Adatkezelési Tájékoztató
Privacy Policy
BOUTIQUE VILLA GYULA
Valid: 25.03.2023.
The private accommodation service provider Anna Teréz Kovács, as a Data Controller, manages personal data for several purposes and intends to do all this by respecting the rights of the Data Subjects and fulfilling legal obligations (especially the General Data Protection Regulation, GDPR for short).
The private accommodation service provider also considers it important to present to the Data Subjects, in accordance with its obligations, the handling of personal data that it has come to know during its data management activities, and its most important characteristics.
Who manages your personal data?
Your personal data is managed by Anna Teréz Kovács, contact options:
postal address: 5200 Gyula, Diófa utca 19.
email address: info@boutiquevilla.hu
website: www.boutiquevillagyula.hu
telefonszám: +36 30 382 2982
Management of cookies:
The website of Boutique Villa Gyula uses cookies to operate the website, to facilitate its use, to monitor the activity on the website and to display relevant offers. The detailed information about cookies appears separately when you enter the website.
When a visitor visits our site, a small file, a so-called cookie, is placed on his computer. The name cookie refers to the same small file, which is referred to as a cookie.
Purposes of cookies:
– It makes our site easier to use. It records the browser settings and usage habits of our visitors.
– Information is collected, for example, about how visitors use the website, which pages on our site are visited most often.
Strictly necessary (indispensable) cookies for operation:
These cookies are essential for the use of the website and enable the use of the basic functions of the website. In the absence of these, many functions of the site will not be available to you.
The legal basis for Data Management is the legitimate interest of the Data Controller (GDPR Article 6 (1) f)).
Cookies for improving the user experience (settings):
These cookies collect information about the user's use of the website, for example, which pages he visits most often or what error message he receives from the website. Cookies do not collect information that identifies the visitor, that is, they work with completely general, anonymous information. The data obtained from these are used to improve the performance of the website.
The legal basis for Data Management is the Data Subject's consent (GDPR Article 6 (1) a)).
Cookies for statistical purposes:
By collecting and reporting data in an anonymous form, statistical cookies help the website owner understand how visitors interact with the website.
The legal basis for Data Management is the Data Subject's consent (GDPR Article 6 (1) a)).
Marketing cookies:
Marketing cookies are used to track visitors' website activity. The goal is to serve relevant ads to individual users and encourage them to engage, which makes our website more valuable to content publishers and third-party advertisers.
The legal basis for Data Management is the Data Subject's consent (GDPR Article 6 (1) a)).
If you do not accept the use of cookies, certain functions will not be available to you.
You can find more information about this at the following links:
Internet Explorer: https://support.microsoft.com/hu-hu/windows/cookie-k-t%C3%B6rl%C3%A9se-%C3%A9skezel%C3%A9se-168dab11-0753-043d-7c16-ede5947fc64d#ie=ie-11
Firefox: https://support.mozilla.org/hu/kb/sutik-informacio-amelyet-weboldalak-tarolnak-szami Chrome: https://support.google.com/chrome/answer/95647?hl=hu
Safari: https://support.apple.com/hu-hu/HT201265
While browsing the website, technical information is also recorded (for example, in the form of log files, which contain the user's IP address, the time of the page visit, the URL address of the page(s) visited), which cannot be used for personal identification, but serve statistical purposes.
Whose data do we manage?
