fbpx
IT trainings and software testing services
IT trainings and software testing services
Masterfield Training
Virtual walk

DATA PRIVACY POLICY

This Data Protection Policy outlines the rules for data processing carried out by Trinspire Informatikai Szolgáltató és Tanácsadó Kft. (47-49 Madarász Viktor Street, 1138 Budapest) hereinafter referred to as: Masterfield) as the data controller, and provides information on the rights of the data subjects.

Masterfield is committed to protecting the personal data of its partners and website visitors and places great importance on respecting the informational self-determination rights of its clients.

This Data Protection Policy appropriately covers data processing conducted through the Masterfield website (https://masterfield.hu) and all non-online forms of data processing by Masterfield.

Masterfield reserves the right to change this Data Protection Policy and will inform data subjects through its websites of any such changes.

DEFINITIONS

The terms used in this Data Protection Policy are as follows:

  1. Data subject: Any identified or identifiable natural person based on personal data; a natural person who can be identified, directly or indirectly.
  2. Personal data: Any data relating to the data subject - in particular the data subject’s name, identification number, and one or more pieces of information specific to their physical, physiological, mental, economic, cultural, or social identity - and any conclusions that can be drawn regarding the data subject from such data.
  3. Special data:
    • Personal data concerning racial or ethnic origin, nationality, political opinions or party affiliation, religious or philosophical beliefs, membership in representative organizations, and sexual life,
    • Personal data concerning health, pathological addictions, and criminal personal data;
  4. Consent: A voluntary and explicit declaration of the data subject's intention, based on adequate information, giving their unequivocal agreement to the processing of their personal data, whether comprehensive or limited to specific operations.
  5. Objection: The data subject's declaration objecting to the processing of their personal data, requesting the cessation of data processing, and the deletion of the processed data.
  6. Data controller: Any natural or legal person, or any entity without legal personality, that independently or together with others determines the purposes of data processing, makes and implements decisions regarding data processing (including the tools used), or has them executed by a data processor.
  7. Data processing: Any operation or set of operations performed on data, regardless of the procedure used, such as collection, recording, organization, storage, modification, use, retrieval, transmission, disclosure, coordination, or combination, blocking, deletion, and destruction, and the prevention of further use of data, making a photo, sound, or video recording, and recording physical characteristics suitable for identifying a person (e.g., fingerprint, palm print, DNA sample, iris image).
  8. Data transfer: Making data available to a specific third party.
  9. Disclosure: Making data accessible to anyone.
  10. Data deletion: Rendering data unrecognizable in a way that restoration is no longer possible.
  11. Data marking: Labeling data with an identifier to distinguish it.
  12. Data blocking: Labeling data with an identifier to limit its further processing permanently or for a specified period.
  13. Data destruction: The complete physical destruction of the data carrier containing the data.
  14. Data processing: Performing technical tasks related to data processing operations, regardless of the method and means used for the execution of the operations, and the location of the application, provided that the technical task is performed on the data.
  15. Data processor: Any natural or legal person, or any entity without legal personality, that processes data based on a contract - including a contract concluded based on a legal regulation.
  16. Third country: Any state that is not an EEA (European Economic Area) state.
  17. Information Law.: Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information.

DATA CONTROLLER'S DETAILS AND CONTACT INFORMATION

Name: Trinspire IT Services and Consulting Ltd.

Address: 47-49 Madarász Viktor Street (Madarász Office Park), Building 1, 5th Floor, 1138 Budapest, Hungary

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Telephone Number: +36-1-288-0177

Data Processing Registration Number: NAIH-145990/2018

NEWSLETTER MODULE MANAGED BY THE DATA CONTROLLER

Name: SalesAutopilot Ltd.

