Privacy Policy


Information Notice on Data Management

 

In brief


We collect and process personal data only as allowed by law.
We send out DM letters only with special approval. System messages can be sent without this.
We store the data in the safest way.
We disclose personal data to third party only with approval.
We provide information to anyone about the data stored on him/her, and the data owner may request the deletion of data any time through our accessibilities.
 

Introduction
 

KENSHO Szolgáltató Kft. (1037 Budapest, Csillaghegyi út 13., incorporated under: 01 09 718377, tax code: 13092979-2-41), (hereinafter: Service Provider or Data Manager) submits to the following requirements.

Paragraph (1) article 20 of the act CXII of 2011 sets forth that it has to be communicated to the affected person (in this case to the Webshop user, hereinafter: User) whether the data supply is bound to approval or is mandatory.

Before starting with data processing the affected person shall be informed clearly and in detail about all facts related to the management of his/her data, in particular about the purpose and the legal basis of data processing, the staff entitled to data management and processing, and the retention period.

Pursuant to paragraph (1) article 6 of the info act the affected person has also to be informed that personal data may be processed even if the approval of the affected person cannot be obtained or would entail considerable expenses, or if the processing of personal data is necessary:

  • for fulfillment of the legal obligation of the Data Manager, or
  • for enforcement of the justified interest of the Data Manager or a third party, and the enforcement of this interest is commensurate with the limitation of the right related to the protection of personal data.
     

The Information Notice has to deal with the data management related rights of the affected person and with his/her access to legal remedy.

Should the personal communication with the affected person be impossible or would entail disproportionate expenses (like in this case on the Webshop), orientation can be provided by publication of the following information:

  1. the fact of data collection,
  2. the scope of people concerned,
  3. purpose of data collection,
  4. time span of data retention,
  5. identification of potential data managers entitled to get access to the data,
  6. orientation about the rights of people concerned and their possibilities to get remedy, and
  7. if the data processing leads to registration of data under protection, the registration number of data management.
     

This Information Notice regulates data management on the following website: http://kensho.hu and is based on the above substantial requirements. The Notice is available on the following website: http://shop.kensho.hu/hu/adatvedelem

The amendments of the Notice enter into force upon their publication at the above address. You will find reference to the related regulation under the titles of each chapter of the Notice.

 

Data management related to the operation of a Webshop
 

  1. Pursuant to paragraph (1) article 20 of the act CXII of 2011 on information-related  self-determination and information freedom the following aspects are to be specified in connection with data management related to the operation of a Webshop:
  1. the fact of data collection,
  2. the scope of people concerned,
  3. purpose of data collection,
  4. time span of data retention,
  5. identification of potential staff entitled to get access to the data,
  6. orientation about the rights of people concerned.
     
  1. The fact of data collection, the scope of information managed, and the purpose of data processing:

     
    Personal data Purpose of data processing
    User name Identification to enable registration.
    Password Serves for safe log-in in the user account.
    First name and last name Required to establish contact, to buy, and to issue formal invoices.
    E-mail address Communication.
    Birthday Keeping statistical records, sending out special offers.
    Phone number Communication, efficient clarification of issues related to billing and delivery.
    Billing name and address To issue the formal invoice, prepare the contract, compile its contents and its amendment, follow-up the fulfillment, bill the related charges as well as to collect the related receivables.
    Delivery name and address To facilitate home delivery.
    Date of purchasing / registration Implementation of technical operations.
    IP address at the time of  purchasing / registration Implementation of technical operations.



















    Neither the user name nor the e-mail address needs to contain personal data.
  1. Scope of people concerned: Everyone registered on the Webshop site and/or buying there.
     
  2. Time span of data management, deadline for data deletion: Immediately upon cancelling the registration – except for accounting documents since pursuant to paragraph (2) article 169 of the act C of 2000 these data are to be retained for 8 years.
    The accounting document directly or indirectly supporting bookkeeping (including general ledger accounts as well as analytical and detail records) should be retained in readable form for at least 8 years in a way retrievable on the basis of references in the books.
     
  3. Identification of potential data managers entitled to get access to the data: Personal data can be processed by the sales and marketing staff of the Data Manager with due regard to the above principles.
     
