Effective from 1 May 2026 until withdrawn

Privacy Policy

For visitors and clients of the gemesipreparator.hu website.

1. Introduction

The purpose of this Privacy Policy is to provide visitors of the gemesipreparator.hu website (hereinafter: Website), as well as clients using the services (hereinafter: Data Subject), with transparent and clear information about the processing of their personal data. During data processing, we act in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR), as well as the applicable Hungarian legal provisions.

2. Details of the Data Controller

The operator of the Website and controller of personal data is:

  • Name: Tamás Gémesi (hereinafter: Data Controller)
  • Registered office / Postal address: 8800 Nagykanizsa, Levente u. 20., Hungary
  • Phone: +36 20 927 3720
  • E-mail: gemesipreparator@gmail.com
  • Website: gemesipreparator.hu

3. Data Processor (Server Operator)

For the proper and secure operation of the Website and e-mail systems, the Data Controller uses a hosting provider, which qualifies as a Data Processor under the GDPR.

  • Company name: Cre-Art Stúdió Bt.
  • Company registration number: 20-06-035008
  • Registered office: 8800 Nagykanizsa, Zrínyi Miklós utca 20/B, Hungary
  • Website: www.creart.hu
  • E-mail: posta@creart.hu
  • Activity performed: Hosting services, server operation, technical storage of data.

4. Scope, Purpose, Legal Basis and Duration of Data Processing

4.1. Contact, quotation requests (by e-mail, phone or possible form)

Scope of processed data: The Data Subject's name, e-mail address, phone number, and any other personal data voluntarily provided by the Data Subject in the message.

Purpose of processing: Answering the Data Subject's questions, providing a quotation, and coordinating services.

Legal basis of processing: The voluntary consent of the Data Subject (GDPR Article 6(1)(a)), and taking steps prior to entering into a contract (GDPR Article 6(1)(b)).

Duration of processing: For no longer than 1 year after the contact request has been closed, unless a contract (order) is concluded. In the latter case, billing data are retained for 8 years in accordance with accounting laws.

4.2. Technical data collected when visiting the Website (server log files)

Scope of processed data: The IP address of the Data Subject's computer, time of visit, addresses of visited pages, and type of browser and operating system used.

Purpose of processing: Monitoring the secure operation of the Website and preventing abuse (e.g. cyberattacks).

Legal basis of processing: The legitimate interest of the Data Controller (GDPR Article 6(1)(f)).

Duration of processing: Server logs are automatically deleted, generally after 30 days.

5. Use of Cookies

The Website may place small data files (cookies) in the visitor's browser in order to ensure proper operation.

Strictly necessary (session) cookies: These are required for the basic operation of the Website, such as page navigation. Their use does not require prior consent.

Statistical / marketing cookies (if the site uses such cookies, e.g. Google Analytics): These cookies are used only with the visitor's explicit and voluntary consent, given by accepting them via the cookie banner. The Data Subject may disable the use of cookies at any time in their browser settings.

6. Principles of Processing and Data Security

The Data Controller treats the personal data provided as confidential and takes all technical and organizational measures (e.g. secure hosting, password protection) that serve the security of the data and protection against unauthorized access, alteration, transmission, disclosure, deletion or destruction.

Personal data are not transferred to third parties, except to the Data Processor (Cre-Art Stúdió Bt.) and in the case of legally required requests from authorities.

7. Rights of the Data Subject (User)

Under the GDPR, the Data Subject has the following rights:

  • Right to information and access: You may request information about which data we process and for what purpose, and you may request a copy of such data.
  • Right to rectification: You may request correction of inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten"): You may request deletion of your data if the purpose of processing has ceased or if you have withdrawn your consent, except where the law requires data retention, for example in the case of invoices.
  • Right to restriction of processing: In certain cases, you may request that your data be stored only and not otherwise used.
  • Right to data portability: You may request to receive the data entrusted to us in a machine-readable format, or to have them transmitted to another controller.
  • Right to object: You may object to processing based on legitimate interest.

These rights may be exercised by contacting gemesipreparator@gmail.com or by post at the registered office address provided above. The Data Controller responds to requests without undue delay, and no later than within 1 month.

8. Remedies

If the Data Subject believes that we have violated applicable laws in the processing of their personal data, they may lodge a complaint with the supervisory authority:

  • Hungarian National Authority for Data Protection and Freedom of Information (NAIH)
  • Registered office: 1055 Budapest, Falk Miksa utca 9-11., Hungary
  • Postal address: 1363 Budapest, Pf.: 9., Hungary
  • Phone: +36 1 391 1400
  • E-mail: ugyfelszolgalat@naih.hu
  • Web: www.naih.hu

In the event of infringement, the Data Subject may also turn to the competent Court.

9. Amendment of this Privacy Policy

The Data Controller reserves the right to amend this Privacy Policy unilaterally, for example due to changes in legislation or expansion of Website functions. The amended policy enters into force upon publication on the Website.