fbpx
IT trainings and software testing services
IT trainings and software testing services
Masterfield Training
Virtual walk

DATA PRIVACY POLICY

This Data Protection Policy sets out the rules for data processing carried out by Trinspire Informatikai Szolgáltató és Tanácsadó Kft. (47-49 Madarász Viktor Street, 1138 Budapest), hereinafter referred to as: Masterfield, as the data controller, and provides information on the rights of data subjects.

Masterfield is committed to protecting the personal data of its partners, students/participants, and website visitors, and places great importance on respecting the right to informational self-determination of its clients.

This Data Protection Policy covers data processing carried out via the Masterfield website (https://masterfield.hu) and all offline (non-online) data processing activities performed by Masterfield.

Masterfield reserves the right to amend this Data Protection Policy and will notify data subjects of any changes via its websites.

DEFINITIONS

The terms used in this Data Protection Policy have the following meanings:

  1. Data subject: Any identified or identifiable natural person on the basis of personal data; a natural person who can be identified, directly or indirectly.
  2. Personal data: Any information relating to the data subject – in particular the data subject’s name, identification number, or one or more factors specific to their physical, physiological, mental, economic, cultural, or social identity – as well as any conclusions that can be drawn about the data subject from such data.
  3. Special data:
    • Personal data concerning racial or ethnic origin, nationality, political opinions or party affiliation, religious or philosophical beliefs, membership in representative organizations, and sexual life,
    • Personal data concerning health, pathological addictions, and criminal personal data;
  4. Consent: A voluntary and explicit declaration of the data subject’s intention, based on adequate information, by which the data subject gives their unambiguous agreement to the processing of their personal data, either generally or limited to specific operations.
  5. Objection: The data subject’s declaration objecting to the processing of their personal data, requesting that data processing be ceased and that the processed data be deleted.
  6. Data controller: Any natural or legal person, or any entity without legal personality, that alone or jointly with others determines the purposes of data processing, makes and implements decisions relating to data processing (including the tools used), or has these carried out by a data processor.
  7. Data processing: Any operation or set of operations performed on data, regardless of the procedure used, such as collection, recording, organisation, storage, modification, use, retrieval, transmission, disclosure, alignment or combination, blocking, deletion and destruction, and the prevention of further use of data; as well as making photo, audio or video recordings, and recording physical characteristics suitable for identifying a person (e.g., fingerprint, palm print, DNA sample, iris image).
  8. Data transfer: Making data available to a specific third party.
  9. Disclosure: Making data accessible to anyone.
  10. Data deletion: Rendering data unrecognisable in such a way that restoration is no longer possible.
  11. Data marking: Labelling data with an identifier in order to distinguish it.
  12. Data blocking: Labelling data with an identifier in order to limit its further processing permanently or for a specified period.
  13. Data destruction: The complete physical destruction of the data carrier containing the data.
  14. Data processing: Performing technical tasks related to data processing operations, regardless of the method and means used to carry out the operations and the location of the application, provided that the technical task is performed on the data.
  15. Data processor: Any natural or legal person, or any entity without legal personality, that processes data on the basis of a contract – including a contract concluded pursuant to a legal regulation.
  16. Third country: Any state that is not an EEA (European Economic Area) member state.
  17. Information Law: Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information.

DATA CONTROLLER'S DETAILS AND CONTACT INFORMATION

Name: Trinspire IT Services and Consulting Ltd.

Address: 47-49 Madarász Viktor Street (Madarász Office Park), Building 1, 5th Floor, 1138 Budapest, Hungary

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Telephone: +36-1-288-0177

Data Processing Registration No.: NAIH-145990/2018

NEWSLETTER MODULE MANAGED BY THE DATA CONTROLLER

Name: SalesAutopilot Ltd.

