Bangkok Sweepstakes Privacy Policy
PRIVACY POLICY
I. Scope of Privacy Policy
This Privacy Policy sets out the terms on data controlling and data transfer in connection with a sweepstakes, the winner of which will be gifted a i) a ticket to the World Teqball Championships 2023 event held in Bangkok, Thailand (“Event”), ii) a return flight between Bangkok and the country of residence of the data subject, and iii) paid accommodation for the duration of the Event.
II. Data Controller
The data controller (and under CCPA the service provider) for your personal data is, unless otherwise specified:
TEQBALL Korlátolt Felelősségű Társaság (or “TEQBALL”), a limited liability company registered in Hungary at the Company Registry Court of the Budapest-Capital Regional Court (Fővárosi Törvényszék Cégbírósága) under n° 01-09-174699; having its registered address at Expo tér 5-7., 1101 Budapest, Hungary; with domestic VAT n° 24390305-2-42.
Email of the Data protection officer: privacy@teqball.com
III. Details regarding the data transfer
|
Data subjects and source of data |
Data processed |
Purpose of data processing |
Legal Basis |
Storage Period |
Our Data Processors |
|
Persons that subscribe to the Data Controllers newsletter to gain a chance to win the prize set forth in the Promotional Rules. |
Full name, Email address |
The sending of newsletters, general marketing (advertisement) messages, promotional offers, coupons via email to the data subject’s email address |
Consent given by subscribing to Data Controllers marketing and promotional emails. [GDPR Art. 6.1.(a)] |
Until consent is withdrawn by the data subject (unsubscribe from the newsletter) |
None. |
|
Winner of the sweepstakes prize. |
Full name, Email address |
Contacting the data subject in order to notify them of winning the sweepstakes prize and to initiate the process pertaining to the transfer of the prize. |
Performance of a contract between the data subject and the Data Controller [GDPR Art. 6.1.(b)] |
5 years following the conclusion of the Event; for the purposes of any potential claims within the general limitation period. [Hungarian Civil Code 6:22. § (1)] |
None. |
|
The person receiving the Prize set out in the Participation Rules organised by Data Controller in line with the Rules of Participation that present privacy notice is attached to . |
Full name, Place and date of birth, Place of official residence Mother’s maiden name, Email address, Passport number, Telephone number |
The personal data is required to verify the identity of the natural persons that are selected to be beneficiaries of the gift provided as part of the promotional donation, as well as to arrange for the travel and accommodation of such beneficiaries. |
Performance of a contract between the data subject and the Data Controller [GDPR Art. 6.1.(b)] |
5 years following the conclusion of the Event; for the purposes of any potential claims within the general limitation period. [Hungarian Civil Code 6:22. § (1)] |
AIR PARTNER Repülőjegy Iroda Kft. (registered address: 3530 Miskolc, Mártírok u. 2.; registration number: 11449911-2-05) in order to book a flight for the data subject to and from Bangkok, Thailand. |
Data transfer:
Data Controller will transfer the data outside the European Union to
- Al Meroz Hotel Bangkok (registered address: 4,Soi Ramkhamhaeng Road 5, Ramkhamhaeng Road , Suan Luang , Bangkok 10250 , Thailand.; registration number: 0105548069836) in order to book an accommodation for the data subject for the duration of the Event.
The legal basis of the data transfer is the Article 49. (1) c) point.
IV. YOUR RIGHTS
You have the following rights in relation to your personal data:
1) Right to be informed
You have the right to be informed about the collection and use of your personal data in a clear and transparent way. Please consult the table above in clause III Data Controllers & Data Processors, or, in case of questions, contact our Data Protection Officer (contact details in clause VI ACCOUNTABILITY).
