(hereinafter referred to as "Directive")
Effective: from 28 September 2022 until revoked or amended
1. Description of the Data Controller, responsibility for compliance with data processing rules
1.1. The Data Controller / Who processes my data?
1.2. Quality of data controller
1.3. Contact details of the controller / Where can I reach the controller?
1.4. Hosting provider / Who is your hosting provider?
2. General provisions
2.1. Purpose, content and related provisions of the Prospectus
2.2. Concepts
2.3. Rights of the Data Subject / What are my rights during processing?
2.3.1 Right to information and access
2.3.2. Right to rectification and completion
2.3.3. Right to restriction
2.3.4. Withdrawal of consent, right to object
2.3.5. Right to erasure
2.3.6. Right to data portability
2.3.7. Remedies / Where can I complain if my rights have been infringed?
2.3.8. Exercise of rights
3. Certain processing by the Controller
3.1.Data processing in relation to the website and user account / What data is processed when using the website and for how long?
3.2. Contact / What data are processed and for how long in the course of the relationship with the Data Controller?
3.3. Data processing in connection with the newsletter (direct marketing) / What data is processed and for how long in connection with the sending of newsletters?
3.4. Data processing related to the use of the Website, data processing by external service providers / Who else can see my data?
Pinkhello Korlátolt Felelősségű Társaság (hereinafter referred to as "Controller") operates the pinkhello.com and pinkhello.hu websites (hereinafter referred to as "Websites").
With respect to customers using the services of the Website, using the Website and contacting the Data Controller, except as set out above, Pinkhello Ltd. is the data controller (hereinafter referred to as "Respondent" or "Respondents").
Pinkhello Korlátolt Felelősségű Társaság
place of work: 1149 Budapest, Vezér utca 149/F 1. em. 17.
cégjegyzékszám: 01-09-399777
address: 27833425-2-42
phone number: +61 491 161 572
e-mail address: [email protected]
Heroku Inc.,
1 Market St. Suite 300, San Francisco, CA 94105
The purpose of this Notice is to provide appropriate information on the processing of data in relation to the services provided by the Data Controller and to inform Data Subjects of their rights in relation to processing and how they can exercise them.
This Notice contains detailed information on the processing of data in connection with the services provided by the Data Controller, registration on the Website and use of the Website.
This Guide is designed to comply with:
- Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter "the Regulation"), and
- Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information;
- and other relevant legislation, regulations and recommendations.
Please note that by using the Website, registering on the Website and using our services, you consent to the processing of your Personal Data as described in this Notice.
The use of the Website and the use of the Services, i.e. the submission of Personal Data by individuals, is voluntary.
Throughout the Guide, we use a number of capitalised terms for ease of reference.
"Personal Data", "Controller", "Joint Controller", "Data Processor" shall have the meaning given to them in the General Data Protection Regulation. In addition, the following words and expressions have the following meanings:
General Data Protection Regulation / Regulation / GDPR
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC;
Contact
The following persons are considered as data subjects:
- A person who registers on the Website (with a user account;
- the person who uses the Website or the Website/Controller's service;
- the person contacting the Data Controller;
Authority
National Authority for Data Protection and Freedom of Information (address: 1055 Budapest, Falk Miksa u. 9.; phone: +36-1-391-1400; e-mail: [email protected]);
Infotv.
Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information;
Website
https://www.pinkhello.com/ ; https://www.pinkhello.hu
Partner
A person contracted by the Data Controller to offer offers/discounts/other opportunities to users.
The Data Controller attaches the utmost importance to ensuring that the rights of Data Subjects with regard to data processing are adequately protected at all times when processing Personal Data of natural persons. In this context, the Data Controller respects the following rights. In the event of any request by a data subject in relation to the processing of Personal Data, the Data Controller shall ensure the exercise of the data subject's rights as soon as possible after receipt of the request, but not later than 1 month, or, if it needs further information to ensure the exercise of the rights, it shall contact the data subject without undue delay by e-mail to deal with the request.
The Data Subject has the right to receive feedback from the Controller at any of the contact details indicated in this Notice as to whether or not his or her Personal Data are being processed and, if such processing is taking place, the right to access the Personal Data and the following information:
a) the purposes of the processing;
b) the categories of Personal Data concerned;
c) the recipients or categories of recipients to whom or which the Personal Data have been or will be disclosed, including in particular recipients in third countries or international organisations;
d) the intended duration of the storage of the Personal Data or, if this is not possible, the criteria for determining that duration;
e) the right of the Data Subject to request the Controller to rectify, erase or restrict the processing of Personal Data relating to him or her and to object to the processing of such Personal Data;
f) the right to lodge a complaint with a supervisory authority;
g) where the data have not been collected from the Data Subject, any available information about their source.
