ADATKEZELÉSI TÁJÉKOZTATÓ

Purpose of this privacy statement

Lilithhotel.com kft (address, hereinafter, service provider, data controller), as data controller, acknowledges that the content of this legal notice is binding on it. It undertakes that all data processing related to its activities shall comply with the requirements set out in these regulations and in the applicable national legislation, as well as in the legal acts of the European Union.

The privacy policy relating to the data controller’s data management is available at lilithhotel.com at all times.

The Data Controller reserves the right to change this information at any time. Of course, you will notify your audience in good time of any changes.

If you have any questions regarding this post, please write to us and our colleague will answer your question.

The Data Controller is committed to the protection of the personal data of its customers and partners, and it is of the utmost importance to respect the right of its customers to self-determination of information. The Data Controller treats personal data confidentially and takes all security, technical and organizational measures that guarantee the security of the data.

The Data Controller describes his data management practices below.

Data controller data

If you would like to contact our Company, you can contact the data controller at info@villalilith.com and at + 36702137245.

The Data Controller will delete all e-mails received with it, together with personal data, no later than 1 year after the disclosure.

Lilithhotel.com kft

Headquarters: 1173 Budapest, Maroshévíz utca 6.

Company registration number: 01-09-400028

Name of the court of registration: the Registry Court of the Metropolitan Court

Tax number: 27838671-2-42

Phone number: Email: info@villalilith.com, +36702137245

Data Protection Officer: Executive Director

Name: Simon Lilla

Phone number: +36702137245

Scope of personal data processed

Personal information to be provided during registration

Name, address, age, phone number, email address

Technical data

The Data Controller selects and operates the IT tools used to manage personal data during the provision of the service in such a way that the processed data:

accessible to those entitled to it (availability);

authenticity and authentication are ensured (authenticity of data management);

its invariability can be verified (data integrity);

be protected against unauthorized access (data confidentiality).

The Data Controller shall take appropriate measures to protect the data against unauthorized access, alteration, transmission, disclosure, deletion or destruction, and accidental destruction.

The Data Controller shall ensure the protection of the security of data management with technical, organizational and organizational measures that provide a level of protection appropriate to the risks arising in connection with data management.

The Data Controller retains it during data management

  • confidentiality: protects information so that only those who have access to it can access it;
  • Integrity: protects the accuracy and completeness of the information and the method of processing;
  • Availability: Ensures that when an authorized user needs it, they can actually access the information they need and have the tools to do so.

Cookies

The task of cookies

  • collect information about visitors and their devices;
  • notes the individual settings of the visitors, which can be used e.g. when using online transactions, so you don’t have to retype them;
  • facilitate the use of the website;
  • provide a quality user experience.

In order to provide customized service, a small data packet, called places a cookie and reads it back at a later visit. If the browser returns a previously saved cookie, the cookie service provider has the option to link the user’s current visit to the previous ones, but only for their own content.

Duration of data management

The data storage period of the given cookie, more information is available here:

Google General Cookie Information:

https://www.google.com/policies/technologies/types/

Google Analitycs Info:

https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en

Facebook info:

https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

Legal background and legal basis of cookies:

The legal basis for data processing under Article 6 (1) (a) of the Regulation is your consent.

The main features of the cookies used by the website are:

Cookies strictly required for operation: These cookies are essential for the use of the website and allow you to use the basic functions of the website. Without these, many features of the site will not be available to you. The lifespan of these types of cookies is limited to the duration of the session only.

Cookies to improve the user experience: These cookies collect information about the user’s use of the website, such as which pages you visit most often or what error message you receive from the website. These cookies do not collect information that identifies the visitor, ie they work with completely general, anonymous information. The data obtained from these is used to improve the performance of the website. The lifespan of these types of cookies is limited to the duration of the session only.

Third-party cookies (analytics)

Google Adwords cookie: When someone visits our site, the visitor’s cookie ID is added to the remarketing list. Google uses cookies, such as NID and SID cookies, to customize the ads that we display on Google products, such as Google Search. For example, we use such cookies to remember your recent searches, past interactions with individual advertisers ‘ads or search results, and visits to advertisers’ websites. AdWords Conversion Tracking uses cookies. It tracks cookies on a user’s computer to track sales and other conversions that result from an ad when that person clicks on an ad. Here are some common ways to use cookies: Choose ads based on what’s relevant to that user, refine your campaign performance reports, and avoid showing you ads you’ve already viewed.

Google Analytics cookie: Google Analytics is Google’s analytics tool that helps website and application owners get a better idea of ​​their visitors’ activities. The Service may use cookies to collect information and report on your website usage statistics without uniquely identifying visitors to Google. The main cookie used by Google Analytics is the “__ga” cookie. In addition to reporting from site usage statistics, Google Analytics, along with some of the advertising cookies described above, can also be used to show more relevant ads on Google products (such as Google Search) and across the web.

Remarketing cookies: They may appear to past visitors or users when they browse other sites on the Google Display Network or search for terms related to their products or services.

Session cookie: These cookies store the visitor’s location, browser language, payment currency, and last up to 2 hours.

