Data protection information
- Summary
Hybrid Agency Ltd. (hereinafter referred to as the "Data Controller") manages the data of visitors, registrants and customers (hereinafter collectively referred to as the "Data Subject") of the Website (hybridagency.hu; hybriddecor.hu; hereinafter referred to as the "Website") in the course of operating its websites (hybridagency.hu; hybriddecor.hu; hereinafter referred to as the "Website"). All personal data is collected and processed only in accordance with the law. We may send you a system message without your consent, but we may only send you a DM with your consent. Your data will be stored as securely as possible and will only be disclosed to third parties with your consent. You can request information about your personal data or request its deletion by writing to hello@hybridagency.hu.
- Name, contact details of the controller
Name of the controller: Hybrid Agency Ltd.
The controller's mailing address: 1131 Budapest, Rokolya utca 49.
E-mail address of the data controller: hello@hybridagency.hu
Telephone number of the controller: +36 70 222-93-22
Company registration number: 01-09-407001
Tax number: 32107711-2-41
Statistical number sign: 2107711-8230-113-01
Court of Justice of the Capital City Court
Shared space provider: Websupport Hungary Ltd. (1132 Budapest, Victor Hugo u. 18-22.) info@ezit.hu
- Purpose of the Privacy Policy
The purpose of this Privacy and Data Management Policy (hereinafter referred to as the Policy) is to ensure that Hybrid Agency Kft. 7.a ; company registration no: 01-09-407001; telephone number: +36 70 222-93-22; tax number: 32107711-2-41) and the Company's data protection and data management policy. The Data Controller acknowledges that it is bound by the contents of this legal notice. It undertakes to ensure that any processing of data relating to its activities complies with the requirements set out in this policy and in the legislation in force. In connection with the processing of data, the Data Controller hereby informs Users of the personal data it processes on the Website, of its principles and practices regarding the processing of personal data and of the ways and means of exercising the rights of data subjects.
The Service Provider respects the privacy rights of visitors to its Website; the personal data recorded will be treated confidentially, in accordance with data protection legislation and international recommendations, and in accordance with this Privacy Policy. The Data Controller reserves the right to modify this Privacy Policy at any time, the entry into force of which will be communicated to the Users by the Data Provider, who must accept the modifications in the manner provided by the Data Controller in order to continue using the Website. The principles and procedures set out in this Privacy Notice comply with Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information („the Information Act”) and Regulation (EU) 2016/679 of the European Parliament and of the Council of the European Parliament and of the Council („the Regulation”).
- Scope, time and purpose of the personal data processed
Data sent by email and telephone, or via the data request form on the website, are required to request offers and information. The communication of data is voluntary, the Data Subject is not obliged to provide personal data, but in some cases he/she will not be able to order the services provided by our company without them.
The purpose of the processing, with the consent of the data subject, is to provide services, to document the adequacy of performance, to prove the conclusion of contracts and to fulfil legal obligations (e.g. issuing invoices). In the context of mandatory processing, the Data Controller shall comply with its legal obligations to process certain data required by law for the period of time specified by law for the scope of data that are mandatory for the Data Controller under the applicable legislation. The Controller shall not be liable for the accuracy of the data provided.
Technical data for data management purposes
During the use of the Website, the Data Controller automatically records the User's IP address, the type of operating system and browser program used and other information for technical reasons. The system continuously logs this data, but does not link it to the data provided during registration or use. Users do not have access to the data obtained in this way, only the Service Provider.
The Service Provider may record the data of the Internet pages from which the User accessed the Website and those visited on the Website, as well as the time and duration of the visit. The identity and profile of the data subject cannot be inferred from these data.
The computer of the visitors of the Website is identified by a so-called cookie.
The Data Controller uses technical data solely for the technical operation of the Website and for statistical purposes.
Data provided when requesting a tender and their processing
When requesting an offer, the Data Subject is required to provide the following personal data: name, telephone number, e-mail address.
