1. General Provisions
1.1. Híz Henriett, sole proprietor (documentary office registration number: 58861725) as the Data Controller, in connection with the services provided by the websites https://en.hizhenriett.hu and https://tudatosirany.hu and other websites specified therein (hereinafter referred to as the „Portal”), acts in accordance with this Privacy Notice in all personal data processing activities of natural persons. By using the website, the User acknowledges that they accept the provisions of this Privacy Notice as binding.
Data Controller for the activities listed in this Privacy Notice: Híz Henriett, sole proprietor (registration number: 58861725)
Registered office: 6445 Borota, Petőfi Sándor Street 35.
Mailing address: 2461 Tárnok, Vörösmarty Street 59.
Email address: hizhenriett@tudatosirany.hu
Tax number: 48969657-1-23
1.2. The purpose of this Privacy Notice is to define the scope of personal data processed by the Data Controller, the method of data processing, and to ensure compliance with the constitutional principles of data protection, the requirements of data security, and to prevent unauthorized access to, alteration, or unauthorized disclosure or use of personal data, in order to ensure respect for the privacy of the user, a natural person.
1.3. The Data Controller, in line with the purpose outlined in section 1.2, processes the user’s personal data confidentially, in accordance with the applicable legal provisions, ensuring their security, and taking the necessary technical and organizational measures, as well as establishing procedural rules required for the implementation of the relevant legal provisions and other recommendations.
2. Legal Background
The Data Controller is obliged to comply with the legal provisions relating to the processing of personal data in all phases of data processing. The data processing carried out by the Data Controller is primarily governed by the following legal provisions:
• Civil Code, Act V of 2013, Section 2:43§ (e)
• Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information („Data Protection Act”)
• Act CVIII of 2001 on certain issues of electronic commerce services and services related to the information society („E-commerce Act”)
• Act XLVIII of 2008 on the Basic Conditions and Certain Restrictions of Economic Advertising Activities („Advertising Act”)
• Act VI of 1998 on the promulgation of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, Strasbourg, January 28, 1981; Act CXIX of 1995 on the Processing of Personal Data for the Purpose of Research and Direct Marketing („Data Processing Act”)
• The General Data Protection Regulation (GDPR, 2016/679/EU)
3. Legal Basis for Data Processing
The Data Controller processes the data of the Data Subjects in compliance with the applicable data protection laws, based on their consent, or under the provisions of Act CVIII of 2001 on Electronic Commerce Services and Services Related to the Information Society, Section 13/A, and Act XLVIII of 2008 on the Basic Conditions and Certain Restrictions of Economic Advertising Activities, Section 6.
4. Scope of Processed Data, Purpose of Data Processing, and Retention Period
This Privacy Notice applies solely to the processing of personal data of natural persons, as personal data can only be defined in relation to natural persons.
Anonymous information, which cannot be linked to a specific person and demographic data that are collected without associating them with identifiable individuals, is not considered personal data.
4.1. Anonymous User Identifier (Cookie)
The Service Provider places an anonymous user identifier (cookie) on the User’s computer, which by itself cannot identify the User but can only recognize the User’s machine. No name, email address, or other personal information is required since the solution does not involve the transfer of personal data to the Service Provider, and data exchange only occurs between machines.
The Service Provider uses cookies to learn more about Users’ information usage habits and improve services. The User can block cookies via browser settings. The User acknowledges that certain services may not function properly if cookies are disabled.
4.2. Remarketing Codes
The Service Provider uses Google Adwords and Facebook remarketing codes on the Portal. The remarketing code uses cookies to tag visitors to the Portal. The installed cookie helps ensure that advertisements related to the Service Provider’s products and services appear on websites within Google’s Display Network or Facebook, which the user visits later.
The User can disable cookies at any time and customize advertisements via Google Ads settings.
4.3. Log Files
The system automatically logs the following data for service usage purposes:
– The User’s dynamic IP address
– The browser and operating system type used by the User, depending on the settings of their computer
– The User’s activity on the website
These data are used for technical purposes, such as analyzing server operation security and post-event checks, as well as for creating website usage statistics and analyzing user needs to improve service quality. These data are not suitable for identifying the User and are not linked to other personal data by the Service Provider.
The Service Provider ensures that the User can always access information on which data types it processes and for what purposes, including data that cannot be directly linked to the User.
4.4. Data Retention Period
The User’s personal data will be processed based on consent until such consent is modified or withdrawn. After the expiration of the data processing period, the Service Provider is obliged to delete the User’s personal data.
5. User Rights
5.1. The User may request from the Service Provider, in accordance with applicable law:
a) information about the processing of their personal data,
b) correction of their personal data,
c) deletion or blocking of their personal data, except in cases of mandatory data processing.
5.2. Upon the User’s request, the Service Provider will provide written information within 30 days regarding the data it processes, its source, the purpose of data processing, legal basis, duration, the name and address of the data processor, and activities related to data processing.
5.3. The Service Provider maintains a data transfer registry to check the lawfulness of data transfers, containing the time of personal data transfer, legal basis, recipient, and other required data as defined by the relevant regulations.