Privacy Policy
1. Introduction
The protection of your personal data is extremely important to me. This Privacy Policy explains what personal data I process about you, for what purposes and on what legal basis. It also includes information about your rights related to data processing.
2. Data Controller Information
Data Controller: Absolutia Kft. (hereinafter: Data Controller)
Registered Office: 1172 Budapest, Harsona u. 35.
Tax Number: 14322877-2-42
Company Registration Number: 01-09-898752
Website: https://www.inspiredactionmethod.com
Email: contact@inspiredactionmethod.com
General Legal Framework for Data Processing:
The data processing activities are carried out in accordance with the following legal regulations:
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR).
Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (Infotv.).
Act V of 2013 on the Civil Code (Hungarian Civil Code – Ptk.).
Act CXXVII of 2007 on Value Added Tax (VAT Act).
Act C of 2000 on Accounting (Accounting Act).
Act CXIX of 1995 on the Processing of Name and Address Data for Research and Direct Marketing Purposes (DM Act).
Act CVIII of 2001 on Certain Issues of Electronic Commerce Services and Services Related to the Information Society (E‑commerce Act).
Act XLVIII of 2008 on the Basic Requirements and Certain Restrictions of Commercial Advertising Activities (Advertising Act).
3. Definitions
Personal Data: any information relating to an identified or identifiable natural person (“Data Subject”). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data Processing: Any operation or set of operations performed on personal data, whether by automated means.
Data Controller: The natural or legal person which determines the purposes and means of the processing of personal data.
Processor: A natural or legal person which processes personal data on behalf of the Data Controller.
Recipient: A natural or legal person to whom personal data is disclosed, whether a third party or not.
4. Principles
Lawfulness, Fairness and Transparency: Personal data must be processed lawfully, fairly and in a transparent manner.
Purpose Limitation: Data must be collected for specified, explicit and legitimate purposes.
Data Minimisation: Data must be adequate, relevant and limited to what is necessary.
Accuracy: Personal data must be accurate and kept up to date.
Storage Limitation: Data must be kept in a form permitting identification for no longer than necessary.
Integrity and Confidentiality: Personal data must be processed securely.
Accountability: The Data Controller is responsible for compliance with the above principles.
5. Data Processing Activities
5/a. Contact via Website Form
Purpose of Processing: Establishing and maintaining contact
Legal Basis of Processing: GDPR Article 6(1)(b): necessary for taking steps at the request of the data subject prior to entering into a contract.
Categories of Data Subjects: Enquirer
Categories of Personal Data: Name, email address, phone number
Data Retention Period: Until the end of the 1st year following the contact initiation
Data Transfers: Transfers are carried out in accordance with GDPR Articles 44–49.
Recipients: The Controller uses the following Processor(s): hosting provider: Hostinger (6 Lloyds Avenue Suite 4CL London, England EC3N 3AX); email system provider: not yet available.
Source of Data: The source of personal data is the enquirer.
Method and Consequences of Data Provision: Providing the data is necessary. Without the data, the Controller cannot contact you.
5/b. Contact via Email
Purpose of Processing: Contact initiated via email
Legal Basis of Processing: GDPR Article 6(1)(b): necessary for taking steps at the request of the data subject prior to entering into a contract.
Categories of Data Subjects: Enquirer
Categories of Personal Data: Name, email address, phone number
Data Retention Period: Until the end of the 1st year following the contact initiation
Data Transfers: Transfers are carried out in accordance with GDPR Articles 44–49.
Recipients: The Controller uses the following Processor(s): email system provider: not yet available.
Source of Data: The source of personal data is the enquirer.
Method and Consequences of Data Provision: Providing the data is necessary. Without the data, the Controller cannot contact you via email.
5/c. Newsletter Subscription
Purpose of Processing Sending newsletters
Legal Basis of Processing GDPR Article 6(1)(a): consent
Categories of Data Subjects: Any natural person
Categories of Personal Data: Name, email address
Data Retention Period Until withdrawal of consent, or 30 days after unsubscribing
Data Transfers Transfers are carried out in accordance with GDPR Articles 44–49.
