Privacy Policy

PROTECTION OF YOUR PERSONAL DATA

 

China-CEE INSTITUTE is committed to being a trusted and responsible partner for all of its valued customers. This means that we are committed to operating in an open and transparent manner and in compliance with applicable laws and regulations, including providing our customers with up-to-date information about our collection and use of personal data.

 

We encourage you to read our Data Privacy Statement which details, among other things, what personal data we process about you and for what purposes. It also summarizes what your rights are when it comes to this data.

 

DATA PRIVACY STATEMENT

We would like to provide you with information about what information about you (your “personal data”) that we collect, what we use it for, with whom we share it and what rights you have.

 

DEFINITIONS

personal data’ means any information relating to an identified or identifiable natural person(‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording,organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future;

controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;

third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;

consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;

enterprise’ means a natural or legal person engaged in an economic activity, irrespective of its legal form, including partnerships or associations regularly engaged in an economic activity;

 

 

PRINCIPLES RELATING TO PROCESSING OF PERSONAL DATA

Personal data shall be:

(a)        processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);

(b)       collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89( 1) of GDPR, not be considered to be incompatible with the initial purposes (‘purpose limitation’);

(c)        adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);

(d)       accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);

(e)        kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89 (1) of GDPR subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’);

(f)        processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).

  1. The controller shall be responsible for, and be able to demonstrate compliance with, paragraph 1 (‘accountability’).

 

THE TYPES OF PERSONAL DATA WE COLLECT:

  • A) Contact information – such as name, address, phone number, email address, and login information;
  • B) Information about your purchase of services – such as registration information, and enrolment status in services;
  • C) Data collected when you are visiting our website – such as data collected through cookies and other automatically collected data to provide you with our websites, or information that you provide us with when visiting our websites (such as through contact forms etc.).

HOW WE COLLECT PERSONAL DATA:

  • from you or your representative when purchasing your product, registering your product, visiting our website, activating your account, ordering a service, participating in our campaigns, creating a product review or when downloading and using an application;

 

You may choose not to provide certain types of personal data to us. If you choose to do so, this may affect our ability to provide you with, and your ability to make use of, certain services. However, unless otherwise specified, your choice not to provide such information will not result in legal consequences for you.

 

WHY WE PROCESS YOUR PERSONAL DATA AND THE LEGAL BASIS FOR THE PROCESSING

(Register of data records (GDPR Article 30))

We may use your personal data for the following purposes (collectively “Processing Purposes”):

 

Activity Type(s) of personal data Processing Purposes Legal basis Data transmission Method and time of storage
Contact information Name

Telephone number

E-mail address

 Time coordination, cancellations, communication Consent Consent GDPR Article 6. (1) a) nNot forwarded until the registration / service exists or until the consent of the person concerned is withdrawn (date of its cancellation)
Send newsletter Name

Telephone number

E-mail address

 ecommendation, new services, sending marketing communications Consent GDPR Article 6. (1) a) nNot forwarded until the registration / service exists or until the consent of the person concerned is withdrawn (date of its cancellation)
Registration Information Name

Telephone number

E-mail address

 Customer-account Consent Consent GDPR Article 6. (1) a) Web storage:
Plus Kreatív & Média Kft.		 until the registration / service exists or until the consent of the person concerned is withdrawn (date of its cancellation)

 

YOUR CONSENT

Where the processing activity is based on your consent, you have the right to withdraw your consent at any time. The revocation of your consent will however not affect the lawfulness of any processing based on your consent before its withdrawal.

 

INFORMATION THAT WE SHARE

For the Processing purposes set out above, we may share or disclose your personal data:

  • As required by law, to comply with legal process and/or to respond to requests from public and government authorities;
  • With service providers and suppliers trusted to provide services and appliances on our behalf as well as with our partners;
  • To enforce our terms and conditions; or
  • To protect our rights.

