Hungarian legislators have made moderate use of the so-called ‘opening clauses’ of the GDPR. However, the amended Hungarian Data Protection Act 2011 (Info Act) regulates various areas that companies should be aware of whilst managing their data protection. Amongst other areas, the Info Act provides for derogating provisions in the sectoral legislation for labour, health and security. Furthermore, it specifies the legal title of data processing based on legal obligation and in the public interest, amends the principle of fairness via a specific case, regulates the data-processing activities of criminal convictions and offences; as well as the data protection rights of deceased people and amends the obligation of confidentiality of the Data Protection Officer.
In the following, you will find the additions and derogations from the GDPR on the most important topics of personal data protection that companies need to know. If topics are not linked, there are no derogating or specifying provisions in the national data-protection law.
- Specific data protection law and official guidelines
- Material and territorial scope
- Definitions
- Legal principles
- Legal basis
- Sensitive data
- Information requirements (no regulations deviating from the GDPR)
- E-marketing (new regulation by ePrivacy Regulation remains to be seen)
- Cookies
- Automated decision-making (no regulations deviating from the GDPR)
- Rights of data subjects
- Processing on behalf of a controller (no regulations deviating from the GDPR)
- Records of processing activities (no regulations deviating from the GDPR)
- Data security
- Data breaches
- Data protection impact assessment (DPIA)
- Data protection officer
- Certification (no regulations deviating from the GDPR)
- Data transfer (no regulations deviating from the GDPR)
- Supervisory authorities
- Sanctions and penalties
- Data protection for employees
- Archiving, scientific and historical research