In the case of automated processing based on consent or contract, you may request that the personal data you provide to us is provided to you or, where technically feasible, to a third party designated by you, in a commonly known and easily usable electronic format (e.g. Word, Excel).
The Data Subject has the right to request the rectification of his or her Personal Data processed by the Data Controller if he or she considers that they are inaccurate or inaccurate. The Data Subject shall have the right to request the completion of the Personal Data processed by the Controller if he or she considers them to be incomplete.
The Data Subject shall have the right to obtain, at his or her request, the restriction of processing by the Controller, unless otherwise provided by law, if one of the following conditions is met:
a) the Data Subject contests the accuracy of the Personal Data, in which case the restriction applies for the period of time that allows the Controller to verify the accuracy of the Personal Data;
b) the processing is unlawful and the Data Subject opposes the erasure of the data and requests instead the restriction of their use;
c) the Controller no longer needs the Personal Data for the purposes of processing, but the Data Subject requires them for the establishment, exercise or defence of legal claims; or
d) the Data Subject has objected to the processing; in this case, the restriction shall apply for the period until it is established whether the legitimate grounds of the controller override those of the Data Subject.
Where the processing by the Data Controller is based on the explicit request and consent of the Data Subject, the Data Subject shall have the right to withdraw his or her consent at any time. In this case, the Controller shall delete the Personal Data relating to the Data Subject without undue delay.
Where the processing is carried out by the Data Controller for the purposes of the protection of its own or third parties' legitimate interests or for commercial purposes, the data subject shall have the right to object to the processing of his or her data.
The Data Subject has the right to request the erasure of his or her Personal Data processed by the Controller if:
a) considers that the processing of the Personal Data is no longer necessary for the original purpose;
b) not to consent to further processing of your Personal Data - if the processing is based on consent;
c) considers that your Personal Data is unlawfully processed by the Controller;
d) expressly objects to the processing of his or her Personal Data - where the legal basis for the processing is the protection of the legitimate interests of the Controller or a third party.
The Data Subject shall have the right to receive the Personal Data concerning him or her which he or she has provided to the Controller in a structured, commonly used, machine-readable format and the right to transmit such data to another controller without hindrance from the controller to which he or she has provided the Personal Data, if:
a) processing is based on consent within the meaning of Article 6(1)(a) or Article 9(2)(a) of the GDPR or a contract within the meaning of Article 6(1)(b) of the GDPR; and
b) the processing is carried out by automated means.
In exercising the right to data portability, the Data Subject has the right to request, where technically feasible, the direct transfer of personal data between controllers.
That right shall not apply where the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
This right must not adversely affect the rights and freedoms of others.
If the Data Subject believes that his or her data is unlawfully processed by the Controller, he or she has the right to lodge a complaint with the Controller, using any of the contact details above, in order to have it stopped. If this is unsuccessful, he or she has the right to refer the matter to the National Authority for Data Protection and Freedom of Information or to the courts.
- Complaints can be submitted to the National Authority for Data Protection and Freedom of Information at the following contact details: the National Authority for Data Protection and Freedom of Information (address: 1055 Budapest, Falk Miksa u. 9-11.; postal address: 1363 Budapest, Pf.: 9.; telephone: +36-1-391-1400, fax: +36-1-391-1410; e-mail: [email protected]; website: http://www.naih.hu);
- In the case of judicial enforcement, the Metropolitan Court of Budapest is competent to decide the case. At the option of the Data Subject, the lawsuit may also be brought before the court of his/her place of residence or domicile. If the court grants the request, the Controller shall delete the personal data of the Data Subject within 3 days of the notification of the final judgment.
The Data Subject's data protection rights and remedies and their limitations are set out in detail in the GDPR (in particular Articles 15, 16, 17, 18, 19, 20, 21, 22, 77, 78, 79 and 82 of the GDPR). The Data Subject may request information about his/her data at any time, request the rectification, erasure or restriction of processing of his/her data, and object to processing based on legitimate interests and to the sending of direct marketing messages.
