Privacy Policy
Pizza-Workshop (https://www.pizza-workshop.com)
for visitors and registered users of the website
Introduction
In operating the website, the service provider / data controller processes the personal data of registered users in order to provide them with appropriate services.
The service provider intends to fully comply with the legal requirements regarding the processing of personal data, in particular with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council.
This Privacy Policy has been prepared on the basis of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, taking into account the content of Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information.
Name of the service provider / data controller:
| Name / company name: |
Dr. Mikóné Dr. Mádi Laura Johanna
Pizza-Workshop |
| Registered address: |
3711, Szirmabesenyő, Állomás utca 86. |
| Tax number: |
90743416-1-25 |
| Registration number (NAIH): |
60074326 |
| Website name and address: |
Pizza-workshop |
| Privacy Policy URL: |
www.pizza-workshop.com |
Contact details of the data controller:
| Name / company name: |
Dr. Mikóné Dr. Mádi Laura Johanna
Pizza-Workshop |
| Registered address: |
3711, Szirmabesenyő, Állomás utca 86. |
| Mailing address: |
3711, Szirmabesenyő, Állomás utca 86. |
| E-mail: |
info@pizza-workshop.com |
| Phone: |
06704263828 |
Definitions
- GDPR (General Data Protection Regulation) is the European Union’s new Data Protection Regulation;
- processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
- processor: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
- personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
- controller: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
- consent of the data subject: any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
- personal data breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
- recipient: a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. Public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
- third party: a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
Data processing principles
The data controller declares that it processes personal data in accordance with this Privacy Policy and complies with the applicable legal requirements, with particular attention to the following:
Personal data must be processed lawfully, fairly and in a transparent manner in relation to the data subject.
Personal data may only be collected for specified, explicit and legitimate purposes.
The purposes of processing personal data must be adequate, relevant and limited to what is necessary.
Personal data must be accurate and kept up to date. Inaccurate personal data must be erased without delay.
Personal data must be stored in a form which permits identification of data subjects for no longer than is necessary. Personal data may be stored for longer periods insofar as the data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.
Personal data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
The principles of data protection apply to any information concerning an identified or identifiable natural person.
Key data processing information
The purpose of data processing is to enable the service provider / data controller to provide appropriate additional services to registered users of the website.
The legal basis for data processing is the consent of the data subject.
The scope of data processing covers the registered users of the website.
Duration of data processing and data deletion. The duration of data processing always depends on the specific user purpose, but data must be deleted without delay once the originally stated purpose has been achieved. The data subject may withdraw their consent to data processing at any time by sending an email to the contact address provided. If there are no legal obstacles to deletion, the data will be erased.
The persons authorised to access the data are the data controller and its employees.
The data subject may request from the data controller access to and rectification or erasure of personal data or restriction of processing, and may object to the processing of such personal data, as well as the right to data portability.
The data subject may withdraw consent to data processing at any time, but this does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.
The data subject has the right to lodge a complaint with a supervisory authority.
If the data subject wishes to take advantage of the benefits offered by registration, i.e. to use the relevant services of the website, it is necessary to provide the requested personal data. The data subject is not obliged to provide personal data, and failure to do so will not result in any adverse consequences. However, certain functions of the website cannot be used without registration.
The data subject has the right to obtain from the data controller without undue delay the rectification or completion of inaccurate personal data concerning him or her.
The data subject has the right to obtain from the data controller without undue delay the erasure of inaccurate personal data concerning him or her, and the data controller is obliged to erase personal data concerning the data subject without undue delay if there is no other legal basis for processing.
Modification or deletion of personal data may be requested by email, phone or letter using the contact details provided above.
Registration on the website
The purpose of data processing is to provide additional services and to establish contact.
The legal basis for processing registration data is your consent.
The scope of data processing covers the registered users of the website.
Duration of data processing. Processing continues until consent is withdrawn. You may withdraw your consent to data processing at any time by sending an email to the contact address provided.
