1097 Budapest, Vaskapu utca 10-14. • +36 70 500 1484hello@cafeinjoy.hu

Data Protection Notice

The purpose of this Data Protection Notice is to ensure that data subjects receive appropriate information in accordance with data protection regulations regarding the data processing activities carried out by Family Bisztró Kft. (hereinafter referred to as the “Data Controller”) and are able to exercise their lawful rights.

Data Controller:

The current details of the Data Controller are as follows:

  • Name: Family Bisztró Kft.
  • Registered office: 1116 Budapest, Kenderes utca 3.
  • Company registration number: 01-09-394418
  • Tax number: 27551602-2-43
  • Represented by: Ferenc Balogh
  • E-mail: hello@cafeinjoy.hu


Personal data are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 17 April 2016 (General Data Protection Regulation – GDPR) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and Act CXII of 2011 on Informational Self-Determination and Freedom of Information (Infotv.).

Scope of processed personal data, purpose, duration and legal basis of data processing

Purpose of data processing: Contact

Visitors may contact the Data Controller by sending an email to the address provided under the “Contact” menu item on the website or by completing the contact form.

Data subject: the sender of the message

Scope of processed data: name, e-mail address, phone number, message and subject

Legal basis of data processing: consent of the data subject

Purpose of data processing: contacting the Data Controller

Data processing platform: electronic

Persons authorized to access the data: the Data Controller and those internal employees of the Data Controller whose job responsibilities require access to and processing of the data.

Data transfer: The Data Controller does not transfer personal data to third parties, except where required by law (e.g. courts, investigative authorities, prosecutors).

Data retention period: until the withdrawal of consent, or if the data may be required for the enforcement of claims, for 5 years (statutory limitation period under the Civil Code); otherwise, for 30 days following receipt of the message

Possible consequences of failure to provide data: unsuccessful communication

Purpose of data processing: Data processed in connection with website visits
Scope of processed data Purpose of data processing Legal basis Retention period
IP address, time of visit, operating system and browser type used by the visitor Ensuring the proper and high-quality operation of the website, monitoring and improving service quality, identifying visitors attacking the website Legitimate interest (GDPR Article 6(1)(f)) The IP address is stored for 7 days and then automatically deleted.
Purpose of data processing: Cookies used on the website

When visiting the website at [website address], a small file called a “cookie” is placed on the visitor’s computer, which may serve several purposes.

Some of the cookies we use are essential for the proper operation of the website (“session cookies”), while others collect information about website usage (statistical cookies) to make the site more convenient and useful. Some cookies are temporary and are deleted when the browser is closed, while others are persistent and remain on the user’s device for a longer period.

The legal basis for processing cookies necessary for the operation of the website is the legitimate interest of the Data Controller, supported by a balancing of interests test.

Session cookies

Session cookies are necessary for browsing the website and using its basic functions, including remembering actions performed by the visitor on a given page, function or service. Without session cookies, smooth website operation cannot be guaranteed. These cookies are valid for the duration of the visit and are automatically deleted at the end of the session or when the browser is closed.

The use of session cookies complies with applicable legal requirements.

Cookies used for statistical purposes

We aim to tailor website content to visitors’ preferences; therefore, we collect statistics on website usage.

The website uses the following cookies for statistical purposes:

Cookies used for marketing purposes

The purpose of marketing cookies is to display advertisements that are most relevant or interesting to visitors and to measure the performance of our campaigns.

When visiting the website, a separate Cookie Policy is available via the link provided in the pop-up window.

Purpose of data processing: Navigation to social media platforms

If the visitor is logged into their account on a selected social media platform at the same time, their visit may be linked to their user account.

Links to Facebook and Instagram are indicated by icons operated by Meta Platforms Ireland Limited (registered office: 4 Grand Canal Square, Grand Canal Harbour, Dublin 662881).

Further information on Facebook and Instagram data processing policies:
https://www.facebook.com/privacy/explanation
https://privacycenter.instagram.com/policy

Links to Twitter are indicated by icons operated by Twitter, Inc. (1355 Market Street, San Francisco, CA, USA).
Further information: https://twitter.com/en/privacy

Links to LinkedIn are indicated by icons operated by Microsoft Corporation (605 W Maude Ave, Sunnyvale, CA 94085, USA).
Further information: https://www.linkedin.com/legal/privacy-policy

Rights of data subjects

Data subjects may request information in writing at any time regarding the processing of their personal data, request correction or deletion, or withdraw their consent using the contact details provided. The right to erasure does not apply where data processing is required by law.

Right to information: Upon request, the Data Controller provides the information listed in Articles 13–14 and 15–22 and 34 of the GDPR in a concise and clear manner.

Right of access: The data subject is entitled to receive confirmation as to whether personal data concerning them are being processed and access related information.

Right to rectification: The data subject may request the correction of inaccurate personal data.

Right to erasure: The Data Controller deletes personal data without undue delay if statutory conditions are met.

Right to restriction of processing: The Data Controller restricts processing upon request where applicable.

Right to withdraw consent: Consent may be withdrawn at any time in writing; this does not affect the lawfulness of processing prior to withdrawal.

Right to data portability: The data subject may request the transfer of their data in a commonly used, machine-readable format.

The Data Controller applies appropriate technical and organizational measures to protect electronically processed data.

Complaints may be submitted to the National Authority for Data Protection and Freedom of Information (NAIH): Budapest, Falk Miksa u. 9–11, 1055; phone: +36 1 391 1400; e-mail: ugyfelszolgalat@naih.hu; website: www.naih.hu.

In the event of a violation of rights, the data subject may bring the matter before a cour

1097 Budapest, Vaskapu utca 10-14. • '+36 70 500 1484 • hello@cafeinjoy.hu