Germus & Partners Law Firm (headquarters: 11 Pauler u., 1013 Budapest, Hungary; "the Firm") provides information in accordance with the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) ("GDPR") in relation to the processing of personal data carried out by the Firm, as set out in this notice.
You are entitled to subscribe to the Firm's newsletter and to contact the Firm by filling in the contact form on the website https://germus.hu (the "Website") operated by us. In this case, the Agency will process your personal data (name, e-mail address, telephone number) that you provide when subscribing or filling in the form.
The legal basis for this processing is your consent (Article 6(1)(a) GDPR), which you give when you subscribe or fill in the form. The Agency will process your data until the newsletter service is terminated, until the purpose of the contact is achieved or until your consent is withdrawn.
In order for the Agency to be able to evaluate your CV, interview you and provide you with feedback on it, it is necessary to process the data contained in your CV (and any cover letter you may have submitted).
The legal basis for this processing is your consent (Article 6(1)(a) of the GDPR), which you provide by submitting your CV.
The Agency processes the data provided by you in your CV (cover letter) submitted to the Agency, such as: surname, first name, telephone number, address, email address, photograph, description of professional experience, language(s) spoken, hobbies. Please do not provide any special data (e.g. health data, genetic data).
For the purposes set out above, the Agency will process your personal data as defined above until it decides whether to make you an offer of employment. If it does not, it will delete the data immediately after informing you, unless you then consent to the processing of the data contained in your CV for a further 6 months, so that, should a vacancy occur, the Agency can review the CV and, if the vacancy is of interest to you, contact you. To this end, the Firm will carry out profiling to the extent necessary to draw your attention to a job opportunity that may be of interest to you. After a period of 6 months, the Agency will delete the data.
Access to the data within the Office is limited to those employees within the Office who need to have access to the data in order to carry out their work (office manager, deputy office managers, HR officer, recruitment staff of the Office) and only for as long as necessary. The Office will not transfer personal data to third parties (either within the EU/EEA or outside).
The data may be accessed by the data processors providing IT services to the Office as necessary.
The purpose of the processing is the execution of the order received.
If the Firm and you or your employer have entered into a contract for the engagement of a lawyer, the following personal data are processed by the Firm for the performance of the contract: personal data of you, the client's representative, opposing parties, witnesses, experts and other natural persons processed in connection with the performance of the specific engagement, the subject matter of the case, the case identifier, the date of the conclusion of the contract for the engagement, the register number of court proceedings or the file number of other proceedings related to the case, personal data related to the engagement.
If the client is a private person, the legal basis for processing is Article 6 (1) (b) of the GDPR (performance of a contract). If the client is not a private person, the legal basis for processing is Article 6 (1) (c) of the GDPR (performance of a legal obligation) and Section 1 (1) of the Act on the Protection of the Rights of the Child.
Identification of the persons (jobs) with access to the data: members of the Firm, trainee lawyers and billing staff; depending on the nature of the assignment, access is limited to certain members of the Firm or employees.
The data may be accessed by the IT service providers or accounting data processors of the Office as necessary.
Transfers are made when the case requires it (e.g. to send the details of a counterparty, witness or expert to a non-EEA client represented in a case).
The period of data processing is 5 years or 10 years (Üttv. Paragraphs 53 (3) and (5): the Agency shall keep the data for 5 years after the termination of the mandate, 10 years after the countersignature of the deed in case of countersignature of the deed, and 10 years after the registration of the right to real estate in the public register in case of registration of the right to real estate. In the case of countersignature of a deed, the Office shall keep the deed countersigned by it and other documents relating to the matter of countersignature of the deed for a period of ten years from the date of countersignature, unless a longer period is provided for by law or the parties have agreed to keep them for a longer period. The data relating to the order, which are not included in the aforementioned paragraphs, shall be kept by the Agency until the end of the limitation period, with the exception that the documents constituting accounting documents supporting the accounting shall be kept by the Agency for eight years from the date of their creation (Article 169 (2) of the Accounting Act).
