Privacy Policy
Document of Vanda Bazin
Effective: from March 28, 2026 until withdrawal
The purpose of this notice is to ensure that the Data Subject understands the Data Controller’s data processing activities and that the rights provided in connection with this are clearly understandable to them.
DEFINITIONS:
1. Personal data: personal data means any information relating to an identified or identifiable living natural person. All information which, if collected, can lead to the identification of a specific person also constitutes personal data.
2. Data processing: any operation or set of operations performed on data, regardless of the procedure used, such as collection, recording, logging, organization, storage, alteration, use, retrieval, transmission, disclosure, alignment or combination, blocking, erasure and destruction, as well as preventing further use of the data, taking photographs, audio or video recordings, and recording physical characteristics suitable for identifying the person.
3. Data subject: any natural person identified or identifiable—directly or indirectly—on the basis of any specific personal data. A person shall be considered identifiable particularly if they can be identified, directly or indirectly, based on factors such as name, identification number, or one or more factors specific to their physical, physiological, mental, economic, cultural, or social identity.
4. Data Controller: the natural or legal person or organization which determines the purposes of the processing of data, makes and implements decisions regarding data processing (including the means used), or has them implemented by a data processor commissioned by it.
5. Data Processor: the natural or legal person or organization which processes data on behalf of the data controller, based on a contract concluded with the data controller—including contracts concluded based on statutory provisions.
6. Third party: a natural or legal person, public authority, agency, or any other body other than the data subject, the data controller, the data processor, or those persons who, under the direct authority of the data controller or data processor, are authorized to process personal data.
7. Recipient: a natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not.
8. Consent of the data subject: any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
9. Personal data breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
I. Name and Contact Details of the Data Controller
Name of Data Controller: Vanda Bazin
Contact Address of Data Controller: 3525, Miskolc, Vologda u. 6, 8/3
Email Address of Data Controller: hello@learnwithkpop.com
Tax Number of Data Controller: 55740232-1-25
The Data Controller is not obliged to designate a data protection officer.
II. Scope of Personal Data Processed, Purpose, Legal Basis, and Duration of Data Processing
2.1. Data Processing Related to Contacting:
Name and Purpose of Data Processing: Data processing related to contacting: Identification of the Data Subject and establishing contact with the Data Subject.
Legal Basis for Data Processing: The consent of the Data Subject, pursuant to Article 6(1)(a) of the GDPR.
Scope of processed data:
The Data Subject’s name, the Data Subject’s email address, the Data Subject’s phone number, the Data Subject’s address, the Data Subject’s social media profile (depending on the method of establishing and maintaining contact).
Duration of data processing:
For the duration of the contact.
2.2. Data Processing Related to Orders:
Name and Purpose of Data Processing: Data processing related to orders: Identification of the Orderer/Buyer, performance of the ordered service, maintaining contact with the Orderer/Buyer.
Legal Basis for Data Processing: Performance of a contractual obligation pursuant to Article 6(1)(b) of the GDPR.
Scope of processed data:
Data necessary for the conduct of the sale or the use of the service, typically the Orderer/Buyer’s name, Orderer/Buyer’s e-mail address, Orderer/Buyer’s phone number, Orderer/Buyer’s social media profile, Orderer/Buyer’s delivery address if they request delivery of the product (country, county, postal code, settlement, street, house number, building, floor, door).
Duration of data processing:
5 years from the conclusion of the contract created by the order, pursuant to Section 6:22 (1) of Act V of 2013 on the Civil Code (“Ptk.”), in view of the fact that civil law claims expire after 5 years.
2.3. Billing Activity:
Name and Purpose of Data Processing: The proper issuance of invoices and the preservation of accounting documents.
Legal Basis for Data Processing: Compliance with a legal obligation pursuant to Article 6(1)(c) of the GDPR.
Scope of processed data: Billing name, billing address, tax number in the case of a non-individual data subject, email address (in the case of an e-invoice or if the invoice is sent via email), purchase price, and the date of performance.
Duration of data processing: 8 years following the issuance of the accounting document, pursuant to Section 166 (6) of Act C of 2000 on Accounting (Számv. tv.), with regard to Section 169 (1) of the Accounting Act.
