Skip to main content

Privacy Policy

1. INTRODUCTION

Miskolci Fejlesztési Központ Nonprofit Kft. (hereinafter: Data Controller) is committed to protecting the personal data of its users. The purpose of this notice is to present, in an easily understandable form, the data processing activities carried out on the www.miskolcifejlesztesikozpont.hu website, in accordance with the European Union’s General Data Protection Regulation (GDPR) and the Hungarian Act on the Right to Self-Determination in Information.

The Data Controller stores and processes personal data in accordance with data protection laws. By using the website, the visitor accepts and acknowledges as binding the provisions set forth in this privacy and data processing notice.

User personal data is not generated solely through the act of visiting the website. However, an information file, known as a “cookie,” may be stored in the user’s browser cache, which uniquely identifies the user during subsequent visits and allows for tracking of their browsing activity on the website. The user can delete this information file at any time using their browser. You can find more information below regarding the use of cookies, how they are used, and how to delete them.

Data Controller’s details:

  • Company name: Miskolci Fejlesztési Központ Nonprofit
  • Registered office: 3525 Miskolc, Városháztér
  • Tax ID: 32850691-2-05
  • Email address: fejlesztesikozpont@miskolc.hu

Cookie Policy

No personal data is required to view the information published on the www.miskolcifejlesztesikozpont.hu website, which is accessible to anyone. 

By accessing the www.miskolcifejlesztesikozpont.hu website, if your browser settings allow it and you expressly consent to this upon your first visit to the site—or at any time thereafter —

the website may automatically store information from your computer or the device you use for browsing (tablet, smartphone, etc.) and may place so-called cookies or other similar programs on it.

The Data Controller uses two types of cookies in the operation of the website.

On the one hand, there are essential cookies, which are absolutely necessary for the website to function. These cookies are automatic and cannot be disabled. Essential cookies automatically record the following data about website visitors: browser type, time of visit, URL of the page visited, characteristics of the operating system of the device used for browsing (e.g., type, language setting), and the URL of the previously visited page. The Data Controller uses this data exclusively for website-related analysis and to verify the secure operation of the website. Purpose of data processing: During a visit to the website, the Data Controller records visitor data to verify the secure operation of the website and for the purpose of website-related analysis. Legal   basis   for   data   processing:   the   data   subject’s   consent.

On the other hand, there are analytical cookies, which affect the operation of Google Analytics cookies and tracking codes. To accept these, the user must explicitly consent, i.e., check the option. The cookies only take effect after this. Legal basis for data processing: the data subject’s consent.

The website allows visitors to change their previous cookie settings at any time during their visit.

Cookies

A cookie is a file that is (or may be) placed on your computer or other device used for browsing when you visit a website. Cookies store information related to your use of the website. Cookies have various functions, including collecting information, remembering user settings, and allowing the website owner to understand user habits and enhance the user experience. The purpose of processing data stored in cookies is to enhance the user experience and improve the website’s online services. The cookies used on the website do not store information that can be used to personally identify you. You can disable the storage of cookies in your browser.

What Cookies Do We Use?

Some cookies are strictly necessary for the site to function, while others are used to improve performance and the user experience.

Strictly Necessary Cookies

Some of the cookies we use are strictly necessary to allow you to navigate between pages and view certain protected content. 

Session Cookies

Session cookies are temporary cookies that track your activity only while you are on the website and expire when you close your web browser.

Persistent Cookies

Persistent cookies are used to remember your settings on our website and remain on your desktop or mobile device even after you close your browser or restart your computer. We use these cookies to analyze user activity and create visit patterns so that we can improve the functionality of our website for you and others who visit our sites. These cookies also allow us to display targeted ads to you and measure the effectiveness of our website’s features and ads.

Cookies for Statistical Purposes

Our employees and service providers also use analytical tools, which allow us to measure how popular the site’s content is, what our visitors are interested in, and how we can improve the site’s functionality. By using cookies for statistical purposes, we track how many unique users visit the site and how often. We use this data exclusively for statistical purposes and do not identify visitors by name. 

