Which data will be reported on you by hotels exactly?

/in /by

What specific kind of data will hotels present about you?

In the near future, reporting obligations of accommodation providers will increase. It is advised to prepare for this change in advance because the non-compliance with reporting obligations may result in fine or temporary closure, furthermore repeated violations of these obligations may trigger permanent closure as well. An expert of Kapolyi Law Firm presents the relevant new regulations below.

Reporting obligations before the new regulations:

The obligation of providing data is not unknown to service providers operating in this sector, as according to the rules applicable until the end of 2018, certain data had to be transmitted monthly to the Hungarian Central Statistical Office (KSH). The transmitted data concerned information on the number of guests, capacity, revenue and employees. In addition, the so-called “other accommodation providers” had an additional obligation to provide data to the notaries on an annual basis, on the number of guests and number of the spent nights separately in case of residents and non-residents of Hungary.

Who are subject of the new regulations?

„First and foremost, it is worth to clarify who an accommodation provider is” – says dr. Marta Gecsényi, lawyer of Kapolyi Law Firm. According to the regulations in force, an accommodation provider is any person or organization who provides non-permanent accommodation and directly related services for business purposes. As a consequence, the persons operating hotel, guesthouse or camping and even the Airbnb service providers are considered to be accommodation providers.

“We draw attention to the fact that previously applicable sanctions still apply in the event of non-compliance with the new reporting obligations. Thus, in the event of repeated non-compliance with the above obligations, the Hungarian Tourism Agency shall initiate official control of the competent notary responsible for the supervision of the concerned accommodation provider” – reminds the expert. The applicable legal consequences according to statutory or regulatory requirements regarding accommodation include the imposition of fines and the decision on temporary closure of the accommodation. The most severe sanction may be applied if the notary notices that the accommodation provider has not remedied the violation of the regulations or he has repeatedly conducted unlawful behavior within a year. In case of the latter the notary may even order the closure of the accommodation.

What does the accommodation provider has to do?

The first step to comply with the regulations is to register electronically at the National Tourism Data Supply Centre. After the registration the data providing can be fulfilled via the so-called “accommodation management software”. It is the responsibility of the accommodation provider to acquire the accommodation management software; however, the accommodation providers providing maximum eight rooms and 16 beds per accommodation can use this software free of charge. After registration the data providing shall be performed on a daily and monthly basis in accordance with the relevant regulations.

“Compliance with data protection rules must also be considered. In order to protect the rights of data subjects, it will be necessary to review and supplement the privacy policy and data protection descriptions of the accommodation providers with regard to the implementation of the new type of data processing” – adds the expert of Kapolyi Law Firm.

While the scope of the information to be provided is not defined in the recent regulations, from 1 January 2020 the obligation of data storage and reporting will include personal data such as name, place and date of birth, details of identity documents and date of accommodation usage. These data will be processed by the accommodation provider for a period of one year from the date of registration, and only the accommodation provider and any person or body authorized by law shall have the right to know them. Another new regulation on data processing is that during the period indicated above, the police may search in the accommodation provider’s register for the person they are seeking and then it may request access to data as well.

In case of an already operating accommodation, depending on the type of the accommodation, a preparation time was ensured to comply with the new regulations. The already operating accommodation had to register between 1 and 30 June 2019. Guesthouse service providers were required to register during September 2019, while hostel, holiday home and other accommodation providers are required to register during December 2019.

In order to fully meet the legal requirements, the information about the parameters of the software may be found on the website of Hungarian Tourism Agency. The obligation for hotels to provide the required data started on 1 July 2019.

Expectable amendment of the Act on the Labour Code due to data protection

/in /by

It could be read and heard in the media that in the future the usage of IT devices provided by the employer for work purposes is going to be prohibited for private use following the amendment of the Hungarian Labour Code (Mt.). However, the proposed amendment is not limited to the employer’s control of the use of IT equipment. In mid-March the Parliament will consider a proposed legislation which will amend or supplement the provisions of Mt. concerning data processing. Dr. Mónika Kapetz, lawyer of Kapolyi Law Firm provides a brief summary about the most important things on this matter.

In legal areas covered by GDPR (General Data Protection Regulation), the provisions of GDPR concerning data processing have direct effect and became directly applicable in Hungarian law. However, in order to ensure the necessary legal coherence for the application and enforcement of GDPR, it became necessary for the Hungarian Parliament to adopt amending statutory provisions affecting certain sectorial laws.

