Privacy Policy

Effective Date: September 1, 2025

1. Introduction

It is very important for us to comply with current data protection regulations and laws. Therefore, we detail below the steps we take to ensure data protection and the processes related to data collection.

Data Controller Information:

Name:
Registered Office:
Mailing Address:
Tax Number:
Phone Number:
Email:

Hosting Provider Information:

Name:
Address:
Contact Information:

2. Types of Personal Data and Their Legal Basis

Personal Data: Data that can clearly identify an individual. The following types of personal data are processed on this website, along with the corresponding legal basis:

COMMUNICATION DATA
This includes any messages sent to us via the website, email, social media messages, or any other form of communication. We process and retain this data to fulfill orders and provide a basis for potential legal claims.
Legal basis: The user’s legitimate interest in our activities, demonstrated by messages sent to us.

USER DATA
Includes data generated during website usage, which allows the technical operation of the site, protects its security, stores logs of user activity, and ensures users access the most relevant content.
Legal basis: The user’s legitimate interest in our activities, which requires storing these data for proper website functionality.

TECHNICAL DATA
Includes data such as IP address, login information, browser data, page visit times, page views, navigation paths, visit frequency and time, time zones, and device information. The source of these data is our analytics software. We process this data to analyze user behavior, ensure site security, and assess the effectiveness of our marketing decisions.
Legal basis: The user’s legitimate interest in our activities, allowing secure processing and optimization of business operations.

MARKETING DATA
Includes visitor preferences regarding marketing content. These data are processed to enable participation in contests and to send advertisements related to products or services the user has expressed interest in.
Legal basis: The user’s legitimate interest in our activities, allowing secure processing and business optimization.

Collected data may also be used for targeted and relevant advertising on platforms like Facebook™ and other dynamic advertising channels. We monitor the effectiveness of such ads.
We do not collect sensitive data such as ethnicity, religious beliefs, sexual life and orientation, political opinions, trade union membership, health data, or genetic/biometric information.

3. Methods of Data Collection

We may collect personal data directly from users (e.g., sending a message). Some data are automatically collected during website use, such as through cookies and similar technologies, which are only activated with user consent. For more information, see our Cookie Policy.

We may also receive data from external partners, such as analytics providers (e.g., Google – non-EU partner) or advertising networks (e.g., Facebook™ – non-EU partner).

4. Practical Measures for Data Protection

Protecting users’ data and complying with regulations is extremely important. Therefore, we:

– Conducted a privacy impact assessment and listed collected data, their necessity, legal basis, and regulatory compliance.

– Use SSL certification (Let’s Encrypt Authority X3) for protecting form-submitted and website-generated data.

– Apply premium security software (Wordfence Security) to protect stored data from “brute force” and virus attacks.

– Store purchase and user data in encrypted (pseudonymized) form in databases.

– Allow users to request information, modification, or deletion of their personal data via forms provided in this Privacy Policy.

– Share necessary data with service providers (hosting provider, courier, newsletter software) ensuring GDPR compliance and, for US-based partners, participation in the EU-US Privacy Shield, with data processing agreements in place.

5. Marketing Communication

Marketing communication is essential for our business. The legal basis is the user’s interest in our services or explicit consent. Under the EU Privacy and Electronic Communications Regulations (PECR), marketing messages are sent to users who have purchased from us or explicitly consented.

Unsubscribing from marketing messages is always easy and visible. Every email includes an unsubscribe link, or requests can be sent to the email address on our contact page. Post-unsubscription messages may still be sent for order fulfillment only.

6. Notes on Personal Data

Sometimes it is necessary to share certain personal data with partners to maintain normal business operations:

– IT service providers and maintenance personnel

– Expert partners such as lawyers, accountants, bankers, insurers

– Government authorities requesting reports about our activities

International Data Transfers
Data may be shared with partners outside the European Economic Area (EEA) when necessary. The EEA ensures a higher level of data protection than many other countries. We ensure that:

– Data is transferred only to countries deemed adequate by the European Commission.

– US-based services participate in the EU-US Privacy Shield.

If these conditions are not met, explicit user consent is requested. Consent can be withdrawn at any time.

External Links
This website may contain links or embedded code from external services. Clicking these links or using embedded services may allow external partners to collect data. We are not responsible for external partners’ privacy practices.

7. Data Retention

User data is stored only as long as legally, fiscally, or operationally required. When deciding retention periods, we consider data type, sensitivity, and potential impact in case of a breach.

Billing and purchase data must be retained for at least 8 years for tax purposes. Anonymized data may be stored indefinitely for statistical purposes without prior notice.

8. User Rights

Under the GDPR, EU citizens have the following rights:

a. Access to personal data
Users can request a copy of personal data stored by our website, generally free of charge within 14 days. Repeated or abusive requests may incur a fee and take additional time. Identity verification may be required to prevent misuse. Requests should be sent to the email on our contact page.

b. Rectification
Users can request correction of incorrect or changed personal data via the email on our contact page.

c. Erasure
Users can request deletion of all personal data, generally fulfilled within 14 days. Deleting personal data will make user accounts inaccessible, including any purchased materials. Identity verification is required prior to deletion. Requests should be sent to the email on our contact page.

d. Restriction of processing
Users can request limiting data access by third parties, specifying which service providers. Some providers are essential for website operation (e.g., Paylike), so restricting them may affect service access. Identity verification is required. Requests should be sent to the email on our contact page.

Data Protection Authority (Hungary):
National Authority for Data Protection and Freedom of Information (NAIH)

Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C
Mailing Address: 1530 Budapest, Pf.: 5
Phone: +36 1 391 1400
Fax: +36 1 391 1410
Email: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu

9. Anonymized Data and Cookies

The website uses cookies and similar technologies (tracking codes, remarketing tags, pixels) in emails and ads, activated only with user consent. These help us understand user behavior and improve website performance.

Users can block non-personal data tracking via:

– Cookie consent notices on the website

– Browser settings to disable cookies

– Device-specific tools