Privacy Policy

in which we inform you, as a visitor to our website and user of our services, about our company’s data processing and privacy rules.

1. What principles do we follow in our data processing?

  • Our company follows the principles below in its data processing:
  • we process personal data lawfully, fairly, and in a transparent manner for you.
  • we collect personal data only for specified, explicit, and lawful purposes and do not process them in a manner incompatible with those purposes.
  • the personal data we collect and process are adequate, relevant, and limited to what is necessary in relation to the purposes of data processing.
  • Our company takes all reasonable measures to ensure that the data we process are accurate and, where necessary, up to date, and we delete or correct inaccurate personal data without delay.
  • we store personal data in a form that allows you to be identified only for as long as necessary for the purposes of processing the personal data.
  • we ensure the appropriate security of personal data through the application of appropriate technical and organizational measures against unauthorized or unlawful processing, accidental loss, destruction, or damage to the data.
  • Our company processes your personal data
  • based on your prior informed and voluntary consent and only to the necessary extent and always for a specific purpose, i.e., we collect, record, organize, store, and use them.
  • in certain cases, the processing of your data is based on legal requirements and is mandatory; in such cases, we specifically draw your attention to this fact.
  • or in certain cases, our company or a third party has a legitimate interest in processing your personal data, such as the operation, development, and security of our website.

2. Who are we?

  • Company name: Szegedi Paprika Zrt.
  • Registered office: 6725 Szeged, Szövetkezeti út 2.
  • Website: www.szegedipaprika.hu
  • Postal address: 6701 Szeged, P.O. Box: 114
  • Email address: info@szegedipaprika.hu
  • Tax number: 11597715-2-06
  • Company registration number: 06-10-000253

Our company is not required to appoint a data protection officer under Article 37 of the GDPR.

Our company’s hosting provider:

  • Hosting provider name: FIVEIT Solutions Kft.
  • Hosting provider registered office: 6100 Kiskunfélegyháza, Batthyány Lajos utca 10. 1. floor 12. door
  • Hosting provider website: www.fiveit.hu
  • Hosting provider email address: info@fiveit.hu

Our company uses the following data processors during data processing—to provide high-quality service to our customers:

  • Data controller: Szegedi Paprika Zrt.
  • Address: 6725 Szeged, Szövetkezeti út 2.
  • Areas of responsibility: All activities

If we modify our data processors, we will update the changes in this notice.

The data we process:

We only request personal data from our website visitors if they wish to register, log in, or participate in a prize draw.

We cannot link the personal data provided during registration or use of our marketing services, and identifying our visitors is not fundamentally our goal.

For questions regarding data processing, you may request further information at info@szegedipaprika.hu by email or postal address, and we will send our response within 15 days (but no later than 1 month) to the contact details you provided.

3. What are cookies and how do we handle them?

Cookies are small data files (hereinafter: cookies) that are placed on your computer through the website when you use it, saved and stored by your internet browser. Most commonly used internet browsers (Chrome, Firefox, etc.) accept and allow the download and use of cookies by default, but it is up to you to reject or disable them by modifying your browser settings, and you can also delete cookies already stored on your computer. The “Help” menu of each browser provides more information about the use of cookies.

There are cookies that do not require your prior consent. Our website provides brief information about these at the start of your first visit, such as authentication, multimedia player, load balancing, session cookies that help customize the user interface, and user-centric security cookies.

Regarding cookies that require consent—if data processing begins upon visiting the site—our company informs you at the start of your first visit and requests your consent.

Our company does not use or permit cookies that enable third parties to collect data without your consent.

Accepting cookies is not mandatory, but our company assumes no responsibility if our website does not function as expected in the absence of cookie authorization.

What cookies do we use?

