Privacy and Privacy Policy

Table of Contents:

Introduction
Types of personal data we collect and how we collect them
Purposes of processing and using personal data
The legal basis for data processing
User rights
Marketing
Cookies and similar technologies
User device data
Location data
Data transfer to third parties
Data storage
Data security
Changes to our privacy policy
Contact details

1. Introduction

This privacy policy describes how we collect, use, and protect the personal data of users of the website and the Sushi Master mobile application through the use of automated tools on the Internet, in accordance with the EU General Data Protection Regulation (GDPR) and Hungarian Law CXII/2011 on the Right to Informational Self-Determination and Freedom of Information.

1. In this policy, we use the following concepts:

1.1. Personal data - any information that relates directly or indirectly to an identified or identifiable natural person (the data subject).

1.2. Mobile Application - a program for electronic computers (Sushi Master), which is installed on the User's device under iOS, Android mobile operating systems, and allows the User to access the database automatically.

1.3. Website - the entirety of electronic computer programs and other information contained in an information system, which can be accessed via the internet through domain names and/or network addresses, which enable the identification of websites on the internet. The address of the copyright holder's website on the internet: https://budapest.sushi-master.hu/

1.4. Copyright Holder - the person who is entitled to use the website, as well as to use and distribute the mobile application, and who carries out the processing of Users' personal data.

1.5. User – a person who uses the website and/or mobile application on a non-exclusive license basis and provides their personal data to the Rights Holder.

1.6. Processing of personal data - any operation or set of operations performed on personal data, whether or not by automated means, including collection, recording, organization, storage, retention, clarification (updating, modification), retrieval, use, transfer (dissemination, provision, access), anonymization, blocking, erasure, destruction.

1.7. Automated processing of personal data - processing of personal data using computer tools.

1.8. Provision of personal data - measures aimed at disclosing personal data to a specific person or group of persons.

1.9. Blocking of personal data - temporary suspension of the processing of personal data (unless the processing is necessary to clarify the personal data).

1.10. Destruction of personal data - measures that make it impossible to restore the content of personal data in the personal data information system and/or result in the destruction of the physical carriers of personal data.

1.11. Personal data information system - databases containing personal data, as well as the information technologies and technical tools that ensure their management.

1.12. Cookie files - fragments of data sent by the website and stored on the user's computer, mobile phone or other device, which are used to visit the website and serve to store data about the user's activity on the website.

1.13. Device identifier - unique data that allows the identification of the User's device on which the mobile application is installed, provided by the device itself or calculated by the mobile application.

2. The installation of the mobile application on the User's device or the use of the mobile application in any other way as well as the use of the website, means that the User accepts the terms of this policy, including the User's consent to the processing of their personal data by the Rights Holder in cases where such consent is required by applicable law.

By using our website and mobile application, you agree to this policy. If you do not agree to the terms of this policy, please do not use the website and mobile application.

2. Types of personal data we collect and how we collect it

Most of the data we collect is provided directly to our company by you. We collect and process data when you:

o Register online or place an order for any of our products or services.

o Voluntarily participate in a customer satisfaction survey or send feedback on any of our forums or via email.

o Use or browse our website with the help of cookies.

Our company collects the following user data:

o Last name, first name

o Contact details (phone number, email address)

o Shipping address

o Payment details (processed through secure payment systems)

o Website usage data (IP address, cookies, device information)

3. Purposes of processing and using personal data

Our company collects and processes your data in order to:

o Fulfill your order and deliver the products

o Provide you with support if you have any questions

o Inform you about the status of your order

o Send you marketing messages, but only with your express consent

o Prevent fraud and ensure security

o Comply with legal obligations

o Keep a record of your purchase history and use information about products you have previously purchased to recommend other products that we think may also be of interest to you.

We store and evaluate information about your recent visits to our website and how you navigate between different parts of our website for analytical purposes and to understand how you use our website so that we can make it more intuitive, accessible, and useful.

In order to assess customer satisfaction, we may process your order data to conduct a survey to evaluate the quality of the services we provide. The legal basis for data processing is our company's legitimate interest in obtaining relevant information to improve the quality of the services we provide.

4. Legal basis for data processing

Personal data is processed on the basis of:

o Your express consent (especially in the case of marketing communications and cookies)

o Performance of a contract (preparation and fulfillment of orders)

o Enforcement of legitimate interests (e.g., fraud protection), provided this does not infringe on your rights

o Compliance with legal obligations

What are your rights regarding data protection?

