H - 4400 Nyíregyháza, Szabadság tér 12/B. II. floor 1.

+36 30 232 4622

arendas@drarendas.com

START NOW

Contact

Contact

Privacy Notice

1. Introduction
It is very important to us to comply with the currently applicable data protection regulations and laws. Therefore, we provide a detailed explanation below of the data protection measures and data collection processes related to the website www.drarendas.com and Dr. Róbert Árendás, Attorney-at-Law.

The data is managed by Dr. Róbert Árendás, who is responsible for handling personal data.

  • Full legal name: Dr. Róbert Árendás, Attorney-at-Law
  • Email: www.drarendas@gmail.com
  • Postal address: 4400 H - 4400 Nyíregyháza, Szabadság tér 12.

2. What Personal Data Do We Process and For What Reasons?

Personal data refers to information that allows the precise identification of an individual. On www.drarendas.com, we process the following personal data, specifying the legal basis for processing:

Communication Data

This includes any messages sent to us via the website, email, social media messages, or any other communication method. We process and retain this data to fulfill orders and provide a basis for decision-making in the event of legal claims. The legal basis for processing is the user’s legitimate interest in our activities, demonstrated by their communication with us.

Customer Data

This includes all information related to the purchase of products and services, such as the customer’s name, shipping and billing address, email address, phone number, and product details. We process this data to successfully complete orders and maintain legally compliant records of purchases.

3. How Do We Collect Data?

We collect personal data in several ways:

  • Directly provided by the user: For example, when placing an order or sending a message.
  • Automatically collected: During website usage, through cookies and similar technologies, which activate only with user consent. For more information, please see our Cookie Statement.
  • From external partners: Such as analytics providers like Google (non-EU partner), advertising networks like Facebook™ (non-EU partner), and payment service providers like PayPal and Barion (non-EU partners).

4. Our Data Protection Practices

We prioritize data protection and compliance with applicable regulations. Following a data protection impact assessment, we compiled a list of collected data, their necessity, legal basis, and compliance:

  • SSL Certification: We use SSL certification (Let’s Encrypt Authority X3 certification) to secure data on the entire website.
  • Premium Security Software: iThemes Security Pro is applied to protect against "brute force" and virus attacks.
  • Data Encryption: Stored customer and user data is encrypted to remain unreadable to external parties.
  • User Rights: Users can request information, modify, or delete their personal data through the privacy statement.

Occasionally, we may need to share data with service provider partners (e.g., hosting providers, courier services, email marketing providers). We only select partners that comply with GDPR regulations and sign data processing agreements with them to ensure responsible data management.

5. Marketing Communication

Marketing communication is essential for our business activities. The legal basis for data processing is the user’s interest in our services or their explicit consent.

Under the European Union’s Privacy and Electronic Communications Regulations (PECR), we send marketing messages if the user has purchased from us or explicitly consented to receiving marketing communications. Users can unsubscribe at any time via the link at the bottom of each email or by requesting removal at drarendas@gmail.com.

Even after opting out, we may still send order-related messages.

6. Notes on Personal Data

At times, we may need to share personal data with partners to maintain business operations:

  • IT service providers and system maintenance professionals
  • Expert partners such as lawyers, accountants, bankers, and insurers
  • Government agencies requesting reports on our activities
  • Payment service providers handling secure transactions
  • Courier services fulfilling orders

International Data Transfers

To maintain business operations, we may share user data with partners outside the European Economic Area (EEA). Since some non-EEA countries do not provide the same level of data protection, European laws prohibit data transfer without adequate safeguards.

To ensure data security, we:

  • Only transfer data to countries deemed adequate by the European Commission.
  • Use US-based services participating in the EU-US Privacy Shield initiative.
  • If the above conditions are unmet, we request explicit user consent, which can be revoked at any time.

External Links

Our website may contain links to external sites or embedded elements from external services. Clicking on these links or using embedded solutions may allow third-party partners to collect user data. While we carefully screen partners, we do not control their data protection practices and are not responsible for their data handling.

7. Data Retention Period

We store user data only as long as necessary for legal, accounting, or reporting obligations and service operation. When determining retention periods, we consider the amount, nature, and sensitivity of data, and the impact of potential data breaches.

For tax purposes, we must retain customer billing and purchase data for at least 8 years to comply with legal obligations. In certain cases, anonymized data may be used for statistical purposes indefinitely.

8. User Rights

As a European Union citizen, users are entitled to the following rights under the General Data Protection Regulation (GDPR):

  • a. Access to Personal Data: Users may request a copy of their stored personal data free of charge, fulfilled within 14 days of request submission. Repetitive or abusive requests may incur a reasonable fee and extended response time.
  • b. Identity Verification: To prevent misuse, identity verification is required before data release. To request personal data, please use the contact form below.