Privacy Policy

The Julia’s Doll House Association (head office: 14 Temető Street, 8500 Pápa; tax number: 19327372-1-19; hereinafter “the Association”) applies the following data and information security rules during its operation.

The aim of the Association is to ensure the confidentiality, integrity and availability of personal data managed by the Association by applying privacy policy.

The Association applies the following actions to ensure the security of personal data contained in paper documents:

  1. the documents and the personal data contained in them can only be accessed by the employees of the Association who are entitled to them by nature of their job, acting in their duties, for the purpose and to the extent necessary for that, they cannot be accessed by others, they cannot be transferred to others, they cannot be made public;
  2. it places both the documents in active management and the archived ones in a well-locked, dry room equipped with fire protection and private security equipment;
  3. during the day, the employee of the Association performing data management may only leave the premises where document or data management takes place by locking away the data carriers entrusted to them or by closing the office;
  4. the employee of the Association performing data management locks away the paper data carrier after completing the work;
  5. if the personal data managed on paper are digitized, the Association applies the security rules applicable to digitally stored documents.

The Association applies the following measures to ensure the security of personal data stored on desktop workstations, electronic data carriers, and the Association’s network:

  1. the devices used during data management (desktop workstations, electronic data carriers) are the exclusive property of the Association, or the Association has the same rights over them as ownership;
  2. the data stored on the workstations can only be accessed with a valid, personal, identifiable authorization – at least with a username and password – the Association ensures that passwords are changed regularly (no more than every 30 days) or in justified cases (for example, after a privacy policy or information security incident);
  3. all events relating to electronic data are logged in a traceable manner;
  4. the data stored on the network server machine (hereinafter: „Server”), as well as the Server itself, can only be accessed by persons with appropriate authority and only those designated for that purpose;
  5. if the purpose of data management has been achieved, the legal basis for data management has ceased or the deadline for data management has expired, the Association will irretrievably delete the file containing the data, in such a way that the deleted data cannot be recovered from it;
  6. in order to ensure the security of data stored on the network, data stored on the Server is backed up at specified intervals;
  7. continuously takes care of anti-virus protection on the network handling personal data;
  8. applies available computer devices to prevent unauthorized persons from accessing the network