PRIVACY POLICY
I. GENERAL INFORMATION, THE DATA CONTROLLER
1.1. Person and activity of the data controller
For the purposes of the data processing specified in this Prospectus (the “Prospectus”), the data controller is the World Network Media Group ( E-mail: info@worldnetworkmediagroup.com; hereinafter: the “Data Controller”).
1.2. Governing Law
The Data Controller carries out its activities under the legislation of the European Union and Hungary. Data processing is primarily governed by the General Data Protection Regulation of the European Union (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016) on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Repealing Regulation (EC) No / 46 / EC (hereinafter referred to as the
In addition, the applicable legislation:
Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activity. law;
In the case of possible prize games, with regard to the tax burden on prizes, Act CXVII of 1995 on Personal Income Tax. Act CL of 2017 on the order of taxation. law;
In the case of services provided for remuneration, Section 169 of Act C of 2000 on Accounting (concerning the preservation of documents, “Accounting Act”).
The relevant legislation is available at http://net.jogtar.hu.
1.3. Activities of the Data Controller, websites
The Data Management website is a business company engaged in the development and maintenance of websites. The Data Controller develops Websites that provide services to data subjects based on registration. The condition of the services is registration and providing data. Registration and the use of the basic services of each website are free of charge, however, the Data Controller may make certain services subject to payment of a fee. The Data Controller draws the attention of the data subjects to this in all cases.
The services of each website are different (eg news portal, dating site, social networking site, etc.). The services of each website are always listed exactly on that website.
The Data Controller operates the following websites (hereinafter referred to as “Website” or “Websites”):
adultfriendsnetwork.com
adulthomeporn.com
adultsface.com
anonimforum.com
aureliaaletta.com
aureliaaletta.hu
huncutrandi.hu
hungarylivestream.hu
legyelteismodell.hu
maxalanchannel.hu
maxalantv.com
pchirek.hu
realteengallery.com
realteengallery.eu
realteengirls.eu
tiniszepsegverseny.eu
tiniszepsegverseny.hu
wnmg.eu
1.4. Scope of the Prospectus, concerned
The scope of this Prospectus covers only the activities of the Data Controller in the course of which the data of natural persons are processed. The scope of this Prospectus covers data management related to the Websites.
Personal data under the GDPR is any information about an identified or identifiable natural person (“data subject”); identify a natural person who, directly or indirectly, in particular by an identifier such as name, number, location, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person identifiable.
In the case of data processing covered by this Prospectus, the person who contacts the Data Controller, provides his / her data and in the process agrees to the processing of his / her data is concerned.
Accordingly, the scope of this Prospectus does not cover data that do not relate to natural persons (eg company data) or that cannot be linked to natural persons (eg statistics, data that are anonymised).
The scope of this Prospectus covers only the data management of the Data Controller. Unless otherwise stated, the scope of the Prospectus does not cover the services and data management related to the promotions, sweepstakes, services, other campaigns of third parties advertising on the Websites or otherwise appearing on them, or the content published by them. Unless otherwise stated, the scope of the Prospectus does not cover the services and data management of a website, service providers to which a link on the Website leads.
II. PRINCIPLES, PURPOSE, LEGAL BASIS OF DATA MANAGEMENT
2.1. Principles of data management
The Data Controller handles the data lawfully, fairly and in a way that is transparent to the data subject. The Data Controller strives to ensure that the data it manages is accurate and up-to-date. The Data Controller ensures the enforcement of the data subject’s rights and takes the necessary measures to ensure that the data processing is lawful at all stages.
2.2. Purpose of data management The purpose of data management is to maintain the Websites, provide services and carry out advertising activities:
identification of the data subject, contact and contact with the data subject;
registration, recording of data provided by the data subject;
providing the services of the Websites, making the Websites available;
sending advertisements to stakeholders, market research;
in the case of services provided against payment, calculation and payment of a fee;
organizing, conducting, drawing lots;
notification of winners, delivery of prizes to winners;
handling and validating the needs related to the prize draw;
exercise of rights arising from a legal relationship, fulfillment of obligations;
fulfillment of legal obligations.
