Barion Pixel

Privacy policy

Privacy Policy

Data Processing Information

If the customer is a business entity or other organization, data such as the company name, registered office, and tax number do not qualify as personal data, therefore data protection regulations do not apply to them. Data processing becomes personal data, and thus falls under the scope of the GDPR, if during invoicing or communication data linked to a natural person is also provided – for example, the contact person’s name, email address, or telephone number.

Date of acceptance: 27.10.2025.

Data Controller

Name: HORMAK Solution Fire Prevention and Occupational Safety Ltd.

Registered office: 6237 Kecel, Újszőlő Street 107.

Mailing address, complaint handling: Email: webshop@hormak.hu

Website: hormak.hu

 

Hosting Service Provider

Name: ErdSoft DOO.

Registered office: Serbia, Subotica, Zombori Road 33a

Contact: support@sellvio.com

Website: sellvio.com/hu

Description of data processing activities carried out during the operation of the webshop

This document contains all relevant data processing information related to the operation of the webshop based on Regulation (EU) 2016/679 of the European Union (hereinafter: Regulation, GDPR) and Act CXII of 2011 (hereinafter: Infotv.).

Information on the use of cookies

What is a cookie?

During visits to the website, the Data Controller uses so-called cookies. A cookie is an information package consisting of letters and numbers that our website sends to your browser in order to save certain settings, facilitate the use of our website, and contribute to collecting some relevant statistical information about our visitors.

Some cookies do not contain personal information and are not suitable for identifying individual users; however, some contain a unique identifier – a secret, randomly generated sequence of numbers – which is stored on your device and thus ensures your identifiability. The operating duration of each cookie is described in the relevant cookie description.

Legal background and legal basis of cookies:

Basically, we distinguish three types of cookies: cookies essential for operation, which ensure the proper functioning of the website, statistical cookies, and marketing cookies.

The legal basis for data processing is your consent pursuant to Article 6(1)(a) of the Regulation in the case of statistical and marketing cookies, and the legitimate interest necessary to ensure the operation of the website pursuant to Article 6(1)(f) of the Regulation in the case of cookies required for operation.

Main characteristics of cookies used by the website:

Our website uses cookies to improve user experience, ensure the operation of the website, and for statistical and marketing purposes. Cookies necessary for operation are applied on the basis of legitimate interest, while statistical and marketing cookies require your consent. Detailed information about the management and deletion of cookies can be found in your browser settings and in the Cookie Information.

Cookies essential for operation:

If you do not accept the use of these cookies, certain functions may not be available to you.

Strictly necessary cookies: These cookies are indispensable for the use of the website and enable the use of basic website functions. Without them, many features of the website will not be available to you. The lifespan of these cookies is limited exclusively to the duration of the session.

Cookies used on the website and their categories

Essential cookies:

XSRF-TOKEN – Serves security purposes; present in every request and prevents cross-site scripting attacks.

mysellvio_session – Stores session data related to the logged-in user.

cssloaded – Used to check whether CSS files have already been loaded, thereby preventing the page from “jumping” during the first load.

age_verified – Stores whether the user has accepted the age restriction warning of 18 years.

cookie_consentdone – Records whether the user has accepted the use of cookies.

allowedcookies – Stores which types of cookies the user has given consent for.

 

Functionality-supporting cookies:

crt – Stores the contents of the cart and the settings saved there.

slng – Stores the selected language setting.

wsh – Contains the items in the wishlist.

cmp – Stores the identifiers of products added for comparison.

upv{id} – Records votes within an article.

popup_closed – Indicates whether a marketing pop-up window has already been shown to the user.

 

Analytics and marketing cookies:

{domain}_trafifyCode – Trafify traffic analysis cookie.

_ga, _ga_0X7FDS8J1H – Google Analytics cookies that collect statistical data about visits.

 

Additional, occasionally used third-party cookies (e.g., for marketing or remarketing purposes).

 

Type of data processed

Cookies typically contain technical data: session identifier, language setting, cart or wishlist identifier, as well as anonymous statistical identifiers (e.g., IP address in shortened form in the case of Google Analytics).

No personal data (e.g., email address) is stored.

 

Duration of data processing

Google Analytics cookies: 2 years

Cart-related cookie (crt): 30 days

Wishlist (wsh) and comparison (cmp) cookies: 30 days

Language setting (slng): 30 days

Age verification (age_verified): 1 day

CSS loading cookie (cssloaded): does not expire

Cookies related to cookie consent (cookie_consentdone, allowedcookies): 1 year

 

Data transfer

In the case of Google Analytics and other third-party services, data processing takes place on the servers of the given service provider, in accordance with the service provider’s data management policies.

Apart from this, no other data transfer takes place.

 

You can find more information about deleting cookies at the links below:

Internet Explorer:  windows.microsoft.com/en- … e-manage-cookies#ie=ie-11

Firefox:  support.mozilla.org/en-US … es-store-on-your-computer

Mozilla: support.mozilla.org/hu/kb … ett-sutik-torlese-szamito

Safari: support.apple.com/guide/s … ebsite-data-sfri11471/mac

Chrome: support.google.com/chrome/answer/95647

Edge: support.microsoft.com/hu- … osoft-edge-delete-cookies

Data processed for the conclusion and performance of the contract

During the conclusion and performance of the contract, several types of data processing may take place. Please note that data processing related to complaint handling and warranty administration takes place only if you actually exercise these rights.

If you do not purchase through the webshop and use the site only as a visitor, the processing of data relating to you may be carried out exclusively for marketing purposes, provided that you have given your prior consent.

Below we present in detail the data processing processes related to the conclusion and performance of the contract:

 

1. Contact

If you inquire about one of our products by email or via the contact form, the data processing covers the data you provide. It is important to emphasize that prior contact is not a condition of purchase – you can place an order in the webshop at any time freely, even without contacting us.

Data processed: The data you provide during the contact process.

Duration of data processing: We process the data only until the contact is concluded.

Legal basis for data processing

Your voluntary consent, which you give to the Data Controller by making contact. [Data processing pursuant to Article 6(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter: Regulation)]

 

2. Registration on the website

The data provided during registration allows the Data Controller to provide a more convenient and faster service, for example during later purchases without having to re-enter data. It is important to note that registration is not a prerequisite for purchase – you can place an order in the webshop even without registration.

Data processed: During data processing, the Data Controller processes your name, address, telephone number, email address, the characteristics of the purchased product, and the time of purchase.

Duration of data processing: Until you withdraw your consent.

Legal basis for data processing: Your voluntary consent, which you give to the Data Controller by registering [data processing pursuant to Article 6(1)(a) of the Regulation]

 

3. Processing the order

During the processing of orders, data processing activities are necessary in order to perform the contract.

Data processed: During data processing, the Data Controller processes your name, address, telephone number, email address, the characteristics of the purchased product, the order number, and the time of purchase. If you have placed an order in the webshop, data processing and the provision of data are indispensable for the performance of the contract.

Duration of data processing: We process the data for 5 years in accordance with the limitation period under civil law.

Legal basis for data processing: Performance of the contract. [Data processing pursuant to Article 6(1)(b) of the Regulation]

 

4. Issuing the invoice

The data processing procedure takes place in order to issue an invoice in compliance with legal requirements and to fulfil the obligation to retain accounting documents.

When issuing an invoice, the Data Controller processes the data necessary to identify the customer. If the customer is a private individual, the data provided by them – such as name, address, email address – qualify as personal data, therefore the rules of the GDPR fully apply to such data processing.

In contrast, if the customer is a business entity or other organization, data such as the company name, registered office, and tax number do not qualify as personal data, therefore data protection regulations are relevant only if data linked to a natural person is also provided during invoicing (e.g., the contact person’s name, email address, telephone number).

Data processed: Name, address, email address, telephone number.

Duration of data processing: Issued invoices must be retained for 8 years from the date of issuance pursuant to Section 169(2) of the Accounting Act.

Legal basis for data processing: Issuing an invoice is mandatory pursuant to Section 159(1) of Act CXXVII of 2007 on Value Added Tax, and it must be retained for 8 years pursuant to Section 169(2) of Act C of 2000 on Accounting [data processing pursuant to Article 6(1)(c) of the Regulation].

 

5. Data processing related to the delivery of goods

The data processing procedure takes place in order to deliver the ordered product.

Data processed: Name, address, email address, telephone number.

Duration of data processing: The Data Controller processes the data for a period of 1 year following the delivery of the ordered goods.

Legal basis for data processing: Performance of the contract [data processing pursuant to Article 6(1)(b) of the Regulation].

 

6. Recipients and data processors of data processing related to the delivery of goods

Name of the recipient: FoxPost Private Company Limited by Shares

Registered office of the recipient: 3200 Gyöngyös, Batsányi János Street 9.

Recipient’s phone number: +36 1/999-0-369

Recipient’s email address: info@foxpost.hu

Recipient’s website: foxpost.hu

Based on a contract concluded with the Data Controller, the courier service participates in the delivery of the ordered goods. The courier service processes the received personal data in accordance with the data processing information available on its website.

Name of the recipient:  Magyar Posta Plc.

Registered office of the recipient: 1138 Budapest, Dunavirág Street 2-6.

Recipient’s phone number: 06-1-767-8282

Recipient’s email address:: ugyfelszolgalat@posta.hu

Recipient’s website:  posta.hu

Based on a contract concluded with the Data Controller, the courier service participates in the delivery of the ordered goods. The courier service processes the received personal data in accordance with the data processing information available on its website.

 

7. Handling warranty and guarantee claims

Warranty and guarantee claims must be handled in accordance with the rules of Decree 19/2014. (IV. 29.) of the Ministry for National Economy (NGM), which also determines how we must handle your claim.

Data processed: When handling warranty and guarantee claims, we must proceed in accordance with the rules of Decree 19/2014. (IV. 29.) of the Ministry for National Economy (NGM).

Based on the decree, we are obliged to draw up minutes regarding the warranty or guarantee claim reported to us, in which we record:

a) your name, address, and your statement that you consent to the processing of your data recorded in the minutes as specified in the decree,

b) the name and purchase price of the movable property sold under the contract concluded between you and us,

c) the date of performance of the contract,

d) the date of reporting the defect,

e) the description of the defect,

f) the right you wish to enforce on the basis of your warranty or guarantee claim, furthermore

g) the method of settling the warranty or guarantee claim or the reason for rejecting the claim or the right you wish to enforce on that basis.

If we take over the purchased product from you, we must issue a receipt of acceptance, which must include

a) your name and address,

b) the data necessary to identify the item,

c) the date of acceptance of the item, furthermore

d) the date when you may take over the repaired item.

Duration of data processing: The business is obliged to keep the minutes taken about the consumer’s warranty or guarantee claim for three years from the date they were taken, and to present them at the request of the supervisory authority.

Legal basis for data processing: The legal basis for data processing is compliance with legal obligations under Decree 19/2014. (IV. 29.) of the Ministry for National Economy (NGM) [Section 4(1) and Section 6(1)] [data processing pursuant to Article 6(1)(c) of the Regulation].

 

8. Handling other consumer protection complaints

The data processing procedure takes place for the purpose of handling consumer protection complaints. If you have submitted a complaint to us, data processing and the provision of data are indispensable.

Data processed:Customer’s name, phone number, email address, content of the complaint.

Duration of data processing: We keep warranty-related complaints for 5 years based on the consumer protection law.

Legal basis for data processing:Submitting a complaint is your voluntary decision. If you decide to file a complaint, the Data Controller is obliged to keep the minutes made about the complaint for three years pursuant to Section 17/A(7) of Act CLV of 1997 on Consumer Protection, and to present it at the request of the competent authority. In this case, the legal basis for data processing is Article 6(1)(c) of the GDPR – compliance with the Data Controller’s legal obligation.

 

 

 

9. Data processed in connection with the verifiability of consent

During registration, placing an order, or subscribing to the newsletter, the IT system stores IT-related data concerning consent for the purpose of later verifiability.

Data processed: The time of consent and the data subject’s IP address.

 

Duration of data processing: Due to legal requirements, consent must be verifiable at a later time; therefore, the data is stored until the expiry of the limitation period following the termination of data processing.