The data subject may also provide additional non-mandatory data and comments during the request, if it is necessary for the performance and facilitation of the service provided by the Service Provider.
The Data Controller undertakes not to send any e-mails to the e-mail addresses provided by the Data Subject in the course of data processing, except for e-mails and system messages related to the services used by the Data Subject.
The purposes of data processing are: making offers, providing services, maintaining contact, documenting purchases, orders and payments; issuing financial statements; service performance; communicating changes to the service, sending reminders (e.g. payment reminders, requesting other technical information necessary for the performance of the service).
Legal basis for processing: the data subject's consent or a legal requirement (Accounting Act).
Duration of processing: 8 years in case of mandatory processing based on law, otherwise until the withdrawal of the data subject's consent.
Data provided when subscribing to the newsletter and how they are processed
Newsletter database
In addition to registration, you can also request a newsletter on the Website.
Data processed: e-mail address, name
Duration of processing: until the withdrawal of the data subject's consent
Legal basis for processing: the voluntary consent of the user, which is given to the Data Controller by subscribing to the newsletter [processing pursuant to Article 6(1)(a) of the Regulation].
We use the online service Mailchimp.com (The Rocket Science Group LLC., US Atlanta, GA 30318, 512 Means St Suite 404, customersupport@mailchimp.com) to manage the newsletter database and send out newsletters. In this case Mailchimp is considered a data processor. The service provider is a registered member of the Safe Harbor agreement between the European Union and the United States of America, and consequently the transfer of personal data to third countries may take place in order to ensure the adequacy of the level of protection.
The user can unsubscribe from the thematic newsletter service at any time via the link in the newsletter, or opt out of receiving these marketing requests by changing his/her user account or via an e-mail address published by the Service Provider.
Applying for a job advertisement from a data management perspective
The Data Controller stores the applications received.
Purpose of processing: to apply for a job at the Data Controller, to participate in the selection procedure.
Legal basis for processing: the data subject's voluntary consent.
Type of personal data processed: cover letters, CVs, applications and other personal data provided in them.
Duration of processing: six months from the date of submission of the application.
Possible consequences of not providing the data: the data subject cannot apply electronically for job offers published by the Data Controller.
Data and processing of non-service-related enquiry e-mails sent to e-mail addresses
Processed data: e-mail address, name, telephone number, if provided by the correspondent.
Purpose of the processing: to maintain contact.
Legal basis for processing: consent of the data subject.
Duration of processing: until consent is withdrawn.
Market research for service development
The Service Provider processes the responses sent by the User for market research purposes.
Data processed: email address, age group, gender, responses to market research questionnaire
Duration of processing: until the withdrawal of the data subject's consent
Legal basis for processing: the user's voluntary consent given to the Data Controller by replying to the market research questionnaires [processing pursuant to Article 6(1)(a) of the Regulation].
We use an online service called Google Forms to manage the market research database (Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Privacy information: https://policies.google.com/privacy?hl=huIn this case, Google is considered a data processor.
Other data processing
Information about data processing not listed in this notice is provided at the time of collection. Courts, prosecutors, investigating authorities, law enforcement authorities, administrative authorities, the National Authority for Data Protection and Freedom of Information, or other bodies authorised by law may contact the Data Controller to provide information, disclose or transfer data or provide documents. To the extent that the authority has indicated the precise purpose and scope of the data, it shall disclose personal data to the authorities only to the extent and to the extent strictly necessary for the purpose of the request.
- Storage, protection and access to personal data
The Data Controller stores personal data on paper and by computer means, at the Data Controller's headquarters or on the servers of its hosting provider. Paper documents are kept locked by the Controller to ensure that only authorised persons have access to them. The Data Controller's manager and staff are the primary recipients of access to the data. As described in this notice, some data will be transferred to processors and other data controllers (e.g. accountants and subcontractors) in order to achieve the purposes described in this notice.
