Akadémiai Kiadó Zrt.
H-1519 Budapest, P.O. box 245
Phone: +36 1 464 8200
E-mail: ak@akademiai.hu

Privacy Policy of Akadémiai Kiadó Zrt.

Table of contents

Online user database of Akadémiai Kiadó (AK-ID)
Akademiai.hu online store
Mersz.hu
Szotar.net
Mobile applications related to online websites and services
Data processing related to customer service and case management activities
Newsletter
Invoicing
Data processing related to parcel deliveries
Measuring customer satisfaction
Claims management
Other data processing activities and data services
Safety of data processing
Contact details of the data controller
Legal remedies

 

Online user database of Akadémiai Kiadó (AK-ID)

The use of certain functions of the websites of Akadémiai Kiadó Zrt. (e.g. akademiai.hu, mersz.hu, szotar.net) as well as the use of the szotar.net and MeRSZ applications is subject to registration. During this registration a user account (hereinafter AK-ID account) is created by customers and visitors in the central database of the publisher (hereinafter AK-ID) created for this particular purpose and the registration details are entered into the AK-ID database. The email address and password chosen during registration provide access to all services subjected to AK-ID registration, to the interfaces available to registered users and to the subscription services in case of a valid subscription (e.g. szotar.net, mersz.hu).

Purpose of data processing:

  • Identification of users and keeping records of the used services and subscriptions.
  • Providing access to contents and services available to registered users.
  • Providing information about the changes of the services used.
  • Displaying data in case of a purchase on akademiai.hu, szotar.net and mersz.hu websites.

Legal basis of the data processing:

  • the legitimate interest of the data controller [Article 6 (1) (f) of GDPR]
  • the fulfilment of the contract [Article 6 (1) (b) of GDPR]

Scope of processed data:

Based on legitimate interest: email address, profession, interests, phone number, fax, billing and delivery name, country and address of the subscriber, in case of a company, company name and VAT number.

In order to fulfil the contract: name of the used services and subscriptions, number and validity of the subscription, login dates, times and locations, name, Shibboleth ID, IP address and address space of the institution.

The above indicated data are entered into the system of Akadémiai Kiadó Zrt. operating the AK-ID database, and into its business and customer service databases. The data of each user are stored in the AK-IDs of the user.

To request the rectification or the deletion of the data, send an email to ak@akademiai.hu or a letter to the postal address of Akadémiai Kiadó Zrt., which is 1519 Budapest, P.O. box 245.

Duration of data processing: Two years after the last login of the user to AK-ID, Akadémiai Kiadó Zrt. deletes the data from the AK-ID database at the end of the next quarter, that is, after two years and one quarter from the last use of any of the services available with AK-ID (from the beginning of the permanent inactive period), the data will be deleted.

Akademiai.hu online store

Akademiai.hu is an online store operated by Akadémiai Kiadó Zrt., through which visitors of the website can place orders for products and services sold by Akadémiai Kiadó (online shopping). During the online shopping customers perform an AK-ID registration, their data are entered into the database specified in the chapter called „Online User Database of Akadémiai Kiadó (AK-ID)” and processed in the way explained in the mentioned chapter. Only the online store-related stand-alone data processing is described below.

Purpose of data processing: identifying users, concluding and fulfilling contracts related to the sales of products and services.

Legal basis of the data processing:

  • the fulfilment of the contract [Article 6 (1) (b) of GDPR],
  • and Article 169 (2) of Act C of 2000 on accountancy.

Scope of processed data:

During the purchasing process: date, name, quantity, net price, VAT-content, gross price of the products in cart, delivery and payment method, applied coupon code, discount rate, campaign ID, name, address, email address, phone number of the customer, in case of a payment by card the transaction ID, the fact that the payment has been accepted or rejected, delivery address, other remarks, data generated by complaint handling.
Billing information: name, delivery address and country, billing address and country, company name and VAT number (for companies).

Data storage location: The above data are entered into to the administration system of the online store, as well as into the billing, customer service and business databases of the service provider.

Duration of data processing:

  • Two years after the last login of the user to AK-ID, Akadémiai Kiadó Zrt. deletes the data from the AK-ID database at the end of the next quarter, that is, after two years and one quarter from the last use of any of the services available with AK-ID (from the beginning of the permanent inactive period), the data will be deleted.
  • The service provider is obliged to preserve all accounting documents (and so the personal data together with them) for 8 years after their creation based on Article 169 (2) of the Act on accountancy.

