The following Privacy Policy regulates the data protection of Gypsymissions.org website.

The operator of www.gypsymissions.org hereby informs the visitors of the Website (hereinafter: Website) about the practices followed in the management of personal data, about the organizational and technical measures taken to protect the data, as well as about the rights of the visitors in this regard and the possibilities of their enforcement.

The manager of the data is the Hungarian Pentecostal Church National Gypsy Mission (hereinafter: Operator) (tax number: 18393567-2-04; Headquarters: Petőfi Sándor u. 56., 5630 Békés, Location: 5630 Békés, Raceny u. 7.)

If the Operator requests personal data from the Website visitor (hereinafter: User) for any purpose, the following provisions shall apply.

This Privacy Statement contains basic information regarding the management, processing and registration of personal data provided by the User when using the Operator’s Website. If you have any questions regarding the handling of your data, please contact our customer service department before using the Website.

The Privacy Statement may be amended at any time, the User is obliged to check the Website from time to time to ensure that he is aware of any changes. The Data Protection Statement entered into force on January 1, 2024. The Operator is responsible for handling your personal data provided on the Website.

DATA REQUEST AND COOKIES

In order to use the Website, the User generally does not have to provide any data. However, in order to use certain services, it may be necessary for you to provide certain personal data to the Operator.

Depending on the service, the Operator may need the following personal data:

your name and contact information, including your e-mail address, home address and information about your company;
information about your personal and professional interests;
demographic data;
your experience with our products and your contact preferences so that we can provide you with additional information about our products and services.
Cookies can store information about the parameters of your browsing device, its browser, as well as your possible settings and previous visits, so that we can provide you with a better user experience.
In addition, the website can place cookies on the User’s device used for browsing, if you specifically approve this when you first access the website. It is important that these cookies are not placed by the Operator, but on the User’s own device used for browsing, so the User has full control over them.

SCOPE OF HANDLED DATA

When viewing the Website, with the help of cookies placed on the User’s computer, the start and end time of the User’s visit, IP address, and in some cases – depending on the settings of the User’s computer – the type of browser, operating system, language, The parameters of the user’s device, the settings specified by the user on the Website, the subpages visited and the time spent on them. The Operator does not and cannot connect this data with personal data, you decide to share them with the express authorization given to us and the cookie settings specified in your browser.
Other data provided for the use of the Website is also processed with the voluntary consent of the user.

Other data provided for the use of the Website is also processed with the voluntary consent of the user.

PURPOSE OF DATA MANAGEMENT

The data management serves the continuous relationship between the registered Users who use the services of the Website and the Operator, the improvement of the user experience, and the public opinion survey. Through the use of cookies, the system automatically generates statistical data on the duration of the visit and the pages visited, so that the Website’s services can be further developed and optimized by the Operator, and even more tailored to the User’s needs. The Operator also uses cookies to provide the User with content consistent with the User’s previous activity during the next visit, and to automatically load its own settings, thus making the use of the website more convenient.
Other data provided by the user is used and managed by the Operator solely for the purpose of providing a higher level of service to the User, especially in the following areas:

• to answer your questions through the Website;
• to deliver newsletters;
• to improve the content of the Website;
• to inform you about updating the Website;
• to customize the content of the Website;
• in order to deliver the publications ordered on our website to the User.

The Operator may contact the User by e-mail, telephone or letter, unless he has marked one of these as a preference. The Operator does not use the personal data for purposes other than those indicated, the data provided in this way is handled with the voluntary consent of the User.

Without your consent, the Operator will not forward, publish, sell, rent or make your personal data available to third parties if it is only necessary for the purposes set out in this Privacy Statement or required by law.

The Operator treats all data and facts concerning the Users as confidential, and uses them exclusively for the development of its services and for the preparation of its own statistics. The reports made on these are only published in a form that is not suitable for the unique identification of individual Users.

