This Privacy Notice provides information on the processing of personal data carried out through the use of the www.raking.hu website operated by the Controller – including, in particular, the submission of online quotation requests and the subscription to newsletters via the website.
Pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter “GDPR”), the Controller hereby provides the following information to the data subjects regarding the processing of their personal data.
1. Data Controller and Hosting Service Provider – Details and Contact Information
1.1. Data Controller details
Name of the Data Controller: RAKING Kft. (hereinafter referred to as the “Data Controller” in this Privacy Notice)
Representative and contact person: Gergő Török, Managing Director
Registered office: 1115 Budapest, Benedikt Ottó utca 3. D. ép. 7. em. 1. ajtó 7. storey 1. door
Company registration number: 01-09-395325
Registering authority: Company Registry Court of Budapest Capital Regional Court
Contact details of the Data Controller:
1.2. Hosting Service Provider details
Hosting Provider: DL ISP SUPPORT Kft.
Registered office: 6000 Kecskemét, Semmelweis utca 1/a.
Tax number: 24886716-2-03
Company registration number: 03-09-127451
E-mail: info@dlisp.hu
1.3. For the purposes of this Privacy Notice:
“personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
“controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
“processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
“recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether or not it is a third party. Public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
“processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
“data subject’s consent” means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
Based on the above definitions, for the purposes of this Privacy Notice, a data subject is any natural person who visits the www.raking.hu website and submits an online quotation request via the website or subscribes to the newsletter. The provisions of this Privacy Notice do not apply to data relating to non-natural persons.
2. Purpose and Legal Basis of Data Processing
2.1. Processing of data related to online quotation requests
Purpose of processing | To contact and maintain communication with the data subject in connection with an online quotation request for warehouse or hall rental submitted via the “Contact” menu on the http://raking.hu/ website. |
Legal basis for processing | The data subject’s consent [Article 6(1)(a) GDPR] |
Categories of data subjects | Visitors to the https://raking.hu/ website who submit an online quotation request to the Data Controller. |
Source of personal data | Directly from the data subject. |
Categories of personal data processed | Name, telephone number, and the content of the message (where it contains further personal data); IT data related to the consent (time of consent, IP address of the data subject), as required by Article 7(1) GDPR [processing under Article 6(1)(c) GDPR]. |
Retention period for personal data | 30 days after the provision of information or the conclusion of further correspondence related to the online quotation request. |
Categories of recipients | Management of RAKING Kft. |
Transfer of personal data to a third country or an international organisation | –
|
Automated decision-making, profiling | – |
Description of technical and organisational measures to ensure data security | – Administrative and technical protection measures [to ensure the security of IT systems, the Data Controller protects them with a firewall and uses antivirus and anti-malware software to prevent both external and internal data loss]; – Organisational measures; – Personal security; – Training and awareness-raising. |
2.2. Processing of data related to newsletter subscription
Purpose of processing | To send email newsletters to data subjects, providing information on current updates. |
Legal basis for processing | The data subject’s consent [Article 6(1)(a) GDPR] |
Categories of data subjects | Visitors to the https://raking.hu/ website who subscribe to receive the newsletter. |
Source of personal data | Directly from the data subject. |
Categories of personal data processed | Name, email address; IT data related to the consent (time of consent, IP address of the data subject), as required by Article 7(1) GDPR [processing under Article 6(1)(c) GDPR]. |
Retention period for personal data | Until the data subject withdraws consent (unsubscribes from the newsletter). |
Categories of recipients | Management of RAKING Kft.; Company operating the newsletter system: SalesAutopilot Kft. (registered office: 1016 Budapest, Zsolt utca 6/A. 5. em. 1.). The processor, under a contract with RAKING Kft., assists in sending the newsletters and processes the data subject’s name and email address to the extent necessary for newsletter delivery; |
| |
Transfer of personal data to a third country or an international organisation | – |
Automated decision-making, profiling | – |
Description of technical and organisational measures to ensure data security | – Administrative and technical protection measures [to ensure the security of IT systems, the Data Controller protects them with a firewall and uses antivirus and anti-malware software to prevent both external and internal data loss]; – Organisational measures; – Personal security; – Training and awareness-raising. |
3. Rights of the Data Subject in relation to data processing
3.1. The Data Subject may request from the Data Controller
a) information on the processing of their personal data [Articles 13 and 14 GDPR],
b) access to their personal data [Article 15 GDPR],
c) rectification or supplementation of their personal data [Article 16 GDPR],
d) erasure or restriction (blocking) of their personal data – except where processing is mandatory [Articles 17 and 18 GDPR],
e) the right to data portability [Article 20 GDPR],
f) the right to object to the processing of their personal data [Article 21 GDPR],
g) the right to withdraw their consent to data processing at any time, without justification [Article 17(1)(b) GDPR], and
h) the right to seek legal remedy against the Data Controller’s actions or decisions.
The Data Subject may submit their request in writing to the Data Controller as set out in Section 3.2. The Data Controller shall fulfil the Data Subject’s lawful request within a maximum of one month and shall notify the Data Subject thereof by email or by postal letter sent to the contact details provided by the Data Subject.
a) Right to information
Upon specific request, and also proactively for the purpose of raising data protection awareness, the Data Controller endeavours to provide you with comprehensive information on various aspects of data processing in a concise, transparent, intelligible and easily accessible form.
