Table of contents
1 Purpose of this privacy notice
2. Data controller’s data
2.1 Data Protection Officer
3.Scope of personal data processed
3.1. Technical data
3.2 Cookies (Cookies)
3.2.1 The role of cookies
3.2.2 Strictly necessary session cookies
3.2.3. Third-party cookies (analytics)
3.2.4. List of cookies on the controller’s websites
4 General data processing policy, name of data processing, use, legal basis and retention period
4.1 Data related to online ordering
4.2 Data related to online administration
4.3 Data related to telephone administration
4.4 Newsletter / eDM related data
4.5 Customer contact details
4.6 Invoicing data
4.7 Personal data to be provided during registration
5 Physical storage locations for data
6 Data transfers, data processing, data subjects
6.1 Data transfers to third countries
7 Rights of data subjects and means of enforcement
7.1 Right to information
7.2 Right of access of the data subject
7.3 Right of rectification
7.4 Right to cancellation
7.5 Right to restriction of processing
7.6 Right to data retention
7.7 Right to object
7.8 Automated decision-making in individual cases, including profiling
7.9 Right of withdrawal
7.10 Right to apply to the courts
8 Other provisions
- PURPOSE OF THE PRIVACY NOTICE
Zsófia Győri (address: 2211 Vasad, Jókai u 8.) hereinafter referred to as the “service provider”, “data controller”) as the data controller, acknowledges the contents of this legal notice as binding on it.
It undertakes to ensure that all processing of data relating to its activities complies with the requirements set out in this Policy and in the applicable national legislation and European Union acts.
The privacy policy of the data controller in relation to its data processing is available on an ongoing basis at ujutak.com.
The Data Controller reserves the right to change this information at any time. It will of course inform its audience of any changes in due time.
If you have any questions about this communication, please contact us and we will answer them.
The Data Controller is committed to protecting the personal data of its customers and partners, and attaches great importance to respecting the right to information self-determination of its customers. The Data Controller treats personal data confidentially and takes all security, technical and organisational measures to ensure the security of the data.
The controller processes data for the following purposes in accordance with the applicable law:
- To contact us by electronic, telephone, SMS, and postal enquiries;
- Psychological/coaching/mediation/HR counselling, for the purpose of fulfilling an oral counselling/consultancy contract;
- Data relating to the provision of psychological/coaching/mediation/HR counselling services to service users for the purposes of meeting legal obligations (accounting and tax obligations on income from the activity) and maintaining client relationships.
The Data Controller describes its data management practices below.
- THE DATA CONTROLLER’S DATA
If you would like to contact the company, you can do so at ujutak.com. and +36 30 930 4059.
Name: Zsófia Győri
Seat: Haanova 2601/46A, 851-04 Bratislava
Tax number: 1129323624, SK1129323624
Registration number: 56 962 681
Mobile: +36 30 930 4059
E-mail: gyori.zsofia@ujutak.com
2.1 DATA PROTECTION OFFICER
The Data Controller does not carry out any activities that would justify the appointment of a Data Protection Officer.
- THE SCOPE OF THE PERSONAL DATA PROCESSED
3.1. TECHNICAL DATA
The Data Controller shall select and operate the IT tools used to process personal data in the course of providing the service in such a way that the processed data:
- accessible to authorised persons (availability);
- authenticity and verification (authenticity of processing);
- can be verified to be unchanged (data integrity);
- be protected against unauthorised access (data confidentiality).
The Data Controller shall take appropriate measures to protect the data against unauthorised access, alteration, disclosure, disclosure, erasure or destruction and against accidental destruction.
The Controller shall ensure the security of processing by technical, organisational and organisational measures that provide a level of protection appropriate to the risks associated with the processing.
The data controller shall, in the course of processing, preserve confidentiality: protect the information so that only those who are entitled to have access to it can do so; integrity: protect the accuracy and completeness of the information and the method of processing; availability: ensure that the information can be accessed when the authorised user needs it and that the means to do so are available.
3.2 COOKIES (COOKIES)
3.2.1 THE ROLE OF COOKIES
Cookies collect information about visitors and their devices; they remember visitors’ individual preferences, which are used, for example, when making online transactions, so they do not have to be re-entered; they make the website easier to use; they provide a quality user experience.
In order to provide a personalised service, a small piece of data called a cookie is placed on the user’s computer and read back during a subsequent visit. When the browser returns a previously saved cookie, the cookie provider has the possibility to link the user’s current visit to previous visits, but only in relation to its own content.
