Privacy Policy

WHAT IS THIS NOTICE ABOUT?

For using our services (e.g. attending training courses, or receiving newsletters), we will record and process certain personal data. With this data processing document, we would like to inform you about

  • the scope of data processing, how long the data is stored, and to whom your data will be accessible;
  • what your rights and remedies are in regard to data processing.

Please read the notice carefully. In case you may have any questions, we would like you to ask you to consult with us before accepting the notice on info@develor.com.

We would like to inform you in advance that you have the right to object to the processing of your personal data in case the data was obtained for the enforcement of our legitimate interest or for the purpose of marketing as described below.

BASIC INFORMATION

Who will process your personal data?

Your data will be process by Develor International Private Limited Company (DEVELOR International "Zártkörűen Működő" Részvénytársaság), as data controller.

Contact details:

  • company seat/mailing address: H-1074 Budapest, Rákóczi út 70-72.
  • e-mail: info.@develor.com
  • telephone: +36 1 413 7990
  • fax: +36 1 321 0413
  • website: https://www.develor.com/
  • name of representative of your data controller: Zsolt Pozvai, CEO.

 

Fundamental concepts of data protection

Further below, we will present the most important concepts we use during our data processing with the help of icons:

 

The purpose of data processing:

Every single personal data is processed for a specific purpose, and these purposes are not linked together (e.g. we will only send you newsletters, if you have separately given your consent to that). In case we wish to process your data provided to us at an earlier time, we will inform you about it in advance.

 

Legal bases for data processing:

Data processing can have different legal basis depending on the purpose of processing: it can happen during fulfilling legal obligations (e.g. invoicing), or in implementation of a contract concluded with you, or in case of pursuit of any legitimate interests (e.g. dispute settlement), or with your consent. How do they differ?

 

In case of “legal obligations”, data processing is compulsory for us irrespectively of your consent or objection.

 

In case of “concluding a contract / implementing a contract”, it is not obligatory to provide the requested data, however, in the absence of it, the contract will not be concluded, and you cannot receive the desired services.

 

Regarding “legitimate interests”, when there is an existing business relationship, we can contact you with the purpose of establishing a future business relationship, and we can process your data for pursuing our legitimate interests in case of an existing relationship (e.g. outstanding invoices, enforcing legal claims, providing evidence regarding administrative/legal proceedings). Moreover, security camera surveillance at training sites also has the same legal basis.

Regarding “consent”, we do not need it separately for the above-mentioned cases, however, certain amenity services (e.g. signing up for newsletter) can only be supplied if, with full knowledge of this Notice, you consent to the processing of the required personal data in advance. If, however, you do not consent to it, you shall not suffer any detriment because of it.

Concept of personal data:

Every information that is relating to you as a natural person and based on which you can be directly or indirectly identified, is called personal data (e.g. data related to customer identification, invoicing, contact details, e-mail address or IP address as well).

In cooperation with our customers, we always process the following data related to a given service, which is provided in a contract, or through an (online) form, or requested through consultation:

  • representative, contact person of the company, or in case of an individual entrepreneur: name, e-mail address, phone number, fax number, other provided contact details, workplace/job, signature, other information related to communication;
  • in case of an individual entrepreneur such data further includes: billing name and address, VAT number;
  • in case of a private person: name, billing name and address, e-mail, and other provided contact details, signature.

Duration of data processing:

Processing of personal data shall only be performed for as little time as is strictly essential for supplying the given service it is associated with. If this period is over, your digitally stored data will be permanently deleted, and the data stored in paper form will be destroyed.

We are obliged to keep records and documents needed for fulfilling our tax and accounting dependency for the period required by the legislation in force (in accordance with Section 169 subsection 2 of Számviteli tv., the accounting documents shall be stored for 8 years, while the tax and VAT payment documents shall be stored until the expiration of the right to tax assessment limitation period).

In case of every data processing purpose mentioned below (based on legitimate interest and when circumstances indicate it), we are authorised to process personal data until the enforceability of our legal right ends (general rule of limitation applies after 5 years).

