DATA MANAGEMENT INFORMATION

1. Data Controller

1.1 Name and contact details of the controller:

Data manager: Airport Service Budapest Ltd.

Headquarters: 1181 Budapest, 12 Darányi Ignác street.

Mailing address: 1181 Budapest, 12 Darányi Ignác Street.

E-mail address: info@asaviation.eu

Phone: +36-1-294-7294

Fax: +36-1-297-3871

Website: www.asaviation.eu

This Policy may be unilaterally amended and/or revoked at any time by the Data Controller by informing the Data Subjects at the same time. The information shall be provided by publication on the website or by direct notification of the Data Subjects, depending on the nature of the change.

The Prospectus is a guide to regulation (EC) No 679/609 of the European Parliament and of the Council (GDPR), the 2011 Convention on the Right to Information Self-Determination and freedom of information. It is therefore appropriate to apply the Act 2013 (“Infotv.”), the Civil Code Act 2013. It is therefore necessary to provide for the application of this Directive.

2. Purpose of data processing

2.1 Advertising of services and providing information to visitors to the website

Presentation of the company

Indication of the company’s contact details

Presentation of the services offered by the company

Stay in touch with interested people

Legal basis for data processing: Legitimate interest

– The legitimate interest of the controller is to

The data subject provided the data controller with the data subject’s data in accordance with point A during his/her visit to the website.

The data processed:

Personal identification information (surname, first name, contact (telephone number, e-mail address), date, time, address of the page visited, IP address of the user’s computer, information and photos on the cv, and other information voluntarily provided by customers.

For services of interest, the data processed is:

Name

E-mail address,

Message sent by a data subject, other information provided by him or her in the message (e.g. telephone number, alternate e-mail address, home address, location).

If the data subject provides personal data in the freely filled message which is not necessary for the Data Controller to process the personal data in accordance with the purpose of the function available on the website, the Data Controller shall immediately take action to delete the unnecessary personal data.

Consequence of non-disclosure: The provision of personal data depends on the decision of the Data Subject, but without a name or e-mail address, he/she will not be able to send the message.

2.2 Select a new workforce for the Data Controller:

The purpose of the processing is to apply for a job advertised by the Data Controller, to evaluate the application and to establish an employment relationship.

Legal basis for data processing: Consent

The data processed:

Name

E-mail address,

A job applied for,

Payment demand,

A message written by a candidate,

When applying for a job on the website, you may attach a cv (but optional) containing the information provided by the applicant, in particular:

The data provided above,

Education, educational attainment, certificate of qualification, their IDs and the date on which they were obtained,

Hobbies, interests,

References,

Permanent address, place of residence,

Former employer and position there,

In the case of foreign workers, the existence of a work permit,

Portrait

Other information provided by the applicant,

If the data subject provides personal data in the freely filled message which is not necessary for the Data Controller to assess the job application, the Data Controller shall immediately arrange for the deletion of unnecessary personal data.

Consequence of non-disclosure: The provision of personal data depends on the decision of the Data Subject, but in the absence of a name and an e-mail address, he/she is unable to submit the application.

3. Scope of stakeholders

Users, interested parties, contact persons who have entered the https://asaviation.eu/ website, or people who apply for the job.

4. Children

Our services and vacancies are not for persons under the age of 16 and we ask that persons under the age of 16 do not provide Personal Data to the Data Controller. If we become aware that we have collected personal data from a child under the age of 16, we will take the necessary steps to delete the data as soon as possible.

5. Duration of data processing

In the case of consent: pending the withdrawal of the Data Subject’s consent

In the event of a legitimate interest: until the Data Subject’s objection

IP address………….,30 days

6. Information on the use of a data processor

The operation of this website is conducted by Airport Service Budapest Ltd. 1181 Budapest, 12 Ignác Darányi Street. Cg. 01 10 047134

7. Scope of persons entitled to know the data

The data collected shall not be transferred by the controller to a third party except the designated processor. Only designated employees of the controller and processor shall be able to know the recorded data.

8. Automatic decision-making

Data controller does not use an automatic decision-making system.