To request the rectification or deletion of data, send a letter to Akadémiai Kiadó Zrt., 1519 Budapest, P.O. box 245 or an email to ak@akademiai.hu.

Data processors

Name

Registered seat

Data processing activity

Tool.os System Kft.

1092 Budapest, Erkel St. 6.

website development, support

Mersz.hu

The complete database of the online service named Magyar Elektronikus Referenciamű Szolgáltatás (MeRSZ) is available to subscribed users with an AK-ID.

Trial opportunity: for users, applying for a trial, Akadémiai Kiadó Zrt. makes certain contents and functions available free of charge for a specified period of time after the first creation of their AK-ID account. In case of applying specifically for the trial opportunity, creating an AK-ID account is still necessary. By creating the account, the applicant agrees to the storage of their certain data in the scope of the processed data in the AK-ID database of Akadémiai Kiadó Zrt. so the trial service can be provided once or for a certain period of time.

Users signing up for AK-ID perform an AK-ID registration in accordance with the „Online user database of Akadémiai Kiadó (AK-ID)” chapter of this Privacy Policy, their data is entered into the above database and will be processed as explained in the previously mentioned chapter. In this chapter we exclusively describe the Mersz.hu registration-related data processing that differ from the description of AK-ID.

The content and functions available on Mersz.hu can be accessed by users in the following way:

  • In case of a trial opportunity, with an AK-ID registration according to the conditions described on the website.
  • With an AK-ID registration and valid subscription, according to the conditions of the subscription.
  • As an institutional user through a system and/or a service (IP-based or central unified, one-time login) provided by the institute and technically integrated by Akadémiai Kiadó, which enables Akadémiai Kiadó to anonymously authorize identification. In this case there is no personal data processing.
  • As a user of a company, which concluded a subscription service contract with Akadémiai Kiadó Zrt. to access the system of Mersz.hu, through a system and / or a service (IP-based or central unified, one-time login) provided by the company and technically integrated in the system by Akadémiai Kiadó which enables Akadémiai Kiadó to anonymously authorize identification. In this case there is no personal data processing.
  • It is also possible for users of companies and institutes to register in AK-ID and to create an AK-ID account, then link it to an unidentified login and also to link an already existing AK-ID account to an unidentified login. In this case the data that was previously unidentified as personal data, becomes personal data and will be assigned to the user of the AK-ID account.

Purpose of data processing related to the service of Mersz.hu:

  • Providing the Mersz.hu service, including accessing all publications, journals and other books published there, saving and accessing favourites, inserting bookmarks, notes, preparing extracts, saving, accessing, keeping in touch, tracking subscriptions, identifying users' current session, storing the data provided during it, preventing data loss.
  • Analysing user habits, performing web analytics for the purpose of increasing the quality of the service and developing products.
  • Invoicing.

Legal basis of the data processing:

  • In case of applying specifically for the trial opportunity: voluntary consent of the data subject [Article 6 (1) (a) of GDPR],
  • the fulfilment of the contract [Article 6 (1) (b) of GDPR],
  • Article 169 (2) of Act C of 2000 on accountancy.

Scope of processed data:

In the course of providing the Mersz.hu service, in case of an identified user: email address, list of favourite publications, settings of the user (font size, print settings), last session, account history, inserted notes, bookmarks, prepared reports, subscription-related authorization.
During invoicing: name, country and address of delivery, country and address of invoicing, company name and VAT number (in case of a company), product data (name of subscription, price, duration, etc.). These data are entered to the billing, customer service and business databases of Akadémiai Kiadó Zrt.

Duration of data processing:

  • Two years after the last login of the user to AK-ID, Akadémiai Kiadó Zrt. deletes the data from the AK-ID database at the end of the next quarter, that is, after two years and one quarter from the last use of any of the services available with AK-ID (from the beginning of the permanent inactive period), the data will be deleted.
  • The service provider is obliged to preserve all accounting documents (and so the personal data together with them) for 8 years after their creation based on Article 169 (2) of the Act on accountancy.

Szotar.net

Akadémiai Kiadó Zrt. makes its digital dictionaries available on https://www.szotar.net/; some of its free databases can be accessed without registration. Subscription services available on the website can be accessed exclusively by users with a valid subscription contract and an AK-ID account, as well as by users of institutes and companies with a subscription contract and after an anonymous authorization identification.

