Privacy Notice – LIFE TRIPL-AIR

Privacy Notice on the Processing of Personal Data in Connection with the LIFE TRIPL-AIR WebsiteBudapest Airport Ltd. (registered office: 1185 Budapest, BUD International Airport; company registration number: 01-10-044665, tax number: 12724163-4-43; hereinafter “BUD”), as the project owner and website operator (hereinafter “Project Owner/Website Operator”), hereby informs visitors (hereinafter “Data Subjects”) of the lifetriplair.eu website about the processing of personal data performed on the website in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (the “GDPR”).Visitors of the lifetriplair.eu website may provide personal information in the following ways:
- By contacting us through [email protected]
- By subscribing to the newsletter 

I. Contact

1. Data Controller

Name of the data controller

Venezian Cluster SRL (VHC) (hereinafter: “Data Controller”)

Registered offices of the data controller

Sestiere Castello 5312, Venezia 30124, Italy

Address of the data controller

Via Roma, 291, 30038 Spinea VE

Telephone number of the data controller

+39 327657735

Contact details of the data protection officer

[email protected]

Contact details

[email protected] 


The Visitor can send an email to [email protected] to request general information about the project.

2. The scope of personal data processed, legal basis, purpose and duration of processing

 

The scope of the personal data processed

  • First and last name,
  • E-mail address,
  • Telephone number,
  • Other information provided by e-mail.

The legal basis for processing

The consent of the data subject based on article 6 (1) a) of the GDPR.

The purpose of processing

Identifying the user, responding, informing and contacting the user.

The duration of data processing

The personal data are stored until consent is withdrawn, otherwise for the entire duration of the LIFE TRIPL-AIR project, and for up to 5 years after the closure of the project, if justified by the EU program’s final reporting obligations.


3. Data processor

Data processor

Registered offices

Data processing activity

Brevo (formerly Sendinblue)

17 rue Salneuve, 75017 French

Hosting service


4. Transfer of personal data

No data is transferred to third countries or international organizations by the Data Controller.

5. Storage of personal data, data security

The Data Controller is committed to data security. It will take reasonable steps, including technical and organizational measures, to keep your personal data secure (e.g. by using a firewall), taking into account the available technology and the cost of implementation.

The data generated during the website visit or use is transmitted to the Data Controller’s storage location using SSL (Secure Socket Layer) encryption, which guarantees that the data transmitted over the Internet cannot be accessed or altered by third parties. The status of the active encrypted connection is confirmed by the certificate displayed in the web browser when the website is opened.

6. Automated decision-making (including profiling)

Automated decision-making, including profiling, does not take place during processing.


II. Newsletter subscription

1. Data controller

Name of the data controller

Venezian Cluster SRL (VHC) (hereinafter: “Data Controller”)

Registered offices of the data controller

Sestiere Castello 5312, Venezia 30124, Italy

Address of the data controller

Via Roma, 291, 30038 Spinea VE

Telephone number of the data controller

+39 327657735

Contact details of the data protection officer

[email protected]

Contact details

[email protected] 


2. The scope of personal data processed, legal basis, purpose and duration of processing


The scope of the personal data processed

  • Name (if provided by the data subject),
  • E-mail address (required),
  • Date and source of subscription,
  • Newsletter interaction data (opens, clicks).

The legal basis for processing

The consent of the data subject based on article 6 (1) a) of the GDPR.

The purpose of processing

The aim of the newsletter service is to provide interested parties and partners with news, events, publications and other relevant information related to the LIFE TRIPL-AIR project.

The duration of data processing

The personal data are stored until consent is withdrawn, otherwise for the entire duration of the LIFE TRIPL-AIR project, and for up to 12 months after the closure of the project, if justified by the EU program’s final reporting obligations.All personal data, including subscriber lists, meta-information and campaign history, will then be permanently erased from Mailchimp’s system.

The data subject may request the erasure of his or her data at any time at [email protected].


Please note that you can unsubscribe from this service at any time at [email protected] or via the unsubscribe link in the newsletters.

3. Data processor

The data processor of the Data Controller providing the newsletter service is MailChimp, which processes only the personal data provided during the newsletter subscription.

Data processor

Registered office

Data processing activity

MailChimp

675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA

Newsletter subscription


4. Transfer of personal data

Mailchimp is based in the United States of America, so the personal information you provide when you sign up may be transferred outside the European Economic Area (EEA). The data transfer only takes place under conditions which comply with the appropriate safeguards as set out in article 46 (2) of the GDPR, ensuring the protection of the rights and freedoms of data subjects.The data processor is committed to complying with the EU data protection principles and has put in place technical and organizational measures to protect the personal data processed against unauthorized access, alteration, loss or disclosure. https://www.intuit.com/privacy/statement/data-privacy-certification/

5. Storage of personal data, data security

Access to the Mailchimp account is limited to designated members of the LIFE TRIPL-AIR communication team. Credentials are stored securely by the data controller and are not shared with unauthorized persons.

All operations on the platform (campaign creation, list management, erasures) are handled by the data controller in accordance with internal project procedures.