Head Office: 6/A Zsolt Street, 5th Floor, Unit 1, 1016 Budapest, Hungary

Postal Address: SalesAutopilot Ltd., P.O. Box 515, 1538 Budapest

PRINCIPLES OF DATA PROCESSING AND DATA SECURITY

Personal data may only be processed for specific purposes, to exercise rights and to fulfil obligations. The purpose of data processing, as well as the collection and handling of data, must be fair and lawful. Only personal data that is necessary to achieve the purpose of processing and is suitable for that purpose may be processed. Personal data may only be processed to the extent and for the period required to achieve the purpose. During data processing, the accuracy, completeness and – where necessary for the purpose of processing – up-to-dateness of the data must be ensured, and the data subject may only be identifiable for the time required to achieve the purpose of processing. The data subject is responsible for the truthfulness, authenticity and accuracy of the data provided.

Masterfield designs and carries out data processing operations in a way that ensures the protection of data subjects’ privacy throughout the entire process. Masterfield – or, where a data processor is engaged, the data processor within the scope of its activities – ensures data security and takes the necessary technical and organisational measures and internal procedures required to enforce Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (Information Law), as well as other applicable data protection and confidentiality regulations.

Masterfield takes appropriate measures to protect personal data, in particular against unauthorised access, alteration, transmission, disclosure, deletion or destruction, as well as against accidental destruction or damage, and to prevent data from becoming inaccessible due to changes in the technology used.

If Masterfield engages another organisation (data processor) for data processing, the data subject will be informed of this fact and of the identity of the data processor before giving consent to data processing. The engaged data processor performs only technical tasks related to data processing operations and is not authorised to make substantive decisions regarding data processing. The data processor may process personal data only in accordance with Masterfield’s instructions, may not process the data for its own purposes, and shall store and retain personal data as instructed by Masterfield.

During data processing and data processing operations, the data may only be accessed by Masterfield – and, where a data processor is engaged, by the data processor – as well as by Masterfield’s employees and, where applicable, the data processor’s employees who participate in achieving the data processing objectives set out in this Data Protection Policy. These individuals are bound by confidentiality obligations under their employment contracts and applicable legal provisions, and may not disclose, use, or make the data accessible to third parties or the public.

LEGAL BASIS AND PURPOSE OF DATA PROCESSING

Personal data may be processed on the basis of the data subject’s consent, or in cases specified by law or local government regulation (mandatory data processing). Before commencing data processing, Masterfield informs the data subject whether the processing is based on consent or is mandatory. Prior to the start of data processing, Masterfield provides the data subject with information on the scope of the data processed, the purpose and legal basis of processing, the person authorised to process and manage the data, and the duration of processing. Information on the data subject’s rights related to data processing and the available legal remedies is set out in this Data Protection Policy.

Masterfield processes the personal data in its possession for the following purposes:

  • Identifying the data subject, distinguishing them from other data subjects, and maintaining contact with the data subject,
  • Preparing statistics and analyses,
  • Handling complaints,
  • Carrying out marketing activities,
  • Fulfilling other record-keeping obligations,
  • Complying with data processing and data provision obligations prescribed by law.

Where Masterfield provides training under Act LXXVII of 2013 on Adult Education, it is required to provide data for statistical purposes in accordance with Section 21(4) of the Act, and to store and manage the data from the time it is created until the data subject requests its deletion, as set out in Section 21(6). Pursuant to Section 20(1)(b) of Government Decree No. 393/2013 (XI. 12) on the detailed rules for the licensing procedure and requirements for conducting adult education activities, maintaining the register of institutions providing adult education, and supervising such institutions, Masterfield must provide data if the conditions described in Section 20 occur. Under Section 169(e) of Act CXXVII of 2007 on Value Added Tax, the mandatory content of an invoice includes, among other items, the name and address of the purchaser of goods or the recipient of services; therefore Masterfield also processes such data. In these cases, data processing is independent of the data subject’s consent, as it is prescribed by law.

Where Masterfield processes the data subject’s data not on the basis of a legal obligation, it does so on the basis of the data subject’s consent in accordance with Section 5(1) of the Information Law. Consent to data processing is provided by submitting an application form for a course.

OTHER DATA PROCESSING PURPOSES

NEWSLETTER SUBSCRIPTION

The purpose of data processing related to sending newsletters is to inform the data subject about Masterfield’s services and training programmes through direct contact methods, such as email or other equivalent individual communication tools, and to send direct business offers regarding Masterfield’s services and training.

