Data Protection Statement
This is the Data Protection Statement of the www.tenweektitan.com website ("Website") and the Teen Week Titan Application ("App") operated by Ten Week Hungary Limited Liability Company ("Ten Week Hungary" or the "Data Controller").
The legal basis for our data protection is determined by the provisions of the General Data Protection Regulation (GDPR)
The protection of your personal data is important for Teen Week Titan. We collect and process your personal data in accordance with the legal requirements
The data controller is Ten Week Hungary Kft. You may contact us via the contact details below if you have any questions regarding the collection, processing or use of your personal data or in the case of access, rectification, blocking or erasure:
Ten Week Hungary Kft.
email: info@tenweektitan.com
phone: +36 (20) 278 4930
postal address: Hungary, 1149 Budapest, Pillangó park 7. 7/3.
The Data Controller shall process personal data in accordance with all applicable laws, but in particular with the following legislations:
We use the following data processor for different kinds of data processing:
The following data processors are used for the processing of the data:
Amazon Web Services, Inc. (AWS) is the Data Controller's server hosting and email service provider.Personal data processed: The email address of the natural person and the IP address of the device.
The processing of the email is based on Article 6(1)(a) of the GDPR, i.e. on the consent of the data subject.
The processing of the IP address is based on the legitimate interest pursuant to Article 6 (1) (f) GDPR. In the context of the balance of interests in accordance with Article 6 (1) (f) GDPR, we have considered and weighed our interest in website and app provisioning and your interest in data protection compliant processing of your personal data.
Concerning the process of the personal data the operation of Amazon Web Services, Inc. is on accordance to the EU-US Data Privacy Framework, the UK Extension to the EU-US Data Privacy Framework, and the Swiss-US Data Privacy Framework.Our data processor may process personal data only for the purposes specified by us and as contractually agreed, in accordance with our instructions. Our data processors are bound by confidentiality obligations and contractual guarantees regarding the retention of personal data obtained in the course of their duties. Duration of processing of personal data: If no contract or agreement is concluded between the Data Controller and the data subject following the pre-contractual processing and the communication cannot have any future effect, the letter(s) or message(s) will be destroyed or deleted after the communication has been completed.
Twilio Ireland Limited, (3 Dublin Landings, North Wall Quay, Dublin 1, Ireland) is our service provider via the SendGrid system for sending emails to the users of the App.Personal data processed: The email address of the natural person. The processing of the email is based on Article 6(1)(a) of the GDPR, i.e. on the consent of the data subject.
Duration of processing of personal data: The data processing will be carried out until the withdrawal of the data subject's consent or the deletion of the profil. The data subject can unsubscribe from the newsletter at any time by clicking on the unsubscribe link in the newsletters automatically or by sending an unsubscribe request to info@tenweektitan.com.
Our data processor may process personal data only for the purposes specified by us and as contractually agreed, in accordance with our instructions. Our data processors are bound by confidentiality obligations and contractual guarantees regarding the retention of personal data obtained in the course of their duties. Duration of processing of personal data: If no contract or agreement is concluded between the Data Controller and the data subject following the pre-contractual processing and the communication cannot have any future effect, the letter(s) or message(s) will be destroyed or deleted after the communication has been completed.
Openonline Kft. (address: 9231, Máriakálnok, Orgona utca 31.) is our service provider regardig our marketing activity.
Personal data processed: The email address of the natural person. The processing of the email is based on Article 6(1)(a) of the GDPR, i.e. on the consent of the data subject.
Duration of processing of personal data: The data processing will be carried out until the withdrawal of the data subject's consent. The data subject can unsubscribe from the newsletter at any time by clicking on the unsubscribe link in the newsletters automatically or by sending an unsubscribe request to info@tenweektitan.com.
Purpose of processing: sending information about the activities of the Data Controller, the operation of the app and data protection. The Data Controller's newsletters may also contain offers, information, blogposts related to its own or third parties' services.