Data will be deleted upon withdrawal of consent to data processing. You may withdraw your consent to data processing at any time by sending an email to the contact address provided.
The persons authorised to access the data are the data controller and its employees.
Method of data storage: electronic.
Modification or deletion of personal data may be requested by email, phone or letter using the contact details provided above.
The provision of personal data is strictly necessary for identification in the databases and for maintaining contact. The exact company name and address are required for invoicing, which is a legal obligation.
| Categories of data processed |
Specific purpose of data processing |
| Name |
Identification, contact, invoicing. |
| Company name |
Identification, contact, invoicing. |
| Address |
Identification, contact, invoicing. |
| E-mail |
Identification, contact. |
| Phone |
Identification, contact. |
| Date of registration |
Technical information operation. |
| IP address |
Technical information operation. |
The user may give their consent to data processing by deliberately ticking the empty checkbox provided for this purpose on the website.
You, as the data subject, may object to the processing of your personal data, and in this regard you are entitled to the procedure set out in the data processing information detailed above, this notice, and the legislation described herein.
Placing an order
The purpose of data processing is to provide additional services, to establish contact, and to send a confirmation email. We can only fulfil your order if you provide your contact and billing details, which are strictly necessary for communication and invoicing.
The legal basis for data processing is your consent. In the case of invoicing, data processing is based on a legal requirement.
The scope of data processing covers the registered users of the website.
Duration of data processing. Processing is carried out pursuant to legal requirements or until consent is withdrawn. You may withdraw your consent to data processing at any time by sending an email to the contact address provided.
Data will be deleted upon withdrawal of consent to data processing. You may withdraw your consent to data processing at any time by sending an email to the contact address provided. Billing data may only be deleted in accordance with legal requirements.
The persons authorised to access the data are the data controller and its employees.
Method of data storage: electronic.
Modification or deletion of personal data may be requested by email, phone or letter using the contact details provided above.
| Categories of data processed |
Specific purpose of data processing |
| Name |
Identification, contact, invoicing. |
| Company name |
Identification, contact, invoicing. |
| Address |
Identification, contact, invoicing. |
| E-mail |
Identification, contact. |
| Phone |
Identification, contact. |
| Ordered product details |
Product identification. |
| Date of registration |
Technical information operation. |
| IP address |
Technical information operation. |
The user may give their consent to data processing by deliberately ticking the empty checkbox provided for this purpose on the website.
The data subject may object to the processing of their personal data, and in this regard they are entitled to the procedure set out in the data processing information detailed above, this notice, and the legislation described herein.
Issuing invoices
The purpose of data processing is to issue and send electronic invoices as email attachments.
The legal basis for data processing is mandatory processing required by law.
The scope of data processing covers the service provider’s customer partners.
Duration of data processing. Processing is carried out pursuant to legal requirements or until consent is withdrawn. You may withdraw your consent to data processing at any time by sending an email to the contact address provided.
Data will be deleted upon withdrawal of consent to data processing. You may withdraw your consent to data processing at any time by sending an email to the contact address provided. Billing data may only be deleted in accordance with legal requirements.
The persons authorised to access the data are the data controller and its employees.
Method of data storage: electronic.
Modification or deletion of invoice data may be requested by email, phone or letter using the contact details provided above.
| Categories of data processed |
Specific purpose of data processing |
| Name |
Identification, contact, invoicing. |
| Company name |
Identification, contact, invoicing. |
| Address |
Identification, contact, invoicing. |
| E-mail |
Identification, contact. |
| Phone |
Identification, contact. |
| Tax number / tax ID |
Customer identification. |
| Invoice data |
Invoice identification. |
| Date of invoice issuance |
Technical information operation. |
The user may give their consent to data processing by deliberately ticking the empty checkbox provided for this purpose on the website.
The data subject may object to the processing of their personal data, and in this regard they are entitled to the procedure set out in the data processing information detailed above, this notice, and the legislation described herein.
