Privacy Policy - Need Some Marketing?

Privacy Policy

What Principles Do We Follow in Our Data Management?


Our Company follows the following principles in the processing of your data:

– We process personal data lawfully and fairly and in a transparent manner for you.

– We collect personal data only for specified, explicit and legitimate purposes and do not process it in a way incompatible with those purposes.

– the personal data we collect and process is adequate, relevant and limited to what is necessary for the purposes for which it is processed.

– Our Company will take all reasonable steps to ensure that the data we process is accurate and kept up to date as necessary, and inaccurate personal data will be promptly deleted or rectified.

– We will store your personal data in a form which permits identification of you for no longer than is necessary for the purposes for which the personal data are processed.

– we use appropriate technical and organisational measures to ensure adequate security of personal data against unauthorised or unlawful processing, accidental loss, destruction or damage.

– Our Company will protect your personal data

– on the basis of your prior informed and voluntary consent and only to the extent necessary and in any event for the purposes for which it is collected, recorded, organised, stored and used.

– In some cases, the processing of your data is based on legal requirements and is mandatory, in which case we will draw your attention to this fact.

– In certain cases, the processing of your personal data is in the legitimate interest of our Company or a third party, for example, for the operation, development and security of our website.

As the data controller, (address, hereinafter referred to as the “service provider” or “data controller”) acknowledges that it is bound by the contents of this legal notice. It undertakes to ensure that any processing of data relating to its activities complies with the requirements of this policy and the applicable national legislation and European Union acts.

The Data Protection Policy relating to the processing of personal data by the Data Controller is permanently available at

The Data Controller reserves the right to change this policy at any time. It will of course inform its audience of any changes in due time.

If you have any questions regarding this notice, please contact us and our team will answer them.

The Data Controller is committed to protecting the personal data of its customers and partners, and attaches the utmost importance to respecting the right to information self-determination of its customers. The Data Controller treats personal data confidentially and takes all security, technical and organisational measures to ensure the security of the data.

The Data Controller describes its data management practices below.


If you have any questions about data processing, you can request further information by sending an e-mail or postal mail to, and we will respond within 15 days (but no later than 1 month) to the contact details you provide.

Data controller’s details

If you wish to contact our Company, you can contact the data controller at and +36 30 390 6392.

The Data Controller will delete all e-mails received by it, together with the personal data, after a maximum of 2 years from the date of communication.

The Service Provider uses the following data processors for the processing of data in order to provide a high quality service to its customers:

Name: Kapás Máté Bence

4200 Hajdúszoboszló Szívós utca 24.

Company registration number: 55831640

Tax number: 57226255-1-29

Phone number: 06 30 390 6392


Data Protection Officer : The Service Provider is not obliged to appoint a Data Protection Officer under Article 37 of the GDPR

Data Processors related to our Direct Marketing and/or Newsletter Service

Name: Kapás Máté Bence

4200 Hajdúszoboszló Szívós utca 24

Personal data processed

Personal data to be provided during registration

No registration or ordering is possible.

Technical data

The Data Controller selects and operates the IT tools used for the processing of personal data in the course of providing the service in such a way that the processed data:

– accessible to those authorised to access it (availability);

– its authenticity and authenticity are ensured (authenticity of processing);

– its integrity can be verified (data integrity);

– is protected against unauthorised access (data confidentiality).

The Data Controller shall take appropriate measures to protect the data against unauthorised access, alteration, disclosure, disclosure, erasure or destruction and against accidental destruction.

The Data Controller shall ensure the security of data processing by technical, organisational and organisational measures that provide a level of protection appropriate to the risks associated with the processing.

The Data Controller shall, during the processing, keep

– confidentiality: it shall protect information so that only those who are entitled to have access to it have access to it;

– integrity: to protect the accuracy and integrity of the information and the processing method;

– availability: it ensures that when the authorised user needs it, he has effective access to the information and the means to obtain it.

Cookies (Cookies)

The function of cookies

– collect information about visitors and their devices;

– remember visitors’ individual preferences, which are used, for example, when they make online transactions, so that they do not have to be re-entered;

– facilitate the use of the website;

– provide a quality user experience.



In order to provide a personalised service, a small piece of data, a cookie, is placed on the user’s computer and read back during a subsequent visit. When the browser returns a previously saved cookie, the cookie provider has the possibility to link the user’s current visit to previous visits, but only in relation to its own content.

Duration of processing

The data retention period of a cookie, more information is available here:

Google general cookie notice:

Google Analitycs notice:

Facebook notice:

Legal background and legal basis for cookies:

The legal basis for processing is your consent pursuant to Article 6(1)(a) of the Regulation.