2.4. Data Processing Related to Shipping:
Name and Purpose of Data Processing: Data processing related to shipping: Handover of the ordered product to the Buyer.
Legal Basis for Data Processing: Performance of a contractual obligation pursuant to Article 6(1)(b) of the GDPR.
Scope of processed data: Shipping name, shipping address, and if required for the delivery method requested by the recipient: email address, phone number.
Duration of data processing: 5 years from the conclusion of the contract created by sending the order, pursuant to Section 6:22 (1) of Act V of 2013 on the Civil Code (“Ptk.”), in view of the fact that civil law claims expire after 5 years.
2.5. Maintaining Contact with the Buyer:
Name and Purpose of Data Processing: Maintaining contact with the Buyer: Providing information regarding the sale and purchase, as well as information about future available offers.
Legal Basis for Data Processing: Legitimate interest, pursuant to Article 6(1)(f) of the GDPR.
Scope of processed data: Data provided by the Buyer for contact purposes.
Duration of data processing: Until the termination of the contract concluded with the Buyer, or until the data subject prohibits the sending of general marketing messages, promotional offers, coupons, or event invitations—specifically, until the exercise of the right to object under Article 21(2)-(3) of the GDPR. (Whichever occurs earlier.)
Upon the request of the data subject, the Data Controller shall provide the legitimate interest balancing test.
2.6. Maintaining Contact with the Orderer/Buyer:
Name and Purpose of Data Processing: Maintaining contact with the Orderer/Buyer: Providing information regarding the sale and purchase, as well as information about future available offers.
Legal Basis for Data Processing: Legitimate interest, pursuant to Article 6(1)(f) of the GDPR.
Scope of processed data: Data provided by the Orderer/Buyer for contact purposes.
Duration of data processing: Until the termination of the contract concluded with the Orderer/Buyer, or until the data subject prohibits the sending of general marketing messages, promotional offers, coupons, or event invitations—specifically, until the exercise of the right to object under Article 21(2)-(3) of the GDPR. (Whichever occurs earlier.) Upon the request of the data subject, the Data Controller shall provide the legitimate interest balancing test.
2.7. Sending Newsletters:
Name and Purpose of Data Processing: Sending newsletters: Content marketing, sending promotional offers, coupons, and event invitations.
Legal Basis for Data Processing: The consent of the Data Subject, pursuant to Article 6(1)(a) of the GDPR.
Scope of processed data: The subscriber’s name and email address.
Duration of data processing: Until the Data Subject’s request for erasure (unsubscription).
2.8. Participation in Prize Competitions:
Name and Purpose of Data Processing: Participation in prize competitions: Promotion of the brand, providing the winner with their benefit/prize, and delivery of the prize.
Legal Basis for Data Processing: The consent of the Data Subject, pursuant to Article 6(1)(a) of the GDPR. (The Data Subject may withdraw their consent at any time, without conditions.)
Scope of processed data: Data as recorded in the prize competition rules. (Typically name, email address, public social media profile. In case of prize delivery: mailing details.)
Duration of data processing: Until the date specified in the prize competition rules. (Typically until the end of the prize competition or the date of prize delivery.)
2.9. Community Building on Social Media Platforms
Name and Purpose of Data Processing: Community building on social media platforms.
Legal Basis for Data Processing: The consent of the Data Subject, pursuant to Article 6(1)(a) of the GDPR. (The Data Subject may withdraw their consent at any time, without conditions.)
Scope of processed data: Data from the public profile of the Data Subject.
Duration of data processing: Until the Data Subject unsubscribes.
2.10. Data Processing Related to Holding Webinars
Name and Purpose of Data Processing: Data processing related to holding webinars: Processing the data of participating Data Subjects.
Legal Basis for Data Processing: The consent of the Data Subject, pursuant to Article 6(1)(a) of the GDPR. (The Data Subject may withdraw their consent at any time, without conditions.)
Scope of processed data:
The Data Subject’s name (the consent of the legal representative is required for the processing of a minor Data Subject’s data), the Data Subject’s email address, and the Data Subject’s phone number.
Duration of data processing:
Until the Data Subject’s request for erasure.
