Data processing information

Data processing information pertaining to gaalkuria.com website

1.

Name of data controller: GAÁL-BARABÁS KFT
Address: Romania , Kovaszna megye , Dalnok nr 90
E-mail: manager@gaalkuria.com
Telephone: +40726760956
Website: www.gaalkuria.com
Representative: Csiszer Gabor-Zsolt


2. Legal regulations forming the basis of data processing:

Regulation (EU) 2016/679 of the European Parliament and of the Council (27 April 2016) on
the protection of natural persons with regard to the processing of personal data and on the free
movement of such data, and on the repealing of Directive 95/46/EC (General Data Protection
Regulation: GDPR);
Act CXII of 2011 on Informational Self-Determination and Freedom of Information.


3. Scope and duration of processed personal data, data subjects:


User: person taking advantage of website services (reading news and information material,
viewing videos and image galleries, and sending messages), furthermore, natural person
viewing the website.
Scope of processed personal data: name, e-mail address


4. Purposes, legal basis of data processing:


Purposes of data processing:
online content provision
maintaining contact with the User

The Data Controller shall not use the personal data provided for any purposes other than those
designated above.

Legal basis of data processing: voluntary consent as determined in Article 6. (1) a) of the
GDPR, which occurs on the basis of the User’s voluntary, prior consent based on appropriate
information. The User shall be entitled to withdraw consent at any time, the withdrawal of
which does not in any way affect the legality of data processing prior to withdrawal.
The User warrants that in the course of using the services of the website it disposes of the
appropriate legal grounds for handling the personal data given or made accessible by the User
about other persons. All responsibility for User content uploaded and shared into the services
by the User is borne solely by the User.

The Data Controller does not check the given personal data. The person providing such data
shall be exclusively responsible for their accuracy.
The User personal data of a natural person not yet aged 16 years may be processed only with
the consent of an adult exercising parental supervision over such person.


5. Data processing duration:


In the case of e-mails sent by the User, the contacted Data Controller shall delete the name
and the e-mail address on the 90th day after closure of the case referred to in the request, with
the exception, if in an individual case, where the legitimate interest of the Data Controller
justifies continued handling of the personal data, for the duration of the existence of the
legitimate interest of the Data Controller.
Data automatically, technically recorded during the operation of the system are stored in the
system for a period of time – calculated from the time of their generation – justified from the
point of view of ensuring the operation of the system.


6. Automatically collected data:


Data of the computer or mobile device used by the User to login, which are generated in the
course of using the website and which the Data Controller’s system records as an automatic
result of technical processes, thus in particular the Internet Protocol (IP) address, browser
type, language setting, operating system, internet service provider (ISP) and time stamp.
The website automatically logs all data that are automatically recorded when entering or
leaving the site without the User’s separate declaration or act. These data may not be linked

with other personal User data, with the exception of cases mandated by law. Data may be
accessed exclusively by the Data Controller.

Data automatically, technically recorded during the operation of the system are stored in the
system for a period of time – calculated from the time of their generation – justified from the
point of view of ensuring the operation of the system.


7. Use of Data Processor, data forwarding:


The services of another Data Processor may be taken advantage of in order to ensure the
activity of the Data Controller.
The Data Controller may not reach a decision independently, it shall only be entitled to
proceed on the basis of the contract signed with the Data Processor and instructions it has
received. After 28 February 2021, the Data Processor shall record, handle and process the
personal data forwarded and handled or processed by the Data Controller in compliance with
the provisions stipulated in the GDPR, and shall make a declaration thereto to the Data
Controller.
The Data Controller shall monitor the work of the Data Processor.
The Data Processor shall not be entitled to take advantage of further data processors.
The Data Controller is entitled and required to forward all those personal data at its disposal
and stored by it in the correct way to the competent authorities, which personal data is
required to be forwarded by it according to legal regulation or final and binding official order.
The Data Controller shall not be liable for such mandated data forwarding or for any
consequences arising thereto.
Data shall not be passed to any third country or international organization.


8. Data security measures:


The Data Controller stores personal data on its own server. The services of another company
can be used for storage of data (v. Data Processor designated in Point 5.). The Data Controller
and the contracted Data Processor shall take appropriate measures to ensure that personal data
is protected, among other things, against unauthorized access.


