The operator of the promesa.hu website, Promesa Marketing Kft. (1133 Budapest, Gogol utca 13., hereinafter service provider, data controller), as a data controller, acknowledges the content of this legal notice as binding on it. It undertakes that all data processing related to its activities complies with the requirements set out in these regulations and the applicable legislation.

Promese Marketing Kft. is committed to protecting the personal data of its users and partners, and considers it essential to respect the right of its customers to self-determination of information. Promesa Marketing Kft, as the operator and data controller of this website, treats personal data confidentially and takes all security, technical and organizational measures that guarantee the security of the data.

In this document, the operator describes below its data management principles, activities and rules related to the data managed by the site. The data management principles related to the operation of the website are in accordance with the applicable data protection legislation, in particular:

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46

  • 2011. Annual CXII. Act on the Right to Information Self-Determination and Freedom of Information (hereinafter the Information Act, Data Protection Act);
  • 2001. year CVIII. Act on Certain Issues of Electronic Commerce Services and Information Society Services (Eker Act);
  • 2008. year XLVIII. Act on the Basic Conditions and Certain Restrictions of Economic Advertising (Grt.).

1. Definitions

1.1. affected: any natural person identified or identifiable, directly or indirectly, on the basis of specific personal data;

1.2. personal data: data relating to the data subject, in particular the name, identification mark and knowledge of one or more physical, physiological, mental, economic, cultural or social identities of the data subject, and the conclusions to be drawn therefrom concerning the data subject;

1.3. contribution: a voluntary and explicit statement of the data subject's wishes, based on appropriate information, giving his or her unambiguous consent to the processing of personal data concerning him or her, in full or in part;

1.4. protest: a statement by the data subject objecting to the processing of his or her personal data and requesting the termination of the processing or the deletion of the processed data;

1.5. data controller: the natural or legal person, or any entity without legal personality, who alone or jointly with others determines the purposes for which the data are processed, makes and implements decisions on the processing (including the means used) or carries out the processing on behalf of the data controller;

1.6. data handling: regardless of the procedure used, any or all operations performed on the data, in particular the collection, recording, recording, organization, storage, modification, use, interrogation, transmission, disclosure, reconciliation or linking, blocking, erasure and destruction of the data, and prevent further use, take photographs, sound or images, and record physical characteristics (eg fingerprints or palm prints, DNA samples, irises) that can be used to identify a person;

1.7. data transmission: making the data available to a specific third party;

1.8. disclosure: making the data available to anyone;

1.9. delete data: making the data unrecognizable in such a way that it is no longer possible to recover them;

1.10. data designation: providing an identification of the data in order to distinguish it;

1.11. data lock: providing an identifier to limit the further processing of the data for a definitive or specified period;

1.12. data destruction: complete physical destruction of the data carrier;

1.13. data processing: performing technical tasks related to data management operations, regardless of the method and means used to perform the operations and the place of application, provided that the technical task is performed on the data;

1.14. data processor: a natural or legal person or an organization without legal personality who processes data under a contract concluded with a controller, including under a contract in accordance with the law;

1.15. third person: a natural or legal person or an entity without legal personality who is not the data subject, the controller or the processor;

1.16. third country: any non-EEA state.

2. Data management principles during the operation of the site

Personal data can be processed if

  • the data subject consents thereto, or
  • it is ordered by law or - on the basis of the authorization of law, within the scope specified therein - by a decree of a local government for a purpose based on the public interest (mandatory data management).

Personal data may also be processed if obtaining the data subject's consent would be impossible or disproportionate and the processing of personal data is necessary to fulfill a legal obligation to the controller or to protect the legitimate interests of the controller or a third party. proportionate to the restriction of the right to

If the personal data were collected with the consent of the data subject, the data controller shall, unless otherwise provided by law,

  • in order to fulfill a legal obligation to that effect, or
  • for the purpose of enforcing the legitimate interest of the controller or a third party, if the exercise of that interest is proportionate to the restriction of the right to the protection of personal data without further specific consent and after the withdrawal of the data subject's consent.

Personal data may only be processed for a specific purpose, in order to exercise a right and fulfill an obligation. At all stages of data processing, this purpose must be met and the collection and processing of data must be fair.

Only personal data may be processed that is necessary for the fulfillment of the purpose of data processing, suitable for the achievement of the purpose and only to the extent and for the time necessary for the fulfillment of the purpose.

Personal data may only be processed with informed consent.

