top of page

Privacy Policy from May 25, 2018

  1. Introduction Franyó Ltd. considers the protection of personal data to be of paramount importance in its activities. Personal data provided to us is always handled in compliance with applicable laws, ensuring their security, implementing technical and organizational measures, and establishing procedural rules necessary to comply with relevant regulations. Franyó Ltd., as the operator of the website available under the domain name www.arboretumharkany.hu (hereinafter: Website), hereby publishes information on data processing carried out within the framework of the Website and the services related to the Website. By starting to use the Website, users visiting the Website accept all the terms and conditions contained in this Privacy Policy (hereinafter: Policy). The policy has been developed based on the following applicable laws: Act CXII of 2011 on informational self-determination and freedom of information Act CXIX of 1995 on the handling of name and address data serving the purpose of research and direct marketing Act CVIII of 2001 on certain aspects of electronic commerce services and information society services Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activities Franyó Ltd. reserves the right to change the policy. The amended policy will be continuously published on the footer of the Website at arboretumharkany.hu/adatvedelem. Franyó Ltd. reserves the right to change the policy. The amended policy will be continuously published on the footer of the Website at arboretumharkany.hu/adatvedelem.

  2. Contact details of the data controller Name: Franyó Ltd. Registered office: 21 Siklósi út, Harkány, 7815 Phone: +36 72 480 808 Email: info@arboretumharkany.hu Website: www.arboretumharkany.hu Company registration number: 02-09- Tax number: 11547136-2-02 Representative: János Franyó, Managing Director

  3. Definitions personal data: any information relating to an identified or identifiable natural person (hereinafter: data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person consent: any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her objection: a statement by the data subject objecting to the processing of his or her personal data and requesting the cessation of the data processing or the erasure of the processed data data controller: the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law data processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction data transmission: making the data accessible to a specified third party disclosure: making the data accessible to anyone data erasure: making the data unrecognizable in such a way that their restoration is no longer possible data blocking: making data permanently or temporarily unavailable for transmission, disclosure, alteration, or destruction, as well as for further use data destruction: the complete physical destruction of data or data carriers containing them data processing: carrying out technical tasks related to data processing, regardless of the method and tools used for performing the operations and the place of application data processor: a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller third party: any natural or legal person, public authority, agency, or other body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

  4. Data Processing Activities: 4.1. Data of Website Visitors: The data controller does not record any personal data when visiting the website, except for browsing habits, which can be obtained through cookies. Cookies used on the website are applied with the user's consent. Web analytics services are provided by Google Inc., but only non-personal data is processed. Remarketing ads do not contain the visitor's personal data. Users can delete cookies from their own computers or disable them in their browser settings. 4.2. Request for Quotation: The purpose of data processing is to establish contact and provide information to interested users. Personal data is stored for a maximum of 30 days from the time of the quotation request. The legal basis for data processing is the voluntary consent of the data subject. 4.3. Room Reservation: Personal data is used for processing and recording accommodation bookings. Data is processed for the duration of the relevant contractual relationship. The legal basis for data processing is the voluntary consent of the data subject, except in cases of mandatory data processing. 4.4. Newsletter: Providing the name and email address is mandatory when subscribing. Newsletters are sent out monthly, no more than once a week. The legal basis for data processing is the voluntary consent of the data subject. 4.5. Direct Marketing: Consent is given by the data subject for the use of data when registering for direct marketing messages. The legal basis for data processing is the voluntary consent of the data subject. 

  5. Security of Data Processing: Data must be protected against unauthorized access, transmission, deletion, etc. Various technical and organizational measures are taken to ensure the security of data. 