If you have any questions relating to data processing, a request for personalised information may be submitted to the Data Controller in writing, in accordance with Section 3.2.
b) Right of access
Upon request, the Data Controller will prepare a personalised report for you on the personal data it processes about you. You may request from the Data Controller a complete query of all personal data relating to you, or you may request data provision in relation to specific categories of data. You may obtain information in particular about the specific purpose or legal basis of processing (by data category), and you may find out whether your personal data have been disclosed to third parties (processors). In the event that personal data are transferred outside the territory of the European Union or to an international organisation, you may also receive separate information on the appropriate safeguards in place to ensure the confidentiality of such data.
The Data Controller will normally fulfil the first data provision request free of charge; however, it reserves the right to charge an administrative fee of HUF 5,000 for fulfilling requests that are manifestly unfounded, excessive, or made in bad faith. Requests of this nature may be submitted to the Data Controller in writing in accordance with Section 3.2.
c) Right to rectification
The Data Controller strives to ensure that your data are always up to date and complete, and to this end relies on your cooperation. We kindly request that you notify us of any missing or inaccurate data. We undertake to assess your rectification requests without delay and as a matter of priority. Such requests may be submitted to the Data Controller in writing in accordance with Section 3.2.
d) Right to erasure and restriction of processing
Upon a duly justified request submitted in writing in accordance with Section 3.2, the Data Controller will promptly erase your personal data if:
The Data Controller nevertheless reserves the right to reject your request for the erasure of personal data even if one of the above alternative conditions is met, where the lawfulness of processing can still be ensured under applicable national or EU legislation. In such cases, the Data Controller will provide you with detailed information on the reasons for refusing your request.
Upon a duly justified request submitted in writing in accordance with Section 3.2, the Data Controller will restrict the processing of your personal data to storage only, if:
In the latter two cases, the restriction will remain in effect until the completion of the relevant internal investigation and/or the conclusion of the competent authority and/or court proceedings. The Data Controller will always inform you in writing, in advance, of the lifting of the restriction on processing.
e) Right to data portability
The Data Controller grants you the right to receive your personal data processed by it in a structured, commonly used and machine-readable format, and to transmit those data to another controller, provided that this does not result in an unjustified and disproportionate prejudice to the legitimate interests (trade secrets) of the Data Controller. Such a request may be submitted to the Data Controller in writing in accordance with Section 3.2.
f) Right to object
The Data Controller also provides you with the opportunity to object to the processing of your personal data. Your objection will only result in the termination of processing if the processing is carried out on the basis of the Data Controller’s legitimate interest or the public authority powers vested in it. Such a request may be submitted to the Data Controller in writing in accordance with Section 3.2.
In these two cases, the Data Controller nevertheless reserves the right to disregard your objection—while providing you with appropriate information and ensuring the possibility of legal remedy—if the processing can be justified by compelling legitimate grounds that override your freedoms and rights (e.g., property protection) or if it is necessary for the enforcement of the Data Controller’s contractual or non-contractual claims.
g) Withdrawal of consent
Please note that if the processing of your personal data by the Data Controller is based on your consent, you have the right to withdraw that consent at any time, thereby requesting the termination of processing. The withdrawal of consent shall not affect the lawfulness of processing carried out prior to such withdrawal.
h) Right to legal remedy
Please be informed that if you have a complaint regarding the data processing carried out by the Data Controller, you may exercise various legal remedies to seek redress for any infringement of your rights. If a dispute concerning data processing is not resolved satisfactorily within the organisational framework of the Data Controller, you may, in accordance with the legal options available to you, initiate court proceedings against the Data Controller or lodge a complaint with the competent authority: 1055 Budapest, Falk Miksa utca 9-11., Postal address: 1363 Budapest, Pf.: 9., Website: http://naih.hu; Postal address: 1363 Budapest, Pf.: 9.; Telephone: +36-1-391-1400; Fax: +36-1-391-1410; Email address: ugyfelszolgalat@naih.hu)
3.2. Contacting the Data Controller
3.2.1. To exercise any of your rights relating to data processing as set out in Section 3.1, to request information on data processing, or to submit an objection or complaint regarding data processing, you may do so in writing—by letter or email—using the Data Controller’s contact details provided in Section 1.
Upon receipt of your written request, the Data Controller will, without undue delay and within the time limits prescribed by applicable legislation, investigate the matter, take appropriate action, and provide you with information on the matter. If necessary—due to the complexity of the request or the number of requests—this deadline may be extended as permitted by law.
3.2.2. If the data subject has submitted the request electronically, the Data Controller will, where possible, provide the information electronically, unless the data subject requests otherwise.
If the Data Controller does not take action on the data subject’s request without undue delay, and in any event within the statutory deadline, it shall inform the data subject of the reasons for not taking action or for refusing to comply with the request, as well as of the possibility of initiating court proceedings or lodging a complaint with a supervisory authority as described above.
The Data Controller reserves the right to unilaterally amend this Privacy Notice with future effect. Data subjects will be informed of any changes via the Data Controller’s website. This Privacy Notice has been prepared in Hungarian, German, and English; in the event of any discrepancy, the Hungarian version shall prevail.
Effective as of: 1th august 2025 from
