This Privacy Policy states the guiding principles of data protection and management of HumanTurn (ARTUS Kortárs Művészeti Egyesület, and HumanBridge Bt.) (hereinafter: Data Controller), as well as the Data Controller’s data protection and data management policy and procedure. 

The Data Controller processes and manages the data of the registered users of  the website (hereinafter: the website). 

The goal of the Privacy Policy statement is to guarantee data security to all the registered users on the website, regardless of their citizenship or residency,  and finds it especially important to respect their right to information-related self-determination and manages personal data with privacy and implements all safety, technical, and operational measures necessary.

Data controller’s data

  1. Name: ARTUS Kortárs Művészeti Egyesület
    Seat and postal address: 1116 Budapest, Hunyadi Mátyás út 29.
  1. Name: HumanBridge Bt.
    Seat and postal address: 1116 Budapest, Hunyadi Mátyás út 29.

Email address:

The scope of personal data processed


The User is obliged to provide the following personal data in the course of the registration process:

– Display name (it will be published on the website)
email address (it will not appear on the website)
– marking the location of the turn on the map (It can be changed or modified anytime, and will be published on the website)

Filling out the following data is optional:

First name  (it will not appear on the website)
Last name ( it will not appear on the website)
– Country: according to the citizenship or permanent residency. (It will appear on the website)

In the course of registration, we request the following statements to be acknowledged

– Statement accepting the terms of Privacy Policy (in case the User does not accept the terms, his/her registration will not be completed)
– Statement on subsricption to the HumanTurn newsletter (yes/no)(independently of the registration) 

The Data Controller may request the User’s agreement on sending newsletter in connection to further websites or services in the course of the registration process. The acceptation or refusal of these services is independent of the registration itself. 

Technical information

Data saved and processed as result of the operation of the system: The data stored on the User’s device from which he/she logged in, and which have been generated in the course of the registration process, and which are automatically saved by the Data Controller’s system. The automatically saved data are stored by date by the system, without the User’s specific statement or activity with every log in and lof out to the website. These data and other personal data are not transmitted to third parties unless there is a legitimate interest (e.g. legal obligation). The data can be accessed and processed only by the Data Controller.  


One or more cookies – meaning a small file containing a series of characters – are sent to the device of the User by the Data Controller,, as a result of which their browser will become individually identifiable. 

The usage of cookies is provided by Google, and are operated through the Google Adwords system. These cookies will only be sent to the visitor’s device when visiting certain subpages; therefore, only the fact that the subpage was visited and the time when it happened are stored; no other information is recorded.

The cookies thus sent are used in the following way: external service providers, including Google, store with the help of such cookies whether the User has visited the Owner’s website before and based on that ads will appear to the User on the external service providers- including Google – partners’ websites. The User can instruct the browser to refuse all Google cookies with ads. (Furthermore, the User might block all the cookies on the Network Network Advertising Initiative site, for external service providers as well.) 

Following the blocking of the cookies, the Data Controller’s personalized advertising offers will not be available to the User. 

Applied cookies:

– Temporary (session) cookie: The session cookies are automatically deleted after the User’s visit on the website. These cookies are designed to increase the effectiveness and security of  the website and therefore are inevitable for certain domain functions and applications proper operation.

– Security cookies.

External servers help the independent  measurement and audit of the Website and its attendance and webanalytical data (Google Analytics). The User can be informed on handling of measured data in details by the given data processor service. Contact:

If the User does not want Google Analytics to track their data in the way and for the purpose mentioned above, we advise installing a blocking extension to their browser. 

Most of the browsers provide detailed information in the menu section under the “Help” heading on the following topics: 

– how to block the cookies 
– how to accept receiving cookies or
– how to instruct the browser to set up new cookies or
– how to turn off other cookies.

