Privacy Policy

in which we inform you, as a visitor of our website and as a user of our services, about our company’s data management and data protection practices.

1. What principles do we follow during our data processing?

Our company follows the following principles in data processing:

  • we process personal data lawfully, fairly and in a transparent manner for you.
  • we collect personal data only for specific, explicit and legitimate purposes and do not process it in a manner incompatible with those purposes.
  • the personal data we collect and process are adequate, relevant and limited to what is necessary in relation to the purposes of processing.
  • Our company takes all reasonable measures to ensure that the data we process is accurate and, where necessary, kept up to date, and we delete or rectify inaccurate personal data without delay.
  • we store personal data in a form that permits identification of you only for as long as it is necessary for the purposes of the data processing.
  • by applying appropriate technical and organisational measures we ensure the appropriate security of personal data against unauthorised or unlawful processing, accidental loss, destruction or damage.
  • Our company processes your personal data
    • on the basis of your prior informed and voluntary consent, only to the necessary extent and always for a specific purpose, that is, we collect, record, organise, store and use them.
    • in certain cases, the processing of your data is based on legal requirements and is mandatory; in such cases we draw your attention separately to this fact.
    • and in certain cases our company or a third party has a legitimate interest in processing your personal data, for example for the operation, development and security of our website.

2. Who are we?

Business name: Némethy Christoph E.V.
Registered office: 2013 Boglárka utca 82.
Website: www.nemethycompetition.com
Mailing address: 2013 Boglárka utca 82.
E-mail: nemethy.academy@gmail.com
Tax number: 56932098-1-33

Our company is not obliged to appoint a data protection officer pursuant to Article 37 of the GDPR.


Website service providers:

Hosting provider
Name: Heroku, Inc. (by Salesforce)
Headquarters: 415 Mission Street, 3rd Floor, San Francisco, CA 94105, United States
Website: https://www.heroku.com
Service region: EU

Database provider
Name: Google Ireland Limited
Headquarters: Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://firebase.google.com
Service region: EU

Data processed by us:

Our company does not store or process personal data of visitors on our website. The site stores only non-user related (anonymised) identifiers and settings strictly necessary for operation in the users’ browsers.
However, our website uses the following third-party services to provide certain functions or to collect analytical data:

  • YouTube video embedding
  • Google Analytics

These service providers may place cookies on users’ browsers and/or collect personal data in order to provide their services. The privacy policies of the external service providers are available at the following links:

For questions regarding data processing you may contact us at nemethy.academy@gmail.com or by post. We will send our response within 15 days (but no later than 1 month) to the contact details you provided.

3. What are cookies and how do we handle them?

Cookies are small data files (hereinafter: cookies) that are placed on your computer through the website when you use it, and are stored by your internet browser. Most commonly used browsers (Chrome, Firefox, etc.) accept and allow cookies by default, but it is up to you to refuse or disable them by changing your browser settings, and you can also delete already stored cookies on your computer. The “Help” menu of each browser provides more detailed information about the use of cookies.

There are cookies that do not require your prior consent. Our website provides short information about these when you first visit. Such are for example authentication cookies, multimedia player cookies, load balancing cookies, session cookies that help customise the user interface, and user-centred security cookies.

For cookies that require consent – if data processing starts already by visiting the site – our company informs you upon your first visit and asks for your consent.

Our company does not use or permit the use of cookies that allow third parties to collect data without your consent.

Accepting cookies is not mandatory, however, our company is not liable if, due to not enabling cookies, our website does not function as expected.

Which cookies do we use?

Name: i18n_redirected
Provider: www.nemethycompetition.com
Purpose: Saves the identifier of the language chosen by the user.
Expiration: 1 year

For detailed information about third-party cookies, please read this page.

4. Other data processing issues

Your data may only be transferred within the limits set by law, and in the case of our data processors, we ensure through contractual terms that they cannot use your personal data for purposes contrary to your consent. Further information is available in section 2.

Our website operates in several languages, the same privacy policy applies to our foreign visitors.

The courts, the prosecutor’s office and other authorities (e.g. police, tax authority, National Authority for Data Protection and Freedom of Information) may contact our company for the provision of information, disclosure of data or the making available of documents. In such cases we must fulfil our obligation to provide data, but only to the extent strictly necessary to achieve the purpose of the request.

