Email This Issue Engineer Award of the Year contest Privacy Policy

Effective from: 20^th February 2025

You are reading this document because You are participating or wish to participate in the contest for the JETI Engineer Award of the Year the organized by META-INF Kft. Please note that it is very important to our Company that Your personal data is properly processed and protected and Your related rights are respected.

To achieve the above goals present privacy policy (hereinafter as: “Policy”) in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter as: “GDPR”) contains all information regarding the processing of personal data provided to us by the nominees (hereinafter as: “Nominee”) or the organization that nominates the Nominee for participation in the award contest (hereinafter as: “Contest”) organized by

Company name: META-INF Szolgáltató Korlátolt Felelősségű Társaság

Registered seat: 1192 Budapest, Taksony utca 6. fszt. 1., Hungary

Company registration number: 01-09-170431

Tax number: 13024583-2-43

Registered by: Company Registry Court of the Metropolitan Court of Budapest

Represented by: Attila Gáspár, Tibor Hegyi as managing directors individually

E-mail: info@meta-inf.hu 

Web: https://www.meta-inf.hu/hu/  

(hereinafter as: „Organizer” or „META-INF”)

as part of a separate event organized by META-INF during the term of the Atlassian Team ’25 event to be held at Anaheim, California between 8^th and 10^th April 2025 or any other person (hereinafter as: “Data Subject”) who browse our website at https://www.meta-inf.hu/en/home  (hereinafter as: “Website”) or the landing page at https://www.meta-inf.hu/partner-engineer-of-the-year-2025  (hereinafter as: “Landing Page”) through which Nominees may submit their application.

‍

1. Purpose of the Policy

The purpose of the Policy is to provide an accurate picture of why and how, and for how long, we process personal data relating to Nominees who submitted an entry to participate in the Game.

Personal data

means any information, controlled by the Organizer, relating to an identified or identifiable natural person (‘data subject’ – User as a user of the services); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing

means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

Controller

means the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data;

The controller of the Nominee’s personal data is the Organizer.

Processor

means a natural or legal person which processes personal data on behalf of the controller.

Third party

means a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

Data forwarding

Means the disclosure of personal data to specific third parties.

Data subject

Everybody who shares personal data with the Organizer through the Website or via other channels or whose personal data is processed by the Organizer otherwise. For example, the User who reads this Policy.

Consent of the data subject

means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Personal data breach

means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.

Most of the above definitions are used by the GDPR. The full text of the GDPR is available at https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=HU . The above list is not complete so should the User needs more information or explanation do not hesitate to contact the Organizer.

The Organizer would like to inform the Nominee that during the processing it does not process or request any sensitive, genetic, or biometric data.

‍

2. In which cases do we process personal data?

In accordance with the principles laid down by Article 5 Section (1) of the GDPR the personal data of the Nominee is processed in the following cases:

·            Browsing the Website / Landing Page

·            Participation in the Contest

·            Contacting

·            Newsletter subscription

·            Cookies

‍

3. What data, for what purpose and for how long do we process?

In the cases detailed above the legal ground for processing shall be the following:

• In accordance with article 6 Section (1) Point a) of the GDPR the freely given, specific, informed and unambiguous consent of the Nominee (hereinafter as: „Consent”).
• In accordance with article 6 Section (1) Point b) of the GDPR processing is necessary for the performance of a contract to which the Nominee is party (hereinafter as: „Performance of Contract”).
• In accordance with article 6 Section (1) Point c) of the GDPR processing is necessary for compliance with a legal obligation to which the controller is subject (hereinafter as: „Compliance”).
• In accordance with article 6 Section (1) Point f) of the GDPR processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (hereinafter as: „Legitimate Interest”).

With respect to that the Organizer is not able to limit the amount of personal data may be sent to the Organizer by the Nominee via any communication channel, because the Organizer has no influence on the Nominee who voluntarily provide personal data, therefore the Organizer kindly ask the Nominee to provide only the minimum information and data required by the Organizer in present Policy when contacting the Organizer in any way, and the Organizer expressly and emphatically ask the Nominee to do the best to ensure that the Organizer does not receive any data that it does not want to process.