Trial opportunity: Akadémiai Kiadó Zrt. makes certain dictionaries available free of charge for a specified period of time after the first creation of the AK-ID account for users applying for a trial. In case of applying specifically for the trial opportunity, creating an AK-ID account is still necessary. By creating the account, the applicant agrees to the storage of their certain data in the scope of the processed data in the AK-ID database of Akadémiai Kiadó Zrt. so the trial service can be provided once or for a certain period of time.

Users signing up for AK-ID perform an AK-ID registration in accordance with the „Online user database of Akadémiai Kiadó (AK-ID)” chapter of this Privacy Policy, their data is entered into the above database and will be processed as explained in the previously mentioned chapter. In this chapter we exclusively describe the Szotar.net registration-related data processing that differ from AK-ID.

Users can access the content and functions of Szotar.net in as follows:

  • Certain contents can be accessed for free, without registration.
  • Certain contents can be accessed for free, with AK-ID registration.
  • In case of a trial opportunity, with an AK-ID registration according to the conditions described on the website.
  • With an AK-ID registration and valid subscription, according to the conditions of the subscription.
  • As an institutional user through a system and / or a service (IP-based or central unified, one-time login) provided by the institute and technically integrated in the system by Akadémiai Kiadó, which enables Akadémiai Kiadó to anonymously authorize identification. In this case there is no personal data processing.
  • As a user of a company, which concluded a subscription service contract with Akadémiai Kiadó Zrt. to access the system of Szotar.net, through a system and / or a service (IP-based or central unified, one-time login) provided by the company and technically integrated in the system by Akadémiai Kiadó which enables Akadémiai Kiadó to anonymously authorize identification. In this case there is no personal data processing.
  • It is also possible for users of companies and institutes to register in AK-ID and to create an AK-ID account, then link it to an unidentified login and also to link an already existing AK-ID account to an unidentified login. In this case the data that was previously unidentified as personal data, becomes personal data and will be assigned to the user of the AK-ID account.

Purpose of data processing related to the service of Szotar.net:

  • Providing the Szotar.net service, including the access to its published digital dictionaries the customer has subscribed to, the possibility to search in them, storing and accessing words and phrases marked as favourites, tracking subscriptions, identifying the current session of the users, storing the data provided during the session, preventing data loss.
  • Analyzing user habits, performing web analytics for the purpose of increasing the quality of the service and developing products.
  • Invoicing.

Legal basis of the data processing:

  • In case of applying specifically for the trial opportunity: voluntary consent of the data subject [Article 6 (1) (a) of GDPR],
  • the fulfilment of the contract [Article 6 (1) (b) of GDPR],
  • Article 169 (2) of Act C of 2000 on accountancy.

Scope of processed data:

In the course of providing the service of Szotar.net, in case of an identified user: email address, list of favourite words and expressions, last session, history records, subscription-related authorization.
During invoicing: name, country and address of delivery, country and address of invoicing, company name and VAT number (in case of a company), product data (name of subscription, price, duration, etc.). These data are entered to the billing, customer service and business databases of Akadémiai Kiadó Zrt.

Duration of data processing:

  • Two years after the last login of the user to AK-ID, Akadémiai Kiadó Zrt. deletes the data from the AK-ID database at the end of the next quarter, that is, after two years and one quarter from the last use of any of the services available with AK-ID (from the beginning of the permanent inactive period), the data will be deleted.
  • The service provider is obliged to preserve all accounting documents (and so the personal data together with them) for 8 years after their creation based on Article 169 (2) of the Act on accountancy.

Mobile applications related to online websites and services

MeRSZ and szotar.net are the mobile applications of Akadémiai Kiadó Zrt., through which contents of the online services of the same name are accessible. The applications can be downloaded and installed from the Google Play Store and Apple App Store app stores on compatible devices. Users need to register to use the applications. Registration in the application is done by providing the data (email address, password, name) by the user. After logging in, the user has access to the content, databases and functions available to them in the online service, provided that they have the appropriate authorization determined in the description of the online service of the same name.

Users can also purchase the appropriate authorization in the Google Play Store and Apple App Store app stores according to the conditions of the apps and the app store.

Users registering in the MeRSZ and szotar.net apps perform an AK-ID registration in accordance with the „Online user database of Akadémiai Kiadó (AK-ID)” chapter of this Privacy Policy, their data is entered into the above database and will be processed as explained in the „Online user database of Akadémiai Kiadó (AK-ID)” chapter.

