The portal www.nemzetbiztonsag.hu owned by the Special Service for National Security (head office: 1022 Budapest, Törökvész út 32-34.) (hereinafter referred to as the “website”) is edited by the State Secretariat for Civilian National Security Services of the Cabinet Office of the Prime Office (head office: 1014 Budapest, Színház utca 1.) (hereinafter referred to as “CNS State Secretariat”). The website is operated by the company limited by shares NISZ Nemzeti Infokommunikációs Szolgáltató Zártkörűen Működő Részvénytársaság (head office: 1149 Budapest, Róna utca 52-80.) (hereinafter referred to as “NISZ”). The Cabinet Office of the Prime Minister is responsible for any content uploaded by it onto the website, and in that capacity also qualifies as controller under Section 3, point 9 of Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (hereinafter referred to as the “Information Act”) and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as the „GDPR”). In addition to operating the website, NISZ also performs processing responsibilities.
1. Processing related to messaging and communication
By clicking onto the menu item ‘Contact us’ in the line of the website ‘Main menu’, completing the form accessible there, providing his or her personal data (full name and e-mail address) and submitting the form, the website user (hereinafter referred to as the “data subject”) may contact the CNS State Secretariat or – by selecting it from the scroll-down menu – directly one of the civilian national security services (Constitution Protection Office, Information Office, Special Service for National Security, National Information Centre).
Controller for the purposes of messaging and communication: recipient of the message, i.e. the Cabinet Office of the Prime Minister (head office: 1014 Budapest, Színház u. 1., mail address: 1357 Budapest, Pf. 1., data protection officer: Dr Ildikó Pékó, e-mail address: adatvedelem@mk.gov.hu) or the Constitution Protection Office (head office: 1117 Budapest, Fehérvári út 70., mail address: 1391 Budapest 62. Pf.: 217., data protection officer: Dr János Boczkó János, e-mail address: boczko.janos@ah.gov.hu) or the Information Office (head office: 1021 Budapest, Budakeszi út 85-87., mail address: 1539 Budapest, Pf. 600., e-mail address: info@ih.gov.hu) or the Special Service for National Security (head office: 1022 Budapest, Törökvész út 32-34., mail address: 1399 Budapest 62. Pf.: 710., data protection officer: Dr Barbara Bakos, e-mail address: adatvedelmitisztviselo@nbsz.gov.hu) or the National Information Centre (head office: 1117 Budapest, Fehérvári út 70., mail address: 1903 Budapest, Pf.: 314., data protection officer: Dr Edit Holpár, e-mail address: adatvedelem@nik.gov.hu).
Range of processed data: your full name and e-mail address.
Legal basis for and duration of processing: Clicking onto the button ‘I’m not a robot’, followed by the button ‘I accept the processing information and hereby consent to the processing of my personal data by the recipient of this message for the purposes of a reply’ and the button ‘Submit’ qualifies as voluntary consent under Article 6(1) point a) of the GDPR, authorising the controller to process such data until the withdrawal of your consent.
Processor: NISZ Nemzeti Infokommunikációs Szolgáltató Zártkörűen Működő Részvénytársaság (head office: 1149 Budapest, Róna utca 52-80.) In addition to the Controller, the personal data of the data subject will also be processed by the Processor.
2. Data generated during use of website and personal data recorded during use of website
Any data generated during the use of the website as well as any personal data recorded during the use of the website will be processed in compliance with the statutory regulations as in force, may not be disclosed to third parties, and can only be used to the extent necessary for the operation of the service.
Controller for the purposes of any data generated during the use of the website as well as any personal data recorded during the use of the website: Cabinet Office of the Prime Minister (head office: 1014 Budapest, Színház u. 1., mail address: 1357 Budapest, Pf. 1., data protection officer: Dr Ildikó Pékó; e-mail address: adatvedelem@mk.gov.hu)
Range of processed data: during a visit to the website, the start and end times of the data subject’s visit, the data of the browser and the operating system, and the data subject’s internet protocol (IT) address will only be recorded after third-party cookies have been accepted. The website sends co-called cookies (hereinafter referred to as “cookies”) to the electronic device used by the data subject. Statistical data are automatically generated from the data generated through the viewing of the website.