Head Office: 6/A Zsolt Street, 5th Floor, Unit 1, 1016 Budapest, Hungary

Postal Address: SalesAutopilot Ltd.., P.O. Box 515., 1538 Budapest

PRINCIPLES OF DATA PROCESSING AND DATA SECURITY

Personal data may only be processed for specific purposes, to exercise rights, and to fulfill obligations. The purpose of data processing, the collection, and handling of data must be fair and lawful. Only personal data that is essential for achieving the purpose of the data processing and is suitable for attaining that purpose may be processed. Personal data may only be processed to the extent and for the duration necessary to achieve the purpose. During data processing, the accuracy, completeness, and - if necessary for the purpose of processing - up-to-dateness of the data must be ensured, and the data subject may only be identifiable for the time required to achieve the purpose of data processing. The data subject is responsible for the truthfulness, authenticity, and accuracy of the provided data.

Masterfield designs and executes data processing operations to ensure the protection of the data subjects' privacy throughout the data processing. Masterfield - or, if a data processor is used, the data processor within its activity - ensures data security and takes the necessary technical and organizational measures and procedural rules required to enforce the Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (Information Law), as well as other data and confidentiality protection regulations.

Masterfield takes appropriate measures to protect personal data, particularly against unauthorized access, alteration, transmission, disclosure, deletion, or destruction, as well as against accidental destruction and damage, and to prevent the data from becoming inaccessible due to changes in the applied technology.

If Masterfield engages another organization (data processor) for data processing, the data subject will be informed about the fact and the identity of the data processor before giving consent for data processing. The engaged data processor only performs technical tasks related to data processing operations and is not authorized to make substantive decisions regarding data processing. The data processor may only process personal data according to Masterfield's instructions and cannot process data for its purposes, storing and preserving personal data as instructed by Masterfield.

During data processing and data processing operations, the data may only be accessed by Masterfield - and, if a data processor is engaged, by the data processor - as well as by Masterfield's employees and, if a data processor is engaged, by the data processor's employees who participate in achieving the data processing objectives defined in this Data Protection Policy. These individuals are bound by confidentiality obligations based on their employment contracts and applicable legal provisions and cannot disclose, use, or make the data accessible or public to third parties.

LEGAL BASIS AND PURPOSE OF DATA PROCESSING

Personal data may be processed based on the data subject’s consent or in cases specified by law or local government regulation (mandatory data processing). Before commencing data processing, Masterfield informs the data subject whether the data processing is based on consent or mandatory. Masterfield provides information to the data subject prior to the commencement of data processing about the scope of data processed, the purpose and legal basis of the data processing, the person authorized for data processing and data management, and the duration of the data processing. Information about the data subject's rights related to data processing and the available legal remedies is provided in this Data Protection Policy.

Masterfield processes the data it handles for the following purposes:

  • Identification of the data subject, distinguishing from other data subjects, and maintaining contact with the data subject,
  • Preparation of statistics and analyses,
  • Complaint management,
  • Marketing activities,
  • Fulfillment of other record-keeping obligations,
  • Compliance with data processing and data provision mandated by laws.

If Masterfield conducts training under Act LXXVII of 2013 on Adult Education, it is required to provide data for statistical purposes according to Section 21(4) of the Act and to store and manage the data from the time of their creation until their removal is requested by the data subject, as stipulated in Section 21(6). According to Section 20(1)(b) of Government Decree No. 393/2013 (XI. 12) on detailed rules for the licensing procedure and requirements necessary for the conduct of adult education activities, the management of registers of institutions conducting adult education, and the supervision of institutions conducting adult education, Masterfield must provide data if the conditions described in Section 20 arise. Under Section 169(e) of Act CXXVII of 2007 on Value Added Tax, the mandatory content of an invoice includes, among other things, the name and address of the purchaser of goods or the recipient of services, so Masterfield also acts in processing such data. In these cases, data processing is independent of the data subject's consent, as it is determined by law.

If Masterfield processes the data subject's data not based on a legal obligation, it does so based on the data subject's consent in accordance with Section 5(1) of the Information Law. Consent to data processing is given by submitting the application form for a course.

OTHER DATA PROCESSING PURPOSES

NEWSLETTER SUBSCRIPTION

The purpose of data processing concerning the dispatch of newsletters is to inform the data subject about Masterfield's services and training via direct contact methods, such as electronic mail or other equivalent individual communication tools, and to send direct business offers regarding Masterfield’s services and training.

