Privacy policy

PRIVACY POLICY

Participation in scheduled classes and other programs and courses

Newsletter

Data controller and operator:
Organization name: Kovács Beáta e.v. Lightmotiv & Lighthouse C.
Headquarters, postal address: 1094 Budapest, Tompa u. 19. al
Tax number: 57564731-1-41
Website: www.lightmotiv.hu
Representative: Kovács Beáta, Ziegler Stefan
E-mail: lightmotivstudio@gmail.com
Tel.: +36 30 985 8441

Operator of the “Lightmotiv Yoga & Selfness Center” located at 1094 Budapest, Páva u. 16.
Organization name: Kovács Beáta e.v. Lightmotiv & Lighthouse C.
Headquarters, postal address: 1094 Budapest, Tompa u. 19. al.
Tax number: 57564731-1-41
Website: www.lightmotiv.hu
Representative: Ziegler Stefan, Kovács Beáta
E-mail: lightmotivstudio@gmail.com
Tel.: +36 30 427 0652

The data controller is hereinafter referred to as the “Data Controller”.

In terms of the processing of your personal data, the Data Controller is responsible for the lawful processing of your personal data. Contacting Lightmotiv Yoga & Selfness Center: at the above contact details.

Description of data processing:

The purpose of this data protection notice (hereinafter referred to as the “Data Protection Notice”) is to inform you, as a data subject, of all significant details from a data protection legal perspective in relation to the processing of the personal data collected, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter referred to as the “GDPR”) and Act CXII of 2011 on the right to information self-determination and freedom of information. in accordance with the Act (hereinafter referred to as the "Infotv").

By providing the data, you guarantee that the data provided is correct, accurate and complete.

If you consent to this, certain personal data will be processed by the Data Controller in order to send you advertising newsletters.

You can find out about class visits, training, courses and yoga camps on the website www.lightmotiv.hu (hereinafter: “Website”).

Personal data is recorded on paper or online, by filling out a registration form for this purpose.

Hereinafter, the participant in the class schedule, the applicant for a yoga course, training, yoga camp and the newsletter subscriber will be referred to as the “Data Subject”.

If you wish to participate in a class schedule announced on the Website, apply for a yoga course, training or yoga camp, the Data Controller will collect personal data from you during registration in order to participate in the class schedule and organize the yoga course, training or yoga camp.

You can find out about the scheduled classes, training courses, courses, and yoga camps on the website. We would like to inform you that the condition for participating in the scheduled classes is: filling out a registration form, a pass or a class ticket paid on site in cash or by bank card.

Please find out about the current prices and pass structures in person or on the Website.

What personal data is recorded:

During the registration related to participation in the scheduled class, the Data Controller collects the following data:
- name (for your identification);
- e-mail address (for your identification; and for the purpose of providing information and information)
- telephone number (for the purpose of providing SOS information)

The above data is considered personal data under both the GDPR and the Infotv.
During the registration related to applying for yoga courses, training courses, and camps, the Data Controller collects the following data:
- name (for your identification);
- place of residence (for sending application-related documents and invoices);
- telephone number (for providing information about application-related information); 
- e-mail address (for providing information about application-related information);
- billing address (for issuing invoices).

The above data are considered personal data under both the GDPR and the Infotv.
If the Data Subject consents to data processing for marketing purposes by subscribing to advertising newsletters, the Data Controller processes the following data:
- name (for identifying and addressing you);
- e-mail address (for sending the newsletter).

The above data are considered personal data under both the GDPR and the Infotv.

For what purpose does the Data Controller collect personal data:

The Data Controller records the Data Subject's personal data in order to organize and conduct class schedules, as well as to organize yoga courses, training courses and camps.

The purpose of the registration for the first class is to notify you of any changes to the class schedule in the long term (month, week) and medium term (1-2 days) by email, and to notify you of changes within 24 hours by phone.

During the registration for yoga courses, training courses, and camps, the purpose of recording personal data is to link the application to the Data Subject. This personal connection allows the Data Controller to send the Data Subject notifications about important information regarding their application.

If the Data Subject consents to data processing for marketing purposes by subscribing to the Data Controller's advertising newsletter, the purpose of the processing of personal data is to periodically inform the Data Subject about the most useful information related to the programs.

