Data Protection & Privacy Policy of Golf Business Monitor

This policy was last modified on May 17, 2018, in compliance with  the data processing and protection regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

If you have any questions about this Data Protection & Privacy Policy and data processing or would like to exercise your rights, please contact me as the owner of this blog at:

Attention: Miklós Breitner
24/A Zöldlomb utca, A. building, 3/14 apartment, Budapest, H-1025, Hungary, Europe or Email: [email protected]

Definitions

  • ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • ‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;
  • ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
  • ‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
  • ‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data;
  • ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
  • ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed;
  • ‘enterprise’ means a natural or legal person engaged in an economic activity, irrespective of its legal form, including partnerships or associations regularly engaged in an economic activity;
  • ‘supervisory authority’ means an independent public authority which is established by a Member State pursuant to Article 51;
  • ‘cross-border processing’ means either: processing of personal data which takes place in the context of the activities of establishments in more than one Member State of a controller or processor in the Union where the controller or processor is established in more than one Member State; or processing of personal data which takes place in the context of the activities of a single establishment of a controller or processor in the Union but which substantially affects or is likely to substantially affect data subjects in more than one Member State.

Principles relating to the processing of personal data

Personal data shall be

  • processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’); collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’); adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’); accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);
  • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Data Processing and  Protection Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’);
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures (‘integrity and confidentiality’).

Rights and obligations

I as the controller shall be responsible and accountable for the lawful data procession. I as the controller am to keep a record of all personal data being processed.

You, as the owner of your personal data have the following rights during the data procession term, which lasts until you unsubscribe:

  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object

I collect personally identifiable information from you in several different ways on the Blog:

  • Newsletter / MailChimp: email address and name (optional);
  • Live Chat / Drift: email address;
  • Commenting / Disqus.com: email address and name.

Personally, identifiable information means information that can be reasonably used to identify you personally, such as your name, and email address. I collect such information when you voluntarily provide it to me (such as when you complete subscription form, fill in the form in the Work with Me menu). You can choose not to provide the requested information, but you might not be able to take advantage of certain Blog features.

The goal of Use of collected information

I collect and use the types of information described above to assist in the administration and operation of the Blog and to provide you an efficient, meaningful, and customized experience. I may use the information to:

 

  • Fulfill my obligations with respect to any reason you volunteered the information (e.g., to respond to an inquiry, administer a contest or sweepstakes, deliver a newsletter, etc.);
  • Deliver marketing, advertising, and promotional messages to you;
  • Improve the Site or my products and services;
  • Notify you about changes to the Site or my services (including this Privacy Policy);

Advertising

I use collected information to serve relevant, customized advertising to you. Such advertising (and analysis of advertising) may be conducted by me. For the purpose of personal data usage, I will ask you consent in a separate form. Some advertisers and services I use to deliver advertising may be engaging in online behavioral advertising and interest-based advertising.

I am to ensure my affiliates and business partners follow the principles and rules of the EU Regulation before I forward any personal data given to me.

 

Opting-out of information use

As described above, I collect personally identifiable information about you when you voluntarily provide it to me. If you do not want me to use your collected information as described above or to provide your information to my partners, clients or service providers for marketing purposes, please email me [email protected] with such request. Please, exercise your rights that I mentioned above.

With respect to the Blog’s use of cookies and other similar technologies, by adjusting settings on your browser, you may elect not to allow cookies to be placed and thus opt out of certain features of the Blog and the Blog’s automatic collection of certain information about you. Additionally, the links below will assist you in opting-out of cookies and online behavioral or interest-based advertising:

Please note that these measures are browser-specific and device-specific and must be repeated on all browsers and devices.

Protection of information

I use reasonable measures to safeguard your information in my possession. However, no data transmission over the Internet is completely secure and no security mechanism is impenetrable.

User contributions

You are responsible for the content that you contribute to be published or displayed on the Blog or transmit to other users of the Blog (“User Contributions”) if any. Your User Contributions are posted on and transmitted to other users of the Blog at your own risk. Additionally, I cannot control the actions of other users of the Blog with whom you may choose to share your User Contributions. Therefore, I cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons. I am not responsible for circumvention of any privacy settings or security measures contained on the Blog. You understand and acknowledge that, even after removal, copies of your User Contributions may remain viewable in cached or archived pages or might have been copied or stored by others.

The Blog is designed for and targeted to Hungary audiences and are governed by and operated in accordance with the laws of Hungary and the regulations of GDPR. I am not responsible under any privacy laws or local data protection laws in any jurisdiction other than EU.

Applicable laws:

Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information

REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

My ID number at the Hungarian National Authority for Data Protection and Freedom of Information is: NAIH-103320/2016.

 

Miscellaneous

From time to time I may modify this Data Protection & Privacy Policy to reflect, among other things, changes in the law or my information collection and use practices and such modifications shall be effective upon posting by me. Your continued use of the Blog after a revised Data Protection & Privacy Policy signifies your acceptance of the revised Privacy Policy. It is important that you review this Data Protection & Privacy Policy regularly to ensure you are updated as to any changes.

Contact me

If you have any questions about this Data Protection & Privacy Policy and data processing or would like to exercise your rights, please contact me as the owner of this blog at:

Attention: Miklós Breitner
24/A Zöldlomb utca, A. building, 3/14 apartment, Budapest, H-1025, Hungary, Europe or Email: [email protected]