Skip to main content Scroll Top
Instagram
0
Basket
  • No products in the basket.

Privacy Policy
Audrey Leather Goods
Effective from: May 01, 2025

This Privacy Policy applies to the website and domain http://audreyleathergoods.hu/, as well as to the data collected and processed by Adrienn Tálosi, sole proprietor.

  1. PURPOSE OF THE PRIVACY POLICY

Adrienn Tálosi (hereinafter referred to as the Data Controller), operator of the website audreyleathergoods.hu (hereinafter referred to as the Website), pays special attention to the protection of personal data, compliance with applicable legal regulations, and the safe and fair handling of data.

1.1 Data Controller’s Information:

Business name: Adrienn Tálosi, sole proprietor (Audrey Leather Goods)
Business address: 8749 Zalakaros, Petőfi Street 39, Hungary
Tax number: 56215496-1-40

The Data Controller processes all personal data made available to them in full compliance with applicable Hungarian and European legislation and ethical standards. All necessary technical and organizational measures are taken to ensure the appropriate level of data security.

The Data Controller acknowledges the content of this legal notice as binding. They commit to ensuring that all data processing activities conducted in connection with their operations comply with the provisions of this Policy, the relevant national laws, and the legal acts of the European Union. The privacy policies related to data processing by Audrey Leather Goods are continuously available at https://audreyleathergoods.hu.

The Data Controller reserves the right to amend this Privacy Policy at any time. Of course, any changes will be communicated to the public in due time.

The provisions set out in this notice apply to all users of the Website without any distinction.

If you have any questions regarding this notice, please feel free to contact me at audrey@audreyleathergoods.hu and I will respond accordingly.

The Data Controller is committed to protecting the personal data of its clients and partners, and considers it especially important to respect the right to informational self-determination of its users. Personal data is treated confidentially, and every necessary security, technical, and organizational measure is taken to ensure its protection. The Data Controller outlines its data processing practices in the following sections.

1.2 This statement has been prepared based on the following applicable laws and regulations:

  • Act CXIX of 1995 on the processing of name and address data for the purposes of research and direct marketing
  • Act CVIII of 2001 on certain issues of electronic commerce services and information society services
  • Act XLVIII of 2008 on the basic requirements and certain restrictions of commercial advertising activities
  • Act CXII of 2011 on the right to informational self-determination and freedom of information
  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR)

2. Definitions of Data Protection Terms Used in This Policy

Personal Data: Any information relating to an identified or identifiable natural person (hereinafter: data subject). A person is considered identifiable if they can be identified, directly or indirectly, in particular by reference to a name, an identification number, or one or more factors specific to their physical, physiological, mental, economic, cultural, or social identity. Personal data shall retain its classification as such throughout the data processing as long as a link with the data subject can be restored.

Consent: A voluntary and explicit declaration of the data subject’s intent, based on appropriate information, by which they give their unambiguous agreement to the processing of their personal data, either entirely or for specific operations.

Objection: A statement by the data subject by which they object to the processing of their personal data and request the termination of processing or the deletion of the processed data.

Data Controller: A natural or legal person, or an entity without legal personality, who or which, alone or jointly with others, determines the purposes and means of the processing of personal data, makes and executes decisions regarding data processing (including the tools used), or has them executed by a data processor.

Data Processing: Any operation or set of operations performed on data, regardless of the method applied, including but not limited to collecting, recording, organizing, storing, modifying, using, querying, transmitting, disclosing, aligning or combining, locking, deleting, and destroying data, as well as preventing further use of the data, capturing photographs, audio or video recordings, and recording physical characteristics suitable for identifying a person (e.g., fingerprint or palm print, DNA sample, iris scan).

Data Transfer: Making data accessible to a specific third party.

Disclosure: Making data accessible to anyone.

Data Deletion: Rendering data unrecognizable in such a way that it can no longer be restored.

Data Marking: Labeling data with an identifier for the purpose of distinguishing it.

Data Locking: Labeling data with an identifier to limit its further processing either permanently or for a specified period.

Data Destruction: Complete physical destruction of the data carrier containing the data.

Data Processing (Technical): The execution of technical tasks related to data processing operations, regardless of the method or tool used for execution or the location of application, provided that the technical task is performed on the data.

Data Processor: A natural or legal person, or an entity without legal personality, who or which processes data under a contract — including contracts mandated by law — on behalf of the Data Controller.

