Privacy information

PRIVACY NOTICE

The purpose of this Privacy Notice is to ensure that Kopaszi Gát Zrt. and Property Market Kft. (hereinafter jointly referred to as the “Companies”) fulfil their obligation to provide prior information to data subjects regarding the processing of their personal data, and to inform them about the principles of data processing and the available legal remedies.

In preparing this Privacy Notice, the Companies have taken into account the provisions of:

  • Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“General Data Protection Regulation” or “GDPR”),
  • Act CXII of 2011 on Informational Self-Determination and Freedom of Information,
  • Act CVIII of 2001 on Electronic Commerce and Information Society Services,
  • Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities,
  • Act V of 2013 on the Hungarian Civil Code.

This Notice applies to the data processing activities of the Companies in relation to the sending of newsletters and commercial offers (“CRM Data Processing”), as well as to the data processing carried out during the use of the website www.budapart.hu (“Website Data Processing”).

1. Data Controllers

The personal data are jointly controlled by:

  • Kopaszi Gát Zrt. (company registration number: 01 10 142037, registered office: 1117 Budapest, Dombóvári út 26. 1st floor), and
  • Property Market Kft. (company registration number: 01-09-206694, registered office: 1117 Budapest, Dombóvári út 27.).

2. Fundamental Principles of Data Processing

2.1. Lawfulness, Fairness and Transparency: The Companies process personal data lawfully, fairly and in a transparent manner, ensuring that data subjects are properly informed.

2.2. Purpose Limitation: Personal data are collected solely for the purposes specified in section 4 and shall not be further processed in a manner incompatible with those purposes.

2.3. Data Minimisation: The Companies process only those personal data that are adequate, relevant and limited to what is necessary for the purposes described.

2.4. Accuracy: The Companies take all reasonable steps to ensure that personal data are accurate and up to date, and shall rectify or erase any inaccurate data without delay.

2.5. Storage Limitation: Personal data shall be kept only for as long as necessary to fulfil the purposes set out in section 4.

2.6. Integrity and Confidentiality: The Companies apply appropriate technical and organisational measures to ensure the security of personal data, protecting them against unauthorised or unlawful processing, accidental loss, destruction or damage.

3. Legal Basis for Data Processing

3.1. The legal basis for processing is the data subject’s consent pursuant to Article 6(1)(a) GDPR, as well as the provisions of the Electronic Commerce Act. With regard to CRM Data Processing, the provisions of Section 6(1) of the Advertising Act are also applied, meaning that personal data may only be processed where the data subject has given explicit consent.

3.2. The Companies do not disclose personal data to the public. However, disclosure may be ordered by law in the public interest, specifying the categories of data to be made public. In all other cases, disclosure requires the explicit written consent of the data subject. In case of doubt, it must be presumed that consent has not been given.

3.3. Personal data processed on a mandatory legal basis may be transferred to the Central Statistical Office for statistical purposes, provided the data are processed in a manner that does not allow the identification of individual data subjects, unless otherwise provided by law.

4. Purposes of Data Processing

4.1. CRM Data Processing: The purpose is to provide the services available on the Companies’ website, particularly property listings, offers, business communications, maintaining contact, and ensuring the best possible fulfilment of the data subject’s requests. The specific personal data to be provided are set out in section 5.2.

4.2. Website Data Processing: For the operation of the website www.budapart.hu, the Companies use cookies to measure website traffic, as detailed in section 5.1.

4.3. Personal data provided by the data subject shall not be used for purposes other than those specified in this section. Disclosure to third parties or authorities is only permitted with the prior, explicit consent of the data subject, unless required by law.

4.4. The Companies do not verify the accuracy of the data provided. Responsibility for the correctness of the information lies solely with the person providing it. However, the Companies are obliged to process only accurate personal data. By providing an email address, the data subject assumes responsibility for the fact that the email account is used exclusively by them. Any liability arising from the use of a registered email address rests with the registrant.

5. Categories of Processed Data

5.1. Website Data Processing:
During the visit of the website, the Companies record the following data for the purpose of providing the service, verifying its operation and preventing abuse: date and time of visit, visitor’s IP address, URL of the visited page, URL of the previously visited page, type of browser used.

Technical data automatically recorded during system operation include the data of the user’s logging-in device generated during the use of the service, which are recorded automatically by the system without any separate statement or action of the user. Such data are logged at the time of login and logout. These log files are not linked with other personal data. Only the data controller has access to these data.

