Privacy policy

     

    This Data Processing Notice defines the data protection related rules governing the use of Laserpark Budapest (“Laserpark”) operated by Elevenpark Kft (“Controller”) and of the related online information, reservation, and ticket sales site (www.laserpark.hu) as visitors (the “Data Subject”).

    The personal data of the Data Subject shall be processed by the Controller in accordance with the provisions of this Data Processing Notice, the General Data Protection Regulation (the “GDPR”), and Act CXII of 2011 on Informational Self-determination and Freedom of Information (the “Information Act”).

    1. THE CONTROLLER

    Name: Elevenpark Kft.
    Registered seat: 2085 Pilisvörösvár, Szent Erzsébet utca 45.
    Court of registration:
    Company registration number: Company Registry Court of the Budapest Regional District Court
    Cg. 13-09-130348
    The place of data processing: 1117 Budapest, Hengermalom út 19-21.
    Website of the actual data processing: www.laserpark.hu (“website”) E-mail address: This email address is being protected from spambots. You need JavaScript enabled to view it.


    2. PRINCIPLES AND PURPOSES OF THE DATA PROCESSING ACTIONS

    Only such personal data shall be processed by the Controller that are indispensable for the achievement of the purpose of the processing and which are suitable for such purpose, and in connection with this, the Controller shall protect the personal data of the Data Subject.

    The purpose of data processing is to enable the Controller to learn more about the needs of visitors of Laserpark, and to provide even more useful and customized content and service and secure online ticket purchasing. The Controller does not use the data for any purpose other than those mentioned above.

    3. ACTIVITIES RELATED TO THE DATA PROCESSING

    The following data processing actions/processes shall be performed by the Controller in the course of use of the below cookies, ticket purchase, billing, sending of newsletters, use of cameras, taking photos and recordings:

    3.1 Cookies

    The Controller is using cookies at the www.laserpark.hu website. Cookies are small text files of information stored by your browser on the hard drive of your computer. Cookies allow web applications to adjust their operation to your preferences and to learn more about your likes and dislikes, by collecting and storing preference-related information.
    The special policy on the use of cookies is available here.

    Purpose of data processing: To improve the quality of the Controller’s services; to develop the website content according to the visitors’ needs
    Legal basis of data processing: The explicit consent granted in terms of the use of cookies.
    Duration of data processing: Until the cookies are deleted by the Data Subject
    Erasure or modification of data: Most browsers allow you to view the active cookies on your computer and you may delete them, furthermore you can block the cookies of a specific website or all of the websites. You have the option to set your browser so that it will reject the cookies or warn you when cookies are sent to your device.

    3.2 Using the service: making reservations, purchasing tickets

    Data Subjects can purchase tickets online and make reservations through the ticket purchasing page of the website. For further information see the FAQ and the General Terms and Conditions (Chapter IV.B). The following data processing actions are performed when tickets are purchased:

    Processed personal data: Surname and first name, country, telephone number, e-mail, address
    Purpose of data processing: To provide the reservation service; To comply with the obligation to provide/issue invoices; To exercise and perform the rights and obligations arising from the contract concluded with the Data Subject
    Legal basis of data processing: Legitimate interest, mandatory data processing required pursuant to the tax regulations (statutory legal provision)
    Duration of data processing: Obligation of retention according to the tax laws: 10 tax years; the period of time required for achievement of the purpose of data processing
    Erasure or modification of data: The Data Subject can ask for information about the processed data and may request rectification of such data.

    Controller shall not receive any information about the data content of the SimplePay payment site (i.e. the data of the respective bank or credit card) since the payment site is a completely secure and protected Internet site, independent from the Controller.