  4. Communication to the persons concerned about their rights related to data management: The following data corrections can be initiated and performed at the websites concerning deletion or modification of personal data:
  • by mail to 1037 Budapest, Csillaghegyi út 13.,
  • by e-mail via info@kensho.hu,
  • by phone on +36 (1) 205 3580.
  1. The data processing entity (memory provider) hired for data management:

Rufftech Kft.,
headquarters: 7300 Komló, Munkácsy Mihály u. 84.,
office: 1114 Budapest, Orlay u. 2/b.,
email: info@rufftech.hu,
tel.: +36 1 321 7361

  1. The registration number of data management: NAIH-97423/2016.
     
  2. Legal basis of data management: the approval of the User, paragraph (1) article 5 of the info act, and paragraph (3) article 13/A. of the act CVIII of 2001 on certain issues of electronic commercial services and information society related services (hereinafter: Elcom act):

    For service providing purposes the Service Provider can use the personal data that are inevitably necessary for technical reasons. If other conditions are identical, the Service Provider shall select the media applied in providing services related to the information society, and to operate them in such a way that personal data are used only if this is necessary to providing the service and to fulfill other objectives specified in this act, nevertheless, only to the required extent even in this event.
     

Our principles concerning the above data management (article 13/A of the Elcom act)
 

  1. The Service Provider may handle the natural personal identification data, home address required for the use of services in relation with the information society as well the information related to the time, duration and location of the use of the service for the purpose of billing the charges resulting from the contract of service provision in relation with the information society.
     
  2. The Service Provider may handle the personal information inevitable to providing such services. In the event when other conditions are identical the Service Provider has to select and operate the media applied in providing services in relation with the information society any time where personal data handling takes place only if this is inevitably necessary to provide the services set forth in the Elcom act and to the fulfillment of other objectives, nevertheless, only to the necessary extent and time even in this event.
     
  3. The Service Provider is allowed to handle information in relation with the provided services for any other purpose – so in particular for increasing the efficiency of his service, the forwarding of electronic commercials or other specific contents to the User, or for market research – only upon the prior specification of the purpose of data management and with the approval of the buyer.
     
  4. The possibility of prohibiting the handling of his/her personal data should be ensured to the User permanently before and in the course of using the services in relation with the information society.
     
  5. The handled data should be deleted after the failure of contracting, the termination of the contract, and after billing. The information should be deleted if the purpose of data handling has ceased to exist or the User provides so. Data deletion should be carried out immediately unless the act otherwise provides.
     
  6. The Service Provider has to ensure that before and in the course of using the services in relation with the information society the User can get familiar with the purposes  of data management and the types of information handled, including the handling of information not being in direct relation with the User.
     

Handling of cookies
 

  1. Pursuant to paragraph (1) article 20 of the act CXII of 2011 on information-related  self-determination and information freedom the following aspects are to be specified in connection with data management related to the operation of a Webshop:
  1. the fact of data collection,
  2. the scope of people concerned,
  3. purpose of data collection,
  4. time span of data retention,
  5. identification of potential data managers entitled to get access to the data,
  6. orientation about the rights of people concerned.
     
  1. The cookies characteristic to Webshops include the so called „cookies used to work processes protected with password”, „cookies required to the shopping basket” and the „safety cookies”, the use of which does not need the prior approval of the users concerned.
     
  2. The fact and the scope of data management: Individual identification numbers, dates and times.
     
  3. Scope of people concerned: Everyone visiting the Webshop site.
     
  4. The purpose of data management: Identification of Users, recording the „shopping basket” and following the visitors.
     
  5. Time span of data management, deadline of the deletion of data: In the handling of session cookies, the time span of data management shall last until the end of visiting the websites and in any other case  for maximum 30 days.
     
  6. Potential data managers entitled to get familiar with the information: By using the cookies the data manager does not handle personal data.
     
  7. Communicating the rights of the persons concerned in relation with data management: Users have the possibility of deleting the cookies in the Tools/Options menu of browsers under the Data Protection setting item, as a rule.
     
  8. The legal basis of data management: No approval is required from the User if the exclusive purpose of using cookies is the forwarding of messages through the electronic telecommunication network, or if the Service Provider inevitably needs it to providing services in relation with the information society upon the explicit request of the Subscriber or User.
     

The use of Google AdWords conversion tracking
 

  1. The Data Manager uses the „Google AdWords” online commercials program, and in the framework of that the conversion tracking service of Google. Google conversion tracking is an analytic service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; „Google“).
     
