Privacy Policy

This Privacy Policy provides information on the data processing activities carried out on the websites https://manointerieur.hu/ and https://manointerieur.eu by MANO INTERIEUR Korlátolt Felelősségű Társaság (hereinafter: Data Controller).

During the preparation of this policy, we have taken into account all applicable legal regulations governing our activities, with particular regard to Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter: GDPR).

Provisions Applicable to the Data Controller:

During data processing on the websites https://manointerieur.hu/ and https://manointerieur.eu, MANO INTERIEUR Korlátolt Felelősségű Társaság acts as the Data Controller.

Tax Number: 23952874-2-18
Contact Details: +36-30-530-02-23; info@manointerieur.hu

Data Subject Rights and Legal Remedies

Data subjects may request information regarding the data processing from the Data Controller. They may request the rectification, modification, erasure, or restriction (blocking) of their processed personal data, object to the data processing, and seek legal remedy before a court (they may also initiate proceedings before the regional court competent according to their place of residence or stay). Furthermore, they may initiate proceedings with the National Authority for Data Protection and Freedom of Information using the following contact details:

National Authority for Data Protection and Freedom of Information (NAIH)
Registered Office: H-1055 Budapest, Falk Miksa utca 9-11., Hungary
Mailing Address: 1363 Budapest, Pf. 9.
Phone: +36-1-391-1400
Fax: +36-1-391-1410
Email: ugyfelszolgalat@naih.hu
Website: https://www.naih.hu

At the request of the data subject, the Data Controller shall provide information regarding:

The data subject's data processed by the Data Controller or by a data processor commissioned by or acting on behalf of the Data Controller,
The source of such data,
The purpose, legal basis, and duration of the data processing,
The name, address, and data processing activities of the data processor,
The circumstances, effects, and measures taken to mitigate a personal data breach (if any), and
The legal basis and recipient of the data transfer in the event that the data subject's personal data is transferred.

We shall provide the information in an intelligible form in writing (at the data subject's request to this effect) within the shortest possible time from the submission of the request, but no later than within one month. Information provided under Articles 13 and 14 of the GDPR, as well as any communication and actions taken under Articles 15–22 and 34 of the GDPR, shall be provided free of charge.

If the data subject's request is manifestly unfounded or excessive – in particular because of its repetitive character – the Data Controller, taking into account the administrative costs of providing the information or communication or taking the action requested, may either:

a) charge a reasonable fee, or
b) refuse to act on the request.

The Data Controller shall rectify personal data if it is inaccurate and the correct personal data is available to our company.

Unless otherwise provided by law, the Data Controller shall erase personal data if:

Its processing is unlawful,
The data subject requests its erasure,
It is incomplete or incorrect, and this status cannot be lawfully remedied, provided that erasure is not prohibited by law,
The purpose of the data processing has ceased, or the statutory retention period for the data has expired,
It has been ordered by a court or the National Authority for Data Protection and Freedom of Information.

Instead of erasure, our company shall restrict (block) personal data if the data subject requests this, or if, based on the available information, it can be assumed that erasure would prejudice the data subject's legitimate interests. Personal data restricted in this manner may only be processed for as long as the data processing purpose that precluded the erasure of the personal data exists.

The Data Controller shall mark the personal data processed by it if the data subject contests its correctness or accuracy, but the incorrectness or inaccuracy of the contested personal data cannot be clearly established.

If our company does not comply with the data subject's request for rectification, restriction, or erasure, it shall communicate the factual and legal reasons for refusing the request in writing or, with the data subject's consent, by electronic means within 14 days of receiving the request. In the event of the refusal of a request for rectification, erasure, or restriction, our company shall inform the data subject of the possibilities of judicial remedy and of lodging a complaint with the National Authority for Data Protection and Freedom of Information.

The data subject may object to the processing of their personal data:

If the processing or transfer of personal data is necessary solely for compliance with a legal obligation applicable to the Data Controller or for the purposes of the legitimate interests pursued by the Data Controller, the data recipient, or a third party, except in the case of mandatory data processing;
If the personal data is used or transferred for the purposes of direct marketing, public opinion polling, or scientific research; and
In other cases specified by law.

The Data Controller shall examine the objection within the shortest possible time from the submission of the request, but no later than within one month, take a decision on its merits, and inform the applicant of its decision in writing. If the Data Controller establishes that the data subject's objection is well-founded, it shall terminate the data processing – including further data collection and data transfer –, restrict the data, and notify all those to whom the personal data subject to the objection had previously been transferred. If the data subject disagrees with our decision, the data subject may turn to a court within 30 days of the communication of the decision.

In the event of a violation of their rights, the data subject may turn to a court. The court shall handle the case in an expedited procedure. The adjudication of the lawsuit falls within the competence of the Regional Court (Törvényszék). The lawsuit may – at the choice of the data subject – also be initiated before the Regional Court competent according to the data subject's place of residence or stay.

The Data Controller shall compensate any damage caused to others by the unlawful processing of the data subject's data or by violating technical data protection requirements. The Data Controller shall also be liable to the data subject for damage caused by a data processor. The Data Controller shall be exempt from liability if it proves that the damage was caused by an unpreventable cause outside the scope of data processing.

The Data Controller reserves the right to amend this Privacy Policy.

Specific Privacy Policies Related to Data Processing Activities

1. Specific Privacy Policy for Contact Inquiries

The Data Controller does not provide a separate registration option and does not operate a webshop on the websites https://manointerieur.hu/ and https://manointerieur.eu/.

The Data Controller utilizes an online form operating on the website. The online form generates an email using the data fields filled out by the interested party, which is sent to our address. Information from interested parties is thus registered in our electronic mailbox in the form of emails generated from the online form, as well as within the Microsoft 365 cloud service.

Scope of Processed Data: During contact inquiries, we process the following personal data: name (unless the name is publicly available data due to public interest); email address (unless the email address is publicly available data due to public interest); message.
Purpose of Data Processing: Ensuring personal contact, sending professional news, business proposals, and promotional messages.
Legal Basis for Data Processing: Article 6(1)(b) of the GDPR [processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract].

Scope of Data Processors:

Webnode AG (Hosting services, form services, data transfer to internal email address)
- Registered Office: Badenerstrasse 47, 8004 Zurich, Switzerland
- Website: www.webnode.hu
Google LLC (Google Drive services)
- Registered Office: 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States
- Website: www.google.com, www.google.com/gmail
Microsoft Ireland Operations Limited (Microsoft 365; OneDrive, Outlook Mail)
- Registered Office: One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland
- Website: www.microsoft.com

2. Specific Privacy Policy for Social Media Pages

The Data Controller maintains a public Facebook profile. Our company publishes news on the aforementioned social media portal with the purpose of promoting the company by ensuring that its profile appears on the timelines of followers ("likers") and sharers, thereby increasing organic reach. Our company utilizes the measurement and analytics services provided by the social media platform.

Scope of Processed Data: During the use of social media pages, we process the following personal data: name and public profile picture.
Purpose of Data Processing: Promotion of our company and the services and products offered by our company.
Legal Basis for Data Processing: Article 6(1)(a) of the GDPR [the data subject has given consent to the processing of his or her personal data for one or more specific purposes].