Data transfer:

In certain cases, your personal data may be transferred to so called data processors (in some cases to other data controllers). Usually such transfer is necessary for providing the rendered services, and for service development within the Develor Group (e.g. measuring client satisfaction).

Personal data is usually stored in digital form as well, which, if necessary, can be accessed by the data processors operating our case management and information technology systems:

  • Isolutions Informatikai Kft. (IT service provider, development and support of case management system; contact details: 2040 Budaörs, Baross utca 89.)
  • netDesign Kft. (Website operation; contact details: 2310 Szigetszentmiklós, Rév út 167.)

Other concepts

  • Develor: DEVELOR International "Zártkörűen Működő" Részvénytársaság, as data controller
  • Develor-group: Develor International Zrt. (H-1074 Budapest, Rákóczi út 70-72.) that managed the corporate group of which Develor is a member of.
  • Website: operated by Develor and can be reached under the following address https://www.develor.com/.
  • Administrator: Isolutions Informatikai Kft.
  • Participant: any individual, who takes part in training or adult learning programs organised by Develor.

Abbreviations of legislative Acts

  • Fktv: Act LXXVII/2013 on Adult Education;
  • GDPR: EU Regulation 2016/679 with regard to the processing of personal data;
  • Infotv: Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information;
  • Korm.r.: Government decree no. 393/2013. (XI. 12.) on the detailed rules stipulating the permit procedures and set of requirements for adult education activities, on the administration and control system pertaining to adult education institutes;
  • Számviteli tv.: Act C of 2000 on Accounting;
  • Ptk: Act V of 2013 on the Civil Code.
DIRECT MARKETING

Newsletter: sending materials advertising services offered by Develor via the selected contact method (e-mail, telephone, mailing address).

Event organizing: sending invitations to Develor events, managing registration, processing replies.

Contact through website: processing and answering incoming messages that are created by filling in a dedicated contact form.

For each case: consent is a must (by filling in the dedicated contact form). Photos/videos taken and recorded at events are usually posted on the website.

 

Newsletter: name, e-mail; in case of paper-based registration: workplace/job, telephone number, signature.

Event organizing: name, e-mail, workplace/job, telephone number, photos/videos taken or recorded at the event, feedback on the event.

Contact through website: name, e-mail, telephone number, message.

Until withdrawal of consent (newsletter: until unsubscribing), or for lack of it, it is valid for 5 years from the date of granting consent. In case of sending newsletters, it is valid until the termination of the newsletter service.

 

Newsletter:

  • MailChimp (The Rocket Science Group, LLC; 675 Ponce de Leon Ave NE, Suite 5000 Atlanta, GA 30308, USA): for operating the newsletter system.

Contact through website: netDesign Kft.

For each case: for Develor Group (name, provided contact details).

TRAINING

Contract concluded between Principal (company, individual entrepreneur, private person) and Develor for supplying services drawn up hereby.

Performing of the contract: regarding change of data of Principal’s   representative or contact person.

Legitimate interest: regarding the person employed by/on behalf of Principal.  In this case, the pursuit of legitimate interest (to ensure the training of the participant) enjoys advantage over Principal’s rights relating to the participant’s personal data, since the training is required for participant to perform his work-related tasks, and this means a proportionate restriction.

Regarding Principal, please see section on ‘Concept of personal data’.

Regarding participant: name, e-mail, signature on attendance sheet;

  • for use of Entertraining: username, password;
  • depending on the subject matter of the contract: photo/video on training-related activities;
  • regarding the “Insights Discovery” service: telephone number, personality and behaviour typology, competences;
  • regarding “360-degree Leadership Feedback” service: personal and leadership competences, furthermore, name and e-mail address of assessors.
  • The contract, related attendance sheet and the issued invoice shall be stored for 8 years based on the Számviteli tv.
  • Photos/ videos taken and recorded during the training program shall be stored until the end of the program (the recording will be handed over to participant, Develor simultaneously deletes it).
  • Personal data provided by participant during the Entertraining program shall be stored for the duration set by participant on the Entertraining platform.