Our company would like to assure you that you are fully aware of all your rights regarding data protection. All users have the following rights:

Right of access - You have the right to request a copy of your personal data from our company. Our company may charge a small fee for this service.

Right to rectification - You have the right to request that our company correct any data that you believe to be inaccurate. You also have the right to request that our company complete any data that you believe to be incomplete.

Right to erasure - You have the right to request that our company erase your personal data under certain conditions.

Right to restriction of processing - You have the right to request that our company restrict the processing of your personal data under certain conditions.

Right to object - You have the right to object to the processing of your personal data by our company under certain conditions.

Right to data portability - You have the right to request that the data collected by our company be transferred to another organization or directly to you under certain conditions.

If you submit a request, we have one month to respond. If you wish to exercise any of these rights, please contact us at the following email address: [email protected]

Call us at the following phone number: +36709055771

5. User rights

You have the right to:

o Access your personal data

o Request the correction or completion of your data

o Request the deletion of your data ("right to be forgotten") if this does not conflict with legal regulations

o Request the restriction of data processing

o Withdraw your consent to data processing at any time (especially for marketing purposes)

o Request a copy of your data in a structured, machine-readable format (right to data portability)

o Object to the processing of your data, especially for direct marketing purposes

o Lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH)

6. Marketing

Our company would like to send you information about our products and services that we think you might like, as well as about the products and services of our partner companies.

If you have agreed to receive marketing materials, you can unsubscribe from them at any time.

You have the right to prohibit our company from contacting you for marketing purposes or from transferring your data to other members of our group at any time.

If you no longer wish to be contacted for marketing purposes, please email us at: [email protected]

7. Cookies and similar technologies

Our website uses cookies for the following purposes:

o Ensuring the functioning of the website

o Analyzing and improving services

o Personalizing content

o Marketing purposes (only with your consent)

Before placing any necessary cookies, we ask for your explicit consent via the cookie banner[МБ1] . You can refuse cookies or change your settings at any time.

Cookies are text files that are placed on your computer to collect standard internet log information and visitor behavior information. When you visit our websites, we may automatically collect information about you using cookies or similar technologies.

For more information, visit https://allaboutcookies.org/

How do we use cookies?

Our company uses cookies in various ways to improve your experience on our website, including:

o Logging you into the system

o Understanding how you use our website

What types of cookies do we use?

There are many different types of cookies, but our website uses the following:

o Strictly necessary cookies. These cookies are necessary for navigating the website and using the requested services. These types of cookies are used during user registration and login.

o use. Without these, the services requested by the User cannot be accessed. These cookies are essential and can be either permanent or temporary. Without these cookies, the website will not function properly.

o Functionality - Our company uses these cookies to recognize you on our website and remember your previously selected settings. This may include your preferred language and location. Both first-party and third-party cookies are used.

o Advertising - Our company uses these cookies to collect information about your visit to our website, the content you view, the links you follow, and your browser, device, and IP address. Our company occasionally shares certain aspects of this data with third parties for advertising purposes. We may also share online data collected through cookies with our advertising partners. This means that when you visit another website, you may be shown advertisements based on your browsing patterns on our website.

How can you manage cookies?

You can disable or delete cookies and restrict their functionality in the settings of the browser you use. However, in some cases, certain features of our website may not work as a result.

8. Data about the User's device

The Rights Holder collects data about the User's device, the applications installed on it, and the Internet connection using the mobile application. This category includes information about the device model, operating system, browser data, IP address, and device identifiers.

The data collected from the User's device does not contain any personal data relating to the User.

The purpose of collecting information about the User's device is to keep internal records of mobile application users and to improve its operation.

Data about the mobile service provider

The Rights Holder uses the mobile application to collect data about the mobile service provider that provides mobile telecommunications (mobile) services to the User.

The data collected about the mobile service provider does not contain any personal data about the User.

The purpose of collecting information about the mobile service provider is to automatically set the User's country of residence and the language of the mobile application interface in the mobile application settings.

Order history

The Rights Holder retains the history of orders placed by the User, namely the time of placing the order, the address of the vehicle pick-up location, the intermediate and final route addresses, the applicable fare, the payment method, and other data provided by the User.