5.2. CRM Data Processing:
The following personal data are recorded during the registration process: username, password, password reminder, email address, name, country, address, gender, phone number, newsletter subscription, date of registration, number of logins, last login date, login IP address, and the services used on the website.

The Companies store these data in their Customer Relationship Management system (“CRM system”), which also records customer activity, contacts, content of communications and dates thereof. Where a contract is concluded for the purchase of property, further data are recorded: banking details, identification data (tax number, personal ID number, mother’s maiden name, place and date of birth), details of the selected property, specifications, design and construction details.

Where contracts are concluded for residential units, the Companies may continue to process the customers’ personal data in order to provide further offers and maintain communication with existing clients. By granting consent, customers also consent to their personal data being processed following the conclusion of the property purchase agreement.

6. Scope of Data Processing

6.1. The Companies primarily use email addresses to maintain contact. Where services change, notifications are sent by email. Marketing emails are only sent in compliance with the applicable legal requirements.

6.2. Where links to external service providers are used, cookies may be placed and read on the user’s device to enable customised service. Returning cookies may allow such providers to link current and previous visits, but only in relation to their own content. Users may delete cookies or disable their use in browser settings.

7. Retention Period of Personal Data

7.1. Data processed in the CRM system are retained for 5 years from the date of provision, unless longer retention is required by law (e.g. accounting and tax rules). If a purchase contract is concluded, the data listed in section 5.2 are retained for 5 years from contract date, except for contact details (name, email, phone), which are retained as long as the property is owned or used by the data subject.

7.2. Upon request for deletion or withdrawal of consent, data are erased within 10 working days unless longer retention is required by law.

7.3. Automatically recorded technical data are retained for a maximum of 10 years. Where consent is withdrawn, such technical data shall no longer allow identification of the data subject.

7.4. In cases of unlawful, misleading or abusive use of personal data, or suspected criminal activity, the Companies may erase the data immediately, or retain them for the duration of the legal proceedings.

8. Access to Data, Data Transfers and Data Processing

8.1. Data may be accessed primarily by the Companies’ employees responsible for the operation of the CRM system and the provision of services, but shall not be disclosed publicly.

8.2. For IT operations and service provision, the Companies may engage processors (e.g. system operators). These processors ensure lawful and secure processing, and enable data subjects to exercise their rights. Current processors include:

  • Macette Kft. (2100 Gödöllő, Ibolya u. 56.), virtual infrastructure services.
  • Soulware Zrt. (1031 Budapest, Záhony u. 7.), software development services.
  • ADAMSKY by Positive Kft. (1062 Budapest, Délibáb u. 29.), web development services.

8.3. Processors may not make independent decisions, may only process data as instructed, and may not use the data for their own purposes.

8.4. In specific cases (e.g. court orders, police investigations, legal proceedings concerning intellectual property, property or other rights), personal data may be disclosed to authorities or third parties.

8.5. The Companies shall comply with lawful requests for data disclosure by authorities or courts. The Companies verify the authenticity of such requests and transfer the data securely.

8.6. Where a contract is concluded for services within the Budapart Project, the Companies may transfer the necessary personal data to cooperating project partners. The data subject is separately informed of the recipients and circumstances.

8.7. If data are intended to be used for purposes other than those originally collected, prior consent of the data subject shall be obtained.

8.8. The Companies comply with all statutory restrictions on data collection, recording and processing, and inform data subjects upon request.

8.9. The Companies’ system may collect usage data, which shall not be linked to other external services.

9. Data Security

9.1. Data processing operations are designed and carried out in compliance with the GDPR, ensuring the protection of privacy.

9.2. The Companies take all technical and organisational measures necessary to safeguard personal data.

9.3. Adequate measures are taken to protect personal data against unauthorised access, alteration, disclosure, erasure, destruction, accidental loss or damage, or technological obsolescence.

10. Data Subject Rights

10.1. Data subjects may request information about the processing of their personal data, correction, erasure or restriction of personal data (except where mandatory processing applies), and may withdraw their consent.

10.2. Upon request, the Companies provide information about processed data, sources, purposes, legal bases, duration, processors, and any transfers.

10.3. Requests must be answered in writing, in clear language, within 25 days.

10.4. Requests may only be refused in cases permitted by the GDPR, with written justification and information on remedies.

10.5. Inaccurate data shall be corrected where accurate information is available.

10.6. Data must be erased where processing is unlawful, the data subject requests erasure, the purpose has ceased, or the statutory retention period has expired.

10.7. Instead of erasure, data may be restricted if requested by the data subject or if deletion would harm legitimate interests.

