Minőségi magyar termék és szolgáltatás.
🇭🇺 HUNGARIAN

Privacy Policy

1. Introduction

1.1. Purpose of the Privacy Policy

The purpose of this Privacy Policy (hereinafter: the “Policy”) is to provide a transparent and detailed description of how personal data is processed in the course of the activities of minosegimagyartermek.hu (hereinafter: the “Data Controller”), and to inform data subjects about their rights and how they can exercise them.

1.2. Legal compliance (GDPR, Act CXII of 2011)

  • Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR): establishes uniform rules for the protection of personal data within the European Union.
  • Act CXII of 2011 (Infotv.): the Hungarian law governing informational self-determination and freedom of information.

This Policy aims to comply with the requirements set out in the above legislation.

2. Details of the Data Controller

2.1. Name and contact details

Name: Bokor Aliz, sole trader
Registered office: 2080 Pilisjászfalu, Bécsi út 30
Tax number: 57928036-1-33
Representative: Bokor Aliz
Email: visualassigment@gmail.com
Phone: +36 70 599 2392

2.2. Availability of the Policy

This Policy is available electronically on the website minosegimagyartermek.hu.

3. Definitions

3.1. Key GDPR terms

  • Personal data: any information relating to an identified or identifiable natural person (“data subject”).
  • Data Controller: the natural or legal person who determines the purposes and means of processing personal data.
  • Data Processor: a natural or legal person who processes personal data on behalf of the Data Controller.
  • Consent: a freely given, specific, informed and unambiguous indication of the data subject’s wishes by which they agree to the processing of personal data.
  • Data subject: any identified or identifiable natural person to whom the personal data relates.

3.2. Definition of a data breach

A data breach is any event resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed.

4. Principles of Data Processing

4.1. Legal bases and principles

  • Lawfulness, fairness and transparency: Data is processed only for lawful and clearly defined purposes.
  • Purpose limitation: Data is collected only for specified purposes and only to the extent necessary.
  • Data minimization: Only personal data essential for achieving the purpose is collected and processed.
  • Accuracy: Personal data is kept accurate and up to date where necessary.
  • Storage limitation: Data is stored only for as long as necessary to fulfill the purpose.
  • Integrity and confidentiality: Appropriate technical and organizational measures are implemented to protect personal data.

4.2. Accuracy and security of data

Both the Data Controller and the data subject are responsible for keeping data up to date; the data subject must notify the Data Controller of any changes.

The Data Controller takes all reasonable steps to ensure that the stored data is accurate and protected against unauthorized access.

5. Purposes and Legal Bases of Data Processing

5.1. Website registration

Purpose: Creation of a user account and provision of related services.

Legal basis:

  • Consent (Article 6(1)(a) GDPR) if registration is voluntary
  • Contract performance (Article 6(1)(b) GDPR) if registration is required

Processed data: Name, email address, password (encrypted), registration date, IP address.

5.2. Order processing

Purpose: Processing orders, fulfilling contracts, invoicing, and delivery.

Legal basis: Contract performance (Article 6(1)(b) GDPR).

Processed data: Name, billing and shipping address, contact details (phone, email), order details.

5.3. Invoicing

Purpose: Compliance with accounting laws (e.g. Act C of 2000).

Legal basis: Legal obligation (Article 6(1)(c) GDPR).

Processed data: Name/company name, address, tax number (for legal entities), other invoicing data.

5.4. Newsletter

Purpose: Marketing communication, information about new products and promotions.

Legal basis: Consent (Article 6(1)(a) GDPR).

Processed data: Name, email address.

Note: You may unsubscribe at any time via the link in the newsletter or by contacting the Data Controller.

5.5. Use of cookies

Purpose: Ensuring proper website operation, improving user experience, analyzing traffic, marketing purposes.

Legal basis:

  • Consent (Article 6(1)(a) GDPR) for non-essential cookies
  • Legitimate interest or contract performance (Article 6(1)(f) or (b) GDPR) for necessary cookies

More details: See Section 11 of this Policy.