Regarding the issuance of the invoices to the user of the app, regarding users with Apple devices Apple Inc. (One Apple Park Way, Cupertino, CA 95014, USA). Apple and regarding users using Android OS Google LLC (Gordon House, Barrow Street Dublin 4 Ireland) and Alphabet Inc. (Googleplex, Mountain View, California, U.S.) are the data controllers on the basis of their own Privacy Policy accepted by the user on the Google Play Console or the Appstore Connect. In this regards Ten Week Hungary does not use personal data as daa controller, it acts as the data processors concerning Apple and Google services.
The following data processors are used for the processing of the data:
Mailchimp, c/o The Rocket Science Group, LLC (675 Ponce De Leon Ave NE, Suite 5000 Atlanta, GA 30308 USA) is our service provider for sending our newsletters.Personal data processed: The email address of the natural person. The processing of the email is based on Article 6(1)(a) of the GDPR, i.e. on the consent of the data subject.
Duration of processing of personal data: The data processing will be carried out until the withdrawal of the data subject's consent. The data subject can unsubscribe from the newsletter at any time by clicking on the unsubscribe link in the newsletters automatically or by sending an unsubscribe request to info@tenweektitan.com.
Purpose of processing: sending information about the activities of the Data Controller, the operation of the app and data protection. The Data Controller's newsletters may also contain offers, information, blogposts related to its own or third parties' services.
In case of subscribing to the newsletter, the Data Controller records and processes the following data: e-mail address, IP address of subscription, date of confirmation of subscription, IP address of confirmation, newsletter openings, clicks on links in newsletters. The data subject is the source of the personal data, any changes to the scope of the data processed will be communicated directly by the Data Controller to the data subject at the time of their collection.
Our data processors may only process personal data for the purposes specified by us and as contractually agreed, in accordance with our instructions, and have no discretion over the processing of personal data. Our data processors are bound by confidentiality obligations and contractual guarantees regarding the retention of personal data obtained in the course of their duties.
The following data processors are used for the processing of the data:
Google Analytics and Google Ireland Ltd. (Gordon House, Barrow Street Dublin 4 Ireland)
It Squad Bt. (1068 Budapest, Király utca 102. 1.em. 6.) is our service provider for the development and operation of our website and the App.
We collect and use personal data if you provide it to us during the registration process and the use of our Website and App. We use the personal data you provide only to the extent that your data is necessary for rendering or processing our services. To protect your data from unauthorized or unlawful access, alteration or disclosure, we use encryption for transferring and storing any kind of data. We store your data jut until it is necessary to achieve the intended purpose or until you delete your account or for as long as legal retention periods require data to be stored. Your data is subsequently deleted in accordance with legal requirements or processing is restricted. If you do not register or send us information, we only collect personal data for technical purposes provided by your browser to our servers to provide you our content and guarantee stability and security. The legal basis is a legitimate interest pursuant to Article 6 (1) (f) GDPR. In the context of the balance of interests in accordance with Article 6 (1) (f) GDPR, we have considered and weighed our interest in website and app provisioning and your interest in data protection compliant processing of your personal data. As the data below is technically required for the provision of our service in order to offer you our services and also guarantee stability and security, in particular protection against misuse, we have reached the conclusion that, with a state-of-the-art oriented data security guarantee, this data can be processed whereby appropriate consideration will be given to your interest in data protection compliant processing.
| Data | Purpose of processing | Legal basis of processing | Storage period |
|---|---|---|---|
| Email address | Customer account identification, communication, newsletter | Performing the contractual relationship | Deletion of the customer account or withdrawal fo the consent |
| IP address at login | Customer account identification, data transfer at registration to web server, opertion of the app | Performing the contractual relationship | Deletion of the customer account |
The collection of data for website provision and the storage of data in log files is imperative for website and operation.