Legal basis for and duration of processing: Based on the information displayed in the pop-up window, by clicking onto the button “Accept cookies” you may allow the Controller to use cookies on the website and to thereby process your personal data. Clicking onto the button “Accept cookies” qualifies as voluntary consent within the meaning of Article 6(1) point a) of the GDPR; in consequence of such consent, the Controller will process your above data until the withdrawal of your consent. Based on the information displayed in the pop-up window, by clicking onto the button “Reject cookies” you will not allow the Controller to use cookies on the website and to thereby process your personal data. If you do not allow the use of cookies, as per Article 6(1) point e) of the GDPR the website will be limited to the use of the cookies and technologies that are essential for its functioning; no personal data will be processed.
Processor: NISZ Nemzeti Infokommunikációs Szolgáltató Zártkörűen Működő Részvénytársaság (head office: 1149 Budapest, Róna utca 52-80.) In addition to the Controller, the data subject’s personal data will also be processed by the Processor.
3. Data subject rights related to processing
In connection with the processing of his or her personal data, the data subject has the rights of access to and rectification or erasure of such data, the right to restriction of processing, the right to data portability and the right to object.
Based on the right of access, the data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, has the right to obtain information on the purpose of processing, the recipients or categories of recipient to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored and the method of the collection of personal data. As part of the right of access, the Controller will provide a copy of the personal data undergoing processing.
The data subject has the right to obtain from the Controller at any time, without undue delay, the rectification of inaccurate personal data concerning him or her.
The data subject has the right to obtain from the Controller the erasure of personal data concerning him or her without undue delay and the Controller has the obligation to erase personal data without undue delay if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; if the data subject withdraws consent on which the processing is based, and where there is no other legal ground for the processing; if the data subject objects to the processing and there are no overriding legitimate grounds for the processing; if the personal data have been unlawfully processed; if the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the Controller is subject or the personal data have been collected in relation to the offer of information society services.
Based on the right to restriction of processing, the data subject has the right to obtain from the Controller restriction of processing. If the accuracy of the personal data is contested by the data subject, such restriction is for a period enabling the Controller to verify the accuracy of the personal data. If the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead; or if the Controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims; further if the data subject has objected to processing, such restriction will be for a period pending the verification whether the legitimate grounds of the Controller override those of the data subject.
In respect of any data processed on the basis of the data subject’s consent, the data subject has the right to data portability, including to receive the personal data concerning him or her which he or she has provided to the Controller, in a structured, commonly used and machine-readable format or to have the personal data transmitted to a third party, where technically feasible.
Based on the right to object, the data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on Article 6(1) point (e) of the GDPR. In this case, the Controller will no longer process the personal data unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
Right to effective judicial remedy. If a personal data breach concerning the data subject’s personal data has occurred as well as in the interest of the enforcement of his or her rights, the data subject may contact the Controller.
In the event of processing related to messaging, recipient of message: Cabinet Office of the Prime Minister (head office: 1014 Budapest, Színház u. 1., 1357 Budapest, Pf. 1., data protection officer: Dr Ildikó Pékó; e-mail address: adatvedelem@mk.gov.hu) or the Constitution Protection Office (head office: 1117 Budapest, Fehérvári út 70., mail address: 1391 Budapest 62. Pf.: 217., data protection officer: Dr János Boczkó, e-mail address: boczko.janos@ah.gov.hu) or the Information Office (head office: 1021 Budapest, Budakeszi út 85-87., mail address: 1539 Budapest, Pf. 600., e-mail address: info@ih.gov.hu) or the Special Service for National Security (head office: 1022 Budapest, Törökvész út 32-34., mail address: 1399 Budapest 62. Pf.: 710., data protection officer: Dr Barbara Bakos, e-mail address: adatvedelmitisztviselo@nbsz.gov.hu) or the National Information Centre (head office: 1117 Budapest, Fehérvári út 70., mail address: 1903 Budapest, Pf.: 314., data protection officer: Dr Edit Holpár, e-mail address: adatvedelem@nik.gov.hu).
