INTRODUCTION
The protection of the personal data of all campers is a priority for Camp Balaton Hungary Kft. Accordingly, we continuously ensure the security of the data and that Camp Balaton Hungary Kft. as the data controller and its partners, Kosher Service Kft. and the Unified Hungarian Jewish Congregation (EMIH) process personal data in accordance with the applicable legal requirements. By drafting and publishing this notice, we aim to comply with our information obligations under Articles 13-14 of the GDPR.
Camp Balaton Hungary Kft., as the data controller, acknowledges the contents of this information as binding and reserves the right to change the contents of this privacy policy, which will be notified to the data subjects in due time and in advance.
1. THE CONTROLLER
The controller of your personal data:
Camp Balaton Hungary Kft. (“Company” or “Controller”)
Registration number: 01-09-440513
Tax number: 32747269-2-41
Registered seat: 1039 Budapest, Bokor utca 1-5.
Represented by: Mr. Friedman Alexander, Managing Director
Email: office@balaton.camp
2. THE SCOPE OF THIS POLICY
The scope of the Policy covers all personal data processing that takes place during the application for, and participation in, Camp Balaton International Jewish Youth Camp (“Camp Balaton” or “Camp”).
This Policy applies to all visitors to the www.balaton.camp, www.campbalaton.hu websites (“Website”) who create a user account (“User”) in order to register themselves or another participant they represent for the Camp or to use or interact with the Website services in any way; to all participants of the Camp (“Campers”); and to the legal representatives of the Campers (“Legal Representatives”).
This Policy shall enter into force on the date set out below and shall remain in force until withdrawn, however, the Controller reserves the right to unilaterally amend this Policy, subject to appropriate information to the data subjects.
3. THE PRINCIPLES OF DATA PROCESSING
The Controller shall follow the following principles in the processing of data:
Personal data may only be processed for clearly specified, legitimate purposes, to exercise rights and meet obligations. All stages of the processing must meet the purpose of processing, and the collection and processing of the data must be fair and lawful (“lawfulness, fairness and transparency”)
Only personal data that is necessary for the purpose of the processing and is suitable for achieving that purpose may be processed. Personal data may only be processed to the extent and for the duration necessary for the purposes for which they are collected (“purpose limitation”)
Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimisation”).
The processing must ensure that the data are accurate, complete and, where necessary for the purposes for which they are processed, kept up to date, and that the data subject can be identified only for the period necessary for the purposes for which the data are processed (“accuracy”)
Personal data shall be kept in a form which permits the identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed. The personal data will retain this quality during the processing as long as the relationship with the data subject can be restored. The relationship with the data subject can be restored if the controller has the technical conditions necessary for such restoration (“storage limitation”)
The processing of personal data shall ensure an appropriate level of security for the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by using appropriate technical or organisational measures (“integrity and confidentiality”).
The Controller shall be responsible for, and be able to demonstrate compliance with, these guidelines (“accountability”).
4. THE LEGAL BASIS FOR DATA PROCESSING
The Controller shall act on the basis of the following legal bases for processing:
(a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
(b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
(c) processing is necessary for compliance with a legal obligation to which the controller is subject;
(d) processing is necessary in order to protect the vital interests of the data subject or of another natural person;
(e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
For special categories of personal data, the legal basis for processing:
a) the data subject has given explicit consent to the processing of those personal data for one or more specified purposes;
b) processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law in so far as it is authorised by Union or Member State law or a collective agreement pursuant to Member State law providing for appropriate safeguards for the fundamental rights and the interests of the data subject;
c) processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent;
d) processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity;
e) processing is necessary for reasons of substantial public interest, on the basis of Union or Member State law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject;
f) processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services;
g) processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of Union or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject, in particular professional secrecy.
5. THE PURPOSE OF THE DATA PROCESSING AND THE SET OF DATA PROCESSED
The Controller processes the data for the following purposes:
– To apply for and participate in the camp: year, date of birth, gender, nationality, mother tongue, address, telephone number, e-mail address, health information, dietary requirements, name and contact details of legal guardian.
