en

Privacy Policy

1. Purpose and Duration of Data Processing
1.1. AURA Traditional Thai Massage Ltd. (hereinafter: "Data Controller") pays special attention to ensuring that the processing of personal data of natural persons (hereinafter: "Data Subject") complies with Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter: "Regulation"), Act CXII of 2011 on the right of informational self-determination and freedom of information (hereinafter: "Infotv."), other applicable legislation on personal data protection, the practices developed by the National Authority for Data Protection and Freedom of Information (NAIH), and relevant international recommendations.

1.2. The Data Controller:

  • acknowledges the binding nature of this privacy notice;

  • undertakes to ensure that all data processing related to its activities complies with this policy, national laws, and EU legal acts;

  • ensures that personal data provided for processing are treated confidentially, implementing all necessary technical, organizational, and security measures to guarantee data safety;

  • reserves the right to modify this privacy policy at any time.

1.3. All personal data received via the contact form on www.aurathai.hu, by phone, or email will be used solely for customer relationship management purposes.

1.4. Personal data will be stored for a maximum of 1 year from the date of submission, after which they will be permanently deleted.

1.5. If the Data Subject makes another inquiry during the data retention period, the retention period restarts from the new submission date.

2. Data Controller Information
Company name: AURA Traditional Thai Massage Ltd.
Registered office: 7636 Pécs, Visnya Ernő Street 14, 3rd floor, door 12
Email: aurathaimasszazs@gmail.com
Company registration number: 02 09 088552
Tax number: 32634954-1-02
Registering authority: Pécs Tribunal Court of Registration
Phone: +36 30 750 3980

3. Scope of Processed Personal Data
The following personal data are required when contacting or consenting to data processing (* indicates mandatory fields):

  • Name*

  • Email address*

  • Phone number*

  • Additional personal data provided by the Data Subject, such as address, company headquarters, or tax number for online payment

4. Purpose, Method, and Legal Basis of Data Processing
4.1. Data processing by the Data Controller is based on voluntary consent or statutory authorization. Consent can be withdrawn at any time for processing based on voluntary agreement. Some data processing may be legally mandatory; clients will be informed separately. If the data provided does not belong to the person submitting it, it is their responsibility to obtain consent from the relevant individual.

4.2. Personal data may also be processed to comply with EU or Hungarian legal obligations.

4.3. The Data Controller may process personal data to protect its legitimate interests or those of a third party, following a balancing test to ensure proportionality with the Data Subject's rights and privacy.

4.4. Failure to provide mandatory or partial data may prevent the execution of certain processes.

4.5. Persons authorized to access data:

  • The Data Controller's executive officer

  • Authorized staff members of the Data Controller

4.6. Personal data are stored and managed exclusively by the Data Controller and are not accessible to third parties, except when legally required or necessary for enforcing legal claims.

4.7. Data processing principles comply with:

  • Act CXII of 2011 (Infotv.)

  • Regulation (EU) 2016/679 (GDPR)

  • Act V of 2013 (Civil Code)

  • Act C of 2000 (Accounting Act)

5. Cookies
5.1. The website places small data files ("cookies") on the user's device for personalized service and retrieves them on subsequent visits.

5.2. Cookies:

  • Store technical information about website visitors and devices

  • Remember individual preferences

  • Facilitate website use

  • Ensure a quality user experience

5.3. Session cookies are essential for smooth browsing and expire after 2 hours by default, renewed with active use.

5.4. The website also uses Google Analytics cookies to collect statistical information on how visitors use the site, improving functionality and user experience.

6. Rights of the Data Subject
6.1. The Data Subject may request information on data processing, correction, deletion, withdrawal of consent, data portability, and objection to processing, except for mandatory processing.

6.2. Right to Information: Processing occurs only with the Data Subject's voluntary, informed, and explicit consent, given in writing, electronically, or verbally. Consent applies to all processing activities for the specified purpose(s).

6.3. Access, Correction, and Deletion: The Data Subject may access and request correction or deletion of inaccurate or unnecessary personal data. The Data Controller must provide clear information within one month of receiving such requests.

6.4. Right to Data Portability: The Data Subject may receive their personal data in a structured, widely used, machine-readable format and transmit them to another controller.

6.5. Right to Object and Withdraw Consent: The Data Subject may object to processing for public interest, official authority, or legitimate interests, including profiling, at any time. Consent can also be withdrawn at any time.

6.6. Enforcement of Rights: Rights may be enforced in court and via the National Authority for Data Protection and Freedom of Information (NAIH).

6.7. Data Protection Authority Contact:

  • Name: National Authority for Data Protection and Freedom of Information (NAIH)

  • Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C

  • Mailing address: 1530 Budapest, Pf.: 5

  • Phone: +36 (1) 391 1400

  • Fax: +36 (1) 391 1410

  • Email: ugyfelszolgalat@naih.hu

  • Website: www.naih.hu

7. Other Provisions
The Data Controller will inform the Data Subject about data processing not listed or detailed in this policy. The Data Controller must cooperate with authorities requesting information for lawful purposes, providing only the necessary data.

Pécs, 01 February 2025