Without prejudice to any other administrative or judicial remedies, the Data Subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement, if the Data Subject considers that the processing of personal data relating to him or her infringes the provisions of the GDPR. The contact details of the supervisory authorities in the EU can be found here: https://edpb.europa.eu/about-edpb/board/members_hu. The Data Subject has the right to an effective judicial remedy against a legally binding decision of the supervisory authority concerning the Data Subject. The Data Subject also has the right to an effective judicial remedy if the competent supervisory authority does not deal with the complaint or does not inform the Data Subject within three months of the procedural developments concerning the complaint lodged or of the outcome of the complaint. Proceedings against the supervisory authority shall be brought before the courts of the Member State where the supervisory authority is established.
Without prejudice to any administrative or non-judicial remedies available to you, including the right to lodge a complaint with a supervisory authority, you have the right to an effective judicial remedy if you consider that your rights under the GDPR have been infringed as a result of the processing of your personal data in a way that does not comply with the GDPR. Proceedings against the Controller or its controller or processor partner shall be brought before the courts of the Member State in which the Controller or processor is established. Such proceedings may also be brought before the courts of the Member State where the Data Subject has his or her habitual residence.
In Hungary, such a lawsuit falls within the jurisdiction of the court. You can find out about the jurisdiction and contact details of the courts at www.birosag.hu.
If the court (tribunal) upholds the action, it shall establish the infringement and order the Controller to cease the unlawful processing operation, to restore the lawfulness of the processing and to comply with a specified course of action in order to ensure the rights of the data subject, and, if necessary, to decide on the claim for damages and compensation. The court (tribunal) may order the publication of its judgment, with the publication of the Data Controller's identification data, if the judgment concerns a wide range of persons or if the seriousness of the damage suffered justifies such publication.
The Data Subject may exercise the above rights against the Data Controller. Requests under this point may be sent to or made at the Data Controller.
Your Personal Data are for natural persons. Any information relating to a particular natural person - "Data Subject" as used in data protection legislation - may constitute Personal Data. Examples of Personal Data are name, telephone number, email address or date of birth.
Principles:
The data are stored in a form which permits identification of the Data Subjects for the purposes for which the personal data are processed, in accordance with the legal bases assigned to the purposes and for the time necessary to comply with the following principles:
- accountability;
- legality, fairness and transparency;
- goal constraint;
- data economy;
- accuracy;
- limited storage;
- integrity, confidentiality.
The Data Controller shall take all necessary technical and organisational measures and establish procedural rules to ensure the security of personal data provided or made available by the Data Subject throughout the entire process of processing.
The Data Controller requires and expects all its contractual partners who come into possession of personal data to operate in accordance with the GDPR.
Full use of the Website is possible with prior registration, without which the Data Subject can only browse the site. If the Data Subject registers, a user account is created. The user account allows Data Subjects to store electronic coupons in their user account, to share them or, where applicable, to use them in a partner store. The Data Controller expressly draws the attention of the Data Subject to the fact that the Data Subject is responsible for the accuracy and timeliness of the data. In this regard, if there are changes to the Personal Data, the Data Subject is obliged to update the user account with these changes.
The Data Controller draws the attention of the Data Subjects to the fact that the proper functioning of the Website is ensured in accordance with the provisions of Article 13/A (3) of Act CVIII of 2001 on certain issues of electronic commerce services and information society services.
Scope of data
In connection with the user account, the Data Controller processes the following personal data of the Data Subject:
User account:
- name
- User email address
- address
- telephone number
- date of birth
- number of points, point balance
- time, place, fact, type of coupon usage
- Date of registration
- Facebook profile name, profile picture and email address (where this information is voluntarily enabled by the Data Subject in their Facebook account)
- Google profile name, profile picture and email address (where this information is voluntarily enabled by the Data Subject in their Google Account)
- rating (number of stars 1-5) for a given Partner
- statistical data (number of coupon scans, number of redemptions, etc.)
Partner account:
- company name
- shop name
- Customer e-mail address
- shop address
- company billing address
- tax number
- credit card details (via external provider: Stripe)
- company website url
- company phone number
- contact name
- contact e-mail address
- login password
Purpose of processing
The purpose of the processing of data when using the Service of the Website is to provide the service to the Data Subject, to enable the Data Controller to offer the Data Subject the possibility to find partners in the vicinity, to maintain contact with the Data Subject, to send direct marketing and advertising enquiries, to send functional messages (registration, payment confirmation, sending invoices, sending system messages, sending notifications of the expiry date of coupons, etc.), handling complaints. The purpose of the data processing in relation to the partner account is to allow the Data Subject to know the location of the company where the Service is to be used, to bill the costs related to the use of the Service and to investigate any complaints.
