Privacy Policy

(Entered into force: 27/12/2017)

I. Preamble

1. This visited website available on the https://www.gamerhours.com domain (hereinafter: Website) is provided by GamerHours Korlátolt Felelősségű Társaság (seat: HU-1051 Budapest, 24 Nador.; registration number: 01-09-304459; hereinafter: Data Controller). The Data Controller shall also ensure the maintenance of the Website.

2. The service available on the Website may be used by natural persons as so-called coach (hereinafter: Coach), or as so-called student (hereinafter: Student). You shall provide the personal data determined below during the process of the registration to receive the services available on the Website. You will be entitled to receive the services available on the Website only after the registration (the registered persons, namely the Coaches and the students are together hereinafter: User).

3. This present privacy policy’s (hereinafter: Policy) aim is to establish - in the light of the legal provisions governing – the purposes and principles of the data management as well as the enforcement of rights that determines the circumstances, limits of the data management in respect of the personal data provided by the User. The Policy and the General Terms and Conditions (hereinafter: General Contract) should be interpreted and applied in conjunction, those are governing collectively, and the words not defined but marked with capital letter shall be interpreted in the light of the definitions concluded by the General Contract.

4. In order to make the User fully aware of the method of data processing activities in respect of the personal data provided during the process of the registration please read carefully this Policy. In case you have any question or notice in connection with the contents of the Policy do not hesitate to contact with us via e-mail ([email protected]).

5. The Policy is governed primarily by the following legal legislations which are available on the websites of Nemzeti Jogszabálytár, and also on Wolters Kluwer Kft. Jogtár a) az Constitution of Hungary Article VI.; b) Art CXII of 2011 on right of informational self-determination and the freedom of information (hereinafter: Info-tv.); c) Art CVIII of 2001 on certain legal aspects of electronic commerce and information society services (rövidítése: Ekertv.); d) Art VI of 1998 on the publication of the Council of Europe Convention of 28 January 1981 for the protection of individuals with regard to automatic processing of personal data; e) Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities (hereinafter: Grt.) f) Art IV of 2013 on Civil Code (hereinafter: Civil Code).

II. Definitions
This section’s purpose is to summarise the most important definitions of the Policy which should be interpreted and in conjunction with the definitions of the General Contract. The definitions of the General Contract shall also be applied correspondingly in respect of this Privacy.

1. Registration: The technical operation in the Website, during which the User provides some Personal datas detailed in this present Policy in accordance with the purposes concluded by this Policy.

2. Personal data: any information relating to an identified or identifiable natural person who registrated on the Webiste (the User). All data provided during the registration shall be deemed personal data.

3. Data management: the personal data are managed by the Data Controller, practically this process concludes all the actions from the recording until the deletion of the data. So that this process involved specifically the collection, recording, organisation, storage, adaptation or alteration, as well as maintenance, repair of personal data, or enter additional data and blocking, deletion, or destruction of the data concerned.

4. Data Controller: GamerHours Kft. seat: HU-1051 Budapest, 24 Nador, registration number: 01-09-304459 tax number: 26148324-2-41 statistical number: 26148324-6312-113-01 represented by: Vámossy István Győző director e-mail: [email protected]

5. Processor: means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. Currently the Data Controller is the only Processor.

6. Authority: The National Authority of Data Protection and Freedom of Information (seat: HU-1125 Budapest, Szilágyi Erzsébet fasor 22/c.; e-mail: [email protected]; website: http://naih.hu; phone number: +36 (1) 391-1400.

7. Cookie: a file (datasource), that may be made by the program of the Website on the visitor’s computer or mobile device and which retrieves information about the User, as well as about the link between the User and the webserver. The purpose of using a cookie is to identify (recognize) the User’s computer or mobile device, provide a simplified browsing, as well as to analyze the usage of the Website’s visitors and improve their user experience.

8. Personal data breach: it means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

III. Legal basis

1. The Data Controller shall be entitled to process the personal data provided by the User only in case the User gives its voluntarily and explicit consent by having read and interpreted the Policy in the light of all the informations concluded in the Policy. The User can give its explicit consent by ticking the checkbox under the registration form by the acceptance of the General Contract and the Policy, which is also the criteria of finalizing the registration. By giving the consent determined above the Data Controller shall be entitled to process and use the personal data provided by the User under conditions of the Policy. The Data management in respect of the e-newsletter is required a specific contribution of the User in accordance with the section 6 of the Grt.