Third-Party Cookies

We use the following third-party cookies:

Most browsers allow you to view which cookies are active on your computer, delete them individually, or block cookies from a specific site or all websites. Please note that if you delete all cookies, any settings you previously configured on the website will be lost, including if you previously indicated that you do not allow the use of cookies, as this setting itself requires a specific type of cookie. For more information on how to disable cookies by changing your browser settings, please visit   http://www.aboutcookies.org/ and http://www.cookiecentral.com/faq/.

With the exception of essential cookies, you can reject or disable all or specific cookies downloaded when visiting the website.

You can change the settings for the Data Controller’s website or any third-party website by modifying your browser settings. Please note that most browsers automatically accept Cookies. Therefore, if you do not wish to allow the use of Cookies, you must disable them by clicking the “Do not allow” button in the pop-up window. If you decline the use of cookies, you will still be able to visit our websites, but some features may not work properly. If you wish to view the contents of a cookie, click on the cookie itself, and it will open. You will see a short string consisting of text and numbers. 

The function and importance of cookies are detailed below:

XSRF-TOKEN:

Description:

“This is a security cookie designed to prevent attacks known as cross-site request forgery (CSRF). In this type of attack, if someone sends a POST request to the site from an external site or through a program and does not possess this token, the system will reject the request because it deems the source untrustworthy. This eliminates a significant portion of such attacks.”

If you do not accept the cookie:

“In this case, the system will reject your requests. For example, if you want to fill out a contact form but have not enabled cookies, the system will terminate the connection citing an insecure source, and you will not be able to use the services properly.” 

Encryption:

“The cookie is hashed, which the server generates before every request, so it is practically impossible to forge, and no information about the system user can be derived from it, since the server does not store it either.”

Cookies refer to the following data:

Description:

The following data is never stored on the user’s device. The only thing stored on the user’s device is a hashed “token” for the cookie, which allows us on the server side to know which data to access; however, this token definitively identifies the following data on the server side:

  • Session history: previous page
  • A token generated from the user’s device properties. This is not suitable for identification because we do not store this information; we only hash it in one Every request is hashed regardless of which device it comes from, but if a request’s hash matches the hash of a previous request, we know it belongs to the same session. This allows us to track sessions. (Multiple users can log in from the same machine one after another; in this case, the session is the same, but the user is different, so the session is not suitable for identification.)
  • Referrer: that is, where the user came from to reach the
  • The data collected by cookies is managed by the

2. DATA PROCESSING ON THE WEBSITE

1. Contact Information (Form)

If you send us a message via the form on the site or by email, we process the following data:

  • Data processed: Name, email address, phone number, message
  • Purpose of data processing: Responding to inquiries, providing information about tours, scheduling appointments.
  • Legal basis: Article 6(1)(a) of the GDPR, i.e., the data subject’s consent to the processing of their personal data, as the data subject has decided to submit an inquiry to the Data Controller via the website
  • Data retention period: We store data received via the form only until the purpose of the contact has been fulfilled, or until the retention period prescribed by law (e.g., 3 years in the case of complaint handling)

2. Technical and analytical data (Cookies)

  • Data processed: IP address, browser type, time spent on the site, subpages
  • Purpose of data processing: To ensure the technical operation of the website and to prepare statistical analyses to improve the user experience.
  • Legal basis: Article 6(1)(a) of the GDPR, i.e., the data subject’s consent to the processing of their personal data, as the data subject has chosen to visit the website.
  • Data retention period: We store cookie data until they are deleted, but for a maximum of one year.

3. DATA STORAGE AND SECURITY

The Data Controller takes all necessary technical and organizational measures to ensure data security:

  • The website has an SSL certificate (encrypted channel).
  • We store data on secure servers that can only be accessed by authorized

Access to the personal data you provide is restricted to employees of the Data Controller who are expressly authorized to do so, as well as to persons in a legal relationship with the Data Controller who are involved in performing tasks for the purpose of data processing.