The data subject acknowledges that, if they have given prior and explicit consent to receive newsletters, Masterfield will send newsletters to the email address provided by the data subject until that consent is withdrawn. In this context, Masterfield will process and store the data provided. Masterfield newsletters may include promotional offers, course recommendations and other information intended to keep data subjects informed about current news, promotions and new services via electronic messages.

The data subject may unsubscribe from the newsletter at any time, free of charge, without restrictions and without providing reasons, by sending a message to Masterfield’s headquarters (1138 Budapest, Madarász Viktor u. 47-49.) or by emailing This email address is being protected from spambots. You need JavaScript enabled to view it.. Upon unsubscribing, the personal data processed for newsletter distribution will be deleted by Masterfield.

Unsubscribing from the newsletter does not constitute withdrawal of consent to data processing for other purposes. Deleting a registration on the website does not automatically unsubscribe the data subject from the newsletter; this must be requested separately.

STORAGE OF WEBSITE VISITOR DATA

For technical reasons and to compile statistics on user habits, Masterfield is entitled to record visitors’ IP addresses, the time of the visit and the title of the page viewed while visiting Masterfield’s websites. By using the website, the visitor acknowledges the recording of these anonymised data.

THE USE OF COOKIES

European Union regulations require organisations that use cookies on their websites to provide clear and comprehensive information about their use and to obtain visitors’ consent.

METHOD OF REQUESTING CONSENT ON THIS WEBSITE

EU rules on obtaining consent for the use of cookies and similar technologies for tracking user activity (e.g., tracking pixels and site scripts – hereinafter: Cookies) are still evolving. While the legally most robust approach is to request prior consent (the “opt-in” method), this can reduce the user experience and negatively affect lawful data collection on websites. Nevertheless, the approach most commonly used to request consent is outlined below.

USE OF COOKIES

  1. The cookies placed by our website are used solely for statistical purposes and to display relevant offers to users. These cookies store only the fact and time of the visit to the page and no other information.
  2. The use of cookies in this way may involve external providers. External providers, including Google, may use these cookies to store whether the user has previously visited the advertiser’s website and to display ads to the user on websites of external providers – including Google’s partners – on the internet.
  3. Users can disable the use of Google cookies on the page provided for turning off Google ads: Google Ads Settings.
  4. Cookies from other external providers can also be disabled on the Network Advertising Initiative’s page (http://www.networkadvertising.org/choices/).

The statistics derived from cookies are used to make the website more user-friendly and to improve the user experience. This website may contain links and references to other websites. Please note that our company’s responsibility does not extend to the cookies and tracking technologies used by other websites, and this policy does not apply to those websites. If you have any questions, comments or concerns about this cookie policy or the website’s data collection practices, please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it..

DATA TRANSFER – TO EXAMINATION CENTERS

Masterfield transfers the personal data of data subjects only as set out in this Privacy Policy, or on the basis of the data subject’s prior informed consent.

Notwithstanding the above, Masterfield will transfer data to the United States only if the data controller there is listed on the Privacy Shield list (https://www.privacyshield.gov/list), which includes organisations that comply with European data protection requirements.

Data transferred: username, surname, first name, country, phone number, email address. Purpose of the data transfer: providing customer support to users and confirming transactions.

RIGHTS OF THE DATA SUBJECTS AND THEIR ENFORCEMENT

Data subjects may request the following from Masterfield:

  • Information on the processing of their personal data,
  • Rectification of their personal data,
  • Erasure or restriction of their personal data, except in cases of mandatory data processing.

Downloadable request forms:

Request information about the handling of personal data

Request for rectification of personal data

Request for erasure of personal data

REQUEST FOR INFORMATION ON THE PROCESSING OF PERSONAL DATA

The data subject may request that Masterfield provide information on the data processed by Masterfield, including its source, purpose, legal basis, duration and, in the event of a data transfer, the legal basis and recipient of such transfer.

