1. Web Shop Information:
The operator of the [URL] online store is [COMPANY NAME]
Address: [ADDRESS]
Tax ID: [TAX ID]
Registry authority: Budapest Court of Registration
Email: [EMAIL]
2. Steps for Electronic Contracting
2.1. Registering on the [URL] online store. The Customer must provide accurate information during registration
2.2. Selecting the desired product(s). The subject of the electronic contract is the selected product(s). The purchase prices are displayed next to the products, including VAT. Images of the products may be illustrations.
2.3. Proceed to checkout and submit the order.
2.4. The [URL] confirms the order electronically within 15 minutes. The order and its confirmation are considered received when they become accessible to both the [URL] and the Customer. If confirmation is not received within 15 minutes of order submission, the Customer may inquire about the order’s status via the customer service phone number of the respective regional store.
2.5. For online payments, card payments are processed through the Barion system. The merchant does not receive the card details. The service provider, Barion Payment Zrt., is an institution supervised by the Hungarian National Bank, with license number H-EN-I-1064/2013.
2.6. For home delivery, the ordered product(s) are handed over for delivery by a courier. Payment can be made in cash or by card at the delivery location. Delivery typically occurs within 50 minutes of order confirmation, but this may vary depending on order volume.
2.7. For food delivery, orders cannot be canceled. An exception to this is if the Customer notifies the regional store’s customer service phone number within 5 minutes of placing the order.
2.8. Tools provided to identify and correct input errors before order submission:
- The contents of the “Cart” can be checked at any time, and the order can be modified or deleted before submission.
- Personal data can be changed at any time.
2.9. The contract established through the order, confirmation, and final invoice is not considered a written contract, and [URL] does not archive it, nor will it be accessible later.
3. Issues, Complaints, Customer Service
For any issues or complaints related to the order, the Customer can contact the regional store’s customer service phone number.
Supervisory authorities:
- National Consumer Protection Authority – 1088 Budapest, József krt. 6.
- Budapest Capital Government Office Consumer Protection Inspectorate – 1052 Budapest, Városház u. 7.
- Budapest Conciliation Board – 1016 Budapest, Krisztina krt. 99, III. em. 310.
4. Provisions and Data Management
By using the [URL] pages, all users implicitly accept the following usage and privacy conditions.
If the usage and legal conditions for using the [URL] pages are violated, [URL] ([COMPANY NAME]) will promptly take the necessary legal steps, including filing civil lawsuits, initiating notice-and-takedown procedures regulated by e-commerce laws, and filing complaints for suspected crimes, or notifying the relevant authorities and cooperating with them.
The primary goal of data processing conducted by the Operator in connection with the Service is to provide the Service efficiently, safely, and in a personalized manner. The additional goals of data processing include identifying users, resolving disputes, providing information to users, troubleshooting issues, enforcing the Rules, and exercising the rights of the Operator.
The Operator is entitled to send information related to the operation of the Service (e.g., technical messages, information about changes to the Service) to users using their personal data. The Operator uses the data provided by users for direct marketing only with their explicit prior consent, and such data processing lasts until consent is withdrawn, i.e., until the user unsubscribes.
Registration
The Service can be used without registration, i.e., without providing personally identifiable information, but some services are tied to registration and personal data. The Operator clearly indicates the mandatory and optional data during registration. The mandatory data only include data essential for the safe and legal provision and use of a particular service.
Users can decide not to provide certain data, meaning data provision within the Service is voluntary, and the legal basis for data processing is the user’s informed, explicit, and prior consent. However, this may prevent the user from using certain services.
The Operator also records certain data related to users, which may sometimes qualify as personal data, even if the Service is used without registration.
