Data protection information

which informs you, as a visitor to our website and a user of our services, about our company’s data management and privacy policy.

1. What principles do we follow in our data management?

Our Company follows the following principles in the processing of your data:

• we process personal data lawfully and fairly and in a transparent manner for you.
• personal data is collected only for specified, explicit and legitimate purposes and is not processed in a way incompatible with those purposes.
• the personal data we collect and process is adequate, relevant and limited to what is necessary for the purposes for which it is processed.
• Our Company will take all reasonable steps to ensure that the data we process is accurate and, where necessary, kept up to date, and we will promptly delete or correct inaccurate personal data.
• personal data are stored in a form which permits identification of you only for the time necessary to achieve the purposes for which the personal data are processed.
• we use appropriate technical and organisational measures to ensure adequate security of personal data against unauthorised or unlawful processing, accidental loss, destruction or damage.
• Our Company will process your personal data
• on the basis of your prior informed and voluntary consent and only to the extent necessary and in any event for the purposes for which it is collected, recorded, processed, stored and used.
• in some cases, the processing of your data is based on legal requirements and is mandatory, in which case we will draw your attention to this fact.
• or in certain cases, our Company or a third party has a legitimate interest in the processing of your personal data, such as the operation, development and security of our website.

2. Who are we?

Name of the declaration: GRAND MAYERS Kft.
Registered office: 2161 Csomád Kossuth Lajos út 103.
Website: https://grandapartmanhaz.hu/
Postal address: 2161 Csomád Kossuth Lajos út 103.
E-mail address: grandmayerskft@gmail.com
Tax number: 29275025-2-13
Company registration number: 13-09-213341

Our company is subject to GDPR 37. does not require the appointment of a data protection officer

Our company is a hosting provider:

Hosting provider name: Websupport Hungary Kft.

The seat of the Hosting Provider is 1119 Budapest,
Fehérvári út 97-99.

Hosting website: https://www.websupport.hu/

Email address of the hosting company: support@websupport.hu

Our Company uses the following data processors for the processing of data in order to provide our customers with high quality service:

Data Controller (1): ____________________

Address (1): ____________________

Responsibilities (1): All activities

Where we change the scope of our data processors, we will reflect the changes in this notice.

The data we process:

We only ask our website visitors for their personal information when they register, log in or enter a prize draw.

We cannot link the personal information you provide in connection with your registration or use of our marketing services and we do not aim to identify our visitors.

If you have any questions about data processing, you can request further information by sending an e-mail or postal mail to grandmayerskft@gmail.com and we will respond within 15 days (but no later than 1 month) to the contact details you provide.

3. What are cookies and how do we handle them?

Cookies are small data files (hereinafter “cookies”) that are transferred to your computer through the use of the website by your website by being saved and stored by your internet browser. Most of the most commonly used web browsers (Chrome, Firefox, etc.) accept and allow the download and use of cookies by default, but it is up to you to modify your browser settings to refuse or block them, or to delete cookies already stored on your computer. For more information on the use of cookies, please see the “help” section of each browser.

Some cookies do not require your prior consent. These are briefly disclosed by our website at the start of your first visit, such as authentication cookies, multimedia player cookies, load balancing cookies, session cookies to help you customise the user interface, and user-centric security cookies.

Our Company will inform you and ask for your consent about cookies that require your consent – if the processing starts when you visit the site – at the beginning of your first visit.

We do not use or allow cookies that enable third parties to collect data without your consent.

Acceptance of cookies is not mandatory, but our Company is not responsible if our website does not function as expected without cookies.

What cookies do we use?