Masterfield shall provide the requested information in writing as soon as possible after the request is submitted, but no later than within 30 days. Providing information is free of charge if the data subject has not submitted a request for information regarding the same data set in the current year. Otherwise, the data subject shall pay a fee of HUF 2,000 per information request.

CORRECTION OF PERSONAL DATA

Masterfield rectifies personal data if it does not correspond to reality and the correct data are available to Masterfield.

DELETION OF PERSONAL DATA

Personal data must be deleted if:

  • its processing is unlawful;
  • the data subject requests its deletion (except in cases of mandatory data processing);
  • it is incomplete or inaccurate, and this state cannot be lawfully remedied, provided that deletion is not prohibited by law;
  • the purpose of processing has ceased or the legally prescribed storage period has expired;
  • it has been ordered by a court or the National Authority for Data Protection and Freedom of Information.

PERSONAL DATA LOCKING

Instead of deletion, Masterfield blocks personal data if:

  • the data subject requests it, or
  • based on the available information, it is presumed that deletion would harm the legitimate interests of the data subject.

Blocked personal data may only be processed for as long as the purpose of data processing continues, for which deletion of the personal data was not possible.

MARKING OF PERSONAL DATA

Personal data is marked if the data subject disputes the accuracy or correctness of the personal data processed by Masterfield, but the inaccuracy of the disputed personal data cannot be clearly established.

Masterfield notifies the data subject of any rectification, blocking, marking or deletion, and also informs those to whom the data was previously transferred for the purpose of data processing. Notification may be omitted if doing so would not harm the legitimate interests of the data subject, taking into account the purpose of data processing.

If Masterfield does not comply with the data subject’s request for rectification, blocking or deletion, it shall notify the data subject in writing within 30 days of receiving the request, stating the factual and legal reasons for refusing the request.

PROTEST AGAINST THE PROCESSING OF PERSONAL DATA

The data subject may object to the processing of their personal data:

  • if the processing of personal data is necessary solely for the fulfillment of a legal obligation applicable to the data controller or for the legitimate interests pursued by the data controller (except in cases of mandatory data processing);
  • if the personal data is used for direct marketing, public opinion polling, or scientific research purposes; and
  • in other cases specified by law.

Masterfield shall examine the objection as soon as possible after it is submitted, but no later than within 15 days, decide on its merits, and inform the requester in writing of its decision. If Masterfield finds the objection to be justified, it shall cease the data processing, block the data, and notify those to whom the objected personal data was previously transferred; those parties are obliged to take action to enforce the right to object.

Masterfield is obliged to compensate any damage caused by unlawful processing of the data subject’s data or by a breach of data security requirements. The data subject may claim compensation from Masterfield if unlawful processing of their data or a breach of data security requirements violates their right to personal dignity.

Masterfield is exempt from liability for damages and from the obligation to pay compensation if it proves that the damage or violation of the data subject’s right to personal dignity was caused by an unavoidable external circumstance outside the scope of data processing. Compensation for damage and compensation cannot be claimed to the extent that the damage resulted from intentional or grossly negligent conduct on the part of the injured party, or from the violation of personal rights.

RECOURSE

The data subject may bring an action before the courts against Masterfield in the event of a violation of their rights related to data processing. The data subject may initiate court proceedings within 30 days from the communication of the decision or from the last day of the deadline, even if they do not agree with the decision made by Masterfield in response to their objection.

The court shall proceed in the matter without delay. Jurisdiction is determined by law. The claim may be filed before the court of the data subject’s domicile or residence, at the data subject’s choice.

In the event of harm arising from the exercise of rights related to the processing of personal data, the data subject may request an investigation by submitting a complaint to the National Authority for Data Protection and Freedom of Information:

Headquarters: 9-11 Falk Miksa Street, Budapest, 1055 Hungary

Mailing address: Post Office Box 603, Budapest, 1374 Hungary

Phone: +36 (1) 391-1400

Fax: +36 (1) 391-1410

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

FINAL PROVISIONS

In matters not governed by this Data Protection Policy – with the exception of conflict-of-law rules – Hungarian law shall apply.

Budapest, 10 July 2024.