  2. When the User gets to a website via a Google commercial, a cookie required to conversion tracking appears on his computer. The validity of such cookies is limited and they do not contain any personal data so as the User cannot be identified by them.
     
  3. When the User is browsing certain pages of the website and the cookie has not yet expired, both Google and the Data Manager can see that the User has clicked on the commercial.
     
  4. Each Google AdWords customer gets another cookie so as these cannot be tracked throughout the websites of AdWords customers.
     
  5. The information obtained by means of conversion tracking cookies serve for the purpose of compiling conversion statistics for the customers selecting AdWords conversion tracking. Customers get information in this way on the number of Users clicking on their advertisements and directed to a page with conversion tracking label. Nevertheless, they do not have access to any information that might be suitable for the identification of any user.
     
  6. If the customer does not wish to participate in conversion tracking, he can refuse that by banning the application of cookies in his browser. In this case the customer will not be included in the conversion tracking statistics.
     
  7. Further information and the data protection statement of Google are available on: www.google.de/policies/privacy/
     

Application of Google Analytics
 

  1. This website uses the Google Analytics application, a web analyzing service of Google Inc. („Google”).  Google Analytics uses so called „cookies”, text files saved on the computer to facilitate the analysis of the website visited by the User.
     
  2. The information created by means of cookies related to the website used by the User are received and stored on one of Google’s server in the USA, as a rule. By the activation of IP anatomization on the website Google shortens in advance the User’s IP address within the member states of the European Union or in other states party to the treaty of the European Economic Area.
     
  3. Forwarding the complete IP address to Google’s server in the USA and its shortening take place there only in exceptional cases. Upon the assignment of the operator of this website Google shall use this information for analyzing how the User has used the website, furthermore for compiling reports to the operator of the website related to the activity of the website as well as to provide further services in relation with the use of the website and the internet.
     
  4. Within its framework Google Analytics does not merge the IP address of the User forwarded by the browser with any other information of Google. The User may hinder the storage of cookies by the proper setting of his browser, nevertheless, it may happen in this event that not all functions of this website will be fully available. The User may also hinder Google in collecting and processing the User’s information related to the use of the website enabled by cookies (including the IP address) if he downloads and installs the browser plug-in available via the following link: https://tools.google.com/dlpage/gaoptout?hl=hu


News letter, DM activity
 

  1. Pursuant to article 6 of act XLVIII of 2008 on the basic requirements and certain limits of economic advertisement activity the User may in advance and explicitly allow the Service Provider to contact him with commercial offers and other messages via the User’s contact addresses provided upon registration.
     
  2. Furthermore, keeping the provisions of this Information Notice in mind, the User may allow the Service Provider to process his personal data necessary to forward commercial offers.
     
  3. The Service Provider does not send commercial messages without request, and the User may unsubscribe commercials free of charge without any restriction and explanation. In this event the Service Provider shall delete from his records all personal data used for forwarding commercial messages and will not send further commercials to the User. Users can unsubscribe to commercials by clicking on the link provided in the respective message.
     
  4. Pursuant to paragraph (1) article 20 of the act CXII of 2011 on information-related  self-determination and information freedom the following aspects are to be specified in connection with data management related to the forwarding of news:
  1. the fact of data collection,
  2. the scope of people concerned,
  3. purpose of data collection,
  4. time span of data retention,
  5. identification of potential data managers entitled to get access to the data.
     
  1. The fact and the scope of data management: name, e-mail address, dates and time.
     
  2. Scope of people concerned: everyone subscribed to the new letter.
     
  3. The purpose of data management: forwarding electronic commercials to the User, orientation on topical information, products, actions, new functions etc.
     
  4. Time span of data management, deadline of the deletion of data: until the withdrawal of the approval, i.e. data handling lasts until the User has not unsubscribed.
     
  5. Potential data managers entitled to get familiar with the information: the staff of the Data Manager is allowed to handle personal data with regard to the above principles.
     
  6. Communicating the rights of persons concerned in relation with data management: the User may subscribe to the new letters free of charge any time.
     
  7. The legal basis of data management: the voluntary approval of the User, paragraph (1) article 5 of the Info act, and paragraph (5) article 6 of the act XLVIII of 2008 on the basic requirements and certain limits of economic commercial activity:

    The advertiser, the commercials provider as well as the publisher of commercials – as specified in the approval – keep records on the personal data of individuals providing statement of approval. The data entered in these records – concerning the addressee of the advertisement – can be handled only in compliance with the contents of the statement of approval and until its withdrawal, and it may be disclosed to third parties exclusively with the prior approval of the person concerned.