3.2.2 STRICTLY NECESSARY SESSION COOKIES
The purpose of these cookies is to allow visitors to browse the ujutak.com website, use its features and services fully and smoothly. The validity period of this type of cookie lasts until the end of the session (browsing), when the browser is closed, this type of cookie is automatically deleted from the computer or other device used for browsing.
3.2.3. THIRD-PARTY COOKIES (ANALYTICS)
The ujutak.com website also uses Google Analytics as a third party cookie. By using Google Analytics for statistical purposes, ujutak.com collects information about how visitors use its websites. The data is used to improve the website and the user experience. These cookies will also remain on the visitor’s computer or other browsing device, their browser, until they expire or are deleted by the visitor.
3.2.4. LIST OF COOKIES ON THE CONTROLLER’S WEBSITES
| Name | Service provider | Detailed description | Statute of limitations | Jelleg |
| 1P_JAR | Google.com and Gstatic.com | The cookie is used to collect site statistics and track conversion rates. | 2 years | does not collect personal information |
| CONSENT | ujutak.com | The cookie is used to store settings related to the acceptance of cookies | 1 year | does not collect personal information |
|
viewedExit PopupWP |
ujutak.com | The cookie is used to store the preferences of the information you provide when you leave the website | 30 days | does not collect personal information |
| NID | Google.com | These cookies allow our websites to remember how the website works or looks, for example, information that changes the language you have set or the region you are in. | 10 years | does not collect personal information |
| _ga | Google.com | We use Google Analytics cookies to measure traffic to our website. A single text bar is saved to identify the browser, the interactions timestamp and the browser / source page that led the user to our website. | 2 years | does not collect personal information |
| _gat | Google.com | We use Google Analytics cookies to measure traffic to our website. A single text bar is saved to identify the browser, the interactions timestamp and the browser / source page that led the user to our website. | 2 years | does not collect personal information |
| _gid | Google.com | We use Google Analytics cookies to measure traffic to our website. A single text bar is saved to identify the browser, the interactions timestamp and the browser / source page that led the user to our website. | 2 years | does not collect personal information |
4 GENERAL DATA PROCESSING POLICY, NAME OF DATA PROCESSING, USE, LEGAL BASIS AND RETENTION PERIOD
The data processing of the Data Controller’s activities is based on voluntary consent or on legal authorisation. In the case of processing based on voluntary consent, data subjects may withdraw their consent at any time during the processing.
In some cases, the processing, storage and transmission of some of the data provided is required by law, and we will notify our customers separately. We draw the attention of the Data Controller to the fact that, if the data subject does not provide his or her own personal data, it is the data subject’s duty to obtain the consent of the data subject. Act CXII of2011 on the Right to Informational Self-Determination and Freedom of Information (Infotv.);
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46/EC (General Data Protection Regulation, GDPR); Act V of 2013 on the protection of individuals with regard to the processing of personal data (GDPR). Act C of 2000 – on Accounting (Accounting Act); Act LIII of 2017 – on the Prevention and Combating of Money Laundering and Terrorist Financing (Pmt.); Act CCXXXVII of 2013 – on Credit Institutions and Financial Undertakings (Hpt.).
The data controller has prepared data maps, on the basis of which the scope of the data processed, their use, legal basis and retention period have been defined.
4.1 DATA RELATED TO ONLINE ORDERING
Through the website, it is possible to order services, personal data requested during the ordering process:
Name (required field)
Email address (required)
Phone number (required, to initiate a callback)
For certain services, such as website maintenance, additional personal data may be transferred.
Purpose of data processing, intended use of the data processed: the data will be used to fulfil the order.
The legal basis for data processing is a contractual mandate.
Retention period: duration of the business relationship or request for cancellation.
4.2 DATA RELATED TO ONLINE ADMINISTRATION
Personal data requested during contact:
Name (required field)
Email address (required)
Phone number (required, optional, to initiate a callback)
Purpose of the processing, intended use of the data processed: the data will be used to contact you and to fulfil yourorder.
The legal basis for data processing is voluntary consent.
Retention period: duration of the business relationship or request for cancellation.
4.3 DATA RELATED TO TELEPHONE ADMINISTRATION
Personal data requested during contact:
Name (required field)
Phone number (required, optional, to initiate a callback)
Intended use of the processed data: the data will be used to contact you and to fulfil your order.
Purpose of the processing, intended use of the data processed: the data will be used to contact you and to fulfil yourorder.