In relation to any data generated during the use of the website as well as any personal data recorded during the use of the website, you may contact the Cabinet Office of the Prime Minister (head office: 1014 Budapest, Színház u. 1., mail address: 1357 Budapest, Pf. 1., data protection officer: Dr Ildikó Pékó; e-mail address: adatvedelem@mk.gov.hu).
The data subject may lodge a complaint against the Controller or processing with the National Authority for Data Protection and Freedom of Information or may bring proceedings before a court of law. Contact details of the Authority: National Authority for Data Protection and Freedom of Information (head office: 1055 Budapest, Falk Miksa u. 9-11., mail address: 1363 Budapest, Pf.: 9). In the event of the enforcement of a claim before a court of law, the tribunal with jurisdiction according to the Controller’s head office will proceed in the lawsuit (Metropolitan Tribunal, 1363 Budapest, Pf. 16 - 1055 Budapest, Markó utca 27.). Such legal proceedings may also be instituted, at the data subject’s discretion, before the tribunal with jurisdiction according to his or her place of residence (temporary residence).
The detailed statutory rules relating to the method of the enforcement of righs/claims and the Controller’s obligations are contained in the GDPR, the Information Act and Act V of 2013 on the Civil Code.
4. Cookie information
The purpose of the use of cookies is to improve and accelerate website browsing, to balance the load on servers, or to help and facilitate website browsing with automated mechanisms. Cookies are files or pieces of information which are sent by the web server reached by the visitor to the web browser of the visitor’s computer. Attributes contained in a cookie file usually include domain name, the name of the website that has sent the cookie; the cookie value which is a randomly generated individual number; and the cookie expiration, meaning the time during which the cookie remains on the online communication device. Cookies are stored in a file in the background storage of the user’s device. The web server sending the cookie can at any time access the content of the file from the browser.
Technical cookies:
Name of cookie
Domain
Type
Purpose
Range of processed personal data
Legal basis
Expiration time
NEXT_LOCALE
nemzetbiztonsag.hu
Functional cookie
Cookies essential for proper functioning of website.
Not suitable for user tracking.
Article 6(1) point e) of GDPR
100 days
CONTRAST_MODE
nemzetbiztonsag.hu
Functional cookie
Stores high-contrast setting.
Essential cookie for proper functioning of site. Not suitable for user tracking.
Article 6(1) point e) of GDPR
Until withdrawal of consent.
cc_cookie
nemzetbiztonsag.hu
Functional cookie
Stores information on cookie management (level of consent, identifier, date, date of change, etc.).
Essential cookie for proper functioning of site. Not suitable for user tracking.
Article 6(1) point e) of GDPR
6 months
PHPSESSID
nemzetbiztonsag.hu
Functional cookie
Stores session identifier.
Essential cookie for proper functioning of site. Not suitable for user tracking.
Article 6(1) point e) of GDPR
End of session
Legal basis for processing of technical cookies: Article 6(1) point e) of the GDPR and Section 9(1) point 2 of Government Decree No. 182/2022. (V.24.) on the responsibilities and powers of members of the government. Technical cookies help make the website usable by enabling basic functions such as navigation on the website and access to the safe areas of the website. The website is unable to properly function without these cookies. In connection with technical cookies, you as data subject have the right of access, the rights to rectification and erasure, the right to restriction of processing and the right to object.
Third-party cookies:
Name of cookie
Domain
Purpose
Expiration time
Other information
YSC
.youtube.com
This cookie ensures that requests made within a given session are received from the user, but not from other websites. It prevents malignant websites from taking action in the name and without the knowledge of the user.
End of session
https://cookiedatabase.org/cookie/youtube/ysc/
__Secure-YEC
.youtube.com
Serves to detect spam, fraud and misuse. Ensures that requests received from the browser originated from the user and not from other sites acting in the name and without the knowledge of the user.
