image

Privacy Policy

This Privacy Policy applies to all personal data you provide to us and also to all personal data which we collect on you, either about how you use our website or our services. 

  1. WHO WE ARE?

Brain Bar Ltd. (“Brain Bar” or “we” or “us”) (registered seat: Maros street 27. 5/4., 1122 Budapest, Hungary; company registration number: 01-09-285175) acts as a data controller. It means Brain Bar decides how your personal data is processed and for what purposes.

We are the organizer of the Brain Bar event (hereinafter referred to as: event), and to this event and for the related services it is necessary that the data controller obtains certain personal data of ticket purchasers and visitors.

As a data controller, Brain Bar is registered by the Hungarian National Authority for Data Protection and Freedom of Information (“NAIH”) (the registration number related to the marketing is NAIH 145386/2018, the registration number related to direct marketing is NAIH-145384/2018/2015 and the registration number related to newsletter database development is NAIH-145383/2018).

  1. HOW TO CONTACT US?

In respect of data protection related questions, to exercise your rights or file a complaint, please contact us by sending an email to the email address set forth below. You may alternatively contact us by sending a postal mail to the following address. 

Email: contact@brainbar.com
Postal address: H-1122 Budapest, Maros utca 27. 5. em. 4.

  1. YOUR PERSONAL DATA – WHAT IS IT?

Personal data relates to natural person who can clearly be identified from that data, in particular your name, address, e-mail address, credit or bank card number. Identification can be made by the information alone or in conjunction with any other information otherwise in the data controller’s possession or likely to come into such possession.

  1. HOW DO WE COLLECT PERSONAL DATA?

We collect your data on our website during the registration process, via email, during the check-in process at the event, during the event, and via RFID. 

  1. WHY DO WE COLLECT PERSONAL DATA? (DATA PROCESSING PURPOSES)

We collect and use your personal data for the following purposes:

  1. In order to participate in our student/teacher programme then you shall be required to provide the following personal data: name, email address, the number of your student/teacher ID. The purpose of the data management is the verification of your student/teacher status. 

 

  1. To send you newsletters. For this purpose, we collect the following data: name and e-mail address.

 

  1. To improve the attendee experience as well as to provide important crowd dynamics data we use Radio Frequency Identification (“RFID”) technology. To discourage counterfeiting there is a RFID chip on each booklet of the event. Each chip is scanned before you receive it at the check point to ensure that it is in good working order. The chip can be read by scanners placed at the gates of the event’s venues. The chip in each booklet does not carry any personal data, however, the RFID chip contains a unique ID code that may be correlated with your email address. Brain Bar does not track RFID tags after the event has ended.

 

  1. To carry out customer satisfaction survey for analytical purposes, for quality improvements of the event, for service developments, to improve the performance of the website, to measure the success of our advertising campaigns. For this purpose we collect the following data: e-mail address.

 

  1. To support administrative and legal purposes for example anti-fraud screening, for safety and security purposes. For this purpose we collect the following data: name, email address.

 

  1. LEGAL BASIS OF DATA PROCESSING

The legal basis of data processing activities indicated in point a) of Section 5 of this Privacy Policy lies in Subsection (a) Paragraph (1) of Article 5 of Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (“Freedom of information Act”), i.e. based on your consent. Commencing from 25 May 2018 also Article 6 (1) (b) of the General Data Protection Regulation (Regulation No. 2016/679 of the European Parliament and of the Council) ("GDPR"), i.e. such processing activities are necessary for the performance of contract or in order to take steps at the request of data subject to entering into a contract.

The legal basis of data processing activities indicated in point b)-c) of Section 5 of this Privacy Policy lies in Subsection (a) Paragraph (1) of Article 5 and Subsection (a) Paragraph (2) of Article 5 of the Freedom of information Act, i.e. based on your consent, and commencing from 25 May 2018 also Article 6 (1) (a) and Article 9 (2) (a) of the GDPR, i.e. such processing activities will be based on your consent.

The legal basis of data processing activity indicated in point d-e) of Section 5 of this Privacy Policy lies in Subsection (a) Paragraph (5) of Article 6 of the Freedom of information Act, i.e. based on your consent, and commencing from 25 May 2018 also Article 6 (1) (f) of the GDPR, i.e. such processing activity will be based on Brain Bar’s the legitimate interest. If the legal basis is the legitimate interest of Brain Bar, we will carefully consider your interests and fundamental rights and freedoms, and whether these overrides such legitimate interests (balancing test).

  1. HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We process your personal data for the time required consistent with the purposes set out in this Privacy Policy or for the period of limitation prescribed in the relevant laws.

We keep your personal data for no longer than reasonably necessary. 

In case of accounting documents, the retention period is 8 years from the closing of the financial year, in accordance with Section 169 of Act C of 2000 on Accounting.

If a court or disciplinary procedure is initiated, then the personal data will be retained until the termination of the proceedings, including the duration of any possible remedy, which data thereafter, in the case of civil claims, will be deleted after the civil law statute of limitation runs.

In the case of consent-based data processing, personal data will be processed until the consent is withdrawn.

  1. FURTHER PROCESSING OF PERSONAL DATA

If we wish to use your personal data for a new purpose not covered by this Privacy Policy, we will provide you with a new policy explaining all condition relating to the new processing prior to the new processing takes place. If required, we will seek your consent before commencing the new data processing activity.

