This general privacy statement (“Statement”) was drawn up on the basis of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”).
This Statement was drawn up and provided by KPMG Hungária Kft. (“Company” or “KPMG”) to provide adequate information to you as a user (“User”) with regard to the processing of data detailed below and your rights with regard to data processing pursuant to Article 13 of the GDPR.
This website is owned and operated by KPMG, a member of the KPMG network. The independent member firms of the KPMG network are affiliated with KPMG International Cooperative, a Swiss entity.
This Statement contains the details of data processing carried out with regard to the website (“Website”).
2. APPLICABLE LAW
KPMG shall process personal data it has obtained in compliance with effective laws and regulations, especially the provisions of the GDPR and the provisions of Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (“Info Act”).
3. NAME AND CONTACT DETAILS OF CONTROLLER AND ITS REPRESENTTIVES
Pursuant to Article 4 (7) of the GDPR, KPMG shall be considered the data controller with regard to the processing referred to above.
• Company name: KPMG Hungária Könyvvizsgáló, Adó- és Közgazdasági Tanácsadó Korlátolt Felelősségű Társaság
• Registered office: H-1134 Budapest, Váci út 31
• Contact: Marketing and Communication department
• Email address: firstname.lastname@example.org
• Company registration number: Cg. 01-09-063183
• Tax number: 10263332-2-44
• Website: https://home.kpmg.com/hu/hu/home.html
• Telephone number:+ 36 1 887 7100
4. NAME AND CONTACT DETAILS OF DATA PROTECTION OFFICER
• Name: Dániel Veres
• Address: H-1134 Budapest, Váci út 31
• Telephone number: +36-1-887-7268
• Email address: email@example.com
5. PURPOSE OF DATA PROCESSING
Purpose of data processing:
• providing information to the User on the activities, services and professional news of KPMG through the Website (“Providing Information”).
The aim of the content and data displayed on the Website is to provide general information to people visiting the website. Notwithstanding careful procedures at KPMG, information on the Website may not be the most recent, therefore, the information available shall not be deemed as professional advice or the provision of any other service by KPMG.
• responding to various types of User inquiries (including interest in alumni, general issues, media, jobs/careers or KPMG services) and responding to Users initiating contact (“Communication”).
• submission of proposals (“Submitting Proposals”).
• with regard to applications submitted in response to job advertisements, the purpose of data processing shall be the evaluation of job applications (“Recruitment”).
Personal data shall be processed by KPMG exclusively for the purpose indicated under this point, unless it has an adequate legal basis to process data for other purposes.
6. LEGAL BASIS FOR DATA PROCESSING
The consent pursuant to Article 6 (1) a) of the GDPR shall be the legal basis for processing.
Please note that providing KPMG with personal data relating to the User shall be optional.
We hereby inform you that you have the right to withdraw your consent to processing at any time, however, this shall not affect the legality of data processing prior to the withdrawal of consent carried out on the basis of the consent.
7. CATEGORIES OF PERSONAL DATA CONCERNED
In the course of the visit we only collect personal data (“Personal Data”) that is given freely by the User to KPMG.
In the course of providing information the scope of data processed shall be the following:
• IP address, start and end time of visit
The scope of data processed for Communication and Request for Proposal is the following:
• telephone number;
• place of work;
• industrial sector (when Request for Proposal).
Data processed during Recruitment:
Please note that the User does not have to register in order to be able to use the Website. In the course of the visit we only collect Personal Data given freely by the User to KPMG.
8. RECIPIENTS OF DATA, CATEGORIES OF RECIPIENTS
KPMG may transfer Personal Data sent through the Website to other KPMG member firms or subcontractors working with it, including data transfer across borders, but this is done in strict compliance with data protection regulations.
9. TERM OF DATA PROCESSING
KPMG shall process data in the course of Providing Information, Communication and Submitting Proposals as long as it is necessary for the original purpose of the data collection or as long as such is prescribed by law, or until the User withdraws consent.
Job applications sent in response to job advertisements shall be stored by KPMG until it becomes certain that KPMG shall not make a job offer to the User having submitted the application, or until the User has rejected the job offer.