Recipients The Controller uses the following Processor(s): hosting provider: Hostinger (6 Lloyds Avenue Suite 4CL London, England EC3N 3AX); newsletter software provider: not yet available.
Source of Data The source of personal data is the newsletter subscriber.
Method and Consequences of Data Provision Providing the data is voluntary. Without the data, the Controller cannot send you newsletters.
5/d. Online Appointment Booking
Purpose of Processing: Online appointment booking
Legal Basis of Processing: GDPR Article 6(1)(b): necessary for taking steps at the request of the data subject prior to entering into a contract.
Categories of Data Subjects: Enquirer, client
Categories of Personal Data: Name, email address
Data Retention Period: Until the end of the 1st year following the appointment booking
Data Transfers: Transfers are carried out in accordance with GDPR Articles 44–49.
Recipients: The Controller uses the following Processor(s): hosting provider: Hostinger (6 Lloyds Avenue Suite 4CL London, England EC3N 3AX); appointment booking software: not yet available.
Source of Data: The source of personal data is the enquirer or client.
Method and Consequences of Data Provision: Providing the data is necessary. Without the data, the Controller cannot provide you with an appointment.
5/e. Online Consultation
Purpose of Processing: Conducting online consultations
Legal Basis of Processing: GDPR Article 6(1)(b): necessary for taking steps at the request of the data subject prior to entering into a contract.
Categories of Data Subjects: Enquirer, client
Categories of Personal Data: Name, email address, live video and audio
Data Retention Period: Name, email: until the end of the 1st year following contact; video/audio is not recorded.
Data Transfers: Transfers are carried out in accordance with GDPR Articles 44–49.
Recipients: Processors used: Hostinger (hosting provider); Microsoft Teams (Microsoft, 1 Microsoft Way, Redmond, WA 98052, USA); Zoom (Lionheart Squared Ltd., Dublin); Google Meet (Google Ireland Ltd., Dublin).
Source of Data: The source of personal data is the enquirer or client.
Method and Consequences of Data Provision: Providing the data is necessary. Without the data, the Controller cannot conduct the consultation.
5/f. Conclusion of an Assignment Contract
Purpose of Processing: Conclusion of an assignment contract (virtual assistance service, subcontractor engagement)
Legal Basis of Processing: GDPR Article 6(1)(b): necessary for the performance of a contract or for taking steps prior to entering into a contract at the request of the data subject.
Categories of Data Subjects: Partner (sole entrepreneur, Ltd., general partnership, private limited company, natural person)
Categories of Personal Data: Name, registered office, tax number, registration/corporate number; for natural person partners: name, place and date of birth, mother’s maiden name, home address.
Data Retention Period: Until the end of the 5th year following the performance or termination of the contract.
Data Transfers: No data transfers under GDPR Articles 44–49.
Recipients: The Controller does not use any Processors for this processing activity.
Source of Data: The source of personal data is the Partner.
Method and Consequences of Data Provision: Providing the data is necessary. Without the data, the Controller cannot conclude the contract with you.
5/g. Conclusion of a Business (Enterprise) Contract
Purpose of Processing: Conclusion of a business (enterprise) contract
Legal Basis of Processing: GDPR Article 6(1)(b): necessary for the performance of a contract or for taking steps prior to entering into a contract at the request of the data subject.
Categories of Data Subjects: Partner (sole entrepreneur, Ltd., general partnership, private limited company, natural person)
Categories of Personal Data: Name, registered office, tax number, registration/corporate number; for natural person partners: name, place and date of birth, mother’s maiden name, home address.
Data Retention Period: Until the end of the 5th year following the performance or termination of the contract.
Data Transfers: No data transfers are carried out under GDPR Articles 44–49.
Recipients: The Controller does not use any Processors for this processing activity.
Source of Data: The source of personal data is the Partner.
Method and Consequences of Data Provision: Providing the data is necessary. Without the data, the Controller cannot conclude the contract with you.
5/h. Invoicing
Purpose of Processing: Issuing invoices
Legal Basis of Processing: GDPR Article 6(1)(c): legal obligation (Hungarian VAT Act Section 159(1)).
