Privacy Policy

ZoT Photography Kft. (1121 Budapest, Kútvölgyi út 89/B fszt. 1.a, info@zotphotography.com) is owned by Zoltán Tanács (hereinafter: Data Manager), as is www.zotphotography.com (hereinafter referred to as the Website), I hereby publish the rules, data protection and data management principles and information on data management within the framework of the Website and the related services.

 

Data protection objectives

My aim is to ensure that the personal data provided to me and the data (photos, videos) generated in the course of our cooperation are kept as secure as possible, do not fall into unauthorized hands, may only be used and processed with the consent of yours and that I comply with all relevant laws and regulations, esp. with the General Data Protection Law by EU.

 

Data controller and processor

ZoT Photography Kft.

Company registration number: the Commercial Court of Budapest General Court, Cg. 01-09-992608

Tax number: 24146395-2-43
Managing Director: Zoltán Tanács
Headquarters: Hungary, 1121 Budapest, Kútvölgyi út 89/B fszt. 1.a Email address: info@zotphotography.com

​

Personal data that I process in the course of my work

- Name
- Phone number
- E-mail
- Home address (only required for billing and postal addresses)
- Date and place of birth (to be provided at the time of consent)
-Signature (required at the time of contracting or consenting to data processing)

- As biometric data, photographs, photos, video recordings of the Customer, which are created for the purpose of the ordered service.

The Data Controller declares that it does not collect any special data (such as: racial or ethnic origin, membership of a national or ethnic minority, political opinions or party affiliations, religious or other beliefs, membership of an interest group, health, pathological addiction, sexual life, criminal record) for any purpose or in any way.

​

Purpose of the processing of data

The Website www.zotphotography.com does not require registration to use the website or to order services. Personal data on the Website and at info@zotphotography.com e-mail address for the sole purpose of fulfilling your order for the service.

The use and processing of the name and e-mail address provided is necessary for the purpose of contacting you.

Address (address, registered office, postal address) is required for billing and contracting.

Photographs and videos are generated during the performance of the service, without them the service has no content or meaning. In accordance with our agreement, the photos/videos will be processed for post-processing (retouching, basic processing, editing).

In all cases, the photographs of the Client are taken with the active cooperation and consent of the Client.

The editing and post-processing of the photos is considered as data processing. The post-processing, processing, retouching, i.e. editing of photographs is an integral and indispensable part of my service.

 

Source and origin of data

In all cases, the source of the data is the User or the Client, the customer of the service, who provides the data. The data generated in the course of our cooperation on the basis of the contractual relationship are photographs. I do not accept and do not store data from third parties, so all data that is available is processed with the consent and knowledge of the User or Customer.

By placing an order or signing the model contract, the Beneficiary / Customer gives his/her consent to the processing of the data by ticking the appropriate box in the contact form or by making a declaration in the contract.

​

Data storage location and storage period

The place of storage of the data is ZoT Photography Kft. registered office and the hosting of the cloud services it uses. As a data controller, I may synchronise the processed data with cloud services offering appropriate security services (password protection, encryption) for backup purposes. I use the following services to do this (in brackets are links to the privacy policy of the service provider):

• Domain name rentals and website hosting, email: Wix (https://www.wix.com/ about/privacy)

• Other email service providers include Apple (https://www.apple.com/legal/ privacy/en-ww/)

• File sharing: weTransfer (https://wetransfer.com/legal/privacy)

Personal data will be treated confidentially for the duration of the purpose of the processing, or during the duration of the legal relationship with the User/Customer concerned, or after its termination, until the User/Customer requests in writing the deletion of the data in any form, or withdraws his/her consent.

As Data Controller - also Data Processor - I am entitled to access the personal data in accordance with the applicable legislation. In the absence of a legal provision, I may disclose to third parties data that can be used to identify the User with the consent of the User concerned.

The data being processed or archived are, by their very nature, essentially stored in digital format.

The communication between us is handled by ZoT Photography Kft. stored on your company computer or in the cloud services you use. The computer is password protected, has hard disk encryption, firewall and endpoint protection, and the information stored on it is not accessible to third parties. This data will be stored for the duration of the contact between us, after which it will be stored in the archives, where correspondence between us will be stored until you request its deletion (max 30 years).

At the end of our cooperation, the data processing ends with the delivery of the final product (images and/or video), the images will no longer be edited or processed. This data is stored until the images are delivered, but for a maximum of one year after they are created.