The DATA PROCESSOR specified http://www.boutiquevillagyula.hu manages the data of visitors to the website. Basic data of data management:
- Data management of the Data Controller's website - Indispensable cookies
Its goal: | Ensuring the basic functioning of the website. | |||||
Legal basis: | GDPR Article 6 (1) f) Necessary to assert the legitimate interest of the data controller or a third party | |||||
Character: | Automated | |||||
Data processed: | Data managed by the CookieConsent cookie, detailed in the cookie information pop-up window. | |||||
Duration: | 1 year | |||||
Scope of stakeholders: | Scope of stakeholders: | |||||
Source of data: | People visiting the website | |||||
Data processor(s): | Your data: | Activity: | ||||
Hosting provider | ||||||
Website developer | ||||||
Recipient(s) of data transmission: | There isn't | – |
- Data management of the Data Controller's website - Settings cookies
Its goal: | Management of website user settings. | |
Legal basis: | GDPR Article 6 (1) a) It is based on the data subject's consent. | |
Character: | Automated | |
Data processed: | Data managed by CookieConsentBulkSetting-# cookie, detailed in the cookie information pop-up window. | |
Duration: | Until the end of the session | |
Scope of stakeholders: | Scope of stakeholders: | |
Source of data: | People visiting the website | |
Data processor(s): | Your data: | Activity: |
Hosting provider | ||
Website developer | ||
Recipient(s) of data transmission: | There isn't | – |
- Data management of the Data Controller's website - Marketing cookies
Its goal: | Tracking website activity of visitors. Displaying advertisements | |
Legal basis: | GDPR Article 6 (1) a) It is based on the data subject's consent. | |
Character: | Automated | |
Data processed: | UID cookie managed data, detailed in the cookie information pop-up window. | |
Duration: | 1 year | |
Scope of stakeholders: | Scope of stakeholders: | |
Source of data: | People visiting the website | |
Data processor(s): | Your data: | Activity: |
Hosting provider | ||
Website developer | ||
Recipient(s) of data transmission: | There isn't | – |
- Data management of the Data Controller's website - Unclassified cookies
Its goal: | Unclassified cookies are cookies that are still being classified, together with individual cookie providers. | |
Legal basis: | GDPR Article 6 (1) a) It is based on the data subject's consent. | |
Character: | Automated | |
Data processed: | ab_visit metric | |
data managed by cookies, detailed in the cookie information pop-up window. | ||
Duration: | 7 days | Until the end of the session |
Scope of stakeholders: | Scope of stakeholders: | |
Source of data: | People visiting the website | |
Data processor(s): | Your data: | Activity: |
Hosting provider | ||
Website developer | ||
Recipient(s) of data transmission: | There isn't | – |
- Accommodation reservation and order
Its goal: | The recording of the data related to the accommodation reservation and order and the identification of the order, as well as the exercise of the rights related to the order and the contractual fulfillment of obligations, as well as the transfer of the purchase price to the customer during the exercise of the right of withdrawal arising from the contract. | |
Legal basis: | GDPR Article 6 (1) b) Necessary to perform the contract or to take steps at the request of the data subject prior to its conclusion | |
Character: | Automated and manual | |
Data processed: | name, e-mail address, phone number, date of arrival, date of departure, number of adults, number and age of children, request for half-board, method of payment, bank account number and name of the financial institution managing the account, SZÉP card number | |
Duration: | The retention period of the documents is 8 years based on the accounting obligation prescribed in § 169(1) of Act C of 2000 | |
Scope of stakeholders: | The persons ordering the accommodation service | |
Source of data: | Affected | |
Data processor(s): | Your data: | Activity: |
Hosting provider | ||
Website developer | ||
Teréz Anna Kovács 1097 Budapest, Nádasdy u. 10. info@boutiquevillagyula.hu |
Accommodation provider | |
Recipient(s) of data transmission: | There isn't | – |
- Invoicing
Its goal: | Fulfillment of accounting obligations | |
Legal basis: | GDPR Article 6 (1) c) Necessary to fulfill the data controller's legal obligations | |
Character: | Automated and manual | |
Data processed: | Name, Billing address, | |
Duration: |
8 years after the issue of the invoice Act C of 2000 on accounting § 169 (1) para. |