In addition to the above, the transfer of personal data concerning the User may take place if the Data Controller is forced to involve a subcontractor / partner to provide the requested service and the service provided would be impossible without the transfer of such data. The Data Controller shall protect the processed data against unauthorised access, alteration, disclosure, deletion, damage or destruction. The controller shall keep a data protection register containing the scope of the personal data it processes, the number and type of persons affected by a possible personal data breach, the date, circumstances, effects and measures taken to remedy the personal data breach, and other data specified in the legislation requiring the processing.
- Data security
The Data Controller will take all necessary steps to ensure the security of the personal data provided by the Data Subject, both during network communication and during storage and retention of the data.
Access to personal data is strictly limited to prevent unauthorised access, unauthorised alteration or unauthorised use of personal data.
The servers serving the website of the data controller are located at Websupport Hungary Ltd (ezit.hu). The data controller shall maintain confidentiality in the processing of data: protect the information so that only those who are entitled to access it have access to it; integrity: protect the accuracy and completeness of the information and the processing method; availability: ensure that the information can be accessed and the means to do so are available when the authorised user needs it. The above commitment shall also be imposed by the Data Controller on its employees involved in the processing activities and on processors acting on behalf of the Data Controller.
Data protection incident
A data breach is a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. The controller shall keep a record of the personal data breaches, indicating the facts relating to the personal data breach, its effects and the measures taken to remedy it. In the event of an incident, the Data Controller shall, unless it does not pose a risk to the rights and freedoms of natural persons, inform the Data Subject and the supervisory authority of the data protection incident without undue delay and within a maximum of 72 hours.
You do not need to be informed if any of the following conditions are met:
- the Data Controller has implemented appropriate technical and organisational protection measures and those measures have been applied to the data affected by the personal data breach, in particular measures such as the use of encryption, which render the data unintelligible to persons not authorised to access the personal data;
- the controller has taken additional measures following the personal data breach to ensure that the high risk to the rights and freedoms of the data subject referred to in Article 33(1) of the Regulation is no longer likely to materialise;
- information would require a disproportionate effort. In such cases, the data subjects should be informed by means of publicly disclosed information or by a similar measure which ensures that the data subjects are informed in an equally effective manner.
- User rights and enforcement
At any time, the data subject has the right to request information about the personal data concerning him or her processed by the Data Controller and to modify them at any time. The data subject shall also have the right to request the erasure of his or her data by using the contact details provided in this point.
The data subject may request the Controller to inform him or her about the processing of his or her personal data, to rectify his or her personal data, to erase or block his or her personal data, except for mandatory processing, to restrict processing and to object to processing.
- Rights of data subjects
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to data portability
The data subject can exercise his or her rights by contacting:
Mailing address: Hybrid Agency Ltd. 1131. Budapest, Rokolya utca 49. 2nd floor. 7.a. E-mail: hello@hybridagency.hu
The data subject may contact any employee of the Data Controller with any questions or comments regarding the processing of the data via the contact details above.
The data controller shall provide the information in writing in an intelligible form and in the same manner as the request, within the shortest possible period of time from the date of the request, but not later than 25 days.
The data subject has the right to request the rectification or erasure of incorrectly recorded data at any time. The data subject has the possibility to request the erasure of his/her personal data, which the Data Controller shall comply with within 15 days at the latest. The erasure does not apply to data processing required by law (e.g. accounting regulations), which will be kept by the Data Controller for the necessary period.
At the Data Subject's request, the Data Controller shall restrict the processing if the accuracy of the personal data is contested or the processing is unlawful, or if the Data Subject objects to the processing, or if the Data Controller no longer needs the personal data.
The data subject also has the right to receive the personal data concerning him or her which he or she has provided in a structured, commonly used, machine-readable format and the right to transmit such data to another controller without hindrance from the Controller, provided that the necessary conditions are met.
The data subject may also assert his/her rights before the Metropolitan Court of Budapest, 1055 Budapest, Markó u. 27., or, at the data subject's choice, before the county court of the data subject's place of residence/department (legal background: paragraph (1) of Article 22 of Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information). You can also request the assistance of the President of the National Authority for Data Protection and Freedom of Information, Dr. Attila Péterfalvi (1024 Budapest, Szilágyi Erzsébet fasor 22/C., www.naih.hu, ugyfelszolgalat@naih.hu, Tel.