13 months
https://policies.google.com/technologies/cookies?sjid=17714987562570493422-EU#types-of-cookies
AEC
.google.com
Serves to detect spam, fraud and misuse. Ensures that requests received from the browser originated from the user and not from other sites acting in the name and without the knowledge of the user.
6 months
https://policies.google.com/technologies/cookies?sjid=17714987562570493422-EU#types-of-cookies
__Secure-1PAPISID
.youtube.com, .google.com
This cookie builds a profile from the enquiry data of website visitors for Google’s targeted, personalised advertising.
2 years
https://policies.google.com/privacy
__Secure-1PSID
.youtube.com, .google.com
This cookie builds a profile from the enquiry data of website visitors for Google’s targeted, personalised advertising.
2 years
https://policies.google.com/privacy
__Secure-1PSIDCC
.youtube.com, .google.com
This cookie builds a profile from the enquiry data of website visitors for Google’s targeted, personalised advertising.
2 years
https://policies.google.com/privacy
__Secure-1PSIDTS
.youtube.com, .google.com
This cookie builds a profile from the enquiry data of website visitors for Google’s targeted, personalised advertising.
2 years
https://policies.google.com/privacy
__Secure-3PAPISID
.youtube.com, .google.com
This cookie builds a profile from the enquiry data of website visitors for Google’s targeted, personalised advertising.
2 years
https://policies.google.com/privacy
__Secure-3PSID
.youtube.com, .google.com
This cookie builds a profile from the enquiry data of website visitors for Google’s targeted, personalised advertising.
2 years
https://policies.google.com/privacy
__Secure-3PSIDCC
.youtube.com, .google.com
This cookie builds a profile from the enquiry data of website visitors for Google’s targeted, personalised advertising.
2 years
https://policies.google.com/privacy
__Secure-3PSIDTS
.youtube.com, .google.com
This cookie builds a profile from the enquiry data of website visitors for Google’s targeted, personalised advertising.
2 years
https://policies.google.com/privacy
VISITOR_INFO1_LIVE
.youtube.com
Used to analyse YouTube services, to store user settings and to display advertising.
6 months
https://cookiedatabase.org/cookie/youtube/visitor_info1_live/
DSID
.doubleclick.net
Can be used to identify logged-in users on websites not belonging to Google, enabling the system to respect the user’s personalisation settings relating to advertising.
2 weeks
https://policies.google.com/technologies/cookies?sjid=17714987562570493422-EU#types-of-cookies
__Secure-ENID
.google.com
Used in Google Search for service analysis purposes and stores user preferences and data (e.g. language, number of hits/site, etc.).
13 months
https://policies.google.com/technologies/cookies?sjid=17714987562570493422-EU#types-of-cookies
NID
.google.com
Used in Google Search for service analysis purposes and stores user preferences and data (e.g. language, number of hits/site, etc.). Also displays Google advertising in Google services for logged-out users.
6 months (after last activity)
https://policies.google.com/technologies/cookies?sjid=17714987562570493422-EU#types-of-cookies
ANID
.doubleclick.net
Used by Google DoubleClick to track website users after they click onto an advertiser’s advertisement. By doing so, it measures the effectiveness of the given advertisement and is able to display personalised advertisements to users.
13 months EU / 2 year elsewhere
https://policies.google.com/technologies/cookies?sjid=17714987562570493422-EU#types-of-cookies
IDE
.doubleclick.net
Used by Google DoubleClick to track website users after they click onto an advertiser’s advertisement. By doing so, it measures the effectiveness of the given advertisement and is able to display personalised advertisements to users.
13 months EU / 2 years elsewhere
https://policies.google.com/technologies/cookies?sjid=17714987562570493422-EU#types-of-cookies
PREF
.youtube.com
Used by YouTube to maintain and improve user experience within a given session to store information such as the site configuration of your preference and play settings (e.g. automatic play, mixed content and player size).
