PRIVACY AND DATA PROTECTION NOTICE

AGB Produkciós Iroda Kft., the operator of Pipacs Guesthouse (hereinafter: Data Controller), provides this Privacy and Data Protection Notice regarding the processing of personal data of users of the website www.apipacs.hu (hereinafter: Website) in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation – GDPR), for the purpose of informing data subjects in advance and facilitating the exercise of their rights.

DATA CONTROLLER

The Data Controller operating the Website (www.apipacs.hu):

  • Company name: AGB Produkciós Iroda Kft.
  • Registered office: 3388 Poroszló, Napsugár út 16., Hungary
  • Company registration number: 10 09 040969
  • Court of registration: Eger Regional Court
  • Tax number: 14519202-2-10
  • Phone number: +36 30 420 5199
  • Email address: pipacsvendeg@gmail.com
  • Website: www.apipacs.hu
  • Represented by: Ildikó Kocsis, Managing Director (hereinafter: Data Controller)

 

PRINCIPLES OF DATA PROCESSING

The Data Controller processes personal data lawfully, fairly, and in a transparent manner. Personal data are collected only for specified, explicit, and legitimate purposes and are not further processed in a manner incompatible with those purposes. The Data Controller ensures the accuracy and up-to-dateness of the processed data, guarantees the exercise of data subject rights, and safeguards the integrity and confidentiality of personal data.

DATA PROCESSING ACTIVITIES

  1. Data Processing on the Website

Personal data are collected and processed on the Website exclusively for the performance of a contract (including steps taken prior to entering into a contract) and on the basis of the data subject’s consent, as detailed below.

1.1 Contact and Booking Enquiries

When contacting the Data Controller via the Website, email, or telephone for booking-related enquiries, the Data Controller processes the personal data provided by the data subject for the purpose of responding, providing offers, arranging bookings, and performing the contract.

  • Processed data: name, phone number, email address, billing address (if applicable), and the content of the message (arrival and departure dates, number of guests)
  • Legal basis: performance of a contract / pre-contractual steps (Article 6(1)(b) GDPR) and consent (Article 6(1)(a) GDPR)
  • Retention period: up to 1 year following the closure of the enquiry; in case of a confirmed booking, until the expiry of legal claims; billing data are retained for 8 years

1.2 Newsletter Subscription

Visitors may subscribe to the newsletter by providing their email address.

  • Processed data: email address
  • Legal basis: consent
  • Retention period: until consent is withdrawn
  1. Data Transfers

Personal data are transferred exclusively to the data processors listed in this Notice. Data transfers to third parties occur only where required by law.

In certain cases (e.g. Automattic/MailPoet, Google, Meta/Facebook), personal data may be transferred outside the European Union, subject to appropriate safeguards in accordance with Chapter V of the GDPR, in particular the Standard Contractual Clauses (SCCs) adopted by the European Commission.

  1. Use of Cookies

The Website uses cookies to ensure proper operation, perform statistical analysis, and support marketing activities. Cookie settings can be modified via the cookie management interface on the Website or in the browser settings.

  1. Logging

During the technical operation of the Website, the hosting provider may process technical log data (e.g. IP address, time of access) to ensure system security.

Such processing is based on the legitimate interests of the Data Controller (Article 6(1)(f) GDPR). Log data are retained for a maximum of 30 days, unless a longer retention period is required for the investigation of security incidents.

  1. Accounting and Invoicing
  • Processed data: name, address
  • Legal basis: compliance with legal obligations
  • Retention period: 8 years from the date of invoice issuance

DATA PROCESSORS

  • AURUM PROTECTOR Kft. – hosting and website operation
  • Cég-Center Country Kft. – accounting services
  • KBOSS.hu Kft. – invoicing services
  • Automattic A8C Ireland Ltd. – newsletter services (MailPoet)
  • Google Ireland Limited, Facebook Ireland Limited – statistical and marketing cookies

DATA SECURITY

The Data Controller applies appropriate technical and organizational measures to protect personal data, ensuring their confidentiality, integrity, and availability.

COPYRIGHT

All content available on the Website, including but not limited to texts, images, graphic elements, logos, animations, and videos, is the exclusive property of AGB Produkciós Iroda Kft. or is subject to copyright protection.

Any use, copying, reproduction, distribution, or public display of Website content is permitted only with the prior written consent of the Data Controller. Infringement of copyright may result in legal consequences.

DATA SUBJECT RIGHTS AND ENFORCEMENT

  1. Rights of the Data Subject

1.1 Right of Access and Information

Data subjects have the right to obtain confirmation as to whether their personal data are being processed and, if so, to receive information regarding the purposes, legal basis, categories of data, retention period, and data processors involved.

1.2 Right to Rectification

Data subjects may request the correction of inaccurate personal data and the completion of incomplete data without undue delay.

1.3 Right to Erasure (“Right to be Forgotten”)

Data subjects may request the deletion of their personal data where:

  • the purpose of processing no longer exists,
  • consent is withdrawn and no other legal basis applies,
  • processing is unlawful,
  • erasure is required by law.

Erasure does not apply where processing is necessary to comply with legal obligations or to establish, exercise, or defend legal claims.

1.4 Right to Restriction of Processing

Data subjects may request restriction of processing if the accuracy of the data is contested, processing is unlawful, or the purpose of processing has ceased but legal claims require retention.

1.5 Right to Data Portability

Data subjects are entitled to receive their personal data processed by automated means on the basis of consent or contract in a structured, commonly used, machine-readable format, and to request their transfer to another data controller where technically feasible.

1.6 Right to Object

Data subjects may object to the processing of their personal data based on legitimate interests. In such cases, processing will cease unless the Data Controller demonstrates compelling legitimate grounds overriding the interests, rights, and freedoms of the data subject.

  1. Exercise of Rights

Requests related to data subject rights may be submitted to:

  • Email: pipacsvendeg@gmail.com
  • Postal address: 3388 Poroszló, Napsugár út 16., Hungary

The Data Controller will respond without undue delay, but no later than one month from receipt of the request. This period may be extended by up to two additional months where necessary.

  1. Remedies

Data subjects may lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information
(1125 Budapest, Szilágyi Erzsébet fasor 22/c., www.naih.hu)
or seek judicial remedy before the competent court based on their place of residence or stay.

Poroszló, 2 November 2025

Pipacs Vendégház Poroszló logó
Facebook Instagram Google

Copyright © 2026 Pipacs Vendégház ®

Call Now Button