Data protection Privacy Policy for visitors and registered users of the website


During the operation of the website, the service provider / data manager manages the data of the persons registered on the site in order to provide them with appropriate services. The service provider intends to fully comply with the legal requirements for the management of personal data, in particular with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council. This data management information sheet on the protection of personal data of natural persons and the free flow of data was prepared based on Regulation (EU) 2016/679 of the European Parliament and of the Council, taking into account the CXII of 2011. on the content of the law on the right to self-determination of information and freedom of information.

Name of service provider, data manager:

Company Name:


Kereskedelmi és Szolgáltató Kft.


8800 Nagykanizsa, Bethlen Gábor u. 32.

Tax id.number:


Company registration number:


Website name and address:

Contact details of the data controller:

Név / cégnév:


Kereskedelmi és Szolgáltató Kft.


8800 Nagykanizsa, Bethlen Gábor u. 32.

Post address:

8800 Nagykanizsa, Bethlen Gábor u. 32.



+36 70 368 4523

Concept definitions

  • the GDPR (General Data Protection Regulation) is the new Data Protection Regulation of the European Union;
  • data management: any operation or set of operations performed on personal data or data files in an automated or non-automated manner, such as the collection, recording, organization, segmentation, storage, transformation or change, query, insight, use, communication, transmission, distribution or otherwise by making available, coordinating or connecting, limiting, deleting or destroying;
  • data processor: the natural or legal person, public authority, agency or any other body that processes personal data on behalf of the data controller; personal data: any information relating to an identified or identifiable natural person (data subject); a natural person can be identified directly or indirectly, in particular on the basis of an identifier such as name, number, location data, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person identifiable;
  • data controller: the natural or legal person, public authority, agency or any other body that determines the purposes and means of processing personal data independently or together with others; if the purposes and means of data management are determined by EU or member state law, the data controller or the special aspects regarding the designation of the data controller may also be determined by EU or member state law; the consent of the data subject: the voluntary, specific and clear declaration of the will of the data subject based on adequate information, with which the data subject indicates by means of a statement or an act clearly expressing the confirmation that he gives his consent to the processing of personal data concerning him; data protection incident: a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data transmitted, stored or otherwise handled. recipient: the natural or legal person, public authority, agency or any other body to whom the personal data is communicated, regardless of whether it is a third party. Public authorities that have access to personal data in accordance with EU or Member State law in the context of an individual investigation are not considered recipients; the management of said data by these public authorities must comply with the applicable data protection rules in accordance with the purposes of data management; third party: the natural or legal person, public authority, agency or any other body that is not the same as the data subject, the data controller, the data processor or the persons who have been authorized to handle personal data under the direct control of the data controller or data processor.

Data management guidelines The data controller declares that it handles personal data in accordance with the provisions of the data management information sheet and complies with the provisions of the relevant legislation, with particular attention to the following: Personal data must be handled legally and fairly, as well as in a transparent manner for the data subject. Personal data may only be collected for specific, clear and lawful purposes. The purpose of processing personal data must be appropriate and relevant, and can only be to the extent necessary. Personal data must be accurate and up-to-date. Inaccurate personal data must be deleted immediately. Personal data must be stored in such a way that identification of the data subjects is possible only for the necessary period. Personal data may be stored for a longer period of time only if the storage is for the purpose of archiving in the public interest, for scientific and historical research purposes, or for statistical purposes.

The processing of personal data must be carried out in such a way that the appropriate security of personal data is ensured by applying appropriate technical or organizational measures, including protection against unauthorized or illegal processing, accidental loss, destruction or damage of data. The principles of data protection shall be applied to all information relating to identified or identifiable natural persons. Important data management information The purpose of data management is to enable the service provider / data manager to provide appropriate additional services to the persons registered on the website during the operation of the website. The legal basis for data management is the consent of the person concerned. The persons involved in data management are registered users of the website. Duration of data management and deletion of data. The duration of data management always depends on the specific user goal, but the data must be deleted immediately if the originally set goal has already been achieved. The person concerned can withdraw their consent to data management at any time by sending a letter to the contact e-mail address. If there is no legal obstacle to the deletion, in this case your data will be deleted. The data controller and its employees are entitled to access the data. The person concerned may request from the data controller access to the personal data concerning him, their correction, deletion or restriction of processing, and may object to the processing of such personal data, as well as to the data subject's right to data portability. The person concerned may withdraw his data processing consent at any time, but this does not affect the legality of the data processing carried out on the basis of the consent before the withdrawal. The person concerned may use the right to submit a complaint to the supervisory authority.

If the person concerned wants to use the benefits provided by the registration, i.e. wants to use the website's services in this direction, it is necessary to provide the requested personal data. The person concerned is not obliged to provide personal data, and failure to provide data will not have any adverse consequences. However, it is not possible to use certain functions of the website without registration. The affected person has the right to have the data manager correct or complete inaccurate personal data concerning him without undue delay upon request. The data subject has the right to request that the data controller delete inaccurate personal data concerning him without undue delay, and the data controller is obliged to delete the personal data concerning the data subject without undue delay, if there is no other legal basis for data processing. Modification or deletion of personal data can be initiated by e-mail, phone or letter using the contact options provided above.