  6. Rights of Data Subjects and Enforcement: Data subjects have the right to request information, correct, or delete their personal data. Remedial options are available, including filing complaints with the competent authority. 6.1. The data subject may request information about the processing of their personal data, as well as request the correction of their personal data, and – except for data processing mandated by law – deletion through the link provided in the footer of newsletters or at any of the contact points specified in point 2 of the Data Controller. 6.2. Upon request of the data subject, the Data Controller shall provide information about the data it processes, the purpose of the processing, its legal basis, duration, the name and address (registered office) of the data processor, and their activities related to data processing, as well as about who receives or has received the data and for what purposes. 6.3. The Data Controller shall provide the information in writing, in an intelligible form, free of charge, within the shortest possible time from the submission of the request, but no later than within 25 days. 6.4. The Data Controller is obliged to correct any personal data that does not correspond to reality. 6.5. The Data Controller shall delete personal data if its processing is unlawful, the data subject requests it, it is incomplete or inaccurate – and this cannot be lawfully corrected –, provided that deletion is not precluded by law, the purpose of the data processing has ceased, the statutory retention period for the data has expired, or deletion has been ordered by a court or the National Authority for Data Protection and Freedom of Information. 6.6. The Data Controller shall inform the data subject and all those to whom the data was previously transmitted for the purpose of data processing about corrections and deletions. Notification may be omitted if it does not harm the legitimate interests of the data subject with regard to the purpose of the data processing. 6.7. The data subject may object to the processing of their personal data if the processing (or transmission) of personal data is necessary solely for the exercise of the rights or legitimate interests of the data controller or the data recipient, except if the processing of data is mandated by law, the use or transmission of personal data is for direct marketing, opinion polling, or scientific research purposes, or if the right to object is otherwise provided by law. 6.8. The Data Controller, with the suspension of data processing, shall examine the objection within the shortest possible time from its submission, but no later than within 15 days, and inform the applicant in writing of the result. If the objection is justified, the Data Controller shall cease data processing – including further data collection and transmission –, block the data, and inform all those to whom the data subject's personal data was previously transmitted, and who are obliged to take measures to enforce the right to object. 6.9. Franyó Ltd. shall compensate any damage caused to others by the unlawful processing of the data subject's data or by the violation of technical data protection requirements. The Data Controller shall be exempt from liability if it proves that the damage was caused by an unavoidable external circumstance beyond the scope of data processing. Damage need not be compensated if it resulted from intentional or grossly negligent behavior of the injured party. 6.10. Legal remedies and complaints can be lodged at the following contact points: Name: National Authority for Data Protection and Freedom of Information Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c. Phone: 06-1-391-1400 Fax: 06-1-391-1410 Email: ugyfelszolgalat@naih.hu Website: naih.hu In case of violation of rights, the data subject may bring a lawsuit against the data controller. The court shall handle the case expeditiously. The competent court for the proceedings is the Baranya County Court.

 

Welcome to the Arboretum Hotel website! By browsing the site, you accept the following terms of use. Definitions: personal data: any information relating to an identified or identifiable natural person; consent: any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them; objection: a statement by the data subject objecting to the processing of their personal data and requesting the cessation of processing or deletion of the processed data; data controller: a natural or legal person, or organization without legal personality, who or which determines the purposes of the processing of personal data, makes decisions regarding data processing, and carries out such processing, or who or which carries out such processing through a data processor authorized by them; data processing: any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of data; data processing also includes the taking of photographs, sound or image recordings, and the recording of physical characteristics suitable for the identification of the individual (e.g., fingerprints, DNA samples, iris scans); data transmission: making data accessible to a specific third party; disclosure: making data accessible to anyone; data erasure: making data unrecognizable in a way that they cannot be restored; data blocking: marking data with an identifier to restrict their further processing for a definitive or specified period; data destruction: complete physical destruction of data or data carriers containing them; data processing: performing technical tasks related to data processing, regardless of the method and means of execution and the location of the application, provided that such tasks are performed on the data; data processor: a natural or legal person, or organization without legal personality, who or which processes personal data on behalf of the data controller based on a contract concluded with the data controller – including contracts concluded pursuant to legal provisions –. If informing the data subjects would be impossible or would involve disproportionate effort, the information may be provided by disclosing the following: a) the fact of data collection, b) the categories of data subjects concerned, c) the purpose of the data collection, d) the duration of the data processing, e) the identity of potential recipients who may have access to the data, f) an explanation of the data subject's rights and remedies regarding data processing, and g) if the data processing requires registration, the registration number. Upon request of the data subject, the data controller shall provide information about the personal data processed by them or by their authorized data processor, including their source, purpose, legal basis, duration, the name and address of the data processor, and their activities related to data processing, as well as – in case of data transmission – the legal basis and recipient of the data transmission. The data controller shall provide the requested information in writing, in an understandable form, within the shortest possible time, but not later than 30 days from the date of the request. The data controller may only refuse to provide information in cases defined by Section 9(1) and Section 19 of the Information Act. In case of refusal, the data controller shall inform the data subject about the possibility of seeking judicial remedies and of appealing to the National Authority for Data Protection and Freedom of Information (hereinafter: Authority). Deletion and Blocking of Data Personal data must be deleted if: • their processing is unlawful, • the data subject requests deletion, • they are inaccurate or incomplete – and this condition cannot be lawfully rectified – unless such deletion is prohibited by law, • the purpose of the processing has ceased or the statutory retention period has expired, • ordered by a court or the Authority. Instead of deletion, the data controller shall block personal data if requested by the data subject or if, based on the available information, it can be presumed that deletion would prejudice the legitimate interests of the data subject. The blocked personal data may only be processed as long as the purpose of the data processing, which precluded the deletion of the personal data, exists. Modification and Correction of Managed Data If personal data does not correspond to reality and accurate personal data is available to the data controller, the data controller shall correct the personal data. Remedies Authority Proceedings Anyone may initiate an investigation at the Authority by filing a complaint alleging that a breach of data protection laws has occurred or that there is an imminent danger of such breach in connection with the processing of personal data. The Authority shall notify the complainant of the results of the investigation, the reasons for closing the investigation, and any measures taken within two months from the receipt of the complaint. Judicial Proceedings The data subject may object to the processing of their personal data if: • the processing or transmission of personal data is necessary for the performance of a legal obligation imposed on the data controller or to assert the legitimate interests of the data controller, the data recipient, or a third party, except in cases of mandatory data processing; • the use or transmission of personal data is for direct marketing, public opinion polling, or scientific research purposes; and • in other cases specified by law. The data controller shall examine the objection within the shortest possible time from the submission of the request, but not later than 15 days, make a decision on its justification, inform the applicant in writing of its decision. If the data controller finds the objection justified, it shall terminate the data processing – including further data collection and transmission –, block the data, inform all those to whom the personal data subject to the objection was previously transmitted, and who are obliged to take action to enforce the objection right. If the data subject disagrees with the decision of the data controller as described above, or if the data controller fails to examine the notification within the deadline, the data subject may appeal to the court within 30 days from the notification of the decision or from the last day of the deadline. The court shall handle the case expeditiously. The adjudication of the case falls within the jurisdiction of the court. The case may be initiated before the court chosen by the data subject, based on their place of residence or habitual residence.