Employees and contributors involved in our company’s data processing and/or data handling are entitled to access your personal data to a predetermined extent – subject to confidentiality obligations.

We protect your personal data with appropriate technical and other measures and ensure the security and availability of the data, as well as protect them from unauthorised access, alteration, damage, disclosure or any other unauthorised use.

As organisational measures we control physical access to our buildings, continuously train our employees and store paper-based documents securely. As technical measures we use encryption, password protection and antivirus software. However, please note that data transmission over the Internet cannot be considered completely secure. Our company does everything to make processes as secure as possible, but we cannot take full responsibility for data transmission through our website, though we strictly comply with regulations regarding the security of the data received by our company and the prevention of unlawful access.

5. What are your rights and legal remedies?

You have the right to

  • request information,
  • request correction, modification or completion of your personal data processed by us,
  • object to data processing and request the deletion and blocking of your data (except for mandatory processing),
  • seek remedy in court,
  • lodge a complaint with the supervisory authority or initiate proceedings (https://naih.hu/panaszuegyintezes-rendje.html).

Supervisory Authority: National Authority for Data Protection and Freedom of Information

  • Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.
  • Mailing address: 1530 Budapest, Pf.: 5.
  • Phone: +36 (1) 391-1400
  • Fax: +36 (1) 391-1410
  • E-mail: ugyfelszolgalat@naih.hu
  • Website: https://naih.hu/

Upon your request we provide information about the personal data we process about you, or processed by our commissioned data processor,

  • about your data,
  • their source,
  • the purpose and legal basis of processing,
  • its duration, or if this is not possible, the criteria for determining that duration,
  • the name, address and activity related to data processing of our data processors,
  • the circumstances and effects of data protection incidents and the measures taken to remedy and prevent them, and
  • in the case of transfer of your personal data, the legal basis and the recipient of the transfer.

We provide our response within 15 days (but no later than 1 month) from the submission of the request. The information is free of charge except when you have already submitted a request concerning the same set of data in the current year. We will refund the fee already paid if the data was processed unlawfully or the request for information led to correction. We may only refuse information in cases provided by law, indicating the legal provision, and informing you about judicial remedy and the possibility to contact the Authority.

Our company notifies you and all those to whom we have previously transmitted the data for processing purposes about the rectification, blocking, marking or deletion of personal data, except where such notification would not harm your legitimate interest.

If we do not fulfil your request for rectification, blocking or deletion, within 15 days (but no later than 1 month) from the receipt of the request, we will provide you with the reasons for refusal in writing or – with your consent – electronically, and inform you about the possibility of judicial remedy and contacting the Authority.

If you object to the processing of your personal data, we will examine your objection within 15 days (but no later than 1 month) from the submission of the request and inform you in writing about our decision. If we decide that your objection is well-founded, we will terminate data processing – including further data collection and transfer – and block the data, and notify all those to whom we previously transferred the personal data affected by the objection and who are obliged to act in order to enforce the right to object.

We will refuse to comply with the request if we prove that the data processing is justified by compelling legitimate grounds that override your interests, rights and freedoms, or that relate to the submission, enforcement or defence of legal claims. If you do not agree with our decision or if we fail to meet the deadline, you may go to court within 30 days from the notification of the decision or from the last day of the deadline.

Data protection lawsuits fall within the jurisdiction of the tribunal. The lawsuit may also be brought before the tribunal of the data subject’s domicile or place of residence, at the choice of the data subject. A foreign citizen may also lodge a complaint with the competent supervisory authority of his/her residence.

Please, before turning to the supervisory authority or court with your complaint – in order to resolve the problem as quickly as possible – contact our company.

6. What are the main applicable laws governing our activities?

  • Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) on the protection of natural persons with regard to the processing of personal data
  • Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information
  • Act V of 2013 on the Civil Code
  • Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Information Society Services
  • Act C of 2003 on Electronic Communications
  • Act CLV of 1997 on Consumer Protection
  • Act CLXV of 2013 on Complaints and Public Interest Disclosures
  • Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities