de · PRIVACY POLICY

Datenschutzerklärung

Wie wir Ihre personenbezogenen Daten verarbeiten

Last updated: 2026-05-17 · Version: 1.0

This Privacy Policy has been prepared in accordance with the EU 2016/679 General Data Protection Regulation (GDPR). By using this website you accept the terms described herein.

1. Data Controller

The controller of personal data on this website:

Név: Halász István

Business form: Private individual

Registered address: Magyarország

Contact:

E-mail: [email protected]

Privacy e-mail: [email protected]

Tel.: +36 20 955 2851

Web: https://byzalan.com

Data Protection Officer:

Név: Halász István

E-mail: [email protected]

Tel.: +36 20 955 2851

2. Data we collect

We process the following personal data:

Contact data: name, email, phone, message (only provided via /contact/ form).
Newsletter subscription: email address, language preference, subscription timestamp.
Purchase data: billing and shipping data, payment information (handled by external provider).
Technical data: anonymized IP address (/24), browser type, page visits (only with consent).
Cookie data: see separate Cookie Policy.

3. Legal basis

Under GDPR Article 6(1):

Consent (Art 6(1)a): newsletter, cookies, marketing.
Contract performance (Art 6(1)b): purchase, invoicing.
Legal obligation (Art 6(1)c): accounting, tax (10 years).
Legitimate interest (Art 6(1)f): fraud prevention, security.

4. Purpose of processing

Responding to your inquiries, delivering art content, managing purchase transactions, fulfilling legal obligations.

5. Data retention

Retention periods:

Contact data: maximum 2 years (or until consent withdrawal).
Newsletter: until unsubscribe.
Invoices, accounting: 10 years (Hungarian accounting law).
Cookie consent: 12 months.

6. Data processors (third parties)

We use the following service providers as data processors:

Cloudflare, Inc. (USA) — CDN, DDoS protection. Privacy policy: cloudflare.com/privacypolicy/
Anthropic, PBC (USA) — AI-assisted content generation (Oracle works). Privacy: anthropic.com/legal/privacy
Synology Inc. — privately owned server. Self-hosted storage in Hungary.
Google LLC (USA) — Search Console (anonymous website statistics only).

7. Your rights

Under GDPR Articles 15-22 you have the right to:

Access (Art 15): receive information about data we hold about you.
Rectification (Art 16): correct inaccurate data.
Erasure (Art 17): request deletion ("right to be forgotten").
Restriction (Art 18): restrict processing.
Portability (Art 20): receive data in machine-readable format.
Objection (Art 21): object to marketing processing.
Withdraw consent: anytime, with future effect.

You can send your request to the following email: [email protected]

8. Lodging a complaint

If you believe our processing is non-compliant, you may complain to the Hungarian Data Protection Authority:

NAIH — Hungarian National Authority for Data Protection
1055 Budapest, Falk Miksa u. 9-11., Hungary
Phone: +36 1 391-1400
Email: [email protected]
Web: naih.hu/en

9. Security measures

We use SSL encryption (TLS 1.3), Btrfs snapshots, GPG-signed logs, and 2FA-protected admin interface.

10. Changes

We reserve the right to amend this Policy. Changes take effect upon publication. Newsletter subscribers will be notified of significant changes.

← Back to home