logo2

PRIVACY STATEMENT

INTRODUCTION

The operators of Steiner - Villa: József Dezső Steiner and Steinerné Jakkel Irén (address: 8630 Balatonboglár, Kápolna u. 7.) hereinafter: Data Controllers) submit to the following information.

REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL On the protection of natural persons with regard to the processing of personal data and on the free flow of such data and on the repeal of Regulation 95/46/EC (General Data Protection Regulation) (April 2016) 27.), we provide the following information.

This data management information sheet regulates the data management of the following pages (web pages/homepages):

https://steiner-villa.hu

The data management information is available from the following page: https://steiner-villa.hu/adatvedelem

Amendments to the prospectus will take effect upon publication at the above address.

THE DATA CONTROLLER AND ITS CONTACTS:

Name: József Dezső Steiner

Residential address: 8630 Balatonboglár Kápolna u. 7.

E-mail: steiner-villa@gmail.com

Phone: +36 30 944 2602

Name: Steinerné Jakkel Irén Marietta

Residential address: 8630 Balatonboglár Kápolna u. 7.

E-mail: steiner-villa@gmail.com

Phone: +36 30 9726110

CONTACT INFORMATION OF THE PERSON IN CHARGE OF THE DATA PROTECTION:

Name: Steinerné Jakkel Irén Marietta

Residential address: 8630 Balatonboglár Kápolna u. 7.

E-mail: steiner-villa@gmail.com

Phone: +36 30 9726110

DEFINITIONS

  1. "personal data": any information relating to an identified or identifiable natural person ("data subject"); a natural person can be identified directly or indirectly, in particular on the basis of an identifier such as a name, number, location data, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person identifiable;
  1. "data management": any operation or set of operations performed on personal data or data files in an automated or non-automated manner, such as the collection, recording, organization, segmentation, storage, transformation or change, query, insight, use, communication, transmission, distribution or by making it available in other ways, coordinating or connecting, limiting, deleting or destroying;
  1. "data controller": the natural or legal person, public authority, agency or any other body that determines the purposes and means of processing personal data independently or together with others; if the purposes and means of data management are determined by EU or member state law, the data controller or the special aspects regarding the designation of the data controller may also be determined by EU or member state law;
  1. "data processor": the natural or legal person, public authority, agency or any other body that processes personal data on behalf of the data controller;
  1. "Recipient": the natural or legal person, public authority, agency or any other body to whom the personal data is communicated, regardless of whether it is a third party. Public authorities that have access to personal data in accordance with EU or Member State law in the context of an individual investigation are not considered recipients; the management of said data by these public authorities must comply with the applicable data protection rules in accordance with the purposes of data management;
  1. "consent of the data subject": a voluntary, specific and well-informed and clear declaration of the will of the data subject, with which the data subject indicates by means of a statement or an unmistakable act of confirmation that he/she consents to the processing of personal data concerning him/her;
  1. "data protection incident": a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data transmitted, stored or otherwise handled.

PRINCIPLES REGARDING THE HANDLING OF PERSONAL DATA

Personal data:

  1. it must be handled legally and fairly, as well as in a transparent manner for the data subject ("legality, fair procedure and transparency");
  1. it is collected only for specific, clear and legitimate purposes, and they are not handled in a way that is incompatible with these purposes; in accordance with Article 89 (1), further data processing for the purpose of archiving in the public interest, for scientific and historical research purposes or for statistical purposes is not considered incompatible with the original purpose ("purpose limitation");
  1. they must be appropriate and relevant from the point of view of the purposes of data management, and must be limited to what is necessary ("data economy");
  1. they must be accurate and, if necessary, up-to-date; all reasonable measures must be taken to promptly delete or correct personal data that is inaccurate for the purposes of data processing ("accuracy");
  1. it must be stored in a form that allows the identification of the data subjects only for the time necessary to achieve the goals of personal data management; personal data may be stored for a longer period only if the personal data will be processed in accordance with Article 89 (1) for the purpose of archiving in the public interest, for scientific and historical research purposes or for statistical purposes, the rights of the data subjects and subject to the implementation of appropriate technical and organizational measures required to protect your freedoms ("limited storage capacity");
  1. must be handled in such a way that adequate security of personal data is ensured by applying appropriate technical or organizational measures, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage of data ("integrity and confidentiality").

The data controller is responsible for compliance with the above, and must also be able to prove this compliance ("accountability").

DATA MANAGEMENT

DATA MANAGEMENT RELATED TO THE OPERATION OF WEBSITES

  1. The fact of data collection, the scope of processed data and the purpose of data management:

Personal data and the purpose of data management:

Surname and first name

It is required for making contact, making purchases and issuing legal invoices.

E-mail address

Required for contact.
Newsletter

Phone number

Keeping in touch, more effectively negotiating questions related to invoicing or delivery.

Age

Only for children, to provide services for children

Address

Mandatory data provision of accommodation

Time and place of birth

Mandatory data provision of accommodation

Nationality

Mandatory data provision of accommodation

  1. Scope of stakeholders: Persons requesting an offer through the website, persons booking accommodation.
  1. Duration of data management:

Data management lasts until the end of the stay at the accommodation.

  1. Description of the rights of data subjects related to data management:
  • The data subject may request from the data controller access to personal data relating to him, their correction, deletion or restriction of processing,
  • you also have the right to withdraw your consent at any time.
  1. The data subject can initiate access to personal data, their deletion, modification, or restriction of processing, or the withdrawal of consent in the following ways:

- by post to 8630 Balatonboglár Kápolna u. at address 7,

– by e-mail at steiner-villa@gmail.com.

  1. Legal basis for data management:

The information on data management was prepared in accordance with the rules of the General Data Protection Regulation No. 2016/679.

