Privacy statement
Privacy Notice
The normative background of this Notice is constituted by the following laws:
- Act CXII of 2011 on informational self-determination and freedom of information (hereinafter: Info Act)
- General Data Protection Regulation (GDPR) of the European Union No 2016/679.
The most important concepts found in this Notice and their interpretation:
Data Subject: a natural person who comes into contact with, or has come into contact with, the Publisher, in relation to whom and connected to whom the Publisher handles personal data in any way. The Data Subject can be identified based on personal data or – directly or indirectly – can be identified as a natural person.
Personal Data: any information related to an identified or identifiable natural person (the Data Subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data Controller: a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by EU or Member State law, the controller or the specific criteria for its nomination may be provided for by EU or Member State law.
Data Processor: a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
Data Processing: any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of Processing: the marking of stored personal data with the aim of limiting their processing in the future.
Data Processing: carrying out technical tasks related to data processing performed by the Data Controller, regardless of the method and tools used for the implementation of the operations, as well as the place of application, provided that the technical task is carried out on the data.
Recipient: a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with EU or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
Personal Data Breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.
Principles of Data Processing
The Department of Political Science and International Studies, Faculty of Humanities and Social Sciences, University of Pécs (hereinafter referred to as the Publisher) processes personal data confidentially and takes all necessary security, technical, and organizational measures to ensure the security of the data. In certain cases, the processing, storage, and transmission of the provided data are mandatory by laws, of which the Publisher informs its clients separately. The Publisher does not verify the accuracy of the provided personal data. The accuracy of the provided personal data is the sole responsibility of the person providing them. We draw the attention of data providers to the fact that if they provide personal data that is not their own, the data provider is obliged to inform the data subject and, if necessary, obtain their consent.
Data Controller Information
Name:Department of Political Science and International Studies, Faculty of Humanities and Social Sciences, University of Pécs
Representative:László Kákai
Central email address: polusok@pte.hu
Mailing address: H-7622 Pécs, Ifjúság útja 6.
Data Processors
Name: Microsoft Hungary Ltd.
Mailing address: 1031 Budapest, Graphisoft Park 3.
Data Processor's Privacy Notice: https://privacy.microsoft.com/en-us/privacystatement#mainhowtocontactusmodule
Activity: Mail server hosting
Name: Google Inc.
Mailing address: 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
Data Processor's Privacy Notice: https://policies.google.com/privacy?hl=en&gl=ZZ
Activity: Mail server hosting
Name: University of Pécs
Mailing address: 7622 Pécs, Vasvári Pál u. 4
Website: https://pte.hu/en
Data Processor's Statement: Under construction
Activity: Web hosting service
Data Security Measures
The Publisher selects and operates IT tools used for processing personal data in a way that ensures the processed data remain accessible to authorized persons and their integrity is maintained at all times. The Publisher protects the data against unauthorized access, alteration, transmission, disclosure, deletion, or destruction, as well as against accidental destruction with appropriate measures. The Publisher ensures the security of data processing with technical, organizational, and organizational measures that provide a level of protection commensurate with the risks associated with data processing.
Access to Data, Method of Data Storage
The Publisher provides access to the data for the following persons:
- the Publisher,
- the Data Processors,
- and the data subjects.
The data are stored electronically, on the server operated by the Data Processor (University of Pécs).
Data Processing Related to Authors
The explicit purpose of the Publisher is to publish works from various authors in its journal. This requires communication with the authors and the dissemination of their work to the public.
The legal basis for data processing: GDPR Article 6(1)(b) - processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
The purpose of data processing: Coordination related to manuscripts reviewed and/or accepted for publication by the Editorial Board, obtaining permission for use, maintaining publisher contact with the author during the editorial process, and publishing the completed article with the author's name, email address, ORCID (author identifier), and any additional information requested by the Editorial Board for potential further communication.
Scope of personal data: Family and given name, preferred salutation, email address, phone number, workplace where the data subject is employed, mailing address, country, ORCID identifier for roles held at other journals (author, reviewer, reader), place and date of birth, mother's name, residential address (for contractual use).
Duration of data processing: The Publisher processes the specified data for the duration or conditions specified in the usage contract, or in the absence of this, the data will be deleted within 5 years following the termination of the contract.
Possible consequences of failure to provide data: Publication will not be possible, thus cooperation cannot be established.
Data Processing Related to Editorial Activities
Editorial activities are essential for the operation of the journal, requiring communication with the editorial team and the management of manuscripts and related data.
The legal basis for data processing: GDPR Article 6(1)(e) - processing is necessary for the performance of a task carried out in the public interest.
The purpose of data processing: Contacting the Editorial Board, maintaining communication with individuals submitting manuscripts to the Editorial Board through the OJS journal management and editorial system and e-mail.