3.1. Browsing

The Website / Landing Page may be freely visited and browsed by the Nominee / Data Subject without expressively providing any personal data to META-INF. However, when visiting the Website / Landing Page at any time, the Nominee’s / Data Subject’s computer or mobile device sends a request to the Organizer. It is like sending a letter to which the User wishes to get the content of the Website / Landing Page as an answer. The Organizer (and the Website / Landing Page) can only answer this request if the User provides his/her address. This address is the Nominee’s / Data Subject’s internet identifier address, IP address for short. The Organizer sends the requested Website / Landing Page to this IP address. This is an automatic process, by typing the domain of the Website / Landing Page to the web browser or by clicking to a link published anywhere that is directing to the Website the Nominee / Data Subject gives his/her consent to provide the IP address for this purpose and to be processed by the Organizer. To make this „correspondence” smooth the servers of the Organizer store the IP address of the Nominee / Data Subject in log files.

The identification and storing of IP addresses is necessary to protect the IT systems of the Organizer and the Website / Landing Page as well. Protection against possible malicious activities against the Website / Landing Page is partly ensured by that the Organizer is logging the operation of the Website / Landing Page and in this log, it lists the IP addresses from which requests to its servers were made. If the Organizer detects an activity from an IP address that interferes with the secure operation of the Website, these addresses will be blacklisted. Any malicious activity is prevented and resolved through legal action. If nothing unordinary occurs, the Organizer deletes the log files and the IP addresses. IP addresses stored in log files will not be used by the Organizer for any other purpose and will be automatically deleted within 90 days and we keep it only if the User has performed any prohibited activity from that IP address. These activities are either listed above or other activities that violate local, state, national or international law.

‍

{{table-1}}

‍

3.2. Participation in the Contest

‍

{{table-2}}

‍

The processing of the Nominee's first and last name and e-mail address is necessary for the participation and identification of the Nominee in the Contest and if the Nominee is selected as a winner, for the purpose of notification and to provide the winning prize to the winning Nominee. The company and the job title is necessary to identify the Nominees organization and his/her role within the organization.  

3.3. Contacting

If the Nominee / Data Subject contacts META-INF by e-mail at the address support@meta-inf.hu or any other contact email address then by sending the e-mail the Nominee / Data Subject acknowledges the processing of his/her personal data. In order to be able to fulfill the requests, certain personal data must be processed. Without these, the Organizer will not be able to complete the Nominee’s / Data Subject’s request as the Organizer would not be able to contact the Nominee / Data Subject.

‍

{{table-3}}

‍

3.4. Newsletter subscription

When submitting an application to the Contest the Nominee may subscribe to our newsletters in various topics that may be chosen by the Nominee. The Nominee may sign up for it at the META-INF vent by completing the form provided for this purpose by ticking a checkbox giving permission for us to process his/her personal data for this purpose.

Please note that META-INF is also entitled to send promotional emails including product news, events, and more as well as messages related to business development and marketing, in case the Nominee gave consent to Atlassian to receive such messages when purchasing a ticket to the Event in accordance with the related terms and conditions of Atlassian, which is available at the following link. In the latter case, also the data listed below will be processed by the Organizer.

‍

{{table-4}}

‍

4. Where and how my personal data is stored?

All personal data is stored electronically on trusted secure servers. The data we store is either on a server located within the European Union or on a server of a processor who is properly certified in relation to the processing of personal data.

The Organizer ensures the protection of data on several levels (physically, technically and organizationally), which in each case comply with industry standards.

Notwithstanding the above, the Organizer shall not be liable for any damage, destruction or unauthorized access to the data in the event of technical error, natural disaster, terrorist or criminal act.

5. How can You withdraw Your consent if the ground for processing is based on consent?

If under present Policy the legal ground of processing is the data subject's i.e., the Nominee's / Data Subject’s consent, then the Nominee / Data Subject has the right to withdraw this consent. Depending on the purpose of processing there are many ways to do it. You may withdraw Your consent given at browsing at any time, free of charge and without limitation by revisiting the Website and clicking on the pop-up window. In addition, if You do not have the possibility to withdraw Your consent this way, you may withdraw it by sending a message to privacy@meta-inf.hu or in case of newsletter subscription by clicking on the "Unsubscribe" button at the bottom of the email or by sending a letter to the Organizer's headquarters address.

Please note that the withdrawal of consent does not affect the legality of the processing prior to the withdrawal.

