Focus on You

1. Introduction

The purpose of the present Privacy Policy (hereinafter: Privacy Policy) is to provide information about the processing of the personal data of natural persons who get into contact with the Sonus Foundation for the Support of New Music and Contemporary Performing Arts (address: 1085 Budapest, Stahly u. 5. I/8.; registration number: 01-01-0012638; hereinafter: Foundation) also as the owner of the website (hereinafter: website) and provider of the newsletter of the Focus on You.

The Policy was drafted pursuant to the European Union regulation on the processing of personal data (Regulation No. 2016/679 of the European Parliament and of the Council, hereinafter referred to as “GDPR”) and Hungarian law (Act CXII of 2011 on information self-determination).

2. Data controller

Name: Sonus Foundation for the Support of New Music and Contemporary Performing Arts

Address: 1085 Budapest, Stahly u. 5. I/8. Hungary

Registration number: 01-01-0012638



3. Scope of personal data, aim, legal basis and length of the data processing

3.1. Contact form

The Foundation processes the data that the Data Subject submitted via the contact form on the webpage. The processed data are the name, email address, country of residence, and the message sent to the Foundation.

The Data Subject gives consent to the data processing by checking the checkbox and thereby, accepting this Policy.

The data processing is under the same conditions if the Data Subject contacts the Foundation via email.

The personal data are deleted after the contact, except when there is further contact, in that case, the Foundation gives further information on the data processing.

3.2. Newsletter registration

The Foundation processes the email address if the Data Subject registered on the webpage for that service, accepting this Policy by checking the checkbox.

The personal data are processed until the withdrawal of the Data Subject.

4. Data Transfer

The data are processed exclusively by the founder, curator, and employees of the Foundation authorized to do so. The Foundation transfers personal data to third persons only if this is prescribed by an Act or if the data subject has credibly consented thereto.

5. Data Processors

The Rocket Science Group LLC. (512 Means St., Suite 404 Atlanta, Georgia 30318) (Mailchimp newsletter service)

6. Rights and remedies of the Data Subject in relation to the processing of personal data

Withdrawal of consent

Data Subjects shall have the right to withdraw their consent to data processing anytime during the term of data processing. Such withdrawal shall, however, not affect the legitimacy of any data processing performed with the Data Subject’s consent prior to such withdrawal.


Data Subjects shall have the right to receive feedback from the Data Controller whether their personal data is being processed and if so, then they shall have the right to access such personal data and also to be informed of the following:

– The purpose of processing of personal data;
– The categories of personal data involved;
– The addressees or categories of addressees whom personal data was or will be disclosed to, including specifically those in third countries and international organisations;
– The expected term of processing of personal data, if applicable, or if not, then the criteria of defining the length of such term;
– A reference to the Data Subject’s right to request from the Processor the correction, deletion or limitation of processing of the Data Subject’s personal data and to object to the processing of such personal data;
– A reference to the right to submit complaints to the supervisory authority;
– If such personal data was not collected from the Data Subject, then all information regarding the source of such personal data.

Access is ensured by sending the personal data via email. In the inquiry, the Data Subject should indicate whether she needs access to personal data or information about the data processing.


The Data Subject shall be entitled to request that the Processor should rectify any inaccurate personal data pertaining to the Data Subject. Depending on the purpose of data processing the Data Subject shall have the right to request by way of, among others, a supplementary declaration, the addition of missing personal data.


The Data Subject has the right to request that the Processor should limit processing the Data Subject’s personal data if any of the following requirements are met:

a) The Data Subject contests the accuracy of the personal data – in this case the limitation shall apply for a period that allows the Data Processor to check the accuracy of the personal data;
b) The processing is illegitimate and the Data Subject objects to deletion of the personal data and requests that its use is limited instead;
c) The Processor no longer needs the personal data for processing but the Data Subject requires that it is available for the purposes of submitting, enforcing or protecting legal claims; or
d) The Data Subject objected to the processing – in this case the limitation shall apply for the period until it is ascertained whether the Processor’s legitimate reasons have a priority over the legitimate reasons of the Data Subject.