    3.3 Invoicing

    Once the reservation has been confirmed, Controller shall have the right to invoice the amount payable for the tickets purchased by the Data Subject. The following data shall be required for that purpose:

    Processed personal data: Surname and first name, e-mail, telephone number, billing address (domicile)
    Purpose of data processing: Compliance with the obligation to provide/issue invoices; provision of customer service assistance to the Data Subjects when payment is made online, by bank/credit cards, confirmation of the transactions and fraud-monitoring performed for the sake of protection of the users
    Legal basis of data processing: Mandatory data processing required pursuant to the tax regulations (legal provision); Legitimate interest of the Controller
    Duration of data processing: Obligation of retention according to the tax laws: 10 tax years
    Erasure or modification of data: The data subject can ask for information about the processed data and may request rectification of such data.

    3.4 Sending of Newsletters

    During registration, the Guest may permit the Controller to send newsletters in e-mail to the Guest, in connection with the Controller’s activities (promotion e-mails, notifications, offers, loyalty programme news, special offers, advertisements, reminders).

    By subscribing, the Data Subject consents to the processing of their personal data provided here for purpose of sending of the newsletter, and accepts the Data Processing Notice of the Controller.

    Processed personal data: Surname and first name, e-mail address
    Purpose of data processing (1): Liaising with the customers, provision of information regarding the ordered products, the event, notification in the event of any possible changes, sending of information
    Legal basis of data processing: Legitimate interest of the Controller (securing the contractual performance of the service)
    Duration of data processing: Until withdrawal of the consent granted for processing, until deletion of the registration.

    Purpose of data processing (2): Provision of information to the persons subscribing to the newsletter about the Controller’s activities, events, programs, services, different news, furthermore reminders or information may also be sent about specific events or any possible changes thereof.
    Legal basis of data processing: The data subject’s voluntary consent
    Duration of data processing: Until withdrawal of the consent granted for the sending of newsletters, but maximum for the period of time required for achievement of the processing purpose
    Erasure or modification of data: The data subject can ask for information about the processed data and may request rectification, supplementation or erasure of the data.

    Processed personal data: Surname and first name, e-mail address, date of birth (day, month, year)
    Purpose of data processing (3): Provision of services related to the loyalty program membership (Funandmore.club), provision of information to the Data Subject about the Controller’s activities, events, programs, services, different news, sending of reminders or information about specific events, provision of birthday discounts

    Legal basis of data processing: Legal relationship subjecting the Funandmore.club loyalty program membership
    Duration of data processing: Until termination of the membership or until withdrawal of the consent granted for the sending of newsletters, but maximum for the period of time required for achievement of the processing purpose
    Erasure or modification of data: The data subject can ask for information about the processed data and may request rectification, supplementation or erasure of the data.

    3.5 Use of cameras, making image and video recordings

    Controller is operating video cameras in Laserpark. Our special policy on the use of the camera surveillance system is available here and is also displayed at the entrance of Laserpark. The data processing related to cameras recordings shall be performed as follows:

    Processed personal data: The Data Subject’s image
    Purpose of data processing (1): To protect the life, safety and health of the Data Subject, monitoring of proper compliance with the safety rules.

    Legal basis of data processing: Contract (see: Section VII.3 of the General Terms and Conditions)
    By entering the area of Laserpark, the Data Subject expressly and clearly accepts and acknowledges (implied by conduct) the legitimate use of the cameras
    Erasure or modification of data: The Data Subject can ask for information about the processed data and may request blocking, modification or erasure of such data.

    Processed personal data: The Data Subject’s image
    Purpose of data processing (2): Protecting the equipment of Laserpark and its commercial units, the personal assets of the Guests, Data Subjects and the Controller’s employees (protection against theft and burglary), i.e. to detect and prevent violations, to catch perpetrators in the act, and to provide evidence thereof at the competent authorities and courts.

    Legal basis of data processing: Contract (see: Section VII.3 of the General Terms and Conditions)

    By entering the area of Laserpark, the Data Subject expressly and clearly accepts and acknowledges (implied by conduct) the legitimate use of the cameras.
    Erasure or modification of data: The Data Subject can ask for information about the processed data and may request blocking, modification or erasure of such data.

