Nefelejcs Vendégház Logo

Privacy Policy

Effective: 2026.02.01.

1. Introduction

The purpose of this notice is to summarize the principles, procedures, and practices related to the processing of personal data handled by Müllerné Tolnai Edina (hereinafter: Data Controller), and to inform the users of the nefelejcshaz.hu website accordingly.

Data Controller details:

Name: Müllerné Tolnai Edina

Registered office and mailing address: 6230 Soltvadkert, Koltói Anna utca 70.

Email address: petraapartman.vadkert@gmail.com

Hosting service provider details:

Name: Rackforest Zrt.

Registered office and mailing address: 1132 Budapest, Victor Hugo utca 11. 5. em.

Tax number: 32056842-2-41

Email address: info@rackforest.hu

Website: www.rackforest.com

2. PROCESSING OF PERSONAL DATA AND LEGAL BASIS OF DATA PROCESSING

Personal data are any information that makes it possible to clearly identify an individual.

On the nefelejcshaz.hu website, we process the following personal data, with the precise indication of their legal basis:

COMMUNICATION DATA

This includes any message you send to us via the website, email, social media messages, or any other form of communication. We process and retain this data in order to fulfill requests and to provide a basis for decisions in the event of potential legal claims.

The legal basis for processing this data is the user’s demonstrable interest in our activities, as expressed through messages addressed to us.

USER DATA

This includes data generated during the use of the website that enable the technical operation of the site, help maintain its security, store backups of user activity, and ensure that you always have access to the most relevant content.

The legal basis for processing this data is the user’s clear interest in our activities, as the storage of such data is necessary to ensure and maintain the technical operation of the website.

TECHNICAL DATA

This includes data generated during the use of the website, such as IP address, login information, browser data, time spent on individual pages, page views and navigation paths, number and time of page visits, time zones, and the device used to access the website.

The source of this data is our analytics software.

We process this data to analyze user behavior on the website, maintain secure operation of our site, and understand the effectiveness of our marketing decisions.

The legal basis for processing this data is the user’s clear interest in our activities, which allows us to process this data in accordance with security requirements and use it to grow our business through more effective operations.

3. HOW IS DATA COLLECTED?

We may collect personal data in such a way that the user provides it directly to us (for example, by placing an order or sending a message).

4. NOTES REGARDING PERSONAL DATA

From time to time, it is necessary to share certain personal data with some of our partners in order to maintain normal business operations:

  • IT service providers and service providers performing troubleshooting and maintenance on IT systems
  • Professional partners such as lawyers, accountants, bankers, and insurers
  • Government authorities requesting reports on our activities
  • Payment service providers who securely process bank card data
  • Courier services that fulfill incoming orders to the specified delivery address

International Data Transfers

In order to maintain business operations, it may sometimes be necessary to share user data with service partners located outside the European Economic Area (EEA).

Countries outside the EEA often do not provide the same level of data protection; therefore, European laws prohibit the transfer of data abroad in the absence of appropriate safeguards.

Whenever personal data is transferred outside the EEA, in addition to the measures discussed in Section 4, we take the following steps to ensure secure data handling:

  • We only transfer data to countries that are deemed to provide an adequate level of data protection by the European Commission.
  • We only use U.S.-based services that participate in the EU–US Privacy Shield data protection initiative.

If the above conditions are not met, we request the explicit consent of users for the data transfer. Consent may be withdrawn at any time.

Links to External Websites

This website may occasionally contain links to external websites or embedded code snippets that enable the operation of external services.

Clicking on such links or using embedded solutions may allow external partners to collect data about users.

Although we make every effort to thoroughly review our partners, we have no control over their data protection policies and are not responsible for their data processing practices.

5. DATA RETENTION PERIOD

We store users’ data only for as long as required by our legal/accounting/data reporting obligations, or as long as necessary for the operation of the service.

When determining the retention period, we take into account the amount, nature, and sensitivity of the data, as well as the potential impact of a data breach in the event of a data protection incident.

For taxation purposes, we are required to retain customers’ billing and purchase data for at least 8 years in order to comply with our legal obligations.

In certain cases, we may use the data in anonymized form for statistical purposes, in which case the data may be stored for an unlimited period without further notice.

6. INFORMATION ON THE USE OF ELECTRONIC SURVEILLANCE SYSTEM

Edina Müllerné Tolnai, as the data controller, operates an electronic surveillance system (CCTV camera system) at the Nefelejcs Guesthouse, located at 6230 Soltvadkert, Nefelejcs u. 51. The electronic surveillance systems of the guesthouse are managed by Gábor Müller and Edina Müllerné Tolnai. We inform you that the rules regarding recording, use, and retention of image and sound recordings are governed by the European Parliament and Council Regulation (EU) 2016/679 (April 27, 2016) – on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter “GDPR”), as well as the provisions of Act CXII of 2011 on the right of informational self-determination and freedom of information.