Mobile version, design cookie: Detects the device used by the visitor and switches to full view on mobile. It has a lifespan of 365 days.

Accept cookie cookie: Upon arrival at the site, you accept the statement about the storage of cookies in the warning window. It has a lifespan of 365 days.

Facebook pixel (Facebook cookie): A Facebook pixel is a code that is used to report conversions on a website, compile target audiences, and provide detailed analytics to visitors about their use of the website. With the help of the Facebook pixel, you can display personalized offers and advertisements on the Facebook interface to the visitors of the website. You can read Facebook’s privacy policy here:

 

https://www.facebook.com/privacy/explanation

If you do not accept the use of cookies, certain features will not be available to you. You can find more information about deleting cookies at the following links:

Internet Explorer: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11

Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer

Mozilla: https://support.mozilla.org/en/kb/websites-searched-support-stores

Safari: https://support.apple.com/kb/ph21411?locale=en_US

Chrome: https://support.google.com/chrome/answer/95647

Data related to online ordering

Name, address, age, length of stay.

Data related to online administration

Name, address, age, length of stay

Newsletter related information

Data processing activities related to newsletters

Name of the company operating the newsletter system:

Headquarters of the company operating the newsletter system:

Phone number of the company operating the newsletter system:

E-mail address of the company operating the newsletter system:

The Data Processor participates in the sending of newsletters on the basis of a contract concluded with the Data Controller. In doing so, the Data Processor handles the name and e-mail address of the data subject to the extent necessary for sending the newsletter.

Description of the possibilities of subscribing to and unsubscribing to the newsletter, providing the possibility of unsubscribing.

Purpose, method and legal basis of data processing

General data management guidelines

The data management of the Data Controller’s activity is based on voluntary consent and legal authorization. In the case of data processing based on voluntary consent, data subjects may withdraw their consent at any stage of the data processing.

In some cases, the handling, storage and transmission of a set of provided data is required by law, of which we will notify our customers separately.

The attention of informants to the Data Controller is drawn to the fact that if they do not provide their own personal data, the informant is obliged to obtain the consent of the data subject.

Its data management principles are in line with existing data protection legislation, in particular:

2011 CXII. Act on the Right to Self-Determination of Information and Freedom of Information (Infotv.);

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46 ( General Data Protection Regulation, GDPR);

Act V of 2013 – on the Civil Code (Civil Code);

Act C of 2000 – on Accounting (Act on Accounting);

2017 LIII. Act on the Prevention and Suppression of Money Laundering and Terrorist Financing (Pmt.);

2013 CCXXXVII. Act on Credit Institutions and Financial Undertakings (Hpt.).

Physical storage locations for data

Your personal data (ie data that can be contacted with you) may be processed in our way as follows: on the other hand, you may also provide your name, contact information or other details if you wish to contact us personally while using the Website.

Data to be technically recorded during the operation of the system: the data of the computer of the relevant registrant, which is generated during the voting and which is recorded by the… system as an automatic result of the technical processes. The data that is automatically recorded is automatically logged at entry and exit without a separate statement or action by the data subject. This data may not be linked to other personal user data, except as required by law. Only… can access the data.

Data transmission, data processing, the circle of those who get to know the data

An itemized list of companies that transmit, store and learn about data. Listing the details and contact details of specific companies. (e.g., accounting, invoicing, shipping, CRM system, online payment, etc.)

Name of the data processor:

Seat of the data processor:

Phone number of the data processor:

E-mail address of the data processor:

The Data Processor participates in the registration of orders on the basis of the contract concluded with the Data Controller. In doing so, the Data Processor handles the name, address, telephone number, number and date of the orders within the civil law limitation period.

Rights and enforcement of the data subject

Within the period of data processing, you have the following rights in accordance with the provisions of the Decree:

the right to withdraw consent

access to personal data and information related to data processing

right to rectification

data management restrictions,

right of cancellation

the right to protest

the right to portability.

If you wish to exercise your rights, this will involve your identification and the Data Controller must communicate with you. Therefore, personal data will be required for identification purposes (but identification may only be based on data that the Data Controller handles about you anyway) and your data processing complaints will be available in the Data Controller’s email account within the time period specified in this leaflet. If you have been our customer and would like to identify yourself for complaint or warranty purposes, please provide your order ID for identification. Using this, we can also identify you as a customer.

Complaints related to data management will be answered by the Data Controller within 30 days at the latest.

Right to information

The Data Controller shall take appropriate measures to ensure that all information referred to in Articles 13 and 14 of the GDPR and Articles 15 to 22 of the GDPR is provided to data subjects. and Article 34 shall be provided in a concise, transparent, comprehensible and easily accessible form, in a clear and comprehensible manner.

