PRIVACY POLICY

This Privacy Policy describes the personal data that is collected, created (processed) when you use the https://meluisapartman.hu/ website (the “Website”).

The Policy also explains how personal data is used, shared, and protected, what choices you have regarding your personal data, and how you can contact us.

GENERAL PROVISIONS

Kiss Melinda, as the operator of MeLuis Apartment, ensures the legality and appropriateness of personal data processing at all times.

The purpose of this notice is to provide adequate information to customers and private individuals using our services before submitting their personal data regarding how our company processes their data, under what conditions and guarantees, and for how long. Our company adheres to the provisions outlined in this notice for all personal data processing activities and considers them binding. However, we reserve the right to modify the provisions in this unilateral statement, in which case affected individuals will be informed in advance. If you have any questions regarding the contents of this notice, please write to us. Our company’s data processing is based on voluntary consent, and in certain cases, data processing is based on legal obligations, contracts, steps taken at the data subject’s request before concluding a contract, or the legitimate interest of the data controller. Our data processing complies with applicable regulations, particularly:

• Regulation (EU) 2016/679 of the European Parliament and the Council (General Data Protection Regulation, “GDPR”);
• Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information.

Who is responsible for processing your personal data?

The responsible entity for processing your personal data is:

• Name: Kiss Melinda
• Address: 8648 Balatonkeresztúr, Rákóczi Street 18.
• Phone: +36 30 526-5224
• Email: info@meluisapartman.hu
• Tax number: 55089551-1-34
• NTAK Registration Number: MA19017718
• Bank account: K&H Bank Zrt. 10403947-84515353-57491006

Definitions

• “Personal data”: Any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, particularly by reference to an identifier such as a name, identification number, location data, online identifier, or factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
• “Processing”: Any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
• “Controller”: The natural or legal person, public authority, agency, or other body that determines the purposes and means of processing personal data.
• “Processor”: A natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.
• “Recipient”: A natural or legal person, public authority, agency, or another body to which the personal data is disclosed, regardless of whether it is a third party. Public authorities that may access personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall comply with the applicable data protection rules according to the purposes of the processing.
• “Consent of the data subject”: Any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

“Data Breach”: A security breach that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise processed.

WHAT PERSONAL DATA DO WE COLLECT, AND WHEN DO WE COLLECT DATA?

To provide the services you request, we may ask for certain personal data. For example, when you make a purchase, contact us via our contact form, request information, or visit our Website. Such personal data includes:

• Contact details: including your name, email address, and phone number.
• Personal data: including details of your previous purchases.
• Individual preferences: including your wishlist, marketing message preferences, and cookie settings.

Further details about these processes are included in the “Cookies and Web Beacons (Pixel Tags)” section of this Privacy Policy. Such data includes:

• Cookies, IP addresses, referrer headers, browser identification data, as well as web beacons and tags.

We comply with local laws and do not permit children to access our Website if they have not reached the legal age required in their country of residence. It is important to highlight that this legal age is 18 years in Hungary. We are not in a position to verify the eligibility of the consenting person or assess the contents of the legal representative’s declaration. Therefore, the data subject or their legal representative guarantees that the consent complies with legal requirements. We consider the legal representative’s proper consent as given when the service is used.

TOOLS USED FOR PROCESSING THE COLLECTED PERSONAL DATA

When using our Website, your browser or mobile device platform provides additional tools to control when and how certain categories of personal data are collected or shared.

For example, your mobile device or browser may provide tools that allow you to control the use of cookies or location sharing.

We encourage you to familiarize yourself with and use the tools available on your devices.

WHY AND HOW DO WE USE (PROCESS) YOUR PERSONAL DATA?

Your personal data is used for the following purposes:

• To provide the features and services you request when using our Website. When you purchase through our Website, we use your contact details for communications related to your purchase. If you contact our customer service, we use information such as payment or purchase details to help you resolve an issue or question.

The data provided in the contact form, which is used to respond to customer inquiries, includes: Name, email, and phone number.