Newsletter
As the operator of this website, we declare that we fully comply with the applicable legal provisions when publishing information and descriptions. We further declare that when subscribing to a newsletter, we are unable to verify the authenticity of the contact details provided or to determine whether the data relates to a private individual or a business. Businesses that contact us are treated as customer partners.
The purpose of data processing is to send professional information, electronic messages containing advertising, information, and newsletters, from which you may unsubscribe at any time without consequence. You may also unsubscribe without consequence if your business has ceased to exist in the meantime, if you have left the business, or if someone provided us with your contact details.
The legal basis for data processing is your consent. We inform you that users may expressly and in advance consent to the service provider contacting them with advertising offers, information and other communications at the email address provided during registration. Consequently, the user may consent to the service provider processing the necessary personal data for this purpose.
Please note that if you wish to receive our newsletter, you are required to provide the necessary data. If you do not provide the data, we will be unable to send you a newsletter.
Duration of data processing. Processing continues until consent is withdrawn. You may withdraw your consent to data processing at any time by sending an email to the contact address provided.
Data will be deleted upon withdrawal of consent to data processing. You may withdraw your consent to data processing at any time by sending an email to the contact address provided.
Consent may also be withdrawn via the link provided in the newsletters sent to you.
The persons authorised to access the data are the data controller and its employees.
Method of data storage: electronic.
Modification or deletion of data may be requested by email, phone or letter using the contact details provided above.
| Registration number of the data controller: |
NAIH-……………… |
| Categories of data processed |
Specific purpose of data processing |
| Name |
Identification, contact. |
| E-mail |
Identification, contact. |
| Date of subscription |
Technical information operation. |
| IP address |
Technical information operation. |
Please note that neither the username nor the email address needs to contain any data referring to your identity. For example, it is not necessary for your username or email address to include your name. You are entirely free to decide whether to provide a username or email address that contains information identifying you. The email address — which serves as the means of contact — is strictly necessary for newsletters or professional information sent to you to reach their destination.
Cookies
Cookies are placed on the user’s computer by visited websites and contain information such as page settings or login status.
Cookies are therefore small files created by visited websites. They improve the user experience by saving browsing data. Cookies allow the website to remember site settings and offer locally relevant content.
The service provider’s website sends a small file (cookie) to the computers of website visitors in order to record the fact and time of the visit. The service provider informs website visitors of this.
The scope of data processing covers the visitors of the website.
The purpose of data processing is to provide additional services, identification, and visitor tracking.
Legal basis for data processing. The user’s consent is not required where the service provider strictly needs to use cookies.
Categories of data: unique identifier, timestamp, settings data.
The user has the option to individually enable or disable cookies in the cookie settings menu, change their settings at any time, and delete cookie files from their device at any time.
Data controllers authorised to access the data. The data controller does not process personal data through the use of cookies.
Method of data storage: electronic.
Social media
A social media platform is a media tool through which messages are distributed via community users. Social media uses the internet and online publishing opportunities to enable users to become content editors rather than just content consumers.
Social media is an interface of internet applications containing user-generated content, such as Facebook, Google+, Twitter, etc.
Forms of social media presence can include public speeches, presentations, demonstrations, and descriptions of products or services.
Information on social media can take the form of forums, blog posts, images, videos and audio materials, message boards, email messages, etc.
Accordingly, the categories of data processed may include, in addition to personal data, the user’s public profile picture.
Scope of data subjects: all registered users.
Purpose of data collection: to promote the website or an associated web page.
Legal basis for data processing: the voluntary consent of the data subject.
Duration of data processing: as per the rules applicable on the given social media platform.
Data deletion deadline: as per the rules applicable on the given social media platform.
Persons authorised to access the data: as per the rules applicable on the given social media platform.
Rights relating to data processing: as per the rules applicable on the given social media platform.
Method of data storage: electronic.