Purpose of the System

The electronic surveillance system is operated to protect human life, physical integrity, and property, to prevent and detect legal violations and accidents, to catch perpetrators in the act, and to provide evidence of violations.

Legal Basis for Data Processing

The legal basis for data processing is the legitimate interest of the Nefelejcs Guesthouse in achieving the above objectives [GDPR Article 6(1)(f)].

Scope of Data Processed

The processed data includes the image and behavior of guests visible on the video recordings.

Access to Footage

Gábor Müller and Edina Müllerné Tolnai are authorized to view the current camera images. Stored recordings may only be accessed by authorized personnel for the purpose of proving violations of law, identifying perpetrators, and investigating events or accidents affecting life, physical integrity, or property.

Data Sharing

Data may only be shared in connection with unlawful conduct or non-compliance in ongoing proceedings with the competent authorities or courts. Shared data may include relevant footage and any names of persons appearing in the recordings.

Rights of Data Subjects

Data subjects whose rights or legitimate interests are affected by the recording may request a copy of the recordings or request deletion in accordance with applicable laws. Furthermore, within 3 working days from recording, they may request that Petra Apartment not destroy or delete the data, upon proving their right or legitimate interest.

You may request information at any time from the Nefelejcs Guesthouse regarding the processing of your personal data. You may also request the correction or locking of your personal data in accordance with applicable laws, and you may object to its processing.

If your rights are violated, you may seek redress in court in accordance with applicable laws. You may also submit a complaint to the National Authority for Data Protection and Freedom of Information if you believe that personal data processing has resulted in a violation or a direct risk thereof.

Camera Locations

The monitored areas of the guesthouse (by camera number):

I. Camera covering the first external and internal entrances of the guesthouse, primarily for detecting, proving violations and catching perpetrators in the act.

II. Guesthouse garden. The primary purpose is the protection of property, equipment, and inventory, as well as the prevention and detection of accidents.

Retention Period

The service provider retains recordings for 1 week.

7. RIGHTS OF THE VISITOR

As a citizen of the European Union, the General Data Protection Regulation (GDPR) grants users of the website the following rights:

a, Access to personal data

Users of the website have the right to request a copy of the personal data stored by nefelejcsapartman.hu. In general, such requests are fulfilled free of charge within 14 days of submission.

In the case of repeated, abusive, or unfounded data requests, the Data Controller may charge a reasonable fee for providing the data and may require additional time to fulfill the request.

Furthermore, the Data Controller may request proof of identity before releasing the data in order to prevent misuse. To request access to personal data, please contact us at the email address provided above.

b, Rectification of personal data

If personal data has changed or was provided incorrectly, users have the right to request the correction of such data. To request modification of personal data, please contact us at the email address info@nefelejcshaz.hu.

c, Request for erasure of personal data

Users have the right to request the deletion of all their personal data. Such requests are fulfilled free of charge within 14 days of submission. Following the deletion of personal data, the user account will no longer be accessible, and any purchased content will also become unavailable, as the personal data linked to the user account is essential for accessing the service.

nefelejcshaz.hu may request proof of identity before deleting personal data in order to prevent misuse. To request deletion of personal data, please use the contact form provided above.

d, Request restriction of processing of personal data

Users have the right to request the restriction of the disclosure of their data to third parties (service partners). When submitting such a request, the service partners to be restricted may also be specified.

It is important to note that cooperation with certain service providers is essential for the operation of the website; therefore, restricting these providers may result in the website’s services becoming unavailable to the user.

nefelejcsapartman.hu may request proof of identity before restricting the transfer of personal data in order to prevent misuse. To request restriction of personal data transfer, please use the contact form provided above.

In Hungary, the official authority responsible for data protection is the National Authority for Data Protection and Freedom of Information (NAIH). Users may find more information about their data protection rights on the NAIH’s website.

National Authority for Data Protection and Freedom of Information,

1125 Budapest, Szilágyi Erzsébet fasor 22/C., Mailing address: 1530 Budapest, P.O. Box: 5.

Phone: +36 1 391 1400,

Fax: +36 1 391 1410,

Email: ugyfelszolgalat@naih.hu

8. ANONYMIZED DATA AND “COOKIES”

The nefelejcshaz.hu website uses technical cookies and session identifiers that are necessary for its operation. These are essential to ensure the basic functionality of the website (e.g. user login and access control) and are not suitable for identifying users for marketing purposes. The website does not use cookies for statistical or marketing purposes.