Cookie(s), cookie management
1, Fact of data management, scope of data managed: Unique identification number, dates, times
2, Scope of data subjects: All data subjects visiting the website.
3, Purpose of data management: identification of users, registration of shopping lists and tracking of visitors.
4, Duration of data management, deadline for data deletion

Cookie type Legal basis for data management Duration of data management Scope of data managed Session cookies Act CVIII. of 2001 on certain issues of electronic commerce services and information society services (Elkertv.) Section 13/A. (3)

The personal data recorded during the subscription to the advertising newsletter is recorded by the Data Controller, based on which the Data Controller sends the newsletters to you.

The data recorded by the Data Controller for the purpose of sending advertising newsletters is processed at the headquarters of the Data Controller and the data processors.

The personal data recorded by the Data Controller may only be accessed by those employees of the Data Controller and the data processors they have commissioned who absolutely need it for their work. The Data Controller and the data processors they have commissioned treat the personal data as confidential information, do not make them public and do not provide access to third parties or employees of the Data Controller and the data processors who are not involved in the registration for participation in the class schedule, registration for yoga courses, training courses, camps, their organization, or sending advertising newsletters.

The recorded personal data is stored in a way that is accessible only to certain persons. The database is accessible only to authorized employees.

Personal data recorded on paper is entered into the online registration system by the Data Controller's employees, while personal data recorded during online registration is not stored on a public communication network. The Data Controller securely stores documents containing personal data recorded on paper and only the Data Controller and those employees of the Data Controller who absolutely need to have access to them due to their work.

The Data Controller takes appropriate measures to protect the stored personal data, including against unauthorized access or unauthorized changes.

The data may be used for statistical purposes, in order to fulfill the Data Controller's data provision obligations and in order to fulfill its statutory obligations, and may be transferred in a manner that is not suitable for personal identification.

Data processors:

The Data Controller has entrusted the following legal entities as data processors with the performance of the activities described below: Lightmotiv Jógastudió is responsible to you for data processing.

Activity performed by the data processor:
Lightmotiv Jógastúdió records class attendances, as well as the validity of passes and pass occasions through the electronic system of the data processor Motibro Kft. (hereinafter referred to as “Motibro”). The data controller and the data processor, as well as their employees, are entitled to access the data only to the extent necessary for their work. The data is stored electronically.

Name and contact details of the data processor:
Name of the data processor: Motibro Kft.
Registered address of the data processor: 4482 Kótaj, Kert utca 1.
Company registration number: 15-09-084077

Tax number: 25852419-1-15)
Email address of the data processor: hello@motibro.com

The data processing policy of Motibro Kft can be found at the following link: https://get.motibro.com/adatkezelesi-tajekoztato/

Additional Data Processors:
Name of the data processor:
Y’SOLUTIONS PRG Kft.
Activity performed: website operation

Registered address of the data processor: 2463 Tordas, Szabadság utca 2. B. ép.
Tax ID: 13821191-2-07
Email address of the data processor: info@ysolutions.hu

The above data processors do not process the data on their own behalf, therefore they are considered data processors.

Use of Google Adwords conversion tracking
1, The data controller uses the online advertising program called “Google AdWords” and, within its framework, uses Google’s conversion tracking service. Google conversion tracking is an analytics service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
2, When a User reaches a website through a Google ad, a cookie required for conversion tracking is placed on their computer. These cookies have a limited validity and do not contain any personal data, so the User cannot be identified by them.
3, When the User browses certain pages of the website and the cookie has not yet expired, both Google and the data controller can see that the User clicked on the ad.
4, Each Google AdWords customer receives a different cookie, so they cannot be tracked across AdWords customers' websites.
5, The information – obtained using conversion tracking cookies – is used to compile conversion statistics for AdWords customers who have opted for conversion tracking. This allows customers to see how many users clicked on their ads and were redirected to a page with a conversion tracking tag. However, they do not receive any information that could be used to identify any individual user.
6, If you do not wish to participate in conversion tracking, you can refuse to participate by disabling the installation of cookies in your browser. You will then not be included in the conversion tracking statistics.
7, Further information and Google's data protection declaration can be found at: google.de/policies/privacy/