9. Rights of data subjects

The Data Subject may, in the case of the data subject, take the following: You can request the data contact information indicated in point 2:

request to provide information on the processing of your personal data,

request that your data be corrected,

request the deletion of your personal data or restrictions on the processing,

object to data processing

request the transfer of your data to another controller if the processing is based on a contract or consent and is processed by the Organisation through an automated process.

may provide for the withdrawal of your previously consent to the processing

You may exercise the rights of the data subject at any time.

In addition, the Data Subject may, in the case of the data subject, be subject to the You can send it to the Data Controller at one of the contact addresses indicated in point 2.

request the transfer of your data to another controller if the processing is based on a contract or consent and is processed by the Organisation through an automated process.

may provide for the withdrawal of your previously consent to the processing

The Data Controller will investigate the notification no later than 1 month after the application has been submitted.  It shall inform the Data Subject in writing of the outcome of the investigation.

If it establishes the merits of the plea of objection, it shall terminate the processing, including the transmission and further data, and block the data as soon as possible. Notify all those to whom you have previously forwarded the Data Subject’s data to whom you have previously transmitted the data of the Data Subject.

If the Data Subject does not agree with the decision taken by the Organisation, he or she may refer the matter to court within 30 days of its notification.

9.1 Cost of information

The Organisation shall provide the measures and the necessary information free of charge for the first time.

If, within one month, the Data Subject has been subject to the conditions laid down in Article 2(1) and (2 the data that have not changed during this time will be charged by the Data Controller.

The administrative cost accounting is based on the cost per hour of the current minimum wage as an hourly rate.

The number of hours worked for information, calculated at the former hourly rate.

In addition, in case of paper information requirements, the cost of printing the response is cost-cost and postage cost.

9.2 Refusal to provide information

If the data subject’s request is clearly unfounded, he or she shall not be entitled to information or the Organisation, as a controller, to prove that the Data Subject has the requested information and the controller rejects the request for information.

If the request concerned is excessive because of its particularly repetitive nature, the Organisation may refuse to take action on the basis of the application if:

for the third time in one month, the data subject shall be alive in the case of the same subject in the case of the person concerned in the case of the same subject as in Articles 15 to 22. The commission shall submit a request for an application for the exercise of its rights under Article 10.

9.3 Right to protest

The data subject has the right to object at any time to the processing of his/her personal data on the basis of a legitimate interest or a power of public authority.

In this case, the Organisation may no longer process personal data unless it proves that the processing is justified by compelling, legitimate reasons which take precedence over the interests, rights and freedoms of the data subject or which relate to the submission, enforcement or defence of legal claims.

If it establishes the merits of the plea of objection, it shall terminate the processing, including the transfer of data and further data, as soon as possible. Notify all those to whom you have previously forwarded the Data Subject’s data to whom you have previously transmitted the data of the Data Subject.

The processing of the request is free of charge, except for unsubsted or excessive requests, for which the Data Controller may charge a reasonable fee according to his administrative costs. If the Data Subject does not agree with the decision taken by the Data Controller, he or she may go to court.

10. Transfer to a third country or international organisation

The Data Controller does not transfer the Data Subject’s personal data to a third country or international organisation other than the States of the European Economic Area.

11. Information on data security measures

The data are processed by the Data Controller in a closed system according to the expectations of the Information Security Policy.

The data controller ensures the default and built-in data protection. To this end, the Controller shall apply appropriate technical and organisational measures to ensure that:

precisely regulate access to data;

grant access only to persons who need access in order to carry out the task with it, and only data which is minimally necessary to perform the task shall be granted access;

carefully select the processors it mandates and provide for the security of the data by appropriate data processing contract;

ensure that the data processed is unchanged (data integrity), its authenticity and protection.

The Data Controller shall apply reasonable physical, technical and organisational security measures to protect the Data Subject’s data, in particular against the accidental, unauthorised, unlawful destruction, loss, alteration, transfer, use or processing of data subjects. The Data Controller shall immediately notify the Data Subject in the event of known access to personal data and which is at high risk to the data subject.

The data controller, where the transmission of Data of the Data concerned is necessary, ensures that the data transmitted is adequately protected, for example by encrypting the data file. The Data Controller is fully responsible for the processing of data carried out by third parties.