 

When sharing personal data with a third party, China-CEE INSTITUTE requires that such third party agrees to protect and handle your personal data in accordance with all legal, regulatory and contractual obligations, or other instructions we provide to them.

 

YOUR CHOICES REGARDING MARKETING AND INFORMATION

You have certain choices regarding how we use and share your personal data for marketing and similar purposes. Subject to your consent, China-CEE INSTITUTE may send you information about services, events and promotions. The communication may be sent via different channels: email, phone, SMS, post. We would like to provide you with the best experience, therefore the communication might be tailored based on the data collected and your preferences.

 

Where required by law, we will obtain your prior consent. You may withdraw your consent to marketing at any time For example, you can unsubscribe from messages by following the unsubscribe instructions within the message or go to your online account to update your preferences.

 

If you choose not to receive marketing communications, your personal data may still be used for the other purposes described in this Data Privacy Statement, such as communicating with you for administrative or transaction purposes as part of the contractual relationship we have with you or where required by law.

 

YOUR RIGHTS UNDER EU/EEA LAW

If you are located in the EU/EEA, or if your personal data is otherwise being processed by an China-CEE INSTITUTE entity within the EU/EEA, you have the following rights:

 

  1. Request access to your personal data;
  2. Rectification of your personal data;
  3. Request the erasure of your personal data;
  4. Restrict the processing of your personal data;
  5. Request that your personal data be provided in a format that can be transferred to you or another organization (portability);
  6. Object to the processing of your personal data; and
  7. Lodge a complaint with the competent supervisory authority.

 

If you have any questions regarding these rights, or if you would like to exercise any of these rights, you may do so in writing, by phone or via email.

Please note that exercising these rights may impact our ability to provide you with certain functionality or services.

 

SECURITY OF YOUR PERSONAL DATA

China-CEE INSTITUTE will take appropriate technical and organizational measures in line with applicable data protection laws, including requiring our service providers, business partners or professional advisors to use appropriate measures to protect your personal data.

 

STORAGE OF YOUR PERSONAL DATA

We will store your personal data for as long as may be required by law, or as required under any contract. If there is no legal requirement, we will retain information about you only for so long as is necessary for the purpose/s for which it was collected.

 

PROCESSOR

‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

The use of the data Processor does not require the prior consent of the data subject, but it is necessary to inform him / her. Accordingly, we provide the following information:

Our IT Service Provider

Our Company uses a data processor to maintain and manage its website, which provides IT services (hosting services) and, in the framework of this contract, keeps the personal data provided on the website, its operation is to store personal information on the server.

Plus Kreatív & Média Kft.

Tax number: 24890410-2-41

Company address: 1055 Budapest, Bajcsy-Zsilinszky út 72. 3/12

Company registration number: 01-09-191064

Represented b:            Simon Zoltán

 

HOW TO CONTACT US

The controller of your personal data is

 

Kina-KKE Intezet Nonprofit Kft.

Tax number: 25912678-1-42

Company adress: 1052 Budapest Petofi u. 11. 1/1.

Company registration number: 01-09-295929

Email address: chen-xin@cass.org.cn

Represented by: Dr. Chen Xin

 

If you want to exercise your data subject rights or if you have any other questions concerning this Data Privacy Statement, please submit your request at chen-xin@cass.org.cn.

 

UPDATES TO THIS DATA PRIVACY STATEMENT

We may update this Data Privacy Statement.  Any changes to this Data Privacy Statement will become effective as of the date it is published, or as otherwise required by law.

 

We may, by modifying this Data Privacy Statement, receive a system message (but is not required) to inform the Users of the change. On the basis of the information provided in the notification, the rights to data management must be exercised.

 

The next entry of the User accepts the applicable Data Privacy Statement provisions.

 

In Hungary, the Data Protection Supervisory Authority: National Data Protection and Information Authority (1125 Budapest, Erzsébet Szilágyi fasor 22 / C) ugyfelszolgalat@naih.hu.