Privacy Policy and Statement for Data Management
1. Information
The purpose of this Statement is to provide information about the principles of data protection and data management applied by Juhász Benjámin e.v. (hereinafter: Data Controller) regarding the service that is provided on PREFLOPWHILZ.COM (hereinafter: Service). The Service Provider acknowledges these principles as binding.
The Service Provider has taken into particular consideration the following legal rules: Act CXII of 2011 on the right to informational self-determination and on the freedom of information, Act VI of 1998 on the proclamation of the Convention of Strasbourg of 28 January 1981 for the protection of individuals with regard to automatic processing of personal data, Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities [Advertising Act], Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and the recommendations of the "ONLINE PRIVACY ALLIANCE".
The aim of this Policy is to ensure that the fundamental rights and freedoms, in particular the right to the protection of personal data in case of automatic processing at all fields of the services provided by the Service Provider for all individuals are respected, whatever be their nationality or residence.
Data Controller reserves the right to modify this statement and policy anytime.
Should the User have a question that this policy does not answer, write to us and our colleague will respond to it.
The Data Controller is committed to protect the personal data of its partners and users and considers it important to respect the right to informational self-determination. The Data Controller treats the personal data as confidential and takes all the protective, technical and organisational measures to ensure the safety of the data.
Name of Data Controller: Juhász Benjamin SP.
Address of Data Controller: Petőfi street 166/A. Budapest 1196 (Hungary)
2. Scope of the personal data management
2.1. Subscription data
When the User subscribes to the Service and creates a platform account, they have to give the following of their own Personal Data (Subscription Data):
● e-mail address
The Service Provider collects, processes and uses the Subscription Data in order to ensure the Service for each and every User.
2.2. Payment Data
Besides your Subscription Data, you also have to give the following payment data in order to be able to pay for the Service:
· last name, first name, e-mail address of the cardholder and the data of the payment card
The Service Provider will collect, process and store the Payment data through Stripe payment service provider with the aim of ensuring the Services and the payment services for each of the Partners. A part of the credit card number will be hidden when displaying. STRIPE will process the Payment Data of the Partner according to the most secure measurements in the e-commerce industry. The transactions are processed in a safe and secure way.
3. The legal basis of data management, principles of the site’s data management
The Management of data is based on the voluntary, properly informed statement of the User of the Service which includes their explicit consent for the use of their personal data provided and generated during the use of the site. The legal basis for the management of data is the voluntary consent of the person concerned.
● The primary aim of processing the personal data is to ensure the Services according to the contracts that were concluded with us. We collect and process the personal data that are given during the installation and the use of the services. Providing these data is one of the prerequisites of using our Services.
● Processing the personal data can be based on legitimate interest as well. For instance, when it is necessary in order to examine and recognise the use of the service that does not correspond to the Terms and Conditions.
● The legal basis of the data processing with marketing purposes is the explicit consent of the User given on the site.
The Data Controller is not allowed to use the provided personal data for other purposes than the ones listed above. Separate consent of the User is not required when the Data Controller that is named in this Policy transfers data to its partners. Disclosure of personal data to a third party or to the authorities - unless otherwise provided by law with binding force- is only possible in case of an authority’s decision or the prior and explicit consent of the User.
The Data Controller does not verify the personal data that it handles. Solely the provider of them is responsible for their appropriateness.
The Data Controller places a small file, a so-called cookie in the computer of the user in order to customize the service. By using the Service, the user accepts the placement of the cookies in his computer.
The Data Controller can ensure as a technical intermediate that during the use of the Service and the visit of the site of the Data Controller’s partners, the third parties collaborating with the Data Controller (especially Google Inc.) use cookies to store if the user has previously visited the site of the service provider. The Data Controller can display advertisements for the user based on this.
The user can delete the cookie from their own computer and can also set in their browser to block the Service of the cookies. Furthermore, Google ensures that the user can block – on the site that serves for blocking the ads displayed by Google (http://www.google.hu/privacy_ads.html) – the cookies that were placed by Google. Blocking or deleting the Service of the cookies can make the use of the website more uncomfortable for the user.