Using our login system, you can create a Teen Week Titan account for yourself that you can use to log in to all of our services. In the process, we use cookies on your browser in order to identify you. Some of our services are only accessible if you have set up your Teen Week Titan account. We will request the following data when registering (some of it is required).
| Data | Purpose of processing | Legal basis of processing | Storage period |
|---|---|---|---|
| Email address | Customer account identification, communication, newsletter | Performing the contractual relationship | Deletion of the customer account or withdrawal fo the consent |
| IP address at login | Customer account identification, data transfer at registration to web server, opertion of the app | Performing the contractual relationship | Deletion of the customer account |
The Data Controller informs the data subject that when registering and logging in to the website the possibility of transferring their data from their Facebook, Google or Apple accounts, its in order to allow their registration and subsequent access to their data already processed by these service providers which are already being used by these providers.
In these cases concerning Facebook users Meta Platforms, Inc. (Menlo Park, California), regarding Apple devices Apple Inc. (One Apple Park Way, Cupertino, CA 95014, USA). Apple and regarding users using Android OS Google LLC (Gordon House, Barrow Street Dublin 4 Ireland and Alphabet Inc. (Googleplex, Mountain View, California, U.S.) are the data controllers on the basis of their own Privacy Policy accepted by the user on Facebook, Google Play Console or Appstore Connect. In this regards Ten Week Hungary does not use personal data as daa controller, it acts as the data processors concerning Meta, Apple and Google services.
The data subjects can opt-out of the transfer of their data by using the services they have already registered with the relevant service providers. by clicking on the icon of the service provider concerned. In this case, the categories of data transmitted are will be displayed for the selected service provider. Once these data have been transmitted.
Please note, that Ten Week Hungary Kft. is not responsible for the data processing related to Meta (Facebook), Google or Apple services, and that the data processing of these service providers is described on their websites information about the providers' service providers on their websites.
We only pass your personal data on to third parties if you have given your explicit consent to this, forwarding data is necessary for the assertion, exercise, or defense of legal claims and there is no reason to assume you have an overriding legitimate interest in your data not being passed on, in the event that we have a legal obligation to forward data, and this is legally permissible and required for the performance of the contractual relationship with you. In the case of data transfer outside the European Union, the high European level of data protection essentially does not exist. It may be the case with a transfer that an EU Commission adequacy decision in accordance with Article 45 (1) (3) GDPR is not currently in place. This means that the EU Commission has not yet positively determined that the country-specific level of data protection corresponds to the level of data protection in the European Union due to the GDPR. If the recipient is located outside the European Union / European Economic Area, we have taken the necessary measures such as signing the EU standard contractual clauses approved by the EU Commission, and have additionally taken appropriate security precautions. Potential risks, which cannot be ruled out completely in connection with data transfer, is that your personal data could be processed over and above the intended purpose. Moreover, there is a possibility that you may not be able to exercise your rights in relation to data protection, for example, your right of access, to rectification, erasure, or data portability, on a consistent basis and enforce these. It may also be highly likely that data is processed incorrectly and in quantitative and qualitative terms, the protection of personal data fails to meet the requirements of the GDPR in full.
Automated decision-making is carried out in respect of the User when using the email address and IP address in that the data provided by the User is processed by means of technical means using software, and the App may automatically collect location data in respect of the data subject for the purpose of determining the location-based services.
Personal data processed: The email address of the natural person and the IP address of the device.
The processing of the email is based on Article 6(1)(a) of the GDPR, i.e. on the consent of the data subject.
The processing of the IP address is based on the legitimate interest pursuant to Article 6 (1) (f) GDPR. In the context of the balance of interests in accordance with Article 6 (1) (f) GDPR, we have considered and weighed our interest in website and app provisioning and your interest in data protection compliant processing of your personal data.
Duration of processing of personal data: The data processing will be carried out until the withdrawal of the data subject's consent or the deletion of the profil. The data subject can unsubscribe from the newsletter at any time by clicking on the unsubscribe link in the newsletters automatically or by sending an unsubscribe request to info@tenweektitan.com.
The Website uses cookies for different purposes of the Data Controller and with various legal bases. Data Controller.