It is important to note that when a user uploads or submits personal data, they grant the operator of the social media platform a worldwide licence to store and use such content. It is therefore very important to ensure that the user has full rights to publish the information they post.
Google Analytics
Our website x uses □ does not use Google Analytics
If Google Analytics is used:
Google Analytics compiles reports for its clients on the browsing habits of website users based on internal cookies.
On behalf of the website operator, Google uses the information to evaluate how users use the website. As an additional service, it prepares reports related to website activity for the website operator so that the operator can provide further services.
Data is stored on Google’s servers in an encoded format to make misuse of the data more difficult and to prevent it.
Google Analytics can be disabled as follows. Quote from the website:
Users who don’t want their data to be used by Google Analytics can install the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics. The browser add-on is available for most modern browsers. The Google Analytics opt-out browser add-on does not prevent data from being sent to the website itself or to other web analytics services.
https://support.google.com/analytics/answer/6004245?hl=en
Google’s privacy policy:
https://policies.google.com/privacy?hl=en
Detailed information on the use and protection of data is available at the links above.
Detailed privacy information:
https://static.googleusercontent.com/media/www.google.com/en//intl/hu/policies/privacy/google_privacy_policy_hu.pdf
Data processors
Hosting provider:
| Name / company name: |
Directinfo Kft. |
| Registered address: |
1147 Budapest, Gyarmat utca 99b |
| Phone: |
+36-061-273-16-16 |
| E-mail: |
iroda@directinfo.hu |
The data you provide is stored on a server operated by the hosting provider. Only our staff and the staff operating the server have access to the data, and all of them are responsible for the secure handling of the data.
Description of activity: hosting service, server service.
Purpose of data processing: to ensure the operation of the website.
Data processed: personal data provided by the data subject.
Duration of data processing and data deletion deadline. Data processing continues until the end of the website’s operation, or in accordance with the contractual agreement between the website operator and the hosting provider. The data subject may also request deletion of their data by contacting the hosting provider if necessary.
The legal basis for data processing is the consent of the data subject and processing based on legal requirements.
Rights relating to data processing
Right to request information
You may contact us through the details provided to request information about what data we hold about you, on what legal basis, for what purpose, from what source, and for how long. We will respond to your request without undue delay, and at most within 30 days, to the email address you have provided.
Right to rectification
You may contact us through the details provided to request that we modify any of your data. We will act on your request without undue delay, and at most within 30 days, and will send confirmation to the email address you have provided.
Right to erasure
You may contact us through the details provided to request the deletion of your data. We will action your request without undue delay, and at most within 30 days, and will send confirmation to the email address you have provided.
Right to restriction
You may contact us through the details provided to request the restriction of your data. The restriction will remain in place for as long as the reason you have indicated makes storage of the data necessary. We will action your request without undue delay, and at most within 30 days, and will send confirmation to the email address you have provided.
Right to object
You may contact us through the details provided to object to data processing. We will examine the objection within the shortest possible time from the date of submission, and at most within 15 days, make a decision on its merits, and inform you of the decision by email.
Legal remedies relating to data processing
If you experience unlawful data processing, please notify our company so that the lawful situation can be restored in a short time.
We will do everything in our power to resolve the problem described.
If in your opinion the lawful situation cannot be restored, please notify the authority at the following contact details:
National Authority for Data Protection and Freedom of Information
Postal address: 1530 Budapest, P.O. Box 5.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
E-mail: ugyfelszolgalat (at) naih.hu
URL: https://naih.hu
Coordinates: N 47°30’56”; E 18°59’57”
Legal basis for data processing
- REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (of 27 April 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
- Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information.
- Act LXVI of 1995 on Public Records, Public Archives, and the Protection of Private Archival Material.
- Government Decree No. 335/2005 (XII. 29.) on the general requirements for records management of bodies performing public duties.
- Act CVIII of 2001 on certain issues of electronic commerce services and information society services.
- Act C of 2003 on Electronic Communications.
Date of entry into force: 4 February 2026.
