Privacy Policy

Privacy Policy

1. Data Controller

Lemúria Kft., represented by Ildikó Kis (hereinafter referred to as: Data Controller/Representative), outlines below its data protection principles and expectations it has set for itself as a data controller. These principles are fully aligned with the applicable data protection laws, in particular:

  • Act CXII of 2011 on Informational Self-Determination and Freedom of Information (Info Act)

  • Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Information Society Services (esp. Section 13/A)

  • Act XLVII of 2008 on the Prohibition of Unfair Commercial Practices against Consumers

  • Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities (esp. Section 6)

  • Act XC of 2005 on the Freedom of Electronic Information

  • Act C of 2003 on Electronic Communications (esp. Section 155)

  • Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR)

 

2. Definitions

This Policy uses the definitions of the Info Act. Accordingly:

  • Data Subject: Any natural person who is identified or can be identified, directly or indirectly, by personal data. For advertisements, this refers to the person posting the ad. In real estate transactions, it refers to the individuals involved or those whose rights or legitimate interests are affected.

  • Personal Data: Any data that can be associated with a data subject—especially their name, ID, physical, physiological, mental, economic, cultural, or social identity—and any conclusions drawn from such data.

  • Consent: A voluntary, explicit declaration of the data subject’s will, based on adequate information, indicating clear agreement to the processing of their personal data for full or partial operations.

  • Objection: A declaration by the data subject objecting to the processing of their data and requesting termination or deletion.

  • Data Controller: The person or entity who determines the purpose and means of data processing, makes and enforces decisions regarding processing (including the tools used), or has them executed by a data processor.

  • Data Processing: Any operation performed on data, regardless of method, including collection, recording, organization, storage, modification, use, retrieval, transmission, disclosure, coordination, deletion, destruction, or restriction.

  • Data Processor: A person or entity processing data on behalf of the controller under contract or law.

  • Data Transfer: Making data available to a specific third party.

  • Public Disclosure: Making data accessible to anyone, e.g., via the internet.

  • Data Deletion: Making data unrecognizable so that it can no longer be restored.

  • Data Marking: Labeling data with an identifier to distinguish it.

  • Data Blocking: Temporarily or permanently restricting further processing with an identifier.

  • Data Set: All data processed in a single record.

  • Third Party: Any person or entity other than the data subject, controller, or processor.

  • Data Breach: Unauthorized processing of personal data including unauthorized access, alteration, transfer, public disclosure, deletion, destruction, or accidental damage.

 

3. Purpose, Legal Basis, and Duration of Data Processing

3.1. Data is collected and processed by the Controller either based on law or the voluntary consent of the user. Following contact and contract conclusion, the processing may be based on legal obligations (e.g., Act LIII of 2017 on Money Laundering Prevention, tax/accounting laws: Act CXVII of 1995, Act C of 2000, Act XCII of 2003), or a contract between the parties.

Unless otherwise provided, the data processing is based on the user’s voluntary consent.

Beyond this, personal data may also be processed—without additional consent—if required by law or necessary to protect the legitimate interests of the controller or a third party, provided that such interest outweighs the right to data protection.

Consent is given by using the service (e.g., opening the website, registration, submitting a comment, sending an order).

 

3.2. Scope of Data Subjects: All individuals using the services provided on the website.

 

3.3. Duration of Data Processing: Until the user requests deletion, except for accounting records, which must be kept for 8 years under Section 169 (2) of Act C of 2000.

 

3.4. Authorized Data Handlers: The controller’s sales and marketing staff, in compliance with the above principles.

 

4. Rights of the Data Subject

You are entitled to the following rights concerning the processing of your personal data:

 

4.1. Access: You can request confirmation as to whether your data is being processed. If so, you may request details such as:
(i) purpose,
(ii) categories of data,
(iii) recipients,
(iv) storage duration,
(v) your rights,
(vi) right to lodge a complaint with the Data Protection Authority.

 

4.2. Rectification: You may request the correction or completion of inaccurate or incomplete personal data.

 

4.3. Erasure: You may request deletion of your data unless:
a) freedom of expression or public interest requires otherwise,
b) legal obligation requires retention,
c) public health or archival, scientific, statistical, or legal claims justify retention.

 

4.4. Restriction: You may request restricted processing if:
a) you dispute accuracy,
b) processing is unlawful but you oppose deletion,
c) data is no longer needed by the controller but you need it for legal claims,
d) you object to processing. You will be informed before any restriction is lifted.

 

4.5. Objection: You may object to processing based on legitimate interest. In such cases, processing shall cease unless compelling legitimate grounds override your interests or the data is required for legal claims.

 

4.6. Portability: You may request your data in a structured, commonly used, machine-readable format, and request its transfer to another controller (if based on consent or contract and automated means).

 

4.7. Withdrawal of Consent: You may withdraw your consent at any time as easily as it was given. Withdrawal does not affect prior lawful processing.

 

5. Remedies

If you believe your data has been misused, please contact the Data Controller directly.
In case of violation of your rights, you may file a complaint with:

 

Hungarian National Authority for Data Protection and Freedom of Information
Phone: +36 1 391 1400
Email: [email protected]
Address: 1363 Budapest, Pf. 9.
Or initiate legal proceedings in court.

 

6. Cookies

Our website uses cookies to enhance user experience, perform analytics, and support marketing activities. Cookies are small data files stored by your browser when you visit a website.

Some cookies are essential for functionality (e.g., session handling), others help us understand visitor behavior (analytics), or allow personalized ads.

 

Types of Cookies:

  • Session cookies – deleted when browser is closed.

  • Persistent cookies – stored longer or until manually deleted.

  • Third-party cookies – e.g., Google Analytics, Facebook Pixel.

 

Cookie Management:
Most browsers accept cookies by default, but you can disable or delete them anytime. Blocking certain cookies may limit site functionality.

Learn more about cookie settings for popular browsers:

Your Cookie Rights:
You may change cookie settings or request deletion of existing cookies on your device. For more, see our Cookie Policy (if available).

 

Website Operator:

Lemúria Kft.
Address: 1066 Budapest, Dessewffy utca 8–10., 2nd floor, Door 18
Phone: +36 70 561 2555
Email: [email protected]

 

ADDRESS
1066 Budapest
Dessewffy utca 8-10.
2. Emelet 18. Ajtó

OPENING HOURS
Tue-Sun 12:00-22:00

BOOKING
Make a booking
PHONE
+36 70 561 2555

LINKS
Terms and Conditions
GDPR
Etiquette
Careers

Facebook Instagram Tiktok Envelope