Categories of Data Subjects: Client
Categories of Personal Data: Name, address, tax number (for business clients), email address
Data Retention Period: 5 years under Article 78(3) of the Act on Tax Administration
Data Transfers: No transfers under GDPR Articles 44–49.
Recipients: Processors used:
· KBOSS.hu Kft. (Számlázz.hu) – invoicing software (1031 Budapest, Záhony utca 7/D. 13421739-2-41; https://www.szamlazz.hu/adatvedelem
· Accountant: Krisztina Czene (sole entrepreneur, 1172 Budapest, Harsona utca 53., 54539194)
· Data provided to the Hungarian Tax Authority (NAV) as required by law.
Source of Data: The source of personal data is the client.
Method and Consequences of Data Provision: Providing the data is mandatory. Without it, the Controller cannot fulfil invoicing obligations.
5/i. Payment for the Service
Purpose of Processing: Payment of the service fee
Legal Basis of Processing: GDPR Article 6(1)(b): necessary for the performance of a contract or for taking steps at the request of the data subject prior to entering a contract.
Categories of Data Subjects: Client
Categories of Personal Data: Name, company name (for business clients), bank account number, transfer amount, date of transfer
Data Retention Period: 5 years under Article 78(3) of the Act on Tax Administration
Data Transfers: No transfers under GDPR Articles 44–49.
Recipients: No Processors used. The Controller’s bank, MagNet Hungarian Community Bank Zrt., has access as an independent data controller. . (1062 Budapest, Andrássy út 98.; 01-10-046111) https://www.magnetbank.hu/adatvedelem
Source of Data: The source of personal data is the client.
Method and Consequences of Data Provision: Providing the data is necessary. Without the data, the service fee cannot be paid.
5/j. Client Testimonial
Purpose of Processing: Publishing client testimonials
Legal Basis of Processing: GDPR Article 6(1)(a): consent
Categories of Data Subjects: Client
Categories of Personal Data: Name, content of testimonial
Data Retention Period: Until withdrawal of consent or 30 days from withdrawal
Data Transfers: Transfers carried out in accordance with GDPR Articles 44–49.
Recipients: Processors used: Hostinger (hosting provider); Hostinger (6 Lloyds Avenue Suite 4CL London, England EC3N 3AX) email system provider: not yet available.
Source of Data: The source of personal data is the client.
Method and Consequences of Data Provision: Providing the data is voluntary. Without the data, the Controller cannot publish your testimonial.
5/k. Contractual Communication with Partners
Purpose of Processing: Maintaining communication and cooperation necessary for the performance of the contract between the Controller and the Partner
Legal Basis of Processing: GDPR Article 6(1)(f): legitimate interest
Categories of Data Subjects: Employee of the Partner (sole entrepreneur, Ltd., general partnership, private limited company) designated as contact person
Categories of Personal Data: Name, job position, phone number, email address
Data Retention Period: Until the end of the 5th year following the performance or termination of the contract
Data Transfers: No transfers are carried out under GDPR Articles 44–49
Recipients: The Controller does not use any Processors for this processing activity
Source of Data: The source of the personal data is the Partner’s designated contact person
Method and Consequences of Data Provision: Providing the data is necessary. Without the data, the Controller cannot communicate with you as the Partner’s representative.
5/l. Communication on Social Media Platforms
Purpose of Processing: Communication on social media platforms
Legal Basis of Processing: GDPR Article 6(1)(a): consent
Categories of Data Subjects: Persons registered on social media platforms
Categories of Personal Data: Name, publicly visible profile picture
Data Retention Period: According to the respective social media platform’s privacy policy
Data Transfers: No transfers are carried out under GDPR Articles 44–49
Recipients: The Controller does not use any Processors for this processing activity
Source of Data: The source of personal data is the registered individual on the social media platform
Method and Consequences of Data Provision: Providing the data is voluntary. Without the data, the Controller cannot inform you about its activities or services on social media platforms.
6. Website Data processing
The Website uses cookies. A cookie is a file that is placed on your device when you visit a website. Cookies are information packages sent by the server to the browser and returned by the browser during each subsequent request. Their purpose is to store your website settings and preferences so that when you revisit the website using the same device, the site will remember your configured parameters.