The possibility of modifying the terms of use Arboretum Hotel reserves the right to unilaterally modify these terms of use with prior notice to users. By using the service after the effective date of the modification, you accept the modified terms of use. The service The service refers to the internet website available at www.arboretumharkany.hu, and all its services and functions. The service is provided by Franyó Kft., with which you understand and accept the following: (a) Our servers automatically record the IP address of our users, the operating system and browser type used by them, and some other information. We only use this information in aggregated and processed form for the correction of possible errors in our services, improvement of their quality, and for statistical purposes. We do not link this data with any other data provided by users in any way. (b) Policy on the use of cookies Some of our services place a unique identifier, called a cookie, on our users' computers. Cookies are used solely to facilitate user authentication and the operation of our personalization services; we do not use them for any other purpose. Blocking cookie reception does not prevent the use of our services; however, due to technological reasons, utilizing the website's personalization options and viewing content requiring registration can only be done from a computer that accepts cookies. By using the Website, you accept all current directives regarding cookies on the site, as well as its privacy statement. Cookies are small text files placed on the user's device by the browser, performing identification and information gathering in a small size. Cookies consist of a unique number sequence and primarily serve to distinguish computers and other devices downloading the webpage. Cookies created during the visit to the Website may belong to several categories: Essential cookies: These cookies are indispensable for the proper functioning of the website's essential services. Performance-enhancing cookies: These cookies collect information about how visitors use the website, such as which sections are most frequently visited and which articles are the most viewed. We use these cookies for improving and maintaining user experience and for statistical purposes on our website. Functional cookies: Functional cookies enable the website to remember certain previously entered data, such as your personal settings. Targeting/advertising cookies: These cookies help deliver offers through our advertising surfaces that are most relevant to your areas of interest. During the provision of the above services, the website may collaborate with third parties, but personal data will only be provided to them by the Website with the prior notification and consent of the user, or upon a resolution instruction (e.g., upon request by a legal authority). The information collected by cookies is not sold, leased, or otherwise distributed to third parties by the Website, except to the extent necessary for providing services, for which services this information was voluntarily and voluntarily provided by the user. The Website may contain links to independent third-party websites maintained by them. As the Website does not control the use of information by such third parties, in each case, the provisions of the third party's privacy policy shall apply, for which the Website shall not assume responsibility and shall not be legally liable. 