The legal basis for data processing is voluntary consent.
Retention period: duration of the business relationship or request for cancellation.
4.4 NEWSLETTER / EDM RELATED DATA
The personal data requested when subscribing to the newsletter:
Name (required field)
Email address (required)
You can subscribe to the newsletter after reading and accepting the privacy policy. Acceptance of the Privacy Policy is done by accepting a mandatory checkbox that has not been completed in advance.
After subscribing, the subscriber will receive an email message informing him/her of the subscription, which he/she will have to confirm, after which the subscription will take effect.
In all related processes, the customer still has the possibility to unsubscribe, the unsubscribe option is included in each letter in the form of a link, easily accessible with one click.
As the newsletter contains the name of the business and the contact details of its website, it is considered as advertising, eDM.
Purpose of the processing, intended use of the data processed: the data will be used to send a newsletter including advertising. The newsletter will contain the address of the website and will therefore be considered as advertising.
The legal basis for data processing is voluntary consent.
Retention period: until unsubscription.
4.5 CUSTOMER RELATIONSHIP DATA
I store the following personal data and contact details of my customers:
Name
Email address
Phone number
Purpose of processing, intended use of the data processed: the data will be used for the purpose of contacting and maintaining contact.
The legal basis for processing is legitimate interest.
Retention period: legal requirements, duration of business relationship, or request for deletion.
4.6 DATA RELATED TO INVOICING
The Data Controller concludes a contract with its customers for the services ordered, in the course of which the following data are stored:
Name
Email address
Address
Purpose of the processing, intended use of the data processed: invoicing.
Legal basis for processing: legal requirement.
Retention period: legally required: current year + 5 years
4.7 PERSONAL DATA TO BE PROVIDED DURING REGISTRATION
There is no registration option on ujutak.com.
5 PHYSICAL STORAGE LOCATIONS OF THE DATA
We may process your personal data (that is, data that can be associated with you personally) in the following ways:
- on the one hand, technical data relating to your computer, browser program, Internet address and the pages you visit are automatically generated in our computer system in connection with the maintenance of the Internet connection,
- on the other hand, you can also provide your name, contact details or other information if you wish to contact us personally when using the website. Data technically collected in the course of the operation of the system.
The data that is automatically recorded is automatically logged by the system on entry and exit, without any declaration or action by the data subject.
This data cannot be linked to other personal user data, except where required by law. Access to the data is limited to ujutak.com.
6 DATA TRANSFERS, DATA PROCESSING, DATA SUBJECTS
The Data Controller uses the following data processors as part of its business activities:
Shared space service:
Company name: Websupport Hungary Kft.
Headquarters: 1119 Budapest, Fehérvári út 97-99. (No personal reception)
Tax number: 25138205-2-43
EU Community VAT number: HU25138205
Company registration number: 01-09-381419
Bank account number: 12011179-01395626-00100003 (Raiffeisen Bank Zrt.)
IBAN bank account number: HU38-1201-1179-0139-5626-0010-0003
SWIFT code: UBRTHUHB
Newsletter:
No newsletters are currently sent.
Data collected: subscriber name and email address.
Google Analytics:
Google Inc., Mountain View, California, USA
Scope of the data collected: the IP addresses of visitors to the webfolio.hu and fotofolio.hu websites – anonymised, not personally identifiable.
Facebook page:
Facebook Inc.
Menlo Park, California, USA
Privacy notice: https://www.facebook.com/about/privacy/update
Data collected: username, comments.
6.1 DATA TRANSFERS TO THIRD COUNTRIES
Data will be transferred to the United States of America, for which a compliance decision was issued on 12 July 2016 (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en).
7 DATA SUBJECT’S RIGHTS AND MEANS OF REDRESS
The data subject may request information on the processing of his or her personal data, and may request the rectification, erasure or withdrawal of his or her personal data, except for mandatory data processing, and may exercise his or her right to data portability and objection in the manner indicated when the data were collected, or by contacting the controller at the above contact details.
7.1 RIGHT TO INFORMATION
The controller shall take appropriate measures to provide data subjects with all the information on the processing of personal data referred to in Articles 13 and 14 of the GDPR and each of the disclosures referred to in Articles 15 to 22 and 34 of the GDPR in a concise, transparent, intelligible and easily accessible form, in clear and plain language.