‍

6. What rights do You have in connection with processing Your personal data?

Request for information (right to access): You may request information about the processing of Your personal data at any time, either in person, at our registered seat address, in writing by sending a registered letter or by email to  privacy@meta-inf.hu

Pursuant to Article 15 Section (1) of the GDPR, a request may include information on the data processed, their source, purpose, legal ground, duration, name and address of any processor, processing activities and Your rights in relation to processing. In the case of data transfer, to whom and for what purpose Your data have been or will be transferred.

A request for information is considered authentic by us if You are clearly identified by it. If the request is sent by e-mail or post, only the e-mail sent from Your registered e-mail address will be considered as authentic, and we will only be able to send information to the postal address registered by us. Unless You voluntarily verify Your identity otherwise, we will not be able to send information to an e-mail address or postal address that is not registered in our records in order to protect Your privacy.

Rectification: You may at any time request the rectification, modification or amendment of Your data in the same manner described above. We can also do this only on the basis of a request from a credible source presented when submitting the request.

Restriction: You may request that we restrict the processing of our personal information in particular if:

a) You argue the accuracy of the personal data we process. In this case, the limitation refers to the period during which the accuracy of the data is checked.

b) Although the legal ground for processing does not stand for us, but You are requesting us in writing to keep them for the purpose of filing, asserting or defending any legal claim You may have

Objection: If we process Your personal data on the ground of legitimate interest, You may at any time object to the processing of Your personal data. In such cases, we will review the legality of the objection and, if it is well established, we terminate the processing of data and notify anyone to whom the personal data subject to the objection may have been previously transmitted.

Deletion (“Right to be forgotten”): You may request the deletion of Your personal data at any time for any of the reasons set out in Article 17 Section (1) of the GDPR.

We may refuse deletion if the processing of Your personal data is required by law or if it is necessary to enforce our legal claims. We will always inform You about the refusal of the request for deletion. Once it is deleted, the data cannot be recovered.

Transfer of Personal Data (Portability): You may at any time request us to transfer the data processed in connection with You in a structured, widely used, machine-readable format to You or to another controller.

We kindly ask You to not exercise the above rights improperly, but only if it has a real ground or if any of the conditions set out in the GDPR actually exist.

‍

7. To whom we transfer personal data and who has right to access them?

7.1. Amazon

The Organizer operates the Website through the servers of an external Organizer related to which the processor is:

Name: Amazon Web Services, Inc.

Registered seat: 410 Terry Avenue North, Seattle, WA 98109-5210, USA

E-mail: EU-privacy-DSR@amazon.com

Phone number: +1-206-266-1000

Represented by Eva Gehlin and Barbara Scarafia directors

European server locations: London, Frankfurt, Stockholm, Paris, Dublin (hereinafter as: “Amazon”)

Although the Organizer use the servers of Amazon located outside the territory of the European Union, namely in the United States the User’s data is still secure and protected by the provisions of the GDPR, with respect to the European Commission’s adequacy decision for EU-US data flows.

Amazon ensures the protection of data on multiple levels, physically protecting data storage servers, its infrastructure through uninterruptible power supplies and other advanced tools, limiting access to data, continuous monitoring of its system, encryption, and finally, environmentally selecting data center locations, because Amazon set up its data centers in places where it is not exposed to nature, such as seismic activity. More information about Amazon's security solutions is available at https://aws.amazon.com/compliance/data-center/data-centers/

Amazon’s general privacy policy can be reached at: https://aws.amazon.com/privacy/

7.2. Transmission of data related to the sending of newsletters, system messages and educational or marketing materials and data storage, processing of data provided on website forms

If the Nominee subscribed to our newsletter, voluntarily the Organizer will forward the Nominee’s email address to its processing partner. This processor is the Hubspot e-mail Organizer through which the Organizer sends system messages, eDMs and newsletters.

HubSpot may not use the e-mail address or other data provided for any purpose other than the performance of its task or make any personal decision about it.