Legal basis for data processing:This obligation is prescribed by Article 7(1) of the Regulation. [Data processing pursuant to Article 6(1)(c) of the Regulation]

 

10. Marketing-related data processing

Data processing related to newsletter distribution

The data processing procedure takes place for the purpose of sending newsletters.

Data processed: Name, address, email address, telephone number.

Duration of data processing: Until the data subject withdraws their consent.

Legal basis for data processing: Your voluntary consent given to the Data Controller by subscribing to the newsletter [data processing pursuant to Article 6(1)(a) of the Regulation]

 

11. Data processing related to the sending and display of personalized advertisements

The data processing procedure takes place for the purpose of sending advertising content tailored to the data subject’s interests.

Data processed: Name, address, email address, telephone number, date of birth.

Duration of data processing: Until consent is withdrawn.

Legal basis for data processing: Your voluntary, separate consent given to the Data Controller during data collection [data processing pursuant to Article 6(1)(a) of the Regulation]

 

12. Remarketing

Data processing as a remarketing activity is carried out using cookies.

Data processed: Data processed by cookies as defined in the cookie notice.

Duration of data processing: The storage period of the given cookie; further information is available here:

Google general cookie information: google.com/policies/technologies/types

Google Analytics information: developers.google.com/analyticsjs/cookie-usage?hl=hu

Facebook information: facebook.com/ads/preferences/?entry_product=ad_settings_screen

Legal basis for data processing: Your voluntary consent given to the Data Controller by using the website [data processing pursuant to Article 6(1)(a) of Regulation (EU) 2016/679].

 

13. Additional data processing

If the Data Controller intends to carry out additional data processing, prior information will be provided regarding the essential circumstances of such processing (legal background and legal basis, purpose, scope of processed data, and duration of processing).

Recipients of personal data

Data processing related to the storage of personal data

Name of the data processor: ErdSoft DOO.

Contact details of the data processor

Email address: support@sellvio.com

Registered office: Serbia, Subotica, Zombori Road 33a

Website: sellvio.com/hu

The Data Processor stores personal data based on a contract concluded with the Data Controller and is not entitled to access the content of personal data.

 

Right to erasure – right to be forgotten

You are entitled to request that the Data Controller erase personal data relating to you without undue delay where one of the following grounds applies:

the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed by the Data Controller;

you withdraw your consent and there is no other legal ground for the processing;

you object to processing based on legitimate interest, and there are no overriding legitimate grounds (i.e., legitimate interest) for the processing,

the personal data have been processed unlawfully by the Data Controller and this has been established on the basis of a complaint,

the personal data must be erased for compliance with a legal obligation in Union or Member State law to which the Data Controller is subject.

Where the Data Controller has made personal data relating to you public for any lawful reason, and is obliged to erase it on any of the grounds stated above, the Data Controller shall, taking account of available technology and the cost of implementation, take reasonable steps – including technical measures – to inform other data controllers processing the data that you have requested the erasure of any links to, or copies or replications of, those personal data.

Erasure shall not apply to the extent that processing is necessary:

-for exercising the right of freedom of expression and information;

-for compliance with a legal obligation which requires processing by Union or Member State law to which the Data Controller is subject (such as processing carried out in the context of invoicing, since retention of invoices is required by law), or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;

for the establishment, exercise, or defence of legal claims (e.g., if the Data Controller has a claim against you and it has not yet been fulfilled, or a consumer or data processing complaint is being handled).

 

 

Right to object

You are entitled to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on legitimate interest. In such a case, the Data Controller shall no longer process the personal data, unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the establishment, exercise, or defence of legal claims.

Where personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data relating to you for such marketing, including profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.

 

Right to data portability

Where processing is carried out by automated means, or where the processing is based on your voluntary consent, you have the right to request from the Data Controller that you receive the data you have provided to the Data Controller. The Data Controller shall make such data available to you in XML, JSON, or CSV format, where technically feasible, and you may also request that the Data Controller transmit the data in that format to another data controller.

Automated decision-making

You have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you. In such cases, the Data Controller is obliged to implement suitable measures to safeguard the data subject’s rights, freedoms and legitimate interests, including at least the right to obtain human intervention on the part of the data controller, to express your point of view, and to contest the decision.