If the User provided his personal data in order to receive information about the Operator’s services by e-mail, he will continue to send this to him by e-mail, unless he expressly requests otherwise. In other cases, when you provide your personal data to the Operator, you have the option to choose whether you would like to receive this type of information by e-mail as well.

PERIOD OF DATA MANAGEMENT

The session IDs are automatically deleted when you leave the Website, but at the same time, another part of the cookies helps the Operator in that, through their use, the Operator is aware of the User’s previous settings, the data and information provided by him, and other characteristics of his use of the website, so that you do not have to enter them again on the next visit, and your settings are automatically loaded to achieve a more pleasant user experience. The expiration date of these cookies varies, but they are typically present on the User’s device until the User deletes them.

Messages written to the Operator are classified by the Operator at its own discretion, and if it considers that its content is necessary to protect or assert the legitimate interests of the Operator or another third party, it stores them for 2 years, but uses them strictly only for the above-mentioned purpose . If the Operator does not attach such importance to the message, it will be deleted within 30 days of receipt.

The Operator assumes no responsibility for its previous pages that have already been deleted, but were still archived with the help of Internet search programs. The operator of the search page must ensure that they are removed.

RANGE OF DATA ACCESSORS, DATA PROCESSORS

Employees of the Operator can access the personal data provided by Users.
The Operator does not transfer personal data to third parties other than those indicated. This does not apply to possible mandatory data transmissions prescribed by law, which can only take place in exceptional cases. Before fulfilling each official data request, the Operator examines each individual data to see if the legal basis for data transmission really exists.

RIGHTS OF USERS RELATING TO THE MANAGEMENT OF THEIR PERSONAL DATA, DATA DELETION

The legal basis for data management is the voluntary consent of Users.
Users can request information about the management of their personal data. Upon request, the Operator provides the data subject with information about the data it manages, the purpose, legal basis, and duration of the data management, the name and address of the Operator and its activities related to data management, as well as who receives or has received the data and for what purpose. The information can be requested at the postal address of the Operator, 5631 Békés, Pf.: 61., or at the e-mail address info@gypsymissions.org

You can initiate the correction and deletion of the User’s personal data at the same contacts.

In the case of inappropriate use of the Website’s services, as well as at the User’s own request, the associated data will be deleted. Deletion will take place within 72 hours of the next working day from the start of the deletion request.

The Operator places great emphasis on the security of your personal data. In order to prevent unauthorized access to personal data, we use appropriate physical and electronic procedures for the protection and security of data received online.

If you wish to change the cookie settings related to the Website or delete them, you can do so in the settings of the browser used to access the website, as cookies are stored on the user’s computer and not by the Website Operator. You can get more information about these in the Help of the browser you are using, and you can use it to change your previous cookie settings, or delete the cookies previously placed by the Operator on the device you use for browsing.

RIGHTS OF THE PERSONS CONCERNED, LEGAL REMEDIES
(1) At any time, the data subjects may request information in writing from the Data Controller about the way their personal data is managed, indicate their request for deletion or modification, and withdraw their previously given consent at the contact details provided in point 3.
(2) The data subject may not exercise his right to deletion in the case of data management as required by law.

(3) Content of the right to information: Based on the data subject’s request, the Data Controller shall provide the data subject with the information listed in Articles 13 and 14 of the GDPR regarding the processing of personal data, as well as Articles 15-22. and provides the information in accordance with Article 34 in a concise, understandable form.

(4) Content of the right of access: Upon request of the data subject, the Data Controller provides information on whether data processing related to him is in progress at the Data Controller. If the Data Controller is processing the applicant’s data, the data subject is entitled to access with regard to the following:

• Personal data relating to him;
• purpose(s) of data management;
• categories of personal data concerned;
• the persons to whom the data subject’s data has been disclosed or will be disclosed;
• the duration of data storage;
• the right to correction, deletion, and restriction of data processing;
• the right to appeal to the court or supervisory authority;
• the source of the processed data;
• profiling and/or automated decision-making, as well as the details and practical effects of such application;
• transfer of processed data to a third country or international organization.
• (5) In the event of a data request according to the above, the Data Controller shall issue to the data subject a copy of the data processed by him corresponding to the request. Upon separate request, it is possible to request electronic delivery from the Data Controller.