Principal’s contact details: Administrators.

Regarding “Strategic HR Skills” and “Workshop Facilitator” services: netDesign Kft.

Regarding participant: to Develor Group (name, e-mail, signature on attendance sheet).

ADULT EDUCATION

Contract concluded with participant based on the Fktv., and in compliance with legal requirements set forth Korm.r. (see legislative abbreviations above).

Performing of the contract: in regard to adult education contract.

Legal obligations: regarding provisions set out in the legislations below on registration, data collection and retention:

  • subsection C of Section 16 and subsection 6 of Section 21 of the Fktv.;
  • Subsections (1) and (3) of Section 24 of the Korm.r.

Regarding participant:

  • name, name at birth, mother’s maiden name, place and date of birth; sex, permanent and mailing address;
  • citizenship, insurance ID number, phone number, e-mail, performance assessment, signature;
  • (in case of non-Hungarian citizens) residence permit; residence document, name and number of documents;
  • (in case of complaint) content of complaint;
  • In case of certificate of completion in line with GINOP / VEKOP: photo to prove participation.

 

In accordance with subsection C of Section 16 and subsection 6 of Section 21 of the Fktv. data can be processed for 5 years from the date of their recording, and in case of inspection by the competent authorities, they will be processed until its definitive/final completion.

Principal’s contact details, and regarding participants (name, e-mail, signature on attendance sheet): Administrators.

WEBSITE USE

Please note that Develor does not assume any responsibility for data processing due to leaving the Website and visiting other sites (e.g. Facebook, LinkedIn, YouTube).

To ensure better operation and provide comfortable and customized services. Upon visiting the website, the following small data packages, so called cookies, will be placed on the visitor’s computer.

A cookie is a data file that helps in identifying the visitor’s browser, and so the Website is able to provide a more user-friendly service (e.g. offering information from a previously filled in a form).

The Website uses the following cookies:

  • ’_ga’, ’_gid’, ’_gat’: these are cookies placed by Google Analytics external service provider, which analyses the web use and visitors behavior. (The cookies placed by Google Analytics are programs running independently of the website server.)
  • ’_unam’: this is a cookie placed by Eniday service provider, which records click activity, namely the visited pages, the navigation on the visited website, and it measures the time spent on pages.

You may find more information on blocking cookies in the setting of your browser. Please note that in case you block cookies, the Website is not able to provide the optimum service, and its use will not be complete.

Performing of the contract: regarding services that can be used trough the Website (including: technical follow-up of creating a contract, defining its content, amending it, and its performance).

Legitimate interest: using cookies that are indispensable for the Website operation, moreover, ensuring safe operation of the Website in regard to preventing attempted misuse.

Consent: using cookies that ensure convenient and marketing function, yet they are not indispensable for the operation of the Website (consent can be granted through the relevant pop-up window).

Data registered by the visitor, and log file recorded by the web server (date, time), IP address, paged visited on the Website, and time spent on pages.

Cookies placed by Google Analytics record the browser type and version too.

Cookies process data for the following duration:

  • ’_ga’ and ’_gat’: for 2 years;
  • ’_gid’: for 24 hours;
  • ’_unam’: for 9 months.

During the operation of the website: netDesign Kft.

WI_FI USE

Please not that it is strictly forbidden to disturb Develor’s IT system or network when using the WI-FI network (e.g. unauthorised data entry, modification, or deletion; hacking, content uploading, downloading or sharing that is harmful, illegal, rude, discriminative, abusive, harassing, violent, pornographic, disturbing, and indecent)!

The WI-FI connection available for visitors at Develor’s head office is being monitored.

Consent: visitor grants consent by connecting to the password-protected WI-FI network (by typing in the password).

Data transmitted by the visitor’s device, data necessary for connecting to the WI-FI network.

Data is stored for 3 days after disconnecting from the WI-FI network.

Operation of IT system by: Isolutions Informatikai Kft.

USE OF SECURITY CAMERAS

In this section we will provide information on the security cameras used at Develor’s head office in regard to data processing.