The data subject acknowledges that if they have given their prior and explicit consent to receiving newsletters, Masterfield will send its newsletters to the email addresses provided by the data subject until such consent is withdrawn. In connection with this, Masterfield will manage the data provided. Masterfield's newsletters may include promotional offers, course, and other proposals aimed at informing the data subjects about current information, promotions, and new features in the form of electronic messages.

The data subject can unsubscribe from the newsletter at any time, free of charge, without any restrictions or justifications, by sending a message to Masterfield’s headquarters (1138 Budapest, Madarász Viktor u. 47-49.) or an email to This email address is being protected from spambots. You need JavaScript enabled to view it.. Upon unsubscribing, the personal data maintained in relation to the newsletter dispatch will be deleted by Masterfield.

Unsubscribing from the newsletter does not imply withdrawal of consent for data processing for other purposes. Deleting a registration on the website does not automatically mean unsubscribing from the newsletter; this must be requested separately.

STORAGE OF WEBSITE VISITOR DATA

For technical reasons and to prepare statistics on user habits, Masterfield is authorized to record the IP address of visitors, the time of the visit, and the title of the viewed page while visiting Masterfield’s websites. By using the website, the visitor accepts the recording of these anonymized data.

THE USE OF COOKIES

European Union regulations require organizations that use cookies on their websites to provide clear and comprehensive information about their use and obtain consent from visitors.

METHOD OF REQUESTING CONSENT ON THIS WEBSITE

The EU regulations on obtaining consent for the use of cookies and similar technologies for tracking user activity (e.g., tracking pixels and site scripts – hereinafter: Cookies) are still evolving. While the most legally robust method of obtaining consent is the prior request (“opt-in” method), it can degrade the user experience and adversely affect the lawful data collection on websites. Nevertheless, the most accepted way to ask for permission is outlined.

USE OF COOKIES

  1. The cookies placed by our website are used solely for statistical purposes and to display relevant offers to users. These cookies only store the fact and time of the visit to the page and no other information.
  2. The use of cookies sent in this way includes: External providers, including Google, use these cookies to store if the user has previously visited the advertiser's website and display ads to the user on websites of external providers – including Google’s partners – on the internet.
  3. Users can disable the use of Google cookies on the page designed for turning off Google ads: Google Ads Settings.
  4. It is also possible to disable cookies from other external providers on the Network Advertising Initiative's page (http://www.networkadvertising.org/choices/).

The statistics obtained from cookies are used to make the site more user-friendly and to improve the user experience. This website contains links and references to other websites. We draw your attention to the fact that our company’s authority does not extend to the cookies and tracking technologies used by other websites, and this policy does not apply to other websites. If you have any questions, comments, or concerns about this cookie usage policy or the website's data collection practices, please contact us at: This email address is being protected from spambots. You need JavaScript enabled to view it..

DATA TRANSFER – TO EXAMINATION CENTERS

Masterfield transfers the personal data of the data subjects exclusively as set forth in this Privacy Policy, or based on the data subject's prior informed consent.

Even considering the above, Masterfield will only transfer data to the United States if the data controller there is listed on the Privacy Shield list (https://www.privacyshield.gov/list), which lists organizations that comply with European data protection regulations.

Data Transferred: Username, surname, first name, country, phone number, email address. Purpose of Data Transfer: Providing customer service assistance to users, confirming transactions.

RIGHTS OF THE DATA SUBJECTS AND THEIR ENFORCEMENT

Data subjects may request the following from Masterfield:

  • Information about the processing of their personal data,
  • Correction of their personal data,
  • Deletion or restriction of their personal data, except in cases of mandatory data processing.

Downloadable requests:

Request information about the handling of personal data

Request for rectification of personal data

Request for erasure of personal data

REQUEST FOR INFORMATION ON THE PROCESSING OF PERSONAL DATA

The data subject may request that Masterfield provide information about the data processed by them, including its source, purpose, legal basis, duration, and, in case of data transfer, the legal basis and recipient of such transfer.