2.11. Data Processing Related to the Creation of Photo, Video, and Audio Recordings:
Name and Purpose of Data Processing:
Data processing related to the creation of photo, video, and audio recordings: presenting the service to the public and promoting the service.
Legal Basis for Data Processing:
The consent of the Data Subject, pursuant to Article 6(1)(a) of the GDPR. (The Data Subject may withdraw their consent at any time, without conditions.)
Scope of processed data:
The image and voice of the Data Subject.
Duration of data processing:
Until the Data Subject’s request for erasure.
*Anonymous data to be reported to the National Statistical Data Collection Program based on the provisions of Act CLV of 2016 on Official Statistics.
3. RECIPIENTS (Additional Data Processors utilized)
The Data Controller utilizes external service providers, so-called data processors, to provide the service and fulfill legal obligations. The data processors do not make independent decisions; they are entitled to process personal data exclusively based on the contract concluded with the Data Controller and its instructions.
3.1 HOSTING PROVIDER
(Ensuring the operation of the website, storage of data generated during the use of the website)
Name of the data processor: Sybell Informatikai Kft.
Registered office of the data processor: 1138 Budapest, Tomori utca 34. 2nd floor
Contact details of the data processor: Phone: +36 1 707 67 26, E-mail: hello@sybell.hu
Activity of the data processor: The utilization of the data processor is necessary to make the website available and to ensure its proper operation. The data processor performs the storage of data. The location of data storage is the server of the data processor.
3.2. BILLING SERVICE PROVIDER
Name of the data processor: Billingo Kft.
Registered office of the data processor: 1133 Budapest, Árbóc u. 6. 1st floor
Contact details of the data processor: www.billingo.hu
Activity of the data processor: The utilization of the data processor takes place for the purpose of the proper issuance of invoices and their transmission to the NAV (National Tax and Customs Administration).
The data processor receives the following data: billing name, home address/registered office, tax number, e-mail address (if it appears on the invoice).
3.3. ONLINE PAYMENT SERVICE PROVIDER
Name of the data processor: Stripe, Inc.
Registered office of the data processor: 510 Townsend Street, San Francisco, CA 94103, USA
Activity of the data processor (Stripe):
(Payment of the purchase price of the ordered service by credit card)
Activity: Secure processing of credit card payments.
Data transfer information: Stripe is a company registered in the USA, so payment data (cardholder’s name) is transferred outside the European Union. The legal basis for the data transfer is ensured by the Standard Contractual Clauses (SCCs) approved by the European Commission, which guarantee an adequate level of protection for the data. The use of the data processor is necessary so that the price of the ordered product/service can also be settled by credit card. The data processor receives the following data: credit card holder’s name, the orderer’s e-mail address, phone number, and billing address. Credit card data does not reach the merchant.
3.3. ACCOUNTING SERVICE PROVIDER
Name of the data processor: Kiss Barbara Brigitta
Registered office of the data processor: 7691 Pécs, Kút utca 15.
Activity of the data processor: The utilization of the data processor takes place for the purpose of checking the proper issuance of invoices and the preservation of accounting documents.
The data processor receives the following data: billing name, home address/registered office, tax number, e-mail address (if it appears on the invoice).
3.4. ONLINE COMMUNICATION
Name of the data processor: Messenger (Facebook) Meta Platforms Inc. Registered office of the data processor: Menlo Park, California, USA
Name of the data processor: Zoom Video Communications Inc. Registered office of the data processor: 55 Almaden Blvd, Suite 600 San Jose, CA 95113
Name of the data processor: Instagram Meta Platforms Inc. Registered office of the data processor: Menlo Park, California, USA
Name of the data processor: TikTok Technology Limited Registered office of the data processor: Earlsfort Terrace Dublin, D02 T380 Ireland
Activity of the data processor: The utilization of the data processor takes place for the purpose of video calls and messaging. During messaging, the data provider may access personal data provided voluntarily and on an ad-hoc basis, in addition to the name.
3.5. WEBSITE ANALYTICS
Name of the data processor: Google Ireland Ltd. Registered office of the data processor: Gordon House, Barrow Street, Dublin 4, Ireland
Activity of the data processor: The anonymized, statistical measurement of website traffic data (Google Analytics). The processing is based on your explicit consent, which you can provide via the cookie banner.