Main characteristics of the cookies used by the website:

Strictly necessary cookies for the functioning: these cookies are essential for the use of the website and allow the use of its essential functions. In their absence, many of the site’s features will not be available to you. The lifetime of these types of cookies is limited to the duration of the session.

Cookies to improve your user experience: these cookies collect information about your use of the website, such as which pages you visit most often or what error messages you receive from the website. These cookies do not collect any information that identifies the visitor, i.e. they are completely generic and anonymous. We use the information they provide to improve the performance of the website. The lifetime of these types of cookies is limited to the duration of the session.

Third-party cookies (analytics)

Google Adwords cookie When someone visits our site, the visitor’s cookie ID is added to our remarketing list. Google uses cookies, such as NID and SID cookies, to personalise the ads you see in Google products, such as Google Search. It uses such cookies, for example, to remember your recent searches, your previous interactions with advertisements from individual advertisers or search results, and your visits to advertisers’ websites. The AdWords conversion tracking feature uses cookies. To track ad sales and other conversions, cookies are saved on a user’s computer when they click on an ad. Some common uses of cookies include: selecting ads based on what is relevant for a particular user, improving campaign performance reporting, and avoiding displaying ads that the user has already viewed.


Google Analytics cookie: Google Analytics is Google’s analytics tool that helps website and application owners to get a more accurate picture of their visitors’ activities. The service may use cookies to collect information and report statistics about website usage without individually identifying visitors to Google. The main cookie used by Google Analytics is the “__ga” cookie. In addition to generating reports from website usage statistics, Google Analytics, together with some of the advertising cookies described above, can also be used to display more relevant ads in Google products (such as Google Search) and across the web.

Remarketing cookies: may appear to previous visitors or users when browsing other sites on the Google Display Network or searching for terms related to your products or services

Session cookies.

Mobile version, design cookie: detects the device the visitor is using and switches to full view on mobile. Lifetime 365 days.

Cookie acceptance cookie: accepts the cookie storage statement in the warning window when you visit the site. Lifetime 365 days.

Facebook pixel (Facebook cookie) A Facebook pixel is a code that allows the website to report conversions, create audiences and provide the site owner with detailed analytics on visitors’ use of the website. The Facebook pixel is used to display personalised offers and ads to website visitors on the Facebook interface. You can read Facebook’s privacy policy here:

If you do not accept the use of cookies, certain features will not be available to you. For more information on how to delete cookies, please follow the links below:


– Internet Explorer:

– Firefox:

– Mozilla:

– Safari:

– Chrome:

Newsletter related data

Data processing activities related to sending newsletters

Name of company operating the newsletter system: Needsomemarketing / Kapás Máté Bence

Address of the company operating the mailing system: 4200 H.Szob Szívós utca 24

Phone number of the company operating the mailing system: +36 30 390 6392

E-mail address of the company operating the mailing system:

The Data Processor contributes to the sending of newsletters on the basis of a contract with the Data Controller. In doing so, the Data Processor will process the name and e-mail address of the data subject to the extent necessary to send the newsletter.

Description of the options to subscribe and unsubscribe to the newsletter, provision of an unsubscribe option.

Subscription and unsubscription to the newsletter is possible.

Subscription via a link included in an email received after placing an order.

Unsubscribe via a link in any email sent on behalf of

Purpose, method and legal basis of processing

General data processing policy

The data processing of the Data Controller’s activities is based on voluntary consent and on legal authorization. In the case of processing based on voluntary consent, data subjects may withdraw their consent at any stage of the processing.

In certain cases, the processing, storage and transmission of some of the data provided may be required by law and we will inform our customers separately.

Data controllers are reminded that if they do not provide their own personal data, it is the data controllers’ responsibility to obtain the data subject’s consent.

Our data management principles are in accordance with the applicable data protection legislation, in particular the following:

– Act CXII of 2006 on the Right to Informational Self-Determination and Freedom of Information (Infotv.);

– Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46/EC (General Data Protection Regulation, GDPR);

– Act V of 2006 – on the Civil Code (Civil Code);

– Act C of 2006 on Accounting (Accounting Act);

– Act LIII of 2003 – on the Prevention and Combating of Money Laundering and Terrorist Financing (PMT);

– Act CCXXXVII of 2007 – on Credit Institutions and Financial Undertakings (Hpt.).


Physical storage locations of data

Your personal data (i.e. the data that can be associated with you personally) may be processed by us in the following ways: on the one hand, technical data relating to the computer, browser program, Internet address and pages visited in connection with the maintenance of the Internet connection are automatically generated in our computer system, and on the other hand, you may provide your name, contact details or other data if you wish to contact us personally when using the website.

