The supervisory authority for data protection is:

Nemzeti Adatvédelmi és Információszabadság Hatóság

http://www.naih.hu/

​

In general terms, Hungary Eye Info Kft. complies with European Union and Hungarian data protection legislation and is committed to upholding the key principles of date protection:

1.    Lawfulness, Fairness, and Transparency: Personal data must be processed lawfully, fairly, and in a transparent manner in relation to the data subject.
2.    Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
3.    Data Minimization: The processing of personal data is adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
4.    Accuracy: Personal data shall be accurate and, where necessary, kept up to date.
5.    Storage Limitation: Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
6.    Integrity and Confidentiality: Personal data shall be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

​

- Where necessary, Hungary Eye Info Kft understakes an interest balancing assessment and a data impact assessment before accepting instructions.

 

Rights of the Data Subject
Access to Information: Individuals have the right to access their personal data and information about how this data is processed.
Rectification and Erasure: Individuals have the right to have inaccurate personal data rectified, or where applicable, erased.
Restriction of Processing: Data subjects can request the restriction of processing of their personal data under certain circumstances.
Data Portability: Individuals have the right to receive their personal data in a structured, commonly used, and machine-readable format.
Objection to Processing: Individuals have the right to object to the processing of their personal data.
Data Security
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk and regularly evaluate the effectiveness of these security measures. All electronic devices are kept up to date and the latest security suites are installed. 2FA authentification is used on all devices and web services.
Breach Notification
In the event of a personal data breach, notify the competent national supervisory authority without undue delay and, when feasible, within 72 hours. If you believe a breach of personal data has taken place or would like to request the data you believe we hold about you, please contact us using the dedicated button in the menu above. We will communicate the data breach to the data subject without undue delay if the breach is likely to result in a high risk to their rights and freedoms.
 

Data retention:

Personal data relating to private investigations is deleted by us upon the issuing of the final invoice unless the client indicates in advance that the data may be required for legitimate legal purposes such as in a court of law or for a criminal investigation. Open source data used for other purposes may be securetly archived and retained for longer periods depending on its relevance.

​

Pleaese contact us for a copy of our full data protection policy.

​

​