    Processed personal data: The Data Subject’s image
    Purpose of data processing (3): To monitor money management and movements within the office premises.
    Legal basis of data processing: Contract (see: Section VII.3 of the General Terms and Conditions) By entering the area of Laserpark, the Data Subject expressly and clearly accepts and acknowledges (implied by conduct) the legitimate use of the cameras.
    Erasure or modification of data: The Data Subject can ask for information about the processed data and may request blocking, modification or erasure of such data.

    Processed personal data: The Data Subject’s image
    Purpose of data processing (4): To present the operation and activities of Laserpark on the Facebook, instagram and youtube accounts of Laserpark.

    Legal basis of data processing: Contract (see: Section VII.4 of the General Terms and Conditions) By entering the area of Laserpark, the Data Subject expressly and clearly accepts and acknowledges (implied by conduct) the legitimate use of the cameras.

    4. PROCESSING AND TRANSFER OF DATA

    Controller shall transfer the personal data acquired from the Data Subjects only to the predefined processors specified by law.

    Controller agrees not to provide Data Subject with any additional services without the Data Subject’s request or prior consent, and also to make it possible to stop the provision of such services in every case.

    The data shall be transferred by the Controller, in order to meet its statutory obligations, to the following recipients:

    Recipient’s name: OTP Mobil Kft.
    Contact details of the recipient: 1093 Budapest, Közraktár u. 30-32.
    Prospectus of the recipient: http://simplepay.hu/vasarloknak/ and

    Purpose of data processing: Execute ticket purchases with bank/credit cards; Compliance with the obligation to provide/issue invoices
    Legal basis of data processing: Mandatory data processing required pursuant to the tax regulations (legal provision)
    Duration of data processing: Obligation of retention according to the tax laws: 10 tax years
    Erasure or modification of data: The data subject can ask for information about the processed data and may request rectification of such data.

    Recipient’s name: Kulcs-Soft Nyrt.
    Contact details of the recipient: http://www.kulcs-soft.hu/

    Purpose of data processing: Compliance with the obligation to provide/issue invoices
    Legal basis of data processing: Mandatory data processing required pursuant to the tax regulations (legal provision)
    Duration of data processing: Obligation of retention according to the tax laws: 10 tax years
    Erasure or modification of data: The Data Subject can ask for information about the processed data and may request rectification or erasure of such data.

    5. DATA STORAGE AND ACCESS

    All data are stored on the servers and computers of the Controller, in printed or digital format, or in computer systems located on the premises of designated third parties.

    The processed data may be accessed only by authorized employees of the Controller who are involved in the provision of the services relating to the Data.

    With a view to ensuring the security of the Data, the Controller applies a security system that is at least common in the profession, including the regular updating, extension and maintenance of that system, and takes any and all reasonable measures to prevent unauthorized persons from accessing the processed data.

    6. RIGHTS OF THE DATA SUBJECT, ENFORCEMENT OF CLAIMS

    The Data Subject has the right to request access to and rectification, modification or erasure or restriction of processing of personal data relating to the Data Subject, specified in Section 3 of this Data Processing Notice or to object to processing of these personal data.

    6.1 Requesting information

    The Data Subject has the right to request information whether any data processing is executed in terms of their personal data.

    Within 25 days of receipt of such a request, the Controller informs the Guest in writing about the followings:
    1. the processed data;
    2. the source of such data;
    3. the purpose of data processing;
    4. the legal basis of data processing;
    5. the duration of data processing; and
    6. the legal basis and recipient of any data transfer.

    6.2 Withdrawal of consent

    The Data Subject may withdraw his/her consent granted to the data processing based on consent (hence, among others, to the sending of newsletters) at any time, in a letter sent to the Controller’s registered office (2085 Pilisvörösvár, Szent Erzsébet utca 45.) or in an e-mail to This email address is being protected from spambots. You need JavaScript enabled to view it..

    6.3 The right to object

    The Data Subject has the right to object to the processing of his/her personal data,
    - if the processing of the personal data is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights of the Data Subject which require protection of personal data, in particular where the Data Subject is a child;
    - if the processing of the personal data is carried out for direct marketing purposes;
    - in other cases specified by law.