(6) The data controller requests an administration fee of HUF 1,000 per page for each additional copy.

(7) The deadline for issuing the requested data is 30 days from the receipt of the request.

(8) Right to rectification: The data subject may request the correction of inaccurate data concerning him/her managed by the Data Controller.

(9) Right to deletion: If any of the following reasons exist, the Data Controller will delete the data concerning the data subject as soon as possible, but no later than within 5 working days, at the request of the data subject:

The data was processed illegally (without legal authorization or personal consent);
the processing of the data is not necessary to achieve the original purpose;
the data subject withdraws his consent to the data management, and the Data Controller has no other legal basis for the data management;
the data in question was collected in connection with the offering of services related to the information society;
personal data must be deleted to fulfill the legal obligations of the Data Controller.

(10) It is not possible for the Data Controller to delete the data if the data management is still necessary for any of the following:

Further data management is necessary to comply with the legal requirements applicable to the Data Controller;
it is necessary for the purpose of exercising the right to express an opinion and obtain information;
in the public interest;
for archival, scientific, research or statistical purposes;
to assert or defend legal claims.

(11) The right to limit data processing: If any of the following reasons exist, the Data Controller will limit data processing at the request of the data subject:

The data subject disputes the accuracy of the data concerning him, in which case the restriction applies to the time until the review of the accuracy and correctness of the data in question takes place in a credible manner;
the data management is illegal, but at the same time the data subject requests not to delete it, but only requests the limitation of data management;
the data are no longer needed for data management, but the data subject requests their further storage to assert or defend their legal claims;

(12) If the Data Controller introduces a restriction on any processed data, during the period of the restriction, it will only process the relevant data if and to the extent that:

The data subject consents to this;
necessary to assert or defend legal claims;
necessary to enforce or protect the rights of another person;
necessary to assert public interest.

(13) Right to withdraw: The data subject has the right to withdraw the consent given to the Data Controller – in writing – at any time. In the event of such a request, the Data Controller shall immediately and permanently delete all data that it has managed in relation to the data subject and whose further storage is not required by law, or is not necessary for the enforcement or protection of rights related to legitimate interests. The legality of the data management up to the withdrawal of the consent is not affected by the withdrawal.

(14) The right to data portability: The data subject has the right to request that the Data Manager transmits the data concerning him in a commonly used format readable by computer software to another data manager. The Data Controller fulfills the request as soon as possible, but within 30 days at the latest.

(15) Automated decision-making and profiling: The data subject has the right not to be the subject of a decision based solely on automated data management (for example, profiling) that would have a legal effect on him or otherwise adversely affect him. This right is not applicable if:

data management is essential for the purpose of concluding or fulfilling the contract between the data subject and the Data Controller;
the data subject expressly consents to the application of such a procedure;
its use is permitted by law;
necessary to enforce or protect legal claims.

DATA SECURITY MEASURES
The Operator stores personal data on the servers of Company name: MAXER Hosting Kft. (Tax number: 13670452-2-08 Company registration number: 08-09-013763).
Company name: MAXER Hosting Kft.
Tax number: 13670452-2-08
Company registration number: 08-09-013763

ENFORCEMENT OPTIONS
The User who feels that the Operator has violated his right to the protection of personal data can assert his claim before a civil court or ask for the help of the National Data Protection and Freedom of Information Authority (NAIH). The detailed legal provisions regarding this, as well as the Operator’s obligations, can be found in Act CXII of 2011 on the protection of personal data and the disclosure of data of public interest. Act and Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).

Governing legislation:

Regulation (EU) 2016/679 of the European Parliament and of the Council (April 27, 2016) on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, and on the repeal of Regulation 95/46/EC (general data protection regulation; hereinafter: “GDPR”)