Privacy policy
The privacy of our website’s users is very important to us, which is why we have developed this Privacy Policy so that you can understand how we collect, process, disclose, and use your personal information. 6water Club Nonprofit Kft.. as the Data Controller of the service and personal data ensures that: 1. Data shall always be collected for specified and clearly defined purposes and to the extent necessary to achieve those purposes. 2. Personal data shall be kept for as long as necessary to achieve these purposes. 3. Personal data shall be collected lawfully and fairly at all times, where appropriate, with the knowledge or consent of the data subject. 4. Personal data is protected with reasonable safeguards against loss or theft, as well as against unauthorized access, disclosure, copying, use or modification. 5. Its clients are provided with information about the rules and practices relating to personal data management.
Article 1. Privacy and Processing Information
1. The Data Controller of personal data is 6water Club Nonprofit Kft.. with its registered headquarters in 1221 Budapest, Kapisztrán u. 6-8., Tax Identification Number: 28773197-2-43 2. 6water Club Nonprofit Kft.. as a personal data Controller (hereinafter referred to as “Controller”) pays great attention to the protection of privacy and confidentiality of personal data of Users who make their data available in electronic form through forms available on the website in the domain Cheekyheads.com (hereinafter referred to as “Cheekyheads.com”), the rules of which are specified in the Terms of Use (hereinafter referred to as “Terms of Use”) or by registering to meetups and forums organized by Cheekyheads. 3. The Data Protection Officer of 6water Club Nonprofit Kft.. is Tamás Mezei who can be contacted via e-mail: tamas.mezei@6waters.com. 4. The Controller shall, with due diligence, select and apply appropriate technical and organizational measures to protect personal data being processed. Full access to databases is granted only to persons authorized by the Controller. 5. The Controller protects personal data against unauthorized access and processing in violation of applicable regulations. 6. Visitors to Cheekyheads.com can browse through subpages of the website without providing personal data.Article 2. Grounds for processing personal data
1. Personal data shall be processed by the Controller in accordance with the law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as ‘GDPR’). 2. Personal data are processed to: 3. answer questions addressed to the Controller through the contact forms available on Cheekyheads.com website, including interactive windows available on each subpage of the website (according to article 6.1.f of the GDPR); 4. dispatch of marketing content, including information about planned events and workshops, business information, joining event community, newsletter or dispatch of eBooks and other information on the basis of the consent (Article 6(1)(a) of the GDPR); 5. recruitment, including: – to establish and maintain contact with the Candidate in relation to the application documents submitted, pursuant to Article 6(1)(b) of the GDPR, i.e. in relation to taking action at the request of the data subject before concluding a contract, – carrying out and resolving the recruitment process based on Article 6(1)(b) of the GDPR, i.e. taking the necessary actions at the request of the data subject before concluding the contract – in the scope of data indicated in Article 221 §1 of the Labor Code and on the basis of the Candidate’s consent, i.e. Article 6(1)(a) of the GDPR and in the scope of data beyond the catalog indicated in Article 221 §1 of the Labor Code, – to take account of the Candidate’s application documents in future recruitment processes on the basis of his/her voluntary agreement (Article 6(1)(a) of the GDPR). 6. establishing contact in order to prepare, at the Customer’s request, an offer of the Controller’s services and/or products tailored to the Customer’s needs (Art. 6.1.b of the GDPR), 7. adapting and developing the website’s functionalities, including its structure and content to the needs of Internet users, creating aggregated statistics, and preserving the security and quality of services provided by the service – based on the legitimate interest of the Controller (Article 6(1)(f) of the GDPR); 8. investigation or safeguard against possible claims (according to Article 6(1)(f) of the GDPR); 9. conducting statistical analysis of information about participants of our events (according to Article 6 (1) (f) of the GDPR) where the legitimate purpose is to have information about the statistics which allows us to improve our activities. 10. Regardless of the purpose of the processing, providing the data is voluntary, however, failure to do so may prevent, depending on the specific case, the conclusion of a contract, use of selected services within the service and its functionality or receipt of marketing content. 11. The User should not provide the Controller with personal data of third parties. In case of transfer of third parties’ data, the User is obliged to sign a declaration that s/he has the consent of third parties to transfer the data to the Controller.Article 3. Scope of processing of personal data
The Controller processes personal data only to the extent necessary to achieve a strictly defined purpose, in accordance with the information indicated below: 1. Sending a message through the contact form, among others: e-mail address and telephone number and all other information that the User will provide of his/her own free will in the addressed message; 2. Sending newsletters, commercial and business information and e-books: name and surname, e-mail address, telephone number, among others; 3. Recruitment: the e-mail address from which the message was sent and the information contained in the application form; 4. Preparation of offers: name and surname, e-mail address, telephone number, and other information contained in the message sent through the contact form; 5. Customization and development of website functionality: IP addresses collected during Internet connections for technical purposes related to server administration. The Controller does not make automated decisions on the basis of data collected about Users.Article 4. Data retention period
Personal data shall be kept only for the time necessary to achieve the specific purpose for which it was transmitted or to ensure compliance, as set out below: 1. Personal data collected for the purpose of answering questions asked via the contact form will be processed no longer than 12 months after the last contact; 2. Data collected for the purpose of sending marketing content, newsletters, commercial and business information and e-books will be processed until the withdrawal of consent by the User; 3. Personal data collected for the purposes of recruitment will be processed for the duration of the recruitment process, and if the Candidate agrees to leave the data for the purposes of future recruitments, they will be stored until the withdrawal of the consent, but not longer than 24 months from the date of its granting; 4. Personal data collected for the purposes of preparing a personalized offer for products and/or services will be processed for the duration of the offer negotiation, and after its completion for 12 months counted from the date of the last contact, or they will feed the Controller’s customer database in order to execute the concluded agreement.Article 5. Recipients of personal data
1. Users’ data may be made available to entities authorized to receive data in accordance with applicable laws, including relevant judicial authorities. 2. Personal data may be transferred to entities cooperating with the Controller on the basis of appropriate agreements, including selected marketing agencies and partners providing technical services (development and maintenance of IT systems and websites).Article 6. Rights of persons
1. The user is obliged to provide complete, current and up-to-date data. 2. Every user whose personal data is processed by the Controller is entitled to: 3. access the data, 4. correct the data, 5. deletion of the data, 6. restrict the processing of data, 7. transfer the data, 8. object to the processing of data which takes place on the basis of the Conotroller’s legitimate interest, 9. withdraw consent (where processing is based on consent) at any time without affecting the lawfulness of processing carried out on the basis of consent before withdrawal. 10. You can exercise the rights set out in the above section by sending an appropriate request, providing your user name and e-mail address to info@Cheekyheads.com. 11. The user has the right to appeal to the supervisory authority if he considers that the processing of personal data violates the rules of the GDPR. 12. In order to unsubscribe from the communication, please select “Unsubscribe” button on the bottom of the e-mail you received from us, update email preferences in the second step by unchecking the types of email you do not want to receive and accept the settings.