5904 Orosháza-Gyopárosfürdő, Hűvös u. 2-4.

 Napsugár Hotel Privacy Policy and Data Management Regulations

Details of the Data Controller

Napsugár Hotel Ltd.

Registered office: 5904 Orosháza, Hűvös Street 2–4, Hungary
Company registration number: Cg. 04-09-015513
Tax number: 28821386-2-04
Phone: +36 (68) 412-422
Email: info@napsugarhoteloroshaza.hu

Represented by: Mrs. Lászlóné Molnár, Managing Director
(hereinafter: “Data Controller”)

The Data Controller, as the operator of Napsugár Hotel (hereinafter: “Hotel”), hereby informs its clients, guests, and website visitors (hereinafter collectively: “data subjects” or “users”) that it respects their personal rights and processes personal data in accordance with this Privacy Policy (hereinafter: “Policy”).

The Data Controller reserves the right to amend this Policy in order to comply with changes in legislation or internal regulations. The current version is always available at:
www.napsugarhoteloroshaza.hu and at the Hotel reception in printed form.

I. PURPOSE OF THE POLICY

The purpose of this Policy is to define and ensure the principles governing the processing of personal data of individuals connected to the Hotel, in order to protect their privacy in accordance with applicable laws.

The Hotel complies with applicable legislation, including but not limited to:

  • Act CXII of 2011 (Freedom of Information Act)
  • Act CVIII of 2001 (Electronic Commerce Act)
  • Act XLVII of 2008 (Unfair Commercial Practices)
  • Act XLVIII of 2008 (Advertising Act)

The Data Controller is committed to protecting personal data and respecting the informational self-determination rights of data subjects.

II. SCOPE OF THE POLICY

  • Temporal scope: Effective from August 1, 2019 until revoked
  • Personal scope: Applies to the Hotel and all individuals whose data is processed
  • Material scope: Covers all data processing activities within the Hotel

III. DEFINITIONS (excerpt)

  • Data subject / Guest: Identifiable natural person
  • Personal data: Any information relating to an identifiable person
  • Processing: Any operation performed on data (collection, storage, use, etc.)
  • Data Controller: Napsugár Hotel Ltd.
  • Consent: Freely given, informed, explicit permission

IV. PRINCIPLES OF DATA PROCESSING

  • Data must be processed lawfully, fairly, and transparently
  • Only necessary data is processed (data minimization)
  • Data is processed for specific purposes
  • Data must be accurate and up to date
  • Data is stored only as long as necessary
  • Processing is based on voluntary consent

V. STATEMENTS OF THE DATA CONTROLLER (summary)

The Data Controller:

  • processes data in compliance with Hungarian law
  • ensures data confidentiality and security
  • restricts access to authorized employees only
  • protects data against unauthorized access, loss, or damage
  • does not verify accuracy of provided data
  • transfers data only with consent or legal obligation
  • operates only within Hungary
  • does not transfer data outside the EU
  • keeps records of data protection incidents

VI. DATA PROCESSING ACTIVITIES (summary)

A. Hotel Services

Data processing is based on consent and necessary for service provision.

VIZA system (mandatory):
Includes:

  • name, birth data, nationality
  • ID document details

Legal basis: legal obligation
Without data → service cannot be provided

B. Request for Quotation

Collected data may include:

  • name, email, phone
  • arrival/departure
  • number of guests
  • preferences

Purpose: providing offers and communication

C. Check-in Form

Mandatory data:

  • name, address
  • ID number
  • dates of stay

Purpose:

  • legal compliance
  • guest identification

D. Newsletter

  • voluntary subscription
  • data: name, email
  • purpose: marketing communication
  • unsubscribe anytime

E. CCTV System

Purpose: security (person and property protection)

  • data: recorded images
  • retention: max. 3 working days
  • legal basis: legitimate interest / consent

No cameras in sensitive areas (e.g. bathrooms)

F. Website & Cookies

The website uses cookies for:

  • operation
  • analytics
  • advertising (Google Ads, Facebook)

Cookies do not identify users personally.

VII. DATA STORAGE AND SECURITY

The Data Controller ensures:

  • secure IT environment
  • restricted access
  • backups
  • correction or deletion upon request

Data is processed:

  • until consent is withdrawn
  • or legal retention period expires

VIII. LEGAL REMEDIES

Data subjects may:

  • request information
  • request correction or deletion
  • object to processing

Authority:
Hungarian National Authority for Data Protection (NAIH)
www.naih.hu

IX. FINAL PROVISIONS

Effective date: August 1, 2019
Orosháza

Mrs. Lászlóné Molnár
Managing Director