  1. YOUR PERSONAL DATA PROTECTION RIGHTS

Pursuant to the applicable data protection law you may have the right

  1. to request access to your personal data,
  2. to request rectification of your personal data,
  3. to request erasure of your personal data,
  4. to request restriction of processing of your personal data,
  5. to request data portability,
  6. to withdraw your consent, 
  7. to lodge a complaint with the supervisory authority.
    1. Right to access

You may have the right to obtain from us confirmation as to whether or not personal data concerning you is processed, and, where that is the case, to request access to the personal data.

    1. Right to rectification

You may have the right to obtain a copy of the personal data undergoing processing. We may request additional information from you for identification or for further copies requested by you. 

You may have the right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

    1. Right to erasure (right to be forgotten)

Under certain circumstances you may have the right to request from us the erasure of your personal data and we may be obliged to erase such personal data. In such cases we will not be able to further provide to you our services.

    1. Right to restrict processing

Under certain circumstances you may have the right to request from us the restriction of processing your personal data. In this case the respective data will be marked and may only be processed by us for certain purposes.

    1. Right to data portability

Under certain circumstances you may have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format (i.e. in digital form) and you may have the right to request the transmission of those data to another entity without hindrance from us, if such transmission is technically feasible.

    1. Right to withdraw consent

When the processing of your personal data is based on your consent, you can withdraw your consent at any time without giving any reason to us, free of charge by clicking the link provided in each newsletter. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

If you withdraw your consent to processing your personal data, we may not be able to provide all or parts of the services which you have requested.

  1. Right to lodge a complaint with the supervisory authority

If you feel that your personal data rights have been breached, you can also contact and lodge a complaint with the local data protection authority. 

You can also contact the Hungarian Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság, H-1125, Hungary, Budapest, Szilágyi Erzsébet fasor 22/C.; telephone: +36-1 391-1400; telefax: +36-1 391-1410; e-mail: ugyfelszolgalat@naih.hu).

  1. HOW DO WE PROTECT YOUR PERSONAL DATA?

Brain Bar complies with its obligations under the applicable data protection laws by

  • keeping personal data up to date;
  • storing and destroying it securely;
  • not collecting or retaining excessive amounts of data;
  • protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

We take appropriate technical and organizational measures to ensure the protection of your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular but not limited to where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.

Brain Bar, in line with this, among other things, applies different levels of access rights to the data, which ensures that only the appropriate authorized person has accesses to the data, whose knowledge of the data is necessary to fulfil his or her obligation arising out of or in connection with the performance of his or her job.

  1. SHARING YOUR PERSONAL DATA

Brain Bar, in the course of its operation, may utilize the services of various data processors and external service providers to handle and process your personal data for specific purposes.

The data processors shall process the personal data at the most as long as the term of the data processing contract concluded with them is valid and in force, or until they are required to keep your data under the applicable data retention laws.

We may disclose your personal data to the following categories of third parties (recipients) for the purposes described below:

  • other third party service providers involved by us for data processing;
  • third parties, such as law firms, courts, other bodies or service providers in order to enforce or apply any contract with you;
  • government authorities or enforcement bodies such as the police and regulatory authorities, upon their request and only as required by the applicable law or to protect our rights or the safety of our customers, staff and assets.

11.1. Third party service providers

When you purchase the service of a third party service provider via our website, (e.g. you buy festival tickets) we will link you to another website run by third parties. 

The data processing of such third parties may also be governed by their own privacy policies. Please review the privacy policies on the website of such third parties directly for more information about their data processing practices. 

11.2. Data Processors

Brain Bar engages certain third parties to provide assistance during the performance of our services. Such third parties provide the following services:

  • sale of tickets payment processing services;
  • provision of IT support services;
  1. COOKIES

When you use our website, cookies are stored by your browser on your device. Please note that if you disable cookies our website may not function properly on your browser. Our aim is to ensure that our website offers visitors what they are looking for and provides them with the most relevant marketing communication. In order to achieve this goal, we may store and use your data, building usage profiles for market research, for quality improvements of our website to improve the performance of the website, to measure the success of our advertising campaigns or to tailor services to your needs.

You are entitled to object against the use of your data for building usage profiles as described above at any time.

We may also transfer your non-personally identifiable data such as, but not limited to, anonymous demographic information and online behaviour to our contracted partners (e.g. third party service providers) for the purpose of market research. “Non-personally identifiable data” in this respect means we modify your personal data so that the information concerning personal or material circumstances cannot be attributed to you or that such attribution would require a disproportionate amount of time, expense and effort. We store data sent by your browser and device to our website during the reservation process. No such data will be disclosed to third parties except in aggregate, non-personally identifiable forms.

  1. THE USE OF YOUR PERSONAL DATA FOR MARKETING PURPOSES

We send you newsletters if you have requested such communication from us by subscribing to such services, or if you provided us with your details. We will not contact you electronically for marketing purposes unless you have expressly indicated your consent by ticking relevant tick boxes on the data entry form in which you entered your contact information.

  1. CHANGES TO OUR PRIVACY POLICY

If we change this Privacy Policy, we will publish the updated version of it on our website. 

  1. THIRD PARTY WEBSITES

The brainbar.com website provides links to other websites for your convenience and information. Please be aware that these sites may be owned and run by other companies and organizations and have different security and privacy policies. Brain Bar has no control over and takes no responsibility for any information, material, products or services contained on or accessible through those websites.

  1. THIRD PARTIES LIABILITY

Brain Bar is not responsible for third parties’ use of your data, where such use is permitted for their own purposes. In such cases these third parties also be considered data controllers, please consult their privacy policies for further information.

This Privacy Policy is effective from 25 May 2018.