Privacy Policy
PRIVACY POLICY
This Privacy Policy informs you about the data processing practices of Danube Cruises4You Kft. (registered address: 1164 Budapest, Levedi utca 9. 2nd door; tax number: 29303216-2-42; company registration number: 01-09-386200; e-mail: info(@)budapestrivercruise.hu) – hereinafter referred to as the “Data Controller” or “Company” – in relation to the website operated by the Company, www.budapestrivercruise.hu (hereinafter referred to as the “Website”), in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation – GDPR).
Our Company respects your fundamental rights to the protection of your personal data. Below we provide detailed information regarding the legal basis, purpose, duration, and method of processing personal data provided by you or related to you, the measures we take to protect your data, and the rights you have over your personal information. This Privacy Policy applies to personal data processed on the Website.
The current version of this Privacy Policy is accessible on the Website during browsing, and the customer confirms awareness and acceptance of it during the service ordering process.
Our Company reserves the right to unilaterally modify this Privacy Policy.
Definition of User within this policy:
A natural person who visits the Website, regardless of whether they use our services.
The services on our Website are intended for and provided from Hungary. During use, Hungarian law applies to all Users.
The operator and editor of the Website is the Data Controller, i.e. our Company.
Hosting provider: Websupport Magyarország Kft.
(Address: 1132 Budapest, Victor Hugo utca 18-22; Company Reg. No.: 01-09-381419; Tax No.: 25138205-2-41; Email: support(@)websupport.hu
The hosting server storing the data operates within the territory of the European Union.
DATA PROCESSING ACTIVITIES
We process your personal data in connection with our sales activities for the following purposes:
Personal data provided during the ordering process is managed electronically via the Website’s admin interface and stored on the hosting server provided by the hosting provider.
To process payments for services, we offer multiple options:
– Secure credit card payment via Stripe (https://stripe.com/en-hu)
– Direct bank transfer to the account held by Danube Cruises4You Kft. at Unicredit Bank.
We do not have access to your banking details during these transactions.
1.1 Purpose: Sale of Third-Party Services
If you purchase a service offered by a third-party provider through our Company, the personal data you provide in the relevant order form will be forwarded to the service provider listed below:
Name: Silverline Cruises Kereskedelmi és Szolgáltató Kft.
Company Reg. No.: 01-09-973821
Address: 1138 Budapest, Marina part hrsz 25904/1.
Tax No.: 23692800-2-41
Email: booking(@)silver-line.hu
These service providers qualify as independent data controllers, thus they are also required to ensure GDPR-compliant data processing.
Data processed for third-party services (guided tours, private trips, excursions):
Name, billing name, email, phone number, address, selected language, meeting/travel location and time, number of passengers, number of adults, number of children.
1.3 Purpose: Account Registration (Login)
If you create a user account by entering a password during the booking process, you can log in later using your email and password to review your cart contents or previous orders.
The legal basis for processing your login data is your explicit consent, provided by ticking the appropriate checkbox during registration.
1.4 Duration: We store login data until a deletion request is received.
Data source: The order form submitted by you.
1.4 Purpose: Contacting Customer Service
Through the contact form available on the Website, you can request additional information about our services. The data you provide on this form (first and last name, email, phone number, subject, message) is forwarded to our email system at info(@)budapestrivercruise.hu, and stored until the purpose of the data processing is fulfilled. Afterwards, the data is deleted from our system.
Legal basis: Your explicit consent, given by voluntarily submitting the contact form.
Only our staff responsible for sales and customer service have access to these data.
1.5 Purpose: Exercising the Right of Withdrawal / Cancellation
In accordance with relevant consumer protection laws and our Terms & Conditions, if you exercise your right of withdrawal or cancellation, we process the following data: your name, address, and the date of cancellation.
Legal basis: The contract established between you and our Company.
Source of data: The cancellation statement you send by email or post.
We store these data until the expiration of the limitation period defined in civil law.
They are only shared in case of legal disputes, with our legal representative and/or debt collection agency.
1.6 Purpose: Complaint Handling
If a complaint is submitted, we process the complainant’s personal data (name, address, email address, subject of complaint) to handle the issue.
Your complaint will be stored in a separate, secure folder on our servers for 5 years, in accordance with consumer protection laws.
Legal basis: Our legal obligation under consumer protection law.
Your data will not be shared with third parties and will only be handled by our internal staff.
1.7 Purpose: Fulfilment of Tax and Accounting Obligations
We process data required by law for accounting and taxation purposes (e.g., name, address, tax number) under the legal obligation to maintain business records.
Duration: 8 years after the termination of the legal relationship.