8 months
https://cookiedatabase.org/cookie/youtube/pref/
SID
.youtube.com
These cookies store the digitally signed and encrypted data of the identifier attached to your Google account and the latest log-in time. With the combination of these cookies, Google is able to prevent a number of attacks, including attempts to steal the contents of forms completed in Google services.
2 years
https://policies.google.com/technologies/cookies?sjid=17714987562570493422-EU#types-of-cookies
HSID
.youtube.com
These cookies store the digitally signed and encrypted data of the identifier attached to your Google account and the latest log-in time. With the combination of these cookies, Google is able to prevent a number of attacks, including attempts to steal the contents of forms completed in Google services.
2 years
https://policies.google.com/technologies/cookies?sjid=17714987562570493422-EU#types-of-cookies
SIDCC
.google.com
These cookies store the digitally signed and encrypted data of the identifier attached to your Google account and the latest log-in time. With the combination of these cookies, Google is able to prevent a number of attacks, including attempts to steal the contents of forms completed in Google services.
2 years
https://policies.google.com/technologies/cookies?sjid=17714987562570493422-EU#types-of-cookies
SSID
.youtube.com
Used by Google to store the visitor information of YouTube videos.
Until withdrawal of consent
https://policies.google.com/privacy
SEARCH_SAMESITE
.google.com
A safety cookie which prevents the processing of requests received from other sites. It provides some protection against Cross-Site Request Forgery (CSRF) attacks.
6 months
https://policies.google.com/privacy
_GRECAPTCHA
recaptcha.net
This cookie is used by Google reCAPTCHA to prevent spam and website attacks.
6 months
https://cookiedatabase.org/cookie/google-recaptcha/_grecaptcha/
CONSENT
.youtube.com
Used by Google to store visitor cookie settings.
20 years
https://cookiedatabase.org/cookie/google-ads-optimization/consent/
OTZ
.google.com
Used by Google Analytics to measure website traffic.
2 years
https://policies.google.com/privacy
ar_debug
.doubleclick.net, .google.com
Used by Google services such as DoubleClick and AdServices to analyse advertisement errors.
1 year
https://policies.google.com/privacy
APISID
.youtube.com
Used by Google for personalised, targeted advertising based on former searches and interactions.
6 months (after last activity)
https://policies.google.com/privacy
LOGIN_INFO
.youtube.com
Stores user information for playing embedded YouTube videos.
1.5 years
https://policies.google.com/privacy
VISITOR_PRIVACY_METADATA
.youtube.com
Stores the data protection settings of YouTube visitors.
6 months
https://policies.google.com/privacy
SAPISID
.youtube.com
Used by Google to store the visitor information of YouTube videos.
Until withdrawal of consent
https://policies.google.com/privacy
fr
.facebook.com
Depending on the settings of your choice, this cookie serves to display, measure and improve the relevance of advertisements.
90 days
https://www.facebook.com/privacy/policies/cookies
datr
.facebook.com
This is your browser’s individual identifier which helps to protect you from fraud, among others. This cookie also helps to identify browsers used by malignant actors and to prevent cyber-attacks.
400 days
https://www.facebook.com/privacy/policies/cookies
locale
.facebook.com
Used to store language.
7 days
https://www.facebook.com/privacy/policies/cookies
sb
.facebook.com
These cookies help to safely identify your browser.
400 days
https://www.facebook.com/privacy/policies/cookies
dbln
.facebook.com
These cookies help to safely identify your browser.
400 days
https://www.facebook.com/privacy/policies/cookies
c_user
.facebook.com
Contains your logged-in Facebook user identifier.
1 year
https://www.facebook.com/privacy/policies/cookies
xs
.facebook.com
We use these cookies to authenticate you and to keep you logged in while you navigate between different Facebook pages.
1 year
https://www.facebook.com/privacy/policies/cookies
csrf
.facebook.com
This cookie helps us to preserve the safety of your account.