Data Set: The entirety of data processed within a single record system.

Third Party: Any natural or legal person, or organization without legal personality, who or which is not identical with the data subject, the data controller, or the data processor.

EEA State: A member state of the European Union and any other state that is a party to the Agreement on the European Economic Area (EEA), as well as any state whose citizens are granted the same legal status as citizens of EEA member states under an international agreement concluded between the European Union and a non-EEA state.

Third Country: Any country that is not an EEA State.

Data Protection Incident: Any unlawful processing or handling of personal data, including — but not limited to — unauthorized access, alteration, transmission, disclosure, deletion, destruction, or accidental loss or damage of personal data.

  1. SCOPE OF PROCESSED PERSONAL DATA

3.1 Data Collected and Processed During Contact or Quote Requests

Processed data include, but are not limited to: name, address, phone number, email address, company name.

Method of data collection: Voluntary data provision and consent by the data subject through any form of contact, such as by phone, email, Facebook message, etc.

Purpose of data processing: The Data Controller uses the information to respond to inquiries and carry out the requested tasks. The Website can be visited without providing personal data.

Duration of data processing: In accordance with the relevant contract or agreement.

Legal background and legal basis for data processing: See section 1.2.

3.2 Data Collected and Processed During Orders and Contract Conclusion

Processed data:

  • Last name
  • First name
  • Company name
  • Billing address (postal code, city, street, house number, floor, door)
  • Shipping address (postal code, city, street, house number, floor, door)
  • Email address
  • Phone number
  • Information entered in the “comments” field

Method of data collection: Voluntary provision of data by the data subject and their consent to the processing of such data.

Purpose of data processing: To fulfill the legal, administrative, and contractual obligations of the Data Controller(s). For example: issuing and sending invoices, preparing records required for the National Tax and Customs Administration (NAV), fulfilling contractual obligations.

Duration of data processing:
Please note that if an invoice is issued during the ordering process and you later withdraw your consent for its issuance, the Data Controller is entitled to retain the personal data obtained during invoicing for 8 years in accordance with Section 6 (5)(a) of the Hungarian Act on Information Self-Determination and Freedom of Information (Infotv.).
If you cancel your order, the data related to the order will be deleted from our system upon receipt of your cancellation notice.

Legal background and legal basis for data processing: See section 1.2.

 

3.3 Data processed during invoicing

Data processed:

  • Last name
  • First name
  • Billing address (postal code, city, street, house number, floor, door)
  • Shipping address (postal code, city, street, house number, floor, door)
  • Tax number
  • Bank account number
  • Email address
  • Phone number

Method of data collection: Voluntary provision of data by the data subject and their consent to the processing of such data.

Purpose of data processing:
To issue invoices in compliance with legal regulations and to fulfill the obligation to retain accounting documents. According to Section 169 (1)-(2) of the Act on Accounting (Sztv.), business entities must retain accounting records that directly or indirectly support bookkeeping entries.

Duration of data processing:
In accordance with Section 169 (2) of the Act on Accounting, invoices must be retained for 8 years from the date of issuance.
Please note that if you withdraw your consent for invoice issuance, the Data Controller is still entitled to retain the personal data obtained during the invoicing process for 8 years, in accordance with Section 6 (5)(a) of the Hungarian Act on Information Self-Determination and Freedom of Information (Infotv.).

Legal background and legal basis for data processing:
The data processing is governed by the provisions of Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (Infotv.), and Act C of 2000 on Accounting (Sztv.).
The legal basis for processing is your consent in accordance with Section 5 (1)(a) of the Infotv., and – in the case of withdrawn consent – the fulfillment of the legal obligation imposed on the Data Controller under the Sztv., as per Section 6 (5)(a) of the Infotv.

3.4 Data processing related to product delivery

Data processed:

  • Last name
  • First name
  • Company name
  • Email address
  • Phone number
  • Shipping address (postal code, city, street, house number, floor, door)

Method of data collection:
Voluntary provision of data by the data subject and their consent to the processing of such data.

Purpose of data processing:
In the case of product delivery, the purpose of data processing is to deliver the ordered goods to you, in accordance with your request, with the assistance of postal or courier services.

Duration of data processing:
The Data Controller processes the data until the delivery of the ordered product is completed.