• To conduct our business operations, improve, and support our products and services. The personal data you provide to us is also used for business operations. For example, in the case of your purchase, we use the relevant information for accounting and other internal functions. We also use data about how you interact with our products and services to improve the user interface and identify technical or service-related issues.

Responsible for accounting:

• Kiss Melinda (8648 Balatonkeresztúr, Rákóczi Street 18.) (Data Processor)
• Phone: +36 30 526-5224
• Purpose: Up-to-date accounting, compliance with applicable tax laws.

Our hosting provider:

• Operator: Rackhost Zrt.

Address:

6722 Szeged, Tisza Lajos Boulevard 41.

Tax Number:

25333572-2-06

Company Registration Number:

06-10-000489

Bank Account Number:

10700433-67330115-51100005

IBAN:

HU66 1070 0433 6733 0115 5110 0005

SWIFT/BIC Code:

CIBHHUHB

Scope of Data Processing and Processed Data:

All personal data provided by the data subject.

Scope of Data Subjects:

All individuals using the website.

Purpose of Data Processing:

Ensuring the availability and proper operation of the website.

Duration of Data Processing and Deadline for Data Deletion:

Data processing continues until the agreement between the data controller and the hosting provider is terminated or until the data subject submits a deletion request to the hosting provider.

Legal Basis for Data Processing:

User consent, Section 5 (1) of the Infotv., Article 6 (1) (a) of the GDPR, and Section 13/A (3) of Act CVIII of 2001 on electronic commerce services and information society-related services.

For General Research and Analysis Purposes:

We use data on how visitors interact with our website and services to analyze consumer behavior and preferences. For example, we may analyze how visitors search for and find products and how they navigate our website to improve efficiency.

Our website utilizes Google Analytics and Search Console to collect visitor statistics and search result performance data. These tools do not collect or transmit personal data to us, and their use is governed by Google’s data protection policies.

Other Purposes – Legal Basis for Data Processing:

The legal basis for processing your personal data depends on how you use our website.

If you purchase products or services through our website, we require your personal data to fulfill the contract with you. For example, we need your payment and contact details to complete your order.

We may also rely on other legal bases, such as our legitimate business interests, legal obligations, or the need to protect your vital interests.

SHARING OF YOUR PERSONAL DATA:

Our business shares your personal data with the following parties:

• Third-party service providers who process data on our behalf, such as payment processors, shipping companies, hosting providers, and service operators. We enter into agreements with such third-party providers requiring them to implement appropriate technical and organizational measures to protect your personal data.
• Any third party to whom you have given prior consent.
• If our business or assets are wholly or partially sold, we may transfer personal data to the new owner as part of the reorganization, divestiture, dissolution, or liquidation process.

Credit Card Payment Name: 4 Stripe Zrt., 1124 Budapest, Lejtő u. 17. A. building. Tax number: 26314846-2-43

The fact of data processing, the scope of the data processed: Billing name, billing address, email address.
The scope of the data subjects: All individuals requesting online purchases.
The purpose of data processing: To process online payments, confirm transactions, and perform fraud monitoring to protect users.
The duration of data processing, the deadline for data deletion: Until the completion of the online payment.
The legal basis for data processing: The user’s consent, Section 5 (1) of the Information Act, Article 6 (1) point a), and Section 13/A (3) of Act CVIII of 2001 on Electronic Commerce Services and Information Society Services.

ONLINE HOTEL BOOKING DATA PROCESSING

Our company provides the opportunity for online hotel booking to make it quick, convenient, and cost-free to book a room.

The data controller of personal data:
Gáborné Horváth Andrea, 8638 Balatonlelle, Lékaui utca 26
The purpose of data processing: To facilitate, make cost-free, and enhance the efficiency of hotel booking.
The legal basis for data processing: The prior consent of the person making the booking.
The scope of the personal data processed: Salutation; surname and first name; address (country, postal code, city, street, house number); phone number; email address; in case of a business entity, the company name and registered office, credit card number (identification, name on the card).
Duration of data processing: One week after the last day of the booking stay.
Data processor used: Our company uses an IT service provider for the online booking system as follows.