If necessary, the Agency may entrust the translation of the documents related to the assignment (which may also contain personal data) to a translation company (as a data processor), the legal basis for which is the legitimate interest of the Agency to be able to fulfil the assignment efficiently (Article 6(1)(f) GDPR). For these data processing operations, the Agency may use the machine translation software DeepL, operated by DeepL SE (Maarweg 165, 50825 Cologne, Germany).
In the event that a customer due diligence is carried out on the basis of the legislation, the following data will be processed by the Firm in connection with the customer due diligence:
Act No LIII of 2017 on the Prevention and Combating of Money Laundering and Terrorist Financing ("AML Act") 7. § (surname and forename, name and forename at birth, nationality, place and date of birth, mother's name at birth, address, or in the absence thereof, place of residence, type and number of identification document; in the case of a legal person or an entity without legal personality, the name and position of the person authorised to represent it, if any, the data of the person authorised to effect service of process as specified in this paragraph, except for the type and number of the identification document). The Office shall make a copy of the document containing the data and of the official identity card proving the address, except for the page showing the identity of the person.
In this case, the legal basis for data processing is Article 6 (1) (c) of the GDPR (performance of a legal obligation) and Articles 7-11 and, where applicable, Article 17 of the GDPR.
Identification of persons (jobs) with access to the data: members of the Firm, trainee lawyers and billing staff.
The data will be transmitted in the cases required by the Pmt. (to the regional chamber of commerce pursuant to Section 74 (1) of the Pmt. and to the financial information unit within the NAV pursuant to Section 75 (1) of the Pmt.).
The data will not be transferred outside the EEA. The data may be accessed by data processors providing IT services to the Office as necessary.
The Agency shall keep the data for 8 years from the date of execution of the order (Section 56 (2), Section 57 (2) of the Act on the Protection of Personal Data).
In case of identification of a client on the basis of the legislation, the following data will be processed by the Agency in relation to the identification of the client:
the data specified in Article 32 (3) and (7) and Article 33 (2) of the Act (e.g. surname, first name, place and date of birth, mother's name, nationality, statelessness, refugee, immigrant, settled or EEA national status, address, facial image, signature, type and number of the identification document used for identification) .
In this case, the legal basis for data processing is Article 6 (1) (c) of the GDPR (performance of a legal obligation) and Articles 32-33 of the GDPR.
Identification of persons (job titles) with access to the data: members of the firm, trainee lawyers and billing staff. The data will be transmitted to the financial information unit within the NAV in the cases required by the Act (Articles 30-31 of the Act). The data will not be transferred outside the EEA. The data may be accessed as necessary by the IT service providers or data processors providing accounting services to the Office.
The Agency shall keep the data for 8 years from the date of execution of the order (Section 33 (7) of the Act on the Protection of the Rights of the Child, Section 56 (2), Section 57 (2) of the Act on the Protection of the Rights of the Child).
If the Firm enters into a legal deposit agreement, it will process the following data about the client:
the Üttv. 51.§ (2): the name and Bar identification number of the depositary lawyer, the case identifier of the deposit contract, the type of deposit, the subject of the deposit, if the depositary lawyer places the deposit in a sub-account, the sub-account number, the amount and currency of the money actually deposited, the date of conclusion, amendment or termination of the deposit contract, the date of recording the data in the deposit register or of modification of the recorded data.
The processing of data in relation to the custody register is based on Article 6(1)(c) of the GDPR and the Act on the Protection of Personal Data. § 51 (1) - (2).
Identification of persons (job titles) with access to the data: members of the firm, trainee lawyers and billing staff. The data will be transmitted to the Budapest Bar Association. The data will not be transferred outside the EEA. The data may be accessed as necessary by data processors providing IT services to the Firm or accounting services.
The Agency shall keep the data for 10 years after the termination of the deposit (Üttv. 51.§ (4)).
The controller (data controller) of your personal data as defined above is the Agency.
Personal data is stored at the headquarters of the Office (1013 Budapest, Pauler u. 11.).
The Agency shall take all reasonable technical precautions to ensure that the data stored are kept secure and inaccessible to third parties. IT security description of the storage of personal data, main technical and organisational measures taken to ensure data security. Access to all computers is only possible with an individual password.
