Purpose of the Regulation
The purpose of this Regulation is to declare the data protection and data handling principles and the data protection and data handling policies of Budapest International College, hereinafter: Company (registered seat: 1063 Budapest, Szinyei Merse Utca 10. as 2, company registration number: 01-09-387699, registering authority: Fővárosi Törvényszék Cégbírósága (Company Court of the Budapest-capital Regional Court), VAT number: 27188103242).
The purpose of this Regulation is to ensure that the rights and civil liberties of every individual, especially the right to privacy, is respected during the machine processing of personal data (data protection) irrespective of their nationality or place of residence, in every field of service provided by the Company.
Name of data controller
BIC International College Kft.
1063 Budapest, Szinyei Merse Utca 10. as 2
1152 Budapest, Szentmihályi út 167-169, office nr. F410 B03
+36 70 881 9351
Scope of the controlled data
To start online chatting service or request more information from the Company, users must provide the following personal data: name, e-mail address. To sign up to to an informational newsletter list, users must provide the following data: name, e-mail address.
During the application process, users must provide the following personal data: name, e-mail address, data and documents related to previous education, data and documents regarding self-identification, nationality, citizenship and gender and data regarding residence.
Legal basis, purpose and method of data controlling
Data controller handles personal data only with the purpose of enabling data subjects to request the delivery of the information package related to the adult training services introduced on the budapestcollege.hu website.
Data controller, or the person to whom these data are forwarded, can identify the data subjects as per the following:
- e-mail address submitted during the registration for keeping contact,
- name (first and surname of data subject) to identify the data subject at application.
The legal basis of the data handling is the informed consent of the data subject, which they provide by expressly accepting this Privacy Agreement when submitting their data on the budapestcollege.hu website.
Data controller – to the extent and for the term necessary to achieve the purpose – handles only such personal data that is necessary to realize the data handling purpose, and which is suitable to realize that purpose. Data controller handles the personal data only as long as the purpose of the data handling exists, and the personal data is destroyed at the same time as the purpose ceases to exist.
Whenever a visitor visits the sites of Budapest International College, COOKIE-s are placed on their computer in order to maintain the proper functioning of the website.
Cookies are files (normally text documents) which are transferred to the hard drive of the visitor through the browser used. These cookies can identify the visitor during the next visit. With the help of these cookies, the website memorizes certain operations and setting you used, thus you don’t have to reset them each time you visit the site. The visitor may delete or ban cookies. In this case, all settings must be reset whenever the visitor visits the site.
Handling technical data
During admission and when the page is visited, the IP address of data subject’s device, the starting and finishing time of the visit, and in some cases – based on data subject’s computer settings – the type of the browser and the operating system are recorded. These data are recorded in a log file and are only used for statistical purposes, and data controller shall only reveal it to third parties when explicitly required by legislative provisions.
Access to the handled data
Data controller shall only disclose handled data with the purpose of processing to partner universities chosen by prospective students in order to ensure appropriate admission services.
Data controller shall only disclose the handled data to any other third parties with the express consent of the data subject or when required by law. Data controller maintains the right to engage the services of a data processor to carry out certain technical tasks.
Use of data by data controller
Data controller shall use the data provided by the data subject primarily for the services it provides, or in the cases stipulated in this Agreement.
Data controller – subject to data subject’s express consent – is entitled to send newsletters in connection with its service to the e-mail address that User provided on the chat interface. Data subject gives their permission to data controller to place ads at the bottom of newsletters or other e-mail notifications. In every newsletter, data controller offers an opportunity to unsubscribe from the newsletters.
Rights of data subjects, the protection of privacy
By sending a declaration to the e-mail address (firstname.lastname@example.org) of the data protection officer appointed by data controller, and by providing the correct data, data subjects can request data to be corrected that they cannot correct themselves. At the above address, data subjects may request information regarding the handling of their data at any time, and may request the deletion of their handled data at any time without the obligation to provide an explanation (by revoking their consent).
Data controller shall immediately correct or delete the data and shall notify data subject of it, along with every party whom the data has been forwarded to with the purpose of data handling. Upon the request of data subject, data controller shall provide information on the data it handles, the purpose, legal basis, duration of the data handling, and the name, contact information, and data handling-related activities of any data processor, and, in addition, who have received or will receive the data and with what purpose. The information is provided at no charge if data subject has not yet submitted a similar request in the ongoing year for information regarding the same subject, in other case fees may apply.
Data controller accepts no liability for damages arising from failure by data subjects to sufficiently protect their data, for example if their login password can be deciphered easily, or they reveal it to third parties.
Data controller shall take every step necessary that it is reasonably expected to do to ensure the security of the data, and ensure that they are suitably protected especially against unauthorized access, modification, forwarding, disclosure, deletion or destruction, or accidental destruction or damage.
Duration of data handling
Data handling is for an unlimited term. If data subject requests the deletion of their registration, service provider shall delete it within three working days.
Data subjects can file their complaints directly to the data controller who will do everything in its power to discontinue and remedy any possible infringement. Data subjects can exercise their rights in court in accordance with Act CXII of 2011 on Right of Informational Self-Determination and the Freedom of Information, and the Civil Code of the Hungarian Republic, or file a complaint to the National Authority for Data Protection and Freedom of Information. More information is available on the website of the National Authority for Data Protection and Freedom of Information (www.naih.hu).