End of session
https://www.facebook.com/privacy/policies/cookies
pll_payload
.facebook.com
This is a permanent cookie used by Facebook to track your preferences.
https://www.facebook.com/privacy/policies/cookies
pll_workflow_target
.facebook.com
This is a permanent cookie used by Facebook to track your workflow target.
https://www.facebook.com/privacy/policies/cookies
lu
.facebook.com
This is a permanent cookie used by Facebook to track your last update time.
https://www.facebook.com/privacy/policies/cookies
act
.facebook.com
This is a permanent cookie used by Facebook to track your activities.
90 days
https://www.facebook.com/privacy/policies/cookies
presence
.facebook.com
This cookie helps with the use of Messenger chat windows.
30 days
https://www.facebook.com/privacy/policies/cookies
wd
.facebook.com
This cookie helps to provide an optimal user experience on the screen of your device.
7 days
https://www.facebook.com/privacy/policies/cookies
dpr
.facebook.com
These cookies help to provide an optimal user experience on the screen of your device.
7 days
https://www.facebook.com/privacy/policies/cookies
spin
.facebook.com
This cookie serves to measure and to improve performance. User activity is also used for the personalisation of advertising.
1 day
https://www.facebook.com/privacy/policies/cookies
m_pixel_ratio
.facebook.com
This cookie serves to optimise advertising.
End of session
https://www.facebook.com/privacy/policies/cookies
oo
.facebook.com
This cookie serves to store your advertising settings.
400 days
https://www.facebook.com/privacy/policies/cookies
_fbp
.facebook.com
These cookies identify browsers for businesses using Meta products for the purposes of providing advertising and web analytics services.
90 days
https://www.facebook.com/privacy/policies/cookies
_fbc
.facebook.com
These cookies identify browsers for businesses using Meta products for the purposes of providing advertising and web analytics services.
90 days
https://www.facebook.com/privacy/policies/cookies
ds_user_id
instagram.com
This is a permanent cookie used by Instagram to identify your user identifier.
1 year
https://privacycenter.instagram.com/policies/cookies/
sessionid
instagram.com
This is a permanent cookie used by Instagram to maintain log-in session.
1 year
https://privacycenter.instagram.com/policies/cookies/
mid
instagram.com
This is a permanent cookie used by Instagram for marketing purposes.
10 years
https://privacycenter.instagram.com/policies/cookies/
ig_did
instagram.com
This is a permanent cookie used by Instagram to track your device.
10 years
https://privacycenter.instagram.com/policies/cookies/
ig_nrcb
instagram.com
This is a permanent cookie used by Instagram to control the load behaviour of certain elements.
11 months
https://privacycenter.instagram.com/policies/cookies/
rur
instagram.com
This is a permanent cookie used by Instagram to track your region.
1 year
https://privacycenter.instagram.com/policies/cookies/
csrftoken
instagram.com
This is a permanent cookie used by Instagram to prevent cross-site request forgery.
1 year
https://privacycenter.instagram.com/policies/cookies/
_gid
nemzetbiztonsag.hu
This is a permanent cookie used by Google Analytics 4 to distinguish one session from another.
1 day
Google Analytics cookie policy accessible https://business.safety.google/adscookies/
_gcl
nemzetbiztonsag.hu
This is a session cookie used by Google Analytics 4 to collect client agent information.
3 months
Google Analytics cookie policy accessible https://business.safety.google/adscookies/
_ga_
nemzetbiztonsag.hu
A Google Analytics cookie enabling Google to measure individual visitor numbers with a randomly generated individual identifier.
2 years
Google Analytics cookie policy accessible https://business.safety.google/adscookies/
_ga_CX78QDCJ1T
nemzetbiztonsag.hu
A Google Analytics cookie enabling Google to save session status.
2 years
Google Analytics cookie policy accessible https://business.safety.google/adscookies/
Legal basis of processing of third-party cookies: Article 6(1) point e) of the GDPR and data subject’s consent. In connection with third-party cookies, you as data subject have the right of access, the rights to rectification and erasure, the right to restriction of processing, the right to data portability and the right to the withdrawal of your consent.