Privacy policy

AESA Hungary’s Privacy Policy in accordance with GDPR



The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA), adopted in April 2016, and enforceable starting on 25 May 2018. The mentioned EU Directive regulates the processing of personal data regardless of whether such processing is automated or not (Personal data is: "any information relating to an identified or identifiable natural person ("data subject"); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;" (art. 4 of GDPR).

This Regulation applies to the processing of personal data wholly or partly by automated means and to the processing other than by automated means of personal data which form part of a filing system or are intended to form part of a filing system. This Regulation basically comes to establish that the Personal data should not be processed at all, except when certain conditions are met. These conditions must fall only into three categories: transparency, legitimate purpose, and proportionality.

The responsibility for compliance rests on the shoulders of the "controller" or the potential “collector of the data, meaning by controller the natural or artificial person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data.

Since AESA Hungary Ltd. is a legal entity, is a potential collector of the personal data of employees and other persons, e.g. experts, therefore AESA Hungary Ltd. is recipient of observance of that directive GDPR.

Privacy Statement

AESA Hungary Ltd. is committed to protecting the privacy of its users and for this reason has recently updated its Privacy Policy in order to comply with the new EU Regulation for General Data Protection (GDPR).

The purpose of this Privacy Statement is to define the new privacy policy with regards to the collection and use of any Personal data by AESA Hungary Ltd. through its website (as found at or through its daily operations.

This privacy policy was last modified on the 25th of May 2018 and is effective immediately. In case this statement will be amended, notifications of any modification will be posted on the website home page.


Use of Personal Data:

For the sole purpose of its activities AESA Hungary Ltd. keeps a database of experts.

  • The purpose of our database is to inform and propose to registered experts on available cooperation opportunities corresponding to their field of professional activity;
  • The information that an expert provides serves our internal purposes only; it will be used for identifying possible candidates for our offers and/or projects. The CV of the expert will not be included in any of our offers/proposals/letters of interest without prior consent of the expert;
  • Should an expert be contracted for an ongoing project or for the preparation of a tender, the CV of the expert with the information it contains will be shared among the concerned parties for the unique purpose of the mission / tender / contract.
  • Any financial data is only used for the purpose of the contracts with the relevant party or to respect Hungarian legal obligations.


  • The information provided by a person will not be transmitted to third parties unless the person previously authorise us to do so and for the unique purpose of proposing him/her for missions and/or projects;
  • Third parties in this context might include one of our Clients or one of our consortium partners and this in the unique purpose and process of bidding or implementing projects in the context of service contracts in the development cooperation sector


Data Retention:

AESA Hungary Ltd. does not keep Personal data for longer than is necessary for the purposes for which it was collected and processed.

  • Data of a person will be kept in our records as long as it is regularly updated, unless the person explicitly request the removal of the registration from our database by sending an email to
  • Deletion requests of all personal information will be processed within 30 days from the initial request;
  • Should the data in our database of experts be outdated and is older than 15 years, we will erase the record from our database. The duration of keeping outdated data will be revised with time;
  • Information on experts contracted by AESA Hungary Ltd. or its partners for an assignment will remain in our records for legal and fiscal purposes as per the Hungarian Law and for audit purposes as per the procedures of our Clients.



AESA Hungary Ltd. handles all Personal data in accordance with the terms of this Privacy Policy and the legal obligations applicable to the processing of Personal data.

  • The information a person provides is saved internally on AESA Hungary Ltd’s servers. It is protected by the same security parameters as its entire information system and is strictly by no means published on the web;
  • The website of AESA Hungary Ltd. does not collect cookies;
  • AESA Hungary Ltd. optimizes the security of the Personal data by i.a. using encryption, firewalls, password protections and limiting the access to the Personal data.
  • AESA Hungary Ltd. has adopted adequate measures to protect all the Personal data against accidental or unlawful destruction, loss, alteration, un authorized disclosure of, or access to, Personal data transmitted, stored or otherwise processed.

However, the transmission of information via the internet can never be completely secure and the provision of Personal data remains at one’s own risk at all times.

If you have the impression that your Personal data is not adequately protected or if there are indications of abuse, please write at

User rights with regard to Personal data

Experts and Individuals working in organizations have the right to:

1) access their data;

2) rectify their data;

3) have their data erased;

4) restrict the processing of their data;

5) transmit their data to another party (portability);

6) object.


To exercise any of the above-mentioned rights, an email to should be sent.