When registering in the MeRSZ and szotar.net applications, the data of the users are processed according to the „Szotar.net” and „Mersz.hu” chapters of this Privacy Policy. In this chapter we describe data processing differing from the description of „Mersz.hu” and „Szotar.net” chapters, as well as the AK-ID, implemented exclusively in the reviewed applications.

Purpose of data processing:

  • To provide access through MeRSZ and szotar.net mobile applications to the content published in the online services of the same name, publications and databases through MeRSZ and szotar.net mobile applications, to save favourites and to sync with online systems.
  • To keep records of subscriptions.

Legal basis of the data processing:

  • the fulfilment of the contract [Article 6 (1) (b) of GDPR]

Scope of processed data:

Regarding the use of applications: storing and displaying login data (email address, password), subscription-related data, favourites, marked contents, bookmarks, and extracts.

To request the rectification or the deletion of the data, send a letter to Akadémiai Kiadó Zrt., 1519 Budapest, P.O. box 245 or an email to ak@akademiai.hu email address.

Duration of data processing:

  • Two years after the last login of the user to AK-ID, Akadémiai Kiadó Zrt. deletes the data from the AK-ID database at the end of the next quarter, that is, after two years and one quarter from the last use of any of the services available with AK-ID (from the beginning of the permanent inactive period), the data will be deleted.

Data processing related to customer service and case management activities

Akadémiai Kiadó Zrt. operates customer service and business administration systems to carry out sales, customer service and case management activities. The database contains data of legal and natural person business partners, customers, participants at events, persons providing customer service and potential customers.

Purpose of data processing:

    • to keep records of activities with existing customers and partners,
    • to manage and register inquiries, complaints and requests,
    • to keep records of subscriptions and ordered products,
    • to administer events and conferences,
    • to keep records of consents and objections to marketing-related data processing,
    • to administer participation in marketing campaigns.

Legal basis of data processing: legitimate interest of the data controller [Article 6 (1) (f) of GDPR]

Scope of processed data:

Customer data: name, address, VAT number of customer, company registration number, language of communication, indication whether the customer is a natural person, indication of the customer being a new or an existing client, the content of the complaint / request sent to the Customer Service, the subject of the complaint / request, measures taken for their resolution.

Purchase order- and billing-related data: POs, invoices, payment terms, data on receivables management, order/delivery/billing data, currency.

Other information: ID number, name, interests, profession, email address, phone number, fax number, consent / objection to receiving marketing materials.
These data are entered to the billing, customer service and business databases of Akadémiai Kiadó Zrt.

Duration of data processing:

  • Akadémiai Kiadó Zrt. deletes the data subject's contact details and other personal data from the customer service database two years after the last activity of the data subject (e.g. phone call, purchase, participate in conferences, complaint, inquiry, opening newsletters, personal meeting, etc.).
  • The service provider shall delete all emails and transcripts of phone calls received by its customer service with the name, email address/phone number of the sender/caller, as well as their email address/phone number, date and time data and other personal data provided in the message/during the conversation no later than five years after the enquiry.

To request the rectification or the deletion of the data, send a letter to Akadémiai Kiadó Zrt., 1519 Budapest, P.O. box 245 or an email to ak@akademiai.hu address.

Newsletter

The thematic newsletter of Akadémiai Kiadó Zrt. To sign up for the newsletter, visit the website of the data controller or click on the advertisement on its Facebook page. When sending a newsletter, the email address is used to uniquely identify the users.

The purpose of data processing: to send newsletters containing business advertisements to those interested and provide information about current affairs and discounts.

Legal basis of the data processing: voluntary consent of the data subject [Article 6 (1) (a) of GDPR].

Scope of processed data:

  • date, time, email address, name, address, phone number, mobile phone number, interests, date of consent to receive marketing materials, date of unsubscribing from marketing emails,
  • details of previous purchases, customer data,
  • analytical data related to sending, delivering and opening newsletters (e.g. date and time of the events, reason of the newsletter being undeliverable), data related to participation in campaigns, lead scoring value of the customer and the status and date of the scoring,
  • traffic data of akademiai.hu, mersz.hu and szotar.net websites (time, url), but only if the user has enabled to run the convenience cookies when visiting each website.

In case of newsletters and marketing-related inquiries, data are linked with the customer and they are transferred to the customer service, business and newsletter database of the service provider.

