Privacy policy

Effective Date: January 5, 2026

Version: 2.0

Taurus Techno Kft. (hereinafter: Controller or Company) is strictly committed to protecting the personal data of its clients, partners, and website visitors. The purpose of this privacy policy is to provide full transparency regarding our data processing practices in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and Act CXII of 2011 on the Right to Informational Self-Determination and on Freedom of Information (Info Act).

1. Details of the Data Controller

  • Company Name: Taurus Techno Kft.

  • Registered Seat: 1173 Budapest, Pesti út 8-12, Hungary

  • Company Registration No.: 01-09-719329

  • Tax Identification No.: 13112864-2-42

  • E-mail: info@taurustechno.hu

  • Phone: +36 1 253 5080

  • Website: www.taurustechno.hu

2. Principles of Data Processing

During data processing, the Company strictly adheres to the principles set out in Article 5 of the GDPR:

  1. Lawfulness, fairness, and transparency: Data is processed lawfully and in a transparent manner relative to the data subject.

  2. Purpose limitation: Data is collected only for specified, explicit, and legitimate purposes.

  3. Data minimization: Only data that is adequate, relevant, and limited to what is necessary is processed.

  4. Accuracy: We ensure that personal data is accurate and kept up to date; inaccurate data is erased or rectified without delay.

  5. Storage limitation: Data is kept in a form which permits identification of data subjects for no longer than is necessary.

  6. Integrity and confidentiality: Appropriate technical and organizational measures ensure the security of the data.

  7. Accountability: The Controller is responsible for, and able to demonstrate, compliance with these principles.

3. Detailed Data Processing Activities

The table below summarizes what data we process, why, and for how long:

Activity / Purpose Data Categories Legal Basis (GDPR Art. 6) Retention Period

Website Visit (Server Logs)

Purpose: Ensuring IT security, preventing cyberattacks, monitoring system health.

 IP address, time of visit, URL of visited pages, operating system and browser type, HTTP status code.

Legitimate Interest (Art. 6(1)(f)).

Interest: Maintaining the integrity, availability, and security of the website.

 Server logs are automatically deleted after 30 days, unless required for investigating a security incident.

Contact and Quote Requests

Purpose: Responding to inquiries, preparing personalized price offers.

 Name, email address, phone number, personal data included in the message body.

Contract Preparation (Art. 6(1)(b)) – if the inquiry aims at concluding a contract.

Otherwise, Consent of the Data Subject (Art. 6(1)(a)).

 Until consent is withdrawn, or for 1 year after the validity of a quotation expires if no contract is concluded. If a contract is formed: 8 years (Accounting Act).

Consumer Complaint Handling

Purpose: Investigating and responding to complaints.

 Complainant’s name, address, subject of complaint, place/time of submission, unique ID. Legal Obligation (Art. 6(1)(c)), in accordance with Section 17/A of Act CLXV of 1997 on Consumer Protection. Minutes of the complaint and the response must be retained for 3 years.

Business Partner Contacts

Purpose: Performance of contracts, business communication.

 Contact person’s name, email, phone number, job title.

Legitimate Interest (Art. 6(1)(f)).

Interest: Ensuring continuous business communication between parties.

 5 years after the termination of the business relationship (Civil Code limitation period).

4. Use of Cookies and Online Tracking Technologies

Our website uses cookies to ensure proper functioning, enhance user experience, and analyze web traffic.

4.1. What is a Cookie?

A cookie is a small text file stored on your device (computer, mobile phone) by your browser. Cookies allow the website to “remember” your actions and preferences over a period of time.

4.2. Consent Management (Cookie Banner)

Upon your first visit to our website, a pop-up window (Cookie Banner) allows you to manage your cookie preferences.

  • Necessary (Technical) Cookies: Installed automatically as they are essential for the website to function. No consent is required (Legal basis: Legitimate Interest).

  • Statistical and Marketing Cookies: These are activated ONLY with your explicit, active consent (by clicking “Accept All” or selecting the specific category).

  • You have the option to select “Reject All”, in which case only technical cookies will remain active.