Monitoring customer traffic and employees with the purpose of protecting individuals and property (e.g. in regard to assets and technical devices located in the lecture room).

In addition, the following sub-objectives can be defined:

  • preventing, detecting, and proving infringements;
  • identification of people entering without prior authorisation, recording the fact of entry;
  • documenting the activity of unauthorised people on the premises;
  • investigating the circumstances of possible work-related and other accidents
  • investigating and handling complaints.

Legitimate interest: in regard to data controller and protection of individuals and property. It is not possible to ensure complete protection of individuals and property without the use of security cameras taking into consideration customer traffic and the size of the training site/head office (e.g. only by security staff). Another argument in favour of camera usage is being able to help the investigation authorities and individuals who might have suffered an injury of damage.

The privacy of people captured on the video recording is protected by the following measures:

  • cameras do not record sound, they only record areas designated for customers and marked by pictograms; human dignity must not be hurt under circumstances;
  • the recording can only be accessed by the assigned person within Develor (can check the recording and decide about their use);
  • private individuals captured on a video footage can anytime request information on their rights and remedies regarding the recording, either in person or by e-mail at info.@develor.com.

Persons’ image, movements, and behaviour present on Develor’s training site/head office.

In the absence of the use of the recordings, they are stored for 3 workdays. (Their use in this case constitutes when video recordings and other personal data are used in court or administrative proceedings as evidence).

The recording can only be accessed by the assigned person within Develor and Develor International Zrt.

YOUR RIGHTS REGARDING DATA PROCESSING

In the following section we will present your rights and remedies (in case of complaint, or legal dispute) regarding Develor’s data processing.

  1. Consent withdrawal

You have the right to withdraw your consent anytime free of charge, without any conditions or disclaimer, if the legal basis for processing a given data is your consent. In case of consent withdrawal, personal data is deleted (e.g. if you unsubscribe from our newsletter, we will delete all your data entered during registration and you will not receive newsletters from us anymore). In certain cases, despite withdrawing your consent, we can continue to lawfully manage your personal data - in such cases we will provide you with detailed information.

It is important to note that withdrawing your consent does not affect our legitimacy to process data prior to the withdrawal.

  1. Access to personal information

You can anytime request information on whether your personal data is being processed with any purpose. If it is so, we will send you a copy of all our activities affecting you by e-mail (or by your request, a paper-based copy). Furthermore, we will also inform you of your rights pertaining to this matter.

  1. Correction

You can contact us anytime in case you notice a mistake in your data processed by us, or you can request us to complete or correct it and transfer your new data to our registry (e.g. in case of change in e-mail address).

  1. Deletion

You can contact us anytime to delete certain details or all of your personal data processed by us. Your personal data will also be deleted in the following cases: withdrawal of consent, duration of data processing expired; data deletion must be executed due to legal requirement, or we no longer need to process the given personal data.

It is important to note that the processing of your personal data for a specific period of time is required by law. In other cases, the data storing is necessary for the implementation of our legitimate interest. Should the deletion of your personal data run into any obstacles, we will inform you about it in details.

  1. Restrictions of processing

It may happen that neither continuation of processing, nor data deletion is not appropriate for you. In such cases, you may request the restriction of processing of your personal data: data affected by the restriction will only be stored, and we will not carry out any other actions on them.

You may request restriction of processing when:

  • Your data stored in our database are incorrect (such case is investigated; restriction is valid until the completion of the investigation); or
  • In your view, we process your data unlawfully, and at the same time you disagree with deleting them; or
  • we no longer need to process your personal data, but you request them not to be deleted, because they will be needed later for implementing your legitimate interests; or
  • You object to data processing (please see below; such case is investigated, restriction is valid until the completion of the investigation).

Please note that we are authorised to lift the restriction requested by you and continue data processing if you grant your consent to it, or we need to do so for the implementation of our legitimate interest, or it is required by law for public interest. In such a case, we will inform you about it in advance.