2. In the possession of the User’s consent the Data Controller shall only be entitled to process the personal data provided by the User if the Data Controller previously apply a permit from the Authority and the Authority has registered the claim. The Data Controller is infomed about the registration of the data management via e-mail letter sent by the Authority which is involved the the registration numbers. The Data Controller shall be obliged to indicate the registration numbers concerned in respect of all data management activities and also in respect of the release the personal data to the User. The Data Controller currently has the registration numbers stated below.

The name and the registration number of the data management activity
„registration on the Website”

the registration number is not bound by the section 65, paragraph 3 of the Info-tv. in respect of this activity
„data management in order to send e-newsletter”

NAIH-136029/2018
„database building”

NAIH-………………...
„consumer relationship”

the registration number is not bound by the section 65, paragraph 3 of the Info-tv. in respect of this activity „building the database for mensuration of consumer satisfaction” NAIH-………………...
„data management for monitoring the consumer attitudes”

NAIH-………………...
„direct marketing”

NAIH-136033/2018

IV. Principles
This section’s purpose is to summarize the principles of data management in respect of which principles are applied during the full time of the data management by the Data Controller.

1. The legal basis limitation principle: the Data Controller hereby undertakes to process the personal data provided by the User in accordance with the voluntarily, explicit and informed consent of the User, as well as in accordance with the Policy, also the legislation and in line with fairness and legality. Furthermore the Data Controller undertakes to ensure the exercise of rights, especially the right to dispose in respect of the personal data by the free publication of the current version of the Policy before and also after the registration.

2. The purpose limitation principle: the Data Controller undertakes to process the personal data provided by the User only for the purposes the Policy and not to use the data concerned for any different purposes. The Data Controller shall be obliged to inform the User fully, in writing, with the stating of the purpose and the reasons beforehand in the case the Data Controller use the personal data a different purpose. In the event the personal data will be used for a different purpose the personal data concerned shall be process in the light of and in accordance with the legal basis limitation principle.

3. Principle of privacy: the Data Controller hereby undertakes to take every technical and organising steps and processes which are to be regarded as necessary int he order of the security of the User’s personal data. Data Controller shall be obliged to ensure the protection of the personal data provided by the User in the light of the current state of the techniques and also to ensure the prevention of a Personal data breach, especially: 3.1. to prevent the unauthorised access to the personal data; 3.2. to ensure the registered personal data shall not be connected with other data and also to ensure the data not to be assigned with the User; 3.3. to hinder the unauthorised data-input; 3.4. to make the data restorable in case of possible loss of data; 3.5. to maintain a record to check the processes in case of a possible Personal data breach and to inform the User about it. The record shall involve: 3.5.1. the personal data, 3.5.2. the Users involved in the Personal data breach, the date , circumstances, effects of the incident, as well as the preventive measures in respect of the incident, and 3.5.3. the other data prescribed by the legislation. In case of Personal data breach the Data Controller shall be obliged to notify the fact of the Personal data breach to the Authority without undue delay, but no later than 72 hours after the Personal data breach has become aware.

4. The period of the data management: the Data Controller hereby undertakes to process the personal data provided by the User only until the User’s application for the deletion, or failing this, until the time that necessary for the fulfilment of data management purposes, but not later than 5 years from the giving of the personal data. The Data Controller undertakes not to make the User identifiable for a longer period than it’s necessary in the light of the fulfilment of the data management purposes.

5. Data minimisation: the Data Controller’s purpose in respect of the data management to be the processed Personal datas adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

6. Accuracy: The processed Personal datas shall be accurate and, where necessary, kept up to date; The Data Controller shall be obliged to take every reasonable step to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, will be erased or rectified without delay.

V. The processed personal data
This section’s purpose is to summarize the personal data which are needed to provide by the User to receive the services available on the Website, on the other hand to summarize the personal data which can be processed by the Data Controller after the registration.

1. With respect of all User, the Data Controller shall process the personal datas marked above from the Registration:

a) Name;
b) Username;
c) E-mail address;
d) Password;
e) Provided social media account (Twitch, Twitter, Facebook or Steam);
f) Skype-ID;
g) Profile picture;
h) Game account (optional).

2. With respect of the Coach, the Data Controller shall process more personal datas detailed above:

a) billing adress;
b) PayPal-ID;

3. The Coach shall be entitled to connect his/her Facebook or Twitter or Twitch (hereinafter: Social Media) account with the account registrated on the Website, following this the Data Controller shall be entitled to manage the personal datas provided and published on the Social Media marked by the Coach.