Images and video material already provided may be archived for backup purposes with the consent of the Customer. This is so that if the Customer loses your photos or video, or they are destroyed for some reason, we can always resend them to you. So, on the one hand, this is for you, but on the other hand, they are the intellectual products of our activities, so they are valuable to us.

The archive is stored on physical storage devices, which are offline hard disks, not connected to the internet. The hard disks are encrypted and cannot fall into unauthorised hands. The maximum storage time for data stored in the archive is. 40 years, can be deleted from the archive at any time on request.

The consent forms and the data on them are stored on paper and kept in a locked place at our premises. At your request, this data can be destroyed, unless there is a legal obstacle, but a separate declaration is required.

It is not possible to cancel invoices under the Taxation Act.

 

Legal basis for data processing, consent to data processing

By asking me to take a photo and standing in front of my camera, the Client acknowledges and accepts that it is an essential part of our cooperation that I take a photo/video of him/her, digitally edit, post-process and store it. Therefore, by taking the photo and signing the declaration of authorisation, you have given your consent to the processing of your data, which constitutes the legal basis for the processing.

If you withdraw this consent in the course of our cooperation, you acknowledge that the photographs already taken will be deleted, that I will not be able to complete the service and that this process cannot be cancelled, and that you will not be able to claim any financial compensation or damages in this case.

 

Transfer of data to third parties

The customer data and images that I process will not be transferred to any other individual or legal entity or company, whether inside or outside the European Union.

Use of images for marketing purposes as a reference and posting on social networking sites

With the User's / Customer's consent, I may use their photos on my website and social media platforms as a reference to promote my own services.

Such sites include:
www.zotphotography.com, facebook.com, instagram.com

If the User/Customer does not agree to this, I will not publish any of his/her images in any public place.

If, after publication, you change your mind and indicate to me that you do not want the images to be published, I will remove the images as quickly as possible from any public online space where they appear.

 

Withdrawal of consent, Deletion of data or request for data deletion

If the User / Customer does not want any of their personal data (name, phone number, e-mail address or photo) to be stored in my systems, they can contact info@zotphotography.com, you may request the deletion of any information held about you without giving any reason, unless this is contrary to legal restrictions.

The removal from the system will be done as soon as possible, but not later than 30 days.

The removed data (name, phone number, e-mail address, photos and videos) will be permanently deleted and cannot be restored.

If you delete your email address and phone number, all communication from me through these channels will be impossible, except if you contact me again.

The Data Controller declares that the www.zotphotography.com website, the information displayed on each sub-page is held by the Data Controller. The content and design of this website are protected by international and Hungarian law. A www.zotphotography.com pages, the unauthorized downloading, sale, modification or republication in any form of information, photos or articles is prohibited. I reserve all further rights in relation to the writings and images and will enforce them in court if necessary.

 

User's rights with regard to the data processed

Upon written request of the User, the Data Controller shall provide information about the personal data processed, their source, the purpose, duration and legal basis of the processing, the legal basis of any data transfer and the recipient of the data. Information can be found at info@zotphotography.com can be requested at the email address by confirming the User's identity and specifying the mailing address. The Data Controller shall respond in writing within 30 days of receipt. The User has the right to rectify his/her personal data in writing, also by providing proof of his/her identity and his/her postal address.

The User has the right to have all or part of his/her data erased or blocked without justification, by providing proof of his/her identity. The Data Controller shall promptly take action on the request. In the event of blocking of data, if the deletion would harm the legitimate interests of the User, the blocked personal data may be processed only for as long as the purpose of the processing persists.

The Data Controller shall notify the User of the rectification, blocking or deletion of personal data, as well as all those to whom the data were previously transmitted for processing. The notification may be omitted if this does not harm the legitimate interests of the User in view of the purpose of the processing. If the Data Controller's User's request for rectification, blocking or erasure cannot be fulfilled on legal grounds, the Data Controller shall inform the User in writing within 30 days of the request of the factual and legal grounds for the request, the possibility of judicial remedy and recourse to the National Authority for Data Protection and Freedom of Information.

The User may object to the processing of his/her personal data:

- where the processing or transfer of personal data is necessary solely for compliance with a legal obligation to which the Controller is subject or for the purposes of the legitimate interests pursued by the Controller, the recipient or a third party, except in cases of mandatory processing;

- if the personal data are used or disclosed for direct marketing, public opinion polling or scientific research purposes; and

in other cases specified by law.