The Data Controller shall ensure that the data of the Data Subject is protected from destruction or loss, both with appropriate and regular backups.

12. Remedies

Any data subject may refer any suspected breach of law in relation to the processing of his/her personal data to the competent tribunal, the Metropolitan Tribunal in the capital or to initiate an investigation with the National Data Protection and Freedom of Information Authority

Headquarters: 1125 Budapest, Elisabeth Szilágyi tree row 22/c

Postal address: 1530 Budapest, Pf.: 5

E-mail: ugyfelszolgalat@naih.hu

Phone: +36 (1) 391-1400

Fax: +36 (1) 391-1410

Website: www.naih.hu

The User may take the right to a court in case of violations of the user’s rights. The tribunal is responsible for the examination of the case. The action may, at the choice of the data subject, be brought before the tribunal of the place of residence or residence of the person concerned. Data Controllers shall, upon request, inform the data subject of the possibility of redress and of the means of

ON THE MANAGEMENT OF THE CVS, JOB APPLICATION MATERIALS AND PERSONAL DATA CONTAINED THEREIN</strong >

Airport Service Budapest Ltd. (hereinafter referred to as the Company) as a data controller for the purpose of carrying out its activities related to its human resources management and the selection of prospective employees is given below, which it considers to be binding and to be followed.

In doing so, the Company shall, in this prospectus and in accordance with Article 2016/679 of the European Parliament and the Council (EU) on the protection of natural persons with regard to the processing of personal data and the free movement of such data, be included in this notice. Regulation (HEREINAFTER REFERRED TO AS THE GDPR)(2) and the 2011 Convention on the Right to Information Self-Determination and freedom of information. It is therefore appropriate to take into regard to the provisions of The CXII Act of 2006 (‘Info tv’).

1./ Identity and contact details of the controller: Airport Service Budapest Private Limited Company (abbreviated name: Airport Service Budapest Ltd.), registered office: 1181 Budapest, DarányiIgnác utca 12., telephone: +36 1 294 72 94, email address: info@asaviation.eu, website address:www.asaviation.eu

2./ How job applications and CVs are submitted: application materials, CVs can Budapest only be transmitted electronically to the Company’s hr@asaviation.eu e-mail address or in a closed envelope in a closed envelope addressed to the Company’s headquarters address (1181 Budapest, Darányi Ignác utca 12.

3./ Purpose of the processing of personal data: to obtain and evaluate job applications, cVs received by the Company, to register job seekers, to provide personalised notification of job seekers and job applicants, cv applicants, contacts, organisation of personal interviews.

If the Company intends to use the data provided for purposes other than the purpose of the original survey, it shall inform the data subject thereof and obtain his prior express consent or give him the opportunity to prohibit the use.

4./ Legal basis for data processing:

(a)the receipt of job applications and CVs in the above manner and the (b)) In the period between the granting of its contribution under point 6 of the GDPR, the amount of the aid shall be granted in accordance with article 6 of the GDPR. whereas, in order to take the necessary information, it is in the legitimate interest of the Company;

(b) (a) in the case of a non-dot, the figures for the purposes of Article 6(1) of the GDPR shall The company’s registered office or the company’s registered office or the company’s designated staff member at the Budapest Liszt Ferenc International Airport, or by post or scanned form, to the info@asaviation.eu e-mail address, is provided to the Company personally at the company’s headquarters or in the baggage hold operated by the Company at Budapest Liszt Ferenc International Airport, or by post or scanned form, electronically, to the info@asaviation.eu e-mail address.

It is in the Company’s legitimate interest to have adequate human resources at its disposal for the performance of its activities, so it is also in its interest to contact the persons who seek employment in the labour market and who have entered the Company in their contact details. A.) The processing of data under point 2 shall not disproportionately restrict the personal rights of applicants and jobseekers, given that the purpose of this is solely to contact the applicant. The rights of the data subjects are guaranteed that only the authorized employees of the Company will be able to know their personal data and that, in the absence of the data subject’s consent, the personal data at their disposal will be deleted within the period specified below.