Name: _ga
Service provider: domained.hu
Purpose: To register a unique identifier that generates statistics on how the visitor uses the site.
Expiry: 2 years
Type: HTTP

Name: _gat
Service provider: domained.hu
Purpose: To store the thottle request rate used by Google Analytics.
Expiry: working session
Type: HTTP

Name: _gid
Service provider: domained.hu
Purpose: To register a unique identifier that generates statistics on how the visitor uses the site.
Expiry: working session
Type: HTTP

Name: _fbp
Service provider: domained.hu
Purpose: Facebook uses it to provide advertising products to a third party (e.g. real-time ads)
Expiry date: 3 months
Type: HTTP

Name: fr
Provider: facebook.com
Purpose: Facebook uses this cookie to offer a range of advertising products (such as real-time referrals from third-party advertisers)
Expiry date: 3 months
Type: HTTP

You can read more about third party cookies here on this page.

4. What else you need to know about our data management on our website

The personal data you provide to us voluntarily when registering or contacting our Company, we therefore ask you to gradually take care of their truthfulness, correctness and accuracy when providing us with your data, for which you are responsible. Incorrect, inaccurate or incomplete data may prevent you from using our services.

If you do not provide your own personal data but that of another person, we will assume that you have the necessary authorisation to do so.

You may withdraw your consent to data processing at any time, free of charge

• by deleting the registration,
• by withdrawing consent to the processing; or
• by withdrawing or requesting the blocking of any consent to the processing or use of data that must be completed during registration.

For technical reasons, we have a 30-day deadline for registering the withdrawal of consent, but please note that we may process certain data after the withdrawal of consent in order to comply with a legal obligation or to pursue our legitimate interests.

In the event of the use of misleading personal data, or if one of our visitors commits a crime or attacks our Company’s system, we will delete your data immediately upon termination of your registration or, if necessary, retain it for the duration of any civil liability or criminal proceedings.

5. What do you need to know about our data management for direct marketing and newsletter purposes?

You can give your consent to us using your personal data for marketing purposes by making a declaration during registration or by subsequently modifying your personal data stored in the newsletter and/or direct marketing registration area (i.e. by clearly indicating your intention to consent). In this case, we will also process your data for the purpose of direct marketing and/or sending you newsletters, advertising and other mailings, information and offers and/or newsletters (§ 6 of the Data Protection Act) until your consent is withdrawn.

You can give your consent to direct marketing and newsletter, either together or separately, or withdraw it/these free of charge and at any time.

In any case, the cancellation of the registration will be considered as a withdrawal of consent. Withdrawal of consent to data processing for direct marketing and/or newsletter purposes shall not be construed as withdrawal of consent to data processing in relation to our website. How is this? What and on what basis will we retain if you withdraw your consent to receive the newsletter? In the case of contributions, each contribution is for a specific purpose, so registering for tomorrow and subscribing to the newsletter are two separate purposes, two separate databases, the two cannot be related.

For technical reasons, we have a 15-day deadline to register the withdrawal or cancellation of individual consents.

6. What do I need to know about prize draws?

Our Company may organise prize draws as part of a campaign, the terms and conditions of which are set out in a separate policy. The current promotion rules can always be found on the home page of our website, centrally located link.

7. Other data management issues

We may only transfer your data within the limits set by law and, in the case of our data processors, we ensure that they cannot use your personal data for purposes that are not in accordance with your consent by setting contractual conditions. More information on the 2. can be found at.

Our company does not transfer data abroad.

The court, the prosecution and other authorities (e.g. police, tax authorities, National Authority for Data Protection and Freedom of Information) may contact our Company for information, data or documents. In these cases, we must comply with our obligation to provide information, but only to the extent strictly necessary to achieve the purpose of the request.

Our contractors and employees involved in the processing of your personal data are entitled to have access to your personal data to the extent specified in advance, subject to confidentiality obligations.

We will take appropriate technical and other measures to protect your personal data and to ensure its security, availability and to protect it from unauthorised access, alteration, damage or disclosure and any other unauthorised use.

As part of our organisational measures, we control physical access in our buildings, provide continuous training for our employees and keep paper documents locked away with appropriate protection. We use encryption, password protection and anti-virus software as part of our technical measures. Please note, however, that the transmission of data over the Internet cannot be considered a fully secure transmission. While we make every effort to ensure that our processes are as secure as possible, we cannot accept full responsibility for the transmission of data through our website, but we do maintain strict standards for the security of your data and the prevention of unlawful access to it.