    Controller shall examine the objection within 15 days from submission of the request and shall decide whether such objection is well-founded or not and shall inform the complainant about its decision in writing, without delay. If the Data Subject does not agree to the Controller’s decision made in terms of the objection or if the Controller fails to comply with the above deadline, the Data Subject may bring the case to court within 25 days from the day the decision was communicated or from the last day of the deadline.

    6.4 Right to data portability

    The Data Subject shall have the right to receive the personal data concerning him or her, which he or she has provided to the Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

    6.5 Rectification and erasure of Data

    If the personal data is incorrect, deficient or incomplete and the correct and proper data is available to the Controller, the Controller shall correct the data.

    The data must be deleted, without undue delay, if
    - the personal data are no longer necessary in relation to the purposes for which they were collected or processed;
    - Data Subject withdraws his/her consent and there is no other legal basis for the processing;
    - Data Subject objects to the processing and there are no overriding legitimate grounds for the processing;
    - the personal data have been unlawfully processed;
    - the personal data have to be erased for compliance with a legal obligation.

    The personal data of the Data Subject does not need to be erased, if the data processing is required for the following
    - for exercising the right of freedom of expression and the right to information;
    - for compliance with an obligation stipulated by law, which requires processing of the personal data;
    - for the establishment, exercise or defence of lawful claims.

    The Controller shall inform the Data Subject about any possible rectification, modification or erasure of the data. The above notification need not be sent if, taking into account the purpose of data processing, this does not violate the legitimate interests of the Data Subject.

    6.6 Restriction of data processing

    The Controller shall restrict processing at the Data Subject’s request, if
    - the Data Subject disputes the accuracy of the personal data;
    - the processing is unlawful and the Data Subject opposes the erasure of the personal data and requests the restriction of their use instead;
    - the controller no longer needs the personal data for the purposes of the processing, but they are required by the Data Subject for the establishment, exercise or defence of legal claims.

    The period of restriction of data processing is limited to the period
    - that is required by the Controller to verify the accuracy of the personal data;
    - for which the legitimate interest underlying the data subject’s request is in existence.
    During the period of restriction of data processing, the restricted personal data shall, with the exception of storage, only be processed with the Data Subject's consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of public interest.

    6.7 Enforcement of claims

    Any person may initiate an investigation by the Hungarian National Authority for Data Protection and Freedom of Information (address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c, the “Authority”) by submitting a complaint regarding any violation, or the imminent threat thereof, concerning the processing of the data. The proceedings of the Authority are free of charge.

    Data Subjects may also bring the case to court in case of any violation of their rights. The Controller is required to show that the processing of personal data is pursued in full compliance with applicable legislation. The started legal procedure shall be judged by the competent regional court. At the Data Subject’s discretion, the legal action can be started at the regional court having competence according to the Data Subject’s domicile or habitual residence as well.

    7. OTHER PROVISIONS

    The Controller’s pages may contain weblinks or hyperlinks pointing to pages operated by other service providers where the Controller has no influence over the processing of personal data, therefore the Controller does not assume any liability for the data processing or data transmission actions or personality right related procedures executed by these pages.

    The Guest’s consent was granted to the Controller on a voluntary basis, based on proper and sufficient information received, given in the form of an explicit statement. The Guest’s consent may be withdrawn at any time through the channels specified in this Data Processing Notice.

    Should you disagree with the provisions of this Data Processing Notice, please do not provide your personal data on the Controller’s website and/or at the customer service of Laserpark. Controller may only provide its services to the Data Subject, if the provisions of the Controller’s General Terms and Conditions and this Data Processing Notice are accepted in full.

    Effective: Budapest, 1st July 2019

    This website uses cookies so we can provide you with the best user experience. More info
    Accept
     

    Laserpark Budapest

    Budapest 1117 | Hengermalom út 19-21. | Új Buda Center |
    mail@laserpark.hu | Laserpark: 06 1 444-5040


    © Laserpark. All Rights Reserved.