Using Google Analytics

1, This website uses Google Analytics, a web analysis service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are placed on your computer to help the website operator analyze how you use the website.
2, The information generated by the cookies about your use of the website is usually transmitted to and stored by Google on a server in the USA. When IP anonymization is activated on the website, Google will first shorten your IP address within the member states of the European Union or in other states party to the Agreement on the European Economic Area.
3, The full IP address will only be transmitted to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate how the User uses the website, to compile reports on website activity for the website operator and to provide other services relating to website and internet usage.
4, The IP address transmitted by the User's browser within the framework of Google Analytics will not be merged with other data held by Google. The User can prevent the storage of cookies by setting their browser accordingly; however, please note that in this case not all functions of this website may be fully usable. You can also prevent Google from collecting and processing the data generated by cookies and relating to your use of the website (including your IP address) by downloading and installing the browser plug-in available at the following link. https://tools.google.com/dlpage/gaoptout?hl=hu

Your rights and remedies:

Right to information and access:

You have the right to obtain from the Controller, upon request, feedback on whether your personal data is being processed and, if such processing is taking place, access to the personal data and the following information:
- the purposes of the processing
- the categories of personal data concerned
- the recipients to whom the personal data are or will be disclosed (including, in particular, processors)
- the planned period for which the personal data will be stored
- your rights in relation to the processing of your personal data
- the source of the data, if it was not collected from you
- information on automated decision-making.

In accordance with applicable law, we provide you with information about your personal data free of charge. We will respond to your request in writing within one month. However, if the request is clearly unfounded or excessive, in particular due to its repetitive nature, the Controller may charge you a reasonable fee, taking into account the administrative costs of providing the requested information or taking the requested action, or may refuse to take action on the request.

If you have already paid a fee but the processing of your data has been unlawful or we need to rectify your data as a result of your request, we will refund this fee to you.

If, despite our efforts to protect your personal data with our advanced data security measures, anyone accesses, alters, transmits, discloses, deletes or destroys your data without authorisation, causes accidental destruction and damage, or otherwise processes your data without authorisation, we will inform you of the circumstances of such an incident, including when it occurred, what its effects may be and what we have done to prevent or mitigate the consequences. Right to rectification: If the personal data we process are inaccurate, we will rectify them without undue delay at your request. You also have the right to request that incomplete personal data be completed by means of a statement to that effect.

Right to erasure:

In accordance with the applicable legislation, we provide you with information about your personal data free of charge. We will respond to your request in writing within one month. However, if the request is clearly unfounded or excessive, in particular due to its repetitive nature, the Data Controller may charge you a reasonable fee, taking into account the administrative costs of providing the requested information or taking the requested action, or may refuse to take action on your request.

If you have already paid a fee, but the data has been processed unlawfully or we need to correct your data as a result of your request, we will refund this fee to you.

If, despite our efforts to protect your personal data with our advanced data security measures, anyone accesses, alters, transmits, discloses, deletes or destroys your data without authorization, as well as causes accidental destruction and damage, or otherwise processes your data without authorization, we will inform you of the circumstances of such an incident, including when it occurred, what its effects may be, and what we have done to prevent or mitigate the consequences.

Right to rectification:

If the personal data we process are inaccurate, we will correct them without undue delay at your request. You also have the right to request that incomplete personal data be completed by means of a statement to this effect.

Right to erasure:

The Data Controller will erase your personal data without delay if:
- the personal data are no longer necessary for the purposes specified in this Privacy Policy;
- the processing of your personal data is unlawful
- the deletion of the data is necessary for the fulfillment of a legal obligation to which the Data Controller is subject
- if the consent to the processing of the data of a child under the age of 16 has not been given or has not been authorized by the person exercising parental supervision over the child
- if the Data Controller has made the personal data public.

You may also request the deletion of your personal data by withdrawing the data processing consent previously given to us. In this case, however, we may refuse to provide our service further, since the provision of the data is a prerequisite for participating in scheduled classes, registering for yoga courses, training courses, camps.

We will block personal data instead of deleting it if you request this or if it can be assumed that the deletion may affect your legitimate interests. We do not process blocked data for the above purposes. We will only process such data for the purpose that excluded deletion.