The Data Controller may refuse to provide information to the data subject only in the cases and for the reasons specified in the Information Act and the Regulation. In such a case, the Data Controller shall inform the data subject in writing of the provision of the Information Act or the Regulation on the basis of which the information was refused. In the event of refusal to provide information, the Data Controller shall inform the data subject of the legal remedies available to him/her.
If the Data Subject has provided third party data during registration for the use of the service, the Data Controller shall in such case provide all reasonable assistance to the competent authorities in order to establish the identity of the offending person.
- Cookie policy
We use cookies on our websites. We cannot and do not want to personally identify you from the information stored in these cookies, but we use them to know whether you have visited our website before, and if so, which pages you have visited and which of our services may be of most interest to you, as well as the areas of the website you have visited and the buttons you have clicked. You have the option to reject these cookies through your browser settings, but in this case you may not be able to use all the services of our website.
- What are cookies?
The website saves small text files on your computer or mobile or tablet when you visit it. You can use this to remember your username for a certain period of time, for example, so that you don't have to type it in again and again. Many similar convenience services require you to enable cookies before they can work. We do not sell cookies or any data collected through the use of cookies to third parties, nor do we use them to identify you.
- What do we use cookies for?
our website uses cookies to keep track of
display settings, e.g.: font size settings
the browser type and version, operating system, referring URL (previously visited website), IP address of the computer used to access the site, and the date and time of the visit
whether you have already answered one of our current satisfaction questionnaires
whether or not you have consented to our website using cookies
what products you put in your shopping basket
patterns of traffic and user behaviour, allowing us to improve our website and services
This data is collected for internal and statistical purposes only.
Our website may use the following cookie:
Temporary cookies strictly necessary for the operation:
This temporary data is only stored in the cookie file until the end of the browsing session. They are essential for the proper functioning of certain features of our website.
Cookies to improve the user experience:
They collect information about a user's use of the website, such as which pages they visit most often or what error messages they receive from the website. These cookies do not collect any information that identifies the visitor, i.e. they use completely general, anonymous information. We use the information they provide to improve the performance of the website. The lifetime of these types of cookies is limited to the duration of the session.
Third-party cookies:
| __cf_bm | This cookie is set by Cloudflare to support Cloudflare Bot Management. |
| _fbp | Google Analytics sets this cookie to compute visitor, session and campaign data and to track website usage for the analytics reporting of the website. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. |
| _ga | Google Analytics sets this cookie to compute visitor, session and campaign data and to track website usage for the analytics reporting of the website. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. |
| _ga_* | Google Analytics sets this cookie to store and count page views. |
| _gat | Google Universal Analytics sets this cookie to limit the number of requests and thus limit the collection of data on high-traffic websites. |
| _gat_gtag_UA_* | Google Analytics sets this cookie to store a unique user identifier. |
| _gcl_au | Google Tag Manager sets the cookie to test the advertising effectiveness of websites that use its services. |
| _gid | Google Analytics sets this cookie to store information about how visitors use the website, while also generating an analytics report on website performance. The data collected includes the number of visitors, their source and the pages they visit anonymously. |
| _hjSession_* | Hotjar sets this cookie to associate data from subsequent visits to the same website with the same user ID, which remains in Hotjar's user ID that is unique to that website. |
| _hjSessionUser_* | Hotjar sets this cookie so that data from subsequent visits to the same website are associated with the same user ID, which remains in Hotjar's user ID that is unique to that website. |
| _hjTLDTest | To determine the most common cookie path to use instead of the site hostname, Hotjar sets the _hjTLDTest cookie to store different URL alternatives until it fails. |
