Privacy Policy

The purpose of this data protection notice (hereinafter referred to as the “Policy”) is to enable DR. FOGARASI & PARTNER ADVISORY AGENCY LTD. (Hova House, 1 Hova Villas, Brighton &; Hove, England, BN3 3DH.; VAT number: GB284981060 ; Company registration number: 10354423 (England and Wales))

inform your clients (hereinafter referred to as “Clients”) about the principles and rules governing the processing of personal data and other data provided by DR. FOGARASI & PARTNER ADVISORY AGENCY LTD. (hereinafter referred to as “Data Controller”).

The processing of personal data is carried out by the Data Controller in accordance with the applicable legislation and in compliance with the following principles:

I. Personal data may only be processed for a specific purpose, in order to exercise a right and fulfil an obligation. At all stages of data processing, the purpose of data processing must be fulfilled, the recording and handling of data must be fair and lawful.

II. Only such personal data may be processed that is essential for the realization of the purpose of data management and suitable for achieving the purpose. Personal data may only be processed to the extent and for the time necessary to achieve the purpose.

III. Personal data retains this quality during data processing as long as its relationship with the person concerned can be restored. The relationship with the data subject shall be deemed recoverable if the data controller has the technical conditions necessary for the restoration.

IV. During data processing, the accuracy, completeness and, if necessary with regard to the purpose of data processing, up-to-date data must be ensured, and the data subject can only be identified for the time necessary for the purpose of data processing.

1. GENERAL PROVISIONS

Name of data controller: DR. FOGARASI & PARTNER ADVISORY AGENCY LTD. Registered office of the data controller: Hova House, 1 Hova Villas, Brighton & Hove, England, BN3 3DH

Contact details of the Data Controller:

email: drfogarasi@drfogarasi.co.uk

postal address: 50 Meyrick Road London, SW11 2NJ, Flat 6.

Legal basis for data processing:

• in case of preparing an offer, maintaining contact with customers, handling complaints: the consent of the client, if it cannot be obtained, the legitimate interest of the Data Controller;

• sending newsletter: customer consent.

Data subjects: Clients of the Data Controller, i.e. users sending inquiries through the www.drfogarasi.co.uk website, customers making telephone inquiries or otherwise requesting requests.

Consent to data processing: By using contact via the website/phone and attending a personal consultation, Clients expressly consent to the processing of their personal data by the Data Controller in the manner described in this prospectus.

Purposes of data processing:

• preparing an offer for Customers,

• Customer relations,

• complaint handling,

• sending newsletters.

Data processing is manual data processing

2. SCOPE OF PERSONAL DATA PROCESSED:

In the course of inquiries, the Customer provides the following data for the purpose of identification, contact, making an offer and handling complaints:

• Name of the client – who writes the message – purpose: contact, identification;

• E-mail address / telephone number / further contact data – purpose: to contact us, send information, send a reply letter or newsletter;

• other: additional personal data provided by the User, for which the User gives his/her consent -Purpose: contact / identification / complaint handling.

3. DATA PROCESSORS (performing technical tasks related to data processing operations)

PERSON: Dr. László György FAGARASI

4. DURATION OF DATA PROCESSING

The data provided shall be processed by the Data Controller for an indefinite period indicated below, either according to the purpose limitation principle, or until the withdrawal of the consent of the data subject.

Purpose of data processing Duration of data processing

Identification

for 10 years from the date of last contact,

Contact – Complaint handling – Quotation – Newsletter sending for 12 months from subscription or 12 months from the opening of the last newsletter

The Data Controller declares that after the expiry of the above periods, the data provided by the Customer will be deleted from both its digital and paper records.

5. PROTECTION OF PROCESSED DATA

The Data Controller stores the data managed by it securely, no third party can access them. It is stored physically on electronic devices physically located at its headquarters, as well as in paper format in a locked cabinet and locked room

6. DATA TRANSFER

The data subject accepts that his or her personal data may be transferred by the Data Controller to its affiliated companies and data processors.

In order to perform its administrative tasks, the Data Controller may transfer a certain part or all of the personal data to a data processor, subcontractor or vicarious assistant commissioned by it as a data processor for the purpose of performing certain data processing operations.

If the Data Controller entrusts accounting, legal tasks, hosting/server services, system administrator or other tasks qualifying as data processing tasks to a third party, the data of this partner as data processor are specified in the annex to this prospectus together with the members of the affiliated companies.

7. MANAGEMENT OF COOKIES

When you read this website, this may involve our use of cookies or similar technologies to identify your browser or device. A cookie is a small file that is placed on your computer when you visit a website. When you visit the website again, the cookie allows the website to recognize your browser. Cookies may also store user preferences and other information.

Other platforms, where cookies are not available or used, use other technologies with similar purposes to cookies, such as the advertising ID on Android mobile devices. You can reset your browser settings to reject all cookies or to notify you when a cookie is being sent. However, some website features or services may not function properly without cookies. This website uses cookies used by Google Analytics, which are subject to Google’s privacy policy

8. RIGHTS OF DATA SUBJECTS

The person concerned by data processing may request from the Data Controller:

a) providing information about the processing of your personal data,

b) rectify your personal data, and

c) erasure or blocking of your personal data, with the exception of mandatory data processing.