2.3. Legal basis for data management
Consent of the data subject (Article 6 (1) (a) GDPR)
The legal basis for data processing is primarily the consent of the data subject. The Data Controller handles the data of the data subjects only on the basis of the data supply of the data subject, on the basis of the data subject’s consent. The consent is voluntary, the data subject gives his / her consent by registering, providing his / her data and accepting this information. The data subject may withdraw his consent at any time.
Contract between the Data Controller and the data subject (Article 6 (1) (b) GDPR)
If the data subject uses the fee-based service of the Data Controller, the purpose of data management is to pay, collect the fee and provide the service. In this case, a contract is concluded between the parties, which is governed by the rules of the Civil Code. In this case, the data will be processed in order to fulfill the contract and to take the steps initiated by the data subject, according to the reference point of the GDPR.
Fulfillment of a legal obligation (Article 6 (1) (c) GDPR)
If the person concerned wins the prize draw, there will be a tax liability on the prize. For the declaration and payment, the above 1.2. the legislation specified in point.
III. RECORDING OF DATA, SCOPE OF DATA MANAGED, PROCESS OF DATA MANAGEMENT, PROFILING
3.1. Recording of data
The Data Controller collects the data primarily from the data subject. From other sources, the Data Controller will only record data if the data subject has consented to it.
On some Websites it is possible to register with the profile of another website (eg Facebook, Google). In this case, data management is voluntary in all cases. If the data subject links his / her facebook profile to his / her registration or registers with his / her facebook profile, the data of the profile will be managed by the Data Controller in order to identify the data subject and ensure access.
If there is a recommendation system on the given Website, the data subject may recommend the Website to his / her friends, the Data Controller will send the link required for the recommendation to the data subject. The link can be sent by the data subject to his / her friends, and if the friend clicks on it and then registers, the Data Controller will record that the given registration was made on the recommendation of the data subject.
3.2. Scope of data managed
The Data Controller manages the following data of the data subjects:
Data necessary to identify and contact the data subject. The data managed is username, name, e-mail address. The purpose of data management is to identify the person concerned, to keep in touch, in case of a sweepstakes. The provision of data is voluntary in all cases.
Other information given on the data sheet. The Data Controller uses a data sheet on the Website, which contains the personal data of the data subject. The content of the data sheet may differ for each Website, depending on the service provided by that Website. The main purpose of data management is to create a profile of the data subject in order to be able to use the services of the Website effectively. In addition, the purpose of data processing is to enable the Data Controller to send to the data subject through the data an advertisement that may be of interest to the data subject, which is the “target group” of the data subject. The provision of data is voluntary, the data subject is not obliged to provide all data.
Sweepstakes data. If the Data Controller organizes a sweepstakes, it manages the data of the draws, the data of the winners, the data on the prize, the distribution of the prizes and the fulfillment of tax obligations. Registration, so participation in the sweepstakes is voluntary. If the data subject wins and receives his or her winnings, thereby incurring a tax liability, the data management related to taxation is mandatory data management based on law.
Data related to posted advertisements. In connection with the advertisements sent to the data subject, the Data Controller manages the data which advertisements the data subject opens and which he / she clicks on. Data management is related to advertising. The Data is used by the Data Controller to send additional advertisements, in order to determine which advertisements to send to the data subject, see Section 3.4. during profiling according to point.
Data on fee – based services. In the case of services subject to fee payment, the Data Controller manages the data related to the given service, the fee to be paid and the method of fee payment, for the purpose of providing the service and settling it.
3.3. The process of data management
The data subject may register on the Website voluntarily, the registration is not obligatory, the non-registration does not cause any disadvantage to the data subject. If the data subject registers and provides his / her data, they will be processed by the data controller and will be sent an advertisement to the data subject at a later stage. The Data Controller will draw lots during the prize games as specified in the rules of the game and will notify the winners.