The employee’s individual rights

The protection of individual rights in labor law is considered to be as priority, particularly because of the subordinate nature of the employment relationship. The protection of individual rights is not absolute. In order to operate properly, the employer shall take certain actions and create internal regulations that may concern some segment of the employee’s individual rights. These include a part of the control measures, the handling of employee data or even ordering tasks from the employee other than specified in the contract. Mt. lays down two important conditions in connection with the employer’s procedure in order to protect the individual rights. This procedure shall be solely and directly related to the proper operation of the employer, and the proper operation of the employer must also be strictly interpreted. The employer may only decide to initiate the procedure if it is strictly necessary, ie. objectively necessary. In addition, Mt. sets out the general requirement of proportionality.

“However, if the amendment will pass, the employer must also inform the employee in advance, in writing, about the circumstances justifying the necessity and proportionality of the limitation. It will give an opportunity to the employee to check the compliance with Mt.’s requirements and the lawfulness of the procedure and to take effective actions protecting his individual rights in case of a breach.” – said dr. Mónika Kapetz.

The new data processing requirements will be defined in a new subchapter of Mt., namely under “Data processing”. The amendment makes it clear, not only the employer but both the work council and trade union are entitled to request a statement or disclosure of data in order to exercise their rights or fulfill their obligations under Mt., furthermore they may request the disclosure of documents as well.

The amendment also makes it clear that the employer may manage health data generated during the occupational medical examination. About this kind of data processing the employee needs to be informed in writing.

Biometric Data Processing

The amendment makes it possible as well that in certain cases the employer may also process the employee’s biometric data in accordance with the requirements of enhanced protection of biometric data. This shall be done only to prevent unauthorized access to a thing or data in case the unlawful access would threat the life, physical safety, health, or any other interest of the employee or others protected by law. Mt. will contain an exemplary list about the values protected by law in case of which the processing of biometrics will be permitted. These such highly protected values could be the protection of classified information at confidential level, custody of firearms, ammunition, explosives, safe storage of toxic or dangerous chemicals, biological and nuclear materials and protection of property of qualified, at least particularly high value under the Criminal Code ie the protection of property worth over fifty million HUF. In accordance with the principle of accountability set out in the Regulation, the employer has to prove that the requirements of the processing of biometric data are met.

What about the certificate of criminal record?

Obtaining the certificate of criminal record by the employer was usually a difficult demand. After the amendment, Mt. will regulate those cases when the certificate might be lawfully processed. Employee’s criminal records may be processed for the purpose of investigating whether the employment of an employee or a candidate in the given job is restricted or excluded by law or by the employer. Limiting or excluding condition may be imposed by the employer if the employment of the person concerned in the given job would result in danger of damaging the employer’s significant financial interests, legally protected secrets, firearms, ammunition, explosives, toxic or dangerous chemical, biological materials or nuclear materials.

The control – usage of IT equipment

The rules on data processing arising from employer’s control powers will also be amended. Within the framework of the amendment will come into effect a rule which entitles the employee to use an information technology, computer tool or system (collectively a computer tool) provided by his employer for the sole purpose of performing his employment, unless otherwise agreed between the employer and the employee. It practically means that the focus of the regulations has been shifted from the exclusion of privacy control to prohibiting private use.

“During the inspection the employer is entitled to check the data stored on the computer tool until he can decide whether or not the data is private. The data required to verify compliance with the above limitation shall be qualified as employment related data. The same apply if the employee uses his own IT device to carry out his tasks as it is agreed between the Parties,” – the lawyer recalls.

In cases where GDPR provides the possibility of collective regulations, regulations of collective agreements may only cover issues not regulated by labor law, since collective agreements may not deviate from the provisions of Mt described above.

 

Hungary is Back on the Local and International Investment Map

/in /by

Thanks to our Real Estate team’s expertise, it is a great privilege that the editorial team of CEE Legal Matters magazine entrusted dr. Zita ORBÁN, Senior Lawyer and Head of Real Estate at Kapolyi Law Firm to talk to CEE Legal Matters about the present state of commercial, industrial, tourism and residential property markets in Hungary. The article was first published in  CEE Legal Matters  in February.

http://www.ceelegalmatters.com/index.php/hungary/6268-real-estate-hungary-is-on-track-sic-itur-ad-astra