OTHER DATA PROCESSINGS

For data processing not listed in this notice, we will provide information when the data is collected. We inform our clients that certain authorities, public bodies, and courts may request personal data from our company. Our company will only release personal data to these bodies to the extent and in the manner necessary to achieve the purpose of the request, and only if required by law.

METHOD OF STORING PERSONAL DATA AND SECURITY OF DATA PROCESSING:

Our company’s personal data is stored on our IT system (web hosting).
Our company selects and operates IT tools used for personal data processing in a way that ensures:

• The data is accessible to authorized persons (availability).
• The authenticity and verification of data processing are ensured (data accuracy).
• The integrity of the data is verifiable (data integrity).
• The data is protected against unauthorized access (data confidentiality).

We pay particular attention to the security of the data, and we take technical and organizational measures and establish procedures that ensure the GDPR guarantees. We protect the data with appropriate measures, especially against unauthorized access, modification, transmission, disclosure, deletion, destruction, and accidental destruction or damage. Our IT systems and networks are protected against computer-assisted fraud, computer viruses, hacking, and denial-of-service attacks. Both the operator and our partners use server-level and application-level security procedures. Daily backups of the data are in place. To prevent data protection incidents, our company takes all possible measures and, in the event of such an incident, will promptly act according to our incident management policy to minimize risks and mitigate damage.

PROTECTION AND HANDLING OF PERSONAL DATA Encryption and security.
To maintain the security of your personal data, we apply technical security measures, including encryption and authentication tools. We also have an SSL certificate, which ensures the security of the website.

Retention of Personal Data
We store your personal data for as long as necessary to fulfill the purposes outlined in this privacy policy (unless the relevant laws prescribe a longer retention period). If you have requested promotional information from us, we will store the data until you request the deletion of your account. For personal data related to product purchases, we keep this data for a longer period to comply with legal obligations (e.g., tax and sales laws).

Your Rights Regarding Your Personal Data
You are entitled to request the following:

• Information about the processing of your personal data;
• Request the correction of your personal data;
• Request the deletion or restriction of your personal data;
• Object to the processing of your personal data.

If you have given your consent for the processing of your personal data, you are entitled to withdraw your consent at any time. If you wish to receive a copy of your personal data or wish to exercise any other rights, please contact us. This may include information about the data we process, the purpose of processing, the legal basis, the duration, the names and addresses of Data Processors, and the activities related to data processing, as well as information about who receives or has received the data and for what purpose. We will send you this information in writing within 30 (thirty) calendar days. We will delete your personal data if:

• Its processing is unlawful;
• You request the deletion of the data;
• It is incomplete or inaccurate – and this condition cannot be legally corrected – provided that the deletion is not prohibited by law;
• The purpose of data processing has ceased to exist;
• The retention period set by law has expired;
• The deletion is ordered by the court or the National Authority for Data Protection and Freedom of Information.

COOKIES and Web Beacons (Pixel Tags)
When you use our website, the information sent by your internet browser may include personal data. We use several methods to collect such information, including cookies and web beacons. The information collected may include:

• Your unique cookie identifier, cookie information, and information about whether your device has the necessary software to use certain features;
• Your unique device identifier and device type;
• Domain, browser type and language;
• Operating system and system settings;
• Country and time zone;
• Data about previously visited websites;
• Information about your visits to our website, such as your click behavior, purchases, and selected preferences;
• Access times and referrer URL headers.

Through our website, third parties may also collect information using cookies, third-party plug-in tools, and widgets. These third parties collect data directly from your internet browser, and the processing of such data is governed by the privacy policy of the respective third party. These third parties may include Google, Facebook, Hotjar, and Salesautopilot. We use cookies and web beacons to track customer usage and investigate customer preferences. This allows us to provide services to our customers and enhance the online user experience. We also use cookies and web beacons to collect aggregate data about website traffic and interactions, identify trends, and collect statistical data to improve our website.

