Privacy Notice
(sign up for newsletter)

1. Controller’s name, registered seat and representative

Name: BOBO FUN PARK Kft.
Registered seat: 8394 Alsópáhok, Fő utca 120.
Official representative: Csaba Baldauf, Managing Director
Contact person for data protection issues: Judit Nyírő

2. Data Protection Officer:

Dr. Boldizsár Morvay – dr.morvay@balintfy.hu

3. The data processed:

  • the names and e-mail addresses provided by data subjects

4. Purpose of data processing:

  • distribute newsletters on selected topics; send promotional offers, miscellaneous other messages, information updates, offers, DM messages and the company’s online research queries

5. Legal basis for data processing:

  • the data subject’s consent

6. Legal consequences if data are not supplied:

  • no newsletter subscription; no data processing.

7. Transfer of data:

The data will be transferred to a company providing newsletter distribution services.
Name of data processor providing newsletter distribution services MORGENS Design Kft.
Registered seat 8800 Nagykanizsa, Csányi László utca 2.
Representative Zoltán Katona, Managing Director
Objective of data processing on behalf of the controller to provide the controller with storage space in the Zadír MailR online system, which is protected by ID’s and passwords and is located on the servers of Tárhely.Eu Szolgáltató Kft. (1144 Budapest, Ormánság utca 4. X. emelet 241.) in order to access the log-in account specified by the Controller, for the purpose of distributing its newsletter
Data will be transferred to a third country, to the company below; the electronic e-mailing function will operate on the emailing servers of that firm.
Name of data processor providing e-mail hosting services Mailgun Technologies, Inc.
Registered seat 535 Mission St., 14th Floor
San Francisco, California 94105
Representative William Conway CEO
Objective of data processing on behalf of the controller

e-mailing function via the e-mail servers of Mailgun Technologies, Inc. for the purpose of distributing the newsletter

The e-mail address will be transferred within the European Union in encrypted (SHA-256 hash algorithm), non-reversible form for statistical and analytical purposes and for personalised advertising to the following company:
Name of data processor providing e-mail hosting services Google Ireland Limited
Registered seat Google Building Gordon House, Barrow St. Dublin 4. Ireland
Objective of data processing on behalf of the controller

processing statistical and analytical data and serving personalised advertising

The e-mail address will be transferred to a third country, to the following company in encrypted (SHA-256 hash algorithm), non-reversible form for statistical and analytical purposes and for personalised advertising:
Name of data processor providing e-mail hosting services META Inc
Registered seat 1601 WILLOW ROAD MENLO PARK, CA 94025-USA
Representative Microsoft Inc

Registered seat

Objective of data processing on behalf of the controller

One Microsoft Way. Redmond, Washington 98052-6399-USA

processing statistical and analytical data and serving personalised advertising

8. Legal basis of the data transfer:

  • the data subject’s consent

9. Duration of personal data processing:

  • the data will be processed until the revocation of the data subject’s consent. Data subjects may unsubscribe at the end of each newsletter; this will also mean a request for erasing the data subject’s e-mail address from the database.

10. Information on data subject rights

Data subjects have the right to

  • request information from the controller regarding whether their personal data are being processed; if they are, the data subjects may request access to these personal data.
  • request the controller to rectify incorrect personal data without undue delay.
  • request the controller to erase their personal data without undue delay; the controller is under obligation to erase the personal data of the data subject without undue delay if certain other conditions apply
  • request the controller to restrict the data processing if
    • the data subject disputes the accuracy of the personal data /such restriction shall be in force while the controller verifies the accuracy of the personal data/;
    • the data processing is unlawful but the data subject is against the erasure of data and prefers a restriction of use instead;
    • whereas the controller no longer needs the personal data, but the data subject does for purposes of presenting, enforcing or protecting legal demands.
    • the data subject has objected to the data processing; in such a case, the restriction will apply for the duration of establishing whether the controller’s legitimate interests prevail over the data subject’s legitimate interests.
  • receive their personal data, provided by them to the controller, in a structured, commonly used format, and forward the data to another controller without this being prevented by a controller to whom they had provided such personal data, where the data processing is based on voluntary consent or contract, and is automated.
  • if personal data are processed for direct marketing purposes, the data subject has the right to object to the processing of their personal data for that purpose, including any profiling that is associated with direct marketing.
  • object to being subject to decisions based solely on automated data processing – including profiling – that would have a legal effect or similar significant consequence on them.

11. Information on profiling and automated decisions:

  • there are no profiling or automated decisions

12. Data storage, data security

The controller and the data processing entity store the data on their own computer equipment, which are located at the offices of the registered seat of the former and at a leased server pool of the latter. The controller and the data processor will select and operate the information technology equipment so that the data processed are available to the authorised persons, the authenticity and authentication of the data is guaranteed, their integrity can be proven, and they are protected against unauthorised access. The data are protected against unauthorised access, modification, transmission, disclosure, erasure, intended or unintended destruction, damage, and unavailability resulting from any changes in the technology; with reference to the latest advancements in technology, the controller will adopt technical, systemic and organisational measures at all times that protect the data processing at a level appropriate to the risks arising in relation to the data processing.

13. Right to turn to the authorities:

Data subjects may take the controller to court if their rights have been breached. Lawsuits will be adjudicated by the Regional Court (Zalaegerszeg Regional Court contact information: 8900 Zalaegerszeg, Várkör u. 2.). The data subject may choose whether to bring a lawsuit before a regional court with competence at the data subject’s permanent or temporary place of residence. In such matters, the court will expedite its procedures.

Legal remedy is available and complaints may be filed at the National Authority for Data Protection and Freedom of Information: Name: National Authority for Data Protection and Freedom of Information. Registered seat: 1055 Budapest, Falk Miksa utca 9-11. Postal address: 1363 Budapest, Pf.: 9. Telephone: 06.1.391.1400 Fax: 06.1.391.1410 E-mail: ugyfelszolgalat@naih.hu Website: http://www.naih.hu

14. Link to the Privacy Policy

The controller’s Privacy Policy is available at: bobofunpark.hu/en/privacy-policy.

Share