4. DATA TRANSFER TO THIRD PARTIES

We do not transfer data to third parties for any purpose, not even for marketing purposes. The data controller engages Miskolc Holding Zrt. as a data processor for the operation of the website, which provides hosting services to the data controller.

5. LINKS TO EXTERNAL SITES

Our website may contain links to other websites not operated by us (e.g., ticket sales platforms or social media sites). The Data Controller assumes no responsibility for the content or data processing practices of these websites. We recommend that you also read the privacy policy on these websites. 

6.  VISITOR RIGHTS

The data subject may request the Data Controller to correct, delete, or block their personal data, and may request information regarding their data, its source, the purpose of data processing, its legal basis, duration, activities related to data processing, the circumstances and effects of any data protection incidents, and the measures taken to address them. 

  • The data subject has the right to withdraw their consent at any The withdrawal of consent does not affect the lawfulness of data processing based on consent prior to the withdrawal. 
  • Under the right to request information, the data subject may request information from the data controller regarding what personal data is being processed, on what legal basis, for what purpose, from what source, and for how long; or regarding to whom the data controller has granted access to which personal data, when, and under what legal provisions, or to whom the data controller has transferred the personal data.
  • Under the right to rectification, the data subject may request that the data controller correct or supplement data that has been recorded incorrectly or incompletely.
  • Under the right to restriction of processing, the data subject may request that the data controller restrict the processing of personal data until the data subject submits a request to assert a legal claim or until the data controller has assessed the data subject’s request submitted in the exercise of their right to object.
  • Under the right to object, the data subject may object to the processing of their personal When the right to object is exercised, the data controller must demonstrate that the processing is based on compelling legitimate grounds that override the interests, rights, and freedoms of the data subject.
  • Under the right to erasure, the data subject may request the data controller to erase their data, citing the following circumstances:
    • the data subject’s personal data is no longer necessary for the purposes of the data processing,
    • the data subject has withdrawn consent to the processing of their data, and the data cannot be processed on any other legal basis,
    • the data subject has objected to the processing and the data controller has determined that the objection is lawful,
    • the data subject’s personal data has been processed unlawfully,
    • where the law requires the erasure of the

You may submit these requests to the email address fejlesztesikozpont@miskolc.hu.

The data controller shall inform the data subject of the measures taken in response to the request described above without undue delay, but in any event within 25 days of receiving the request. If necessary, taking into account the complexity of the request and the number of requests, this deadline may be extended by an additional two months. The data controller shall provide notice of the extension of the deadline—specifying the reasons for the delay—within one month of receiving the request. If the request was submitted electronically, the notice shall also be

provided electronically where possible, unless the data subject requests otherwise. If we determine that no action is required in response to the data subject’s request, we will inform the data subject without delay, but no later than one month from receipt of the request, of the reasons for not taking action, as well as of the data subject’s right to file a complaint with the data protection authority, and may also exercise their right to judicial remedy. The fulfillment of requests is free of charge; however, if the request is manifestly unfounded or—particularly due to its repetitive nature—excessive, the data controller may, taking into account the administrative costs incurred as a result of the request, charge a reasonable fee or refuse to fulfill the request. If there is reasonable doubt regarding the identity of the data subject submitting the request, additional information necessary to confirm their identity may be requested. 

7. REMEDIES

If you believe that your rights have been violated in the processing of your personal data, please first contact us using one of the contact details provided above. If your complaint cannot be satisfactorily resolved, you may contact the authority:

National Authority for Data Protection and Freedom of Information (NAIH)

  • Address: 1055 Budapest, Falk Miksa Street 9-
  • Mailing Address: 1363 Budapest, O. Box 9
  • Phone: +36 1 391 1400, +36 30 683 5969, +36 30 549 6838
  • Email: ugyfelszolgalat@naih.hu
  • Website: naih.hu

If you believe that the data controller is processing personal data in violation of the rules governing the processing of personal data, you may also bring a claim directly before a court.