COOKIE MANAGEMENT PRIVACY NOTICE

Helen-Dent Kft., the operator of Hotel Kálvária**** (hereinafter: the “Data Controller” or the “Hotel”), hereby provides you with the following information on the processing of your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation – GDPR).

1. DATA CONTROLLER AND CONTACT DETAILS

Data Controller: Helen-Dent Kft. (Hotel Kálvária****)

Registered address: 9024 Győr, Kálvária utca 24/A

Telephone: +36 96/510-800

E-mail: info@hotel-kalvaria.hu

2. WHAT ARE COOKIES AND WHICH TYPES DOES THE HOTEL USE?

When you visit the Hotel Kálvária**** website, small text files (“cookies”) are placed on your computer, mobile phone, or tablet. Cookies support various functions of the website and help us provide a secure and user-friendly online experience. Upon your first visit, you are informed about cookie usage through a pop-up banner, where you may manage your cookie preferences.

Consent is not required for cookies that are strictly necessary for the functioning of the website.

Types of cookies used by the Data Controller

1. Strictly necessary cookies

These cookies are essential for navigating the website and enabling its core functions. They do not collect information for marketing purposes. Without these cookies, the website may not function properly and certain features (e.g., form submission) may not be available.

2. Statistical cookies

These cookies help the website owner understand how visitors interact with the site by collecting information in an anonymised manner.

3. Third-party cookies (e.g., Google Analytics)

Google Analytics uses cookies to record the IP address of the visitor’s device for statistical, analytical, and security purposes. Data is stored on the visitor’s device.

Independent measurement and auditing of website traffic is carried out via Google Analytics servers.

Further information on Google Analytics’ data processing is available at https://www.google.com/analytics and Google’s privacy policy at http://www.google.hu/intl/hu/policies/privacy/.

The data transferred does not enable the direct identification of visitors; only the IP address of the device can be recognised.

Detailed information about the specific cookies used on our website is available in the cookie banner displayed at the start of browsing.

Browser cookie settings

Most modern browsers allow you to change cookie settings. Although many accept cookies by default, you can modify these settings to reject or block certain types of cookies. In this case, the browser will prompt you each time to choose cookie settings.

Cookie management links by browser:

• Chrome: https://support.google.com/chrome/answer/95647

• Firefox: https://support.mozilla.org/hu/kb/sutik-informacio-amelyet-weboldalak-tarolnak-szami

• Internet Explorer: https://support.microsoft.com (search for “cookies”)

• Safari: https://support.apple.com/hu-hu (search for “cookies”)

• Opera: http://help.opera.com/Windows/10.50/hu/cookies.html

Please note that disabling cookies may limit the functionality of the website and certain features may not work as intended.

3. PURPOSES OF PROCESSING PERSONAL DATA

Personal data collected through cookies is processed for the following purposes:

• ensuring the proper and secure operation of the website,

• analysing website traffic and visitor behaviour,

• supporting marketing activities.

4. LEGAL GROUNDS FOR PROCESSING

• The processing of personal data necessary for the technical operation and usability of the website is carried out on the basis of the Data Controller’s legitimate interest (GDPR Article 6(1)(f)). This interest is to ensure access to the Hotel’s online services and the proper functioning of its website.

• The processing of data for visitor analytics and marketing purposes is based on your consent (GDPR Article 6(1)(a)). Consent is given by selecting the relevant options in the cookie banner displayed upon your first visit to the website.

5. CATEGORIES OF PERSONAL DATA PROCESSED

• the IP address of the device used to access the website,

• technical browsing data collected by cookies (approximate location, session duration, frequency of visits, etc.).

6. RECIPIENTS OF PERSONAL DATA

The Hotel uses external service providers for website hosting, operation, and online marketing. These contracted partners may have access to your personal data only to the extent necessary to perform their tasks.

Data processors may handle personal data exclusively on behalf of and under the instructions of the Data Controller and only for the purposes specified in the contract. The Data Controller engages only partners who provide sufficient guarantees of compliance with applicable data protection regulations.

Public authorities (e.g., courts, government agencies) may gain access to personal data as permitted by EU or national law. If the Data Controller receives a legally binding request (e.g., a court order), it is obliged to comply.

7. RETENTION PERIOD

• Strictly necessary session cookies are stored only for the duration of your visit and are deleted when the session ends.

• All other cookies remain stored until their predefined expiry date or until you withdraw your consent.

8. YOUR RIGHTS IN RELATION TO DATA PROCESSING

You may exercise your rights after verifying your identity. You are entitled to:

• access your personal data,

• request rectification of inaccurate or incomplete data,

• withdraw consent at any time (cookie settings can be modified via the icon located in the lower left corner of the website),

• request erasure of your personal data,

• request restriction of processing,

• object to processing based on legitimate interest (e.g., by adjusting your browser settings),

• exercise your right to data portability (where processing is automated).

8.1. Submitting a rights request

You may submit your request in writing (with full probative force) by post or electronically via e-mail to the contact details listed in Section 1.

E-mail requests must be sent from an e-mail address previously provided to and registered by the Data Controller; otherwise, additional identity verification may be required.

You may also make your request verbally to the receptionist or hotel manager, who will record and forward it for processing.

8.2. Response to your request

You will receive a response within one month of receipt of your request, unless an extension is justified.

This deadline may be extended by a further two months depending on the complexity of the request or the volume of pending requests. In such cases, we will notify you within one month of receiving your request.

8.3. Remedies

While we recommend contacting the Data Controller first with any concerns, you retain the right to lodge a complaint with:

Hungarian National Authority for Data Protection and Freedom of Information (NAIH)

Address: 1055 Budapest, Falk Miksa u. 9–11.

Mailing address: 1363 Budapest, Pf. 9.

Telephone: +36 (1) 391-1400

Further information: www.naih.hu

You may also seek judicial remedy before the competent regional court based on your place of residence or stay.

This Privacy Notice supersedes the previous Privacy Statement effective from 25 May 2018 and amended on 1 June 2019.

Győr, 2025