Invoices and related data are handled by our data processor: Adopart Kft., our accounting service provider, under a data processing agreement.
Data may be shared only with the Hungarian Tax Authority (NAV).
We apply appropriate technical and organizational measures (e.g. password protection, secure servers) to protect your data. A CAPTCHA (security code) is used on forms to prevent unauthorized access or spam. CAPTCHAs cannot identify individuals.
COOKIES
Like most websites, our Website uses cookies—small text files that enhance your user experience and ensure site functionality.
We process personal data only when it is strictly necessary to provide the requested service, and even in those cases, only to the minimum extent and duration required.
Cookies store information such as:
– language preferences
– items in your cart
– accepted cookie settings (stored for 30 days)
Third-party cookies: We use Google Analytics to monitor site traffic. These cookies do not collect personal data; the visitor remains anonymous. Cookies expire when you close your browser.
Google AdWords
This Website uses Google AdWords remarketing tags to display relevant ads to previous visitors while they browse other websites on the Google Display Network. Remarketing uses cookies to serve these ads.
If you wish, you may disable these cookies.
Our Website also maintains business pages on social media platforms (e.g., Facebook, Instagram). If you “like” or “follow” us, we may see the public information you share, but each platform operates under its own privacy policy.
IF YOU DO NOT SUPPORT COOKIES
You can modify your cookie preferences anytime in your browser settings. You may block all or specific cookies via the browser’s “settings” or “preferences” menu.
More information:
Chrome: https://support.google.com/chrome/answer/95647
Firefox: https://support.mozilla.org/en-US/kb/cookies
Internet Explorer: https://support.microsoft.com (search for “cookies”)
Safari: https://support.apple.com/en-us (search for “cookies”)
Opera: http://help.opera.com/Windows/10.50/en/cookies.html
Please note: Blocking cookies may affect some Website features or disable them entirely.
YOUR DATA PROTECTION RIGHTS
In line with the GDPR, you have the right to:
- request information about your data,
- request access, rectification, or deletion,
- restrict processing,
- data portability,
- object to data processing,
- and file a complaint with the supervisory authority.
Requests should be sent to:
Postal Address: 1164 Budapest, Levedi utca 9. 2nd door;
Email: info(@)budapestrivercruise.hu
Requests will be answered within 30 days. If necessary, we may ask for further information to confirm your identity to protect your rights and our legitimate interest.
If you request data deletion, we will erase your data within 15 business days. This does not apply to data we are required to keep for legal or contractual reasons.
You can also request a copy of your data or ask us to restrict processing. We will not share your data with third parties or individuals under any circumstances, except when legally required.
DATA SECURITY
We strictly comply with data protection and confidentiality obligations.
We apply technical and organizational measures to prevent unauthorized access, disclosure, alteration, or destruction of data.
We use HTTPS encryption (via Websupport Magyarország) and password-protected systems. Data is stored on firewall-protected servers with up-to-date antivirus software.
In case of a data breach, we have an incident response plan in place.
COMPLAINT HANDLING
If you have concerns, suggestions, or complaints regarding personal data, contact us at:
Email: info(@)budapestrivercruise.hu
We will respond within 30 days.
If you are unsatisfied, you may contact:
Hungarian National Authority for Data Protection and Freedom of Information (NAIH)
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c
Mailing address: 1530 Budapest, P.O. Box 5
Phone: +36 1 391 1400
Fax: +36 1 391 1410
Email: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu/
The latest version of our Privacy Policy is always available on our Website. We reserve the right to unilaterally modify its content, and will inform visitors in case of changes. Past data processing remains lawful.
Date: Budapest, 31 January 2025
Melinda Mária Milcsevics
Managing Director
RELEVANT LEGISLATION
- GDPR: Regulation (EU) 2016/679
- Hungarian Act CXII of 2011 (Info Act)
- Act CVIII of 2001 on electronic commerce
- Act XLVIII of 2008 on commercial advertising
KEY DEFINITIONS
Data Subject: Any identified or identifiable natural person.
Consent: Freely given, specific, informed, and unambiguous indication of the Data Subject’s wishes.
Personal Data: Any information relating to an identified or identifiable natural person.
Data Controller: Entity determining the purposes and means of data processing.
Processing: Any operation performed on personal data (collection, storage, use, transfer, deletion, etc.)
Data Breach: Any unlawful processing or access resulting in data loss, modification, or disclosure.
Third Party: Any individual or entity not directly involved in the data process.
Data Security: Measures to protect personal data from unauthorized access or misuse.
Legal Basis: Usually consent or statutory obligation (e.g. contract, tax law).
Official definitions: https://www.naih.hu/adatvedelmi-szotar.html