Data subjects have the right at any time to prohibit the sending of further advertisements or to request the deletion of their data.
3.4. Profiling for advertising purposes
Profiling is any form of automated processing of personal data under the GDPR in which personal data are used to assess certain personal characteristics of a natural person, in particular performance, economic status, health, personal preferences, interests, reliability, behavior, location or used to analyze or predict motion-related characteristics.
The Data Controller performs profiling during the advertising on the Website.
If the data subject registers, the Data Controller is entitled to send an advertisement to the data subject until his or her consent is revoked. In determining the content of advertisements, the Data Controller uses the data provided by the data subject. What kind of offer appears in the ad is the result of profiling. In doing so, the computer program that compiles the advertisements evaluates the data available to the Data Controller about the data subject in a closed manner, without human intervention. Based on this data, the program determines whether the data subject belongs to the target group of the advertisement to be sent. After sending the advertisement, the Data Controller will delete the entire profiling.
During profiling, the decision is made solely about what kind of advertising will be sent to the data subject.
The legal basis for profiling is the consent of the data subject.
The data subject has the right to request information on profiling. The data subject shall have the right to be heard. The person concerned may prohibit profiling.
IV. INDIVIDUAL DATA PROCESSES
4.1. Provision of services
Description of data management: The data controller manages the data related to the services of the Websites and the use of the services. The Data Controller manages the registration and profile of the data subject, ensures access to the Websites and the use of the services.
Scope of data managed: All data of the data subject required for the use of the Website.
The purpose of data management:
identification of the data subject, contact and contact with the data subject;
registration, recording of data provided by the data subject;
providing the services of the Websites, making the Websites available;
sending advertisements to stakeholders, market research;
in the case of services provided against payment, calculation and payment of a fee;
organizing, conducting, drawing lots;
notification of winners, delivery of prizes to winners;
handling and validating the needs related to the prize draw;
exercise of rights arising from a legal relationship, fulfillment of obligations;
fulfillment of legal obligations.
Legal basis for data processing: The legal basis for data processing is the consent of the data subject.
Duration of data processing: The data will be deleted by the Data Controller if the data subject so requests or objects to the processing of the data.
4.2. Data management for advertising purposes
Description of data management: The primary activity of the data controller is advertising. The Data Controller builds its database for the purpose of sending advertisements to the data subjects. Participation in the prize games organized by the Data Controller is free of charge, so the condition for participation is registration and that the data subject consents to the sending of advertisements. The data subject may withdraw his consent at any time.
The Data Controller shall send advertisements to the data subject on a regular basis, until the data subject withdraws his or her consent.
During the advertising, profiling takes place, the above 3.4. as defined in point.
Scope of data processed: The e-mail address of the data subject, in the case of advertising sent by post, the mailing address, the data provided by the data subject on the Website.
Purpose of data management: The purpose of data management is advertising.
Legal basis for data processing: The legal basis for data processing is the consent of the data subject.
Duration of data processing: The data will be deleted by the Data Controller if the data subject so requests or objects to the processing of the data.
4.3. Data management related to sweepstakes
Description of data management: The Data Controller organizes sweepstakes. Participation in the sweepstakes is not tied to the payment of bets or purchases, so the sweepstakes does not qualify as a sweepstakes subject to a license or notification. In connection with the sweepstakes, the Data Controller manages the data of the participants that are necessary for the draw. During the draw, the Data Controller draws on the basis of e-mail addresses, as defined in the rules of the game, and then notifies the winners. Prizes will be delivered as specified in the rules of the game. The Data Controller fulfills the tax obligations related to the prizes.
The Data Controller will publish the names of the winners on the given website, unless the data subject prohibits this. If the data subject submits his / her photo to the Data Controller, the Data Controller will publish the photo.
Scope of data managed: Data provided by the data subject: gender, surname, first name, e-mail address. If the data subject wins, he / she must also provide the other details required for the delivery of the prize.