Cookies are small text files stored on your computer during your website visits, enable the Data Controller to recognize your browser. They retain information concerning your use and preferences of the website duration of your website visit. Additionally, cookies store data entries made on the website, ensuring that you do not have to re-enter your information each time you use our services. By recognizing your preferences, cookies enable us to tailor our website to your areas of interest. In order to provide you with the most comfortable experience and enhance our online services, we utilize cookies, tracking pixels, or similar technologies. Every time the Website loads, it uses tracking pixels, tags embedded on the Website, to record the frequency of visits and clicks. These tracking pixels do not amend any part or the operation of the device of the User.
Required CookiesThese cookies are essential for the proper functioning of the site and cannot be disabled. Without these cookies, you will not be able to use or view our site properly.
Purpose of these cookies:These cookies enable us to analyze site usage for performance measurement and improvement. They are also utilized by advertising companies to display ads relevant to your interests.
Session cookies are temporary cookies that only remember your activity while you are on the website and expire when you close your web browser. Persistent cookies are used to remember your preferences within the website and remain on your desktop or mobile device even if you close your browser or restart your device.
Marketing cookies are placed on our website by our partners Facebook, Google Ads, Google Search.
The purpose of the cookies provided by Facebook is to make the ads displayed to the user through Facebook's services as relevant as possible to the user and to serve as a means of retargeting the user to products viewed on the website.
The cookie provided by Google Ads is used to track sales and other conversions from ads and free data.
The cookie provided by Google Search Ads 360 enables more productive management of search campaigns.
How can you control, manage or turn off cookies?When you access the Website, if you have not previously opted in to cookies, a pop-up window will inform you of the cookies used on the Website and of third party partners who place cookies on the Website. This pop-up window gives you the opportunity to refuse the installation of cookies that are not necessary for the functioning of the Website and to continue browsing the Website.
When accessing the Website, the pop-up window will inform the User of the categories of cookies used on each Website, to which the User may give his/her consent or refuse the use of cookies, category by category. In addition, the User will find information about third party partners who use cookies on the Website and the privacy policy of our partners. Here, the User has the possibility to opt-out or give consent to the use of cookies (irrespective of the category) of each of our partners.
Detailed information on the different browsers can be found in the links below:
The data subject shall have the right to receive feedback from the controller on whether his or her personal data are being processed. If his or her personal data is being processed, he or she has the right to receive detailed information about the processing of his or her personal data processing concerning him or her, including the categories of personal data processed in relation to him or her.
The Data Controller shall provide the data subject with a copy of the personal data which are the subject of the processing to the data subject. The information shall be provided free of charge if the data subject has not requested earlier the information in the current year for the same set of data the same year to the controller. The information requested by the data subject the controller shall charge a reasonable fee, based on administrative costs, for the additional information requested.
The data subject shall have the right to obtain from the controller, at his or her request and without undue delay, the rectification of inaccurate personal data relating to him or her. The controller shall correct personal data where they are inaccurate and the accurate personal data are at its disposal is available to the data controller. Having regard to the purposes of the processing, the data subject shall have the right to obtain the rectification of inaccuracies in the personal data, inter alia, by means of a supplementary declaration.
The data subject shall have the right to obtain, at his or her request and without undue delay, the erasure of personal data relating to him or her personal data. The Data Controller may comply with this request in that case, where the personal data are no longer necessary for the purposes for which they were collected or otherwise processed. The erasure of personal data concerning the data subject shall be carried out if the data subject objects to the processing and there is no legitimate interest on the part of the Data Controller or a third party overriding legitimate grounds for the processing. The erasure of personal data concerning the data subject shall be carried out if the data subject objects to the processing and there is no legitimate interest on the part of the Data Controller or a third party overriding legitimate grounds for the processing. Please be aware that your personal data may not be deleted or erased by the Data Controller in order to comply with a legal obligation of preservation or the establishment, exercise or defence of a legal claim.