|
Scope of stakeholders: | Customers affected by invoicing | |
Source of data: | Partner | |
Data processor(s): | Your data: | Activity: |
N-Ware Informatikai és Tanácsadó Kft. 1139 Budapest, Gömb utca 26. |
Operation of an invoicing program | |
Recipient(s) of data transmission: |
Nemzeti Adó- és Vámhivatal 1054 Budapest, Széchenyi u. 2. +36 (1) 428-5100 nav_kozpont@nav.gov.hu http://nav.gov.hu |
Tax activity |
- Data management related to the VIZA system
Its goal: | Fulfilling the obligation to provide data for the Hungarian Tourist Agency Zrt | |
Legal basis: | GDPR Article 6 (1) c) Necessary to fulfill the data controller's legal obligations | |
Character: | Automated and manual | |
Data processed: | family and first name; surname and first name at birth; place and time of birth; no; citizenship, mother's family name and surname at birth; the identification data of the personal identification document or travel document, the address of the accommodation service; the starting and expected and actual ending time of the use of the accommodation | |
Consequences of failure to provide data: | In case of failure to provide data, the Data Controller cannot provide the accommodation service requested by the data subject. In the absence of presentation of the document(s), the Data Controller will refuse the accommodation service. | |
Duration: | No retention period, only data transmission | |
Scope of stakeholders: | Guests | |
Source of data: | Guests | |
Data processor(s): | Your data: | Activity: |
NTAK Guest application Magyar Turisztikai Ügynökség Zrt. 1027 Budapest, Kacsa u. 15-23.; levélcím: 1525 Budapest, Pf.: 97. +36 1 488 8700; info@mtu.gov.hu Data Protection Officer: |
Designated hosting provider and data provided on the NTAK interface scanning |
|
Recipient(s) of data transmission: | There isn't | – |
- Registration of interested parties' requests and complaints
Its goal: | Registration of complaints and requests related to data management, contact of the affected parties | |
Legal basis: | GDPR Article 6 (1) c) Necessary to fulfill the data controller's legal obligations | |
Character: | Automated and manual | |
Data processed: | Identification data, contact data | |
Duration: | 5 years or until the conclusion of the legal dispute | |
Scope of stakeholders: | Affected, complaining | |
Source of data: | Affected, complaining | |
Data processor(s): | Your data: | Activity: |
There isn't | – | |
Recipient(s) of data transmission: | There isn't | – |
- Notification of a data protection incident
Its goal: | Information and contact regarding the occurrence of a data protection incident | |
Legal basis: | GDPR Article 6 (1) c) Necessary to fulfill the data controller's legal obligations | |
Character: | Automated and manual | |
Data processed: | Identification data, contact data | |
Duration: | 5 years or until the conclusion of the legal dispute | |
Scope of stakeholders: | Affected persons | |
Source of data: | Affected persons | |
Data processor(s): | Your data: | Activity: |
There isn't | – | |
Recipient(s) of data transmission: | There isn't | – |
In the case of data processing based on consent, you can withdraw your consent at any time.
In the case of data processing based on the legitimate interests of the data controller, the data subject may object to the data processing. What principles do we consider important when handling your data?
We handle personal data based on the applicable legal regulations.
The Data Controller only processes personal data specified in the scope of individual data management.
The security of the provided personal data is protected by all necessary technical and organizational measures.
It pays particular attention to ensuring the confidentiality, integrity and availability of personal data.
The Data Controller is responsible for the veracity and accuracy of personal data after they have been entered by you. The expressions we use in this information sheet are defined in CXII of 2011 on the right to self-determination of information and freedom of information. interpreted according to the terms defined in the interpretive provisions of the Act.
What rights do you have in relation to your personal data managed by the Data Controller?
The Data Controller ensures that the Data Subjects can exercise their rights defined in the GDPR regulation. The Data Controller cannot refuse a request to exercise these rights, unless it proves that the Data Subject cannot be identified. Therefore, the Data Subject needs to identify himself in order to fulfill his request.