– Contact: sharing information about the application and the Camp, contract and administrative management. Data processed: name, e-mail address, telephone number.
– Health security and special needs: monitoring the health of campers and ensuring individual needs are met (e.g. allergies, dietary needs, medication). Data processed: health status, medication, dietary needs.
– Marketing and communication: sending newsletters, camp information and offers to those who contribute. Data processed: name, e-mail address.
– Taking photos and videos: documenting camp life and using them for promotional purposes. Data processed: camper’s photo, video footage.
– Safety and legal compliance: to guarantee the safety of campers and staff, to comply with the law.
– Cookies: We use cookies to make the website more attractive to you and to enable you to use certain features on the website. Cookies are small text files that are stored on your device. Some of the cookies we use are deleted when you stop browsing, i.e. when you close your browser (session cookies), while other cookies remain on your device and allow us to recognise your browser on subsequent visits (persistent cookies). When you access the website for the first time, you will be informed about the installation of cookies, at which point you can decide whether or not to accept their use on your device. If you do not accept cookies, the usability of the website may be limited. For more details, see the annex to this Policy.
6. THE DURATION OF THE STORAGE OF PERSONAL DATA
Camp Balaton shall retain personal data only for the time necessary:
– Camp registration details: 1 year after the end of the camp
– Health records: 6 months after the end of the camp
– Data for marketing purposes: until the data subject’s consent is withdrawn
– Photographs and videos: until the end of the promotional purposes or until the data subject requests deletion
7. DATA TRANSFERS AND THIRD PARTIES
Camp Balaton may only pass on your data to third parties in the following cases:
– Healthcare providers (e.g. doctors, hospitals in case of emergency)
– Official bodies when required by law
– Service partners (e.g. catering companies, suppliers)
We do not transfer personal data to third parties for marketing or other business purposes. The data may be accessed primarily by the Controller or by the Controller’s internal employees whose access and processing of the data is related to their job duties. The Controller may involve an intermediary organisation for the processing of personal data covered by this Policy. The contracted processor shall carry out the processing in accordance with the instructions of the Controller, shall not take any substantive decisions concerning the processing, shall process the personal data coming to its knowledge only in accordance with the instructions of the Controller, shall not process the personal data for its own purposes and shall store, preserve and keep the personal data confidential in accordance with the instructions of the Controller. The processor shall not engage any other processor without the prior written authorisation, on a case-by-case basis or in general, of the Controller.
8. THE RIGHTS OF DATA SUBJECTS
Under the GDPR, all data subjects are entitled to:
– Access: you can request what personal data we hold about you.
– Correction: you can ask for your data to be updated or corrected.
– Erasure (“right to be forgotten”): You can ask us to delete your data, unless there is a legal obstacle.
– Data portability: you can request to receive your data in electronic format.
– Withdrawal of consent: consent to data processing for marketing purposes may be withdrawn at any time.
You can send your request to the following contact details:
📩 Email: info@balaton.camp
9. SECURITY MEASURES
Camp Balaton pays special attention to data security.
– We use encrypted data storage
– We use secure data protection.
– Security protocols are regularly updated.
10. COMPLAINT AND LEGAL REMEDIES
If you feel that your personal data is not being managed in accordance with the law, you can complain to:
Hungarian National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság) (NAIH)
Address: 1055 Budapest, Falk Miksa utca 9-11.
Email: ugyfelszolgalat@naih.hu
Phone: +36 1 391 1400
Website: www.naih.hu
If you have any questions about data protection, please contact us.
📩 Email: info@balaton.camp
📍 Address: 1039 Budapest, Bokor utca 1-5.
📆 Last update (publication) date: 28 February 2025
As described below, the service provider uses cookies to ensure the smooth operation of the website (cteen.hu), to maintain and develop its services, and to improve user experience.
