Privacy Notice
for customer data management
I. Name of the controller
Data controller: Zoltán Kristóf Varga
Headquarters: 8272 Szentjakabfa Fő utca 2.
Tax number: 76786662-1-39
Contact: contact@mandulaskert.com
Represented by: Zoltán Kristóf Varga
II. Legislation underlying data management
The following legislation applies to data processing related to customer service:
Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46 text: https://eurlex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN
Act CXII of 2011 on the right to information self-determination and freedom of information. Act (hereinafter: Info Act), in force:
https://net.jogtar.hu/jogszabaly?docid=A1100112.TV
CLV 1997 on consumer protection. Act, current text: https://net.jogtar.hu/jogszabaly?docid=99700155.TV
III. Information about the data processed
Scope of data processed and purpose of data management
The scope and purpose of the data processed, their duration, their legal basis and the method of processing are set out in the appendix to this information sheet.
ARC. Data access and data security measures
1. Access to and transmission of data
The personal data you provide may be accessed by the staff of the Data Controller in order to perform their duties.
The data controller may use a data processor to process the personal data processed, for which he or she is responsible for his or her own activities. Data processors may transfer personal data outside the EEA. The data processors used:
Google Inc.
WIX.com Ltd.
Microsoft Inc.
The Data Controller shall only transfer its personal data to other Data Controllers and state bodies not listed in the Annex only in exceptional cases. For example, if
court proceedings are pending against you and the court seised is required to provide you with documents containing your personal data,
the police will contact the Data Controller and request the transmission of documents containing your personal data for the investigation.
2. Data security measures
The Data Controller stores the personal data you provide on the servers of the cloud service provider used by the Data Controller and, if applicable, in its paper-based archives.
The controller shall take appropriate measures to protect personal data against, inter alia, unauthorized access or alteration.
V. Rights of the data subject concerned
1. Your Access Rights
You, as the owner, have access to your personal information.
If you ask the Data Controller to provide feedback on whether you process your personal data, the Data Controller is obliged to provide information on:
the. what personal information
b. on what legal basis
c. for what data management purpose,
d. from what source,
e. how long do you handle it.
Your right to receive feedback on whether or not the Data Controller handles your personal data
the. covers personal information about you;
b. does not cover anonymous data;
c. does not cover personal information not about you; and
d. includes pseudonymous information that is clearly associated with you.
The Data Controller will provide access to and a copy of your personal data upon request. If you request an additional / repeated copy of your personal data, the Data Controller may charge a reasonable fee to cover the administrative costs incurred in complying with the request, which will be borne by you.
2. Your right to correct
You have the right to have your personal information corrected. E joga
the. does not cover anonymous data;
b. covers personal information about you;
c. does not cover personal information not about you; and
d. includes pseudonymous data that can be clearly associated with you.
The Data Controller will correct or supplement your personal data accordingly at your request. The Data Controller will inform the recipients of the personal data (if any) of the correction of your personal data. However, the Data Controller will not inform the recipients of the correction of personal data if it proves impossible or would take a disproportionate effort to inform the recipients.
3. Right of cancellation
Under certain conditions, you have the right to delete your personal data.
The Data Controller is obliged to delete your personal data without undue delay if
the. the Data Controller handles this personal data and
b. You are requesting the deletion of your personal information and
c. personal data is not required for the purposes for which the Data Controller processes the personal data.
The Data Controller is obliged to delete your personal data without undue delay if
the. the Data Controller handles your personal data and
b. You are requesting the deletion of your personal information and
c. You are withdrawing your consent to the processing of your data, and
d. there is no other legal basis for further processing of your data.
The Data Controller is obliged to delete your personal data without undue delay if
the. the processing is necessary to protect the legitimate interests of the Data Controller or a third party, and
b. You object to the Data Controller's handling of your personal data and
c. the legitimate reason for processing such personal data does not take precedence over your protest.
The Data Controller is obliged to delete your personal data without undue delay if
the. You are requesting the deletion of your personal information and
b. the processing of such data by the Data Controller is not illegal or
c. cancellation is required by applicable law, or
d. your data is collected in relation to information society services.
The Data Controller will inform the recipients of the personal data (if any) of the deletion of your personal data. However, the Data Controller will not inform the recipients of the deletion of personal data if it would be impossible or disproportionate to inform the recipients.
4. Your right to restrict data processing
You may request a restriction on the processing of your personal information. Your right to request a restriction on the processing of your personal data
(a) does not cover anonymous data;
(b) covers personal information about you;
(c) does not cover personal information not about you; and
(d) includes pseudonymous information that is clearly associated with you.
The Data Controller will restrict the processing of your personal data for the period during which it verifies the accuracy of such data if you request a restriction on the processing of your personal data and you dispute the accuracy of such data.
The Data Controller restricts the processing of your personal data if you request a restriction on the processing of data the processing of which is unlawful and you object to the deletion of such data.