The Agency will take appropriate protective measures, but we would like to draw your attention to the fact that it is not always possible to prevent and prevent attacks via the Internet.
You have the following rights in relation to the processing of your personal data:
(a) Right of access (Article 15 GDPR): you have the right to be informed by the Office whether or not your personal data are being processed and, if such processing is taking place, you have the right to access your personal data and the information contained in this notice.
The Agency will provide you with a copy of the personal data processed upon request. For any additional copies requested by you, the Agency may charge a reasonable fee based on administrative costs. If you have submitted your request electronically, we will provide the information in a commonly used electronic format, unless you request otherwise.
(b) Right to rectification (Article 16 GDPR): you have the right to obtain from the Agency, upon your request, the rectification of inaccurate personal data concerning you without undue delay. You also have the right to request the completion of incomplete personal data.
(c) Right to erasure (Article 17 GDPR): you have the right to have your personal data erased by the Agency without delay upon your request, and the Agency is obliged to erase your personal data without delay if, for example, one of the following grounds applies:
- the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
- if you withdraw your consent;
- personal data must be erased in order to comply with a legal obligation under EU or Member State law applicable to the Office.
(d) Right to restriction of processing (Article 18 GDPR): you have the right to have the processing restricted by the Agency at your request, for example if one of the following conditions is met:
- You contest the accuracy of the personal data, in which case the limitation applies for the period of time that allows the Agency to verify the accuracy of the personal data;
- the Office no longer needs the personal data for the purposes of processing, but you require them for the establishment, exercise or defence of legal claims.
(e) the right to be informed of the above rights (Article 12 GDPR): the Agency will inform you without delay and in any event within one month of receiving your request under points (a) to (d) above, in a concise, transparent, clear and plain language, of the circumstances of the processing. If necessary, taking into account the complexity of the request and the number of requests, this period may be extended by a further two months. The Office will inform you of the extension of the deadline within one month of receipt of the request, stating the reasons for the delay.
(f) Right to lodge a complaint (Article 77 GDPR): you have the right to lodge a complaint with the supervisory authority, in particular in the Member State where you are habitually resident, employed or where the alleged infringement is taking place, if you consider that the processing of personal data concerning you infringes the GDPR. Complaints can be made to the National Authority for Data Protection and Freedom of Information (address: 1055 Budapest, Falk Miksa u. 9-11.; phone: +36 1 391 1400; fax: +36 1 391 1410; www.naih.hu; ugyfelszolgalat@naih.hu).
(g) Right to object (Article 21 GDPR): you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation, provided that it is in the legitimate interest of the Agency. In such a case, the Agency may no longer process the personal data unless you can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
(h) Right to data portability (Article 20 GDPR): where the processing is based on your consent or on a contract between you and the Agency, you have the right to receive personal data concerning you which you have provided to the Agency in a structured, commonly used, machine-readable format and the right to transmit these data to another controller without the Agency preventing you from doing so. You also have the right, where technically feasible, to request the Agency to transfer the personal data directly to another controller.
(i) Right to withdraw consent (Article 7 GDPR): you may withdraw your consent at any time via any of the contact details provided in this privacy notice, in which case your personal data will no longer be processed. The withdrawal of consent does not affect the lawfulness of the processing based on consent prior to the withdrawal.
For more information about the processing of your personal data, please contact us by email (office@germus.hu).
You can turn off cookies directly in your browser. You can find help pages for different browsers at these links:
Firefox
Chrome
Edge
Internet Explorer
Opera
Safari
Facebook pixel, use remarketing code
Facebook pixel (Facebook cookie) A Facebook pixel is a code that allows the website to report conversions, create audiences and provide the site owner with detailed analytics on how visitors use the site. The Facebook remarketing pixel tracking code is used to display personalised offers and ads to website visitors on the Facebook interface. The Facebook remarketing list is not personally identifiable. For more information about the Facebook Pixel / Facebook Account, please visit: business help, cookies.
Using Google Analytics
The IP address transmitted by the User's browser within the framework of Google Analytics will not be merged with other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You may also prevent Google from collecting and processing information about your use of this website (including your IP address) by means of cookies by downloading and installing the browser plug-in available.