| 66ovctr6 | Description is currently not available. |
| cookielawinfo-checkbox-analytics | Set by the GDPR Cookie Consent plugin to store the user's consent for cookies in the “Analytics” category. |
| cookielawinfo-checkbox-egyeb | CookieYes This cookie is set to store user consent for cookies in the “Other” category. |
| cookielawinfo-checkbox-inadmissible | Description is currently not available. |
| cookielawinfo-checkbox-funkcionalis | CookieYes This cookie is set to store user consent for cookies in the “Functional” category. |
| cookielawinfo-checkbox-advertisements | CookieYes This cookie is set to store user consent for cookies in the “Advertising” category. |
| cookielawinfo-checkbox-teljesitmeny | CookieYes sets this cookie to store user consent for cookies in the “Performance” category. |
| CookieLawInfoConsent | CookieYes sets this cookie to record the default button state and CCPA state for the corresponding category. It only works in coordination with the primary cookie. |
| elementor | The WordPress theme of the website uses this cookie. It allows the website owner to implement or modify the website content in real time. |
| IDE | The Google DoubleClick IDE cookies store information about how a user uses the website in order to display relevant ads that match the user's profile. |
| sbjs_current | Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in the cookie. This analytics and behavioural cookie is used to improve the visitor experience on the website. |
| sbjs_current_add | Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in the cookie. This analytics and behavioural cookie is used to improve the visitor experience on the website. |
| sbjs_first | Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in the cookie. This analytics and behavioural cookie is used to improve the visitor experience on the website. |
| sbjs_first_add | Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in the cookie. This analytics and behavioural cookie is used to improve the visitor experience on the website. |
| sbjs_migrations | Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in the cookie. This analytics and behavioural cookie is used to improve the visitor experience on the website. |
| sbjs_session | Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in the cookie. This analytics and behavioural cookie is used to improve the visitor experience on the website. |
| sbjs_udata | Sourcebuster sets this cookie to identify the source of the visit and stores information about user actions in the cookie. This analytics and behavioural cookie is used to improve the visitor experience on the website. |
| test_cookie | doubleclick.net sets this cookie to determine whether the user's browser supports cookies. |
| vuid | Vimeo installs this cookie in order to collect tracking information by setting a unique identifier to embed videos on the website. |
| x2q9amu4 | Description is currently not available. |
| yomh11n0 | Description is currently not available. |
- Google Analytics
_utma; _utmb; _utmv; _utmz; _utmx: These cookies collect anonymous information about how visitors use our website, which we use to improve usability. It is not possible to identify the User personally. For more information: www.google.hu/intl/hu/policies/privacy/
- Facebook.com
datr; lsd; reg_ext_ref; reg_fb_gate; reg_fb_ref; wd: You can share the content of our website with your friends on the Facebook community page. This service may leave cookies on your computer over which we have no control. Facebook remarketing code allows the Data Controller to display various promotions to the user. It is not possible to identify the User.
- Twitter.com
__utma; __utmb; __utmc; __utmv; __utmz; _twitter_sess; external_referer; guest_id; k; original_referer: you can share the content of our website with your friends on the Twitter community. This service may leave cookies on your computer over which we have no control. This cookie may contain cookies that may not allow us to identify the user.
- accounts.google.com
GALX; GAPS; GoogleAccountsLocale_session: you can share the content of our website with your friends on the Google social networking site. This service may leave cookies on your computer over which we have no control. These cookies may not allow us to identify you personally.
- Google Adwords
NID and SID cookies: the Site uses Google Adwords remarketing tracking codes. The remarketing code uses cookies to tag visitors. Site users have the option to disable these cookies. It is not possible to identify the User.
Our website also uses LuckyOrange as well as Inspectlet and Smartlook, software used to understand visitor behaviour and browsing habits, to provide a better user experience for our visitors. For more information, please visit http://www.luckyorange.com, https://www.inspectlet.com, https://www.smartlook.com.