5.6. Social media

Purpose: Communication and sharing information (Facebook, Instagram, etc.).

Legal basis: Consent (Article 6(1)(a) GDPR).

Note: Data processing practices of social platforms are governed by their own privacy policies.

6. Categories of Data Processed

6.1. Types of personal data

  • Identification data: name, username, password (encrypted)
  • Contact data: email address, phone number, address
  • Technical data: IP address, browser type, cookies, login time
  • Billing data: billing name, address, tax number (for companies)

6.2. Data storage and retention

  • Stored electronically on secure servers with password protection
  • Stored in paper format (if applicable) in locked locations

Retention period: Until legal obligations are fulfilled, the purpose is achieved, or consent is withdrawn. After that, data is deleted or anonymized.

7. Rights of Data Subjects

7.1. Right to information

The data subject has the right to request information about how their personal data is processed, including the purpose of processing, the legal basis, the source of the data, the duration of storage, and who has access to the data.

7.2. Right to rectification

If the data subject believes that their personal data is inaccurate or incomplete, they have the right to request its correction or completion.

7.3. Right to erasure (“right to be forgotten”)

The data subject has the right to request the deletion of their personal data if it is no longer necessary for the original purpose, or if the data subject withdraws their consent and there is no other legal basis for processing.

7.4. Right to data portability

The data subject has the right to receive the personal data they have provided in a structured, commonly used, machine-readable format, and to request its transfer to another data controller.

7.5. Right to object

The data subject has the right to object at any time to the processing of their personal data if the legal basis is the legitimate interest of the Data Controller.

The data subject also has the right to object to the processing of personal data for direct marketing purposes.

(Data subject rights are exercised in accordance with GDPR.)

8. Data Security

8.1. Protection of electronic data

  • Multi-level access control
  • Regular backups
  • Antivirus and firewall protection

8.2. Technical and organizational measures

  • Secure office network and Wi-Fi
  • Locked storage for paper documents
  • Regular data protection training for employees and processors

9. Handling data breaches

9.1. Notification to authorities (72-hour rule)

In the event of a data breach, the Data Controller shall notify the Hungarian National Authority for Data Protection and Freedom of Information (NAIH) without undue delay and, where feasible, within 72 hours, unless the breach is unlikely to result in a risk.

9.2. Notification to data subjects

If the breach is likely to result in a high risk, affected individuals will be informed without undue delay.

10. Data processors and third parties

10.1. Hosting provider

Name: Rackhost Zrt.
Registered office: 6722 Szeged, Tisza Lajos körút 41.
Contact: info@rackhost.hu

Activity: Operation and maintenance of the web server, processing personal data only on the instructions of the Data Controller.

11. Use of cookies

11.1. Purpose and types of cookies

  • Session cookies
  • Functional cookies
  • Analytical cookies (e.g. Google Analytics)
  • Marketing cookies

11.2. Managing cookie settings

Users can manage cookies via their browser settings. Disabling cookies may affect website functionality.

On the first visit, users can accept or reject non-essential cookies via a pop-up banner.

12. Enforcement of rights

13.1. Complaint to supervisory authority

Hungarian National Authority for Data Protection and Freedom of Information (NAIH)
Address: 1055 Budapest, Falk Miksa utca 9-11
Phone: +36 1 391 1400
Email: ugyfelszolgalat@naih.hu

13.2. Judicial remedy

Data subjects may initiate legal proceedings before the competent court, including the court of their residence or place of stay.

14. Applicable legislation

  • GDPR (EU Regulation 2016/679)
  • Act CXII of 2011
  • Act C of 2000 (Accounting)
  • Act V of 2013 (Civil Code)
  • Act XLVIII of 2008 (Advertising)

15. Final provisions

15.1. Validity and amendments

This Policy is effective from March 17, 2026.

The Data Controller reserves the right to modify this Policy, particularly due to legal changes, new data processing activities, or recommendations from supervisory authorities.

Changes will be published on the website, and continued use of the services constitutes acceptance of the updated Policy.

Date: Pilisjászfalu, March 17, 2026
Bokor Aliz, sole trader