RECEIVING AND SENDING E-MAILS
Name of the data processor: Google Inc. Registered office of the data processor: Mountain View, California, USA 2.
The data processor is the hosting provider of the data controller. The data processor is utilized for the purpose of accessing correspondence and the data contained therein.
3.6. SENDING NEWSLETTERS
Name of the data processor: FLUENT CRM PRO Registered office of the data processor: 2035 Sunset Lake Road, Suite B-2, Newark, Delaware, 19702, USA.
Activity of the data processor (Fluent CRM Pro): online form management and email sending (WordPress plugin).
The Data Processor has access to the following data: subscriber’s name, subscriber’s email address.
APPEARANCE AND COMMUNICATION ON SOCIAL MEDIA PAGES
Name of the data processor: Facebook Meta Platforms Inc. Registered office of the data processor: Menlo Park, California, USA
Name of the data processor: Instagram Meta Platforms Inc. Registered office of the data processor: Menlo Park, California, USA
Name of the data processor: TikTok Technology Limited Registered office of the data processor: 10 Earlsfort Terrace Dublin, D02 T380 Ireland
Activity of the data processor: The utilization of the data processor takes place for access to the data provider’s public profile—thus access to the publicly provided name and other data—to publicly made comments, shares, and other reactions, as well as for the purpose of messaging via the social media page. During messaging via the social media page, the data provider may also disclose personal data provided voluntarily and on an ad-hoc basis, in addition to the name.
III. DATA SECURITY MEASURES:
The Data Controller shall take all necessary technical and organizational measures to protect the processed personal data against unauthorized access, alteration, transmission, disclosure, erasure, or accidental destruction. Communication between the website and the server is protected by SSL (Secure Socket Layer) encryption. Access to data is strictly limited; only persons authorized to perform their duties may access them to the extent necessary.
LEGAL REMEDY OPTIONS:
The Data Subject’s data protection rights and legal remedy options, along with their limitations, are detailed in the GDPR (specifically Articles 15, 16, 17, 18, 19, 20, 21, 22, 77, 78, 79, and 82). The Data Subject may request information about their data at any time, and may request the rectification, erasure, or restriction of the processing of their data; furthermore, they may object to data processing based on legitimate interest. The most important provisions are summarized below.
The Data Controller particularly draws the Data Subject’s attention to the following:
The Data Subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her by the Data Controller based on legitimate interest. In this case, the Data Controller shall no longer process the personal data unless the Data Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the Data Subject, or for the establishment, exercise, or defense of legal claims. Where personal data are processed for direct marketing purposes, the Data Subject shall have the right to object at any time to the processing of personal data concerning him or her for such marketing. If the Data Subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
1.) RIGHT TO BE INFORMED:
If the Data Controller processes personal data concerning the Data Subject, the Data Controller is obliged to provide information to the Data Subject – even without a request to this effect – on the most important characteristics of the data processing, such as the purpose, legal basis, and duration of the data processing, the identity and contact details of the Data Controller and its representative, the contact details of the data protection officer, the recipients of the personal data, in the case of data processing based on a legitimate interest, the legitimate interest of the Data Controller and/or a third party, as well as the Data Subject’s rights and remedies related to data processing (including the right to lodge a complaint with a supervisory authority), and, if the Data Subject is not the source of the data, the source of the personal data and the categories of the personal data concerned, if the Data Subject does not yet possess this information. The Data Controller provides this information by making the present information notice available to the Data Subject.
2.) RIGHT OF ACCESS:
The Data Subject is entitled to receive feedback from the Data Controller as to whether the processing of their personal data is in progress, and if such data processing is in progress, they are entitled to receive access to the personal data and certain information related to the data processing, including the purposes of the data processing, the categories of personal data concerned, the recipients of the personal data, the (planned) duration of the data processing, the rights and remedies of the Data Subject (including the right to lodge a complaint with a supervisory authority), and information regarding the source of the data in the event they were not collected from the Data Subject. Upon the Data Subject’s request, the Data Controller shall provide a copy of the personal data undergoing processing to the Data Subject. For additional copies requested by the Data Subject, the Data Controller may charge a reasonable fee based on administrative costs. If the Data Subject submitted the request electronically, the information shall be provided in a commonly used electronic format, unless the Data Subject requests otherwise. The right to request a copy shall not adversely affect the rights and freedoms of others.
