Privacy Policy

Privacy Policy

1. The controller’s name and contact details

Regarding the personal data of its current, former and prospective clients and the persons related to those clients (hereinafter jointly referred to as client or clients) the Dr. Szűcs Gábor Law Office (registered seat: 1027 Budapest, Fő u. 62-64. III.3. registered at the Budapest Bar Association Reg. Nr. 352) hereinafter Law Law Office) acts as controller.

2. Relevant legislation

  • Act 53 of 2017 on the Prevention and Combating of Money Laundering and Terrorist Financing (Anti- Money Laundering Act)
  • Act 78 of 2017 on Professional Activity of Attorney-at-laws (Attorneys’ Act)
  • Act 112 of 2011 on the Right of Informational Self-Determination And on the Freedom of Information
  • Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).

3. Definitions

Under this Privacy Policy

  • Controller means the Law Office, determines the purposes and means of the processing of personal data
  • (Data) Processing means any operation performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
  • (Data) Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller
  • Personal Data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • Special Categories of personal data means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data and biometric data aiming at uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation;
  • Client means any natural or legal person inquiring about the Law Office’s services in person, via website, by phone or by any other means, as well as any person entering into an agreement on legal services with the Law Office.

4. The principles of data processing

The Law Office shall take appropriate measures to ensure that their client’s personal data are

  • processed lawfully and fairly, with an appropriate legal basis (lawfulness, fairness and transparency);
  • collected for specified, explicit and legitimate purposes and not processed in a manner that is incompatible with those purposes;
  • adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimisation);
  • accurate and, where necessary, kept up to date (accuracy);
  • kept in a form which permits identification of the clients for no longer than is necessary for the purposes for which the personal data are processed;
  • processed in a manner that ensures the appropriate security of the personal data.

5. The data processed, the purpose, legal basis and period of processing

The Law Office processes the following personal data relating to its clients for the following purposes:

I. inquiries about legal services through website, in person, by phone or by any other means

Personal dataPurpose
nameData that is indispensable to identify the client
email address, telephone numberData that are indispensable to contact the client
subject-matter of the inquiryBased on the information shared by the client, data necessary for providing an appropriate, personalised answer to the client’s inquiry
Legal basis of processingPeriod of processing
GDPR Section 6 subsection (1) a): the client’s consentPerformed for the period specified by the client or until the consent is withdrawn.

II. individual request for an offer

Personal dataPurpose
nameData that is indispensable to identify the client
email address, telephone numberData that are indispensable to contact the client
subject-matter of the inquiryBased on the information shared by the client, data necessary for providing an appropriate, personalised answer to the client’s inquiry
Legal basis of processingPeriod of processing
GDPR Section 6 subsection (1) a): the client’s consentPerformed for the period specified by the client or until the consent is withdrawn.

III. conclusion and performance of an agreement for legal service

Personal dataPurpose
nameData that is indispensable to identify the client
email address, telephone numberData that are indispensable to contact the client
data relating to the subject-matter of the contract (i.e. personal circumstances the data relating to the real estate property concerned,)Necessary for the performance of the contract and the legal services, assignment
data must be recorded according to the Anti-Money Laundering Act and the Attorneys’ Act (personal identification data, copies of identification documents, statement of politically exposed person, beneficial owners’ personal identification data etc.)Based on a mandatory statutory provision
Legal basis of processingPeriod of processing
Proper performance of the assignment mandatory requirements of the Anti-Money Laundering Act and the Attorneys’ Act.Period of performance of the assignment plus five years (the general period available for enforcing civil claims); in case of any resulting documents that cannot be discarded, the retention period will be unlimited, in case of data collected based on the Anti-Money Laundering Act and the Attorneys’ Act, 8 years from the termination of the agreement on legal services, which may be extended in special cases determined by law.

6. The recipients of the personal data

The Law Office shall share clients’ personal data with the following third-party controllers:

  • organisations providing services to The Law Office or its clients (e.g.: companies providing insurance, IT service provider);
  • third parties involved in the performance of assignment agreements (opposing parties, authorities, courts, experts, legal or other service providers involved by us or by the client, public notaries);
  • supervisory authorities and other authorities, other regulatory authorities and bodies.

The client may request personalised information about the personal data processed in relation to him (the purpose and legal basis of processing, the scope of the data concerned, the transfer of the data, the period of processing); the requests may be submitted to the following address: privacy@vauver.com

7. Clients’ rights

a) Right to access
If a client requests, the Law Office has to inform him whether it processes the client’s personal data. The Law Office must provide information to the extent permitted by law. If personal data were not provided by the data person, the Law Office presume that the person who provided the data was authorised. Upon the request of the client concerned, the Law Office shall provide a copy of and access to the client’s personal data and, may charge a reasonable fee.

b) Right to rectification
Clients have a right to the rectification of their personal data. Upon the client’s request, The Law Office shall appropriately rectify or complete the client’s personal data, acting in accordance with the law. The Law Office shall inform the recipients, if any of the client’s personal data about the rectification of such personal data unless notifying the recipients proves to be impossible or requires a disproportionate effort.

c) Right to erasure
Under certain circumstances, clients shall have a right to the erasure of their personal data, and the Law Office shall have the obligation to erase the client’s personal data without undue delay where

  • the personal data are not necessary in relation to the purposes for which the Law Office processes them.
  • the client withdraws his consent on which the processing of his data is based, and there is no other legal ground for the further processing,
  • the processing is necessary for the purposes of the legitimate interests pursued by The Law Office or by a third party, and the legitimate ground for the processing of such personal data does not override the client’s objection.

d) Right to the restriction of processing
To the extent permitted by law, the client may request the restriction of the processing of his personal data. Such right does not apply to anonymous data and to personal data that concern another person.

The Law Office shall restrict the processing of the client’s personal data if the client requests the restriction and

  • the Law Office no longer needs these data for the purposes of the processing, and
  • the client objects to the processing of his personal data that are necessary for the purposes of the Law Office’s legitimate interest, and the client is waiting for the confirmation of whether there is a legitimate ground for the Law Office’s processing of the client’s personal data that does not override the client’s objection.

e) Right to data portability
Clients shall have the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

f) Deadline for requests of clients as data subjects
The Law Office shall respond to the requests submitted in relation to the above rights of the client within the following deadlines.

Data subjejt’s requestDeadline
Right to informationAt the time of collection, or within 30 days
Right of accesswithin 30 days
Right to rectificationwithin 30 days
Right to erasurewithout undue delay, within 10 days at the latest
Right to restriction of processingwithout undue delay, within 10 days at the latest
Right to data portabilitywithin 30 days
Right to objectat the time of the receipt of the objection

g) Right to submit complaints
If the client believes that his rights have been infringed, the client should initiate negotiations with the controller by directly contacting. If such negotiations are unsuccessful or if the person concerned does not wish to participate in such negotiation, he may bring the matter to the court or NAIH.

NAIH’s contact details:
Registered seat: 1055 Budapest, Falk Miksa u. 9-11.

Postal address: 1363 Budapest, Pf.: 9.

telephone: +36 1 391 1400
email: ugyfelszolgalat@naih.hu
website: www.naih.hu

The Law Office reserves the right to amend this Policy at any time. The Law Office shall notify its clients of such amendments in accordance with the applicable legislation.