top of page

Adatvédelmi Tájékoztató

Privacy Policy

(Data Protection Notice)

Effective date: 25 May 2018
Last update: 20 May 2018 (in accordance with GDPR)

01, February 2026

Cartebor Kft. (hereinafter referred to as the Data Controller) is committed to protecting personal data and considers the content of this Privacy Policy to be binding upon itself. The Data Controller ensures that all data processing activities comply with applicable Hungarian and European Union legislation, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).

By using this website, users accept the terms of this Privacy Policy.

1. Data Controller Details

  • Company name: Cartebor Kft.

  • Registered office: 8200 Veszprém, Takácskert u. 1/C TT1, Hungary

  • Legal representative: Brigitta Horváth

  • Tax number: 12661774-1-19

  • Bank account: 10401220-50526856-82521005 (K&H Bank)

  • Website: www.horvathbrigi.com

  • E-mail: horvathbrigi.veszprem@gmail.com

  • Data protection registration number: NAIH-103283/2016

2. Definitions

  • Data subject: any identified or identifiable natural person

  • Personal data: any information relating to an identified or identifiable natural person

  • Special category data: personal data concerning health, psychological condition or other sensitive data as defined by law

  • Processing: any operation performed on personal data

  • Processor: a natural or legal person processing personal data on behalf of the Data Controller

  • Consent: freely given, specific, informed and unambiguous indication of the data subject’s wishes

3. Principles of Data Processing

The Data Controller processes personal data in accordance with the following principles:

  • lawfulness, fairness and transparency

  • purpose limitation

  • data minimisation

  • accuracy

  • storage limitation

  • integrity and confidentiality

4. Legal Basis for Data Processing

Personal data are processed on one or more of the following legal bases:

  • the data subject’s consent

  • compliance with a legal obligation

  • performance of a contract

  • legitimate interest of the Data Controller

5. Categories of Personal Data Processed

5.1 Athlete Self-Assessment Test

  • full name

  • e-mail address

  • age

  • sport discipline

  • answers to sport-related questions

5.2 Contact Form

  • name

  • e-mail address

5.3 Training Program Registrations (SportHack, MemoHack, Mind Control)

  • name

  • e-mail address

  • sport discipline or school name

  • billing details

  • in case of minors: parent or legal guardian details

  • health-related or special needs information (only with explicit consent)

5.4 Product Orders and Purchases

  • customer name

  • e-mail address

  • phone number

  • billing and shipping details

5.5 Newsletter Subscription

  • first name

  • e-mail address

5.6 Blog Comments

  • first name (pseudonym allowed)

  • e-mail address

6. Data Processing of Minors

Only individuals over the age of 16 are entitled to provide personal data on this website.
In the case of minors, personal data may only be processed with the consent of a parent or legal guardian.

7. Cookies

The website uses cookies to ensure proper operation, improve user experience and collect statistical data.
Cookies can be disabled or restricted at any time via browser settings; however, certain website functions may be unavailable without cookies.

8. IP Address Logging

When visiting the website, technical data such as IP addresses may be logged for security and statistical purposes only, in compliance with applicable laws.

9. Purpose and Duration of Data Processing

The purposes of data processing include:

  • providing and improving website services

  • communication with users

  • fulfilling orders and registrations

  • handling legal disputes

  • sending newsletters and promotional content (only with consent)

Personal data are processed only for as long as necessary to fulfil the stated purposes or until the data subject withdraws consent or requests deletion.

10. Data Transfer and Data Security

Personal data are disclosed to third parties only where required by law or with the explicit consent of the data subject.
The Data Controller applies appropriate technical and organisational measures to ensure the security of personal data throughout the entire processing lifecycle.

11. Rights of Data Subjects

Data subjects have the right to:

  • request information about data processing

  • access their personal data

  • request rectification of inaccurate data

  • request erasure (“right to be forgotten”)

  • request restriction of processing

  • object to data processing

  • lodge a complaint with the competent supervisory authority

Place and date: Veszprém, June 2016
Updated: 20 May 2017, 20 May 2018

01, February 2026

bottom of page