10.8. Rectification, restriction and erasure must be communicated to the data subject and any third parties to whom data were disclosed, unless disproportionate.

10.9. If a request is refused, the Companies inform the data subject within 25 days, giving factual and legal reasons, and informing them of available remedies.

10.10. Data subjects may object to the processing of their personal data where processing is not based on their consent.

10.11. Objections must be examined within 15 days, and the data subject notified of the decision.

10.12. Where the objection is upheld, processing (including data collection and transfer) shall be terminated, and the data restricted.

10.13. Where the data subject disagrees with the decision, or where no decision is taken within the deadline, the data subject may turn to the courts within 30 days.

10.14. Consent may be withdrawn at any time by notice to the Companies (by email to Show E-mail address or by post to 1117 Budapest, Dombóvári út 27.), in which case personal data are erased within 10 working days.

11. Binding Nature and Amendment of this Privacy Notice

11.1. The Companies undertake to process personal data in compliance with this Privacy Notice.

11.2. The Companies reserve the right to unilaterally amend this Privacy Notice at any time.

11.3. Amendments shall be communicated appropriately (e.g. via newsletter, website notice). Continued use of the services constitutes acceptance of the amended Privacy Notice.

11.4. Where amendments materially affect the purpose, duration, scope or categories of personal data processed, renewed consent shall be sought.

12. Remedies and Enforcement

12.1. The Companies strive to process personal data lawfully and fairly. In case of concerns, data subjects may contact the Companies at:

  • Property Market Kft.
    Email: Show E-mail address
    Address: 1117 Budapest, Dombóvári út 27.
  • Kopaszi Gát Zrt.
    Email: Show E-mail address
    Address: 1117 Budapest, Dombóvári út 26. 1st floor.

12.2. Data subjects may lodge complaints with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH):
Szilágyi Erzsébet fasor 22/c, 1125 Budapest,
Postal address: 1530 Budapest, PO Box 5,
Tel: +36 (1) 391-1400, Fax: +36 (1) 391-1410,
Email: Show E-mail address,
Website: http://naih.hu

12.3. Data subjects may also seek judicial remedy under the GDPR and the Hungarian Civil Code.

Where users provide third-party data or cause damage by using the website, the Companies may claim damages and assist the authorities in identifying the infringer.

Budapest, 04 September 202

I request the offer
Ez a weboldal sütiket használ!
Sütiket használunk a tartalmak és hirdetések személyre szabásához, a látogatóink magasabb szintű kiszolgálásához, a weboldalforgalmunk elemzéséhez, illetve marketing tevékenységünk támogatása érdekében. Az „ELFOGADOM” gomb megnyomásával Ön hozzájárul a sütik használatához. Amennyiben Ön nem fogadja el a süti beállításokat, azzal Ön nem adja hozzájárulását a cookie-k beállításához, és a továbbiakban csak a honlap működéshez elengedhetetlenül szükséges sütiket használjuk.
Összes elfogadás
Nem fogadom el
Beállítások kezelése
Beállítások kezelése
  • Elengedhetetlen alapok
    Elengedhetetlen sütiket használunk az oldal zavartalan működése érdekében.
  • Funkcionális
    Ezek a sütik több funkciót tesznek lehetővé weboldalunk látogatói számára. Ezeket a cookie-kat külső szolgáltatóink vagy saját weboldalunk állíthatják be. A következő funkciók aktiválódhatnak vagy nem aktiválódhatnak, ha elfogadja ezt a kategóriát: - Élő chat szolgáltatások; - Online videók megtekintése; - Közösségi média megosztó gombok; - Bejelentkezés a weboldalunkra a közösségi médián keresztül; - Google térkép; - Youtube videó lejátszása; - Vimeo videó lejátszása; - Google Recaptcha
  • Statisztika
    Statisztikai sütiket használunk a tartalmak és hirdetések személyre szabásához, közösségi funkciók biztosításához, valamint weboldalforgalmunk elemzéséhez.
  • Performansz
    Ezeket a sütiket arra használjuk, hogy statisztikai információkat gyűjtsünk a weboldalunk használatáról, ezeket analitikai sütiknek is nevezik. Ezeket az adatokat a teljesítmény és a weboldal optimalizálásához használjuk.
  • Marketing
    Marketing sütiket használunk aktuális akcióink személyre szabott megjelenítéséhez. Amennyiben minden funkciót használni szeretne, ezt kell kiválasztania!
Back
Elfogadás