Data storage location: newsletter system, customer service and business databases of the service provider.

Duration of data processing:

  • The service provider deletes personal data from its newsletter system two years after the last activity of the user (e.g. opening an email, clicking).

Rectification and deletion of data: The users themselves can also initiate the withdrawal of their consent to receive newsletters and the deletion or modification of their personal data as follows:

  • by clicking on the unsubscribe link in the footer of the newsletters,
  • in case of a phone call, by requesting it during the call,
  • by sending an email to ak@akademiai.hu and
  • by sending a letter to Akadémiai Kiadó Zrt., 1519 Budapest, P.O. box 245.

Data processors:

Name

Registered seat

Data processing task

Oracle Nederland BV

Hertogswetering 163–167 3543 AS Utrecht, P.O .Box 4038

providing a framework for the newsletter software, data storage, hosting service

Invoicing

Akadémiai Kiadó Zrt. issues invoices of the orders and subscriptions in accordance with the regulations provided by the legislation.
Purpose of data processing: invoicing, mailing invoices, communication, fulfilment of the obligatory data reporting prescribed in the accounting and tax legislation, license handling.
Legal basis of the data processing:

  • fulfilment of contract (Article 44 of GDPR),
  • Article 169 (2) of Act C of 2000 on accountancy.

Scope of processed data: VAT number, billing name, billing address, name and address of the body receiving the invoice, mailing name and address, name and quantity of ordered products, starting and ending date of the subscription, payment method, payment deadline, status of payment, date of payment, source of order.
In addition to the obligatory data content of the accounting document (billing name, billing address, name and address of the body receiving the invoice, VAT number, name, quantity and unit price of the ordered product, total net invoice value, VAT, total gross invoice value), the invoicing name and address, and the mailing name and address are also included in the document, which are an integral part of the generated document (invoice image).
Data storage location: Data of the accounting documents are entered into the invoicing, customer service and business databases of the service provider.

Duration of data processing: The service provider is obliged to preserve all accounting documents (and so the personal data together with them) for 8 years after their creation based on Article 169 (2) of the Act on accountancy.

Deletion and rectification of data: The service provider is obliged to preserve all accounting documents (and so the personal data together with them) for 8 years after their creation. The customer can send their personal data-related requests and questions to the data controller to the ak@akademiai.hu email address or per post to Akadémiai Kiadó Zrt., 1519 Budapest P.O. box 245.

Data processors

Name

Registered seat

Data processing task

KPMG

1134 Budapest, Váci St. 31.

tax advisory and auditing services

CIB Bank Zrt.

1027 Budapest,
Medve St. 4–14.

receiving and processing online store bank card transactions

Hungarian Branch Office of ING Bank N.V.

1068 Budapest,
Dózsa György St. 84/B

receiving and processing bank transfers

Magyar Posta Zrt.

Budapest, District X,
Üllői St. 114–116.

delivering letters and parcels

Data processing related to parcel deliveries

Akadémiai Kiadó Zrt. sends the ordered or subscribed physical products (printed books, periodicals) to the delivery address specified in the PO with the help of external service providers.

Purpose of data processing: PO fulfilment and delivery, sending a text message / email notification about the expected delivery date.

Legal basis of the data processing:

  • the fulfilment of the contract [Article 6 (1) (b) of GDPR],
  • and Article 169 (2) of Act C of 2000 on accountancy.

Scope of processed data: mailing name and address, phone number, email address, contact person's name, name and quantity of the ordered products.

Data storage location: These data are entered into the administrative system of the online store (in case of an online purchase) and the invoicing, customer service and business databases of the online store operating Akadémiai Kiadó Zrt. and they are handed over to the partner company responsible for packaging, delivery and handover (see data processors).

Duration of data processing: The service provider is obliged to preserve all accounting documents (and so the personal data together with them) for 8 years after their creation based on Article 169 (2) of the Act on accountancy.

To request the rectification or the deletion of the data, send a letter to Akadémiai Kiadó Zrt., 1519 Budapest, P.O. box 245 or an email to ak@akademiai.hu.

Data processors

Name

Registered seat

Data processing task

Magyar Posta Zrt.

Budapest, District X,
Üllői St. 114–116.

delivering letters and parcels

GLS Hungary Csomag-Logisztikai Kft.