Masterfield shall provide the requested information in writing as soon as possible from the submission of the request, but no later than within 30 days. The provision of information is free of charge if the data subject has not submitted a request for information regarding the same data set in the current year. Otherwise, the data subject shall pay a fee of HUF 2,000 per information request.

CORRECTION OF PERSONAL DATA

Masterfield corrects personal data if it does not correspond to reality and correct data is available to Masterfield.

DELETION OF PERSONAL DATA

Personal data must be deleted if:

  • its processing is unlawful;
  • the data subject requests its deletion (except in cases of mandatory data processing);
  • it is incomplete or inaccurate, and this state cannot be lawfully remedied, provided that deletion is not prohibited by law;
  • the purpose of processing has ceased or the legally prescribed storage period has expired;
  • it has been ordered by a court or the National Authority for Data Protection and Freedom of Information.

PERSONAL DATA LOCKING

Instead of deletion, Masterfield locks personal data if:

  • the data subject requests it, or
  • based on the available information, it is presumed that deletion would harm the legitimate interests of the data subject.

Locked personal data may only be processed as long as the purpose of data processing persists, for which deletion of the personal data was not possible.

MARKING OF PERSONAL DATA

Personal data is marked if the data subject disputes the accuracy or correctness of the personal data processed by Masterfield, but the incorrectness or inaccuracy of the disputed personal data cannot be clearly established.

Masterfield notifies the data subject about corrections, locking, marking, and deletion, and also informs those to whom the data was previously transferred for the purpose of data processing. Notification may be omitted if it does not harm the legitimate interests of the data subject considering the purpose of data processing.

If Masterfield does not fulfill the data subject's request for correction, locking, or deletion, it shall notify the data subject in writing within 30 days of receiving the request, stating the factual and legal reasons for rejecting the request for correction, locking, or deletion.

PROTEST AGAINST THE PROCESSING OF PERSONAL DATA

The data subject may object to the processing of their personal data:

  • if the processing of personal data is necessary solely for the fulfillment of a legal obligation applicable to the data controller or for the legitimate interests pursued by the data controller (except in cases of mandatory data processing);
  • if the personal data is used for direct marketing, public opinion polling, or scientific research purposes; and
  • in other cases specified by law.

Masterfield shall examine the objection within the shortest possible time after its submission, but no later than within 15 days, make a decision on its merits, and inform the requester in writing of its decision. If Masterfield determines the objection to be justified, it shall cease the data processing, lock the data, and notify those to whom the objected personal data was previously transmitted, who are obliged to take action to enforce the right to object.

Masterfield is obliged to reimburse any damage caused by its unlawful handling of the data subject's data or breach of data security requirements. The data subject may claim compensation from Masterfield if the unlawful handling of their data or breach of data security requirements violates their right to personal dignity.

Masterfield is exempt from liability for damages caused and the obligation to pay compensation if it proves that the damage or violation of the data subject's right to personal dignity was caused by an unavoidable external circumstance beyond the scope of data processing. Compensation for damage and compensation cannot be claimed to the extent that the damage resulted from intentional or grossly negligent conduct on the part of the aggrieved party or from the violation of personal rights.

RECOURSE

The data subject may turn to court against Masterfield in case of violation of their rights related to data processing. The data subject may initiate court proceedings within 30 days from the communication of the decision or from the last day of the deadline, even if they do not agree with the decision made by Masterfield based on their objection to data processing.

The court shall proceed with the matter without delay. The jurisdiction of the court is determined by the law. The lawsuit can be filed before the court of the data subject's domicile or residence, as chosen by the data subject.

In case of harm resulting from the exercise of rights related to the processing of personal data, the data subject may initiate an investigation by submitting a complaint to the National Authority for Data Protection and Freedom of Information:

Headquarters: 9-11 Falk Miksa Street, Budapest, 1055 Hungary

Mailing address: Post Office Box 603, Budapest, 1374 Hungary

Phone: +36 (1) 391-1400

Fax: +36 (1) 391-1410

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

FINAL PROVISIONS

In matters not regulated by this Data Processing Policy - with the exception of conflict-of-law rules - Hungarian law shall apply.

Budapest, 10 July, 2024.