The data subject shall be informed before the start of the processing whether the processing is based on consent or is mandatory. The data subject shall be informed in a clear, comprehensible and detailed manner of all facts relating to the processing of his data, in particular the purpose and legal basis of the processing, the data subject and the duration of the processing, if the data subject and for the purpose of fulfilling a legal obligation to the controller or the legitimate interest of a third party, and who may have access to the data. The information shall also cover the data subject's rights and remedies in relation to the processing.

In the course of data processing, the accuracy, completeness and up-to-dateness of the data must be ensured, and that the data subject can be identified only for the time necessary for the purpose of data processing.

Personal data may be transferred to a controller or processor carrying out data processing in a third country if the data subject has given his or her explicit consent or the conditions for data processing set out above are met and an adequate level of protection of personal data is ensured in the third country. . The transfer of data to the EEA States shall be deemed to take place within the territory of Hungary.

3. The scope of personal data processed and the characteristics of data management

The data management of the activities of the promesa.hu website is based on voluntary consent. In some cases, however, the handling, storage and transmission of a given set of data is required by law, of which we will notify the visitors and users separately.


3/1. Data of the visitors of the promesa.hu website


The purpose of data management: when visiting the website, the website hosting provider records the visitor data in order to check the operation of the service and prevent abuse.

The legal basis for data processing is the data subject 's consent and the 2001 Regulation on certain aspects of information society services. year CVIII. Act 13 / A. § (3).

The range of data managed: date, time, IP address of the user's computer, address of the page visited, address of the page previously visited, information about the user's operating system and browser.

Google Analytics' web analytics software and external server help you independently measure and audit your website traffic and other web analytics data. The data controller can provide detailed information on the handling of measurement data at www.google-analytics.com .

In order to provide customized service, external service providers use a small data packet on the user's computer, called a cookie is placed and read back. If the browser returns a previously saved cookie, the service providers that handle it will be able to link the user's current visit to the previous ones, but only for their own content.

On the promesa.hu website, the so-called web beacons are not used.


3/2. Contact details for promesa.hu, application, information request


The purpose of data management: contacting, keeping in touch, requesting information.

Legal basis for data processing: voluntary consent of the data subject.

The scope of the data processed: name, e-mail address, telephone number, subject, text, date and time of the message, as well as other personal data provided by the data subject.

Deadline for deletion of data: termination of the purpose of the processing or withdrawal of consent.

Deadline for deleting data: withdrawal of consent, termination of the purpose of data processing

Deletion or modification of personal data can be initiated in the following ways:

  • by post: Promesa Marketing Kft. 1133 Budapest, Gogol utca 13. at,
  • by e-mail to info@promesa.hu.

The rights of the Users related to data protection and the way of exercising them: The rights and obligations of the User based on law are regulated by Info tv. 14-21. §. Pursuant to the law, the User has the right to information and may request the correction, deletion or blocking of his / her data. You can find out more about your rights and obligations in the sections of the law indicated above on the following website: http://njt.hu/cgi_bin/njt_doc.cgi?docid=139257.296244 (§ 14-21)

Possibilities of legal remedy related to data management: The possibilities of legal remedy for the User affected by data management can be found in the Info tv. 22-23. § contains: http://njt.hu/cgi_bin/njt_doc.cgi?docid=139257.296244

For more information on data management, please contact the Data Controller of the website at info@promesa.hu and the National Data Protection and Freedom of Information Authority (Headquarters: 1125 Budapest Szilágyi Erzsébet fasor 22 / c, Postal address: 1530 Budapest, Pf .: 5., Telephone: +36 (1) 391-1400).

4. Storage of personal data, data management

They can be found on the computer tools of Promesa Marketing.

5. Data and contact details of the data controller

Name: Promesa Marketing Ltd. and employees in employment with him in connection with the performance of a particular contract.

Headquarters: 1133 Budapest, Gogol utca 13.

Online availability: info@promesa.hu

6. Data and contact details of the data processor

Name: Promesa Marketing Ltd. and employees in employment with him in connection with the performance of a particular contract.

Headquarters: 1133 Budapest, Gogol utca 13.

Online availability: info@promesa.hu

7. Options for redress

The data owner concerned may lodge a complaint with the National Data Protection and Freedom of Information Authority. Contact details of the office:

National Authority for Data Protection and Freedom of Information
1024 Budapest, Szilágyi Erzsébet avenue 22 / C.
Website: http://www.naih.hu