Name: _ga
Provider: www.szegedipaprika.hu
Purpose: Registers a unique ID that generates statistical data on how the visitor uses the website.
Expiration: 2 years
Type: HTTP

Name: _gat
Provider: www.szegedipaprika.hu
Purpose: Stores the throttle request rate used by Google Analytics.
Expiration: Session
Type: HTTP

Name: _gid
Provider: www.szegedipaprika.hu
Purpose: Registers a unique ID that generates statistical data on how the visitor uses the website.
Expiration: Session
Type: HTTP

Name: _fbp
Provider: www.szegedipaprika.hu
Purpose: Used by Facebook to deliver advertising products to a third party (e.g., real-time ads)
Expiration: 3 months
Type: HTTP

Name: fr
Provider: facebook.com
Purpose: Facebook uses this cookie to offer a range of advertising products (such as real-time bidding from third-party advertisers)
Expiration: 3 months
Type: HTTP

You can read more about third-party cookies on this page.

4. What else you need to know about our data processing related to our website

You voluntarily provide personal data to us during registration or when contacting our company, which is why we ask you to pay particular attention to the authenticity, accuracy, and correctness of your data when providing them, as you are responsible for these. Incorrect, inaccurate, or incomplete data may prevent you from using our services.

If you provide personal data of another person rather than your own, we assume that you have the necessary authorization to do so.

You may withdraw your consent to data processing free of charge at any time by

  • deleting your registration,
  • withdrawing consent to data processing, or
  • withdrawing consent to the processing or use of any data that must be provided during registration, or requesting its blocking.

We undertake to register the withdrawal of consent within 30 days for technical reasons; however, we draw your attention to the fact that we may continue to process certain data even after the withdrawal of consent in order to fulfill our legal obligations or assert our legitimate interests.
In the event of the use of misleading personal data, or if any of our visitors commits a crime or attacks our company’s system, we will immediately delete the data of that visitor upon termination of their registration, or—if necessary—retain them for the duration of establishing civil liability or conducting criminal proceedings.

5. What you need to know about our data processing for direct marketing and newsletter purposes

You may give your consent for us to use your personal data for marketing purposes by making a declaration during registration or later by modifying your personal data stored on the newsletter and/or direct marketing registration page (i.e., by clearly expressing your consent). In this case—until the withdrawal of consent—we will also process your data for direct marketing and/or newsletter purposes and send you advertising and other mailings, as well as information and offers, and/or forward newsletters (Grtv. Section 6).

You may give your consent for direct marketing and newsletters jointly or separately, and you may withdraw it/them free of charge at any time.

We always consider the deletion of registration as a withdrawal of consent. We do not interpret the withdrawal of consent for direct marketing and/or newsletter data processing as a simultaneous withdrawal of consent for data processing related to our website. How does this work? What and on what basis do we retain if newsletter consent is withdrawn? In the case of consents, each consent is for a specific purpose, so registration on the website and newsletter subscription are two separate purposes, two separate databases; the two cannot be linked.

We undertake to register the withdrawal of individual consents or cancellations within 15 days for technical reasons.

6. What you need to know about prize draws

Our company may organize prize draws on a campaign basis, the specific conditions of which are contained in separate rules. The rules of the current promotion can always be found on the homepage of our website, at a centrally placed link.

7. Other data processing issues

We may only transfer your data within the framework defined by law, and in the case of our data processors, we ensure through contractual conditions that they cannot use your personal data for purposes contrary to your consent. Further information can be found in Section 2.

Our company does not transfer data abroad.

Courts, prosecutors, and other authorities (e.g., police, tax office, National Authority for Data Protection and Freedom of Information) may contact our company to provide information, disclose data, or make documents available. In these cases, we must fulfill our data provision obligation, but only to the extent strictly necessary to achieve the purpose of the request.

Collaborators and employees involved in our company’s data processing and/or data processing are authorized to access your personal data to a predetermined extent—under confidentiality obligations.

We protect your personal data with appropriate technical and other measures, ensure the security and availability of data, and protect them from unauthorized access, alteration, damage, disclosure, and any other unauthorized use.

As part of organizational measures, we control physical access to our buildings, continuously train our employees, and keep paper-based documents securely locked. As part of technical measures, we use encryption, password protection, and antivirus software. However, we draw your attention to the fact that data transmission over the internet cannot be considered completely secure. Our company does everything possible to make the processes as secure as possible, but we cannot assume full responsibility for data transmission through our website; however, we maintain strict regulations regarding the data received by our company to ensure the security of your data and prevent unauthorized access.