The data subject ‘s right of access

You have the right to receive feedback from the Data Controller as to whether the processing of your personal data is in progress, and if data processing is in progress, you have the right to:

have access to the personal data processed and

inform the Data Controller of the following information:

the purposes of data management;

categories of personal information processed about you;

information on the recipients or categories of recipients with whom or with whom the Data Controller has communicated or will communicate personal data;

the intended period for which the personal data will be stored or, if that is not possible, the criteria for determining that period;

your right to request the Data Controller to rectify, delete or restrict the processing of personal data concerning you and to object to the processing of such personal data in the event of data processing based on a legitimate interest;

the right to lodge a complaint with the supervisory authority;

if the data was not collected from you, all available information about their source;

the fact of automated decision-making (if such a procedure has been used), including profiling, and at least in these cases, understandable information about the logic used and the implications for such data management and the expected consequences for you.

The purpose of exercising this right may be to establish and verify the lawfulness of the data processing, therefore the Data Controller may charge a fair fee for the provision of the information in case of repeated requests for information.

Access to personal data is ensured by the Data Controller by sending you the processed personal data and information by e-mail after your identification. If you have a registration, we will provide access so that you can view and verify the personal information we handle about you by logging into your user account.

Please indicate in your request whether you are requesting access to personal data or information regarding your processing.

Right of rectification

You have the right, at the request of the Data Controller, to correct inaccurate personal data concerning you without delay.

Right of cancellation

The data subject shall have the right, at the request of the Data Controller, to delete personal data concerning him or her without undue delay if any of the following reasons exist: personal data are no longer required for the purpose for which they were collected or otherwise processed;

the data subject withdraws his or her consent on which the processing is based and there is no other legal basis for the processing;

the data subject objects to the processing and there is no overriding legitimate reason for the processing;

personal data have been processed unlawfully;

personal data must be deleted in order to comply with a legal obligation under Union or Member State law applicable to the controller;

personal data were collected in connection with the provision of information society services.

Deletion of data may not be initiated if the processing is necessary: ​​for the purpose of exercising the right to freedom of expression and information; for the purpose of fulfilling an obligation under Union or Member State law governing the processing of personal data or performing a task carried out in the public interest or in the exercise of official authority vested in the controller; in the field of public health or for archival, scientific and historical research or statistical purposes, in the public interest; or to bring, assert or defend legal claims.

Right to restrict data processing

At the request of the data subject, the Data Controller shall restrict the data processing if one of the following conditions is met:

the data subject disputes the accuracy of the personal data, in this case the limitation on that period

which allows the accuracy of personal data to be verified;

the processing is unlawful and the data subject opposes the deletion of the data and instead requests that their use be restricted;

the controller no longer needs the personal data for the purpose of processing the data, but the data subject requests them in order to submit, enforce or protect legal claims; obsession

the data subject has objected to the processing; in that case, the restriction shall apply for as long as it is established whether the legitimate reasons of the controller take precedence over the legitimate reasons of the data subject.

Where processing is restricted, personal data other than storage may be processed only with the consent of the data subject or for the purpose of making, asserting or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State.

 

Right to carry data

If the data processing is carried out in an automated manner, or if the data processing is based on your voluntary consent, you have the right to request from the Data Controller to receive the data provided by you to the Data Controller in xml, JSON or csv format. if this is technically feasible, it may request that the Data Controller transfer the data in this form to another data controller.

Right to protest

The datasubject shall have the right to object at any time, for reasons relating to his or her situation, to the processing of his or her personal data in the public interest or in the exercise of a public authority, or to profiling based on those provisions. is. In the event of an objection, the controller may not further process the personal data, unless justified by compelling legitimate reasons which take precedence over the interests, rights and freedoms of the data subject or which relate to the submission, enforcement or protection of legal claims.

Automated decision making in individual cases, including profiling

The data subject shall have the right not to be covered by a decision based solely on automated data processing, including profiling, which would have a legal effect on him or her or a significant effect on him or her.

 

Right of withdrawal

The data subject has the right to withdraw his or her consent at any time.

Right to go to court

If the data subject’s rights are violated, he or she may take legal action against the data controller. The court is acting out of turn in the case.

Data protection regulatory procedure

Complaints can be lodged with the National Data Protection and Freedom of Information Authority:

Name: National Data Protection and Freedom of Information Authority

Headquarters: 1125 Budapest, Szilágyi Erzsébet avenue 22 / C. Mailing address: 1530 Budapest, Pf .: 5.

Phone: 0613911400

Fax: 0613911410

E-mail: ugyfelszolgalat@naih.hu Website: http://www.naih.hu

Other provisions

Information on data processing not listed in this prospectus will be provided at the time of data collection.

We inform our clients that the court, the prosecutor, the investigating authority, the infringement authority, the administrative authority, the National Data Protection and Freedom of Information Authority, the Magyar Nemzeti Bank, or other bodies are authorized to provide information, disclose data and transfer documents. they may contact the controller to make it available.

The Data Controller shall disclose personal data to the authorities only if and to the extent strictly necessary to achieve the purpose of the request, provided that the authority has indicated the exact purpose and scope of the data.

This document contains all relevant data management information related to the operation of the webshop in accordance with the General Data Protection Regulation No. 2016/679 of the European Union (hereinafter: the Decree. GDPR) and the CXII. TV. (hereinafter: Infotv.).