Data Protection Notice
We inform you, as a visitor to our website and as a user of our services, about our company's data management and data protection rules.
1. What principles do we follow in our data management?
- We process personal data lawfully and fairly, in a way that is transparent to you.
- We only collect data for specified, explicit and legitimate purposes.
- We collect and process data only to the extent necessary.
- We take all reasonable steps to ensure that the data is accurate and up to date.
- The data is only stored for the time necessary to achieve the purposes for which it is collected.
- We take appropriate technical and organisational measures to ensure data security.
2. Your personal data
- on the basis of your prior informed and voluntary consent and only to the extent necessary and in any case for the purposes for which it is collected, aggregated, processed, stored and used.
- in some cases, the processing of your data is based on legal requirements and is mandatory, in which case we will draw your attention to this fact.
- or, in certain cases, our Company or a third party has a legitimate interest in the processing of your personal data, such as the operation, development and security of our website.
3. Who are we?
Company name: Living Marbella Ltd.
Seat: 1123 Budapest, Kék Golyó utca 2/B 2nd floor door 2
Websites: https://livingmarbella.hu
Phone number: +36 30 338 3101
Email: [email protected]
Tax number: 32331747-2-43
Company registration number: 01 09 418568
Data Protection Officer
Our Company is not obliged to appoint a Data Protection Officer under Article 37 of the GDPR.
Hosting and data processors
Our Company uses the following data processors for the processing of data in order to provide our customers with high quality service:
| Name | Address | Activity |
| NLGSYS. | 1132 Budapest, Victor Hugó utca 18-22. | Repository service, database maintenance |
If we change the scope of our data processors, we will reflect the changes in this notice.
The data we process
| Activity | Legal basis | Data processed | Duration |
| Visit the website | The legitimate interest of our company | IP address, visit time, subpages | 1 month |
| Administration, complaint handling | Legal obligation | Name, email, phone number, message | 5 years |
We only ask visitors to our website for their personal information if they register or log in.
We cannot link the personal information you provide in connection with your registration or use of our marketing services and we do not aim to identify our visitors.
If you have any questions about data processing, you can request further information by sending an e-mail to [email protected] or by post, and we will respond to you without delay within 20 days (but no later than 1 month) to the contact details you have provided.
What are cookies and how to deal with them?
Cookies are small data files (hereinafter "cookies") that are transferred to your computer through the use of the website by your website by being saved and stored by your internet browser. Most commonly used internet browsers (Chrome, Firefox, etc.) accept and allow the download and use of cookies by default, but it is up to you to modify your browser settings to refuse or block them, or to delete cookies already stored on your computer.
Some cookies do not require your prior consent. Our website will provide you with brief information about these cookies when you first visit our site, such as authentication cookies, multimedia player cookies, load balancing cookies, session cookies to help you customise the user interface, and user-centric security cookies.
Our Company will inform you and ask for your consent about cookies that require your consent, if the processing starts when you visit the site, at the beginning of your first visit.
We do not use or allow cookies that enable third parties to collect data without your consent.
Acceptance of cookies is not mandatory, but our Company is not responsible if our website does not function as expected without the acceptance of cookies.
What Cookies Do We Use?
| Type | Name | Contribution | Description | Target |
| System cookies | Not required | Not required | A session cookie in the web application firewall to prevent cross-referencing abuse. | Ensuring the functioning of the website |
| Tracking cookie | Yes | Consent required | Used to annotate user preferences and improve the efficiency of the service. | Personalisation |
| Tracking cookie (third party) | Not required | Not required | To identify new sessions and visitors, the Google Analytics web tracking service saved data. | Collection of statistical data |
More information about third-party cookies: Google Cookie Policy, and data protection: Google Analytics Privacy.
What else do you need to know about our Privacy Policy in relation to our Website?
You voluntarily provide us with personal data when registering or contacting our Company. When providing us with your data, we ask you to pay particular attention to its truthfulness, accuracy and correctness, for which you are responsible. Incorrect, inaccurate or incomplete data may prevent you from using our services.
If you do not provide your own personal data but that of another person, we will assume that you have the necessary authorisation to do so.
Your rights regarding the withdrawal of consent
- By deleting the registration.
- By withdrawing consent to the processing.
- By withdrawing your consent or requesting the blocking of the data you have filled in during registration.
For technical reasons, a 30-day deadline is set for the registration of the withdrawal of consent. Please note that we may process certain data after withdrawal of consent in order to comply with a legal obligation or to pursue our legitimate interests.
Misleading data and criminal offences
In the event of the use of misleading personal data, or if one of our visitors commits a crime or attacks our Company's system, we will delete the data of that visitor immediately upon termination of his/her registration. If necessary, we will retain the data for the duration of any civil or criminal proceedings.
Other Data Processing Questions
We may only transfer your data within the limits set by law. In the case of our data processors, we have contractual clauses to ensure that they cannot use your personal data for purposes that are not in accordance with your consent. For more information, see section 2.