The Data Controller shall examine the objection within the shortest possible time from the date of the request, but not later than 15 days, decide whether the objection is justified and inform the applicant in writing of its decision. If the User does not agree with the decision of the Data Controller or if the Data Controller fails to comply with the above deadline, the User may - within 30 days from the date of notification of the decision or the last day of the deadline - take the matter to court.

​

Other information collected in connection with the use of this website

If the User does not provide any personal data or information on the Website, the Data Controller does not request, collect or process any personal data about the User in a way that can identify the User.
By accessing the Website, each User consents to the use by the Data Controller of cookies managed by external service providers in connection with the Website, which are necessary to record the data and information indicated in the Notice and relevant to this.

Such data are the data of the User's computer(s) or mobile device(s) that are automatically generated during the use of the Website and that are automatically recorded by the technical processes of the cookies used on the Website. The data that is automatically recorded is automatically logged by the system when the User visits or exits the Website, without any special declaration or action on the part of the User. Based on this data, the User cannot be identified. Such data is only accessible by the third party cookie service providers and the Data Controller.

The Data Controller only uses cookies from external service providers (Google, Facebook, Instagram) on the Website. Cookies are short text files that the Website sends to the hard drive of the User's computer and contain information about the User.

The Data Controller uses the services of the Google Analytics system in connection with the Website. The cookies managed by Google Analytics help us to measure the traffic and other web analytics data on the Website. The information collected by cookies is transferred to and stored on external servers operated by Google. Google will use this information primarily for the purpose of monitoring the use of the Website and to analyse the activity on the Website in the interests of the Data Controller. Google may transfer this information to third parties where required to do so by law. Google is also entitled to forward this data to third parties it uses to process

the data. Google Analytics can provide detailed information on the processing of data by Google Analytics (http://www.google.com/analytics).

Data manager’s advertisements by external service providers (e.g. Google, Facebook, business partners) are displayed on websites. These third-party service providers use cookies to store that the User has previously visited the Controller's Website and, based on this, display ads to the User in a personalised way (i.e. remarketing, but in a non-personally identifiable way).

Google allows you to disable the use of cookies in your Ads settings (for more information, see http://www.google.en/policies/technologies/ads/). User cookies from third-party service providers are used by the Network Advertising Initiative (http:// www.networkadvertising.org/choices/) opt-out page.

The processing of data by the aforementioned external service providers is governed by the data protection standards set by these service providers and the Data Controller does not assume any responsibility for such processing.

The Data Controller is not responsible for the content, data and information protection of external websites accessible from the website. If the Data Controller becomes aware that a link violates the rights of a third party or the applicable legislation, it will remove the link from the Website.

The Data Controller shall take all reasonable steps to prevent unauthorised access to the data. Nevertheless, the User acknowledges and accepts that, when providing the personal data detailed above through the Website and the mail account, the data protection cannot be fully guaranteed on the Internet. In the event of unauthorized access to the data, the Data Controller is not liable for any damages resulting from such unauthorized access (explanation: the User may provide personal data to third parties who may use them for unlawful purposes).

Note: The User acknowledges and agrees that security is not adequate when using the Internet in public places on shared computers. After use, the User must log out of www.zotphotography.com website, your mailbox, your social networking site. Even when visiting from your own computer, depending on the browser, the User will remain logged in for a certain period of time. It is the User's responsibility if strangers access his/her computer, perform transactions on his/her behalf (subscriptions, applications, orders, etc.) can be implemented.

 

Complaints handling, legal remedies

The Data Controller will handle all personal data in accordance with the law.

If the User does not agree, the User may contact info@zotphotography.com to notify the Data Controller of this.

If the User alleges that his/her personal data is processed in an unsafe manner, he/she may seek redress from the competent body in accordance with the applicable legislation:

– National Data Protection and Freedom of Information Authority (address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.), and

- can start legal proceedings.

​

Legal environment for the processing of personal data (Hungarian Law applies)

- Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, abbreviated as GDPR)

- LXIII of 1992 on the protection of personal data and the disclosure of data of public interest. Act;

-The Act VI of 1998 on the Protection of Individuals with regard to Automatic Processing of Personal Data. Act;

- CVIII of 2001 on electronic commerce. law.

The Data Controller reserves the right to unilaterally amend this Policy at any time, with prior notice to the User. The User accepts the modification on the Website for the purpose of further use of the Website. The amendments will become effective for the User upon acceptance or upon the first use of the Website.