Legal basis for processing
The Personal Data collected in connection with the use of the service through the Website is necessary for the performance of the service contract and for the Data Controller to take steps at the request of the Data Subject prior to the conclusion of the contract and to comply with a legal obligation (Article 6(1)(b) and (c) of the General Data Protection Regulation).
In relation to the user account, the Controller may process the Personal Data of the Data Subject where the Data Subject consents to the processing of the Personal Data (Article 6(1)(a) of the General Data Protection Regulation).
Article 6(1)(f) of the General Data Protection Regulation (processing is necessary for the purposes of the legitimate interests pursued by the controllers). Legitimate interest: to make the Controller's services known to potential users, to promote the Controller's activities and to obtain users' opinions and expectations.
Duration of processing
The period of data processing is the last day of the 8th year following the last day of the 8th year following the last day of the year of invoice issue, pursuant to Section 169 (2) of the Accounting Act.
The duration of data processing in relation to the user/partner account is until the user account is deleted. The Data Subject may delete his/her user account at any time. If the Data Subject does not access his/her user account for 12 months, his/her account may be deleted due to inactivity.
If the Data Controller no longer needs the Data Subject's data for the purposes described above - and for the establishment, exercise or defence of legal claims - it shall store them only for the appropriate period of time as defined in accounting or tax legislation and shall no longer process them for other purposes.
The Data Controller shall process the personal data of the Data Subject as specified, for the time period and for the purposes previously specified in this Privacy Notice and for which it has a legal basis.
Recipients of data processing, data processors contractual partners
The system necessary for issuing invoices is provided to the Data Controller by the online invoicing software of Billingo Technologies Zártkörűűen Működő Részvénytársaság (Registered Office: 1133 Budapest, Árbóc utca 6.), who is the Data Processor of the Data Controller. The Data Processor performs the technical operation and maintenance of the invoicing software, has access to certain Personal Data but does not perform any operations on it.
The payment and payment-related data processing on the website is carried out by Stripe Inc.. Stripe Payments Europe Limited 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland.
The cloud service for the secure operation of this website is provided by Cloudflare Inc. (106 E. 6th Street Suite 350 Austin TX 78701 USA https://www.cloudflare.com/privacypolicy/).
The Website provides the opportunity for Data Subjects to ask questions about the service. In this case, in order to answer the question, it is necessary for the Data Controller to process certain Personal Data of the Data Subject. It is also possible for the Data Subject to enquire about services or ask other questions via e-mail or telephone in order to contact the Controller.
Scope of data
During the contact, the Data Controller processes the following Personal Data of the Data Subject:
- name;
- e-mail address;
- phone number;
- Personal Data voluntarily provided by the Data Subject during the contact;
- is the question asked.
Purpose of processing
The purpose of data processing is to contact the Data Controller and the Data Subject, to answer the Data Subject's questions.
Legal basis for processing
The Data Controller may process the Personal Data of the Data Subject where the Data Subject consents to the processing of the Personal Data (Article 6(1)(a) of the General Data Protection Regulation.
Duration of processing
Until the Data Subject's consent is withdrawn, but no later than until the reason for the contact is resolved.
Recipients of processing, data processors,
contracted partners
Messages sent via the Website are not stored by the Website, but are sent directly to the contact e-mail addresses indicated on the Website.
Correspondence sent to contact e-mail addresses will be answered and handled by the competent staff of the Data Controller.
The cloud service for the secure operation of this website is provided by Cloudflare Inc. (106 E. 6th Street Suite 350 Austin TX 78701 USA https://www.cloudflare.com/privacypolicy/).
The Data Controller will send newsletters or other similar direct marketing messages to those who request them from time to time. In each case, it is a voluntary decision whether the Data Subject subscribes to these and, of course, it is possible to unsubscribe from them at any time. In this case, the Data Controller will not send any further newsletter to the Data Subject.
Details of the data processing in relation to the newsletter are set out below.
Scope of data
The Data Controller processes the following Personal Data in connection with the sending of the newsletter:
- name;
- e-mail address.