Our company does not transfer data abroad.
Requests from public authorities
The court, the prosecution and other authorities (e.g. police, tax authorities, National Authority for Data Protection and Freedom of Information) may contact our Company for information, data or documents. In these cases, we must comply with our obligation to provide information, but only to the extent strictly necessary to achieve the purpose of the request.
Parties involved in data management
Our contractors and employees involved in the processing of your personal data are entitled to have access to your personal data to the extent specified in advance, subject to confidentiality obligations.
Data security
We take appropriate technical and other measures to protect your personal data and ensure its security and availability. We protect it from unauthorised access, alteration, damage, disclosure and any other unauthorised use.
Organisational measures: physical access is controlled in our buildings, employees are continuously trained and paper documents are kept locked away with appropriate protection.
Technical measures: we use encryption, password protection and anti-virus software. Please note, however, that the transmission of data over the Internet cannot be considered completely secure. We make every effort to keep our processes secure, but we cannot accept full responsibility for the transmission of data via our website.
User help and password protection
In relation to security issues, we ask for your help in carefully remembering your password to our website and not to share this password with anyone.
What are your Rights and Remedies?
- You can request information on data processing.
- You may request the rectification, modification or completion of the personal data we process.
- You can object to the processing and request the erasure and blocking of your data (except for mandatory processing).
- You can appeal to the courts.
- You can lodge a complaint with a supervisory authority or initiate proceedings: https://naih.hu/panaszuegyintezes-rendje.html.
Supervisory Authority:National Authority for Data Protection and Freedom of Information
- Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.
- Address for correspondence: 1530 Budapest, Pf.: 5.
- Phone: +36 (1) 391-1400
- Fax: +36 (1) 391-1410
- E-mail: [email protected]
- Website: https://naih.hu/
Request for information
At your request, we will provide you with information about the personal data that we process or that is processed by us or by our data processors:
- about your data,
- their source,
- the purposes and legal basis of the processing,
- and, if this is not possible, the criteria for determining this period,
- the names and addresses of our data processors and their data processing activities,
- the circumstances and effects of data breaches and the measures we take to prevent and respond to them,
- the legal basis and recipient of the transfer of your personal data.
We will provide you with information within 10 days (but not more than 1 month) of the request. The information will be provided free of charge, unless you have already submitted a request for information on the same data in the current year. We will reimburse you for any charges you have already paid if we have processed the data unlawfully or if the request for information has led to a correction.
Correction, blocking and deletion of data
Our Company will notify you of the rectification, blocking, flagging and erasure of personal data, as well as all those to whom it has previously disclosed the data for processing, unless the non-notification is not in your legitimate interest.
If we do not comply with your request for rectification, blocking or erasure, we will provide you with the reasons for our refusal in writing or, with your consent, by electronic means within 10 days (but not more than 1 month) of receipt of the request and inform you of the possibility of judicial remedy and of recourse to the Authority.
Objection to data processing
If you object to the processing of your personal data, we will consider your objection within 10 days (but not more than 1 month) of the date of your request and inform you in writing of our decision. If we decide that your objection is justified, we will stop the processing, including any further collection and transfer, and block the data.
Refusal of a request and judicial remedies
We will refuse to comply with your request if we can demonstrate compelling legitimate grounds for processing which override your rights or for the establishment, exercise or defence of legal claims. If you do not agree with our decision or if we fail to comply with the time limit, you have 30 days from the date of notification of the decision or the last day of the time limit to take legal action.
Court proceedings
The Tribunal has jurisdiction to hear data protection cases. A lawsuit may also be brought before the court of the place of residence or domicile of the data subject, at the data subject's choice. A foreign national may also lodge a complaint with the supervisory authority of his/her place of residence.
Contacting and negotiating
Please contact our Company first before taking your complaint to the supervisory authority or the courts in order to discuss and resolve the problem as quickly as possible.
What are the Main Legislation Governing Our Activities?
- Regulation (EU) 2016/679 of the European Parliament and of the Council on the processing of personal data of natural persons (GDPR)
- Act CXII of 2003 on the Right to Informational Self-Determination and Freedom of Information (Info tv.)
- Act V of the Civil Code (Civil Code Act V of 2003)
- Act CVIII of 2003 on certain aspects of electronic commerce services and information society services (Eker tv.)
- Act C of 2002 on electronic communications (Ehtv)
- the CLV Act on Consumer Protection (Fogyv tv.)
- Act CLXV of the year on complaints and notifications of public interest (Pktv.)
- Act XLVIII of 2003 on the Basic Conditions and Certain Restrictions on Commercial Advertising (Grtv.)
Amendment of the Privacy Notice
Our Company reserves the right to modify this Privacy Notice and will inform the data subjects accordingly.
Date: Budapest, 2026.01.10.