1. Introduction
The Data Controller processes all personal data provided in full compliance with applicable Hungarian and EU laws and ethical standards, implementing all technical and organizational measures necessary for secure data handling. This privacy statement has been prepared in accordance with the following regulations: Act CXIX/1995, Act CVIII/2001, Act XLVIII/2008, Act CXII/2011, EU Regulation 2016/679 (GDPR), and Government Decree 414/2015 
villa-grand-maros-kft-1.showitpreview.com
.

2. Data Controller – Identity & Contact Details
Tesfay Sába

Registered office: Budapest, 1132 Csanády utca 7

Tax number: HU58979509

Website: grandmaros.hu | Email: villagrandmaros@gmail.com | Phone: +36 30 779 988

Villa Grand Maros Kft.

Registered office: Nagymaros, Pállya Celesztin utca, parcel no. 010783/0013

Tax number: 32533750‑2‑13

Website and contact as above
Additionally, personal data are processed for reporting obligations to the National Tourism Agency 
villa-grand-maros-kft-1.showitpreview.com
.

3. Principles of Processing
Personal data are handled lawfully, fairly, and transparently for specified, explicit, and legitimate purposes. Only data necessary for these purposes are processed and are stored only as long as needed .

4. Definitions
Key terms are defined, including “GDPR,” “personal data,” “data processor,” “data controller,” “data subject,” and “consent,” among others .

5. Purposes of Processing
5.1 Contact via Website
If you contact us through the website, we require your name, email, and phone number purely for communication purposes. Providing such data is voluntary, and non-provision will not incur any disadvantage, although some site features may be unavailable without them. Data retention: up to 8 years after termination of contractual relationship. Deletion requests possible via email after statutory retention period .

5.2 Booking via Website
For bookings, data required include full identification from official documents, nationality, gender, address, phone, and email. Providing this data is mandatory per legal obligations (bookkeeping, tourism reporting). Retention: up to 8 years for accounting records; other data up to 2 years .

5.3 Scanning ID Documents
By Hungarian law, accommodations must collect guests’ official ID data via NTAK system (VENDÉGEM software). Data are encrypted and stored up to one year by the provider, and up to two years nationally, accessible only to police for criminal prevention 
villa-grand-maros-kft-1.showitpreview.com
.

5.4 Analytics & Marketing
Third-party cookies (Google, Facebook) may collect data to provide analytics and targeted advertising. Remarketing lists are anonymized and not personally identifiable. Users can disable cookies via their browser. Data retention: up to 14 months after the last website visit. Legal basis: the legitimate interest of Facebook plugins (GDPR Art. 6 (1)(f)) .

6. Data Security & Processors
The Data Controller implements appropriate technical and organizational security measures. Systems are located at the company headquarters and no external data processors are used .

7. Data Subject Rights
You have the right to request information about your data processing, request correction, deletion, or restriction of data at any time. Responses are provided free of charge within 30 days. Objection to processing: examined within 15 days. If request is unjustified, you’ll be informed within 30 days . You may lodge a complaint with the court or the Hungarian National Authority for Data Protection .