The purpose, legal basis and form of data management

Data management is carried out based on the statement agreed upon by the User on voluntary basis after being thoroughly informed about all its details. The statement involves the User’s agreement to process his/her personal data during the usage of the Website, or by subscribing to the newsletter. The legal basis of data management: Regulation No. 2016/679 of the European Parliament and of the Council (EU), rights to privacy, informational self-determination and data protection as stated in 2011. CXII. tv. (Infotv.) 5.§ (1) par. d) the User agrees to the terms stated above on voluntary basis, in compliance with the 2001. CVIII. law on electronic commercial services, and furthermore the information society services. 

The contribution to data management is performed by the User when registering on the website, and later by using the Website, or by voluntary agreement to the processing of other data in question.

The purpose of data management is the ensuring of services available on the Website. The Data Controller handles the data provided by the User in accordance with the data management purposes, for the sake of communication and sending out newsletter. 

The purpose of automatically stored data is creating statistical analysis, technical development of the information system used and the protection of User’s rights.

The Data Controller is not authorised to use the personal data of the User for purposes other than stated in the current document. Sharing personal data with third party or legal authority– except that the law makes it obligatory otherwise– is possible only with the preliminary and pronounced agreement of the User.

The Data Controller is not responsible for revising the data provided by the User.The person responsible for providing the personal data in accordance with the truth is the User him/herself. The User is furthermore due to take responsibility over the usage of the email address provided by him/herself connected to the service taken. Taking into account the above stated issue of liability, the responsibility connected with loging in the email box and using the email address lies on each User under whose name the email address was registered.

Duration of data management

The management of personal data provided in the course of the registration process starts with the date of registration and ends on request by deleting the data. In case of optional data, that are not obligatory for registration, the same procedure is applied as above.

The management of personal data provided in the course of the registration process starts with the date of registration and ends on request by deleting the data. In case of optional data that are not obligatory for registration, the same procedure is applied as above. 

In case of sending out newsletters, the management of personal data is due to the date of unsubscribing from the newsletter service. The data are stored for 6 months prior to the date of initial storage by the IT system- except the date of the last visit, which is automatically overwritten.

The above regulations do not refer to the obligation to retain data as stated in legislation (e.g. accounting law).

The scope of data management, data transmission, data processing

The Data Controller and interim staff members are primarily entitled to access the data, however, they are not obliged to share them or transmit them to third parties.

Within the framework of the operation of the underlying IT system, the Data Controller may hire an external Data Processor (e.g. a system operator).

The Data Controller manages the personal data of the User in accordance with the relevant legislation in a verifiable and traceable manner. Besides the above statement, the personal data is transmitted to a third party exclusively upon the User’s contribution, and/or only in case of request by legal authorities. 

User rights and possibilities of enforcement

The User has the right to request the Data Controller to receive information on their personal data, and furthermore, request the modification of the data anytime.

The Data Controller provides information on the personal data of the User on request, as well as data processed by the system operator assigned by the Data Controller for that purpose, the source of data processed, purpose of data management, legislation and duration of data management, furthermore, the name and address of the Data Controller, as well as the activities related to data management, or any incident related with data management, it’s effect and any measure taken in connection with the reparation. In addition – in case of transmitting personal data of the User – the Data Controller is obliged to send a written response regarding the legal basis and the name of the third party that the data was transmitted to within 30 days, upon request.

The Data Controller is entitled to lead registry records related to controlling the measures taken in connection with the data incident, as well as providing information to the User. The record contains the scope of personal data of the User, the scope and number of persons involved in the data incident, the exact date of the incident, its circumstances, effect and the measures taken in order to repair the damage, together with other data determined by law related to the data management. 

The User is entitled to request his/her rights related to data management at the following address: 

ARTUS Kortárs Művészeti Egyesület, 1116 Budapest, Hunyadi Mátyás út 29.

E-mail: or 

The User has the right to turn to the Data Controller, including the staff, with any question or remark connected with data management through the above mentioned contact information.