Purpose of data management: The purpose of data management is to conduct the prize draw, draw, inform the winners, and deliver the prizes.
Legal basis for data processing: The legal basis for data processing is the consent of the data subject. During registration, the data subject declares that he or she consents to the processing of his or her data in accordance with the provisions of this Prospectus. The statement of acceptance and the provision of data constitute consent.
Duration of data management: The Data Controller deletes the data if the purpose of data management has ceased. The Data Controller always deletes the data if the data subject so requests.
4.4. Data management relating to fee – based services
Description of data management: If the data subject uses a service subject to the payment of a fee, the Data Controller manages the data related to the given service, the fee to be paid and the payment of the fee.
Scope of data managed: The username, name, e-mail address, data of the given service and the fee.
The purpose of data management:
in the case of services provided against payment, calculation and payment of a fee;
exercise of rights arising from a legal relationship, fulfillment of obligations;
fulfillment of legal obligations.
Legal basis of data management: The legal basis of data management is the consent of the data subject, in case of payment the Accounting Act.
Duration of data processing: The data will be deleted by the Data Controller if the data subject so requests or objects to the processing of the data. The Data Controller handles the data related to the documents for eight years in accordance with the Accounting Act.
V. OTHER INFORMATION RELATING TO DATA PROCESSING
5.1. Data transmission
The Data Controller shall transfer personal data to a third party only if the data subject has explicitly consented to it – knowing the scope of the transferred data and the recipient of the data transfer, or the Data Controller has an appropriate legal basis for the data transfer.
5.2. Data security, access to data
The Data Controller shall ensure the security of the data, take the technical and organizational measures and establish the procedural rules that ensure the enforcement of the data security requirement. The Data Controller shall keep records of the data processed by him / her in accordance with the applicable legislation, ensuring that the data may be disclosed only to those employees and other persons acting in the interest of the Data Controller who need it in order to perform their duties. All persons acting in the interests of the Data Controller are only entitled to get acquainted with the data, the processing of which is necessary for the performance of the job of the named person. The named persons are obliged to keep the data confidential.
Within the scope of its tasks related to IT protection, the Data Controller shall in particular ensure:
Measures to protect against unauthorized access, including protection of software and hardware devices and physical protection (access protection, network protection);
Measures to ensure the possibility of restoring data files, including regular backups and separate, secure management of copies (mirroring, backup);
Protection of data files against viruses (virus protection);
On the physical protection of data files and the devices carrying them, including protection against fire, water damage, lightning, other elemental damage, and the recoverability of damage resulting from such events (archiving, fire protection).
The Data Controller shall take the necessary measures to protect the paper records, in particular with regard to physical security and fire protection.
Employees, agents and other persons acting on behalf of the Data Controller are obliged to securely store and protect the data carriers used by them or in their possession, which also contain personal data, regardless of the way the data is recorded.
5.3. Technical data and cookies
When a person visits the Website, the system associated with the Website automatically records the IP address of the user’s computer, the start time of the visit and, in some cases, the type of browser and operating system, depending on the computer’s settings. The data thus recorded may not be combined with other personal data. The processing of the data is for statistical purposes only.
Cookies allow the Website to recognize past visitors. Cookies help the Data Controller, as the operator of the Website, to optimize the Website in order to tailor the services of the Website to the habits of the users. Cookies are also suitable for
remember the settings so that the user does not have to re-enter them when entering a new page,
they remember previously entered data and therefore do not need to be re-typed,
analyze the use of the website in order to ensure that, as a result of the improvements made using the information thus obtained, it functions as much as possible in accordance with the user’s expectations, the user can easily find the information sought, and
they monitor the effectiveness of our ads.
If the Data Controller displays various content on the Website using external web services, it may result in the storage of some cookies that are not controlled by the Data Controller, so it has no influence on the data collected by these websites or external domains. These cookies are described in the regulations for the given service.
The Data Controller uses a Google Analytics cookie, which is used to collect website traffic statistics.