In the event processing is subject to limitation then – apart from storage – affected personal data may only be processed subject to the consent of the Data Subject, for the purposes of submitting, enforcing or protecting legal claims or for the purpose of protecting other natural or legal persons’ rights or in the important interest of the public of the EU or a member state thereof.

The Processor shall notify the Data Subject upon whose request processing was limited about the lifting of the limitation of processing.


The Data Subject is entitled to request that the Processor should, without undue delay, delete personal data pertaining to the Data Subject and the Processor shall be obliged to delete, without any undue delay, the personal data pertaining to the Data Subject if any of the following reasons apply:

a) The personal data is no longer required for the purpose they were collected or otherwise processed;
b) The Data Subject withdraws their consent to the processing of their personal data and there is no other basis for processing;
c) The Data Subject objects to the processing of their data and there is no legitimate priority reason for data processing,
d) The personal data was were processed illegitimately;
e) The personal data must be deleted in order to comply with an obligation of the Processor set forth by EU or member state legal provisions.

The above provisions shall not be applied if the processing is required for one of the following purposes:

  • Exercising the right of freedom of expression and information;
  • Compliance with EU or member state legislation applicable to the Processor and requiring the processing of personal data in the interest of the public or for the purpose of carrying out duties related to the public authority of the Processor;
  • Archiving in the interest of the public, for the purposes of scientific or historical research or for statistical purposes, provided that the right to request deletion would presumably jeopardize or seriously risk such data processing;
  • Putting forward, enforcing or protecting legal claims.

Right to object

The Data Subject shall have the right to object, any time, to the processing of the Data Subject’s personal data based on the legitimate interests of the Processor. In these cases the Processor must not continue processing such personal data unless the Processor can prove that processing is necessitated by compelling and legitimate reasons that have priority over the Data Subject’s interests, rights and liberties, or that are in connection with the submission, enforcement or protection of legal claims.

Portability of personal data

The Data Subject is entitled to receive personal data provided by the Data Subject to a data processor in a structured, commonly used, machine-readable format and also to transfer such data to another data processor without being obstructed to do so by the data processor to which the Data Subject had provided such personal data, provided that:

a) The data processing is based on a consent or a contract and
b) The data processing is performed in an automated manner.

While exercising the right to data portability the Data Subject shall have the right to request the direct transfer of the personal data between the data processors (provided this is physically possible).

Legal remedies

In the event of a breach of the rules of personal data processing Data Subjects may seek legal remedy at the National Authority for Data Protection and Freedom of Information of Hungary (Nemzeti Adatvédelmi és Információszabadság Hatóság):

Name: Nemzeti Adatvédelmi és Információszabadság Hatóság
Seat: 1024 Budapest, Szilágyi Erzsébet fasor 22/C.
Mailing address: 1530 Budapest, Pf.: 5.

Data Subjects may also seek legal remedy against the Data Controller or the Data Processors employed by the Data Controller at the competent court of their domicile or residence.

7. Data security

The Data Controller take the necessary technical and organizational measures and establish the necessary procedural rules in order to ensure the security of the personal data provided or made available by the User during the entire process of data management.

8. Cookies

The Owner’s system automatically records your computer’s IP address, the starting time of the visit, and in some cases – depending on your computer’s settings – the type of browser and operating system. The recorded data cannot be linked to other personal information and is solely used for statistical purposes. Cookies enable the Website to recognize, identify, and keep track of previous visitors. These cookies assist the Website Owner in optimizing the site and tailoring its services according to your preferences.

Cookies also have the following capabilities:

  • Remember settings, so you don’t have to re-enter them when navigating to a new page.
  • Recall previously entered data, eliminating the need to retype it.
  • Analyze the website’s usage to make improvements that align with your expectations, ensuring easy access to desired information.
  • Monitor the effectiveness of advertisements.

If the Website displays various content using external web services from third-party websites, this may result in storing some cookies that the Website Owner does not control. Consequently, they have no influence over the data collected by these external websites or domains. Information about such cookies can be found in the respective service’s policy. The Owner uses cookies to deliver advertisements to you through Google and Facebook. The data processing occurs without human intervention. You have the option to delete cookies from your browser (usually in the privacy settings section). However, by disabling cookies, you acknowledge that the Website’s functionality may not be fully operational without them.

The present Privacy Policy shall enter into force on 1 August 2023.