In relation to security issues, we ask for your help in carefully remembering your password to access our website and not to share this password with anyone.

8. What are your rights and remedies?

About data processing

• request information on,
• may request the rectification, modification or integration of their personal data processed by us,
• may object to the processing and request the erasure and blocking of their data (except for mandatory processing),
• have a right of appeal to a court,
• lodge a complaint or take action with the supervisory authority(https://naih.hu/panaszuegyintezes-rendje.html).

Supervisory Authority: National Authority for Data Protection and Freedom of Information

• Headquarters: 1055 Budapest,
  9-11 Falk Miksa Street.
• Postal address: 1363 Budapest, PO Box 9.
• Phone: +36 (1) 391-1400
• Fax: +36 (1) 391-1410
• E-mail: ugyfelszolgalat@naih.hu

Website: https://naih.hu/

At your request, we will provide you with information about the personal data that we process about you or that we – or our data processors – process.

• about your data,
• their source,
• the purposes and legal basis of the processing,
• and, if this is not possible, the criteria for determining this period,
• the names and addresses of our data processors and their data processing activities,
• the circumstances and effects of data breaches and the measures we have taken to prevent and respond to them; and
• the legal basis and recipient of the transfer of your personal data.

We will provide you with information within 15 days (but not more than 1 month) of the request. The information is free of charge unless you have already submitted a request for information on the same data in the current year. We will reimburse you for any fees you have already paid if we have processed the data unlawfully or if the request for information has led to a correction. We may refuse to provide information only in cases provided for by law, by indicating the place where the information is lawfully provided and by informing you of the possibility of judicial remedy or recourse to the Authority.

Our Company will notify you and all those to whom it has previously disclosed the data for processing purposes of the rectification, blocking, marking and erasure of personal data, unless the non-notification is not in your legitimate interest.

If we do not comply with your request for rectification, blocking or erasure, we will provide you with the reasons for our refusal in writing or, with your consent, by electronic means within 15 days (but not more than 1 month) of receipt of your request and inform you of the possibility of judicial remedy and of recourse to the Authority.

If you object to the processing of your personal data, we will consider your objection within 15 days of your request (but not later than 1 month) and inform you in writing of our decision. If we decide that your objection is justified, we will stop the processing, including further collection and transfer, and block the data, and notify the objection and any action taken in response to it to all those to whom we have previously disclosed the personal data to which the objection relates and who are obliged to take action to enforce the right to object.

We will refuse to comply with a request if we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. If you do not agree with our decision or if we do not meet the deadline, you can take legal action within 30 days of the date of the decision or the last day of the deadline.

Data protection litigation falls within the jurisdiction of the courts, which may, at the option of the data subject, be brought before the courts of the place of residence or domicile of the data subject. A foreign national can also lodge a complaint with the supervisory authority of his/her place of residence.

Please contact our Company before lodging a complaint with the supervisory authority or the courts to discuss and resolve the problem as quickly as possible.

9. What is the main legislation governing our activities?

• Regulation (EU) 2016/679 of the European Parliament and of the Council on the processing of personal data of natural persons (GDPR)
• on the right of information self-determination and freedom of information of 2011. CXII. law – (Info tv.)
• the Civil Code 2013. Act V of 2007 (Civil Code)
• on certain aspects of electronic commerce services and information society services of 2001. CVIII. law – (Eker tv.)
• the Electronic Communications Act 2003. Act C of 2006 – (Ehtv)
• the 1997 Act on consumer protection. CLV. law (Fogyv tv.)
• on complaints and notifications of public interest 2013. CLXV. Act. (Pktv.)
• on the basic conditions and certain limitations of commercial advertising activities of 2008. XLVIII. Act (Grtv.)

10. Amendments to the Privacy Notice

Our Company reserves the right to modify this Privacy Notice and will inform the data subjects accordingly. Publication of information on data processing on the https://grandapartmanhaz.hu/  website.