The Data Controller uses Facebook remarketing code, which allows us to visit visitors to the Website later with remarketing advertisements on Facebook. The remarketing code uses cookies, thus making it identifiable to Facebook that the given visitor visited the Website.
The Data Controller uses a Google Adwords Remarketing cookie, which, like the Facebook remarketing cookie above, allows visitors to the Website to appear on the Google Network at a later time.
The user can set their web browser to accept all cookies, reject them, or notify the user when a cookie arrives on their machine. The setting options are usually found in the “Options” or “Settings” menu of the browser.
Detailed information at www.aboutcookies.org in English will also help with settings in different browsers.
5.4. Data processing
The Data Controller is entitled to use a data processor to perform its activities. The data processors do not make an independent decision, they are only contracted by the Data Controller and are entitled to act according to the instructions received. The Data Controller monitors the work of the data processors. Data processors are only entitled to use an additional data processor with the consent of the Data Controller. The Data Controller publishes the data of the data processors used by it. The Data Controller uses the following data processors:
Magyar Hosting Kft. (1132 Budapest, Victor Hugo utca 18-22.), Provision of IT services, development;
Etarget SE (Szent István tér 4-5. 5. em. 2. 1051 Budapest), Tiger Media Inc. (PO Box 37204, Regina, Saskatchewan, Canada S4S 7K4), Eroadvertising (Praca da Alegria 6 S / LS 25, Lisbon Portugal), advertising, marketing services;
PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal L-2449, Luxembourg, operation of payment systems.
5.5. Duration of data management
By establishing and complying with the rules on deletion, the Data Controller ensures that the duration of the processing of personal data does not exceed the necessary and lawful extent. The data will be deleted in the following cases:
Personal data is no longer required for the purpose for which it was collected or otherwise processed. If the purpose of data management has ceased and the management of the data is not required by law, the data will be deleted by the Data Controller.
The data subject shall withdraw his consent. If the data subject withdraws his or her consent or the data subject requests the deletion of the data, the Data Controller shall delete the data in all cases. Cancellation can only be refused if it is prohibited by law or official regulation. If a tax has been paid in connection with the prizes, the Data Controller will delete the data on taxation only if the deadline specified by law has passed.
The data subject protests against the data processing. If the data subject objects to the data processing for advertising purposes, the Data Controller shall delete the related data.
It becomes certain that the processing of the data is unlawful. If the processing of the data is illegal, the Data Controller shall delete it in all cases as soon as the fact of the illegal data processing becomes apparent.
The deletion of the data is necessary to fulfill a legal obligation or the deletion has been ordered by a court or the National Data Protection and Freedom of Information Authority. If the deletion is mandatory by law or ordered by a court or Authority and the provision is final, the Data Controller shall delete the data.
5.6. Dealing with privacy incidents
A data protection incident is a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to, personal data that is transmitted, stored, or otherwise handled. The Data Controller shall immediately report the data protection incident to the National Data Protection and Freedom of Information Authority, unless the data protection incident is not likely to pose a risk to the rights and freedoms of the data subjects. The Data Controller registers data protection incidents, together with the measures related to the given incident. If the incident is serious (ie presumably involving a high risk to the data subject’s rights and freedoms), the Data Controller shall inform the data subject of the data protection incident without undue delay.
VI. RIGHTS AND ENFORCEMENT OF STAKEHOLDERS
6.1. Rights of data subjects
Information (access). The data subject has the right to be informed about the processing of his or her data. The Data Controller informs the data subject about the data management when recording the data, and this Prospectus is available to the data subject at any time. The data subject may at any time during the processing process request full information on the processing of his or her data. The data subject may request that the Data Controller provide him with a copy of the data.
Rectification. The data subject may request that the Data Controller correct inaccurate data concerning him or her, supplement the incomplete data.
Cancellation, withdrawal of consent. The data subject may at any time withdraw his or her consent to the processing of his or her data and request the deletion of his or her data. The Data Controller shall refuse the deletion only if the data processing is based on law or if the data processing is necessary for the submission, enforcement or protection of legal claims.