Legal background and legal basis for data processing:
The data processing is based on the provisions of Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (Infotv.).
The legal basis for processing is your consent in accordance with Section 5 (1)(a) of the Infotv.

3.5 Data processed during newsletter subscription:

Data processed:

  • Last name
  • First name
  • Email address

Method of data collection:
Voluntary provision of data by the data subject and their consent to the processing of such data.

Purpose of data processing:
For marketing purposes and communication with customers by the Data Controller.

Duration of data processing:
Until withdrawal of consent or until the validity of the email address.

Data processing:
Data is processed using the MailChimp newsletter sending system.

Legal background and legal basis for data processing:
The data processing is based on the provisions of Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (Infotv.).
The legal basis for processing is your consent in accordance with Section 5 (1)(a) of the Infotv.

3.6 Data collected and processed by statistical programs during website use:

The visit data of the website is measured by the Data Controllers using Google Analytics and Facebook services. During these services, web analytics information is transmitted. The transmitted data cannot identify the data subject. More information about Google’s privacy policy can be found here: https://support.google.com/analytics/answer/2700409.
The Facebook Pixel is a code that allows reporting on conversions on the website, building target audiences, and provides the site owner with detailed analytical data about visitors’ website usage. The Facebook remarketing pixel enables showing personalized offers and ads to website visitors on the Facebook platform. The Facebook remarketing list cannot be used to identify individuals. More information about Facebook Pixel can be found here: https://www.facebook.com/business/help/651294705016616

Data processed:
All data collected by Google Analytics and Facebook.

Method of data collection:
When visiting the website, a pop-up window allows the visitor to approve or block cookies used by external service providers. The default setting of the website is to not use any cookies until the visitor permits all or some of them. If approved, the external programs transmit the data as detailed above. If the visitor wishes to withdraw cookie consent later, this can be done as follows:

  1. Step: Delete cookies in the browser; help is available at:
  1. Step: Reload audreyleathergoods.hu and disable cookies in the pop-up window that appears again.

Purpose of data processing:
The data collected is used to improve websites and services, as well as to show personalized offers and advertisements to website visitors.

Duration of data processing:
Until the end of using the services.

Legal background and legal basis:
See section 1.2.

3.7 Data collected and processed during events, sweepstakes, other promotions, and advertisements

Data processed:
Data provided during the specific event, sweepstakes, promotion, or advertisement.

Method of data collection:
Voluntary provision of data by the data subject and their consent to the processing of such data.

Purpose of data processing:
Promotion of the specific event, sweepstakes, or promotion, as well as promotion of the Website.

Duration of data processing:
Until the data subject withdraws their consent to data processing.

Legal background and legal basis:
See section 1.2.

3.8 Data collected and processed based on cookies
Data processed: Details are in section 5: “Information related to the use of cookies.”
Method of data collection: Automatic, but not mandatory.
Purpose of data processing: The Data Controller uses Google Analytics and Facebook for continuous optimization of marketing communication, anonymous and market analyses; therefore, these providers also have access to the usage data. Information on Google’s cookie use: https://google.com/policies/technologies/cookies. Information on Facebook’s cookie use: https://www.facebook.com/policies/cookies/#.
Duration of data processing: The duration primarily depends on the visitor’s browser settings (see section 5: “Information related to the use of cookies”). Data is deleted in Google after 24 months and on Facebook after 6 months, except if the user makes a new visit, which restarts the duration.
Legal background and legal basis: See section 1.2.

3.9 Data collected and processed during the listing of references and request for recommendations
Data processed: Data provided by the data subject, such as name and photograph.
Method of data collection: Voluntary data provision and consent by the data subject for processing these data, and screenshot capturing for visual references.
Purpose of data processing: The Data Controller publishes selected feedback from Audrey Leather Goods customers on the Website and in marketing and sales materials. Providing data is not mandatory for cooperation, and deletion of the reference data can be requested at any time.
Duration of data processing: Until the data subject withdraws their consent for data processing.
Legal background and legal basis: See section 1.2.

3.10 Warranty administration
Data processed: Customer’s name, phone number, email address, content of the complaint
Method of data collection: Voluntary data provision and consent by the data subject for processing these data. The data processing is carried out for the purpose of handling warranty complaints. If you request warranty administration, data processing and data provision are essential.
Duration of data processing: Warranty complaints are retained for 5 years in accordance with the Consumer Protection Act.
Legal background and legal basis: According to Section 17/A (7) of Act CLV of 1997 on Consumer Protection, the complaint must be retained for 5 years [Data processing under Regulation Article 6(1)(c)].