During visits to the Website, cookies created may belong to several categories: Essential cookies: These are cookies without which the essential services of the website would not be able to function properly. Performance-enhancing cookies: These cookies gather information about how visitors use the website, such as which sections are most frequently visited and which articles are the most viewed. We use these cookies to improve and maintain user experience and for statistical purposes on our website. Functional cookies: Functional cookies enable the website to remember certain previously entered data, such as your personal settings. Targeting/advertising cookies: These cookies help deliver offers through our advertising surfaces that are most relevant to your areas of interest. While providing the above services, the website may collaborate with third parties, but personal data will only be provided to them by the Website with the prior notification and consent of the user, or upon a resolution instruction (e.g., upon request by a legal authority). The information collected by cookies is not sold, leased, or otherwise distributed to third parties by the Website, except to the extent necessary for providing services, for which services this information was voluntarily and voluntarily provided by the user. The Website may contain links to independent third-party websites maintained by them. As the Website does not control the use of information by such third parties, in each case, the provisions of the third party's privacy policy shall apply, for which the Website shall not assume responsibility and shall not be legally liable. The Website reserves the right to modify any part of these regulations at its discretion at any time. Please regularly visit this page and inform yourself about any changes. If you continue to use this website after the publication of changes to the Privacy Policy, it will be considered as your acceptance of the changes and the current guidelines. You can control the settings of cookies on your computer through your browser, and you can find information about third-party cookies and their settings on the following website: http://www.youronlinechoices.com/hu/ad-choices (c) We also use external advertising companies to display our advertisements when you visit our website. These companies may use certain data (however, they cannot use your name, email address, or phone number) about your visits to this or other websites in order to provide appropriate (and interesting to you) advertisements. (d) To use some of our services, our users must fill out a registration questionnaire. The information generated during registration is handled with the utmost care and strict confidentiality; unauthorized persons cannot access it. (e) We may provide certain information in aggregated and processed form to some of our partners for the purpose of developing our services according to the interests of users. We may disclose some information in statistical form in order to inform interested parties about the operation of our services. Data suitable for individual access Data suitable for individual access (such as email addresses) are only used for purposes previously approved by the user. Without the prior written consent of the user (except for the exceptions prescribed by law), we will not provide such data to third parties under any circumstances. If the expansion of our service offering requires it, in some rare cases, we will send informational materials to our users. Data suitable for physical access by users: Data suitable for physical access are collected only if the nature of the given service makes it indispensable. Data is only used for purposes approved by the user in advance, and (except for the exceptions prescribed by law) is not disclosed to third parties under any circumstances. Links: Our service contains links to other providers' websites. Arboretumharkany.hu is not responsible for the data and information protection practices of these providers. Public communication opportunities: The public communication channels that are part of our services are used by each of our users at their own risk. The copyright of the various comments belongs to the respective users; however, xavinhotelharkany.hu is entitled to quote or reproduce them without limitations. Comments may only be printed, downloaded, or distributed for personal use by a third party with the written consent of Xavin Kft. We draw the attention of our users to the fact that various legal regulations regarding public communications apply to comments posted on public communication channels (Act II of 1986, Act IV of 1978). Xavin Kft. reserves the right to delete comments without further notice that:

  • infringe trademarks,

  • include names of current or historical Hungarian or foreign public figures, except for the user's registered name,

  • contain a name that violates the legitimate and reasonable interests of another person,

  • contain obscene or vulgar expressions,

  • contain racist, religious, national, ethnic, sexual, political, or ideological expressions or behaviors that insult others,

  • are considered covert or overt advertising media.

Illegal or unauthorized activities: Illegal or unauthorized activities include, but are not limited to, the following:

  • Modification, adaptation, or reverse engineering of any part of the Arboretum Hotel website;

  • Use of any automated application, search robot, or any other application to access, modify, or index any part of the Arboretum Hotel website;

  • Unauthorized access or attempted unauthorized access to the Arboretum Hotel's computer system (hacking);

  • Reformatting or editing any part of the Arboretum Hotel website;

  • Publication of acquired materials;

  • Disclosure or transmission of viruses, worms, bugs, trojans, or any other destructive elements;

  • Providing materials that are illegal or incite illegal activity, or advertise such activity;

  • Providing false or misleading information.

Copyrights:

The www.arboretumharkany.hu website is protected by copyright. The Service Provider is the copyright owner or authorized user of all content displayed on the Website, regardless of whether it originates from Users, any copyrighted work, or other intellectual creation. The Service Provider is entitled to use all trademarks (brand names, logos, etc.) appearing on the Website. Neither registration, use of the website, nor any provision of this section provides the user with the right to use or exploit any commercial name or trademark appearing on the website. In addition to the fair use of the website, temporary duplication, and making copies for personal use, these intellectual creations cannot be used or exploited in any other form without the prior written consent of the Service Provider. The user is entitled to study the website, create summary copies by printing, downloading to disk, and forwarding to others, but must always indicate the name and contact details of the Service Provider for any use.

International use: Due to the global nature of the internet, you agree to comply with all local rules regarding user behavior and acceptable content on the internet. You acknowledge that all personal data, information, and content created by users are controlled, processed, and stored in Hungary, within the European Union. Services, products, features, and all materials and information available through or displayed on arboretumharkany.hu, or accessed through it, are provided without any warranties, "as is."

bottom of page