Data Transfers and Third-Party Data Processing
The Operator does not share personal data that can identify a user with third parties without the user’s explicit consent unless otherwise required by law. In some cases, the username (identifier) is public, and user activity within the Service can be tracked and retrieved by anyone based on the identifier, potentially leading to conclusions about personal data. It may happen that the user or another person reveals a user’s identity or enables others to identify them and link their activities to their identity. Users can make their names, email addresses, and other data publicly available and provide numerous personal data while expanding their profiles. The decision to disclose such data is solely up to the user, and such disclosure qualifies as voluntary publication of personal data. Users disclose such data knowing that anyone can misuse it (e.g., by building a personality profile) and that the Operator cannot prevent such misuse. The Operator is entitled to send alerts or announcements or make them available regarding suspicious or illegal activities using user data. Some parts of the Service (e.g., co-branded pages) may be provided or operated by independent providers. If a user decides to use these services and provides personal data, the independent provider’s privacy policy applies to such data processing. The Operator may outsource certain parts of the Service’s operation or use subcontractors. In such cases, some user data may be shared, but the receiving entities are bound by confidentiality regarding the shared data. In the case of outsourcing, users are appropriately informed. Related entities and individuals may collect user data for their purposes, but only with the user’s consent and in accordance with the law and their privacy policy. The Operator cooperates with investigative authorities and courts to detect and penalize violations within the Service (e.g., fraud, intellectual property rights violations). The Operator complies with legal requests for data and provides the managed user data to authorized authorities or individuals. The Service contains numerous links (“jump points”) to pages maintained by other providers. Clicking on a link takes users to another page, and the operator of that page is solely responsible for data processing. If a user wants to learn about personal data processing in such cases, they should read the privacy policy of the relevant webpage or contact its operator.
Data Security
The Operator does its best to secure the personal data of users, both during online data processing and offline data processing. Although the Operator uses industry-standard security measures, it cannot guarantee that user activities within the Service or personal data displayed within the Service will be handled solely in the ways defined in this privacy policy. Third parties or other users may intercept or eavesdrop on messages or data protected by legal provisions on data protection and privacy. Additionally, users may provide their data to third parties, who may misuse them. According to the Electronic Commerce and Information Society Services Act of 2001, the Operator is entitled to manage certain personal data, including billing and traffic data, even without user consent. According to the Electronic Communications Act of 2003, Internet service providers and other communication providers can manage certain user data within the law.
Users are solely responsible for using their identifiers and passwords, including all related activities. Therefore, it is advised to keep the association between the user and identifier and the password confidential. If a user discloses these to a third party, they may lose control over their data and become personally liable for legal matters. In such cases, it is recommended to immediately change the identifier or password.
6.4. By using the Service, the User and the Operator communicate via telecommunication means, and information is provided over an open network (Internet). This requires the Operator to adhere to strict monitoring and security requirements. Accordingly, the Operator strives to ensure that the service is safe from a technical standpoint, using industry-standard security measures (e.g., firewalls and, in some cases, SSL or other encryption protocols).
Exercising Rights and Legal Remedies
Within the Service, users can modify, correct, and delete their data at any time, which can be done by logging into their personal account. Users have the right to request information about their data usage by emailing [EMAIL]. The Operator, as a data controller, provides information on the managed data, purpose, legal basis, duration, and recipients upon request. Deleting an identifier and password is only possible by terminating the user’s account.
Users who feel that the Operator has violated their data protection rights can seek redress in civil court or request the assistance of the data protection commissioner. The detailed legal provisions for this are outlined in the 1992 Act LXIII on the Protection of Personal Data and the Disclosure of Public Interest Data.
Exclusion of Operator’s Liability
The Operator disclaims all liability for information stored, made accessible, published, or sent by users within the Service.
If the Operator becomes aware that a user provides personal data of another person, uses publicly accessible or unlawfully acquired personal or other data in a manner that violates third-party rights or the law (e.g., for direct marketing), or violates the privacy policy or causes harm during the Service’s use, the Operator will take necessary legal steps to seek compensation for damages and hold the offender legally accountable. The Operator will assist authorities in identifying and holding the offender accountable.
If users provide or use third-party data during the Service (e.g., using the page recommendation service), they are solely responsible for complying with the legal requirements, including obtaining informed consent from the third party.