9. Rights of Users in connection with data handling:

The right to request information
The User may request, via the contact details given in Point 1., information about which of
his/her personal data are being handled, on what legal basis, for what data handling purpose,
from which source and for how long, furthermore, to whom, when, on what legal basis and
which of his/her personal data the Data Controller provided access or to whom it forwarded
such personal data.
The Data Controller shall fulfil the request for information submitted by the User to the
contact detail given by the User within one month.


The right to correction
The User may request, via the contact details given in Point 1., the Data Controller to correct
any of his/her personal data. The Data Controller shall fulfil the request within one month and
shall notify the User thereto at the contact detail given by the User.


The right to block (restricting data handling)
The User may request, via the contact details given in Point 1., the Data Controller to block
his/her personal data (by clearly indicating the restricted nature of the data handling and
providing handling separated from other data). The block remains in force as long as the
reason given by the User makes it necessary to store the data.


The right to objection
The User may object, via the contact details given in Point 1., to data handling if, according to
his/her standpoint, the Data Controller is not handling his/her personal data appropriately in
connection with the purpose specified in the current data handling information. In such an
instance, the Data Controller must prove that the handling of personal data is justified by
compelling legitimate reason that takes precedence over the interests, rights and freedoms of
the data subject, or that are related to the submission, enforcement or defence of legal claims.


The right to deletion
The User may request, via the contact details given in Point 1., deletion of his/her personal
data.

The request for deletion may be rejected (i) for the purpose of exercising the right to freedom
of expression and information, or (ii) if legal regulation on the processing of personal data
authorizes such; furthermore (iii) for the submission, enforcement or defence of legal claims.
In every case, the Data Controller shall inform the User about the rejection of the request for
deletion, indicating the reason for the rejection of deletion. Having fulfilled the request for the
deletion of personal data, the previous (deleted) data can no longer be restored.


10. Opportunities for legal enforcement connected with data handling:


In the case of data handling judged to be illegal, the data subject may submit a complaint to
the Hungarian National Authority for Data Protection and Freedom of Information (NAIH)
Hungarian National Authority for Data Protection and Freedom of Information, address: 1055
Budapest, Falk Miksa u. 9-11. E-mail: ugyfelszolgalat@naih.hu, website: www.naih.hu
or the data subject, in the interest of the protection of his/her data, may turn to the courts,
which case is handled as a matter of urgency. In this case, the data subject may freely decide
whether to submit the complaint to the court with competence according to his/her residence
(permanent address) or temporary residence (temporary address), or the head office of the
Data Controller. Courts can be searched by residence or temporary residence at
http://birosag.hu/ugyfelkapcsolatiportal/birosag-kereso.


11. Changes to information:


The Data Controller reserves the right to change, unilaterally, the current Information at any
time. By opening the gaalkuria.com website and reading the contents therein the User accepts
the prevailing provisions of the Information, beyond which there is no requirement to seek the
consent of individual Users.
The currently prevailing Information can be accessed at the following link:
www.gaalkuria.com

Dalnic 90, 527121 Dálnok, Románia
reservations@gaalkuria.com
+40 727 319 323
törzsvendég feliratkozás

Kapcsolat

Dálnok 90, Dalnic 527121, Romania
+40 727 319 323
reservations@gaalkuria.com

Legyen a törzsvendégünk

Köszönjük, az üzenetét kézbesítettük
Hoppá! Az üzenetet nem sikerül elküldeni.
Adatvédelmi nyilatkozatFelhasználói feltételek
All right reserved Gaal Kúria 2023

Cookie Consent

By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Preferences
RejectAccept all

Cookie Preferences

When you visit websites, they may store or retrieve data in your browser. This storage is often necessary for the basic functionality of the website. The storage may be used for marketing, analytics, and personalization of the site, such as storing your preferences. Privacy is important to us, so you have the option of disabling certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may impact your experience on the website. More Infomartion

Allow All

Manage Consent Preferences

Essential

Always active

These items are required to enable basic website functionality.

Marketing

These items are used to deliver advertising that is more relevant to you and your interests. They may also be used to limit the number of times you see an advertisement and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the website operator’s permission.

Personalization

These items allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features. For example, a website may provide you with local weather reports or traffic news by storing data about your current location.

Analytics

These items help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues. This storage type usually doesn’t collect information that identifies a visitor.

Reject All
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.