VI. The recorded technical data

1. In addition to the personal data provided by the User there are other data recorded technically in respect of the computers (Cookies), such as the data generated during the use of the Website, as well as the data which recorded and documented at the login or at the logout whithout any specific declaration from the User. The Data Controller shall not be entitled to contact these data concerned with the personal data of the User, except for the legal obligations. These data only availabe for the staff of the Data Controller. The Data Controller shall store the data determined above for 6 (six) months, these data will be deleted after the expiry of this period.

2. The purpose of the automatically recorded data is to product statistics related with the use of the Website, as well as to develop the Website’s information system.

3. In order to give the User a personalized experience and the highest quality of the services available on the Website the Data Controller placed a file onto the User’s computer during the us of the Website. The User can delete the Cookie from its computer any time, and the User can also adjust in its browser (typically under the „Help” function) the blocking of this Cookies. The User shall takes note of the use of the Website will be limited quality by the blocking of the Cookies.

VII. The process of the data management
This section’s aim is to summarize the purposes of the data management in respect of the personal data.

1. „registration on the Website” (NAIH-registration is not needed): It is necessary to provide personal data during the Registration in order to be the User identifiable, known person during the exercise of rights and fulfil the obligations which are laid down in the General Contract in connection with the use of the Website. The processing shall be take only for the deletion of the Registration. The legal basis of this data management is the User’s consent in accordance with the point a) of Subsection (1) of Section 5. of Infotv which is given during the Registration. The processed datas in respect of this data management are the followings: Name, Username, E-mail, Password, Provided social media account, Skype-ID, Game account, as well as in respect of the Coach the Data Controller shall be entitled to process the Billing address, the PayPal-ID, and also the personal datas available on the Social Media marked by the Coach concerned in the point V/3.

2. „Database building” (NAIH-..................): The Data Controller’s purpose is to collect the personal datas provided by the User to comply with the User’s inquiries in a personalized and transparent way, and also in order to separate and secure the personal datas concerned. The Data Controller shall not be entitled to sell the database built for third parties. The processing shall be take only for the User’s request for the cancellation. The legal basis of this data management is the User’s consent in accordance with the point a) of Subsection (1) of Section 5. of Infotv which is given during the Registration. The processed datas in respect of this data management are the followings: Name, Username, E-mail, Password, Provided social media account, Skype-ID, as well as in respect of the Coach the Data Controller shall be entitled to process the Billing address, the PayPal-ID, and also the personal datas available on the Social Media marked by the Coach concerned in the point V/3

3. „data management in order to send e-newsletter” (NAIH-136029/2018): The Data Controller is entitled to send periodically useful informations in connection with the services of the Website, and also entitled to send promotion materials about possible renewals, any further additions in respect of the Website via the e-mail address provided by the User. In terms of the Grt. 6. § e-newsletter may be sent only in the case of the User’s prior, explicit consent. This consent can be given by the ticking of the checkbox provided for the e-newsletter service. The User shall be entitled to withdraw this consent any time, free of charge by clicking to the „unsubscribe” link or by sending a claim via e-mail (to [email protected]). The processing shall be take only for the User’s request for the cancellation. The legal basis of this data management is the User’s consent in accordance with the point a) of Subsection (1) of Section 5. of Infotv and also in accordance with the Subsection (1) of Section 6. of Grt. The processed datas in respect of this data management are the followings: Name, Username, E-mail.

4. „Direct marketing” (NAIH-136033/2018): The purpose is to approach the User directly via its contancts granted by the User to publicize the possible renewal, any further addition in respect of the Website or further services, as well as to inform the User about these further services concerned. The processing shall be take only for the User’s request for the cancellation. The legal basis of this data management is the User’s consent in accordance with the point a) of Subsection (1) of Section 5. of Infotv and also in accordance with the Subsection (1) of Section 6. of Grt. The processed datas in respect of this data management are the followings: Name, Username, E-mail.

5. „data management for monitoring the consumer attitudes” (NAIH-106684/2016.): The purpose of this process is to build a database about the User’s behaviours, attitudes to develop the service available on the Website in accordance with the User’s attitudes. In respect of this purpose the Data Controller shall monitor the purposes and needs for which the service is being used by the User. The processing shall be take only for the fulfilment of the purpose of this data management. The legal basis of this data management is the User’s consent in accordance with the point a) of Subsection (1) of Section 5. of Infotv which is given during the Registration. The processed datas in respect of this data management are the followings: Name, Username, E-mail.