The Data Controller restricts the processing of your personal data if
(a) You request a restriction on the processing of your personal information, and
(b) the Data Controller no longer needs this data for the purpose of processing its data, and
(c) You request your data to file, enforce or defend a legal claim.
The Data Controller restricts the processing of your personal data if
the. You object to the processing of your personal data which is necessary for the legitimate interests of the Data Controller, and
b. You are awaiting confirmation that there is a legitimate reason for the processing of your personal data by the Data Controller which does not take precedence over your protest.
The Data Controller will inform the recipients of the personal data (if any) of any restrictions on the processing of your personal data. However, the Data Controller will not inform the recipients of such a restriction if it would be impossible or disproportionate to inform the recipients.
If the Data Controller restricts the processing of your personal data, then
(a) store such personal information,
(b) process such personal data with your consent,
(c) process personal data in order to make, assert or protect a legal claim or to protect the rights of a person.
5. Right to data portability
You have the right to receive your personal data provided to you by a data controller in a structured, widely used machine-readable format and to transfer this data to another data controller without hindrance (where technically possible). the controller to whom the personal data have been made available, if the processing is based on consent or necessary for the performance of a contract and the processing is carried out automatically.
Your right to data portability
(a) does not cover anonymous data;
(b) covers personal information about you;
(c) does not cover personal information not about you; and
(d) does not cover clearly pseudonymous data.
6. Deadline for processing your application as a person
The Data Controller will respond to requests for your rights under the above without undue delay, but no later than one month.
7. Right to lodge a complaint
If you believe that your rights have been violated, the Data Controller recommends that you initiate a consultation with the Data Controller by contacting the Data Controller directly. If such consultation is unsuccessful or you do not wish to take part in such activities, you may apply to the courts or the NAIH. If legal proceedings are instituted, you may decide to bring the proceedings before the court having jurisdiction over your address or place of residence.
The contact details of the NAIH are as follows: 1125 Budapest, Szilágyi Erzsébet fasor 22 / C .; phone: +36 1 391 1400; fax: +36 1 391 1410; e-mail:
ugyfelszolgalat@naih.hu; Website: www.naih.hu
8. Amendments to this prospectus
The Data Controller reserves the right to amend this prospectus at any time. The Data Controller shall inform the customers of such changes by letter or e-mail, as the case may be, and in all cases in accordance with the applicable legislation.
2022.01. 15.
Zoltán Kristóf Varga
Privacy Notice
for customer data management
I. Name of the controller
Company name: Horváth Borház Bt.
Headquarters: 8272 Szentjakabfa Fő utca 2.
Company registration number: 19 06 505984
Tax number: 20963387219
Contact: contact@mandulaskert.com
Represented by: Zoltán Kristóf Varga
II. Legislation underlying data management
The following legislation applies to data processing related to customer service:
Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46 text: https://eurlex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN
Act CXII of 2011 on the right to information self-determination and freedom of information. Act (hereinafter: Info Act), in force:
https://net.jogtar.hu/jogszabaly?docid=A1100112.TV
CLV 1997 on consumer protection. Act, current text: https://net.jogtar.hu/jogszabaly?docid=99700155.TV
III. Information about the data processed
Scope of data processed and purpose of data management
The scope and purpose of the data processed, their duration, their legal basis and the method of processing are set out in the appendix to this information sheet.
ARC. Data access and data security measures
1. Access to and transmission of data
The personal data you provide may be accessed by the staff of the Data Controller in order to perform their duties.
The data controller may use a data processor to process the personal data processed, for which he / she is responsible for his / her own activities. Data processors may transfer personal data outside the EEA. The data processors used:
Google Inc.
WIX.com Ltd.
Microsoft Inc.
The Data Controller shall only transfer its personal data to other Data Controllers and state bodies not listed in the Annex only in exceptional cases. For example, if
court proceedings are pending against you and the court seised is required to provide you with documents containing your personal data,
the police will contact the Data Controller and request the transmission of documents containing your personal data for the investigation.
2. Data security measures
The Data Controller stores the personal data you provide on the servers of the cloud service provider used by the Data Controller and, if applicable, in its paper-based archives.
The controller shall take appropriate measures to protect personal data against, inter alia, unauthorized access or alteration.
V. Rights of the data subject concerned
1. Your Access Rights
You, as the owner, have access to your personal information.
If you ask the Data Controller to provide feedback on whether you process your personal data, the Data Controller is obliged to provide information on:
the. what personal information
b. on what legal basis
c. for what data management purpose,
d. from what source,
e. how long do you handle it.
Your right to receive feedback on whether or not the Data Controller handles your personal data
the. covers personal information about you;
b. does not cover anonymous data;
c. does not cover personal information not about you; and
d. includes pseudonymous information that is clearly associated with you.