5./ Possibility of withdrawing consent: the data subject may withdraw his/her consent to the processing of his/her personal data at any time in a written statement to the Company as set out in subparagraphs 2/ and 4/4(b). The withdrawal of consent shall not affect the lawfulness of the processing carried out prior to the withdrawal.

6./ Scope of personal data processed: personal data contained in the CV/job application and personal data provided by the applicant during the selection procedure.

7./ Recipients of personal data and categories of recipients: </strong >personal data submitted by applicants shall be known only to the employees, contracting partners of the Company in charge of certain tasks related to the recruitment of human resources, as the designated staff of the data processor (hereinafter referred to as the Data Processor), until the submission of the consent declaration is made, and only the Company’s employees, employees, data processing employees and contributors involved in the application/selection process are only known to the Company. In addition to the exceptions contained in this prospectus, the Company does not divulge incoming job applications or CVs for statistical or other purposes, does not disclose the information known, and provides information on the evaluation of the vacancies submitted only to the data subject and at his/her request. The Company will provide applications received only at the request of a court, investigating or other authority, in the event of formal request, the exact purpose of the request and the details of the data requested.

8./ Information on the use of the processor: The Data Controller uses a Data Processor in the performance of the processing provided in this notice.

Name of data processor: HR Positive Personnel Consulting Limited Liability Company Headquarters: 2083 Falcon, Worker Street 39.

Company Registration No: 13-09-206492

In particular, it is the task of the processor to prepare the application materials, cVs submitted to the Data Controller, prepare decisions, make proposals, conduct interviews, prepare documents relating to the employment of the applicant for employment, and, in the case of an assignment, to the competent authority of the legal relationship.

9./ Duration of storage and processing of personal data: 3 months.

The Company shall delete the deadline set in the invitation to provide consent of the applicant (15 days) or within 15 days of the conclusion of the application procedure, unless the applicant agrees to further process his/her personal data, with a view to being informed of future applications, vacancies and access to the recruitment database. If the applicant consents to the further processing of his/her personal data, the Company may process the personal data for 3 months only for the purposes set out above. After 3 months after the submission of the application, the cv/application material submitted will be destroyed and personal data will be deleted.

If the applicant withdraws his/her consent, the company’s personal data and cv and application material will be destroyed immediately after the withdrawal of the consent.

If an employment contract or other employment contract is concluded with the applicant, the Company will provide the employee/agent with separate data processing information at the time of the establishment of the legal relationship and the processing of the data may continue under the terms and conditions set forth therein.

10./ Rights of the data subject in connection with the processing of data:</strong >

The applicant concerned shall be entitled to be informed of the processing of his/her personal data. The applicant may request access</strong >from the Company to the personal data relating to him or her , i.e. to receive feedback from the Company as to whether the personal data is being processed and, if so, the right to have access to personal data and data processing information. The Company shall also make available to the data subject, at the request of the data subject, a copy of the personal data which constitutes the processing. The data subject may also request the rectification, addition,</strong >deletion or restriction of the processing of his/her personal data. The Company shall, at the request of the data subject, delete the personal data relating to the data subject without undue delay if there are any of the following reasons:

a.) personal data are no longer required by the Company for the purposes set out above, or the period of processing has expired;

(b) the data subject withdraws his/her consent to the processing of his data;

(c)if the data subject objects to his data processing;

(d) where personal data have been unlawfully processed;

(e)) where personal data are to be deleted in order to fulfil a legal obligation imposed by Union or domestic law.

At the request of the data subject, the Company shall restrict the processing if the accuracy of the personal data is disputed or the processing is unlawful, or if the data subject objects to the processing, or if the Company no longer needs the personal data provided, but the data subject requests it to submit and pursue legal claims.

The data subject may object to the processing of his or her personal data for reasons relating to his or her own situation, where the processing is based not on the consent of the data subject but on a necessity in the interest of the public interest or for the purpose of carrying out a public authority activity, or the processing is necessary for the legitimate interests of the Company or third parties, or where the processing of the personal data is carried out for the purpose of direct marketing.

The data subject shall have the right to data portability</strong >, i.e. the data subject may receive or transmit the personal data relating to him or her in a articulated, widely used, machine-readable format to another undertaking, organisation or person. The processing is carried out in an automated manner. The data subject may also request that his/her personal data be transferred directly to the Company.