Right to restriction:

Data processing may be restricted if:
- You dispute the accuracy of your data;
- in this case, the Data Controller will restrict the processing of your personal data for a period of time until the accuracy of the data is established;
- the data processing is unlawful and you request restriction of use instead of deletion
- the Data Controller no longer needs the data, but you require it to assert legal claims;

You have objected to the processing of your personal data, pending the assessment of the objection. For the duration of the assessment of your objection to the processing of your personal data - but not more than 5 days - the Data Controller will suspend the data processing, examine the grounds for the objection and make a decision, of which you will be informed immediately.

If the objection is justified, the Data Controller will restrict the data, i.e. only storage as data processing may take place until
- You consent to the processing
- the processing of your personal data is necessary for the eercise of legal claims
- the processing of your personal data is necessary to protect the rights of another natural or legal person
- or the processing is required by law in the public interest

If you have requested the restriction of data processing, the Data Controller will inform you in advance of the lifting of the restriction.

Right to data portability:
You have the right to receive the personal data concerning you, which you have provided to the Data Controller, in a structured, commonly used, machine-readable format (e.g. .doc or .pdf format) and have the right to transmit these data to another data controller without hindrance from the Data Controller.

What happens and what you can do if we reject your request:
If the Controller rejects your request for rectification, restriction or erasure, we will inform you in writing within one month of receipt of the request why we could not comply with your request and inform you of your options for judicial redress and that you can file a complaint with the National Authority for Data Protection and Freedom of Information. We will send you our response by email if you agree to this.

What rights do you have if you consider that the processing is unlawful:

If you have concerns about the lawfulness of the processing, you have the right to object to the processing. The objection must include a request that we cease processing your data and that your data be erased.

If you object to the processing of your personal data, the Data Controller will examine the grounds for the objection within one month, make a substantive decision and notify you of its decision in writing.

If we find that your objection is well-founded, we will cease all data processing operations, block the data concerned and notify all those to whom we have previously transmitted the personal data concerned by the objection of the objection and the subsequent measures. These recipients are also obliged to take measures to ensure that your objection can be enforced. If you disagree with our decision or if the Data Controller fails to comply with the above one-month deadline, you may apply to the court within 30 days of the notification of the decision or of the last day of the deadline.

What legal remedies are available to you:

If you consider that the Controller infringes the provisions of the GDPR when processing your personal data, you as a data subject have the right to lodge a complaint with a supervisory authority (i.e. a public authority established by any EU Member State pursuant to Article 51 of the GDPR) – in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. In Hungary, the supervisory authority established in accordance with the criteria set out in Article 51 of the GDPR is the National Authority for Data Protection and Freedom of Information (hereinafter referred to as the “NAIH” or “Authority”).

According to the GDPR, the supervisory authority concerned is the supervisory authority that is affected by the processing of personal data for one of the following reasons:
- the Controller or the processors have an establishment in the territory of the Member State of that supervisory authority
- the processing significantly affects or is likely to significantly affect data subjects residing in the Member State of the supervisory authority;
- or a complaint has been filed with the aforementioned supervisory authority.

With regard to the data processing carried out by the Data Controller, the relevant supervisory authority according to the above points is the NAIH, given that the Data Controller has a place of business in Hungary and that the data processing predominantly concerns data subjects residing in Hungary. Accordingly, in the following point we inform you about the details of the possibility of filing a complaint with the NAIH. However, we would like to draw your attention to the fact that, regardless of this, you are entitled to file a complaint not only with the Authority, but also with any supervisory authority established in an EU Member State, in particular with the supervisory authority of the Member State of your habitual residence, place of work or place of the alleged infringement.

Notification to the National Authority for Data Protection and Freedom of Information:

The National Authority for Data Protection and Freedom of Information supervises compliance with data protection legislation. If you consider that our data processing does not comply with the applicable laws, or if you consider that there is an immediate risk of this, you can file a report with the Authority at the following contact details

Name of Authority:
National Data Protection and Freedom of Information Authority
Postal address: H-1125 Budapest, Szilágyi Erzsébet fasor 22/C.
Email address: ugyfelszolgalat@naih.hu
Telephone number: +36 1 391 1400
Fax number: +36 1 391 1410