Community websites
 

  1. Pursuant to paragraph (1) article 20 of the act CXII of 2011 on information-related  self-determination and information freedom the following aspects are to be specified in connection with data management of community sites:
  1. the fact of data collection,
  2. the scope of people concerned,
  3. purpose of data collection,
  4. time span of data retention,
  5. identification of potential data managers entitled to get access to the data,
  6. orientation about the rights of people concerned.
     
  1. The fact and the scope of data management: Name and public profile of the User registered on the Facebook/Google+/Twitter/Pinterest/YouTube/Instagram etc. community sites.
     
  2. Scope of people concerned: Everyone who have registered on Facebook/Google+/Twitter/Pinterest/YouTube/Instagram etc. community sites and „liked” the website.
     
  3. The purpose of data management: Sharing, „liking” and popularization of the substantial elements, products, actions or the website itself on community sites.
     
  4. Duration of data management, data deletion deadline, potential data managers entitled to get familiar with the information, and communication of the rights of Users in relation with data management: The User can obtain information about the source, the handling, the mode of forwarding the data as well as the legal background of all that on the community site. Data management is implemented on the community sites; therefore, the regulation of the respective community site applies to the time span of data management, its mode as well as to the possibilities of their deletion and modification.
     
  5. The legal basis of data management: The voluntary approval of the affected person to the handling of his personal data on community sites.


Data delivery
 

  1. Pursuant to paragraph (1) article 20 of the act CXII of 2011 on information-related  self-determination and information freedom the following aspects are to be specified within the scope of data delivering activity on the Webshop website:
  1. the fact of data collection,
  2. the scope of people concerned,
  3. purpose of data collection,
  4. time span of data retention,
  5. identification of potential data managers entitled to get access to the data,
  6. orientation about the rights of people concerned.
     
  1. The fact of data collection and the scope of information handled.
     
    1. The scope of information needed for the implementation of delivery: delivery name, delivery address, phone number, amount payable.
    2. The scope of information needed for the implementation of online payment: billing name, billing address, amount payable.
  1. The scope of people concerned: All Users ordering home delivery / online shopping.
     
  2. Purpose of data management: The implementation of home delivery / online shopping, confirmation of transactions, and fraud monitoring performed for the protection of Users (to check abuse).
     
  3. Time span of data retention, deadline of data deletion: Lasts until the completion of home delivery / online shopping.
     
  4. Identification of the potential data managers entitled to get access to the data. The following entities are allowed to handle the data with regard to the above principles:

    Trans-o-flex Hungary Kft.
    1239 Budapest, Európa út 12. BILK Logisztikai Központ L1 épület
    Telephone +36 1 8 777 400, +36 1 8 777 444
    E-mail ugyfelszolgalat@tof.hu

    K&H Bank Zrt.
    Headquarters: 1095. Budapest, Lechner Ödön fasor 9.
    +36 (1/20/30/70) 335 3355
    https://www.kh.hu/publish/kh/hu/khcsoport/jogi_nyilatkozat.html
     
  5. Communication of the rights of Users related to data management: The User may request the Data Manager carrying out home delivery / online payment the early deletion of his personal data.
     
  6. The legal basis of data delivery: The User’s approval, and paragraph (1) article 5 of the info act as well as paragraph (3) article 13/A. of act CVIII of 2001 on services related to the information society.


Customer relations and other data handling activities
 

  1. Should question arise in the course of using the services of the Data Manager or the User has any problem, he can contact the Data Manager through the ways indicated on the website (telephone, e-mail, community sites etc.).
     
  2. The Data Manager shall delete the received e-mails, messages, data supplied via telephone, Facebook etc. together with the name and e-mail address of the User and any other personal information he provided voluntarily not later than after 2 years reckoned from the delivery of information.
     
  3. About data management activities not referred to in this Information Notice orientation shall be given along with the recording of data.
     
  4. The Service Provider shall be obliged to provide information, communicate/supply data, or to make documents available upon exceptional statutory request and/or on the basis of authorization by legislation upon the request of other entities.
     
