{"id":59088,"date":"2022-04-22T07:50:30","date_gmt":"2022-04-22T07:50:30","guid":{"rendered":"https:\/\/wellis.eu\/information-on-data-processing-when-sending-newsletters\/"},"modified":"2022-04-22T07:50:30","modified_gmt":"2022-04-22T07:50:30","slug":"information-on-data-processing-when-sending-newsletters","status":"publish","type":"page","link":"https:\/\/wellis.eu\/es\/information-on-data-processing-when-sending-newsletters\/","title":{"rendered":"Information on data processing when sending newsletters"},"content":{"rendered":"[vc_row type=\u00bbin_container\u00bb full_screen_row_position=\u00bbmiddle\u00bb column_margin=\u00bbdefault\u00bb column_direction=\u00bbdefault\u00bb column_direction_tablet=\u00bbdefault\u00bb column_direction_phone=\u00bbdefault\u00bb scene_position=\u00bbcenter\u00bb text_color=\u00bbdark\u00bb text_align=\u00bbleft\u00bb row_border_radius=\u00bbnone\u00bb row_border_radius_applies=\u00bbbg\u00bb overflow=\u00bbvisible\u00bb overlay_strength=\u00bb0.3″ gradient_direction=\u00bbleft_to_right\u00bb shape_divider_position=\u00bbbottom\u00bb bg_image_animation=\u00bbnone\u00bb][vc_column column_padding=\u00bbno-extra-padding\u00bb column_padding_tablet=\u00bbinherit\u00bb column_padding_phone=\u00bbinherit\u00bb column_padding_position=\u00bball\u00bb column_element_spacing=\u00bbdefault\u00bb background_color_opacity=\u00bb1″ background_hover_color_opacity=\u00bb1″ column_shadow=\u00bbnone\u00bb column_border_radius=\u00bbnone\u00bb column_link_target=\u00bb_self\u00bb column_position=\u00bbdefault\u00bb gradient_direction=\u00bbleft_to_right\u00bb overlay_strength=\u00bb0.3″ width=\u00bb1\/1″ tablet_width_inherit=\u00bbdefault\u00bb tablet_text_alignment=\u00bbdefault\u00bb phone_text_alignment=\u00bbdefault\u00bb animation_type=\u00bbdefault\u00bb bg_image_animation=\u00bbnone\u00bb border_type=\u00bbsimple\u00bb column_border_width=\u00bbnone\u00bb column_border_style=\u00bbsolid\u00bb][vc_column_text]\n

Information on data processing when sending newsletters<\/h2>\n

Wellis Magyarorsz\u00e1g Zrt. (registered office: 1118 Budapest, Buda\u00f6rsi \u00fat 31\/C., company registration number: 01-10-048882, tax number: 25584864-2-43, e-mail: info@wellis.hu, represented by: Chief Executive Officer Zolt Czafik, name and contact details of the data protection officer: Dr. Kriszti\u00e1n B\u00f6lcskei, available by post at the Data Controller’s registered office, by e-mail to the info@adatvedelmiauditor.hu address), as data controller, hereby informs you about the relevant details of data processing for sending newsletters and about other relevant facts:<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Summary table of the privacy notice of data processed when sending newsletters<\/td>\n<\/tr>\n
Purpose:<\/strong><\/td>\nregular information to the recipient (subscribed data subject) about the latest promotions, events, news of the Data Controller (and its Partners), essentially sending regular advertisements<\/td>\n<\/tr>\n
Legal basis:<\/strong><\/td>\nVoluntary consent (Article 6 (1) a) of the GDPR and Section 6 (1) of the Advertising Act)<\/td>\n<\/tr>\n
Data subjects<\/strong>:<\/td>\nAll natural persons who wish to be regularly informed about the news, promotions and discounts of the Data Controller; therefore, they subscribe to the newsletter service by providing their personal data<\/td>\n<\/tr>\n
Source of data:<\/strong><\/td>\ndata subjects<\/td>\n<\/tr>\n
Scope of the processed data<\/strong><\/td>\nPurpose<\/strong><\/td>\nStorage period<\/strong><\/td>\n<\/tr>\n
name*<\/td>\nidentification<\/p>\n

 <\/td>\n

In active (sending) newsletter database: until the data subject unsubscribes or, if the Data Controller requests consent confirmation, the data are erased after the expiry of the deadline for providing confirmation<\/td>\n<\/tr>\n
e-mail address*<\/td>\nidentification and sending newsletter<\/td>\n<\/tr>\n
technical data: date of subscription* and unsubscription*<\/td>\nsubsequent evidencing<\/td>\n<\/tr>\n
Data processor\u2019s name:<\/strong><\/td>\nContact details of the data processor:<\/td>\nTask carried out by the data processor:<\/td>\n<\/tr>\n
Pardot<\/td>\n1.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 The Landmark at One Market,<\/p>\n

2.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Suite 300,<\/p>\n

3.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 San Francisco, CA 94105<\/p>\n

Phone: 1-800-667-6389<\/td>\n

storing the data of subscribed data subjects, sending newsletters, managing unsubscriptions, keeping statistics<\/td>\n<\/tr>\n
Transfer of data:<\/strong><\/td>\nit basically does not happen, it can only take place to an authority or a court if necessary<\/td>\n<\/tr>\n
Automated decision-making, profiling<\/strong><\/td>\nAutomated sending and automated unsubscribing, but no decision-making or profiling takes place<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

In connection with the data marked with *, the Data Controller draws the attention to the fact that they are essential elements of data processing, and all of them are necessary for data processing.<\/p>\n

How does the Data Controller ensure data protection?<\/strong><\/p>\n

Within the scope of its tasks related to IT protection, the Data Controller shall in particular ensure the following:<\/p>\n

