Contact
Contact

Privacy notice

Privacy Policy

REFU Hungary Kft.
(registered office: 2030 Érd, Turul utca 10., Hungary;
tax number: 29190423-2-13;
represented by: Gábor Bartus, Managing Director)
(hereinafter referred to as the “Data Controller”)

The Data Controller considers the protection of personal data and the respect of the right to informational self-determination to be of paramount importance. During its data processing activities, the Data Controller acts in accordance with the following legislation:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR)

  • Act CXII of 2011 on Informational Self-Determination and Freedom of Information (Hungary)

1. Data Controller details

Company name: REFU Hungary Kft.
Registered office: 2030 Érd, Turul utca 10., Hungary
Tax number: 29190423-2-13
Representative: Gábor Bartus, Managing Director
E-mail: sales.hu@refu.com
Website: https://refusol.hu/

2. Categories of personal data processed

The Data Controller may process the following categories of personal data:

  • Contact data: name, email address, telephone number

  • Service-related data: orders, requests for quotation, customer preferences

  • Technical data: cookies, IP address, device identifiers, browsing data related to the website

3. Purposes and legal bases of data processing

The Data Controller processes personal data exclusively for specified purposes:

  • Communication: responding to enquiries from customers and partners, handling requests for quotation
    (GDPR Article 6(1)(b) – performance of a contract)

  • Provision of services: supplying products and services offered by REFU Hungary Kft.
    (GDPR Article 6(1)(b))

  • Compliance with legal obligations: data retention obligations arising from accounting and tax legislation
    (GDPR Article 6(1)(c))

  • Website operation and optimisation: statistical analysis and improving operational security
    (GDPR Article 6(1)(f) – legitimate interest)

4. Marketing and business communications (B2B)

In connection with its business and professional activities, the Data Controller may contact corporate representatives for professional and business-related informational purposes on the basis of its legitimate interest pursuant to Article 6(1)(f) of the GDPR.

Purpose of data processing:

  • initiating and maintaining professional and business relationships

  • providing information about products, services, events or professional content

  • presenting potential cooperation opportunities

Legal basis of data processing:

  • the legitimate interest of the Data Controller in maintaining and developing B2B business communication

The processing is limited exclusively to personal data that:

  • originates from publicly available business sources (e.g. company websites, professional databases, business-oriented platforms), or

  • is related to the data subject’s professional role (name, business email address, job title or position)

The Data Controller ensures that:

  • communications are professionally relevant and proportionate, and

  • data subjects may easily and immediately unsubscribe from further communications in every message

Upon unsubscribing, the data subject’s personal data will be deleted without delay from the marketing and business communication database, and the Data Controller will no longer send such communications.

5. Duration of data processing

The Data Controller processes personal data for the following periods:

  • Contact data: for the duration of the relationship or until deletion is requested by the data subject

  • Billing data: for the period prescribed by tax and accounting regulations (8 years)

  • Website-related data: until the purpose of data collection is fulfilled, but no longer than 2 years

6. Data transfers and data processors

The Data Controller does not transfer personal data to third parties, except where:

  • required by law, or

  • the data subject has given explicit consent

The Data Controller may use data processors, such as:

  • hosting service providers for website operation

  • accounting service providers for fulfilling accounting obligations

7. Rights of data subjects

Data subjects may exercise the following rights:

  • Right of access: to obtain information about the processing of their personal data

  • Right to rectification: to request correction of inaccurate personal data

  • Right to erasure: to request deletion of personal data where it is no longer necessary

  • Right to data portability: to request transfer of their data to another service provider

  • Right to object: to object to data processing based on legitimate interest

Data subjects may exercise their rights by contacting the Data Controller at:
sales.hu@refu.com

8. Data security

The Data Controller implements appropriate technical and organisational measures to ensure the security of personal data, in particular to protect against unauthorised access, data loss and misuse.

9. Remedies

Data subjects may lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH) if they believe that the processing of their personal data does not comply with applicable laws.

NAIH contact details:

Website: www.naih.hu
Address: 1055 Budapest, Falk Miksa utca 9–11., Hungary
E-mail: ugyfelszolgalat@naih.hu
Telephone: +36 1 391 1400

10. Updates

This Privacy Policy entered into force on 18 December 2024.
The Data Controller reserves the right to amend this Privacy Policy.