The Data Controller will provide access to and a copy of your personal data upon request. If you request an additional / repeated copy of your personal data, the Data Controller may charge a reasonable fee to pay the administrative costs incurred in complying with the request, which will be borne by you.
2. Your right to correct
You have the right to have your personal information corrected. E joga
the. does not cover anonymous data;
b. covers personal information about you;
c. does not cover personal information not about you; and
d. includes pseudonymous data that can be clearly associated with you.
The Data Controller will correct or supplement your personal data accordingly at your request. The Data Controller will inform the recipients of the personal data (if any) of the correction of your personal data. However, the Data Controller will not inform the recipients of the rectification of personal data if it proves impossible or would take a disproportionate effort to inform the recipients.
3. Right of cancellation
Under certain conditions, you have the right to delete your personal data.
The Data Controller is obliged to delete your personal data without undue delay if
the. the Data Controller handles this personal data and
b. You are requesting the deletion of your personal information and
c. personal data is not required for the purposes for which the Data Controller processes the personal data.
The Data Controller is obliged to delete your personal data without undue delay if
the. the Data Controller handles your personal data and
b. You are requesting the deletion of your personal information and
c. You are withdrawing your consent to the processing of your data, and
d. there is no other legal basis for further processing of your data.
The Data Controller is obliged to delete your personal data without undue delay if
the. the processing is necessary to protect the legitimate interests of the Data Controller or a third party, and
b. You object to the Data Controller's handling of your personal data and
c. the legitimate reason for processing such personal data does not take precedence over your protest.
The Data Controller is obliged to delete your personal data without undue delay if
the. You are requesting the deletion of your personal information and
b. the processing of such data by the Data Controller is not illegal or
c. cancellation is required by applicable law, or
d. your data is collected in relation to information society services.
The Data Controller will inform the recipients of the personal data (if any) of the deletion of your personal data. However, the Data Controller will not inform the recipients of the deletion of personal data if it would be impossible or disproportionate to inform the recipients.
4. Your right to restrict data processing
You may request a restriction on the processing of your personal information. Your right to request a restriction on the processing of your personal data
(a) does not cover anonymous data;
(b) covers personal information about you;
(c) does not cover personal information not about you; and
(d) includes pseudonymous information that is clearly associated with you.
The Data Controller will restrict the processing of your personal data for the period during which it verifies the accuracy of such data if you request a restriction on the processing of your personal data and you dispute the accuracy of such data.
The Data Controller restricts the processing of your personal data if you request a restriction on the processing of data the processing of which is unlawful and you object to the deletion of such data.
The Data Controller restricts the processing of your personal data if
(a) You request a restriction on the processing of your personal information, and
(b) the Data Controller no longer needs this data for the purpose of processing its data, and
(c) You request your data to file, enforce or defend a legal claim.
The Data Controller restricts the processing of your personal data if
the. You object to the processing of your personal data which is necessary for the legitimate interests of the Data Controller, and
b. You are awaiting confirmation that there is a legitimate reason for the processing of your personal data by the Data Controller which does not take precedence over your protest.
The Data Controller will inform the recipients of the personal data (if any) of any restrictions on the processing of your personal data. However, the Data Controller will not inform the recipients of such a restriction if it would be impossible or disproportionate to inform the recipients.
If the Data Controller restricts the processing of your personal data, then
(a) store such personal information,
(b) process such personal data with your consent,
(c) process personal data in order to make, assert or protect a legal claim or to protect the rights of a person.
5. Right to data portability
You have the right to receive your personal data provided to you by a data controller in a structured, widely used machine-readable format and to transfer this data to another data controller without hindrance (where technically possible). the controller to whom the personal data have been made available, if the processing is based on consent or necessary for the performance of a contract and the processing is carried out automatically.
Your right to data portability
(a) does not cover anonymous data;
(b) covers personal information about you;
(c) does not cover personal information not about you; and
(d) does not cover clearly pseudonymous data.
6. Deadline for processing your application as a person
The Data Controller will respond to requests for your rights under the above without undue delay, but no later than one month.
7. Right to lodge a complaint
If you believe that your rights have been violated, the Data Controller recommends that you initiate a consultation with the Data Controller by contacting the Data Controller directly. If such consultation is unsuccessful or you do not wish to take part in such activities, you may apply to the courts or the NAIH. If legal proceedings are instituted, you may decide to bring the proceedings before the court having jurisdiction over your address or place of residence.
The contact details of the NAIH are as follows: 1125 Budapest, Szilágyi Erzsébet fasor 22 / C .; phone: +36 1 391 1400; fax: +36 1 391 1410; e-mail:
ugyfelszolgalat@naih.hu; Website: www.naih.hu
8. Amendments to this prospectus
The Data Controller reserves the right to amend this prospectus at any time. The Data Controller shall inform the customers of such changes by letter or e-mail, as the case may be, and in all cases in accordance with the applicable legislation.
2022.01. 15.
Zoltán Kristóf Varga