6. „Clientcontact” (NAIH-registration is not needed): The purpose of this process is to communicate with the User in order to receive the services of the Website in the most personalized way, as well as to inform the User every details about the service of the Website. The processing shall be take only for the deletion of the Registration. The legal basis of this data management is the User’s consent in accordance with the point a) of Subsection (1) of Section 5. of Infotv which is given during the Registration. The processed datas in respect of this data management are the followings: Name, Username, E-mail.

7. „building the database for the evaluation of consumer satisfaction” (NAIH-………………..): The Data Controller shall be entitled to evaluate periodically the satisfaction of the Users in respect of the service available on the Website via e-mail. The processing shall be take only for the fulfilment of the purpose of this data management. The legal basis of this data management is the User’s consent in accordance with the point a) of Subsection (1) of Section 5. of Infotv which is given during the Registration. The processed datas in respect of this data management are the followings: Name, Username, E-mail.

9. The Data Controller request and collect other data for the invoicing in accordance with the General Contract, including billing address, PayPal-ID, which datas – on the basis of the Info-tv. 65. § (3) paragraph a) point - are not restricted by a permission by the NAIH.

VIII. The process of the data management
The Data Controller summerizes the way of the data management within the limit set in this section and clarifies how will be processed the personal data provided by the User.

1. The process of the registration: The personal data shall be provided on the registration interface during the registration. The data marked with an asterisk are mandatory to provide. The User shall be entitled to provide datas as a game account after the Registration. The Coach shall be obliged to provide his/her billing address and also his/her PayPal-ID in connection with the fulfilment of his/her payment obligations in accordance with the General Contract after the Registration.

2. The storage of the data: The Data Controller storages and processes the personal data provided by the User on its own information system. These data shall be processed only and exclusively by the Data Controller and the personal data concerned storaged only digitally. 2.1 The Data Controller shall be entitled to process the data determined in the Policy until the User’s application for the deletion or the fulfilment of the purposes of data management activity. 2.2. The Data Controller shall be entitled to preserve the personal data provided by the User until the final and binding decision of the applicable administrative or court proceedings in case of the User’s unlawful or infringing conduct and these data concerned may be processed by the User for the time of the preservation int he case determined above, especially in case of call by the determining authority or court.

IX. Enforcement of rights
This section’s purpose is to summarized the User’s possible enforcement actions in respect of the personal data processed by the Data Controller. The Data Controller shall notify the User about any act concerning personal data (especially the retification, detention or deletion of data) within 8 days after the act. The Data Controller shall only be entitled to ignore this notification obligation if the act adopted does not preclude the legal interest of the User.

1. Request for information: The User shall be entitled to request information any time from the Registration to the end of the data management about the data provided, the process of the personal data, or about the possible Personal data breach, the protecting measures in connection with the Personal data breach, as well as about any matter or question which follows from the Policy.

1.1 The User shall take this request concerned above in writing via e-mail ([email protected]) or sent by post (address: H-1051 Budapest, 24 Nador).
1.2 The request shall only be considered to taken by the User if the request sent from the e-mail address provided by the User during the registration. The Data Controller shall not be obliged to answer the request if its sent from a different e-mail address.
1.3 The Data Controller hereby undertakes to provide a free response in writing as an answer to the request as soon as possible, but at latest within one month from the receipt of the request (primarily via e-mail, but in an explicit appeal via post letter).
1.4 The Data Controller shall only be entitled to refuse to give response in the cases which are laid down in the Info-tv., in this event the Data Controller shall be obliged to appoint the governing law provision, as well as to inform the User about the enforcement of rights.
1.5 The Data Controller shall be obliged to notify the User every measures in respect of the Personal datas within 8 days from the measure. The Data Controller shall be entitled to ignore this obligation if the measure obviously doesn’t infringe the User’s legitimate interest.

2 The notification in case of any change in data: The User shall be entitled to notify the Data Controller in writing about the changes in respect of the personal data provided.



2.1 The Data Controller hereby undertakes to record the notified changes as soon as possible, but within 8 days from the receipt of the notification at latest.
2.2 The User shall be responsible for the cosequences of the delay in case of the negligency of the notification.

3 The rectification of the data: The data shall be rectificate automatically by the Data Controller if the data provided are not accurate and the correct data are at the Data Cotroller’s disposal.