DATA PROCESSORS REQUIRED

  1. When processing the data, we use the following data processors:


Hosting service company:Nethely Kft., 1115 Budapest, Halmi u. 29.

Invoicing program szamlazz.hu: KBOSS.hu Kft., 1031 Budapest, Záhony utca 7/D.

MANAGEMENT OF COOKIES

Pursuant to the legal regulations applicable in the European Union, the Service Provider draws attention to the fact that the website uses so-called cookies.

The website visitor has the right to disable the use of cookies in the browser settings.

If you have consented to the use of cookies, the browser stores cookies on your computer or other devices so that our system can recognize your settings. If you wish to withdraw your consent, you can do so in your browser settings at any time before the validity period expires.

What are cookies?

Cookies are small text data files placed by your browser on your computer or device. Among other things, cookies collect information, remember your individual settings, and generally facilitate the use of the website and contribute to enhancing the user experience.

Types of cookies:

Session cookie: these cookies are temporarily activated while browsing is in progress. From the moment you open the browser window until the moment you close it. As soon as the browser is closed, all session cookies are deleted.

Persistent cookie: these cookies remain on the device for the time specified in the cookie. They are activated every time you visit the website.

All browsers allow you to change your cookie settings. However, we would like to draw your attention to the fact that if the use of cookies is prevented or deleted, the functional use of the website may not be complete, or that the website may function differently in the browser than planned.

  1. Cookies specific to our website are the so-called "cookie used for a password-protected session" and "security cookies", the use of which does not require prior consent from the data subjects.
  1. The fact of the data management, the scope of the managed data: Unique identification number, dates, times
  1. Scope of stakeholders: All stakeholders visiting the website.
  1. Purpose of data management: Identification of users, registration of "expiration of promotions" and tracking of visitors.
  1. Legal basis for data management: Electronic commercial services and information

Type of cookie: Session cookies

Legal basis for data management: Electronic commercial services and information

CVIII of 2001 on certain issues of social services. Act (Elkertv.) 13/A. (3) of §

Duration of data management: The period until the end of the relevant visitor session

Managed data area: uid

  1. The person of the possible data controllers entitled to access the data: The data controller does not manage personal data through the use of cookies.
  1. Description of the rights of data subjects related to data management: The data subject has the option to delete cookies in the Tools/Settings menu of browsers, usually under the settings of the Data Protection menu item.
  1. Legal basis for data management: Consent from the data subject is not required if the sole purpose of using cookies is the transmission of information via an electronic communication network or if the service provider absolutely needs it to provide a service related to the information society specifically requested by the subscriber or user.
  1. Description of the rights of data subjects related to data management: The data subject has the option to delete cookies in the Tools/Settings menu of browsers, usually under the settings of the Data Protection menu item.

Delete cookies for the following browsers according to the information on the link marked next to them.

Attention: the browsers listed below - in addition to those that are even less well-known or even coming to the market in the future - are constantly updated, so it is recommended to visit the service provider to assess the current setting options and to learn about their data protection guidelines!

Mozilla: https://support.mozilla.org/hu/kb/weboldalak-altal-elhelyezett-sutik-torlese-szamito

Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=hu

Internet Explorer: https://support.microsoft.com/hu-hu/help/278835/how-to-delete-cookie-files-in-internet-explorer

Microsoft Edge: https://support.microsoft.com/hu-hu/help/4027947/windows-delete-cookies

Opera: http://help.opera.com/Windows/10.20/hu/cookies.html

Safari (iOS rendszerek): https://support.apple.com/hu-hu/HT201265

Cookies are also managed by:

Google: https://policies.google.com/technologies/cookies

Facebook: https://hu-hu.facebook.com/policies/cookies/

OPPORTUNITY TO COMPLAINT

You can file a complaint with the National Data Protection and Freedom of Information Authority against possible violations of the data controller:

National Data Protection and Freedom of Information Authority

1125 Budapest, Szilágyi Erzsébet fasor 22/C.

Mailing address: 1530 Budapest, PO Box: 5.

Telephone: +36 -1-391-1400

Fax: +36-1-391-1410

E-mail: ugyfelszolgalat@naih.hu

DATA SECURITY

During the operation of IT systems, the necessary authorization management, internal organizational and technical solutions are provided so that your data cannot fall into the possession of unauthorized persons,

data cannot be deleted, saved from the system, or modified by unauthorized persons.

we also apply data protection and data security requirements to our data processors.

-

We keep a record of possible data protection incidents,

if necessary we inform you about incidents.

OTHER PROVISIONS

We reserve the right to modify this data management information in a way that does not affect the purpose and legal basis of data management.

However, if we wish to carry out further data management for a purpose other than the purpose of their collection in relation to the collected data, we will inform you of the purpose of the data management and the following information before the further data management:

  • on the duration of storage of personal data, or if this is not possible,

then the aspects of the definition of duration;

  • your right to request access to your personal data, its correction, deletion or restriction of processing, and in the case of data processing based on legitimate interests, you may object to the processing of personal data, and in the case of data processing based on consent or a contractual relationship, you may request the right to ensure data portability;
  • in the case of consent-based data management, that you can withdraw your consent at any time,
  • on the right to submit a complaint to the supervisory authority;
  • that the provision of personal data is based on legislation or contractual obligations or is

a prerequisite for concluding a contract and whether you are obliged to provide personal data, as well as the possible consequences of failure to provide data;

  • the fact of automated decision-making (if such a procedure is used), including profiling, as well as, at least in these cases, comprehensible information about the logic used and the significance of such data management and the expected consequences for you.

Data management can only begin after this, if the legal basis of data management is consent, you must also consent to data management in addition to information.

This Data Management Notice is valid from 02.01.2023.