Purpose of processing
Contacting and maintaining contact with the Data Subject, informing them about available products, services and promotions, events and other news.
Legal basis for processing
The processing of Personal Data is based on the consent of the Data Subject (Article 6(1)(a) of the General Data Protection Regulation). This consent may be withdrawn by the Data Subject at any time. Withdrawal of consent shall not affect the lawfulness of the processing carried out prior to its withdrawal.
Duration of processing
The Data Controller processes Personal Data relating to the Data Subject until the Data Subject unsubscribes from the newsletter.
Recipients of data processing, data processors, contractual partners
The Data Controller uses a data processor in connection with the sending of e-mails and newsletters. This data processor is twilio.com, Twilio Ireland Limited, (registered office 25-28 North Wall Quay, Dublin 1, Ireland).
The cloud service for the secure operation of this website is provided by Cloudflare Inc. (106 E. 6th Street Suite 350 Austin TX 78701 USA https://www.cloudflare.com/privacypolicy/).
The Data Controller collects and processes certain types of data during the use of the Website, for the purposes of monitoring traffic (statistical purpose), enhancing the user experience and linking merchants and customers.
The Data Controller may facilitate registration in various ways through external service providers (e.g. Google, Facebook, etc.), in which case the data processing is also subject to the data processing rules of the respective external service provider, and in which case each party is an independent data controller. The scope of the data processed may differ in view of the different registration options, as set out in the Individual Privacy Notice. There may be embedded buttons or active links on the Website that navigate you away from the Website (e.g. Google, Facebook, Instagram, YouTube, Twitter, WhatUsp, Viber, etc.). Clicking on these buttons will automatically redirect you to Facebook, Instagram, YouTube, Twitter, WhatUsp, Viber, etc. Please note that after the redirection, the Data Controller has no possibility to control the further use of the Personal Data processed, and these platforms are subject to the data processing rules of the third parties as independent data controllers. The Data Controller has no control over the use of Personal Data by these sites and accordingly excludes to the fullest extent possible any liability for any damage or harm resulting from their further use. Such exclusion of liability is expressly acknowledged by the Data Subject.
http://www.facebook.com/full_data_use_policy
https://www.facebook.com/policy/cookies/
http://www.facebook.com/legal/terms
https://policies.google.com/privacy
https://policies.google.com/terms
https://help.twitter.com/en/rules-and-policies/twitter-cookies
Viber
https://www.viber.com/de/terms/viber-privacy-policy/
https://www.viber.com/de/terms/viber-terms-use/
WhatsUp
https://www.whatsapp.com/legal/privacy-policy-eea
https://www.whatsapp.com/legal/terms-of-service-eea
Google and Facebook, as well as other service providers, are considered as independent data controllers, in the context of which they independently determine the purposes and scope of the processing and are independently responsible for the processing.
- Google LLC (Google Data Protection Office 1600 Amphitheatre Pkwy Mountain View, California 94043;
https://www.privacyshield.gov/participant?id-a2zt000000001L5AAI)) - Provision of Google Analytics
- Facebook Ireland Ltd. (based at 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland; https://www.facebook.com/privacy/explanation).
The above data controllers have their own privacy notices. The contact details of these controllers are:
Google LLC: https://www.google.com/contact/
Facebook Ireland Ltd.: https://www.facebook.com/help/?ref-pf
The Data Controller uses external web analytics and ad serving companies for the operation of its web-based Services. The Data Controller hereby informs Data Subjects and Partners of the activities carried out on certain data by its contracted partners, independently of the Data Controller.
In addition to cookies, web analytics and ad serving service providers use measurement pixels and campaign codes to identify advertising campaigns in order to collect information about user behaviour and ad serving.
To find out about cookie settings for the most popular browsers, please visit the following links:
Google Chrome
https://support.google.com/accounts/answer/61416?hl-hu
Firefox
https://support.mozilla.org/hu/kb/sutik-informacio-amelyet-weboldalak-tarolnak-szami
Microsoft Internet Explorer
Microsoft Edge
Opera
https://help.opera.com/en/latest/web-preferences/#cookies
Safari
https://support.apple.com/hu-hu/guide/safari/sfri11471/mac
Cookies set by third-party service providers can also be deleted from the user's device at any time, and the use of cookies can usually be refused by selecting the appropriate settings on the browser(s). Cookies set by external service providers can be identified by the domain associated with the cookie.