The Website contains remarketing tags for the purpose of building remarketing lists, so that after your visit, external service providers, including Google and Facebook, may display advertisements on their websites, known as interest-based advertisements. Remarketing lists are not personally identifiable, they do not contain any personal data of the visitor, they only identify the browser software. The remarketing tags are used by the service providers using cookies. The Website uses so-called conversion tracking to measure the effectiveness of Google Adwords ads. The conversion tracking cookie exists only for a limited period of time, is optional, does not record or use any personal information.
Visitor analysis: the statements and analyses of the users' data, made using general and/or automatic statistical methods, are kept by our Website indefinitely. No personal data of the data subject can be reproduced from this data by any means. Personal data collected in the webshop will not be linked to any data from other sources that are not intended to keep the customer in contact with the Service Provider.
To find out more on this topic,
many articles are available on the internet, for example at http://www.allaboutcookies.org page.
For details on how to change your cookie settings, see your browser's help or the link below:
Mozilla Firefox: https://support.mozilla.org/hu/kb/S%C3%BCtik%20kezel%C3%A9se
Google Chrome: https://support.google.com/chrome/answer/95582?hl=hu&ref_topic=3421433
Internet Explorer: http://windows.microsoft.com/hu-hu/internet-explorer/ie-security-privacy-settings#ie=ie-9
Opera: https://www.opera.com/terms
Safari: http://support.apple.com/kb/PH5042
You can delete the cookie from your computer or disable the use of cookies in your browser. You can usually manage cookies by going to the Tools/Preferences menu of your browser and selecting Privacy/Preferences/Custom Settings, and then selecting the cookie, cookie or tracking option.
- Other provisions
The Data Controller will review this notice annually. The Service Provider reserves the right to unilaterally modify this Privacy Notice with prior notice to the Data Subject. The Data Controller shall also review this Notice if material changes in the law enter into force or if its data protection and data management processes and procedures change materially. In such cases, the Data Controller shall amend this notice accordingly and publish it on its website, drawing attention to the changes. Our website is not responsible for the data management practices of other external websites. The Controller does not control the personal data provided to it. The person providing the data is solely responsible for the correctness of the data provided. Any Data Subject who provides an e-mail address is also responsible for ensuring that the e-mail address provided is the only one from which he/she will receive services.
- E-mail contact / phone calls / customer service enquiries (collectively Enquiries)
Purposes/legal basis for processing:
By filling in the contact form on the website of Hybrid Agency Ltd. (hybridagency.hu; hybriddecor.hu; petofitamas.hu) or by providing personal data (e.g. name, address, contact details, other personal data voluntarily provided) by phone, e-mail or post, we will of course treat them confidentially. In any case, the data you provide will only be processed for purposes directly related to your request (e.g. request for a quote, error report, information, general information, complaint, etc.). The legal basis for processing is Article 6(1)(f) GDPR.
- Customer Service Privacy Notice
In the following, we provide you with details of our processing of your enquiry to our customer service in accordance with Article 13 of the General Data Protection Regulation.
Data controller within the meaning of Article 7(4) of the Regulation Hybrid Agency Ltd. Telephone number of the data controller: +36 70 222 93 22, e-mail address: hello@hybridagency.hu
The personal data you provide by telephone or e-mail will of course be treated confidentially and used only for the purpose of responding to your enquiry. The purpose of the processing is to reply to your enquiries. The legal basis for the processing is the legitimate interest as defined in Article 6(1)(f) of the Regulation, i.e. in this case, to respond to enquiries, to deal with error reports and to provide services.
A Hybrid Agency Ltd.. phone number for the purpose of post-evidence Hybrid Agency Ltd. fixes. Purpose of the processing: Hybrid Agency Ltd. ensuring the quality of the solving services provided by the data controller, enforcing the rights of the customers and the data controller, providing evidence to resolve any disputes, ex post verifiability and ex post proof of agreements, quality assurance. Data processed: identification number, caller ID, number called, date and time of the call, audio recording of the telephone conversation and other personal data provided during the conversation.
The deadline for deleting data: six months.
This information is effective from 25.08.2022.
Dated: Budapest, 2022.08.25.
Hungarian 
English