Data technically collected during the operation of the system: the data of the computer of the data subject which are generated during the voting process and which are recorded by the system as an automatic result of technical processes. The data that is automatically recorded is automatically logged by the system at the time of logging in or logging out, without any specific declaration or action by the data subject. This data cannot be linked to other personal user data, except in cases required by law. Only the Operator has access to the data.


Data transfers, data processing, data subjects

Itemised list of companies that transfer, store and access data. List of the data and contact details of the companies concerned (e.g. accounting, invoicing, delivery of goods, crm system, online payment, etc.)

Name of the data processor: Kapás Máté Bence EV. Needsomemarketing – owner

Registered office of the data processor: 4200 H.Szob Szívós utca 24

Phone number of the data processor: +36 30 390 6392

E-mail address of the data processor:

The Data Processor contributes to the registration of orders on the basis of a contract with the Data Controller. In doing so, the Data Processor shall process the name, address, telephone number, number and date of orders of the data subject within the limitation period of civil law.

Data subject’s rights and means of redress

During the period of processing, you have the following rights under the Regulation:

– the right to withdraw consent

– access to personal data and information relating to the processing

– the right to rectification

– restriction of processing,

– the right to access to personal data and to obtain information on the processing of personal data, including the right to access to personal data

– right to object

– the right to portability.

If you wish to exercise your rights, this will involve your identification and the Data Controller will need to communicate with you. For this purpose, identification will require the provision of personal data (but identification may only be based on data that the Controller already holds about you) and your complaints about the processing will be available on the Controller’s email account within the time period indicated in this Notice in relation to complaints. If you have been a customer of ours and would like to be identified for the purposes of complaint handling or warranty handling, please also provide your order ID for identification purposes. We can use this to identify you as a customer.

The Data Controller will respond to complaints about data processing within 30 days at the latest.

What are your Rights and Remedies?

Your Rights and Remedies

– request information about the processing,

– request the rectification, modification or integration of your personal data processed by us,

– object to the processing and request the erasure and blocking of your data (except for mandatory processing),

– have access to judicial remedies,

– lodge a complaint with the supervisory authority or initiate proceedings (


Supervisory Authority: National Authority for Data Protection and Freedom of Information

– Headquarters.

– Postal address: 1530 Budapest, PO Box 5.

– Phone: +36 (1) 391-1400

– Fax: +36 (1) 391-1410

– E-mail:


At your request, we will provide you with information about the personal data that we process and the personal data that we – or our data processors – process about you.

– data processed by us or by one of our processors or by a processor acting on our behalf,

– the source of such data,

– the purposes and legal basis of the processing,

– the purposes for which, the purposes for which, the purposes for which, the purposes for which, the purposes for which, and the duration of the processing,

– the names and addresses of our processors and their activities in relation to the processing,

– the circumstances and effects of a personal data breach and the measures we have taken to prevent and respond to it; and

– where your personal data is transferred, the legal basis and recipient of the transfer.

We will provide you with information within 15 days (but not more than 1 month) of your request. The information will be provided free of charge unless you have already submitted a request for information in the current year for the same set of data. We will reimburse you for any charges you have already paid if we have processed the data unlawfully or if the request for information has led to a correction. We may only refuse to provide information in cases provided for by law, by indicating the legal position and by informing you of the possibility of judicial remedy or recourse to the Authority.

Our Company will notify you and all those to whom it has previously disclosed the data for processing purposes of the rectification, blocking, marking and erasure of personal data, unless the non-notification is not in your legitimate interest.

If we do not comply with your request for rectification, blocking or erasure, we will, within 15 days of receipt of the request (but not later than 1 month), inform you in writing or, with your consent, by electronic means, of the reasons for our refusal and inform you of the possibility of judicial remedy and of recourse to the Authority.

If you object to the processing of your personal data, we will consider your objection within 15 days (but not more than 1 month) of your request and inform you in writing of our decision. If we have decided that your objection is justified, we will stop the processing, including further collection and transfer, and block the data, and notify the objection and any action taken in response to it to all those to whom we have previously disclosed the personal data to which the objection relates and who are under a duty to act in order to exercise the right to object.


We will refuse to comply with a request if we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. If you do not agree with our decision or if we fail to comply with the time limit, you have 30 days from the date of notification of the decision or the last day of the time limit to take legal action.

Data protection litigation is subject to the jurisdiction of the courts, which may, at the option of the data subject, be brought in the courts for the place where the data subject resides or is domiciled. A foreign national may also lodge a complaint with the supervisory authority of his/her place of residence.


