top of page

Privacy Policy

THE for data management related to the operation of the website and its sub-pages.

Effective: April 1, 2023 until revoked

1. Name of data controller:

  • Company name: Pyxis Nautica Építésziroda Kft.

  • Company registration number: 01 09 296428

  • Headquarters: 1024 Budapest, Kis Rókus utca 17-19. 4th floor 2nd      

  • Tax number: 25922488241                

  • Electronic contact:       

  • E-mail:

  • Phone: +3630/4767500

hereinafter: "Service Provider and Data Manager", as a The operator of the website and its subpages (hereinafter: "Website") creates it for the purpose of providing appropriate, detailed information to the users and visitors of the Website (hereinafter: "Respondent" or "Respondents") about the scope of the data managed by the Service Provider, the method of data management, the purpose and its legal basis, as well as ensuring the constitutional principles of data protection, the enforcement of data security requirements, preventing unauthorized access to Data Subjects' data, changing data and unauthorized disclosure or use.

2. Legislation on which data management is based, in particular, but not exclusively:

  • The European Parliament and the Council (EU) with its Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, and on the repeal of Regulation 95/46/EC (hereinafter: "GDPR") ( hereinafter: "GDPR")

  • The Basic Law of Hungary

  • CXII of 2011 on the right to information self-determination and freedom of information. Act (hereinafter: "Infotv.")

  • Act V of 2013 on the Civil Code (hereinafter: "Civil Code")

  • LIV of 2018 on the protection of business secrets. law

  • XC of 2017 on criminal proceedings. law

  • CLV of 1997 on consumer protection. law

  • CLXXXV of 2012 on waste. law

  • 309/2014 on registration and data provision obligations related to waste. (XII. 11.) Government decree

  • CL of 2017 on the taxation system. law (hereinafter: "Art.")

  • Act C of 2000 on accounting (hereinafter: "Accounting Act")

  • LXVI of 1995 on public archives and the protection of private archive material. law (hereinafter: "Ltv.")

  • The relevant ordinances of local governments affected by the activities of the data controller, unless their content conflicts with the provisions of those listed above

3. Data management related to the Website:

3.1. Scope of managed data and purpose of data management

Purpose of data management: Contacting website visitors who a  page, they specifically request this by providing their personal data. With the fillable field windows provided for this purpose on the website, it allows the visitor of the website to request a call back at the contact details provided by him.

Expected duration and deadline for data management: If an employment contract is concluded between the parties, the Data Controller will further process the data provided by the Data Subject in accordance with the data management rules applicable to the employment contract; if the employment contract is not concluded, it will be processed until the request is rejected, but no later than 6 months after the offer was sent.

Personal data - scope, type, categories: Name, telephone number, e-mail address of the person concerned; the full content of the message he wrote.

Legal basis for data management: Consent of the data subject. For the purpose of concluding and fulfilling a contract between the parties

4. Data management based on consent and data management activities that can be continued in case of withdrawal of consent:

In connection with its data management activities, it manages personal data as described above. The processing of personal data is also lawful in the event that data processing is necessary for the enforcement of the legitimate interests of the data controller or a third party, unless these interests are overridden by the interests or fundamental rights and freedoms of the Data Subject that require the protection of personal data, in particular, if the child concerned.

The Data Subject has the right to withdraw his consent at any time and is also entitled to have the Data Controller delete the personal data concerning him without undue delay upon request, and the Data Controller is obliged to delete the personal data concerning the Data Subject without undue delay if the Data Subject withdraws the your consent to data processing, provided that there is no other legal basis for data processing. If there is an additional legal basis for data processing, the withdrawal or absence of the Data Subject's consent does not prevent the lawful continuation of data processing; therefore, even in the absence of consent, personal data can be processed if the necessary conditions are met.

In order to determine whether the Data Controller is authorized to process the processed data without the Data Subject's further separate consent, or even after the withdrawal of consent, a balance of interests test is necessary. During the interest assessment test, the Data Controller, in accordance with the provisions of the GDPR and in accordance with recital (47):

  • identifies the Data Controller's legitimate interest in processing the personal data that is the subject of the interest assessment test,

  • establishes the interests of the Data Subject in relation to his personal data, which are the subject of the interest assessment test, the basic rights of the Data Subject as a counterpoint to the legitimate interests of the Data Controller

  • carries out a weighting of the legitimate interests of the Data Controller and the interests and fundamental rights of the Data Subjects and, based on this, determines whether the personal data can be processed.

The Data Controller only processes personal data if the data processing is demonstrably justified by compelling legitimate reasons that take precedence over the interests, rights and freedoms of the Data Subject, or that are related to the presentation, enforcement or defense of legal claims. After the submission of the request, the Data Controller examines the protest without undue delay, but within one (1) month at the most, makes a decision on its validity, and informs the Data Subject of its decision in writing. If our Company determines that the Data Subject's protest is well-founded, it will terminate the data management - including further data collection and data transmission - and block the data, as well as notify all those to whom the personal data affected by the protest was previously transmitted about the protest, as well as the measures taken based on it, and who are obliged to take measures to enforce the right to protest.

5. Access to data and data security measures


5.1. Data access and data transfer

The personal data provided by you can only be accessed by the manager(s) of the Data Controller and the employee(s) designated by the Data Controller in order to perform their duties. Thus, for example, the Data Controller's filing staff in order to manage the case or the case presenter in order to conduct the procedure get to know the Data Subject's personal data. Only in exceptional cases and only on the basis of a legal obligation or an official request, the data controller will hand over your personal data to any judicial or state bodies.


5.2. Data security measures

The personal data provided by the Data Subject is stored on servers located at the headquarters of the Data Controller. The Data Controller does not use the services of other companies to store your personal data. The Data Controller takes appropriate measures to ensure that your personal data is protected against, among other things, unauthorized access or unauthorized changes. Thus, for example, access to personal data stored on the server is logged by the Data Controller, which means that it is always possible to check who, when and what personal data was accessed.


6. additional information on data management:

In addition to the above, the rights to which you are entitled are, in particular, but not exclusively, a


  • Information, right to object,

  • Right to data deletion, correction, and restriction of data processing

  • Right to Notice

  • Data portability

  • Enforcement Rights

Regarding the rights of data subjects and further details of data management, the guidelines are contained in the Data Protection Regulations of the Data Controller. The Data Protection Policy can be found at the following places:

On paper: Headquarters of the Data Controller (see: Data Management Information Point 1)



The latter policy contains all the regulations regarding the data management of our Company, but you can obtain more information at any time through the contact information published on the Website.


In other cases, in the event of a violation of their rights, Data Subjects may exercise their right to enforce their rights against the Data Controller before the Data Controller's always valid and effective general contractual arbitration court - in the absence of this, a court with jurisdiction and authority by law (as a general rule, the district court with jurisdiction over the Data Subject's place of residence) - and Infotv. and based on the provisions of relevant legislation, they can contact the National Data Protection and Freedom of Information Authority (address: 1534 Budapest, Pf.: 834; address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.). The court acts out of sequence in the case.


Dated: Budapest, 04.01.2023

bottom of page