The data subject shall have the right to have restrictions on processing the personal data upon his or her request where one of the following conditions is met:
If the processing is subject to restriction on the basis of the above, the storage of such personal data shall be except for storage, only with the consent of the data subject or for the purpose of bringing legal claims, the exercise or defence of legal claims or the protection of the rights of another natural or legal person or for important public interests of the European Union or of a Member State. The Data Controller shall inform any recipient of the rectification, erasure, erasure or or restriction of processing to whom or with whom the personal data have been disclosed, unless this proves impossible or involves a disproportionate effort.
The data subject shall have the right to obtain access to the personal data relating to him or her provided by the Data Controller in a structured, commonly used, machine-readable format and to transmit these data to another controller without prevented from doing so by the Data Controller, where the processing is based on consent; and is carried out by automated procedures. In exercising the right to data portability, the data subject shall have the right to request, where technically feasible, the direct transfer of personal data between data controllers. The exercise of this right shall be exercised without affecting the right to erasure. The said right shall not apply where the processing is required for the performance of a task carried out in exercising an official authority of the Data Controller for the sake public interest. The exercise of the right shall not adversely affect the rights and freedoms of others.
The data subject shall have the right to object at any time on grounds relating to his or her particular situation the processing of his or her personal data on the basis of Article 6(1)(e) or (f) of the GDPR, including profiling based on those provisions. In such a case, the Data Controller may not continue the processing of personal data unless it can demonstrate that the processing is bases on justified and legitimate grounds which override the interests of the data subject’s rights and freedoms, or which are necessary for the establishment of legal claims, exercise or defence of legal claims.
In the event of the unexpected death of the data subject, his or her rights can be practiced by another person determined by the data subject during his or her lifetime by means of a declaration in a private document or by a declaration in a private document with full legal effect.
If the data subject does not make a declaration in accordance with the above during his or her lifetime, the a close relative within the meaning of the Civil Code shall be entitled to claim the right to right to rectification or the right to object to the processing, and - if the processing was unlawful during the lifetime of the data subject or if the purpose of the processing was has ceased to exist upon the death of the data subject, his or her close relatives shall have the right to obtain the erasure or rectification of the data or restriction of processing within five years of the death of the data subject. The rights of the data subject under this paragraph shall be the next of kin who has first to exercise that right. The person who exercises the rights of the data subject in the event of the death of the data subject shall prove the fact and the date of the death of the person concerned by means of a death certificate or a court order and, in the case referred to in the preceding paragraph, by a court decision and by his or her own identity, and, in the case of a close relative concerned by a public document.
Our website may contain links to the websites of other providers. Please note that this Data Privacy Statement applies only to the Website and App of Teen Week Titan. We have no influence on or control over the compliance of other providers with applicable data protection regulations.
We reserve the right to amend or adjust this Data Privacy Statement at any time subject to compliance with applicable data protection regulations.
In order to exercise his or her right to judicial remedy, the data subject may bring an action against the controller if he or she considers that the controller or a processor or a joint controller acting on our behalf or at our instructions is processing his or her personal data in breach of the provisions of the law or of a legally binding act of the European Union on the processing of personal data. The court will decide the case out of turn. The tribunal shall have jurisdiction to hear the case. The lawsuit may be brought, at the option of the data subject, before the court of the place of residence or domicile of the data subject or before the court of the seat of the Data Controller (Metropolitan Court). Anyone may initiate an investigation against the Data Controller by filing a complaint with the National Authority for Data Protection and Freedom of Information (NAIH), alleging that the processing of personal data has resulted in a violation of rights or an imminent threat thereof, or that the Data Controller is restricting the exercise of his or her rights in relation to the processing or is refusing to grant such rights. The notification can be made using one of the following contact details:
National Authority for Data Protection and Freedom of Information
(NAIH)
Postal address: 1363 Budapest, Pf. 9, 1363 Budapest, Hungary
1313 Budapest, 1055 Budapest, Falk Miksa utca 9-11.
Phone:+36 (1) 391-1400, Fax: +36 (1) 391-1410
E-mail:ugyfelszolgalat@naih.hu
URL: http://naih.hu