4.3. Categories of Cookies Used

  1. Session Cookies: Temporary cookies stored only until you close your browser. Essential for navigation.

  2. Google Analytics 4 (Statistics): A service by Google to analyze visitor behavior. Google Analytics 4 automatically anonymizes your IP address (by masking the last octet), ensuring it cannot be directly linked to you.

    • Retention: 2 months (default setting).

    • Transfer: Data is processed on Google servers, which may be located in the USA (see Section 5).

  3. Marketing Cookies (Google Ads, Meta Pixel): These track users across websites to display relevant advertisements.

You can modify your cookie preferences at any time by clicking the “Cookie Settings” icon in the website footer.

5. Data Processors and International Transfers

We engage trusted partners (processors) to provide our services. We have signed Data Processing Agreements (DPAs) with them in accordance with Article 28 of the GDPR.

Partner Name Location / Contact Activity
Impressive.hu Kft. 7030 Paks, Öreghegy utca 63, Hungary Web Hosting, Technical Operation
23VNET Kft. 1132 Budapest, Victor Hugo u. 18-22, Hungary Email Services, Server Hosting
Gekko Computer Bt. 2081 Piliscsaba, Római u. 21, Hungary IT Maintenance, System Administration
FITS Magyarország Kft. 8600 Siófok, Szent László u. 89/A, Hungary IT Development and Support
Google Ireland Ltd. Gordon House, Barrow St, Dublin 4, Ireland Web Analytics, Advertising, Cloud Services
Meta Platforms Ireland Ltd. 4 Grand Canal Square, Dublin 2, Ireland Social Media Integration, Marketing

5.1. International Data Transfers (USA)

By using Google and Meta services, certain data (e.g., IP addresses, cookie IDs) may be transferred outside the European Economic Area (EEA) to the United States.

The legal basis for these transfers is the European Commission’s adequacy decision of July 10, 2023, regarding the EU-U.S. Data Privacy Framework (DPF).

Google LLC and Meta Platforms, Inc. are certified under the DPF list maintained by the U.S. Department of Commerce, committing to comply with EU data protection standards. This ensures your data enjoys an adequate level of protection in the USA.

6. Data Security

We employ risk-proportionate technical and organizational measures to protect your data:

  • Technical measures: SSL/TLS encryption on the website, password-protected workstations, antivirus software, regular backups.

  • Organizational measures: Access to personal data is restricted to authorized personnel bound by confidentiality agreements. Physical documents are stored in locked premises.

Please note that data transmission over the internet cannot be guaranteed to be 100% secure, but we strive to minimize risks.

7. Your Rights (Data Subject Rights)

Under Chapter III of the GDPR, you have the following rights:

  1. Right of Access (Art. 15): You have the right to request confirmation as to whether or not your personal data is being processed, and if so, access the data.

  2. Right to Rectification (Art. 16): You can request the correction of inaccurate data or completion of incomplete data.

  3. Right to Erasure (“Right to be forgotten” – Art. 17): You can request the deletion of your data if the purpose of processing no longer exists, if you withdraw consent, or if processing was unlawful. (Exceptions apply for legal obligations, e.g., invoicing).

  4. Right to Restriction of Processing (Art. 18): You can request the restriction of processing (e.g., while the accuracy of data is being verified).

  5. Right to Data Portability (Art. 20): You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller.

  6. Right to Object (Art. 21): You can object to processing based on legitimate interest at any time. In such cases, we will no longer process the data unless we demonstrate compelling legitimate grounds.

How to exercise your rights: You may send your request via post (1173 Budapest, Pesti út 8-12, Hungary) or email (info@taurustechno.hu). We will respond to your request regarding the measures taken without undue delay, and within 1 month at the latest.

8. Remedies

If you believe your data protection rights have been violated, please contact us first to resolve the issue amicably.

If this is unsuccessful, you may lodge a complaint with the Supervisory Authority:

National Authority for Data Protection and Freedom of Information (NAIH)

  • Address: 1055 Budapest, Falk Miksa utca 9-11, Hungary

  • Mailing Address: 1363 Budapest, Pf.: 9.

  • Phone: +36 1 391 1400

  • E-mail: ugyfelszolgalat@naih.hu

  • Website: https://naih.hu