The purpose of collecting information about order history is to improve the quality of the services provided by using previously provided data to automatically fill in the order parameters, which makes it possible to shorten the time it takes to create an order.

9. Location data

Our mobile app and website may request access to your location data in order to provide personalized services and features. Access to location data includes GPS location and approximate location determined based on your device's IP address and/or your device's location features.

Location data is used solely to provide location-based features in the app and on the website, such as setting up advertisements or displaying nearby restaurants. This data may also be used to analyze and improve our services.

We store and process location data with due care and in accordance with applicable rules on the protection of personal data.

10. Transfer of data to third parties

We will not transfer your personal data to third parties without your consent, except in the following cases:

o Fulfilment of a contract (e.g. courier services, payment systems);

o Compliance with legal requirements (requests from law enforcement authorities);

o Provision of services necessary for the operation of the website (data processing partners) under confidentiality conditions;

o If you place an order through third parties, the parties will transfer your personal data for the purpose of fulfilling the contract;

o Fulfillment of license agreements with intellectual property rights holders, which our company uses to introduce new services and improve existing ones.

All partners are required to comply with GDPR requirements.

11. Data storage

Our company stores your data securely at 1085 Budapest, József körút 69, 1st floor.

We use appropriate technical and organizational measures to ensure the security of your data.

Our company stores your personal data only for as long as necessary to achieve the purposes for which the data was collected or further processed, in accordance with the requirements of the GDPR and Hungarian law, but for no longer than 3 years. After this period has expired, we will delete your data in accordance with the requirements of the GDPR and national legislation.

Your personal data may be deleted in the following ways:

o Deletion at the user's request

The user has the right to submit a written request to the website operator for the deletion of their personal data if it is incomplete, outdated, inaccurate,

were obtained unlawfully or are no longer necessary for the purposes of data processing. Our company is obliged to examine this request and, if there is no legitimate reason for refusal, to delete the data in such a way that it cannot be restored at a later date. Our company will also contact third parties to whom the data has been transferred in order to provide the services ordered by the user on the Company's website, for the purpose of deleting the data, unless there is a legitimate reason for further processing.

o Automatic deletion after the storage period has expired:

Personal data will be deleted or destroyed after the data processing purposes have been achieved or the specified storage period has expired, unless there is another legitimate reason for further storage (e.g., legal obligation).

o Closing or deactivating accounts:

Personal data is deleted when user accounts are closed or deactivated.

Practical steps required for data deletion by the user:

1. Familiarize yourself with the website's privacy policy and instructions for data deletion.

2. Submit an official data deletion request via the contact forms or by email.

3. In the absence of a response or rejection, contact the supervisory authority (e.g., the data protection commissioner).

4. If the data is also held by third parties, contact them with the appropriate requests.

Personal data will only be stored for as long as necessary to achieve the purposes of data processing or as required by law. After that, the data will be securely deleted or anonymized.

12. Data security

We use appropriate technical and organizational measures to protect your data against unauthorized access, loss, alteration, or disclosure.

13. Changes to our privacy policy

Our company regularly reviews our privacy policy and publishes any updates on this website. This privacy policy was last updated on 26.06.2025.

14. Contact details

If you have any questions about our company's privacy policy, the data we hold about you, or if you wish to exercise your data protection rights, please do not hesitate to contact us.

Company registration number: 01 09 306108

Tax number: 26177083242

Registered office: 1085 Budapest, József körút 69., 1st floor

Phone: +36709055771

Email: [email protected]

Website: https://budapest.sushi-master.hu/

How to contact the relevant authority

If you wish to file a complaint or believe that our Company has not handled your case properly, please contact the National Authority for Data Protection and Freedom of Information (NAIH).

Nemzeti Adatvédelmi és Információszabadság Hatóság

1125 Budapest, Szilágyi Erzsébet fasor 22/C

+36 (1) 391-1400

www.naih.hu

This text complies with the basic requirements of the GDPR and Hungarian legislation, in particular with regard to the following:

* Transparency and lawfulness of data processing

* Definition of user rights and methods of enforcing them

* The need for explicit consent for marketing and cookies

* Data security and data storage restrictions

* The possibility of withdrawing consent for data processing for marketing purposes at any time

* Compliance with Act CXII/2011 on the right to self-determination and freedom of information.