  5. In such events the Service Provider shall disclose personal information only to such an extent – if the requesting entity has specified the exact purpose and scope of data – that is inevitably necessary to the fulfillment of the purpose of the request.


Data security (article 7)
 

  1. The Data Manager has designed and implemented his data handling operations so as to secure the protection of the privacy of users concerned.
     
  2. The Data Manager has provided for the safety of information (password, antivirus support), taken the technical and organizational measures and developed the procedural rules that are required to the enforcement of the Info act as well as other data protection and confidentiality regulations.
     
  3. The Data Manager has protected the data by proper measures, in particular against:
  • illegal access,
  • changing,
  • forwarding,
  • disclosing,
  • deletion or destruction,
  • accidental destruction and damage,
  • inaccessibility due to the change of the applied technology.
     
  1. The Data Manager has secured by proper technical solution that the data stored in his records cannot be linked and connected to the users concerned.
     
  2. In order to prevent illegal access to personal data, the changing or illegal disclosure or use of such information the Data Manager has provided for:
  • the development and operation of proper IT and technical environment,
  • the controlled selection and supervision of its staff involved in service providing,
  • the issue of detailed operation, risk management and service providing procedures.
     
  1. On the above bases the Service Provider has secured that the information handled by him:
  • is at the disposal of entitled users,
  • its credibility and validation is guaranteed,
  • verifying that the data remain unchanged.
     
  1. The IT system of the Data Manager and his memory provider ensure protection among others against:
  • computer fraud,
  • espionage,
  • computer viruses,
  • spams,
  • hacking,
  • and other attacks.


Rights of the affected users (articles 14-19)
 

  1. Users can request that the Service Provider provides information about the handling of his personal data, or order the correction as well as the deletion or blocking of their personal data – except for mandatory data handling.
     
  2. Upon the request of the User the Data Manager shall provide information about the data handled by the User or by the data processing entity assigned by the User, and about the source of these data, the purpose, the legal basis, the duration of data handling, the name and address of the data processing entity and its activity in relation with data management, about the circumstances and impacts of data protection incidents and about the measures taken for their elimination, furthermore – in the event of forwarding the User’s personal data – about the legal basis and the addressee of data delivery.
     
  3. For the purpose of controlling the measures related to data protection incidents and of the orientation of the User, the Data Manager – through his internal data protection staff, if any – keeps records containing the scope of personal data concerned, the scope and number of Users concerned by data protection incidents, the time , circumstances and impacts of data protection incidents and the measures taken for their elimination as well as other information specified in the law regulating data management.
     
  4. For the purpose of controlling the legality of data delivery and of the orientation of the User, the Data Manager keeps records on the time of forwarding, the legal basis and the addressee of data delivery, the scope of personal data forwarded as well as other information specified in the law regulating data management.
     
  5. For the request of the User the Service Provider shall provide information about the data handled by him, about their source, the purpose, legal basis and duration of data handling, about the name and address of the data processing entity and its activity related to data management, furthermore – in the event of forwarding the personal data of the User – the legal basis and the addressee of data delivery. Within the shortest time reckoned from the submission of the request but not later than within 25 days, the Service Provider shall provide information in writing, in a form easy to understand. The information is free of charge.
     
  6. Should the personal data not comply with reality, and if the personal data complying with reality are available, the Service Provider shall correct the personal data accordingly.
     
  7. Instead of deletion the Service Provider shall block the personal data if the User requests that or if it can be supposed on the basis of available information that deletion would infringe the User’s legitimate interests. Blocked personal data can be handled exclusively until the data handling purpose excluding the deletion of the personal data exists.
     
  8. The Service Provider shall delete the personal data if their handling is illegal, the User requests that, the data concerned are inadequate or wrong – and this state cannot be remedied legally – supposed that law does not exclude the deletion, the purpose of data handling has ceased, or the time span of data retention specified in law has expired, or if the court of justice or the National Authority for Data Protection and Freedom of Information has prescribed that.
     
  9. The Data Manager shall mark the personal data if the User disputes their correctness or accuracy but the incorrectness or inaccuracy of the disputed personal data cannot be verified unambiguously.
     
  10. The affected User and all those whom the data had been forwarded to previously for processing are to be notified on the correction, blocking or marking of data. The notification can be skipped if this does not hurt the legitimate interest of the affected person with regard to the purpose of data management.
     
