Effective from: April 30, 2023
Data Controller: Takács Law Firm
Website: www.tlegal.hu
Head Office: Vajk u. 6., 2120 Dunakeszi, Hungary
Representative: Dr. Bence Takács
1. Purpose of this Privacy Policy
This Privacy Policy describes the data management practices of Takács Law Firm (hereinafter: “Data Controller”) on its website www.tlegal.hu, including the methods of collecting, storing, and using personal data.
This document complies with Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter: “GDPR”) and the provisions of Hungarian Act CXII of 2011 on Informational Self-Determination and Freedom of Information (“Infotv.”). The terminology used in this policy corresponds with Article 4 of the GDPR and, in specific instances, is further supplemented by the interpretative provisions of Section 3 of Infotv.
In all matters not explicitly covered in this Privacy Policy, the GDPR shall apply, and, where applicable, the Infotv. serves as supplementary regulation.
2. Amendments and Notifications
The Data Controller reserves the right to amend this Privacy Policy at any time. The most current version will always be accessible on the website and at the firm’s office. Should any changes affect the processing of personal data, the affected parties will be notified appropriately (e.g., via email). If the nature of data processing changes, the Data Controller may request renewed consent.
3. Principles of Data Processing
The Data Controller is committed to ensuring the security of personal data and adhering to the following principles during processing:
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimization
- Accuracy
- Storage limitation
- Integrity and confidentiality
- Accountability
The Data Controller handles all personal data confidentially and only for clearly defined purposes, in line with GDPR requirements.
4. Data Processing via the Website
Contact Form
Users can get in touch with the Data Controller through the contact details or contact form provided on the website.
- Purpose of processing: Responding to inquiries and maintaining communication
- Types of data processed: Name, email address, phone number (if applicable), and message content related to the legal matter
- Legal basis: Consent of the data subject (Article 6(1)(a) GDPR)
- Retention period: Until the inquiry is answered or the purpose is fulfilled, unless deletion is requested sooner
- Method of processing: Electronically
- Source of data: Provided directly by the data subject
- Automated decision-making / profiling: Not used
- Consequence of not providing data: Communication with the Data Controller will not be possible
- Access to data: Employees of the Data Controller and, if applicable, data processors
- International transfers: None
Questionnaire Submission
To simplify and expedite the service process, the Data Controller may offer questionnaires to be filled in by prospective clients.
- Purpose: Preparation of legal services and initiating contact
- Data processed: Name, email address, phone number, and case-related information
- Legal basis: Consent (Article 6(1)(a) GDPR)
- Retention period: 1 year from submission
- Method: Electronically
- Automated decision-making / profiling: Not used
- Access to data: Employees of the Data Controller and potential data processors
- International transfers: None
- Note: While providing this data is voluntary, it significantly supports efficient case handling and communication.
5. Data Processors
Data processors may act only on instructions from the Data Controller and do not make independent decisions. They process personal data solely within the scope of their contractual obligations with the Data Controller and in compliance with the GDPR.
The Data Controller uses the following data processor for the purposes outlined in this policy:
| Processor Category | Purpose | Name | Address | Company Reg. No. |
|---|---|---|---|---|
| Hosting provider | Web hosting services | Yopa Tanácsadó és Fejlesztő Kft. | H-3534 Miskolc, Előhegy u. 2/C | 05-09-029128 / 25745959-1-05 |
6. Your Rights as a Data Subject
As a data subject, you have the following rights regarding your personal data:
Right to Access and Information
You have the right to request confirmation on whether your personal data is being processed, and to receive access to the following:
- Whether processing is taking place
- The purpose of processing
- Categories of personal data involved
- The recipients or categories of recipients of the data
- Planned data retention period
- Information about your rights and remedies
Response time: Within 1 month of request receipt (extendable by 2 months with justification).
Right to Rectification
You can request correction of inaccurate data or completion of incomplete data without undue delay.
Right to Object
You may object to the processing of your personal data when:
- It is based on public interest or legitimate interest (GDPR Article 6(1)(e) or (f))
In such cases, the Data Controller shall cease processing unless compelling legitimate grounds override your interests or the processing is necessary for legal claims.
Right to Restriction of Processing
You may request restriction of processing when:
- You contest the accuracy of the data (for the period necessary for verification)
- Processing is unlawful but you oppose deletion
- The Data Controller no longer needs the data, but you require it for legal claims
- You objected to processing and verification is pending
During restriction, only storage is allowed, unless otherwise legally required.
Right to Erasure (“Right to Be Forgotten”)
You may request the deletion of your data if:
- It is no longer necessary for the purposes collected
- You withdraw consent and there is no other legal basis
- You object and no overriding legitimate grounds exist
- The data was unlawfully processed
- Legal obligations require deletion
- The data was collected in relation to online services offered to children
Right to Data Portability
You may request to receive your personal data in a commonly used, machine-readable format (e.g., XML, CSV) and transmit it to another controller, if:
- Processing is based on consent or a contract
- Processing is carried out by automated means
Right to Withdraw Consent
If processing is based on your consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal. In some cases, the Data Controller may continue processing on another legal basis.
7. Legal Remedies and Complaints
If you believe your data is being handled unlawfully, you may:
- Contact the Data Controller at: info@tlegal.hu
- File a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH):
- Address: 1055 Budapest, Falk Miksa utca 9-11.
- Mailing address: 1363 Budapest, Pf. 9.
- Phone: +36 (1) 391-1400
- Email: ugyfelszolgalat@naih.hu
- Website: www.naih.hu
- Initiate court proceedings before your local or temporary residence’s competent regional court (you can find it at https://birosag.hu/birosag-kereso).