which we process it, as well as how long we store the personal data processed for each purpose.

Please note that the following data processing purposes do not apply to everyone in all cases.

For what purposes may we use your personal data?

Event registration - We process the data you voluntarily provide on the registration page to record your intention to participate in the event and to clearly identify you for this purpose.

What personal data do we process? Source of data?

With your voluntary consent on the registration page, we collect and process the following data: Name, email address (to confirm the success of the registration), Organization (for your clear identification).

Source of data: the data subject.

Legal basis of data processing

Consent of the data subject (Article 6 (1) a) of the GDPR).

Duration of data processing

30 days after the event for the purpose of subsequent verification of the event (e.g., if a crime occurred at the event and it is necessary to investigate the related circumstances, or if an invitee left something behind).

For what purposes may we use your personal data?

Legal claim enforcement by the Data Controller or defence against claims against the Data Controller

This may include, for example, claim enforcement or defence in legal disputes or official proceedings initiated by or against the Data Controller.

What personal data do we process? Source of data?

The scope of data necessary for legal claim enforcement (including typically the data subject's name, address, and the data of the claim made against or by them, in accordance with the rules of the relevant procedure).

Source of data: depending on the circumstances of the given case (for example, in a lawsuit initiated by the data subject, the data subject provides their personal data or part of it necessary for the procedure).

Legal basis of data processing

Legitimate interest of the Data Controller (Article 6 (1) f) of the GDPR).

Legitimate interest: claim enforcement by the Data Controller and successful defence in legal disputes or official proceedings possibly initiated by the data subject or other persons to protect the Data Controller's business reputation and economic interests.

Duration of data processing

The duration necessary for the procedure (e.g., the issuance of a final official decision in the case or the termination of the enforcement procedure) or 5 years from the date of the claim's occurrence for the purpose of enforcing the Data Controller's possible claim and defending against the data subject's or other person's possible claim, according to Section 6:22 (1) of Act V of 2013 on the Civil Code ("Civil Code").

For what purposes may we use your personal data?

Making recordings at the event and using the recordings

What personal data do we process? Source of data?

Taking photos and video recordings at events organized by the Data Controller (images and audio recordings of the data subjects). With the data subject's consent, the completed recordings may also be displayed on the Data Controller's external internet interface (e.g., Ginop Hatás Facebook page/http://gazdasagfejlesztes.gov.hu/) or other media platforms (e.g., company brochures).

Source of data: the data subject.

Legal basis of data processing

Consent of the data subject (Article 6 (1) a) of the GDPR). In addition, Section 2:48 (1) of the Civil Code, given that the data subject's consent is required to make and use images and audio recordings of the data subject. You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of the data processing based on consent before its withdrawal. In the absence of your consent, recordings about you cannot be made or used.  

However, in the case of recordings of the data subject's public figure appearances or mass recordings, the data subject's consent is not required for making or using the recording (Civil Code 2:48. § (2)), in such cases, the legal basis of data processing is the Data Controller's legitimate business interest (Article 6 (1) f) of the GDPR).

In the case of recordings of the data subject's public figure appearances or mass recordings, the Data Controller's legitimate business interest is to document the Data Controller's events, thereby increasing the Data Controller's business recognition and strengthening its economic and professional relationships.

Duration of data processing

Recordings made and processed based on the data subject's consent can be deleted at any time at the data subject's request (until withdrawal). The right of withdrawal in the case of non-online materials can only be fully exercised until the appearance of these materials. In the case of recordings of the data subject's public figure appearances or mass recordings, the recordings can be processed until the data subject's lawful objection.

For what purposes may we use your personal data?

Entry to events organized by the Data Controller

What personal data do we process? Source of data?

Entry to the event venue by providing the names of registered guests.

Source of data: the data subject.

Legal basis of data processing

Legitimate interest of the Data Controller (Article 6 (1) f) of the GDPR). Legitimate interest: ensuring the security and smooth running of the events and guaranteeing that only invited persons entitled to enter can enter.

Duration of data processing

30 days after the event for the purpose of subsequent verification of the event (e.g., if a crime occurred at the event or an invitee left something behind).

The Data Controller does not transfer personal data to third parties.

Your personal data is processed by our authorized employees or contractors based on the "need-to-know" principle, depending on the purposes for which it was collected.

Your rights and legal remedies regarding data processing:

Your data protection rights and legal remedies and their limitations are detailed in the GDPR (especially Articles 15, 16, 17, 18, 19, 21, 77, 78, 79 and 82 of the GDPR). You can request information about your data at any time, request access to your data, rectification, deletion or restriction of processing at any time, and otherwise object to data processing based on legitimate interest. Below, we summarize the most important provisions related to your data protection rights and legal remedies.

We emphasize that, as indicated above in this Notice, you can also submit your data protection inquiries to the Data Controller.

The Data Controller specifically draws your attention to the following when providing information:

You have the right to object at any time to the processing of your personal data based on the Data Controller's legitimate interest for reasons related to your own situation. In this case, the Data Controller may no longer process the personal data, unless the Data Controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.  

Right to information:

If the Data Controller processes personal data concerning you, the Data Controller is obliged to provide you with information – even without your request – about the most important characteristics of the data processing, including the purpose, legal basis, duration of the data processing, the identity and contact details of the Data Controller, the contact details of the data protection officer, the recipients of the personal data, in the case of data processing based on legitimate interest, the legitimate interest of the Data Controller and/or a third party, and your rights and legal remedies related to data processing (including the right to lodge a complaint with a supervisory authority), and, if you are not the source of the data, the source of the personal data and the categories of personal data concerned, if you do not already have this information.  

The Data Controller provides this information by making this notice available to you.