The User has the right to request modification or deletion of incorrect data any time. Certain data can be modified by the User him/herself on the Website; otherwise the Data Controller will delete the data requested 3 working days after the request has been received, the latest. In that case, the data will not be available any longer. The deletion does not refer to data management based on legislation (e.g. accounting legislation), and therefore the Data Controller is entitled to preserve these data until the date stated by the legislation.

The User can request the blocking of his/her data.  The Data Controller will block the access to personal data upon User’s request, or if it is plausible from the available information that the deletion of data would violate the rightful interest of the User. The personal data blocked in the above mentioned way can be processed only until the purpose of data management is relevant, according to which the deletion of personal data was excluded.

The Data Controller is obliged to inform the User as well as all the parties to whom the data had been forwarded to with the aim of data management about the modification, blocking or deletion of data. The notification may be waived provided it does not violate the rightful interest of the User, with regard to the purpose of data management.

If the Data Controller does not execute the modification, blocking or deletion of data requested by the User, the User must be informed about the factual and lawful reasons for declining the request in written form, within 30 days of the date of the receipt.

The User has the right to object to the processing of his/her personal data. The Data Controller is bound to inform the User about the decision in written form, regarding the request of objection to data process, within 15 working days of the date of the receipt, following the investigation and justification of the request in question. 

The User can assert his/her rights based on, as well as Civil Code (of 2013 V. law) 

–by turning to the  National Agency for Data Protection and Freedom of Information (1125 Budapest, Szilágyi Erzsébet fasor 22/c.;

– or asserting the rights at Court.

If the User has provided the Data Controller with data of a third party instead of their own during the registration process, or has caused any kind of damage while using the Website, the Data Controller has the right to assert compensation against the User. Data Controller will provide all the necessary information to the legal authorities investigating such cases, with the aim of identification of the infringer.


The Data Controller pays particular attention to lawful usage of the electronic email addresses processed, and therefore it shall use them only for the purposes stated below (notifications or advertisements) by sending e-mails to the User.

The Data Controller is entitled to inform the User about any changes, modifications connected with the providing of the service or any modifications related to similar services provided to the User, in electronic form, via email. 

The Data Controller can send notifications or advertisements (newsletter) to the email addresses provided by the User in the course of subscribing to the newsletter, only with the explicit agreement of the User, in cases and forms that comply with the relevant legislation. The newsletter contains products of direct marketing and advertising. When sending out newsletters, the Data Controller processes and handles the data provided by the User.

The Data Controller handles the User’s data provided in the course of subscribing to the Newsletter until the User unsubscribes from it by clicking the “Unsubscribe” button or requests  un-subscription from the Newsletter via email or post. By unsubscribing, the User will not receive any more letters, ads or notifications from the Data Controller. The User can unsubscribe from the Newsletter anytime, for free, and withdraw the contribution. Our registered users can unsubscribe from the Newsletter free of charge anytime by signing in their own personal Profile on our website. 

Other provisions

The operating system used by the Data Controller may collect certain data of the User related to his/her activity, which are not directly connected with neither the additional or other data provided by the User in the course of the registration, nor data provided by usage of other websites or services.

In all cases where the Data Controller wishes to use the data collected for other than the original purposes, the Data Controller will inform the User, and request the explicit consent of the User to do so, and ensures the opportunity for the User to disagree with or decline the data processing.

The Data Controller is responsible for the data security, and is dedicated to take all the necessary steps and technical procedures to ensure that the data collected, stored, and processed are protected, furthermore, will make every effort in order to prevent the data from unlawful usage, breaches, or deletion. Moreover, the Data Controller undertakes the task of drawing the attention of any third party to whom the data might be transmitted or shared with, to perform the obligations relating to data management. The Data Controller reserves the right to modify the current Privacy Policy terms unilaterally, aside from preliminary notification of the User on the Website. Following the modification’s entry into force, the User has to accept the modification in order to continue the use of the Website, in the way and form provided by the Data Controller on the Website.

9th of may 2020. Budapest