2) Right to access
You have the right to request access to your personal data and obtain information regarding the purpose of processing, what categories of personal data are processed, data processors, length of processing, your rights relating to our processing, your right to lodge a complaint with a supervisory authority regarding our processing, information on third party sources of your personal data communicated to us, and the existence of automated decision-making and related information, including the logic involved, as well as the significance and the envisaged consequences of such processing for you, whether your personal data is transferred outside the EEA, and the conditions of these transfers.
3) Right to rectification
You have the right to obtain rectification of inaccurate personal data and, taking into account the purposes of the processing, to have incomplete personal data completed.
4) Right to erasure
You have the right to request erasure of your personal data without delay if:
- your personal data are no longer necessary for the purpose for which they were collected or otherwise processed;
- you withdraw your consent and there is no other legal basis for processing;
- you object to the processing pursuant to paragraph 6) below and there are no overriding legitimate grounds for the processing;
- your personal data has been processed unlawfully;
- your personal data has to be erased for compliance with a legal obligation.
Please note that the abovementioned right to erasure does not apply to the extent that processing is necessary:
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller
- for reasons of public interest in the area of public health
- for achieving purposes in the public interest, scientific or historical research purposes or statistical purposes in so far as the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
- for the establishment, exercise or defense of legal claims.
5) Right to restrict processing
You have the right to restrict processing of your personal data if:
- you have contested the accuracy of your personal data, for a period enabling us to verify the accuracy of your personal data;
- the processing is unlawful and you oppose the erasure of your personal data and request the restriction of its use instead;
- we no longer need the personal data for the purposes for which they were collected, but they are required by you for the establishment, exercise or defense of legal claims;
- you have objected to the processing of your personal data pursuant to paragraph 6) below, pending the verification whether our legitimate grounds override those of yours
Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest of the EU or of a Member State.
6) Right to object to processing
Where personal data is processed based on legitimate interest or public interest, you have the right to object at any time to the processingof your personal data, on grounds relating to your particular situation.
7) Right to data portability
Where personal data is processed based on your consent or in order to perform a contract, you have the right to receive the personal data in our possession or control in a structured, commonly used and machine-readable format, and have the right to transmit that data to another data controller without hindrance from us. You also have the right to have your personal data transmitted directly from us to another data controller where technically feasible.
8) Right to withdraw your consent
You have the right to withdraw any consent to data processing you have given at any time. Such withdrawal does not affect the lawfulness of processing based on your consent before its withdrawal. The costs incurred by Data Controller due to such withdrawal of consent shall however be borne by you.
You can do this by contacting us at privacy@teqball.com.
9) Right to lodge a complaint with a supervisory authority & the right to an effective judicial remedy
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the data processing infringes the GDPR.
The supervisory authority having jurisdiction in the Member State where the Data Controller is established:
Name: National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság)
Address: Falk Miksa u. 9-11; 1055 Budapest; Hungary
E-mail: ugyfelszolgalat@naih.hu
Without prejudice to any administrative or non-judicial remedy, including submitting a complaint directly to us in accordance with Section V. ‘ACCOUNTABILIY’, you have the right to an effective judicial remedy before the courts of the Member State where the Data Controller or data processor is established, or, alternatively, where you have your habitual residence.
V. ACCOUNTABILITY
For queries and complaints relating to our processing of your personal data or this Privacy Policy in general, please contact us at the following e-mail address: privacy@teqball.com.
VI. DATA SECURITY
The Data Controller takes appropriate technical and organizational security precautions to protect your personal data against manipulation, loss and destruction, as well as against access by unauthorized third parties, and to ensure the protection of your rights and adherence to the applicable data protection laws and regulations. However, you are kindly reminded that the internet is an open, global network. When you transmit personal data to us via the internet, you are deemed to accept the unavoidable risks associated therewith. Despite the technical and organization security measures implemented by the Data Controller, data can get lost or be intercepted and/or manipulated by unauthorized third parties. We decline all liability relating to such loss, corruption, interception and/or manipulation of your personal data and any consequence thereof, unless we have breached the standards of care required of data controllers based in the EU.
Updated: October 2023