1. What are “cookies”?
Cookies are data packages stored by browser applications on behalf of a website. When you navigate to the website as a visitor or user, the website uses the browser to create cookies on your computer or other device. Among other things, cookies can store information about the parameters of the device you use for browsing, any personal settings you may have, and your previous visits, to improve your browsing experience. The data stored enable the browser to load the webpage with your settings. You can consent to the storing of the cookie in the information pop-up dialogue when you first access the website. There are two types of cookie file: “session” and “permanent”. The first is a temporary file that remains on the user’s device until they log out of the website or disable cookies in the software (browser). “Permanent” files remain on the user’s device for the period specified in the parameters of the cookie files, or until the user manually deletes them.
2. Purpose of using cookies
- To facilitate the navigation and thereby the use of the website by recording the visitor’s preferences and usage habits.
- To improve user experience by collecting information about how visitors use the website, and which pages they visit or use most often, so we can learn how to provide an even better user experience when they visit the website again.
- To collect and analyse statistical data to understand how visitors use other online services in addition to the website, which we can then improve.
- To further develop and fine-tune the website to meet visitors’ needs.
- To identify possible malicious IT operations.
3. Legal basis for use of cookies
With the exception of cookies that are essential for the functioning of the website (the installation of which is in the legitimate business interest of the Controller), the use of cookies is based on your explicit and informed consent, which constitutes the legal basis for the related processing. Cookies are only used if you explicitly authorise their use on the relevant web interface. You can change your settings – and even withdraw your consent – at any time.
4. Cookie types
4.1. Essential session-id cookies
Essential cookies are necessary for browsing the website and using its features, including allowing the browser to record the actions taken by the visitor while using a specific page, feature or service. The smooth use of the website cannot be guaranteed without essential cookies. These cookies are strictly necessary to enable you to navigate on and use the features of our website while browsing. When you close the website in your browser, these types of cookie are automatically deleted and the session is closed.
4.2. Analytical or performance cookies
We use analytical or performance cookies to collect information about how our visitors use the website (e.g. which pages they visited, where in the page they clicked, how many pages they visited, how long each visit took, what error messages they received, etc.). We do this to improve the website (available services, features, etc.) so that we can meet the needs of our visitors and provide them with a high quality, user-friendly experience. For performance measurement purposes, we also use third-party cookies on each visit to track how many people visit the website and what content they are interested in. All information is stored anonymously and used to anonymously analyse visitor behaviour in order to provide a high-quality user experience.
Google Analytics: https://www.google.com/analytics/terms/us.html
4.3 Targeted advertising cookies
The purpose of using targeted advertising cookies is to select the advertisements that are of most interest or relevance to visitors and display them on the website. We also use these cookies to measure the performance of our campaigns. These cookies allow third-party service providers to display targeted ads for you on other websites based on your previous visit to our website. These cookies cannot identify you personally either. Nonetheless, they collect data, for example, about the pages you have visited, where you clicked on a page, and how many pages you opened.
4.4 Third-party cookies
Our website may occasionally display various content through external web services, which may result in your browser storing some cookies that we do not control, and thus we have no control over how these websites or external domains collect information about your use of such embedded content. To find out how third parties use cookies, please see the privacy and cookie policies of external services.
5. Scope of data collected by cookies
Please note that the cookies used on this website cannot identify the visitor personally themselves. With the help of cookies, we collect and process the following data about your device and the browser you use:
- the IP address you use,
- the type of browser used,
- operating system properties of the device used for browsing (e.g. type, configured language),
- the exact date and time of the visit,
- the URL of the previously visited website,
- the feature or service used on the website you have visited,
- the time spent on the website.
6. Checking cookie settings and disabling cookies
Browsers allow you to change cookie settings. Some browsers automatically accept cookies by default, but you can change this setting to prevent that from happening in the future. If you change this setting, the browser will offer you the option to configure cookies each time you open the website. Please note that as cookies are intended to support and facilitate the usability and processes of our website, we cannot guarantee that you will be able to use all the features of the website if you disable cookies in general. In this case the website may function or appear differently in the browser. For more details, see the cookie settings of the browsers listed below: