Privacy and Cookie Policy

Who we are

Our website address is: https://wentonatrip.com.

PURPOSE OF THE PRIVACY POLICY

We are committed to protecting the personal data of our website visitors, customers, partners, and all affected individuals, and we consider respecting their rights to informational self-determination to be of paramount importance.
We treat personal data confidentially and take all security, technical, and organizational measures that guarantee the security of personal data.
If you have questions that are not clear based on this privacy policy, please contact us using our contact information above! We strive to answer your questions as quickly as possible, but if answering your question takes more time, we commit to responding within 30 days at the latest.

You can request information about the processing of your personal data at any time in writing (by email or letter sent to our postal address) or verbally (by telephone). We would like to draw your attention to the fact that in case of telephone inquiries — if your data processing request requires it (e.g., you request deletion of your data) — we must identify you to determine if you are authorized to make the request before we fulfill it. If identification is not possible, we can only provide general information about data processing. For this reason, we recommend that you communicate your question or request in writing if possible.

SCOPE OF THE POLICY

TEMPORAL SCOPE

This Policy is effective from December 31, 2024, until further notice or withdrawal.

PERSONAL SCOPE

This Policy extends to:
The Data Controller, and
Those individuals whose data is contained in the data processing covered by this Policy, and
Those individuals whose rights or legitimate interests are affected by the data processing.

The Data Controller primarily processes the data of natural persons who have contacted the Data Controller through available channels or methods — for example, electronically, by sending their data to any of the Data Controller’s email addresses, through social media, by telephone, or in person — for the purpose of establishing contact,
Those who have used or requested the Data Controller’s services and provided their data during this process; or those who have contacted the Data Controller for reasons or purposes other than establishing contact.
The Data Controller reserves the right to unilaterally modify this policy at any time. The Data Controller will notify the affected individuals of any modifications at least 15 days before they take effect. Modifications to the policy take effect upon publication on the Data Controller’s website.

DATA CONTROLLER INFORMATION

The operator of the website and the controller of personal data provided on the website (hereinafter: Data Controller): Szűcs Ákos
Headquarters: 3200 Gyöngyös, Ringsted utca 7.
Email address: hello [at] wentonatrip.com
Phone number: +3630three85333one
Website: wentonatrip.com

DATA PROTECTION OFFICER

The Data Controller does not conduct activities that would necessitate the appointment of a data protection officer.

SCOPE OF PROCESSED PERSONAL DATA

The Data Controller selects and operates the IT tools used for personal data processing during service provision in such a way that the processed data:
is accessible to those authorized (availability);
its authenticity and authentication are ensured (authenticity of data processing);
its integrity can be verified (data integrity);
is protected against unauthorized access (data confidentiality).

The Data Controller protects the data with appropriate measures against unauthorized access, alteration, transmission, public disclosure, deletion or destruction, as well as accidental destruction.
The Data Controller ensures the protection of data processing security through technical, organizational, and structural measures that provide an appropriate level of protection for the risks associated with data processing.

During data processing, the Data Controller maintains confidentiality: protecting information so that only those authorized can access it; integrity: protecting the accuracy and completeness of information and processing methods; availability: ensuring that when an authorized user needs it, they can actually access the desired information, and that the related tools are available.

TECHNICAL DATA

THE PURPOSE OF COOKIES

Cookies collect information about visitors and their devices; remember visitors’ individual settings, which may be used during online transactions, eliminating the need to re-enter them; make website use easier; provide quality user experience, and participate in collecting some visitor statistical information.
To provide personalized service, a small data package, a cookie, is placed on the user’s computer and read during subsequent visits. If the browser returns a previously saved cookie, the cookie service provider has the opportunity to link the user’s current visit with previous ones, but only with respect to its own content.
Some cookies do not contain personal information suitable for identifying individual users; some contain a secret, randomly generated number that is stored on the user’s device and ensures the user’s identifiability.

STRICTLY NECESSARY, SESSION COOKIES

The purpose of these cookies is to enable visitors to browse the arinabeaute.hu website completely and smoothly, use its functions, and the services available there. This type of cookie is valid until the end of the session (browsing); when the browser is closed, this type of cookie is automatically deleted from the computer or other device used for browsing.

THIRD-PARTY COOKIES (ANALYTICS)

The wentonatrip.com website and its subdomains also use Google Analytics cookies as a third party. By using Google Analytics statistical service, the arinabeaute.hu website and its subdomains collect information about how visitors use the websites. The data is used for the purpose of website development and improving user experience. These cookies also remain on the visitor’s computer or browsing device, in their browser until they expire or until the visitor deletes them.

LEGAL BASIS FOR COOKIE MANAGEMENT

The legal basis for cookie management is the consent of the website visitor, based on Article 6(1)(a) of the relevant Regulation.
If you do not accept the use of cookies, certain functions will not be available to you. For more information about deleting cookies, you can find it at the following links:

Internet Explorer: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11
Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
Mozilla: https://support.mozilla.org/hu/kb/weboldalak-altal-elhelyezett-sutik-torlese-szamito
Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
Chrome: https://support.google.com/chrome/answer/95647
Edge: https://support.microsoft.com/hu-hu/help/4027947/microsoft-edge-delete-cookies

LIST OF COOKIES ON THE DATA CONTROLLER’S WEBSITES

 

Types of Cookies we use

 

Manage cookie preferences

Cookie Settings
 

GENERAL DATA MANAGEMENT PRINCIPLES, NAME OF DATA MANAGEMENT, USE, LEGAL BASIS AND RETENTION PERIOD

The data controller’s data processing activities are based on voluntary consent or statutory authorization. In cases of data processing based on voluntary consent, Data Subjects may withdraw their consent at any stage of data processing.
In the absence of required data, the Data Controller cannot provide the service requested by the Data Subject.
We draw the attention of those providing data to the Data Controller that if they do not provide their own personal data, it is the data provider’s responsibility to obtain the consent of the data subject.

The principles of data management are in accordance with current legislation related to data protection, in particular:
• Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information (Infotv.);
• Regulation (EU) 2016/679 of the European Parliament and of the Council (27 April 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR);
• Act V of 2013 on the Civil Code (Ptk.);
• Act C of 2000 on Accounting (Számv. tv.);
• Act LIII of 2017 on the Prevention and Combating of Money Laundering and Terrorist Financing (Pmt.);
• Act CCXXXVII of 2013 on Credit Institutions and Financial Enterprises (Hpt.).

DATA RELATED TO ONLINE ORDERS

No such option is available on the site.

DATA RELATED TO ONLINE ADMINISTRATION

Personal data requested or voluntarily provided during contact:
• Name
• Email address

Purpose of data processing, planned use of processed data: Communication related to appointment booking and booked services or feedback.
Legal basis for data processing: Necessary for the provision of the service (contract performance) (GDPR Article 6(1)(b))
Retention period: Until the data subject’s request for data deletion, or for 5 years from the last login (until the limitation period according to the Civil Code)

DATA RELATED TO TELEPHONE ADMINISTRATION

No such option is available on the site.

DATA RELATED TO NEWSLETTERS

Personal data processed during the newsletter service:
• Name
• Email address

Purpose of data processing, planned use of processed data: Sending promotional offers, information, advertisements (newsletter) electronically.
Legal basis for data processing: Consent of the data subject (GDPR Article 6(1)(a))
Retention period: Until the withdrawal of the data subject’s consent.

SENDING NEWSLETTERS AND PROMOTIONAL OFFERS

According to Article 6 of Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities, the Data Subject may give prior and express consent to the Data Controller to contact them with promotional offers and other mailings at the email address provided during newsletter subscription and to process their data for this purpose.
The Data Controller does not send unsolicited promotional messages, and the Data Subject may unsubscribe from offers and newsletters without restriction or justification, free of charge. In this case, the Data Controller will not contact the Data Subject with further promotional offers. The Data Subject can unsubscribe from advertisements by clicking on the link in the message or through the Data Controller’s contact details.

PERSONAL DATA PROVIDED DURING REGISTRATION

There is currently no registration option on the site.

PERSONAL DATA PROVIDED DURING PURCHASE

There is no webshop on the site.

DATA RELATED TO INVOICING

There is no webshop on the site.

HANDLING OF CONSUMER PROTECTION COMPLAINTS

If you submit a consumer protection complaint, data processing and data provision are essential for administration.
• Name
• Email address
• Phone number
• Complaint

Purpose of data processing, planned use of processed data: consumer protection complaint handling.
The legal basis for data processing is voluntary consent.
Retention period: current year + 5 years based on the Consumer Protection Act

PHYSICAL STORAGE LOCATIONS OF DATA

Your personal data (that is, data that can be linked to your person) may come under our management in the following ways:
on one hand, technical data related to the computer, browser program, internet address, and pages visited used by you are automatically generated in our computer system in connection with maintaining the internet connection, on the other hand, you may also provide your name, contact details, or other information if you wish to contact us when using the website. Data technically recorded during the operation of the system: data of the data subject’s login computer, which are recorded by the systems of the arinabeaute.hu domain and its subdomains as an automatic result of technical processes.

The automatically recorded data is automatically logged by the system when entering or exiting without a separate statement or action from the data subject.
This data cannot be linked to other personal user data – except in cases made mandatory by law. Only arinabeaute.hu domain and its subdomains have access to this data.

DATA TRANSFER, DATA PROCESSING, SCOPE OF DATA RECIPIENTS

As part of its business activities, the Data Controller uses the following data processors:
Hosting service: The IT background for the operation of our website is provided by our contractual service partner. Data managed on the website is stored within the European Union at our contracted partner.

Name: OVH
Headquarters: Becket House, 1 Lambeth Palace Road, London SE1 7EU
Registration number: 5519821
VAT number GB 918 7594 74.
Contact: https://www.ovhcloud.com/en-gb/contact/
Phone: +44333 370 0425
Website: www.ovhcloud.com/en-gb/
Data protection of OVH: https://www.ovhcloud.com/en-gb/personal-data-protection/

Google Analytics

We use Google Analytics to analyze, measure the traffic data and performance of our website. Information collected from the website is automatically transferred to Google, but it does not contain (and cannot contain!) personal data. The collected and transferred information is not suitable for identifying website visitors, only statistical data for distinguishing different sessions from each other. For more information about Google Analytics data processing, click here.

The purpose of data processing

To distinguish visitors to the website and their sessions from each other in order to measure the performance of the website and to create statistics on its use.

The scope of processed data

The Google Analytics service uses cookies to measure the performance of the website and to create statistics on its use, which contain information interpretable by the service (unique character strings consisting of letters, numbers, and other punctuation marks).
Duration of data processing

The validity of cookies used by the Google Analytics service can vary. There are cookies that expire when you close the page in your internet browser program, and there are some that have shorter validity (1 minute) or significantly longer (e.g., 24 hours or 2 years). However, our website – and through it the Google Analytics service – can only access the content of these longer-term valid cookies if you visit our website again from the same device and have not deleted these cookies in the meantime.

Instagram page

Name: Instagram
Data processor address: Facebook, Inc. 1601 Willow Rd Menlo Park, CA 94025 United States
Scope of known data: username, comments
Data processing activity: Personalized advertising
Privacy policy: https://help.instagram.com/155833707900388

DATA TRANSFER TO THIRD COUNTRIES

The Data Controller, with the explicit consent of the Data Subject, will transfer the contact details (name, email address) provided during newsletter subscription to KIT, as the data processor, whose system may use the data for personalized advertising activities.

We inform the Data Subjects that the Data Controller may be approached by courts or other authorities, or other bodies authorized by law, for the purpose of providing information, disclosing data, transferring data, or making documents available.

The Data Controller will only disclose personal data to authorities in accordance with the requirements specified in the authority’s request.

Data transfer to the United States of America is carried out in accordance with the adequacy decision made on July 12, 2016 (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en).

KIT

Name: KIT
Data processor address: 750 W Bannock St #761, Boise, Idaho 83701
Scope of known data: name, email address
Data processing activity: Sending newsletters
Privacy policy: https://kit.com/privacy

Google (https://policies.google.com/privacy/frameworks) and

Facebook (https://www.facebook.com/about/privacyshield) are also valid data controllers.

RIGHTS AND ENFORCEMENT OPTIONS OF THE DATA SUBJECT

The data subject may request information about the processing of their personal data, as well as request the correction, deletion, or withdrawal of their personal data, except for mandatory data processing, and may exercise their right to data portability and objection in the manner indicated at the time of data collection, or through the above contact details of the data controller.

RIGHT TO INFORMATION

The Data Controller shall take appropriate measures to provide the data subjects with all information regarding the processing of personal data referred to in Articles 13 and 14 of the GDPR, and all notifications referred to in Articles 15–22 and 34, in a concise, transparent, intelligible, and easily accessible form, clearly and comprehensibly formulated.

RIGHT OF ACCESS

The data subject has the right to receive feedback from the Data Controller on whether their personal data is being processed, and if such processing is ongoing, they have the right to access the personal data and the following information:

• the purposes of the data processing;
• the categories of personal data concerned;
• the recipients or categories of recipients to whom the personal data has been or will be disclosed, including recipients in third countries or international organizations;
• the planned duration of storage of the personal data;
• the right to rectification, erasure, restriction of processing, and objection;
• the right to lodge a complaint with a supervisory authority;
• information on the sources of the data;
• the existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and expected consequences of such processing for the data subject.

The Data Controller shall provide the information within one month of the submission of the request.

RIGHT TO RECTIFICATION

The data subject may request the correction of inaccurate personal data concerning them processed by the Data Controller and the completion of incomplete data.

RIGHT TO ERASURE

The data subject has the right to request the Data Controller to erase personal data concerning them without undue delay if one of the following grounds applies: the personal data is no longer necessary for the purposes for which it was collected or otherwise processed; the data subject withdraws their consent on which the processing is based, and there is no other legal basis for the processing; the data subject objects to the processing, and there are no overriding legitimate grounds for the processing; the personal data has been unlawfully processed; the personal data must be erased to comply with a legal obligation under Union or Member State law to which the Data Controller is subject; the personal data has been collected in relation to the offer of information society services.

Erasure cannot be requested if the processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation which requires processing by Union or Member State law to which the Data Controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller; for reasons of public interest in the area of public health, or for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes; or for the establishment, exercise, or defense of legal claims.

RIGHT TO RESTRICTION OF PROCESSING

The data subject may request the Data Controller to restrict processing if one of the following applies: the data subject contests the accuracy of the personal data, for a period enabling the Data Controller to verify the accuracy of the personal data; the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of its use instead; the Data Controller no longer needs the personal data for the purposes of processing, but the data subject requires it for the establishment, exercise, or defense of legal claims; or the data subject has objected to processing pending the verification of whether the legitimate grounds of the Data Controller override those of the data subject.

If processing is restricted, the personal data shall, with the exception of storage, only be processed with the data subject’s consent, or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or a Member State.

RIGHT TO DATA PORTABILITY

The data subject has the right to receive the personal data concerning them, which they have provided to the Data Controller, in a structured, commonly used, and machine-readable format, and to transmit those data to another data controller.

RIGHT TO OBJECT

The data subject has the right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them which is based on the public interest or the exercise of official authority vested in the Data Controller, or the legitimate interests of the Data Controller or a third party, including profiling based on those provisions. In case of objection, the Data Controller shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or for the establishment, exercise, or defense of legal claims.

RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISION-MAKING, INCLUDING PROFILING

The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.

The Data Controller does not perform profiling.

RIGHT TO WITHDRAW CONSENT

The data subject has the right to withdraw their consent at any time.

RIGHT TO LODGE A COMPLAINT WITH A COURT

The data subject may turn to the court if their rights are violated by the Data Controller. The court shall act promptly in the matter.

DATA PROTECTION AUTHORITY PROCEDURE

Complaints can be lodged with the National Authority for Data Protection and Freedom of Information:

Name: National Authority for Data Protection and Freedom of Information

Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.

Mailing address: 1530 Budapest, Pf.: 5.

Phone: 0613911400

Fax: 0613911410

Email: ugyfelszolgalat@naih.hu

Website: http://www.naih.hu

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Email Addresses

We may collect your email address, but only if you voluntarily provide it to us. This may occur, for example, if you sign up to receive an email newsletter, or enter a promotion. If you have provided your email address to us, we promise to use it only for the purposes for which it is provided. We will not use your email address to contact you for unrelated reasons. We will not share your email address with any third parties.

If you believe that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your residence, your place of work or the place of the alleged infringement.

You may exercise any of your rights in relation to your personal data by written notice to us addressed to the following:

‘contact information of person handling EU privacy complaints; must include street address, phone number and email address’

Contacting Us

If you have any questions about this Privacy Policy or the practices of this Site, please contact us.

You are responsible for all of your activity in connection with the Services and accessing the Website. The Website is not responsible for the content of linked sites.