Folytassuk a fordítást az előzőekben megszokott stílusban és formátumban:
3.) RIGHT TO RECTIFICATION:
The Data Subject is entitled to have the Data Controller rectify inaccurate personal data concerning them without undue delay upon their request. Taking into account the purpose of the data processing, the Data Subject is entitled to request the completion of incomplete personal data – including by means of a supplementary statement.
4.) RIGHT TO ERASURE:
The Data Subject is entitled to have the Data Controller erase personal data concerning them without undue delay upon their request, and the Data Controller is obliged to erase personal data concerning the Data Subject without undue delay if certain conditions are met. Among others, the Data Controller is obliged to erase the personal data at the Data Subject’s request if the personal data are no longer necessary for the purposes for which they were collected or otherwise processed; if the Data Subject withdraws their consent which forms the basis of the data processing and there is no other legal basis for the processing; or if the personal data have been processed unlawfully; or if the Data Subject objects to the processing and there are no overriding legitimate grounds for the processing; or the personal data must be erased for compliance with a legal obligation in Union or Member State law to which the Data Controller is subject.
The above shall not apply to the extent that processing is necessary:
a) for exercising the right of freedom of expression and information;
b) for compliance with a legal obligation which requires processing by Union or Member State law to which the Data Controller is subject;
c) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, in so far as the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing;
d) for the establishment, exercise or defense of legal claims.
5.) RIGHT TO RESTRICTION OF PROCESSING:
The Data Subject is entitled to have the Data Controller restrict processing upon their request if one of the following applies:
a) the accuracy of the personal data is contested by the Data Subject, in which case the restriction applies for a period enabling the Data Controller to verify the accuracy of the personal data;
b) the processing is unlawful and the Data Subject opposes the erasure of the personal data and requests the restriction of their use instead;
c) the Data Controller no longer needs the personal data for the purposes of the processing, but they are required by the Data Subject for the establishment, exercise or defense of legal claims; or
d) the Data Subject has objected to processing; in this case, the restriction applies for the period until it is established whether the legitimate grounds of the Data Controller override those of the Data Subject. If processing has been restricted based on the above, such personal data shall, with the exception of storage, only be processed with the Data Subject’s consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. The Data Controller shall inform the Data Subject in advance of the lifting of the restriction of processing requested by the Data Subject.
6.) RIGHT TO OBJECT:
The Data Subject is entitled to object, on grounds relating to their particular situation, at any time to the processing of their personal data based on the legitimate interest of the Data Controller. In this case, the Data Controller shall no longer process the personal data unless the Data Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the Data Subject, or which are related to the establishment, exercise, or defense of legal claims. Where personal data are processed for direct marketing purposes, the Data Subject is entitled to object at any time to the processing of personal data concerning them for such purposes. If the Data Subject objects to the processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
VI. RIGHT TO LODGE A COMPLAINT:
In the event of a violation of their rights, the Data Subject may lodge a complaint with the competent data protection supervisory authority (in Hungary, the National Authority for Data Protection and Freedom of Information; “NAIH”) and may exercise their right to judicial remedy. Contact details for NAIH (Address: 1055 Budapest, Falk Miksa u. 9-11, mailing address: 1374 Budapest,
Pf. 603. Tel: +36 1 391 1400, Fax: +36-1-391-1410, Email: ugyfelszolgalat@naih.hu, Website: http://naih.hu/)
VII. MANAGEMENT OF COOKIES:
The Data Controller furthermore informs the data subjects that it uses cookies on the website. Cookies are files that store information in the data subject’s web browser. A cookie is a tool for information exchange between the web server and the user’s browser. With the help of information sent by cookies, internet browsers can be recognized more easily, so users receive relevant and personalized content.
Cookies make browsing more convenient. With the help of cookies, website operators can also prepare anonymous statistics about the habits of site visitors. Most cookies do not contain personal information and cannot be used to identify users. The stored data is necessary for more convenient browsing. Websites may use the following types of cookies: Temporary cookies, which remain on the data subject’s device until they leave the website. Persistent cookies, which, depending on the settings of the data subject’s web browser, remain on the device for a longer period, or until the Data Subject deletes them.