The visitor of the site that uses the Service can voluntarily subscribe to a periodic newsletter that contains the services of the Data Controller and information regarding them. Moreover, the visitor can give their consent for the Service Provider to send them content that serves for marketing purposes.
The User has to give their real e-mail address in order to subscribe for the newsletter.
The Data Controller uses this data solely for sending newsletters or marketing related contents. The Data Controller does not connect it with any other data, does not use it for other purposes and lastly does not transfer it to third parties with the aim of data management.
The Data Controller irrecoverably and without delay erases the e-mail address of the user when they unsubscribe from the newsletter.
We provide information concerning the data management not mentioned here when collecting the data.
5. The data protection principles used by the Service Provider
The Service Provider uses the data that are essentially necessary for the usage of its service for definite purposes and based on the consent of the people concerned.
The Service Provider as Data Controller undertakes to guarantee that it manages the provided data according to the related legal rules and this Policy and does not disclose the provided data to third parties other than the Data Controllers defined in this policy.
The use of statistically aggregate data constitutes an exception from this point. Statistically aggregate data cannot contain the name of the User concerned or any other data that is suitable for identification and therefore the use of it is not regarded as Data Management or Data Transfer.
In certain cases, the Service Provider discloses the available data of the User to third parties. Such cases can be: official judicial or police request, legal procedure because of copyright infringement, material harm, other infringements or their reasonable doubt that undermines the interest or the Service Provider or poses a threat on the provision of its services.
The system of the Service Provider can collect information about the activity of the Users. These data cannot be connected to the data which were given by the User when they registered or with the data that arises when using other websites or services.
It is obligatory to inform the User about the aim of the Data Management and about the people who will manage and process the data. This disclosure of information is sufficient if a legal rule covers the already existing Data Management and the data collection that is done through transfer or by linking.
In all cases where the Data Controller intends to use the data provided for purposes other than the purpose of the original data collection, it notifies the User and obtain their prior express consent and provides the User the opportunity to prohibit such use.
The Service Provider as Data Controller complies with the legislation in all cases when it collects, records and manages the data and does not go beyond the restrictions set by legal rules.
The Data Controller undertakes to guarantee the security of the data, to implement technical and organizational measures to ensure the protection of the recorded, stored or managed data and to do everything in its power to prevent the destruction, unauthorized use and unauthorized alteration of the data. The Data Controller also undertakes to call on any third party to whom the data may be transferred or handed over to comply with these obligations.
The Data Controller blocks the Personal data if the person concerned requests it or if it can be presumed based on the available information that erasure of the data would harm the legitimate interests of the person concerned. The blocked data can only be handled until the purpose of the data management exists that precluded the erasure of the personal data.
The User concerned and the ones that previously transferred the data with the aim of Data Management must be notified if the Personal data is corrected, blocked or erased. This notification is dispensable if – regarding the purpose of the Data Management – the legitimate interest of the person concerned is not harmed.
6. The duration of the data management
The Personal data provided by the User will be processed until the User – with the given username – unsubscribes from the service and at the same time requests the erasure of the data. The Data Controller erases the data within 10 workdays of the User’s receipt of the request. In this case, the data is erased at every Data Controller that is defined in this Policy.
When the User uses illegal, deceptive Personal data or if the User has committed a crime or attacks the system, the Data Controller is entitled to erase without delay the data of the User at the same time when the registration of the User ceases. Nonetheless, in case of reasonable doubt of a crime or civil liability, the Data Controller is entitled to store the data until the end of the legal proceedings.
The Personal Data provided by the User can only be managed by the Service Provider as the Data Controller, until the User does not request explicitly in writing the cessation of the handling. This stands even in the case if the User does not unsubscribe from the service or if the deletion of their registration only eliminates the possibility of signing in, because the stored comments and uploaded contents remain. The User’s request of the cessation of the Data Management without unsubscribing from the services does not concern his right to use the services. However, it may occur that in default of Personal Data, the User cannot use certain services. The Data Controller erases the data within 10 workdays of the User’s receipt of the request.