2351 Alsónémedi
GLS Európa St. 2.

delivery of parcels, sending notifications of the expected delivery date

iLogistics Logisztikai Kft.

2051 Biatorbágy, Verebély László St. 2.

packaging the ordered products and parcels

Hungarian Branch Office of Federal Express Corporation

2220 Vecsés, Lőrinci St. 59. Building C 5.

delivering letters and parcels

TAG21 Kereskedő és Szolgáltató Kft.

1116 Budapest, Sztregova St. 1.

delivering letters and parcels

Measuring customer satisfaction

Akadémiai Kiadó Zrt. regularly asks the opinion of its customers about the services and activities provided. As part of this they send an online questionnaire specifically to the partner who used that particular product / service.

The purpose of data processing: quality assurance, measuring customer satisfaction, improving the quality of products and services, complaint handling.

Legal basis for data processing: fulfilment of contract [Article 6 (1) (b) on GDPR].

Scope of processed data: identification number, name, email address, company name, product / service used, type of questionnaire sent out, customer satisfaction rating, textual feedback and justification provided by the customer, if the customer has any complaint / comment / question the service provider's action taken to resolve it, date.

Data storage location: The above set of data are entered into the customer satisfaction measurement system, the customer service, business and newsletter system.

Duration of data processing: The service provider preserves customer satisfaction feedbacks for 5 years.

To request the rectification or the deletion of the data, send a letter to Akadémiai Kiadó Zrt., 1519 Budapest, P.O. box 245 or an email to ak@akademiai.hu.

Árukereső (Product Finder)

After the prior consent of the customers, the email address of their processed personal data may be transferred to Online Comparison Shopping Kft.

Online Comparison Shopping Kft. (registered seat: 1074 Budapest, Rákóczi St. 70-72., VAT number: 24868291-2-42, company registration number: 01-09-186759, contact details of data protection officer: dpo@arukereso.hu), which operates Árukereső, as an independent data controller based on its written agreement with Akadémiai Kiadó Zrt, is entitled to process the email adress of the customers for assessing customer satisfaction in relation with the Megbízható Bolt Program (Trusted Purchase Program).

After the purchases in the online store of Akadémiai Kiadó Zrt. the customer's email address and the type of the purchased product is transferred to Árukereső if the customer gives their voluntary and prior consent based on adequate information by ticking the box on the Data controller's order page. Therefore, please read this Privacy Policy in all cases. Please note that ticking the appropriate box(es) on the order page constitutes your voluntary acceptance of the content of this Privacy Policy.

In case of your voluntary and prior consent based on adequate information, we will transfer your email address and the type of purchased product as personal data to Online Comparison Shopping Kft., which processes personal data as an independent Data controller in accordance with the written agreement concluded with the data controller and the data protection conditions specified by the data controllers.

The purpose of the data transfer is to request and display customers' feedbacks as a part of the Megbízható Bolt Program (Trusted Purchase Program) of Árukereső. In the course of assessing customer satisfaction, Árukereső sends the online store evaluation questionnaire to the customers on the 10th day after the purchase and the product evaluation questionnaire on the 30th day after the purchase.

For more detailed information on data processing and protection, please check the Privacy Policy of Árukereső.

Claims management

In order to enforce the payment of the receivables by the subscriber/customer, Akadémiai Kiadó Zrt. is entitled to transfer all the data to the claim management and collection company that are necessary for the collection of the receivables. The detailed, related provisions are included in the Sales Terms and Conditions of the service provider (https://akademiai.hu/info/altalanos_vasarlasi_feltetelek).

Scope of processed data: customer data (name, address, contact details), billing information and documents proving the legitimacy of the claim.
Purpose of data processing: claim management.
Legal basis of the data processing:

  • fulfilment of the contract [Article 6 (1) (b) of GDPR], as well as
  • the voluntary consent of the data subject [ Article 6 (1) (a) of GDPR].

Duration of data processing: The service provider is obliged to preserve all accounting documents (and so the personal data together with them) for 8 years after their creation based on Article 169 (2) of the Act on accountancy. (2) of the Act on accountancy.

To request the rectification or the deletion of the data, send a letter to Akadémiai Kiadó Zrt., 1519 Budapest, P.O. box 245 or an email to ak@akademiai.hu.