    \n
  1. refusing access of unauthorised persons to data processing equipment (hereinafter: \u00abdata processing system\u00bb),<\/li>\n
  2. preventing the unauthorised reading, copying, modification and removal of data carriers,<\/li>\n
  3. preventing the unauthorised input of personal data into the data processing system and the unauthorised access, modification or erasure of personal data stored therein,<\/li>\n
  4. preventing the use of data processing systems by unauthorised persons using data transfer equipment,<\/li>\n
  5. that persons authorised to use the data processing system have access only to the personal data specified in the access authorisation,<\/li>\n
  6. ensuring control and verification of which personal data were, or can be forwarded, or were made or can be made available to which recipient by using data transfer equipment,<\/li>\n
  7. that it can be verified and established subsequently which personal data were entered into the data processing system, when and by whom<\/li>\n
  8. preventing unauthorised reading, copying, modification or erasure of personal data upon data transfer or data carrier transportation<\/li>\n
  9. that the data processing system can be recovered in the event of a breakdown.<\/li>\n
  10. that the data processing system is operational, that errors in its operation are reported and that the stored personal data cannot be altered even by operating the malfunctioning system.<\/li>\n<\/ol>\n

    What rights do the data subjects have?<\/strong><\/p>\n

      \n
    1. The relationship between the data subjects\u2019 rights and the legal basis\/bases is shown in the table below to make it clear to the data subjects what rights they can exercise in the case of the legal basis used.\u00a0<\/strong><\/li>\n<\/ol>\n\n\n\n\n
      <\/td>\nRight to prior information<\/td>\nRight of access<\/td>\nRight to rectification<\/td>\nRight of erasure<\/td>\nLimitation<\/td>\nData portability<\/td>\nObjection<\/td>\nWithdrawal of consent<\/td>\n<\/tr>\n
      Consent<\/td>\n\u2714<\/td>\n\u2714<\/td>\n\u2714<\/td>\n\u2714<\/td>\n\u2714<\/td>\n\u2714<\/td>\n\u2716<\/td>\n\u2714<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

      Right of access (Article 15 of the GDPR)<\/strong><\/p>\n

      The data subjects have the right to obtain feedback from the Data Controller as to whether or not their personal data are being processed, and if this is the case, they have the right to access the personal data and information about the circumstances of data processing. Where personal data are transferred to a third country or to an international organisation, the data subject has the right to be informed about the appropriate safeguards pursuant to Article 46 relating to the transfer. The Data Controller makes a copy of the personal data \u2013 that are subject to data processing \u2013 available to the data subject if requested by the data subject.<\/p>\n

      Right to withdraw consent (Article 7 of the GDPR)<\/strong><\/p>\n

      The data subject has the right to withdraw their consent at any time. The withdrawal of consent shall not affect the lawfulness of processing that was carried out based on consent before its withdrawal.<\/p>\n

      Right to rectification (Article 16 of the GDPR)<\/strong><\/p>\n

      The data subject has the right to obtain from the Data Controller without undue delay the rectification of inaccurate personal data concerning him or her.<\/p>\n

      Right to object (Article 21 of the GDPR)<\/strong><\/p>\n

      The data subjects have the right to object \u2013 at any time, on grounds relating to their particular situation \u2013 to the processing of their personal data based on Article 6 (1) e) or f) of the GDPR.<\/p>\n

      In this case, the Data Controller may not process the personal data further, unless it proves that the processing is justified by legitimate reasons which override the interests, rights and freedoms of the data subject.<\/p>\n

      Right to restrict data processing (Article 18 of the GDPR)<\/strong><\/p>\n

      The data subject has the right to request the Data Controller to restrict data processing if any of the conditions specified in the GDPR is met, and in this case the Data Controller should not perform any operation on the data other than storage.<\/p>\n

      If the data subject objected to data processing; in this case, the restriction applies until it is established whether the Data Controller\u2019s legitimate reasons override the data subject\u2019s legitimate reasons.<\/p>\n

      Right to erasure (right to be forgotten) (Article 17 of the GDPR)<\/strong><\/p>\n

      The data subjects have the right to ensure that the Data Controller erases the personal data concerning them without undue delay if the data processing has no purpose, they withdrew their consent and there is no other legal basis, in case of objection there is no overriding legitimate reason for data processing, or if the data have been processed unlawfully, furthermore the data must be erased in order to fulfill a legal obligation. Where the Data Controller has made the personal data public and is obliged to erase the personal data, the Data Controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.<\/p>\n

      Right to data portability (Article 20 of the GDPR)<\/strong><\/p>\n

      The data subjects have the right to receive the personal data concerning them and made available to the Data Controller in a structured, widely used, machine-readable format as well as to transfer such data to another data controller without being hindered in this by the Data Controller to whom they provided the personal data, if the legal conditions (legal basis of automated data processing and consent or agreement) exist.<\/p>\n

      Where and how can the data subjects request detailed information on data processing and transfer, where and how can they exercise their rights?<\/strong><\/p>\n

      The Data Controller draws the attention of the data subjects to the fact that they can send requests for information and they can exercise their right to access and other rights via a statement sent to the Data Controller by post (1118 Budapest, Buda\u00f6rsi \u00fat 31\/C) or e-mail (info@wellis.hu<\/a>) or addressed to the data protection officer. The Data Controller will examine and respond to the statement as soon as possible after receipt, and will take the necessary steps in accordance with the statement, the Internal Privacy Policy and the legal regulations.<\/p>\n

      Contact details of the authority in case of a complaint (Article 77 of the GDPR):<\/strong><\/p>\n

      National Authority for Data Protection and Freedom of Information:<\/p>\n