Hungary
| OVERVIEW | Hungary has an active Data Protection Commissioner. Hungary, along with Germany, have mandated that companies of a certain size employ a Data Protection Officer. |
| ENACTED | 1992 |
| GENERAL PRIVACY LAWS |
Act LXIII of 1992 on the Protection of Personal Data and Public Access to Data of Public Interest (the Personal Data Protection Act) There are also numerous sector-specific laws regulating the protection and privacy of data. On July 26, 2000, the European Commission decided that Hungarian law provided an adequate level of protection of personal data. Article 59 of the Hungarian constitution reads as follows: “(1) In the Republic of Hungary, everyone is entitled to the protection of his or her reputation and to privacy of the home, of personal effects, particulars, papers, records and data, and to the privacy of personal affairs and secrets. |
| PERSONAL DATA PROTECTION LAWS AND REGULATIONS |
Act LXIII of 1992 on the Protection of Personal Data and the Disclosure of Data of Public Interest, personal data may not be processed except upon the consent of the data subject or as allowed by law. Article 8 et seq. of the Personal Data Protection Act. Article 30 et seq. provides exceptions from the registration requirement. |
| TYPE OF DATA PROTECTED | Personal Data. |
| WORKPLACE PRIVACY LAWS |
Opinion of the Data Commissioner in 2001 No specific legislation on workplace privacy. The Hungarian Data Protection Office sets forth guidance for monitoring at work in its 2001 statement entitled “The employer needs the employee’s consent to inspect his electronic correspondence at the email address at the workplace.” According to the Data Protection Office, a distinction must be made between “email addresses given to employees for their personal use which may contain a fragment or the entirety of their names, and email addresses for managing the company’s affairs that are not tied to individual employees.” The employer is entitled to inspect the latter type of emails even if the employee has been provided with notice but decides to use it for personal purposes. With respect to the email addresses for employees’ personal use, the employer cannot examine, withhold or destroy the emails unless he has secured the employee’s consent |
| TRANSBORDER TRANSFERS |
The Data Protection Act contains restrictions on the transfer of personal data to third countries outside of the European Economic Area (EEA). Personal data can be transferred to another country only if that country ensures the level of data protection that corresponds to the level of data protection in Hungary. Article 9 et seq. of the Personal Data Protection Act complies with the requirements of the EU Data Protection Directive. |
| FINES AND SANCTIONS | Civil fines, imprisonment and payment of damages. |
| OTHER PRIVACY LAWS AND REGULATIONS |
Protection of Personal Data Act. Specific spam law: Art. 14, Act CVIII of 2001 on Electronic Commerce. According to 2001/CVIII. Act On E-Commerce and Information Society Related Services (in force since the first quarter of 2002), anyone advertising by email must have the recipient's prior consent. Act XX of 1949 the Constitution of the Republic of Hungary Act LXIII of 1992 on the Protection of Personal Data and Public Access to Data of Public Interest Act IV of 1978 on the Criminal Code Act XLVII of 1997 on the Handling of Medical and Other Related Data Act LXVI of 1992 on the Name and Address Records of Citizens (“the Records Act”) Act LXV of 1995 on State Secret and Service Secret Act LXVI of 1995 on Public Records, Public Archives, and the Protection of Private Archives Act XC of 2005 on the Freedom of Information by Electronic Means |