  1. Objection to the processing of your personal data

You shall have the right to object to the processing of your personal data anytime on personal grounds, if they were used for sending advertisement to you, or when the legal basis was marked to be legitimate interest for processing your data. Your data shall be deleted in such cases.

It is important to note that when we marked legitimate interest as the legal basis for data processing, we can still process your data despite your objection if we attest that we have an unavoidable need to process them, or it is indispensable to implement our legitimate interest - we will inform you about such a case in advance.

  1. Data portability

You are entitled to receive the personal data provided to us in an editable and electronic form, and to transfer your data to another data controller, or you can request that we transfer them instead of you.

(Data transfer differs from the above-mentioned right to access in the following way: in the case described above, we will only provide you with the personal data that you provided us, including the data that we recorded during your activity. However, we will not provide the data we generated by means of derivation/deduction from the data mentioned above.)

This kind of data portability can only take place if the legal basis of your personal data was marked to be consent or performing of the contract. Another condition is that the data is processed automatically. You do not have the possibility for data transfer in other cases.

Please note that we can only fulfil your data transfer request by sending your data directly to another data controller, if it is technically feasible in the particular case - we will inform you about it in advance.

  1. Right to complain

Should you be under the impression that we have violated the statutory provisions governing the processing of personal data during our data processing, you may file a complaint at the National Data Protection and Freedom of Information Authority (NAIH) at the following contact details:

  • Seat of the company: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.
  • mailing address: 1530 Budapest, P.O. Box. No.: 5.
  • e-mail: ugyfelszolgalat@naih.hu
  • website: http://www.naih.hu/

We appreciate if you turn to us with your complaint first, so that we can investigate and remedy it as soon as possible.

  1. Right of access to the courts

If you feel that we have violated your rights in our data processing, you may (at your option) refer to the competent court according to your place of residence or according to the place of where you are situated. For more information on court proceedings, please visit birosag.hu website.

OTHER PROVISIONS
  1. Handling requests

You may exercise any of the above-mentioned rights. It is sufficient to write us at info.@develor.com. (You may, naturally, lodge a complaint or a legal proceeding at NAIH, or at the competent court.)

Based on your request, (especially in case of data correction) we will try to act without delay, but not longer than within 1 month. In case of particularly complicated and extensive requests, the processing deadline may be extended by 2 months, at most.

Please note that prior to the execution of the request, we have the right to identify you in order to avoid unauthorised data disclosure, and to execute unauthorised requests (e.g. regarding data deletion).

We would like to also call your attention to cases when the request is clearly unfounded, excessive or abusive, or if we have not been able to identify you, we will refuse to execute it.

  1. Data security

The provided personal information is stored on our own servers (protected by anti-virus protection, firewall, and strong password) and secured by security service, while paper-based documents are stored in fireproof locker cabinets. There are regular server backups executed.

Personal information can be accessed only by the competent personnel even at the data controller’s organisation. Data are always transferred in encrypted form to the data processors, who are also subject to our strict data security requirements.

  1. Your responsibility

To ensure the accuracy and protection of your personal data, please take all reasonable steps to ensure that your personal information is up-to-date in our databases:

  • Since we have no capacity to check the accuracy of the provided personal data, and to verify if it was the competent person who submitted them, please only provide your own personal data (in case corporate contacts, your company data). We are not liable for any infringements or damages resulting from processing of personal data provided on behalf of someone else.
  • Always use safe technical devices, software, network connection and strong passwords, so that unauthorised people would not be able to misuse your personal data (e.g. cannot access your account, and this way cannot submit unlawful requests to us).
  • Should you notice any suspicious circumstances, please notify us immediately.
  • If your personal data has changed, please inform us about it, as much as possible, within 3 days as describe above.

 

  1. Modification of the Notice

We may modify this notice at any time: in this case, we will inform you about the fact and of the main points of modification in advance, and about the date when it enters into force. The up-to-date version of the effective Notice can be reached on our website at all times.

  1. Relevant legislation

Regarding this notice, Hungarian Law is applicable. Issues not addressed in the Notice are primarily governed by the legislative Acts listed in the „Abbreviations of legislative Acts” section.