Scope of personal data: Family and given name, preferred salutation, email address, phone number, workplace where the data subject is employed, mailing address, country, ORCID identifier for roles held at other journals (author, reviewer, reader).
Duration of data processing: Data will be processed until deregistration, but no later than there is public interest.
Possible consequences of failure to provide data: Failure to provide data will prevent identification and possible communication, thus the contract cannot be concluded or fulfilled.
Data Processing Related to Personalized Communication
If you contact the Publisher electronically (e.g., by phone, email, web form), it is essential for the Publisher to handle your data to the extent necessary to respond.
The legal basis for data processing: The legal basis for data collection is the public interest in the Publisher's activities (GDPR Article 6(1)(e)). The Publisher's activities may be based on future contact and the future protection of the Publisher's or other rights; no other legal basis for data processing can be considered.
The purpose of data processing: If you initiate electronic contact, the Publisher will record your email address and name, and in the case of phone contact, your name and phone number. The Publisher must handle these data to the extent and duration necessary for response. This allows for your identification and provides personalized and tailored responses to your expectations.
Scope of personal data:
- In case of online contact: name and email address
- In case of phone contact: name and phone number
Duration of data processing: The Publisher primarily processes your personal data for the purpose of maintaining contact. Accordingly, your data will be deleted after closing the case represented by your message, unless the public interest in future contact justifies further processing of personal data, in which case it will be processed until the public interest persists.
Possible consequences of failure to provide data: Failure to provide data will prevent your identification and potential communication, thus the Publisher will not be able to respond to your inquiry.
Rights of the Data Subject
During the data processing period, you have the following rights according to the GDPR:
- The right to withdraw consent
- The right to access personal data and information about data processing
- The right to rectification
- The right to restrict processing
- The right to erasure
- The right to object
- The right to data portability
If you wish to exercise your rights, it involves your identification, and the Publisher must necessarily communicate with you. Therefore, providing personal data will be necessary for identification (but identification can only be based on data that the Publisher otherwise processes about you). The Publisher will respond to data processing requests and complaints within 25 days.
Right to Withdraw Consent
You are entitled to withdraw your consent to data processing at any time. In such cases, the provided data will be irreversibly deleted from the Publisher's systems.
Right to Access Personal Data
You have the right to receive feedback from the Publisher regarding whether the processing of your personal data is in progress. If processing is ongoing, you are entitled to access the processed personal data and be informed by the Publisher about the purposes of the data processing, the categories of personal data processed about you, recipients or categories of recipients with whom the Publisher has or will share the personal data, the intended duration of storage, your rights to request rectification, erasure, or restriction of processing, your right to lodge a complaint with the supervisory authority, and more.
The purpose of exercising this right may be to determine the lawfulness of data processing, and therefore, in the case of repeated requests for information, the Publisher may charge a reasonable fee for providing the information.
Right to Rectification
You have the right to request the Publisher to rectify inaccurate personal data concerning you without undue delay.
Right to Restrict Processing
You have the right to request the Publisher to restrict processing if certain conditions are met, such as disputing the accuracy of personal data or objecting to processing while the Publisher verifies whether its legitimate grounds override yours.
If processing is restricted, such personal data, except for storage, may only be processed with your consent, for the establishment, exercise, or defense of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest of the EU or a Member State.
The Publisher shall inform you in advance of the lifting of processing restrictions.
Right to Erasure (Right to be Forgotten)
You have the right to request the Publisher to erase your personal data without undue delay if certain conditions are met, such as if the data are no longer necessary for the purposes for which they were collected, or if you withdraw consent and there is no other legal basis for processing.
If the Publisher has made the personal data public and is obliged to erase it, it shall take reasonable steps, including technical measures, to inform other data controllers processing the personal data that you have requested the erasure of any links to, or copy or replication of, those personal data.
The right to erasure does not apply if data processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for the establishment, exercise, or defense of legal claims.
Right to Object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on public interest. In such cases, the Publisher may not continue processing unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.
If personal data are processed for direct marketing purposes, you have the right to object at any time, including profiling.
Right to Data Portability
If data processing is carried out by automated means or based on your voluntary consent, you have the right to receive your personal data in a structured, commonly used, and machine-readable format from the Publisher. If technically feasible, you may request the Publisher to transmit the data to another data controller.
Legal Remedies
In case of infringement of your rights, you may apply to the court. The specific rules of procedure are contained in Section 23 of the Information Act (Act CXII of 2011). The court shall act expeditiously in the proceedings. It is the responsibility of the data controller to prove compliance with the legal requirements. The court decision falls under the jurisdiction of the "Törvényszék" (Regional Court). The action may be brought before the Törvényszék at the place of your domicile or residence. Before initiating any proceedings, it is advisable to send the complaint to the Publisher for prompt and efficient resolution of the issue.
For further questions, requests, complaints, or incident reports, please contact the Publisher's representative at the following address: polusok@pte.hu
Dated 16 September 2024.