The above shall not apply where the decision:

is necessary for entering into, or performance of, a contract between you and the Data Controller;

is authorised by Union or Member State law to which the Data Controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or

is based on your explicit consent.

Registration in the data protection register

Pursuant to the provisions of the Infotv., the Data Controller was required to register certain of its data processing activities in the data protection register. This registration obligation ceased as of 25 May 2018.

Data security measures

The Data Controller declares that it has implemented appropriate security measures to protect personal data against unauthorised access, alteration, transmission, disclosure, erasure or destruction, as well as accidental destruction and damage, and against becoming inaccessible due to changes in the applied technology.

The Data Controller shall do everything possible, within the limits of organisational and technical capabilities, to ensure that its Data Processors also take appropriate data security measures when processing your personal data.

Remedies

If you believe that the Data Controller has infringed any statutory provision relating to data processing, or has not fulfilled any of your requests, you may initiate an investigation procedure of the National Authority for Data Protection and Freedom of Information (NAIH) in order to terminate the presumed unlawful data processing (mailing address: 1363 Budapest, Pf. 9., email: ugyfelszolgalat@naih.hu, phone numbers: +36 (30) 683-5969 +36 (30) 549-6838; +36 (1) 391 1400).

We also inform you that in the event of a violation of statutory provisions relating to data processing, or if the Data Controller has not fulfilled any of your requests, you may bring a civil lawsuit against the Data Controller before a court.

Amendment of the data processing notice

The Data Controller reserves the right to amend this data processing notice in a manner that does not affect the purpose and legal basis of the processing. By using the website after the amendment enters into force, you accept the amended data processing notice.

If the Data Controller intends to carry out further processing of the collected data for a purpose different from the purpose of collection, prior to the further processing it shall inform you of the purpose of the processing and of the following information:

the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;

your right to request from the Data Controller access to personal data relating to you, rectification, erasure or restriction of processing, and to object to processing based on legitimate interest, as well as, where processing is based on consent or a contractual relationship, to request the right to data portability;

in the case of processing based on consent, that you may withdraw your consent at any time,

your right to lodge a complaint with the supervisory authority;

whether the provision of personal data is a statutory or contractual requirement, or a prerequisite for entering into a contract, whether you are obliged to provide the personal data, and the possible consequences of failing to provide such data;

the existence of automated decision-making (if such a procedure is applied), including profiling, and at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.

Processing may only begin thereafter; where the legal basis for processing is consent, in addition to being informed you must also give your consent to the processing.

Data processing and digital content

In the event of withdrawal, the Service Provider complies with its obligations under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

The Service Provider shall refrain from using any content, other than personal data, that is provided or created by the Buyer, or generated during the use of the digital content or digital service provided by the Service Provider, except where such content (a) cannot be used in connection with the digital content provided or digital service supplied by the Service, (b) relates exclusively to the Buyer’s activity during the use of the digital content or digital service provided by the Service Provider, (c) has been aggregated by the Service Provider with other data and cannot be separated, or could only be separated with disproportionate effort, or (d) was created jointly by the Buyer with other persons and may continue to be used by other Buyers. Upon request, we shall make available to the Buyer any content created by the Buyer in connection with the digital content or service, other than personal data, except where the content cannot be used in another context, relates exclusively to the Buyer’s activity, has been aggregated with other data, or was created jointly with other consumers. The Buyer is entitled to retrieve the digital content free of charge, without restriction, within a reasonable time, in a commonly used and machine-readable data format. In the event of withdrawal—subject to compliance with the above rules—the Service Provider may prevent further use of the digital content or service.

Cookie settings

We use cookies to personalise content and ads, to provide social media features and to analyse website traffic. You can read more by clicking on the "Settings" button.
We use cookies to personalise content and ads.

Cookies are small text files that can be used by websites to make a user's experience more efficient.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.
This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
Your consent applies to the following domains hormak.hu

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.

Statistical cookies allow anonymous data collection to allow website owners to analyze website usage.

The purpose of marketing cookies is to track users through multiple websites. The goal is to be able to display ads to our users that are relevant and of interest to them, making them more valuable to publishers and third-party advertising providers.

Cookie declaration last updated on 2020.09.04.