By using the websites or mobile or tablet applications of the Data Controller, the data subject consents to the use of information relating to him or her for the following purposes and in the following manner:
The cookie-based service of Hotjar Ltd. is the production of a so-called heat map based on the mouse movements and clicks of the Data Subjects, which provides information about the behaviour of the Data Subjects on the website, but this information is only and exclusively viewed anonymously by the Data Controller and is used exclusively for the purpose of designing and optimising the user interface of the website. The cookies set by Hotjar Ltd. can be managed here: https://www.hotjar.com/legal/compliance/opt-out
The Website may use so-called cookies to achieve the above purposes.
The Website uses necessary, functional, statistical and marketing cookies.
- Required cookies are necessary for browsing the website and using its features, including allowing you to record the actions taken by the visitor on a particular page, feature or service. Without the use of necessary cookies, the smooth use of the Website cannot be guaranteed.
- Functional cookies allow the Website to remember which mode of operation the user has chosen (e.g. whether to use the English or the Hungarian version of the Website, whether to use the accessible version, how many results to display at once in the search result list, etc.).
- statistical cookies provide feedback to the Website owner about what content users like on the Website. The data is not linked to a specific individual.
- marketing cookies track users across websites, for example by displaying advertisements, all in order to show relevant content to users.
The Website stores the following cookies on the Data Subject's electronic device for its proper functioning:
| Cookie name | Cookie type | Cookie function | Duration |
| locale | Required | the language setting chosen by the user is stored in it | 5 years |
| XSRF-TOKEN | Required | The security token required for the operation of the site is stored by the Website | until the end of the session (Session) |
| pinkhello_cookie_consent | Required | acceptance of the use of the site cookie is stored in the system | 5 years |
| pinkhello_session | Required | the session ID is stored in it | until the end of the session (Session) |
| remember_web_XXX | Required | the user token entered is stored in the system, where XXX is a unique identifier that differs from user to user | 5 years or until exit |
| Hotjar_hjid | Statistics | Time of setup: the first time a visitor is taken to a page on Hotjar script. It is used to keep the random user ID, which is the unique identifier of the visitor in the browser. This ensures that to analyse the behaviour of subsequent visits to the same website for the same be assigned to the user ID. Detailed information: https://www.hotjar.com/cookies | 9 months |
| cid | Statistical, functional | This cookie is necessary for credit card transactions on the website. A service is provided by Stripe.com, which allows you to make online transactions without storing credit card details. | 1 year |
| _ga | Statistics | The cookie used by Google Analytics to distinguish users. | 2 years |
| _gid | Statistics | The cookie used by Google Analytics to distinguish users. | 24 hours |
| _ga_(container-id) | Statistics | The cookie used by Google Analytics to interrupt the session. | 2 years |
| _gac_gb_(container-id) | Statistics | The cookie used by Google Analytics, contains information about campaigns. | 90 days |
The Data Controller may insert a third-party web beacon (also known as a web bug) into its website. A web beacon is an image embedded in a website that can be used to track visits to the website. This information is also known as "clickstream data". This data can be used to analyse visiting habits, which is necessary to improve the quality of the website or to display advertisements. Web beacons are similar in function to cookies and are used to track users' online movements. The main difference between the two is that web beacons are not visible on the page. However, unlike cookies, users do not have the option to block the downloading of web beacons in their browser. For more information on web beacons, please visit http://en.wikipedia.org/wiki/Web_beacon
The Data Controller reserves the right to unilaterally amend this information for future reference. The Data Subjects will be informed of such amendments via the Data Controller's website.
More information, relevant legislation / What legislation applies to data processing and my rights?
a) Regulation (EU) 2016/679 of the European Parliament and of the Council on the processing of personal data of natural persons (GDPR)
b) Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (Info tv.)
c) Act V of 2013 on the Civil Code (Civil Code Act)
d) Act CVIII of 2001 on certain aspects of electronic commerce services and information society services (Eker tv.)
e) Act C of 2003 on electronic communications (Ehtv)
f) Act CLV of 1997 on Consumer Protection (Fogyv tv.)
g) Act CLXV of 2013 on complaints and notifications of public interest (Pktv.)
h) Act XLVIII of 2008 on the Basic Conditions and Certain Restrictions of Economic Advertising Activities (Grtv.)
NOTE: The original Hungarian text was translated into English using a translation app. Because this may result in discrepancies in the meaning of the text, the original Hungarian text should be used as the authoritative source.