 

3.11 Handling consumer protection complaints
Data processed: Customer’s name, phone number, email address, content of the complaint
Method of data collection: Voluntary data provision and consent by the data subject for processing these data. The data processing is carried out for the purpose of handling warranty complaints. If you request warranty administration, data processing and data provision are essential.
Duration of data processing: Warranty complaints are retained for 5 years in accordance with the Consumer Protection Act.
Legal background and legal basis: According to Section 17/A (7) of Act CLV of 1997 on Consumer Protection, the complaint must be retained for 5 years [Data processing under Regulation Article 6(1)(c)].

3.12 Other collected and processed data
If the Data Controller intends to carry out further data processing, they will provide prior information about the essential circumstances of the data processing (legal background and legal basis of the data processing, purpose of the data processing, scope of processed data, duration of the data processing).

  1. TECHNICAL DATA

The Data Controller selects and operates the IT tools used for processing personal data during the provision of the service so that the processed data:

  • is accessible to authorized persons (availability);
  • its authenticity and verification are ensured (authenticity of data processing);
  • its immutability can be verified (data integrity);
  • is protected against unauthorized access (data confidentiality).

The Data Controller protects the data with appropriate measures against unauthorized access, alteration, transmission, disclosure, deletion, or destruction, as well as accidental loss.

The Data Controller ensures the security of data processing through technical, organizational, and administrative measures that provide a level of protection appropriate to the risks related to data processing.

During data processing, the Data Controller maintains confidentiality by:

  • protecting the information so that only authorized persons have access;
  • ensuring integrity: protecting the accuracy and completeness of the information and the processing method;
  • ensuring availability: ensuring that when an authorized user needs it, they can actually access the desired information and that the related tools are available.
  1. INFORMATION ABOUT THE USE OF COOKIES

5.1 What is a cookie?
The Data Controller uses so-called cookies during the visit to the website. A cookie is a packet of information consisting of letters and numbers sent by the website to your browser with the purpose of saving certain settings, making the website easier to use, and helping to collect some relevant statistical information about visitors. Cookies do not contain personal information and are not suitable for identifying individual users. Cookies often contain a unique identifier — a secret, randomly generated number — stored by your device. Some cookies expire after closing the website, while others remain stored on your computer for a longer time.

5.2 Legal background and legal basis of cookies
The legal background of data processing is provided by Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information (Info Act), and Act CVIII of 2001 on Electronic Commerce Services and Certain Issues of Information Society Services. The legal basis of data processing is your consent in accordance with Section 5 (1) a) of the Info Act.

5.3 Types of cookies

  • Google Analytics cookie: Google Analytics is Google’s analytics tool that helps website and app owners get a more accurate picture of visitor activities. The service may use cookies to collect information and generate reports based on statistical data about website usage, without individually identifying visitors to Google. The main cookie used by Google Analytics is the “__ga” cookie. In addition to reports based on usage statistics, Google Analytics — together with some advertising cookies described earlier — can be used to show more relevant ads on Google products (e.g., Google Search) and across the web.
  • Strictly necessary cookies: These cookies are essential for using the website and enable the basic functions of the site. Without these cookies, many functions of the site will not be available to you. These types of cookies only last for the duration of the session.
  • Cookies for Improving User Experience: These cookies collect information about the user’s website usage, such as which pages are visited most frequently or what error messages are received from the website. These cookies do not collect information that can identify the visitor, meaning they work only with completely general, anonymous information. The data obtained from these cookies is used to improve the website’s performance. The lifespan of these types of cookies is limited exclusively to the session duration.
  • Session Cookies: These cookies store the visitor’s location, browser language, and payment currency. Their lifespan lasts until the browser is closed or a maximum of 2 hours.
  • Facebook Pixel (Facebook Cookie): The Facebook Pixel is a code that generates reports on conversions, allows the creation of target audiences, and provides the site owner with detailed analytics about visitor activity on the website. Using the Facebook remarketing pixel tracking code, personalized offers and advertisements can be shown to website visitors on the Facebook platform. The Facebook remarketing list is not suitable for personal identification. More information about the Facebook Pixel can be found here: https://www.facebook.com/business/help/651294705016616
  • Barion Pixel: This is a JavaScript-based tracking code placed in the webshop that monitors the activity of website visitors. The Barion Pixel installed on the website collects data such as which products visitors viewed, what they clicked on, searched for, added to the cart, and purchased. The data is transmitted to Barion’s servers by the webshop operator but is not collected, stored, or processed by the webshop operator themselves. The purpose of the basic version of the Barion Pixel is solely fraud prevention, and it is mandatory to place it at all accepting locations. Information about fraud prevention can be found in section 5.4 of the Barion Data Management Notice: https://www.barion.com/hu/adatvedelmi-tajekoztato