Third-party cookies, which are placed with the data subject by a third party (e.g., Google Analytics). These are placed in the browser if the visited website uses services provided by the third party.
Cookies can also be grouped as follows:
a) Essential session cookies: Their use is essential for navigating the website and for the functioning of the website’s features. Without accepting these, the website or parts of it may not appear, or may appear incorrectly.
b) Analytical or performance monitoring cookies: These help the Data Controller to distinguish visitors to the website and collect data on how visitors behave on the website. They do not collect information capable of identifying the data subject, as the data are stored in an aggregate and anonymous manner.
c) Functional cookies: The task of these cookies is to improve the user experience. They detect and store, for example, the device with which the data subject opened the website, or data previously provided and requested to be stored. These cookies do not track the data subject’s activity on other websites. However, the information collected by them may include personal identifying data shared by the data subject.
d) Targeted or advertising cookies: With the help of these, the website can provide information that best suits the data subject’s interests. This requires the explicit consent of the data subject, as these cookies collect detailed information about browsing habits. For analytical and security reasons, the present website records the IP address, the time of the visit, the page visited, the visitor’s country, the browser version number, and the type of operating system. This is necessary for the enforcement of legitimate interests, the provision of an appropriate level of service, and for analytical purposes.
The Data Controller uses cookies in accordance with the provisions of the E-commerce Act (Eker tv.), the Information Act (Info tv.), and the GDPR.
Websites operating within the European Union – such as the website operated by the Data Controller – must request the users’ consent for the use of cookies and their storage on the user’s computer or other device. Cookies can be deleted or disabled in the browsers used.
Browsers allow the placement of cookies by default. This can be disabled in the browser settings, and existing ones can be deleted. Additionally, it can be set for the browser to send a notification to the user when a cookie is sent to the device.
However, it is important to emphasize that disabling or restricting these files may impair the browsing experience and may also cause errors in the website’s functionality. Configuration options are generally found in the “Options” or “Settings” menu of the browser. Every web browser is different, so for the appropriate settings, the Data Controller requests that the data subject use the “Help” or “Súgó” menu of their browser, or click on the following,
relevant link in each case:
Firefox: https://support.mozilla.org/en-US/products/firefox/protect-yourprivacy/cookies
Chrome: https://support.google.com/chrome/answer/95647?hl=hu
Safari: https://support.apple.com/kb/PH5042?locale=en_US
Mozilla: https://support.mozilla.org/hu/kb/weboldalak-altal-elhelyezett-sutik-torleseszamito
The website uses the Google Analytics application, which is a web analytics service provided by Google Inc. Google Analytics uses so-called cookies, text files, which are saved on your computer, thereby helping the analysis of the use of the website visited by the User. To disable anonymous Google Analytics cookies, you can install a so-called “Google Analytics plug-in” (extension) in your browser, which prevents the
website from sending information about the Data Subject to Google Analytics. You can find further information regarding this at the links below:
https://support.google.com/analytics/answer/6004245
https://policies.google.com/technologies?hl=hu
GOVERNING LEGISLATION:
In preparing this data processing information notice, we have taken the following legislation into particular consideration: Regulation (EU) 2016/679 of the European Parliament and of the Council (“General Data Protection Regulation” or “GDPR”); Act CXII of 2011 on the Right to Informational Self-Determination and on Freedom of Information (“Info tv.”); Act V of 2013 on the Civil Code (“Ptk.”); Act CVIII of 2001 on certain issues of electronic commerce services and information society services (“Eker tv.”); Act C of 2003 on Electronic Communications (“Ehtv.”); Act CLV of 1997 on Consumer Protection (“Fogyv tv.”); Act CLIX of 2012 on Postal Services; Act CLXV of 2013 on Complaints and Public Interest Disclosures (“Pktv.”); Act XLVIII of 2008 on the Basic Conditions and Certain Restrictions of Economic Advertising Activities (“Grtv.”); and Act C of 2000 on Accounting (“Számv.tv.”).
In compiling this notice, we have also taken into account the recommendations of the National Authority for Data Protection and Freedom of Information on the data protection requirements for prior information.