Types of Cookies We Use
We generally use three types of cookies on our website:

1. Strictly Necessary Cookies: These cookies are essential for the basic functioning of the website and are always turned on. Functional cookies are among these, which remember your settings on our website either for a single visit or, if you prefer, for each visit. They provide support in security matters and ensure compliance with regulations.
2. Statistics: These cookies allow us to improve the performance of our website by tracking usage. In some cases, these cookies speed up the processing of your requests and remember your settings on the website. Rejecting these cookies may hinder the customization of offers and slow down the website’s performance.
3. Marketing: Social media cookies allow you to connect to social networks and share content from our website through social media. Advertising cookies (used by third parties) collect information that helps display ads tailored to your interests, both on our website and others. In some cases, using these cookies involves processing your personal data. If you disable these cookies, you may see ads that are less relevant to your interests, or you may not be able to connect properly to Facebook, Twitter, or other social networks, and/or share content via social media.

You have the option to manage and/or delete cookies as you wish. For more information, please visit aboutcookies.org. You can delete all cookies stored on your computer, and most browsers allow you to block their installation. However, in this case, you may have to manually set some settings each time you visit a particular page, and some services and functions may not work.

Changes to Our Privacy Policy
Relevant laws and procedural practices may change from time to time. If we decide to update our privacy policy, we will publish the changes on our website. If there is a significant change in the way we process your personal data, we will notify you in advance and, if required by law, we will ask for your consent before making any changes. By using the services we offer, you accept the modified privacy policy by your conduct.

Remedies

You may object to the processing of your personal data based on the reasons defined in Section 21 of the Information Act. In this case, we are required to examine your objection within 15 (fifteen) calendar days from the submission of the request and inform you in writing about the outcome. If you disagree with our decision or if we fail to meet the deadline, you may appeal to a court within 30 (thirty) calendar days from the communication of the decision or from the last day of the deadline. If you believe your rights have been violated, you may also approach the court as specified in Section 22 of the Information Act.

You can also file a complaint with the following authorities:

Budapest Conciliation Board Address: 1016 Budapest, Krisztina Krt. 99. Phone: (06-1) 488-2131 Email: bekelteto.testulet@bkik.hu

National Authority for Data Protection and Freedom of Information Name: National Authority for Data Protection and Freedom of Information Address: 1024 Budapest, Szilágyi Erzsébet fasor 22/C. Website: www.naih.hu Phone: +36 (1) 391-1400 Email: ugyfelszolgalat@naih.hu

COOKIE POLICY

What are cookies?

Cookies are small text files stored on your computer or mobile device by the website you visit. Cookies allow the website to remember your actions and personal settings (such as your username, language, font size, and other display preferences) for a period of time, so you do not need to re-enter them each time you visit our website or navigate between pages.

How do we use cookies?

Our portal uses cookies to store the following:

• Your display settings, such as color and font settings;
• Whether you have already responded to a pop-up survey on the website content’s usefulness (so you won’t receive repeated requests to complete it);
• Whether you have consented (or not) to the use of cookies on our website.

Additionally, some of the videos on our portal use cookies to collect anonymous statistical data about how users arrive at a page and which videos they watch. Enabling cookies is not strictly necessary for the website’s functionality but improves the browsing experience and performance. You can delete or block these cookies, but some website features may not function as intended. The information stored by cookies is not used to identify you personally, and the data is fully under our control. The information stored by cookies is used only for the purposes described here.

Do we use other cookies?

Some of our pages and subdomains use different or additional cookies than those described above. We will inform you about these details in the respective page’s statement. On these pages, we may also ask for your consent to store these cookies.

Cookie maintenance

You have the option to manage and/or delete cookies at your discretion. For more information, please visit aboutcookies.org. You can delete all cookies stored on your computer, and most browsers allow you to block their installation. However, in this case, you may need to manually adjust certain settings every time you visit a page, and some services and functions may not work as expected.