Contact details of the processor:

Name: HubSpot Ireland Limited

Address: Hubspot House, 1 Sir John Rogerson's Quay, Dublin Docklands, Dublin, D02 CR67, Ireland

Registration number: IE515723

Email: privacy@hubspot.com

Phone: +353 1 5187500

Represented by: Christian Kinnear director

Contact details of the DPO: https://preferences.hubspot.com/privacy

(hereinafter referred to as “Hubspot”)

If Hubspot transfers any data outside of the European Union, for example to its parent company HubSpot Inc., (seat: 25 First Street, 2nd Floor, Cambridge, MA 02141, USA, registration number: 000955519, represented by: Brian Halligan director), the User’s email address and other data is protected in the same level as in Europe, in light of the European Commission's adequacy decision for EU-US data flows.

Hubspot’s privacy related documents may be found at the following links:

https://legal.hubspot.com/privacy-policy     

https://www.hubspot.com/data-privacy/gdpr/product-readiness    

7.3. Correspondence (e-mail)

7.3.1. Sending and receiving e-mails

The Organizer uses Google Inc.'s Gmail service to communicate via email:

Company name: Google Ireland Ltd

Registered seat: Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Registration number: 368047

Represented by: Elizabeth Margaret Cunningham director

Phone: +353 1 436 1000

Data center: Dublin, Ireland

(hereinafter as: “Google”)

Google processes EU related data within the territory of the European Union through its servers located in Dublin, Ireland. Google may not access, modify, delete, use, or otherwise manipulate user related data stored on the server provided by Google. If, for any reason, Google processes personal data outside the European Union, it will provide adequate protection in accordance with the provisions of the GDPR as a result of being subject to the SCC code of conduct. Learn more at https://policies.google.com/privacy/frameworks  

Google provides the protection of data on multiple levels, such as physically protecting data storage servers, which are secured and supervised by security guards and technicians, it restricts access to server rooms by its employees and by providing uninterruptible power supply and other state-of-the-art infrastructure, restricting access to data, continuously monitoring its system, encryption, and firewall protection. The Google Privacy Policy is available at https://policies.google.com/privacy

7.3.2. Tracking the receipt of e-mails

If under the provisions of present Policy, the Organizer tracks the delivery of messages, it uses the services of an external Organizer called Mailtrack as a data processor, the contact details of which are as follows:

Company name: The Mail Track Company S.L.

Registered seat: Calle Córcega, número 301, ático 2a, 08008 Barcelona, Spain

Registration number: B66095670

E-mail: privacy@mailtrack.io 

Phoner: +1 678 999 0141

Represented by: Eduardo Manchón director

Web: https://mailtrack.io/en/

(hereinafter as: “Mailtrack”)

Mailtrack is a data processor residing within the European Union, in Spain, therefore it shall comply with the provisions of the GDPR.

More information on Mailtrack’s data processing is available at: https://mailtrack.io/en/privacy

7.4. YouTube

The Organizer may upload images and videos featuring the Nominee's image and likeness and promoting its activities to the YouTube video sharing platform. YouTube is operated by Google, so the provisions of Section VII.3.1 shall apply accordingly.

7.5. In connection with the Website

The Organizer operates the Website through the servers of an external Organizer related to which the processor is:

Name: Linode LLC 

Registered seat: 329 E. Jimmie Leeds Road, Suite A08205 Galloway. New Jersey, USA 

E-mail: support@linode.com

Phone number: +1-609-380-7100

Represented by Christopher Aker director

Main server location: Linode Frankfurt DataCenter

(hereinafter as: “Linode”) 

Linode is a US limited liability company. Linode stores data on its servers located in Frankfurt within the European Union. The data is backed up daily by Linode, also on servers in Frankfurt.

Linode protects the Visitor’s data on multiple levels, including maintaining servers in a secluded location that is monitored 24 hours a day, 365 days a year by security guards and technicians, restricting access to server rooms by its employees, protecting servers against power outages with uninterruptible power supplies, servers are also protected by firewalls, and encryption is used in the event of data transfer from servers. Linode also has several international certificates of compliance. More information about Linode's security mechanisms is available at https://www.linode.com/security .

For information about Linode’s GDPR compliance visit https://www.linode.com/legal-dpa/

Linode's Privacy Policy is available at https://www.linode.com/privacy

‍

8. What third-party social media plug-ins may be found on our Website?

To receive feedback on the contents we share on the Website and to share them we use social media sites meaning we use the services (plugins) of third-party providers. The plugins are only active when You specifically click on the button to allow them to contact social media sites. The plugins of the following two social media sites can be found on our website: Facebook, Twitter, LinkedIn, Meetup, YouTube

If You are logged in to any of these sites it may occur that Your visit on the site will be attached to Your personal profile. If you click on the specific button, your browser will forward the relevant information directly to that social media site and store them there.

