INFORMATION NOTICE - ON THE USE OF CAMERA SURVEILLANCE SYSTEMS

1. Name of the Data Controller (the operator of the camera system):

2. We inform you that our company, as the data controller, uses an electronic surveillance system in the room marked by this sign for the purpose of protecting human life, physical integrity, personal freedom, business secrets, and property. This system allows for direct observation as well as image recording and storage. The camera also records your behavior.

3. The legal basis for this data processing: the consent of the data subject.

4. Information for visitors and guests: Images of third parties (clients, visitors, guests) entering the monitored area can be taken and processed with their consent. Consent can also be implied. Implied consent is particularly applicable if an individual enters the monitored area despite this notice. The purpose of this data processing is detailed in point 2, and the legal basis is the consent of the data subject.

5. Storage duration: Recorded footage can be kept for a maximum of 3 (three) working days if not used. Use is defined as the utilization of recorded footage or other personal data as evidence in court or other official proceedings.

6. Storage location: The data controller's registered office / site.

7. Authorized persons for viewing the recordings: Apart from those authorized by law, the system operator, the data controller’s manager and deputy, and the workplace manager of the monitored area are authorized to view the data recorded by the electronic surveillance system for the purposes of investigating violations and monitoring the system’s operation.

8. Data Security Measures: 

a) The monitor used for viewing and reviewing images must be positioned so that, while displaying the footage, it cannot be seen by individuals outside the authorized access circle.

b) Observation and review of stored footage may only be conducted to detect unlawful activities and to initiate necessary measures to address them.

c) Recording images transmitted by the cameras with any device other than the central recording unit is not permitted.

d) The storage media for recordings must be kept in a secure location.

e) Access to stored footage must be granted in a secure manner, and the identity of the data controller must be identifiable.

f) The review of stored footage and the creation of backups from the footage must be documented.

g) If the reason for access ceases, access to the stored footage must be promptly terminated.

h) The operating system and recorded footage run from a separate hard drive within the recording device. No separate security backups of the footage are made.

i) Following the detection of unlawful activity, immediate action must be taken to store the footage of the incident and initiate any necessary legal proceedings. The authorities must also be informed that footage of the incident has been recorded.

9. Information on the Data Subject’s Rights and Enforcement

Anyone whose rights or legitimate interests are affected by the recording of footage can request, within three working days from the recording of the footage, that the data controller does not destroy or delete the data, provided they can prove their rights or legitimate interests.

Detailed information about the data subject’s rights is provided in our Data Protection Information Notice, which is available at the company’s customer service areas.

The data subject has the right to information, communication, and assistance in exercising their rights. They may file a complaint with the supervisory authority and are entitled to effective judicial remedy against the data controller or processor.

The data controller must facilitate the exercise of the data subject’s rights. The data controller will inform the data subject of the actions taken in response to their request for the exercise of their rights without undue delay, and in any case, within one month from the receipt of the request. If the data controller does not take action in response to the data subject’s request, they will inform the data subject without undue delay, and no later than one month from the receipt of the request, of the reasons for not taking action, and inform them of their right to file a complaint with a supervisory authority and to seek judicial remedy.

The data controller provides information and notifications about the data subject’s rights free of charge; however, a fee may be charged in cases specified by law.