Regarding security issues, we ask for your assistance in carefully safeguarding your access password to our website and not sharing this password with anyone.

8. What are your rights and remedies?

You may request information about data processing,

  • request the correction, modification, or completion of your personal data processed by us,
  • object to data processing and request the deletion and blocking of your data (except for mandatory data processing),
  • seek legal remedy before a court,
  • file a complaint with the supervisory authority or initiate proceedings (https://naih.hu/panaszuegyintezes-rendje.html).

Supervisory Authority: National Authority for Data Protection and Freedom of Information

  • Registered office: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.
  • Postal address: 1530 Budapest, P.O. Box: 5.
  • Phone: +36 (1) 391-1400
  • Fax: +36 (1) 391-1410
  • Email: ugyfelszolgalat@naih.hu
  • Website: https://naih.hu/

Upon your request, we will provide information about your data processed by us or processed by us—or by our commissioned data processor—regarding

  • your data,
  • their source,
  • the purpose and legal basis of data processing,
  • its duration, or if this is not possible, the criteria for determining this duration,
  • the name, address, and data processing activities of our data processors,
  • the circumstances, effects, and measures taken to eliminate and prevent data protection incidents, and
  • in the case of transfer of your personal data, the legal basis and recipient of the data transfer.

We will provide our information within 15 days (but no later than 1 month) from the submission of the request. The information is free of charge except when you have already submitted a request for information regarding the same data set during the current year. We will refund the cost reimbursement you have already paid if the data were processed unlawfully or if the request for information led to correction. We may refuse to provide information only in cases specified by law, citing the legal provision and informing you of the possibility of judicial remedy or contacting the Authority.

Our company will notify you, as well as all those to whom the data were previously transferred for data processing purposes, about the correction, blocking, marking, and deletion of personal data, except when the omission of notification does not violate your legitimate interests.
If we do not fulfill your request for correction, blocking, or deletion, we will communicate the reasons for our refusal in writing or—with your consent—electronically within 15 days (but no later than 1 month) from receipt of the request and inform you of the possibility of judicial remedy and contacting the Authority.

If you object to the processing of your personal data, we will examine the objection within 15 days (but no later than 1 month) from the submission of the request and inform you of our decision in writing. If we decide that your objection is justified, we will terminate data processing—including further data collection and data transfer—and block the data, and notify all those to whom we previously transferred the personal data affected by the objection, who are obliged to take measures to enforce the right to object.
We will refuse to fulfill the request if we prove that data processing is justified by compelling legitimate grounds that take precedence over your interests, rights, and freedoms, or that are related to the establishment, exercise, or defense of legal claims. If you do not agree with our decision, or if we miss the deadline, you may turn to a court within 30 days from the communication of the decision or the last day of the deadline.

Data protection cases fall under the jurisdiction of the regional court; the case may also be initiated before the regional court of the data subject’s place of residence or stay, at the data subject’s choice. Foreign nationals may also file a complaint with the supervisory authority competent according to their place of residence.

We ask you to contact our company before turning to the supervisory authority or court with your complaint—for consultation and the fastest possible resolution of the problem.

9. What are the main applicable laws governing our activities?

  • Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data (GDPR)
  • Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information – (Info Act)
  • Act V of 2013 on the Civil Code (Civil Code)
  • Act CVIII of 2001 on certain issues of electronic commerce services and information society services – (E-commerce Act)
  • Act C of 2003 on Electronic Communications – (Electronic Communications Act)
  • Act CLV of 1997 on Consumer Protection (Consumer Protection Act)
  • Act CLXV of 2013 on Complaints and Public Interest Disclosures (Complaints Act)
  • Act XLVIII of 2008 on the basic conditions and certain restrictions of commercial advertising activities (Advertising Act)

10. Modification of the Data Processing Notice

Our company reserves the right to modify this Data Processing Notice, about which it will inform the data subjects appropriately. Information related to data processing is published on the www.szegedipaprika.hu website.

Dated: Szeged, 25 June 2026

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.