The Data Controller is obliged to fulfill the request without delay, but within a maximum of 1 month from the date of receipt, and to inform the Data Subject about possible obstacles or delays in the fulfillment. In this case, the deadline can be extended by another 2 months, provided that the person concerned is informed of the extension and the reason for it within 1 month.
The Data Controller will respond to the Data Subject's request in the form in which it was received. The Data Subject has the option to submit his request electronically, in which case he will also receive the answer electronically, unless expressly provided otherwise.
In order to ensure the rights of the Data Subject, the rights contained in this information can be exercised free of charge.
If and to the extent that the requested measure or information is excessive or obviously unfounded, the Data Controller may charge a reasonable amount for fulfillment (especially to cover the increased administrative costs of excessive requests), or may refuse to take action based on the request. In such a case, the Data Controller owes the Data Subject an obligation to provide reasons.
In such a case, the Data Controller owes the Data Subject an obligation to provide reasons. In accordance with the legislation, the Data Subjects may exercise the following rights:
- During the entire duration of the data management, the Data Subject is entitled to request information and access to the personal data managed by the Data Controller, as well as the characteristics of the data management, at the provided contact information, in particular:
- the identity and contact details of the Data Controller and its contact person, if the Data Controller employs a data protection officer, their contact details
- the purpose, legal basis and duration of data management,
- the name and address of the data processor, and the activity related to data management, if a data processor is used
- on the legal basis and recipient of the data transfer, if data is transferred
- az esetlegesen bekövetkezett adatvédelmi incidensről.
- The Data Subject is entitled to request the correction or change of his personal data. If your data has changed or is not accurate, the Data Controller can modify it at your request at any time during the processing of your personal data. You can request this via our contact details provided.
- The Data Subjects may withdraw their consent at any time and request that their data be deleted by the Data Controller.
The Data Subject's personal data will also be deleted if the processing of the data is illegal, the purpose of the data processing has ceased, or the specified time limit for storing the data has expired; or the court or the National Data Protection and Freedom of Information Authority ordered it.
- At the Data Subject's request, the Data Controller restricts the processing of personal data:
- if the Data Subject disputes the accuracy of their data, in this case the limitation applies to the period
- which enables the Data Controller to check the accuracy of personal data
- if the data management is illegal and the Data Subject opposes the deletion of their data and requests their restriction instead
- The Data Controller no longer needs the personal data for the purpose of data management, but the Data Subjects require them to submit, enforce or defend their legal claim
- if the Data Subject objects to data processing, in this case the restriction applies to the period until it is determined whether the legitimate reasons of the Data Controller take precedence over the legitimate reasons of the Data Subject.
- the Data Subject may object to the processing of his personal data if the Data Controller processes his data on the basis of the legal basis necessary to assert his own or a third party's legitimate interests. In this case, the Data Controller may no longer process the personal data, unless it proves that the data processing is justified by compelling legitimate reasons that take precedence over the interests, rights and freedom of the Data Subject, or that are related to the submission, enforcement or defense of legal claims.
- If the data management is based on consent or is necessary for the performance of a contract and the data management is carried out in an automated manner, i.e. the Data Subjects' data is managed using a machine register, the Data Subject is entitled to have the personal data relating to him, which he has provided to the Data Controller, segmented, widely used, machine you will receive it in a readable format. Furthermore, they are forwarded to another Data Controller without the Data Controller hindering this. (The Data Subject's right to data portability)
The Data Subject's legal remedies
In the event of a perceived violation of rights related to the handling of your personal data, you can file a complaint with the National Data Protection and Freedom of Information Authority or the competent court (http://birosag.hu/torvenyszekek) can turn.
National Data Protection and Freedom of Information Authority contact information: Address: 1055 Budapest, Falk Miksa utca 9-11. Postal address: 1363 Budapest, Pf.: 9. Telephone number: +36 1 391 1400, E-mail: ugyfelszolgalat@naih.hu