Privacy and Data Processing Policy

1. Introduction and general information

This privacy and data processing policy (hereinafter referred to as the “Policy”) outlines the privacy and data management principles of Sándor Szabó (hereinafter referred to as the “Data Controller”) for the website available at https://sandorszabo.com (hereinafter referred to as the “Website”).

2. Contact details of the Data Controller

• Name: Sándor Szabó
• Adress: 2600 Vác, Garam u. 7.
• E-mail: contact@sandorszabo.com

The provisions of this Policy are in accordance with the General Data Protection Regulation of the European Parliament and Council (EU) 2016/679 (hereinafter referred to as GDPR).

3. Scope of data processed, legal basis, and purpose

Before initiating data processing, the data subject explicitly consents to the processing of their personal data by ticking the appropriate checkbox. By providing consent, the data subject acknowledges and accepts the terms outlined in this Policy. Consent is voluntary and can be withdrawn at any time via the contact details provided by the Data Controller.

Data processing for the contact form:

• Data processed: Name, email address, and message content.
• Purpose: Communication with visitors.
• Legal basis: Consent of the data subject (Article 6(1)(a) GDPR).
• Retention period: Data is retained for a maximum of 1 year to fulfill the purpose of communication.

Google Analytics:

• Data processed: IP address (anonymized), browser type, visit duration.
• Purpose: Collecting statistical data to improve the website and user experience.
• Legal basis: Consent of the data subject (Article 6(1)(a) GDPR).
• Retention period: Data is stored in Google’s systems until the cookie expiration date.

Embedding YouTube videos and Bandcamp content:

• Data collected by third parties: IP address, user interactions (e.g., video play/pause, referrals from embedded content).
• Purpose: Displaying and operating multimedia content.
• Legal basis: Consent of the data subject (Article 6(1)(a) GDPR).

4. Cookie policy

The Website uses cookies to enhance user experience, gather statistical data, and provide certain functionalities. Non-essential cookies require the visitor’s consent, which is communicated via a cookie banner on the Website.

1. Types of cookies used:
   • Necessary cookies: Ensure the basic functionality of the Website, such as navigation. No consent is required.
   • Statistical cookies: Collect information on website usage (e.g., visitor behavior) such as Google Analytics cookies. Consent is required.
   • Third-party cookies: Required for displaying YouTube and Bandcamp content. These cookies facilitate multimedia functionalities.
2. Managing cookies: On first visit, users can accept or customize cookie settings via the cookie banner. Decisions can be modified at any time through the “Cookie Settings” link on the Website.
3. How to manage cookies? Cookies can be deleted or disabled through your browser settings. For more information, please refer to your browser’s help section.
4. Cookie storage duration:
   • Session cookies: Automatically deleted when the browser is closed.
   • Persistent cookies: Remain on the device until their expiration date (e.g., 1 year) or until manually deleted by the user.
5. Additional information:
   • Details on Google Analytics cookies can be found in Google’s cookie policy olvashat bővebben.
   • Information about YouTube cookies is available in Google’s privacy policy.
   • Bandcamp’s cookie policy is detailed in Bandcamp’s privacy guidelines. .

5. Data deletion

Upon request by the data subject or withdrawal of consent, personal data will be deleted without delay unless data retention is required by law.

5. Data transfer

The Website does not transfer data to third countries or international organizations.

6. Rights of data subjects

Visitors (identified or identifiable natural persons, hereinafter referred to as “Data Subjects”) have the following rights regarding data processing:

• Right of access: Upon request, the Data Controller is obliged to inform the Data Subject about the processing of their personal data and provide access to such data if required.
• Right to rectification: The Data Controller must rectify inaccurate personal data or complete incomplete data concerning the Data Subject without delay upon request.
• Right to erasure: The Data Controller must delete the Data Subject’s personal data without delay upon request if one of the following grounds applies: [specific grounds listed].
• Right to restriction of processing: Upon request, the Data Controller must restrict the processing of personal data if the Data Subject disputes its accuracy, the lawfulness of processing is in question but the Data Subject does not request deletion, or if the Data Controller no longer requires the data but the Data Subject wishes to retain it for legal claims. Restricted data may only be stored or processed with the Data Subject’s consent or as required by law. The Data Controller will inform the Data Subject before lifting the restriction.
• Right to object: The Data Subject has the right to object to the processing of their personal data at any time. This can include unsubscribing from newsletters.
• Right to data portability: The Data Subject may request their personal data in a portable format and transfer it to another Data Controller without hindrance.
• Right to withdraw consent: The Data Subject may withdraw their consent to data processing at any time. The Data Controller must delete the data processed based on such consent. Withdrawal does not affect the lawfulness of data processing prior to withdrawal.
• Right to legal remedy: The Data Subject may submit complaints or requests regarding data processing by post to the Data Controller’s address or via the email provided. Complaints will be addressed without delay, within 30 days at most.

f the Data Subject believes the Data Controller has violated data protection laws, they may contact a court (competent tribunal) or file a complaint with the National Authority for Data Protection and Freedom of Information (Address: 1363 Budapest, Pf. 9., Office: 1055 Budapest, Falk Miksa utca 9-11., Phone: +36-1-391-1400, Fax: +36-1-391-1410, Email: ugyfelszolgalat@naih.hu, website: https://naih.hu) is. Appeals against decisions of the supervisory authority may be brought before a court.

7. Data Security

The Data Controller takes all necessary technical and organizational measures to ensure data security (e.g., network protection, regular backups).

8. Updates and modifications

The Data Controller reserves the right to modify the Policy and will notify visitors through the Website.

Date: Vác, January 6, 2025