The data subject may refer questions and observations about the operation of the Company as a data controller, the processing of his/her personal data, via the central email address indicated above. The Company shall examine the applicant’s application as soon as possible and not later than one month after its submission and, if it is well founded, take action to inform the applicant in writing. If necessary, this period may be extended by a further two months. If the Company does not take action at the request of the data subject, it shall inform the data subject of the reasons for the non-action and of the remedies available to the data subject.

11./ The possibility of turning to the supervisory authority and judicial enforcement:</strong >

The (applicant) concerned is subject to the Civil Code Act 2013. Under The V. Act 2010, you can claim your rights in court if you have suffered property damage or personal injury by the processing, you may claim compensation and/or damages from the controller for the damage suffered or for damage. From 25 May 2018, the data subject may bring the data subject to court in the absence of damage if he considers that the processing of his data was unlawful and may request that the unlawful processing be terminated, that the processing is restored lawful and that his rights be ensured.

In addition, if the data subject considers, following a written request from the Company, that he has committed an infringement in connection with the company’s activities or omission in the processing of its data, he or she may initiate an administrative procedure with the National Data Protection and Freedom of Information Authority (‘NAIH’) to investigate his complaint.

NaiH contact: 1125 Budapest, Elisabeth Szilágyi tree sor 22/c., mailing address: 1530 Budapest, Pf. 5., e-mail: ugyfelszolgalat@naih.hu, website: www. naih.hu, Tel: +36 1 391 1400, Fax: +36 1391 1410.

12./ Further information on data processing: the provision of personal data is not based on law or contractual obligation and is not a prerequisite for the conclusion of a contract.

Consequence of the non-disclosure: in this case the data subject does not participate in the Company’s tendering and selection procedure. Please note that automated decision-making is not made during the processing of personal data.

13./ Data security measures:

The Company undertakes to ensure the security of the data and to take technical and organisational measures to ensure that the personal data collected, stored or processed are protected. The Company protects stored data against unauthorized access, alteration, disclosure, deletion or destruction.

The Company shall ensure the safe storage and preservation of cVs as follows:

(a)access to the applications for work submitted shall be accessible only to the rightholders, and

(b) protect access by establishing appropriate eligibility levels, and

(c)continuously monitor and review the security measures taken in the interests of efficiency and safety.

Budapest, 2020. 1 July 2005

COOKIE POLICY

Our website uses cookies. A cookie is a small file of letters and numbers that is stored on your computer, if you allow it. These cookies help us to distinguish you from other users when browsing the site, so that you can have a more complete experience and are also useful for improving the site.

For detailed information about the types of cookies we use and the purpose for which they are used, please refer to our Cookie Policy below.

What’s a cookie?

A cookie is a small text file that may be placed on your browsing device with your consent under the EU Data Protection Regulation. We may use cookies for a variety of purposes, which are described in detail below. Cookies allow you to remember your personal preferences and preferences (such as language preference, font size, display settings, etc.) for a given period of time, so that you do not have to set them up every time you visit, so you have a more complete experience.

By continuing to use this website, you consent to the use of cookies. You may block or even disable cookies through your Internet browser or third-party software, but you may experience difficulties in using certain parts of the website.

If you consent to the use of cookies, this may mean:

Improving the functionality of our website: Cookies help us improve the functionality of our site, to make your experience more personal (for example, our site remembers your display preferences) and so that you can use many useful features.

Improving the performance of our website: Cookies help us understand how our site is used, for example, to let us know when you receive an error message while browsing. These Cookies collect the most aggregated and anonymous data.

Appropriate online advertising (including social media) display: Cookies used for these purposes are often placed on our Websites by other organizations that provide us with special services. These Cookies may collect information about your online behaviour, such as your IP address, the website from which you came from

Measure the effectiveness of our marketing communications (including online advertising): these cookies show you when you’ve watched an ad and how long you’ve watched it. This information helps us measure the effectiveness of our online ads and control how many times an ad is shown to you.

Click here to delete cookies

If the “cookies accepted” still visible, after clicking the link above, please relaod the site