Law: Act CXII of 2011 on the Right to Informational Self-determination and on the Freedom of Information, as amended by Act XXXVIII of 2018 (to implement the GDPR) ('the Act') and the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR')
Regulator: National Authority for Data Protection and Freedom of Information ('NAIH')
Summary: The Act was amended in 2018 to implement the GDPR in Hungary and is enforced by NAIH. NAIH is an active regulator that regularly publishes decisions, orders, and notices on data protection. NAIH has also issued several fines for violations of data subjects rights, and delayed breach notifications. The Hungarian Parliament has begun to harmonise sectoral laws with the GDPR, in particular focusing on employment, and direct marketing. Other specific jurisdictional issues are expected to be discussed in the upcoming amendment of sectoral laws.