Right to information

The Controller shall take appropriate measures to provide data subjects with all the information referred to in Articles 13 and 14 of the GDPR and each of the disclosures referred to in Articles 15 to 22 and 34 of the GDPR concerning the processing of personal data in a concise, transparent, intelligible and easily accessible form, in clear and plain language.

Right of access of the data subject

You have the right to obtain from the Controller feedback as to whether or not your personal data are being processed and, if processing is ongoing, the right to:

– to have access to the personal data being processed; and

– to be informed by the Controller of the following information:

– the purposes of the processing;

– the categories of personal data processed concerning you; and

– information about the recipients or categories of recipients to whom or with which the personal data have been or will be disclosed by the Controller;

– the envisaged period of storage of the personal data or, where this is not possible, the criteria for determining that period;

– your right to obtain from the Controller the rectification, erasure or restriction of the processing of personal data concerning you and, where the processing is based on legitimate interests, to object to the processing of such personal data;

– the right to lodge a complaint with a supervisory authority;

– if the data have not been collected from you, any available information about their source;

– the fact of automated decision-making (where such a process is used), including profiling, and, at least in these cases, clear information on the logic used and the significance and likely consequences for you of such processing.

The purpose of the exercise of this right may be to ascertain and verify the lawfulness of the processing, and the Data Controller may charge a reasonable fee for providing the information in exchange for repeated requests for information.


Access to personal data is provided by the Data Controller by sending you the personal data and information processed by email after you have identified yourself. If you are registered, we will provide access so that you can view and verify the personal data we process about you by logging into your account.

Please indicate in your request whether you are requesting access to personal data or information about data processing.

Right to rectification

You have the right to have inaccurate personal data relating to you corrected by the Data Controller without delay upon your request.

Right to erasure

The data subject shall have the right to obtain from the controller, upon his or her request, the erasure of personal data relating to him or her without undue delay where one of the following grounds applies:

– the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;

– the data subject withdraws the consent on the basis of which the processing was carried out and there is no other legal basis for the processing;

– the data subject objects to the processing and there is no overriding legitimate ground for the processing;

– the personal data have been unlawfully processed;

– the personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject;

– the personal data have been collected in connection with the provision of information society services.

The erasure of the data may not be initiated if the processing is necessary: for the exercise of the right to freedom of expression and information; for compliance with an obligation under Union or Member State law to process personal data or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; for public health purposes or for archiving, scientific or historical research purposes or statistical purposes in the public interest; or for the establishment, exercise or defence of legal claims.

Right to restriction of processing

At the request of the data subject, the Controller shall restrict processing if one of the following conditions is met:

– the data subject contests the accuracy of the personal data, in which case the restriction shall be limited to the period during which

– If the data subject contests the accuracy of the personal data, the period of time shall be limited to the period which allows the accuracy of the personal data to be verified;

– the processing is unlawful and the data subject opposes the erasure of the data and requests instead the restriction of their use;

– the controller no longer needs the personal data for the purposes of processing, but the data subject requires them for the establishment, exercise or defence of legal claims; or

– the data subject has objected to the processing; in this case, the restriction shall apply for a period of time until it is established whether the legitimate grounds of the controller override the legitimate grounds of the data subject.

Where processing is subject to restriction, personal data other than storage may be processed only with the consent of the data subject or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for important public interests of the Union or of a Member State.

Right to data portability

Where the processing is carried out by automated means or where the processing is based on your voluntary consent, you have the right to request the Controller to receive the data that you have provided to the Controller, which the Controller will make available to you in xml, JSON or csv format, and, if technically feasible, to request that the Controller transfer the data in this format to another controller.

Right to object

The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to processing of his or her personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, or necessary for the purposes of the legitimate interests pursued by the controller or by a third party, including profiling based on those provisions. In the event of an objection, the controller may no longer process the personal data, unless there are compelling legitimate grounds for doing so which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.


Automated decision-making on individual cases, including profiling

The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

Other provisions

Information on processing not listed in this notice will be provided at the time of collection.

We inform our customers that the court, the prosecutor, the investigating authority, the law enforcement authority, the administrative authority, the National Authority for Data Protection and Freedom of Information, the Hungarian National Bank or other bodies authorised by law may contact the data controller to provide information, to communicate or transfer data or to make documents available.

The Data Controller shall disclose to the authorities – if the authorities have indicated the precise purpose and scope of the data – personal data only to the extent and to the extent that is strictly necessary for the purpose of the request.

This document contains all relevant information on data processing in relation to the operation of the webshop in accordance with the General Data Protection Regulation of the European Union 2016/679 (hereinafter referred to as the Regulation. GDPR) and the Act CXII of 2011 (hereinafter referred to as the Infotv.).