Privacy policy

Privacy Policy

You can access and download our Data Processing Notice by clicking here.

1. Data Controller and Contact Information

2. Data Processing Related to https://services.everguest.com

3. Cookies

What are cookies and what are they used for?
A cookie is a small text file stored by the website you visit on your internet browsing device. Your device stores this cookie for a specific period. Some cookies are deleted once you close your browser (these are called “session cookies”), while others are stored for a longer period, enabling the website to “remember” certain settings, such as your preferred language. When you revisit the website, these stored settings are automatically applied.

Websites use cookies for multiple purposes. Some are essential for the technical functioning of the site and to ensure all content elements are available to you. Others provide convenience or additional features or help us tailor the site based on your activity (e.g., viewed content, opened menus).

Cookies pose no security risk to your device and do not cause malfunctions. However, since some cookies may store information considered personal data (such as geo-location derived from your device’s IP address or device type and activity on the site), their use must comply with relevant data protection laws.

Cookies can be categorised in several ways. One way is by who uses them: we use “first-party cookies”, while others are “third-party cookies” placed by other entities. Another categorisation is based on their purpose: strictly necessary, optional, or marketing cookies.

The cookies used on https://services.everguest.com fall into the following categories:

• Strictly necessary technical cookies. These are essential for the technical operation of the website (e.g., proper display of graphics, navigation) and cannot be disabled. They are automatically placed on your device when visiting the website. They ensure site security, content display, and load balancing. Data collected through these cookies (especially geo-location derived from your device’s IP) is processed based on our legitimate interest and retained depending on cookie type. Some are deleted when the browser is closed; others remain for a set period. 
• Preference and convenience cookies. These enhance user experience by remembering your preferred settings for the website and applying them on future visits. We only process these cookies with your consent, which can be withdrawn anytime via the cookie settings interface. 
• Statistical cookies. These help measure website traffic and user activity for ongoing improvements. We and our third-party partners use them to understand visitor characteristics (e.g., city, device type, browser, time spent on content). We only process these cookies with your consent, which can be withdrawn anytime via the cookie settings interface. 
• Marketing cookies. These display personalised marketing content and advertisements tailored to your interests, either by us or third-party partners. Based on your activity on the site, they aim to identify the most relevant content and menu items. We only process these cookies with your consent, which can be withdrawn anytime via the cookie settings interface. 

Please note that you can also manage and delete cookies through your browser settings. However, deleting cookies that are strictly necessary for the website’s proper functioning may result in some features not working correctly or at all.

4 Cookies used on https://services.everguest.com

The website uses only Google Analytics, Google Ads, Meta, and Hotjar cookies.
Among Google’s cookies, we only use Google Analytics and Google Ads on our website.
Google does not log or store your device’s IP address. Instead, it only captures “partial” location data based on your IP (e.g., city, country, region, continent) and deletes the IP address without logging.
More information on IP handling in the EU: https://support.google.com/analytics/answer/12017362?hl=en

Google Ads cookies are used only with your consent.

More about Google’s cookie data handling: https://policies.google.com/privacy?hl=hu
And about how Google uses data from partner websites and apps: https://policies.google.com/technologies/partner-sites

For information about data collected via Hotjar cookies: https://www.hotjar.com/legal/policies/privacy/

For Meta’s cookie policy:
https://www.facebook.com/privacy/policies/cookies/

5. Recipients of Personal Data

A “recipient” is any third party to whom we may transfer or who may access your personal data for the reasons outlined below. Some recipients are independent data controllers responsible for the data themselves, while others are data processors acting on our instructions under a contractual agreement.

You can find information about these recipients below.

We only transfer data to countries outside the EU if an appropriate GDPR-compliant safeguard is in place. For example, in the case of our domain provider Domain.com LLC, data is transferred based on the European Commission’s standard contractual clauses. More info:
https://newfold.com/privacy-center/addendum-eu-gdpr

Upon request, we will provide more information about the safeguards applied. Apart from the above recipients, we do not share your data with any third parties unless required by law.

6. Data Subject Rights and How to Exercise Them

Under the GDPR, you have the rights described below, which you can exercise anytime using the contact details listed in Section 1.

We assess your request promptly and take appropriate action. We will respond within one month from receipt, explaining the actions taken or, if none were taken, the reasons. This period may be extended by two additional months depending on request complexity or volume. We will inform you within one month if an extension is needed and explain why.

Please describe your request briefly, clearly, and in your own words. Each request is reviewed individually.

1. A) Right of Access
   You have the right to request confirmation on whether your personal data is being processed, and if so, to receive details including the purposes, recipients, data sources, retention periods, your rights, and any safeguards in case of international transfers. You may also request a copy of the data. If fulfilling this request would infringe on the rights or freedoms of others (e.g., trade secrets or IP), we may partially deny it. Multiple copies may incur a reasonable administrative fee.
2. B) Right to Rectification
   We will correct your personal data upon request (e.g., if it changes). If the data was shared with others (e.g., data processors), we will inform them of the correction unless it is impossible or requires disproportionate effort. You may request a list of those informed.
3. C) Right to Erasure (“Right to be Forgotten”)
   We will delete your personal data without undue delay if:
   the data is no longer needed for the purposes collected;
   ● processing was based on consent, which has been withdrawn;
   ● you object to processing based on our legitimate interest and there’s no overriding reason to continue;
   ● the data was unlawfully processed;
   ● deletion is required by law.

If the data was shared with others, we will inform them of the deletion unless it is impossible or requires disproportionate effort. You may request a list of those informed.

Note: We may not always be obliged to delete data, e.g., if it is necessary to assert or defend legal claims.

1. D) Right to Restriction of Processing
   You may request restriction of processing in these cases (meaning we will only store the data and not use it):
   You dispute the data’s accuracy – we’ll restrict processing until it’s verified.
   ● Processing is unlawful, but you oppose deletion and request restriction instead.
   ● We no longer need the data, but you require it for legal claims.
   ● You objected to processing – restriction applies until we determine if our grounds override yours.

If data was shared with others, we will inform them of the restriction unless impossible or too burdensome. You may request a list of those informed.

1. E) Right to Object
   If processing is based on legitimate interest, you have the right to object. We must stop processing unless:
   we can demonstrate compelling legitimate grounds that override your interests, or
   ● processing is needed for legal claims. Otherwise, we will stop processing your data upon objection.
2. F) Right to Data Portability

You may request to receive the personal data you provided to us in a structured, machine-readable format or have it transferred to another controller where technically feasible. We may refuse if this infringes on the rights or freedoms of others.

1. G) Right to Lodge a Complaint / Legal Remedies
   We aim to give you no reason for complaint. If you believe our processing violates data protection laws, especially the GDPR, you may lodge a complaint with the Hungarian Data Protection Authority (NAIH):

Website: http://naih.hu/
Address: 1055 Budapest, Falk Miksa utca 9-11.
Mailing Address: 1363 Budapest, P.O. Box 9
Phone: +36-1-391-1400
Fax: +36-1-391-1410
Email: ugyfelszolgalat@naih.hu

You may also lodge a complaint with the supervisory authority of your habitual residence, place of work, or the location of the alleged violation within the EU.

You are also entitled to seek judicial remedy regardless of your complaint. The competent court in our case is the Metropolitan Court of Budapest, but you may also bring the case before the court of your place of residence. For more information: http://birosag.hu/torvenyszekek
You may also file the lawsuit in your EU country of residence, if applicable.

You are entitled to judicial remedy against any legally binding decision of NAIH. You may also file a lawsuit if NAIH fails to handle your complaint or does not inform you of its progress or outcome within three months.

Effective: February 14, 2024