Cookies serve various functions, including personalizing advertisements and services, and analyzing website traffic. According to applicable law, strictly necessary cookies may be stored on your device without consent, as they are essential for the functioning of the website. All other types of cookies require your consent. The cookies currently used on the website can be reviewed and customized in the pop-up window that appears when you first visit the site.
Modern browsers allow cookie settings to be modified. While some browsers accept cookies by default, this can be changed so that you prevent automatic acceptance in the future. If cookies are disabled, certain website functions may not operate as intended.
For more detailed information on managing cookies in various browsers, please refer to their official documentation (Chrome, Firefox, Internet Explorer 8/9/10/11, Microsoft Edge, Safari).
7. Social Media
The Controller is present on the following social media platforms. Each platform operator acts as an independent Data Controller. Information on their data processing practices is available at the links below.
Social Media Platform; Name of Data Controller; Privacy Policy Link:
Meta Platforms Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
https://www.facebook.com/privacy/explanation
LinkedIn Corporation (2029 Stierlin Court, Mountain View, CA 94043, USA)
https://www.linkedin.com/legal/privacy-policy
The Controller does not store or process any personal data of social media users in its own internal systems.
8. Access to Personal Data
The Controller has access to personal data only to the extent necessary for performing its tasks. Access is strictly limited to what is required for fulfilling legal, administrative, or contractual obligations.
9. Data Security Measures
The Controller implements appropriate IT, technical, and organizational measures to ensure the protection of the personal data it processes. These safeguards protect against unauthorized access, unlawful alteration, disclosure, deletion, or destruction. The measures applied guarantee the confidentiality, integrity, and availability of personal data and are proportionate to the risks associated with the processing operations.
10. Data Subject Rights and Their Contents
Data Subjects have the following rights regarding the processing of their personal data, in accordance with Articles 13–21 of the GDPR. The Controller ensures that these rights are upheld and aids Data Subjects in exercising them.
Right to Information (GDPR Articles 13–14): You have the right to receive information about the facts and purposes of data processing at the time your personal data is collected.
Right of Access (GDPR Article 15): You have the right to obtain confirmation as to whether your personal data is being processed and, if so, to access the personal data and receive detailed information about the processing.
Right to Rectification (GDPR Article 16): You have the right to request the correction of inaccurate personal data or the completion of incomplete data.
Right to Erasure – “Right to be Forgotten” (GDPR Article 17): You may request the deletion of your personal data if any of the legal grounds listed in Article 17 apply, such as when the data is no longer needed or consent is withdrawn.
Right to Restriction of Processing (GDPR Article 18): You may request that processing be restricted under certain circumstances, such as when you contest the accuracy of the data.
Right to Data Portability (GDPR Article 20): You may request your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.
Right to Object (GDPR Article 21): You may object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent (GDPR Article 7(3)): Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing before withdrawal.
11. Remedies and Enforcement Options
Data Subjects are entitled to the following remedies in connection with the processing of their personal data. These rights may be exercised in accordance with Articles 77–79 of the GDPR.
Right to Lodge a Complaint with a Supervisory Authority (GDPR Article 77): You have the right to lodge a complaint with the following supervisory authority if you believe your rights have been violated:
National Authority for Data Protection and Freedom of Information (NAIH)
Address: 1055 Budapest, Falk Miksa utca 9-11.
Mailing address: 1363 Budapest, Pf. 9.
Phone: +36 (1) 391-1400
Email: ugyfelszolgalat@naih.hu
Website: www.naih.hu
Right to an Effective Judicial Remedy Against the Controller or Processor (GDPR Article 79):
You have the right to bring proceedings before a court if you believe your personal data has been processed unlawfully. You may choose to initiate the action before the court of your place of residence or habitual residence. A list of courts is available at www.birosag.hu/torvenyszekek
12. Updates to the Privacy Policy
The Controller reserves the right to unilaterally amend this Privacy Policy. Amendments may become necessary due to changes in legislation, the practice of data protection authorities, business needs, or other relevant circumstances. Upon request, the Controller will provide the Data Subject with a copy of the currently effective Privacy Policy in the agreed format.
Budapest, 2026. February 17.