Restriction. The data subject has the right to request a restriction of data processing in the following cases:
the data subject disputes the accuracy of the personal data, in which case the restriction shall apply to the period of time that allows the controller to verify the accuracy of the personal data;
the processing is unlawful and the data subject opposes the deletion of the data and instead requests that their use be restricted;
the controller no longer needs the personal data for the purpose of data processing, but the data subject requests them in order to make, enforce or protect legal claims;
the data subject has objected to the processing; in that case, the restriction shall apply for as long as it is established whether the legitimate reasons of the controller take precedence over the legitimate reasons of the data subject.
Where processing is restricted, such personal data may be processed, with the exception of storage, only with the consent of the data subject or for the purpose of bringing, enforcing or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the European Union or a Member State. .
Protest. If the data processing is based on the legitimate interests of the Data Controller or a third party, the data subject has the right to object to the processing of his or her personal data at any time for reasons related to his or her own situation. In that case, the controller may not further process the personal data unless the controller demonstrates that the processing is justified by compelling legitimate reasons which take precedence over the interests, rights and freedoms of the data subject or which are necessary to bring, assert or defend legal claims. are related. If the processing of personal data is for the direct acquisition of business, the data subject has the right to object at any time to the processing of personal data concerning him or her for this purpose.
Data portability. The data subject shall have the right to receive personal data concerning him or her in a structured, widely used machine-readable format and to transfer such data to another controller, provided that the processing is carried out automatically. The data subject shall have the right, if technically feasible, to request the direct transfer of personal data to another controller.
6.2. Ensuring the rights of the data subject, handling the data subject’s request
The Data Controller informs the data subject about the handling of the data at the same time as the contact. Upon request, the Data Controller shall make this Prospectus available to the data subject and shall also make it available on the Company’s website. This detailed Prospectus is also available to the data subject, the fact and contact details of which the Data Controller draws the data subject’s attention to. The Data Controller shall make available to it the prospectus prepared on the basis of this Prospectus, which contains the main data protection rules.
The data subject’s application for the exercise of his rights is You can send it to the Data Controller at one of the contacts indicated in point. The Data Controller shall immediately examine the request, make a decision on the execution of the request and take the necessary measures. The Data Controller shall inform the data subject of the measures taken within one month. In all cases, the information shall include the action taken by the Data Controller or the information requested by the data subject. If the Data Controller refuses to comply with the request (the necessary measures are not taken to comply with the request), the information shall include the legal basis for the refusal, the reasons for the refusal, and the legal remedies available to the data subject.
The Data Controller does not bind the fulfillment of the request to the payment of a fee or the reimbursement of costs.
If, due to the circumstances and manner of submitting the request, it is not certain that the request originates from the data subject, the Data Controller may request that the applicant prove his / her right or submit the request in such a way that the right can be clearly established.
The Data Controller shall be informed of any rectification, erasure or restriction of data processing to whom or with which the personal data have been communicated, unless this proves impossible or requires a disproportionate effort. Upon request, the controller shall inform the data subject of these recipients.
6.3. Remedies
In case of violation of the data subject’s rights, the Data Controller may request that the Data Controller terminate the illegal data processing, examine the data processing and reject the data subject’s request. The Data Controller shall investigate the data subject’s complaint in this case in all cases and inform the data subject of the result.
Stakeholders may submit their complaints in accordance with section 1.1. at the contact details set out in point.
The data subject may file a complaint directly with the National Data Protection and Freedom of Information Authority (address: 1125 Budapest, Szilágyi Erzsébet fasor 22 / c .; phone: + 36-1-391-1400; e-mail: ugyfelszolgalat@naih.hu; website: www. naih.hu) is.
In case of violation of the rights of the data subject concerned, to go to court. Upon request, the Data Controller shall inform the data subject in detail about the court with the competence and competence to adjudicate the lawsuit, as well as about the possibility of initiating lawsuits.
Created: 24/03/2021 World Network Media Group