Other data processing activities and data services

We inform you about data processing not included in this Policy upon receiving your data. We would like to inform our customers that the court, the prosecutor, the investigating authority, the infringement authority, the administrative authority, Nemzeti Adatvédelmi és Információszabadság Hatóság (Hungarian National Authority for Data Protection and Freedom of Information), or other bodies authorized by law may contact the data controller in order to provide information, communicate and transfer data or make documents available. Akadémiai Kiadó Zrt. will share personal data with authorities only to the extent that is absolutely necessary to achieve the purpose of the request and if the authority has indicated the exact purpose and scope of the data.

Safety of data processing

The IT systems and other data storage locations of Akadémiai Kiadó Zrt. can be found at its headquarters and at its data processors.

Akadémiai Kiadó Zrt. selects and operates IT tools used for processing personal data during the provision of the service in such a way that the controlled data:
a) is accessible to those entitled (availability);
b) the authenticity and the authentication of the controlled data is ensured (authenticity of data processing);
c) its uniformity is verifiable (data integrity);
d) it is protected against unauthorized access (data confidentiality).

Akadémiai Kiadó Zrt. protects the data with appropriate measures, especially against unauthorized access, alteration, transferring, disclosure, deletion or destruction, as well as accidental destruction, damage and inaccessibility due to a change in the used technology.

In order to protect the electronically processed data files in its different registries, Akadémiai Kiadó Zrt. ensures with a proper technical solution that the stored data cannot be directly linked and assigned to the data subject unless it is permitted by law. Akadémiai Kiadó Zrt., according to the current state of technology, ensures the protection of the security of data processing with technical, organizational measures that provide a level of protection corresponding to the risks arising in connection with data processing.

While processing data, Akadémiai Kiadó Zrt. maintains
a) confidentiality: it protects information so only those that are authorized can access it;
b) integrity: it protects the accuracy and completeness of the information and its processing method;
c) availability: it ensures that when an authorized user needs it, they can actually access the information they need and have the tools to do so.

The IT system and network of Akadémiai Kiadó Zrt. and its partners are protected against computer-assisted fraud, espionage, sabotage, vandalism, fire and flood, as well as computer viruses and computer intrusions and attacks leading to service denial. The operator ensures security through server-level and application-level protection procedures.

We inform users that electronic messages transmitted over the internet, regardless of the protocol (email, web, ftp, etc.), are vulnerable to network threats that lead to unfair activities, contract disputes or the disclosure or modification of information. The data controller shall take all precautionary measures expectable from them for the protection against such threats. It monitors the systems to record any security incidents and provide evidence for each security incident. Monitoring the system also makes it possible to check the effectiveness of the precautionary measures taken.

The hosting provider of Akadémiai Kiadó Zrt. is Invitech Megoldások Zrt., which runs the services of mersz.hu, szotar.net, akademiai.hu and akcongress.com (and its subpages). In case of these services the hosting provider has the following security measures and solutions:

Safety and fire protection

  • Physical security points, vehicle and passenger locks;
  • Personal identification and access control system with metal detectors;
  • Armed security service;
  • Closed-circuit IP video surveillance and recording system for the entire outdoor area and indoor rooms of the facility;
  • Continuously monitored access control and intrusion detection system;
  • Early Warning Smoke Detection System with aspiration and optical sensors;
  • Automatic fire extinguishing system with extinguishing gas FM-200 (HFC-227ea).

Power supply

  • The data centre is powered by a medium voltage via two independent routed target cables.
  • One 1600 kVA self-operated transformer per side is connected to the two service providers.
  • Both power supply paths have their own aggregator support. 1400 kVA Cummins units are responsible for bridging long power outages of up to 24 hours with their locally stored fuel.
  • The uninterruptible power supply for IT systems is provided by two (independent A-B side) Eaton UPS systems. These UPS groups are redundant themselves. The total built-in UPS capacity is 3300 kVA. Each uninterruptible equipment has its own battery group, with a battery bridging time of 30 minutes at full expected load.
  • Customers can connect their servers to a real, independent bidirectional power supply system with no common point on the sides of the supply.
  • Availability of power supply: 99.999%.

Cooling

  • The datacentre is cooled by a so-called cooled water system. The system consists of an outdoor cooling unit (chiller) farm and indoor air conditioners, complemented by energy-saving cooling solutions and free-cooling condensers.
  • The number of outdoor units is duplicated. 2.4 MW cooling capacity has been built-in.
  • The cooling system includes 48 pcs of 50 kW indoor air conditioners with humidification option and N+2 backup per server room.
  • Air handling units ensure that the building is supplied with fresh, dust-free, heated / cooled air.
  • A hot aisle / cold aisle layout was built in the server room.
  • Cooling availability: 99.999%.