At the request of the data subject, the Data Controller shall provide information on the data processed by the data subject or processed by him or by the data processor entrusted by him or at his disposal, their source, the purpose, legal basis, duration of data processing, the name, address and activities of the data processor related to data processing, the circumstances, effects of a possible data protection incident and the measures taken to remedy it, and – in case of transfer of the data subject’s personal data  – the legal basis and recipient of the transfer.

The Data Controller – if it has an internal data protection officer, through the internal data protection officer – shall keep records for the purpose of monitoring the measures related to the personal data breach and informing the data subject, which includes the scope of the personal data concerned, the scope and number of persons affected by the personal data breach, the date, circumstances, effects of the personal data protection incident and the measures taken to remedy it, as well as the statutory provisions prescribed for data processing  other data.

The Data Controller is obliged to provide the information in writing within the shortest possible time from the submission of the request, but not later than within 25 days, in an understandable form, at the request of the data subject. The information is free of charge if the person requesting the information has not yet submitted a request for information on the same set of data to the Data Controller in the current year. In other cases, the Data Controller may determine reimbursement of costs

The Data Controller deletes personal data if:

(a) its processing is unlawful;

(b) requested by the data subject;

c) it is incomplete or erroneous – and this condition cannot be legally remedied – provided that deletion is not excluded by law;

d) the purpose of data processing has ceased to exist or the statutory deadline for storing the data has expired;

(e) ordered by a court or authority.

The rectification, blocking, marking and erasure shall be notified to the data subject and to all those to whom the data have previously been transmitted for data processing. The notification may be omitted if it does not violate the legitimate interest of the data subject with regard to the purpose of data processing. If the Data Controller fails to comply with the data subject’s request for rectification, blocking or erasure, it shall communicate the factual and legal reasons for rejecting the request for rectification, blocking or erasure in writing or electronically with the consent of the data subject within 30 days of receipt of the request. If the request for rectification, erasure or blocking is rejected, the Data Controller shall inform the data subject of the possibility of judicial remedy and turning to the Authority.

9. OBJECTION TO THE PROCESSING OF PERSONAL DATA.

The data subject may object to the processing of his or her personal data,

a) if the processing or transmission of personal data is only necessary for compliance with a legal obligation to which the controller is subject or for the enforcement of the legitimate interests of the Data Controller, the data recipient or a third party, except in the case of mandatory data processing

b) where personal data are used or transmitted for direct marketing, public opinion polling or scientific research; as well as

c) in other cases specified by law.

The Data Controller shall examine the objection within the shortest possible time, but not later than 25 days from the submission of the request, make a decision on its merits and inform the applicant in writing of its decision.

If the Data Controller establishes that the data subject’s objection is justified, it shall terminate the data processing, including further data collection and transmission, and block the data, and shall notify all those to whom the personal data concerned by the objection have previously been transmitted and who are obliged to take measures to enforce the right to object.

If the data subject does not agree with the decision made by the Data Controller, or if the Data Controller fails to meet the above deadline, the data subject may turn to court within 30 days of the notification of the decision or the last day of the deadline.

If the data subject objects to the processing of his or her personal data or seeks a judicial remedy, or if a request for disclosure is received from a third party that is not based on the consent of the data subject, the data may also be disclosed to the legal representatives appointed by the Data Controller to the extent necessary to assess the legality of the above.

10. REMEDIES

If you feel that the Data Controller has violated your personal data protection rights, please contact us so that we can remedy the possible violation.

We also inform our Clients that the data subject may turn to court against the Data Controller in case of violation of his rights. The court shall deal with the case as a matter of priority. The trial falls within the jurisdiction of the tribunal. The action may also be brought before the court of the place where the data controller has its registered office or, at the choice of the data subject, before the court of the place of residence or residence of the data subject. A party to a lawsuit may also be a person who otherwise does not have legal capacity to be a party to litigation.

If the Data Controller causes damage to others by unlawfully processing the data of the data subject or by violating the requirements of data security, it is obliged to compensate for it.

If the Data Controller violates the personality rights of the data subject by unlawfully processing the data of the data subject or by violating the requirements of data security, the data subject may claim grievance fees from the Data Controller.

The Data Controller shall be exempted from liability for the damage caused and from the obligation to pay grievance fee if it proves that the damage or the violation of the personality rights of the data subject was caused by an unavoidable cause outside the scope of data processing. There is no need to compensate for the damage and no grievance fee can be claimed to the extent that the damage resulted from the intentional or grossly negligent conduct of the injured party or the violation of personality rights.

11. FURTHER DATA PROCESSING PROVISIONS

The Data Controller reserves the right to modify this data protection information. This Privacy Policy is available on the www.drfogarasi.co.uk/ privacy-policy website.