Information about the scope and purpose of the data collected, further processing of Your data and use of Your data by the social media provider, and Your rights regarding personal data can be found in privacy statements of the social media providers, which are available at:

Facebook: https://www.facebook.com/policy.php

Twitter: https://twitter.com/en/privacy   

LinkedIn: https://www.linkedin.com/legal/privacy-policy

Meetup: https://www.meetup.com/privacy/

YouTube: https://policies.google.com/privacy

9. To whom and in what cases are the Organizer is obliged to disclose personal data?

The Organizer may be requested to disclose personal data it processes to authorities in response to legal requests, like search warrants, court orders, production orders or subpoenas. These requests come from third parties such as civil litigants, law enforcement and other government authorities. The Organizer discloses data in accordance with applicable law, the Organizer cannot be held liable for any such transfer or any resulting consequences. The Organizer will always inform the User about the transfer if it is not prohibited by law or by the requester authority.

‍

10. What are the responsibilities regarding the personal data the User provides?

When the User provides to the Organizer personal data, the User is responsible for ensuring that the information and contributions are true and correct.

The Organizer asks the User to provide third-party data only if specifically authorized to do so by the third party. The Organizer assumes no liability for any resulting claims.

If a third-party object the processing of personal data by credibly verifying its identity, the Organizer will immediately delete third-party data without notifying. The User is requested to only provide third-party personal data only if the User has informed the third party of the availability of this Policy.

‍

11. Management of Personal data breach

Personal data breach – except that is unlikely to result in a risk to the effected person – may occur will be reported to the supervisory authority within 72 hours from becoming known to us in accordance with the law, and we will also maintain records of any breach that may occur. In the cases specified by law, we also inform users concerned.

‍

12. Data Protection Officer (DPO)

Pursuant to Article 37 of the GDPR appointment of a DPO is mandatory if:

a) the processing is carried out by a public authority or body, except for courts acting in their judicial capacity.

b) the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale; or

c) the core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant to Article 9 and personal data relating to criminal convictions and offences referred to in Article 10.

With respect to that the Organizer is not subject to any of the clauses above and because there is no other compelling reason to appoint a DPO we are not appointing anyone for this position.

‍

13. Amendment of the Privacy Policy

If the scope of the processed data, the legal ground of the processing or other circumstances change, this Policy will be amended and published in accordance with the provisions of the GDPR and the User will be notified of such change given that the changes will become effective from the following day of publication, through our Website. Please be sure to read the Policy changes carefully as they contain important information about the processing of the personal data.

‍

14. To whom the User can turn to for information regarding the User’s personal data or to exercise the rights?

If the User has any questions, please contact us by email privacy@meta-inf.hu, phone +36 30 515 4464 or at 1117 Budapest, Irinyi József utca 4-20. B. ép. 3. em., Hungary

The User is entitled to exercise the rights related to the processing of personal data against the Organizer as controller. If the User wish to exercise such rights, the User must first notify the Organizer.

If the User feels that the rights have been violated, the User can complain to the National Authority for Privacy and Freedom of Information:

Name: National Authority for Privacy and Freedom of Information

Address: 1055 Budapest, Falk Miksa utca 9-11., Hungary

Mailing address: 1363 Budapest, PO box: 9., Hungary

Phone: +36 1 391 1400

E-mail: ugyfelszolgalat@naih.hu

Website: http://www.naih.hu

In the event of a dispute arising out of or in connection with this the present Privacy Policy, its breach, validity or interpretation, the User may bring the dispute to the competent court under Act CXXX of 2016 on the Code of Civil Procedure (Code of Civil Procedure):

Name: Fővárosi Törvényszék (Metropolitan Court of Budapest)

Address: 1055 Budapest, Markó u. 27., Hungary
Mailing address: 1363 Bp. Pf. 16., Hungary
Phone: +36 1 354 6000
E-mail: ft.elnokseg@birosag.hu
Website: https://fovarositorvenyszek.birosag.hu/  

‍