  11. Should the Data Manager not fulfill the User’s request for correction, blocking or deletion, the Data Manager has to communicate in writing the factual and legal explanation of the rejection of the related request within 25 days following its reception. In the event of rejection of the request for correction, blocking or deletion of data the Data Manager shall orient the User on the possibilities of seeking legal or statutory remedy.

 
Legal remedy
 

  1. The User may file objection against the management of his personal data if:
  1. the management or forwarding of personal data is necessary exclusively for the fulfillment of legal obligations of the Service Provider or to the enforcement of the legitimate interest of the Service Provider, of the entity receiving the data, or of a third person, unless data management has been prescribed by law;
  2. the use of forwarding of the personal data serve exclusively for direct marketing, poll, or scientific research;
  3. in any other event specified by law.
     
  1. The Service Provider shall investigate the objection within the shortest time reckoned from the submission of the request but not later than in 15 days, make decision concerning its justification, and notify the applicant in writing about his decision. If the Service Provider has established the justification of the User’s objection, he shall discontinue the management of data – including further data collection and data delivery – and block the data, and notify about the objection and the measure taken on that basis all recipients of the personal data concerned by the objection, and the recipients are obliged to take measures to enforce the right to object.
     
  2. Should the User not agree with the decision of the Service Provider, he may go to court within 30 days reckoned from being notified on that. The court shall act out of turn.
     
  3. Complaints against the infringement that might be committed by the Data Manager can be submitted to the National Authority for Data Protection and Freedom of Information:

    Nemzeti Adatvédelmi és Információszabadság Hatóság
    1125 Budapest, Szilágyi Erzsébet fasor 22/C.
    Mail address: 1530 Budapest, Postafiók: 5.
    Telephone: +36  1-391-1400
    E-mail: ugyfelszolgalat@naih.hu


Law enforcement by court (article 22)
 

  1. The Data Manager is obliged to prove that the data management complies with the contents of regulation. The legality of data forwarding has to be proved by the recipient of the data.
     
  2. The decision of a lawsuit falls within the jurisdiction of the court. Pursuant to the choice of the affected User, the lawsuit can be launched before the court competent according to either the home address or the residence of the User.
     
  3. Party to litigation can be a person even without legal capacity of litigation. The Authority may intervene in the litigation in order to support the User in winning the action.
     
  4. If the court grants the request, it shall oblige the Data Manager to provide orientation, to correct, block or delete the data, to cancel the action made by automated data processing, to take into account the User’s right to protest as well as to deliver the data requested by the data recipient.
     
  5. Should the court reject the recipient’s request, the Data Manager is obliged to delete the personal data of the affected User within 3 days reckoned from the communication of the decision even if the data recipient has not gone to court within the set deadline.
     
  6. The court may order the disclosing of its decision by publication of the identification data of the Data Manager if the interests of data protection and the protected rights of a relatively large number of affected users require that.


Compensation and grievance fees (article 23)
 

  1. Should the Data Manager violate the privacy of the affected person by illegal handling of his data or by infringement of the requirements of data security, the affected User may request grievance fee from the Data Manager.
     
  2. The Data Manager is responsible to the User for the damage caused by the data processing entity and the Data Manager is also obliged to pay the grievance fee to the affected person due for the violation of his privacy. The Data Manager is immune from responsibility for the damage caused and from the grievance fee payment obligation if he proves that unavoidable reasons outside the scope of data management have caused the damage or the violation of the privacy of the affected person.
     
  3. The damage shall not be compensated and no grievance fee can be requested as far as the damage or the violation of privacy has been induced by the intentional or grossly negligent conduct of the affected person.
     

Conclusion


In providing orientation we have taken into consideration the following regulations:

  • Act CXII of 2011 – on the right of self-determination and information freedom (the Info act);
  • Act CXII of 2011 – on certain issues of electronic commercial services and other issues of service provision related to the information society (in particular article 13/A);
  • Act XLVII of 2008 – on the prohibition of unfair commercial practices against consumers;
  • Act XLVII of 2008 – on the basic requirements and certain restrictions of economic advertising activity (in particular article 6);
  • Act XC of 2005 – on electronic information freedom
  • Act C of 2003 – on electronic telecommunication (explicitly article 155);
  • Opinion No 16/2011 – on the EASA/IAB recommendation related to the best practices of behaviour-based online advertisement