Privacy Policy
Last updated: 9 July 2026
Szatunaplex Kft. (hereinafter: the “Controller”) is committed to protecting the personal data of visitors to its website and of partners who contact it. This policy has been prepared in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (the General Data Protection Regulation, hereinafter: “GDPR”) and applicable Hungarian data protection law (Act CXII of 2011).
Please read this policy carefully before using our website or providing your data.
1. Controller details
The Controller is not required to appoint a data protection officer, but is happy to assist with any data processing questions at the contact details above.
- Company: Szatunaplex Kft. (Szatunaplex Műanyagipari Kft.)
- Registered seat: 8184 Balatonfűzfő, plot no. 1498/85, Hungary
- Company registration number: 19-09-504681 (Veszprém County Court of Registration)
- Tax number: 11762487-2-19
- Represented by: János Mátyás Tóth, managing director
- E-mail: janos.toth@szatuna.hu
- Phone: +36 20 394 1033
- Website: https://szatunaplex.hu
2. Scope, purpose and legal basis of processing
The Controller processes only personal data that is necessary to achieve the given purpose, and only to the extent and for the period strictly necessary to fulfil that purpose.
| Processing | Data processed | Purpose | Legal basis | Retention |
|---|---|---|---|---|
| Contact / quote request | Name, e-mail address, phone number, message content, company name | Responding to enquiries, providing quotes, keeping in contact | Consent of the data subject and steps prior to entering into a contract [GDPR Art. 6(1)(a) and (b)] | Up to 5 years after the enquiry is closed, or until consent is withdrawn |
| Newsletter / e-mail marketing (Omnisend) | Name, e-mail address | Sending marketing content and newsletters | Consent of the data subject [GDPR Art. 6(1)(a)] | Until consent is withdrawn (unsubscribe) |
| Website operation and analytics (cookies) | Device and browser data, IP address, usage data | Operating the website, traffic measurement, marketing | Legitimate interest for necessary cookies; otherwise consent [GDPR Art. 6(1)(a) and (f)] | As stated in the Cookie Policy |
3. Processors and data transfers
In providing its services, the Controller uses the following processors. The processors process personal data solely on the Controller's instructions and for the purposes set out in this policy.
- Hosting: Vercel Inc. (340 S Lemon Ave #4133, Walnut, CA 91789, USA) – operating the website.
- Contact form and CRM: Bitrix24 (Bitrix, Inc., 901 N. Pitt St, Suite 325, Alexandria, VA 22314, USA) – receiving and managing enquiries.
- E-mail marketing: Omnisend (Soundest Ltd., 3rd Floor, 14 Hanover Street, London, W1S 1YH, United Kingdom) – newsletters and marketing communication.
- Social media measurement: Meta Platforms Ireland Ltd. (Merrion Road, Dublin 4, D04 X2K5, Ireland) – ad measurement via the Meta Pixel.
4. Transfers to third countries
Some processors (e.g. Vercel, Bitrix24, Meta) may process data outside the European Economic Area, in part in the United States. Such transfers take place with appropriate safeguards – including the Standard Contractual Clauses (SCC) adopted by the European Commission and the provider's participation in an adequacy framework (e.g. the EU–U.S. Data Privacy Framework) – in line with Chapter V of the GDPR.
5. Data security
The Controller applies appropriate technical and organisational measures to ensure the security of personal data and to protect it against unauthorised access, alteration, transfer, disclosure, deletion or destruction, as well as accidental loss or damage. The website is accessible over an encrypted (HTTPS) connection.
6. Rights of the data subject
Subject to the conditions set out in law, the data subject may exercise the following rights in relation to the processing of their personal data:
- the right to information and access (GDPR Art. 15);
- the right to rectification (GDPR Art. 16);
- the right to erasure (“right to be forgotten”, GDPR Art. 17);
- the right to restriction of processing (GDPR Art. 18);
- the right to data portability (GDPR Art. 20);
- the right to object (GDPR Art. 21);
- the right to withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.
7. Remedies
You may submit your request or complaint primarily using the Controller's contact details above. If you consider that the processing of your data infringes the law, you may lodge a complaint with the supervisory authority or the courts.
- Supervisory authority: Hungarian National Authority for Data Protection and Freedom of Information (NAIH). Address: 1055 Budapest, Falk Miksa utca 9-11., Hungary; Postal: 1363 Budapest, Pf. 9.; Phone: +36 1 391 1400; E-mail: ugyfelszolgalat@naih.hu; Web: www.naih.hu
- You may also turn to the court competent for your place of residence or stay.
8. Amendments
The Controller reserves the right to amend this policy unilaterally within the limits of applicable law. The current version is available on the website at all times.