6. Automated decision-making (including profiling)

Automated decision-making, including profiling, does not take place during processing.

Deadlines for exercising data subjects’ rights in relation to data processing

Access to personal data

You may at any time request information on whether and how your personal data are processed by the Data Controller, including the purposes of the processing, the recipients to whom your data have been or will be disclosed, the source from which the Controller obtained your data, the retention period of the data, your rights in relation to the processing and, in the case of transfers to third countries or international organizations, information on the safeguards relating to the transfer.


In exercising your right of access, you also have the right to request a copy of your personal data processed. In the event of a request submitted electronically, the Data Controller provides the requested information electronically (in the form of an e-mail or pdf file), unless you request otherwise. Where your right of access adversely affects the rights and freedoms of others, the Data Controller is entitled to refuse to comply with your request to the extent necessary and proportionate. In the event that you request more than one copy of the above information, the Data Controller charges a reasonable fee proportionate to the administrative costs of producing the additional copies.


Right to the rectification of personal data

You have the right to have inaccurate personal data concerning you corrected or supplemented (e.g. in case of a change in your data) by the Data Controller. In case of doubt about the corrected data, the Data Controller may request you to provide the Data Controller with evidence of the corrected data in an appropriate manner, in particular by means of an official document. Where the personal data concerned by this right have been communicated by the Data Controller to another person, the Data Controller shall inform such recipients without undue delay after rectification of the data, provided that this is not impossible or involves a disproportionate effort. Upon request, the Data Controller provides information on the recipients of such data.


Right to the erasure of personal data, the right to be forgotten

You have the right to have your personal data erased without undue delay at your request, based on a submitted request, if one of the following grounds applies:

  • The Data Controller no longer needs the personal data for the purposes for which it was collected or otherwise processed;
  • You withdraw your previous consent and there is no other legal basis for the processing;
  • The processing is based on a legitimate interest of the Data Controller or a third party, but you object to processing and there are no overriding legitimate grounds for processing;
  • The personal data have been unlawfully processed by the Data Controller;
  • The data must be erased, in order to comply with a legal obligation under EU or member state law, which the controller is subject to;
  • Personal data are collected in connection with the provision of information society services (conditions for children’s consent).


Where the personal data concerned by this right have been communicated by the Data Controller to another person, the Data Controller shall inform such persons without undue delay after the erasure of the data, provided that this is not impossible or involves a disproportionate effort. Upon request, the Data Controller provides information on the recipients of such data.


Please note that the Data Controller is not always obliged to erase personal data, in particular where processing is necessary to comply with a legal obligation.


Right to the restriction of processing:

You have the right to request that we restrict processing if one of the following conditions is met:

  • You contest the accuracy of the personal data, in which case the restriction applies for the period of time that allows the Data Controller to verify the accuracy of the personal data;
  • The processing is unlawful, you object to the erasure of the data and instead request the restriction of their use;
  • The Data Controller no longer needs the personal data for the purposes of processing, but you require them for the establishment, exercise or defense of legal claims; or
  • You have objected to the data processing; in this case, the restriction applies for the period until it is established whether its legitimate grounds override your legitimate grounds.

If processing is restricted on the basis of the above, such personal data, with the exception of storage,

may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for important public interests of the EU or of a member state. The Data Controller will inform you in advance of the lifting of the restriction on the data processing restricted at your request.

Where the personal data concerned by this right have been communicated by the Data Controller to another person, the Data Controller shall inform such recipients without undue delay about the restriction of the data processing, provided that this is not impossible or involves a disproportionate effort. Upon request, the Data Controller provides information on the recipients of such data.


The exercising of data subjects’ rights in relation to data processing and the related deadline

In order to exercise the rights of the data subject by electronic means (including the withdrawal of the user’s consent and any complaints), the request containing the data subject’s request must be sent to [email protected].


The data controller shall comply with your request to exercise your rights within a maximum of one month of receipt. The day of receipt of the request does not count towards the deadline.


If necessary, the data controller may, taking into account the complexity of the request and the number of requests, extend this deadline by a further two months. The data controller informs you of the extension, stating the reasons for the delay, within one month of the receipt of the request.


The right to effective judicial remedy

If you have any comments or questions about the data processing, please,

If you believe that the Data Controller’s processing of your personal data does not comply with legal requirements or has violated your rights,

  • You may lodge a complaint with the Garante per la Protezione dei Dati Personali authority (address: Piazza Venezia 11, 00187 Roma, Italy; postal address: Piazza Venezia 11, 00187 Roma, Italy telephone: +39 06 69677 1; e-mail: : [email protected]; website: garanteprivacy.it) or
  • You have the choice of bringing an action for the protection of your data before the competent court in the place where the Data Controller is established or where you reside.

Dated: Budapest, 01.10.2025

We use cookies and other similar technologies to improve your browsing experience and the functionality of our site. By clicking "Accept All Cookies," you consent to the storing on your device of all the technologies described in our Cookie Policy. You can revoke your cookie attestation by clearing your browser session and clicking "Dismiss".