Data that are automatically and technically recorded during the operation of the system are stored in the system from the time of their generation until the time that is justified regarding the assurance of the operation of the system. The Service Provider undertakes to ensure that these automatically recorded data – with the exception of the cases that are made compulsory by law – are not linked with other personal data. If the User has withdrawn their consent for the management of their Personal data or has unsubscribed from the service, they will not be identifiable – excluding the investigating authorities and their specialists – using the technical data.
7. Possibility of data transfer
The Service Provider as Data Controller is entitled to and obliged to transfer all of the available data that it handles to the competent authorities regarding the data that has to be transferred according to legal rules or the final decision of an authority. The Data Controller is not responsible for this Data Transfer and its consequences.
The Service Provider keeps a data transfer record in order to verify the legality of the Data Transfer and in order to inform the person concerned.
8. Direct marketing and prize competitions
● The Service Provider will only use your e-mail address to send direct marketing messages if you have previously given your consent.
● The Service Provider can customize the direct marketing messages by utilising the information of how the User uses the services (including the payments).
● If the User no longer would like to receive direct marketing messages, they can use the “unsubscribe” link to unsubscribe from the messages.
● The Service Provider can send marketing advertisements to the User that contain gifts, prize competitions and other marketing or promotional materials that are provided by its partners; however, the Service Provider does not transfer the personal data of the User to these partners.
9. Access to data, the rights of the ones concerned, legal remedies
The person concerned is entitled to request information about the handling of their personal data and can also request the correction of their personal data and – excluding the data management set by legal rules – the erasure of their personal data.
At the request of the person concerned, the Data Controller must provide them with information regarding their personal data it handles, the data processed by the data processor entrusted by it, the source of such data, the purpose, legal basis and duration of the data handling, the data processor’s name, address (place of management) and activities in connection with the handling of the data and – in the case of transmission of the personal data – the recipients of the data transfer and the purpose of it. The Data Controller provides the requested information in writing, in a comprehensible form as soon as possible but within 30 days at best of the submission of the request. This disclosure of information is free of charge if the one requesting the information has not submitted a request for information in the current year regarding the same field.
The Data Controller erases the data if its handling is illegal, if the person concerned requests so, the purpose of the data management ceased to exist or the duration of the data storage set by legal rules has ended, if the court or the data protection officer has ordered so.
The Data Controller notifies the person concerned and everyone to whom the data has been transmitted with the purpose of data management about the correction and the erasure. This notification is dispensable if the legitimate interest of the person concerned is not harmed.
The person concerned can object to the handling of their personal data, if
the handling (transfer) of the personal data is solely necessary for exercising the right or the legitimate interest of the data controller or the data importer, except if the data management is ordered by law
the use or transfer of personal data serves the purpose of direct marketing, opinion polling or scientific research
or a legal rule makes it possible to object
The Data Controller – with the suspension of the data management at the same time – examines the objection as soon as possible but within 15 days at best and informs the claimant in writing about the result. If the objection is justified, the data controller terminates the data management – including the further recording of data and data transfer – and blocks the data. In this case the Data Controller notifies everyone to whom it transferred personal data and the ones that are obliged to take measures in order to enforce the right to objection about the objection and the actions taken because of it.
If the person concerned does not agree with the decision of the Data Controller, they can – within 30 days following the notification – can initiate proceedings before the Court.
The Person concerned can initiate proceedings before the Court against the data controller if their rights are violated. The case is given priority by the Court.
The Data Controller compensates the damages caused by the illegal handling of the data of the person concerned or by violating the requirements of the technical data protection. The Data Controller is not liable if the damages were caused by an unavoidable cause that is beyond the sphere of data management.
Compensation is not needed if the damage was caused by the intentional or negligent conduct of the aggrieved party.
You can send an e-mail to hello@preflopwhiz.com in order to exercise your rights.
If the User considers the data processing illegal, they are entitled to apply to the competent national authority that can be found on the following site: https://ec.europa.eu/digital-single-market/en/news/list-personal-data-protection-competent-authorities.
The Service Provider reserves the right to unilaterally modify this Privacy Policy any time, considering the data protection rules that are currently in force. In this case, the Service Provider notifies the Users.
This Privacy Policy was created on June 26th, 2021
This Privacy Policy was originally written in Hungarian, the original, Hungarian version is available: link