5.4. Use of Cookies
The HTML code of the websites operated by the Data Controller may contain links to and from independent external servers for the purpose of web analytics measurements. These measurements also include tracking conversions. The web analytics service provider does not process personal data, only data related to browsing that cannot be used to identify individuals. Currently, web analytics services are provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043) through Google Analytics, as well as by Facebook.

The Data Controller runs so-called remarketing ads through Facebook’s advertising systems. These service providers may collect or receive data from the Data Controller’s website and other internet locations using cookies, web beacons, and similar technologies. These data are used to provide measurement services and to make advertisements targeted. Such targeted ads may appear on other websites within Facebook’s and Google’s partner networks. Remarketing lists do not contain visitors’ personal data and are not suitable for personal identification.

Users can delete cookies from their own computers or disable their use entirely in their browsers. Most browsers have a “Help” function in the menu bar that provides information on:

  • how to disable cookies in the browser,
  • how to accept new cookies,
  • how to instruct the browser to set new cookies, or
  • how to disable other types of cookies.

These options depend on the browser, but typically can be found under Settings / Privacy. The cookies used on the audreyleathergoods.hu website do not harm the User’s computer and do not contain viruses. The logged data — except for the date of the last visit, which is automatically overwritten — is stored by the system for 6 months from the time of logging. More information about Google’s and Facebook’s privacy policies can be found at the following links:

If you do not accept the use of cookies, certain functions will not be available to you. More detailed information on how to delete cookies can be found at the following links:

  • Internet Explorer: https://support.microsoft.com/hu-hu/help/17442/windows-internet-explorer-delete-manage-cookies#ie=ie-11
  • Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
  • Chrome: https://support.google.com/chrome/answer/95647?hl=en
  • 6. EXTERNAL SERVICE PROVIDERS, DATA PROCESSORS
    The Data Controller processes personal data in all cases based on legal grounds or voluntary consent. In some cases, data processing may be based on other legal grounds or on Article 6 of the Regulation in the absence of consent. The Data Controller uses external service providers for its activities. These external service providers process data according to their own data management policies. The Data Controllers do not transfer data to third parties.
  • 6.1 Data Processors Necessary for Payment:
    Payment can be made in cash or by bank transfer or card payment through the Barion Payment Zrt. system.
  • Bank transfer
    Company name: Raiffeisen Bank Zrt
    Headquarters: 1133 Budapest, Váci út 116-118.
    Company registration number: Cg.: 01-10-041042
    Tax number: 10198014-4-44
    SWIFT: UBRTHUHB
    GIIN: 28CWN4.00010.ME.348
  • The Bank carries out its licensed activities based on the permits issued by the Hungarian Financial Supervisory Authority under numbers I-2061/2004., E-III/669/2008, EN-III/M-614/2009, H-EN-I/1608/2012.
  • Transferred data scope: customer’s last name, first name, bank account number, and any information entered in the note field during the transfer, including but not limited to: email address, name of the ordered service.
  • Purpose of data transfer: management of the Data Controllers’ current account, and activities related to the use of the bank account.
  • ard Payment
    Company name: Barion Payment Zrt
    Headquarters: 1117 Budapest, Irinyi József utca 4-20, 2nd floor
    Company registration number: 01-10-048-552
    Tax number: 25353192-2-43
  • Transferred data scope: bank card data necessary for card payment.
  • Purpose of data transfer: execution of the transaction made by bank card.
  • 6.2 Current List of Data Processors:
  • Hosting Service Provider
    Company name: Evolutionet Kft.
    Headquarters: 7342 Mágocs, Széchenyi utca 75.
    Company registration number: 02-09-075-023
    Tax number: 4992511-2-02
  • Scope of transferred data: Data provided and logged during the use of the website.
    Purpose of data transfer: Provision of server services, including data storage.
  • Domain Name Service Provider
    Company name: Evolutionet Kft.
    Headquarters: 7342 Mágocs, Széchenyi utca 75.
    Company registration number: 02-09-075-023
    Tax number: 4992511-2-02
  • Scope of transferred data: Data provided and logged during the use of the website.
    Purpose of data transfer: Provision of domain name services, including data storage.
  • Accountant
    Name of Data Processor: N&B Könyvelőkuckó Szolgáltató Bt.
    Data Processor Headquarters: 8749 Zalakaros, Kapitány köz 8.
    Tax number: 32069181-1-20
  • The Data Processor cooperates with the Data Controller based on a written contract regarding the bookkeeping of accounting documents. During this process, the Data Processor handles the name and address of the data subject to the extent necessary for accounting records and for the duration specified in Section 169 (2) of the Accounting Act (SZtv.). The data is deleted without delay thereafter.