10. RIGHTS OF DATA SUBJECT
With regard to processing Personal Data defined in the Statement, we grant the following rights to the data subject:
• The right of access
• The right to be informed
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to object
• The right to data portability
• Right to lodge a complaint with the data protection supervisory authority or a court.
10.1. Right of access and to be informed
At your request the Company shall provide information on whether your Personal Data are processed. If so, in addition to providing access the Company will inform you about the categories of data processed, the purpose of the processing, the recipients of the processing or the categories of recipients, the term for storing the data or the criteria for defining this term, the exercise of the data subject’s rights, the right to lodge complaints with the competent supervisory authority, such as the National Authority for Data Protection and Freedom of Information (NAIH), the source of data, and automated decision-making, including profiling. In the event of data transfer outside the European Union or the European Economic Area, you will obtain information on the appropriate safeguards ensured in respect of data transfer.
10.2. Right to rectification
If the Personal Data processed by Company need to be rectified or supplemented, you can request the rectification of the data in writing (by mail or email), indicating the correct data.
You must notify the Company of any change in your Personal Data processed by the Company in writing (mail or email) forthwith, but no later than within 5 days of the change taking place. In the event the Company is not able to comply with an obligation prescribed by laws and regulations due to the absence of the above notification or any delay thereof, you shall be liable for all resulting damage.
10.3. Right to erasure
You have the right to request that the Company should erase Personal Data related to you without undue delay, if none of the conditions included in Article 17 (3) of the GDPR are met, and
• the Personal Data are no longer needed in relation to the purposes for which they were collected or otherwise processed;
• pursuant to point 11.5 of this Statement you object to the processing, and the Company has no overriding legitimate grounds for the processing;
• the Personal Data have been unlawfully processed;
• the Personal Data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
• the Personal Data was collected in relation to the offer of information society services.
10.4. Right to restrict processing
You have the right to request that the Company should restrict processing, if
• you contest the accuracy of the Personal Data;
• the processing is unlawful and you oppose the erasure of the Personal Data and request the restriction of their use instead;
• the Company no longer needs the Personal Data for the purposes of the processing, but you need them to establish, exercise or defend legal claims;
• you have already objected to the processing.
10.5. Right to object
The data subject has the right to object to the processing of Personal Data for direct marketing purposes. In this case, the Personal Data may no longer be processed for such purposes.
In this case the Personal Data may no longer be processed for such purposes, unless the Company demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or which are related to the establishment, exercise or defence of legal claims.
10.6. Right to data portability
The data subject shall have the right to receive the Personal Data concerning him or her, which he or she has provided to KPMG, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Company to which the Personal Data have been provided, where:
• the processing is based on consent; and
• the processing is carried out by automated means.
In exercising his or her right to data portability, the data subject shall have the right to have the Personal Data transmitted directly from one controller to another, where technically feasible.
10.7. Right to lodge a complaint with the data protection supervisory authority or a court.
Data subjects may lodge complaints related to processing with the National Authority for Data Protection and Freedom of Information (NAIH), using the following contact details:
• postal address: H-1530 Budapest, PO Box: 5
• address: H-1125 Budapest Szilágyi Erzsébet fasor 22/c
• telephone number: +36 (1) 391-1400
• fax: +36 (1) 391-1410
• email address: firstname.lastname@example.org
• website: http://naih.hu
Beyond and without prejudice to the above, data subjects shall have the right to turn to the courts relating to the processing of their Personal Data if such is in violation of the GDPR; furthermore, if they have suffered material or non-material damage due to KPMG violating the GDPR they shall have the right to enforce a claim for compensation against KPMG.
In the event of court proceedings, the competent court for the data subject’s place of residence or place of abode shall have jurisdiction.
11. COOKIES, WEB BEACONS
To collect visitors’ data with regard to the Website we use Google Analytics and Adobe Analytics systems. These data are not related to any person and may not be identified individually. So that Users may dispose of the collected data themselves, both systems provide an opportunity to unsubscribe from the data collection.
• Google Analytics: https://tools.google.com/dlpage/gaoptout
• Adobe Analytics: http://www.adobe.com/privacy/opt-out.html
KPMG shall not take any liability for any typos, content-related errors and shortcomings that might occur on the Website, furthermore, it rules out the possibility to enforce any compensation or warranty claim due to such erroneous provision of information.