of the International Christian School of Budapest
according to the European Union's General Data Protection Regulation (GDPR)
The International Christian School of Budapest (ICSB) is committed to the protection of personal data. We process the personal data of our former, current, and prospective staff members, students, and students' family members in accordance with current data privacy policies set forth by the European Union's General Data Protection Regulation.
What is the General Data Protection Regulation (GDPR)?
European privacy law is designed to protect individuals from having personal and private information shared, stolen, or sold to others by businesses or institutions without knowledge or consent. While many countries around the world have created their own data privacy policies, GDPR (General Data Protection Regulation) is the one that all 27 countries of the European Union use.
Nemzetközi Alapítvány a Keresztyén Kultúráért, Oktatásért Magyarországon
Registered office: 2049 Diósd, Ifjúság út 11.
Registration number: 01-01-005300
Represented by: Kristi Joy Hiltibran
Data Protection Officer
Ms. Ildikó Tabajdi
If you wish to exercise your rights set below or to request further information about ICSB’s processing of your personal data, please contact the data protection officer via email.
7 Principles of GDPR that Form the Core of European Privacy Law
Lawfulness, Fairness & Transparency
We only collect personal data when it is legal to do so, and we will be transparent as to what we are collecting and how we will use it.
We only collect personal data for legitimate purposes, including purposes that are required by law, will help the individual be a part of ICSB and/or are necessary to the function of the school.
We do not collect and store more personal data or keep data longer than is necessary.
We will work to keep people’s personal data accurate and up to date. Individuals can request that errors be corrected, and errors will be corrected in a timely manner.
Each kind of personal data will have an expiration date, and processes will be in place and followed to make sure data past its expiration date is expunged from the system.
Integrity and Confidentiality
We will be careful to guard collected data so that it is not mishandled, accidentally lost, or compromised.
We are all accountable to follow these principles and best practices in order to comply with GDPR and protect the privacy of the staff, students, and families whom we serve.
Legal Rights Related to Personal Data Processing
Right to Transparent Information
Before and during the data processing, staff members, students, and families have the right to receive information about the data processed and the processing of data, including this notice.
Right to Access
Staff members, students, and families have the right to receive feedback from ICSB as to whether their personal data is being processed, and if so, they may receive access it.
The personal data of a staff member, student or family will be accurate; if not, they have the right to have it corrected at any time and without delay.
Right to Erasure
Staff members, students, and families have the right to have their personal data removed (erased) from the system if the data is no longer necessary for the purposes for which it was collected, or there is no longer any legal grounds for ICSB to retain your data, or if they wish to withdraw consent.
Right to Restriction of Processing
Staff members, students, and families have the right to request the school to restrict the processing of their data, under certain legal conditions.
Right to Object
Staff members, students, and families have the right to object at any time to the processing of their personal data for reasons related to his/her own situation, under certain legal conditions.
Right to Data Portability
When a staff member, student, or family leaves ICSB, they may choose to take a copy of their personal data with them.
Right of Withdrawal
Staff members, students, and families shall have the right to withdraw his or her consent at any time.
Right of Appeal
You have the right to file a complaint with the competent supervisory authority and before the competent courts in relation to processing of your personal data.
Supervisory Authority: Nemzeti Adatvédelmi és Információszabadság Hatósága (National Authority for Data Protection and Freedom of Information)
The Competent Court: Budapest Környéki Törvényszék (Budapest Regional Tribunal)
Address: 1146 Budapest, Thököly út 97-101.
Postal address: 1443 Budapest, PO Box: 175. (1443 Budapest, Pf. 175.)
Central phone: +36-1/467-6200
The Data Controller will:
Inform the staff members, students, and families that a designated Data Protection Officer is available. Staff members, students, and families may exercise their rights above and/or make an observation or complaint against data processing any time, by writing to the Data Protection Officer, Ildikó Tabajdi via email or to the postal address: H-2049 Diósd, Ifjúság út 11., Hungary.
Validate the identity of the staff members, students, and families before responding to an observation or complaint (to check whether the request originates from the person entitled). Requests received from the staff members, students, and families ’s email addresses registered by the Data Controller are considered by the Data Controller to come from the Staff members, students, and families. In the case of requests received in other forms, the Data Controller is entitled to authenticate the Staff members, students, and families in another way (e.g. verbally inquire about the validity of the written request on a given telephone number, request a written confirmation of the oral request or initiate other appropriate identification).
Examine the requests received and handle them without delay, but no later than within one month, or, in exceptional cases, within a longer period permitted by law, or rejects them (with justification).
Inform the staff members, students, and families of the outcome of the decision in writing. The processing of the request is free of charge, except for unfounded or excessive requests for which the Data Controller may charge a reasonable fee corresponding to its administrative costs.
Ask the staff members, students, and families to inform the Data Controller as soon as possible of any change in their personal data as recorded. This is to ensure the accuracy, completeness and - if necessary for the purposes of data processing - actuality of the data.
ICSB’s Responsibilities Regarding Processing of Personal Data
Collection and storage of staff, students, or family’s data will be limited to that which they have agreed to (consent) or is necessary by law e.g. for employment, or for enrollment, or for the legitimate interest of the school.
The school will follow practices (see below) and policy to confidentially and securely store and retain staff, volunteer, student, and family data. Data subjects will be notified if there’s a privacy incident likely to result in a high risk to their rights and freedoms. See our Data Storage and Retention Practices for more details.
Photos and videos of the student and staff members will only be used for the yearbook, website, social media, and other promotion with individual (staff and students aged 14 and above) or parental consent (all students).
Your email contact information will be kept by the school, but you may choose to unsubscribe from school correspondence at any time after employment, enrollment, or association with the school ends.
The school will respect the privacy of staff members and will only look into personal files and correspondence if they have an actual legal concern. In which case, you will be notified and, if possible, present.
Staff, student, and parent data is also shared with certain third-party data processors for educational or operational purposes. See the list of Third-Party Companies that occasionally process the personal data of our students, staff, volunteers, and families.
ICSB collects and stores staff, student, and family personal data for security purposes through its electronic key card system as well as cameras, and sign-in sheets. Camera recordings are erased every 5 days, key card information is purged at the end of the year, and sign-in information is retained electronically until the end of the year. See the Location of Security Cameras and Viewing Angles.
The school automatically applies the following text alert at the bottom of all emails sent from the school's official email account: This email contains confidential information and personal data. Disclosure to unauthorized persons, unauthorized handling, including use, transmission and public disclosure is prohibited. If you are not the recipient of this message, please notify the sender immediately, and delete this message. Ez a levél bizalmas információkat tartalmaz, melyek felhasználása, továbbítása és nyilvánosságra hozatala tilos. Amennyiben nem Ön a levél címzettje, kérjük, haladéktalanul értesítse a levél feladóját, és törölje ezt a levelet.