Privacy Policy

Privacy Policy (GDPR) + Cookie Notice

Effective date: 2025-12-19

1) Data Controller (Operator) details

Operator (Data Controller): Huszti Sándor Csaba
Accommodation name: Teal Apartman
Address: 8200 Veszprém, Ádám Iván utca 23. 2. em. 201. ajtó, Hungary
Email: betealapartman@gmail.com
Phone: +36 30 224 4445
NTAK registration number: MA23067170
Tax number: 72534308-1-33

Data Protection Officer (DPO): Huszti Sándor Csaba
DPO contact: betealapartman@gmail.com, +36 30 224 4445

This notice is provided in line with the transparency requirements of GDPR Article 13. GDPR

2) Scope and purpose

This Privacy Policy explains how we process personal data when you visit our website, contact us, request an offer, or make a booking. It also explains your rights and how you can exercise them. GDPR+1

3) What data we process, why, and for how long

3.1 Contact form

Data processed: name, email address, phone number, message content, submission date/time, technical data (e.g., IP address)
Purpose: handling inquiries, responding, communication, administration
Legal basis: legitimate interest (customer communication)
Retention: until the matter is closed, but no longer than 12 months

3.2 Offer request / booking form

Data processed: name, email, phone, arrival/departure dates, number of guests, notes, submission date/time, technical data (e.g., IP address)
Purpose: preparing an offer, processing bookings, communication, administration
Legal basis: steps prior to entering into a contract / performance of a contract
Retention:

  • unsuccessful / non-finalized requests: 12 months

  • completed bookings: 5 years (typical limitation/claims handling and administration)

3.3 Invoicing (Számlázz.hu)

Data processed: name, address, invoicing data, invoice content (service details)
Purpose: issuing invoices, accounting and statutory retention obligations
Legal basis: legal obligation
Retention: 8 years (accounting retention)
Számlázz.hu privacy information: https://www.szamlazz.hu/adatvedelem/ Számlázz

3.4 Chat widget (Messenger)

Data processed: data you share in chat (e.g., name/profile, messages), conversation content, technical identifiers required for the service
Purpose: fast communication and customer support
Legal basis: your initiation/consent by starting the chat and/or legitimate interest (communication)
Retention: until the conversation is closed, but no longer than 12 months if it does not result in a booking/invoicing
Meta Privacy Policy: https://www.facebook.com/privacy/policy/ Facebook

3.5 Anti-spam protection (Google reCAPTCHA or hCaptcha)

Data processed: technical and security-related data (e.g., IP address and signals used to detect bots), cookies set by the security tool
Purpose: protecting forms and the website against abuse and automated spam
Legal basis: legitimate interest (IT security)
Retention: according to the service provider’s settings (only as needed for security purposes)
reCAPTCHA FAQ: https://developers.google.com/recaptcha/docs/faq Google for Developers

3.6 Website analytics (Google Analytics / GA4)

Data processed: cookie identifiers, device and browser data, usage/interaction events; IP address may be processed technically as part of the service
Purpose: statistics and website improvement (understanding how visitors use the site)
Legal basis: consent (analytics cookies)
Retention: according to GA4 settings (typically 2–14 months for event data, depending on configuration)
Google Analytics Data Processing Terms: https://support.google.com/analytics/answer/3379636 Google Support

3.7 Server logs (Hostinger hosting)

Data processed: IP address, access logs, device/browser data, timestamp, requested pages/resources (URL), error codes
Purpose: operation, troubleshooting, security, abuse prevention
Legal basis: legitimate interest (secure and stable service)
Retention: typically 30–90 days (depending on hosting configuration)

4) Processors and third parties we use

We use service providers to operate the website and handle administration (processors). Depending on your interaction, your data may be processed by:

5) International data transfers (outside the EEA)

Some providers (notably Google and Meta) may involve transfers or access outside the EEA. Where applicable, providers use contractual safeguards (e.g., Standard Contractual Clauses) as described in their terms and documentation. Google Workspace+1

6) Cookie notice

We may use cookies and similar technologies for:

  • Strictly necessary operation and security

  • Analytics (GA4) — only if you provide consent

  • Third-party features (e.g., Messenger, reCAPTCHA) that may set technical cookies required for their operation

You can manage your consent via the cookie banner on the website (you can withdraw consent at any time). Google Support+1

7) Your rights under GDPR

You have the right to:

  • access your personal data,

  • rectification,

  • erasure (where applicable),

  • restriction of processing,

  • object to processing based on legitimate interest,

  • withdraw consent (where processing is based on consent),

  • data portability (in certain cases). GDPR+1

How to exercise your rights:
Email us at betealapartman@gmail.com. We respond without undue delay and within 1 month (GDPR standard timeframe). Homepage | Data Protection Commission

8) Complaints to the supervisory authority (Hungary)

If you believe your data protection rights have been violated, you may lodge a complaint with:

NAIH (National Authority for Data Protection and Freedom of Information, Hungary)
Address: 1055 Budapest, Falk Miksa utca 9-11., Hungary
Postal address: 1363 Budapest, Pf.: 9., Hungary
Email: ugyfelszolgalat@naih.hu
Website: https://www.naih.hu/ugyfelszolgalat-kapcsolat NAIH

9) Data security

We apply appropriate technical and organizational measures to protect personal data (access control, passwords, restricted access, updates, logging, and secure hosting practices). Hostinger’s data processing addendum is available here: https://www.hostinger.com/legal/dpa Hostinger

10) Updates to this policy

We may update this notice if our processes or providers change. The latest version will always be published on the website.

Scroll to Top