Certificates & Conformity

  • ISO 9001 quality management system;
  • ISO/IEC 27001 information security management system;
  • ISO/IEC 20000-1 information technology management system;
  • AQAP 2120 certificate of the Ministry of Defence.

Server rooms

  • Datacentre area: 1500 m2.
  • Each server room is a separate fire zone with fire closure doors of 30-90 minutes.
  • Height of raised floor: 50 cm.
  • Load capacity of raised floor: 2000 kg/m2 with distributed capacity.
  • Suspended ceiling: 50 cm.
  • 3.2 m free inner height in the server room.
  • Separated strong and weak current cable tray system.
  • EMC protection with an average attenuation of 40 dB against conducted and radiated interference sources.

Building

  • Load capacity of ceiling: 5000 kg/m2.
  • Current office and emergency (DR) office area: 2700 m2.
  • Covered cargo loading ramp under surveillance.

Contact details of the data controller

Name: Akadémiai Kiadó Zrt.
Registered seat: 1117 Budapest, Budafoki St. 187–189., Building A, Floor III.
Company registration number: 01-10-043151
Name of the court of registration: Registry Court of Budapest Regional Court
VAT number: 11387729-2-43
Phone number: +36 1 464 8200
Email: ak@akademiai.hu

Name of the data protection officer: Csaba Varga
Email address of the data protection officer: csaba.varga@wolterskluwer.com

Legal remedies

We'd like to inform you that based on the legislation, you can exercise your rights at the ak@akademiai.hu email address within the limits specified by the legislation:
a) you can request access to the processed personal data and their copies about you (Article 15 of GDPR);
b) you can request information about the specifics of the data processing (its purpose, scope of processed data, data processor partners, content of data processing (Article 15 of GDPR);
c) you can withdraw your consent at any time [Article 7 (3) of GDPR];
d) you can request the rectification of inaccurate personal data concerning you without unjustifiable delay or the completion of insufficient personal data (Article 16 of GDPR);
e) you can request the deletion of your personal data without justifiable delay (Article 17 of GDPR), if

(i)

the personal data are no longer required for the purposes of points 1 and 2 (providing professional materials, sending newsletters),

(ii)

you withdraw your consent and there is no other legal basis for managing your data,

(iii)

you object against receiving newsletters,

(iv)

your data has been processed illegally.

Data shall not be deleted if they are required for filing, enforcing and protecting a legal claim.
f) you can request a restriction of using your data (Article 18 of GDPR), if:

(i)

you contest the accuracy of your personal data. In this case the restriction applies to the period of time that allows us to check the accuracy of your personal data,

(ii)

the data processing is unlawful, you object the deletion of your data and instead, ask for a restriction on their use,

(iii)

we no longer need your personal data for data processing purposes but you need them to file, enforce or protect a legal claim, or

(iv)

you have objected to data processing. In this case the restriction applies to the period of time until it is determined whether our lawful reasons are considered a priority over your lawful reasons;

g) you can request to receive the data about you and provided by you in a widely used machine-readable format or the data to be directly transferred to another data processor (Article 20 of GDPR);
h) you can object to receiving newsletters − after receiving your objection your data can not be processed for this purpose [Article 21 (2)–(3) of GDPR];
i) in case of a law infringement you have the option to file a legal claim against the data controller and data processor to the court of the state where the data controller or processor is established, as well as to your local competent court; or to initiate a proceeding at the supervising authority at the place of your residence, employment or at the place of the alleged infringement (Article 77 of GDPR). In Hungary, the supervisory authority is Nemzeti Adatvédelmi és Információszabadság Hatóság (Hungarian National Authority for Data Protection and Freedom of Information) (1055 Budapest, Falk Miksa St. 9-11.; mailing address: 1363 Budapest. P.O. box 9, ugyfelszolgalat@naih.hu).


Filing a complaint to the data protection officer:
In case you have any questions or concerns about the data processing activities of Akadémiai Kiadó Zrt., please feel free to contact our data protection officer.
Name: Csaba Varga
E-mail: csaba.varga@wolterskluwer.com

After receiving your message asking for information, we will send our response − after identification − to your contact details within 30 days.

Budapest, 11. October 2020.