7.2 RIGHT OF ACCESS OF THE DATA SUBJECT
The data subject shall have the right to obtain from the controller feedback as to whether or not his or her personal data are being processed and, if such processing is taking place, the right to access the personal data and the following information:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipients to whom or with whom the personal data have been or will be disclosed, including in particular recipients in third countries or international organisations;
- the intended duration of the storage of the personal data;
- the right to rectification, erasure or restriction of processing and the right to object;
- the right to lodge a complaint with a supervisory authority;
- information on data sources;
- the fact of automated decision-making, including profiling, as well as the logic used and clear information on the significance of such processing and its likely consequences for the data subject.
The controller shall provide the information within a maximum of one month from the date of the request.
7.3 RIGHT OF RECTIFICATION
The data subject may request the correction of inaccurate personal data concerning him or her processed by the Controller and the completion of incomplete data.
7.4 RIGHT TO CANCELLATION
If one of the following grounds applies, the data subject shall have the right to obtain from the Data Controller, upon his or her request, the erasure of personal data concerning him or her without undue delay: the personal data are no longer necessary for the purposes for which they were collected or otherwise processed; the data subject withdraws the consent on the basis of which the processing was carried out and there is no other legal basis for the processing; the data subject objects to the processing and there is no overriding legitimate ground for the processing; the personal data have been processed unlawfully; the personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject; the personal data were collected in connection with the provision of information society services.
The erasure of data cannot be initiated if the processing is necessary: for the exercise of the right to freedom of expression and information; for compliance with an obligation under Union or Member State law to which the controller is subject to comply with personal data processing or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; for reasons of public interest in the field of public health or for archiving, scientific or historical research purposes or statistical purposes; or for the establishment, exercise or defence of legal claims.
7.5 RIGHT TO RESTRICTION OF PROCESSING
At the request of the data subject, the Data Controller shall restrict processing if one of the following conditions is met: the data subject contests the accuracy of the personal data, in which case the restriction shall be for a period which allowsthe accuracy of the personal data to be verified; the processing is unlawful and the data subject opposes the erasure of the data and requests instead that its use be restricted; the controller no longer needs the personal data for the purposes of the processing, but the data subject requires them for the establishment, exercise or defence of legal claims; or the data subject has objected to the processing; in which case the restriction shall apply for a period of time until it is established whether the legitimate grounds of the controller override the legitimate grounds of the data subject.
Where processing is restricted, personal data, other than storage, may be processed only with the consent of the data subject or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or of an important public interest of the Union or of a Member State.
7.6 RIGHT TO DATA RETENTION
The data subject shall have the right to obtain the personal data concerning him or her which he or she has provided to the controller in a structured, commonly used, machine-readable format and to transmit such data to another controller.
7.7 RIGHT TO OBJECT
The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to processing of his or her personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, or necessary for the purposes of the legitimate interests pursued by the controller or by a third party, including profiling based on those provisions. In the event of an objection, the controller may no longer process the personal data, except on compelling legitimate grounds which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
7.8 AUTOMATED DECISION-MAKING ON INDIVIDUAL CASES, INCLUDING PROFILING
The data subject shall have the right not to be subject to a decision based solely on automated processing, includingprofiling, which produces legal effects concerning him or her or similarly significantly affects him or her.
7.9 RIGHT OF WITHDRAWAL
The data subject has the right to withdraw his or her consent at any time.
7.10 RIGHT TO APPLY TO THE COURTS
The data subject may take the controller to court if his or her rights are infringed. 8.11 Data protection authority procedure Complaints may be lodged with the National Authority for Data Protection and Freedom of Information:
Name: National Authority for Data Protection and Freedom of Information Headquarters: 1055 Budapest, Falk Miksa utca 9-11E-mail: ugyfelszolgalat@naih.hu, 1363 Budapest, Pf.: 9. Tel.: 36 (30) 683-5969
+36 (30) 549-6838 Website: http://www.naih.hu
8 OTHER PROVISIONS
Information about data processing not listed in this notice is provided at the time of collection. We inform our customers that the court, the prosecutor, the investigating authority, the law enforcement authority, the administrative authority, the National Authority for Data Protection and Freedom of Information, the Hungarian National Bank, or other bodies authorised by law may contact the data controller to provide information, to disclose or transfer data, or to provide documents. The controller shall disclose personal data to the authorities only to the extent and to the extent strictly necessary for the purpose of the request, provided that the authority has indicated the precise purpose and scope of the data.
(This Privacy Policy is based on the recommendation of the Budapest Chamber of Commerce and Industry.)
Cd: 15.05.2025.