Data processing activities related to goods transportation:

  • Data Processor: Packeta Hungray Ltd.
    Headquarters: 1097 Budapest, 12-14 Könyves Kálmán Blvd.
    Company registration number: 01 09 202186 

Tálosi Adrienn sole proprietorship (e.v.) has a contractual relationship with the listed service providers.
The selection of the appropriate shipping method is based on mutual agreement between the Seller and the Buyer.
The Data Processor assists in the delivery of the ordered goods. During this process, the parcel delivery service provider may handle the buyer’s name, address, email address, and phone number until the end of the calendar year following the shipment, after which these data will be deleted without delay.

  1. DATA SECURITY

The Data Controller is also the operator of the website. The Data Controller protects the data especially against unauthorized access, alteration, transmission, disclosure, deletion, or destruction, as well as against accidental loss and damage. Together with the server operators, the Data Controller ensures the security of the data through technical, organizational, and administrative measures that provide a level of protection appropriate to the risks associated with data processing.

  1. RIGHTS OF THE DATA SUBJECTS

The data subject may request information about the processing of their personal data and may request the correction of their personal data.

Except for mandatory data processing, the data subject may delete their personal data or request the deletion or blocking of their personal data through the contact details and methods specified on the website or in the services (e.g., via email), or via the Data Controller’s contact at audrey@audreyleathergoods.hu. In some cases, premature deletion of personal data may result in the loss of certain rights (e.g., bonuses). Our system does not store special categories of data, these are automatically deleted.

Upon request, the Data Controller shall provide information about the data it processes, the purpose and legal basis of the processing, the duration, the name and address (headquarters) of the data processor, the activities related to data processing, and who receives or has received the data and for what purpose.

The Data Controller is obliged to provide this information in writing, in a clear form, free of charge, within the shortest possible time, but no later than 25 days from the submission of the request. The Data Controller must correct any personal data that is inaccurate.

The Data Controller shall delete personal data if its processing is unlawful, if the data subject requests it, if the data is incomplete or incorrect and cannot be lawfully corrected—provided that the deletion is not excluded by law—if the purpose of data processing has ceased, the legally prescribed retention period has expired, or a court or data protection authority has ordered deletion.

The Data Controller shall notify the data subject and all recipients to whom the data was previously disclosed for data processing purposes about the correction or deletion. Notification can be omitted if it does not infringe the legitimate interests of the data subject given the purpose of data processing.

The data subject may object to the processing of their personal data if the processing (or transfer) is solely necessary for the assertion of the legitimate interests or rights of the Data Controller or the recipient, except where processing is required by law, or where the personal data is used or transferred for direct marketing, opinion polling, or scientific research purposes, provided that the law allows exercising this right to object.

The Data Controller is obliged to examine the objection without delay but no later than within 15 days of receipt of the request, suspending the processing simultaneously, and inform the applicant in writing of the outcome. If the objection is justified, the Data Controller must terminate the processing—including further data collection and transfer—block the data, and notify all recipients to whom the data was previously disclosed who must act to enforce the right to object.

In case of violation of their rights, the data subject may turn to the court or the data protection authority against the Data Controller.

Remedies and Complaints
You may exercise your right to legal remedy or file a complaint at the following contact details:

Name: National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság)
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.
Phone: +36 1 391 1400
Fax: +36 1 391 1410
E-mail: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu/

 

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.
Privacy Policy
You have read and agreed to our privacy policy
Required