4 Right to restriction of processing: The User shall have the right to obtain from the Data Controller restriction of processing where one of the following applies: (a) the accuracy of the Personal data is contested by the User, for a period enabling the Data Controller to verify the accuracy of the personal data; (b) the processing is unlawful and the User opposes the erasure of the Personal data and requests the restriction of their use instead; (c) the Data Controller no longer needs the Personal data for the purposes of the processing, but they are required by the User for the establishment, exercise or defence of legal claims; (d) the User has objected to processing pursuant the verification whether the legitimate grounds of the Data Controller override those of the User.

5 Protest against the data management: The User shall be entitled to protest any time against the data management.

5.1 The User shall be entitled to request the deletion of the personal data provided in writing (primarily via e-mail, or via post letter in accordance with the above mentioned). To make the data unrecognisable and non-reconstitutable shall be regarded as the deletion of the data concerned. Istead of the deletion the Data Controller shall block the personal data in case the User request it or the deletion would be against the User’s legal interest.


5.2 The User shall not be entitled to protest against the data management in case the data management is mandatory and required by the legislation. It shall be deemed to be a protestation if the User take a declaration which aims to object the data management or to ask for the elimination of the data management process, as well as for the deletion of the data provided.
5.3 In the case of the User’s protestation in writing (which can be taken via e-mail, or via post letter), the Data Controller shall be obliged to examine the protestation and also to take decision in respect of the protestation as soon as possible, but at latest within 15 days after the receipt of the protestation. The Data Controller shall infom the User about the decision taken in this case concerned:
5.3.1 If the protestation shall be considered valid, the Data Controller shall be obliged to eliminate the process of the personal data provided by the User and also to block the data concerned.
5.3.2 In case the User does not agree with the decision taken by the Data Controller or in case the Data Controller fails to take the decision within the 15 days deadline, the User may seises to court in accordance with the Policy within 15 days after the receipt of the decision or within 30 days after the expiry of the 15 days deadline.
The Data Controller shall have the obligation to erase Personal data without undue delay where one of the following grounds applies:

(a) the Personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

(b) the User withdraws consent on which the processing is based and where there is no other legal ground for the processing;

(c) the User objects to the processing pursuant and there are no overriding legitimate grounds for the processing;

(d) the Personal data have been unlawfully processed;

(e) the Personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the Data Controller is subject;

(f) the Personal data have been collected in relation to the offer of information society services for children.

6 Right to data portability: The User shall have the right to receive the Personal data concerning him or her, which he or she has provided to the Data Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Data Controller to which the Personal data have been provided.

7 Enforcement in court: The User shall be entitled to seise to court in case the Data Controller infringes the User’s rights, in the proceedings concerning the general courts shall have jurisdiction. The proceedings may be brought before the courts where the User has its residence or its place of stay.

8 Compensation and general damages for infringement of personal right:

8.1 The Data Controller shall be obliged to compensate the User in case the Data Controller cause injury by the unlawful process of personal data or by infringement of the privacy requirements.
8.2 If the Data Controller cause injury in respect of the personal rights of the User by the unlawful process of personal data or by infringement of the privacy requirements, the User shall be entitled to claim general damages for infringement of personal rights.
8.3 The Data Controller shall be relieved of the above-mentioned responsibilities if it proves that the injury or the infringement of personal rights followed from an unaviodable reason outside the data management.
8.4 No damage or general damage for infringement of personal rights can be claimed if the injury or the damage caused by infringement of personal rights followed from the intentionally or with gross negligence conduct of the injured party.

9 The administrative procedure

9.1 The User shall be entitled to initiate a investigation by a notification sent to the Authority on the question of whether occured an injury in respect of the process of the personal data or whether these data concerned are at risk.
9.2 The investigation of the Authority is free, all the costs which follows from the investigation proceedings are advanced and bear by the Authority.
9.3 Shall not be given any unfavourable treatment because of the notification. The identity of the person who taken the notification shall only be granted by the Authority if the keeping it in secret would hinder the investigation proceedings. The Authority shall not be entitled to reveal the identity of the person who taken the notification if this person concerned request to keep its data in secret.
9.4 The contacts of the Authority: 9.4.1 address: H-1125 Budapest, Szilágyi Erzsébet fasor 22/c
9.4.2 e-mail: [email protected]
9.4.3 website: http://naih.hu
9.4.4 phone number: +36 (1) 391-1400

X. Amendment of the Privacy Policy
The Data Controller shall reserve the right to amend the Policy at any time, furthermore undertakes to inform the User about the amendment and request an additional confirmation from the User for the application of the amended Policy by e-mail.