Data Policy


Purpose of the data management information

A Goldhorse Holding Zrt. (2476 Pázmánd, József Attila utca 23. , hereinafter, service provider, data controller, operator), as a Data Controller, acknowledges the content of this legal notice. It undertakes that all data processing related to its activities complies with the requirements set out in these regulations and in the applicable national legislation, as well as in the legal acts of the European Union.

The Data Controller reserves the right to change this information at any time. Of course, audience will be notified about changes in time.
If you have any questions regarding this post, please email us and our colleague will answer your question.

The Data Controller is committed to the protection of the personal data of its customers and partners, and considers it extremely important to respect the right of its customers to information self-determination. The Data Controller treats personal data confidentially and takes all security, technical and organizational measures that guarantee the security of the data.
The Data Controller describes his data management practices below.

Data controller data

If you would like to contact our Company, you can contact the Data Controller at and +36-30/9155476.

Name: Goldhorse Holding Zrt.
Headquarters: 2476 Pázmánd, József Attila utca 23.
Company registration number: 20 09 060592
Tax number: 24962993-2-07
Telephone number: +36-30/1903587
Data Controller
Name: Dallos Eszter
Telephone number: +36-30/9155476

Technical data

Data Controller selects and operates IT tools used to manage personal data in order to:

  • be accessible for those who are entitled to it (availability);
  • authenticity and authentication are ensured (authenticity of data management);
  • its invariability can be verified (data integrity);
  • be protected against unauthorized access (data confidentiality).

Data Controller takes appropriate measures to protect the data against unauthorized access, alteration, transmission, disclosure, deletion or destruction, and accidental destruction.

Data Controller ensures protection of the security of data management with technical and organizational measures that provide appropriate protection to the risks arising in connection with data management.

Data Controller during data management retains:
• confidentiality: protects information, availability only for those who have access to it;
• integrity: protects the accuracy and completeness of processing the information;
• Availability: ensures the access for the authorized user at any time and the tools in connection with it.


The task of cookies
• collect information about visitors and their assets;
• memorize the individual settings of the visitors, which can be used e.g. when using online transactions so you don’t have to re-type them;
• facilitate the use of the website;
• provide a quality user experience.

In order to provide customized service, a small data packet, so-called cookie is stored on visitor’s computer what will be read back at a later visit. If the browser returns a previously saved cookie, the cookie provider has the option to link the user’s current visit to the previous ones, but only for their own content.

Duration of data management
Information is available below about the data storage period of a cookie:

Google about Privacy&Terms:
Analytics Cookie Usage on Websites:
Facebook information:

Legal background and legal basis of cookies:
The legal basis for data processing is your consent pursuant to Article 6 (1) (a) of the General Data Protection Regulation 2016/679 of the European Union (hereinafter: Regulation GDPR).

Types of cookies used by the website:

Default cookies: This category contains cookies that are necessary for the browser to functioning correctly and also contains practical cookies that are helping our users to have a smooth experience during the act of browsing on our site.
The default browser cookies’ functions are limited to the actual browsing session. At the end of the actual session they will be deleted automatically.
Practical cookies let our users to save their previously made settings on our site, to make their overall user experience more fluent and enjoyable with saving their preferences for the following sessions. These cookies helps to create a better user experience until their automatic expiration date.

Site usage cookies: We are trying to get a sharp image about how our customers using our site to make it possible for us to provide more relevant informations to them.
The statistical cookies gives us feedback about how many customers are using our site and how are they getting into interaction with it.

Remarketing cookies: Marketing cookies are making it possible to get a full image about user interactions through multiple websites. With this procedure the overall goal is to provide the internet users comprehensive relevance in all of the commercial kind of content that they would experience during their browsing activities.
These cookies make it possible for the users to do not be bothered by irrelevant advertisement during their browsing experience related to various platforms. Instead, these cookies helps marketers to place personalised and relevant content in the way of these users.
Marketing cookies are helping the personalisation process of the browsing experience.

Cookie acceptance cookie: This cookie helps the user to make it possible to save their preference about the cookie notification bar on the website’s opening screen.
With using this cookie, the user can save their preference about cookie handling on the website, without being bothered by it repetitively.

Cookies of the services we use: The remarketing, re-engagement or similar audiences feature in Google Ads allows Data Collector to reach people who previously visited the website, and match the right people with the right message.

Google Analytics cookie: Google Analytics is a simple, easy-to-use tool that helps website owners measure how users interact with website content. As a user navigates between web pages, Google Analytics provides website owners JavaScript tags (libraries) to record information about the page a user has seen, for example the URL of the page. The Google Analytics JavaScript libraries use HTTP cookies to “remember” what a user has done on previous pages / interactions with the website. Google Analytics supports three JavaScript libraries (tags) for measuring website usage: gtag.js, analytics.js, and ga.js.

Facebook(Meta) pixel (Facebook cookie): The Facebook pixel is a snippet of JavaScript code that allows you to track visitor activity on your website. It works by loading a small library of functions which you can use whenever a site visitor takes an action (called an event) that you want to track (called a conversion). Tracked conversions appear in the Facebook Ads Manager where they can be used to measure the effectiveness of your ads, to define custom audiences for ad targeting, for dynamic ads campaigns, and to analyse that effectiveness of your website’s conversion funnels.
You can read Facebook’s privacy policy here:

Deleting cookies:

You can find more information about deleting cookies at the following links:


The purpose, method and legal basis of data processing

General data management guidelines
The data management of the Data Controller’s activity is based on voluntary consent and legal authorization. As data processing is based on voluntary consent, the consent can be withdrawn at any stage of the data processing.

In some cases, the handling, storage and transmission of a set of provided data is required by law, of which we notify our customers separately.

We would like to draw the attention of informants that if they do not provide their own personal data, the informant is obliged to obtain the consent.
Data management principles are in accordance with existing data protection legislation:

  • Act CXII of 2011 on the right to informational self-determination and on the freedom of information
  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
  • Act V of 2013 on the Civil Code
  • Act C of 2000 on Accounting
    Act LIII of 2017 on the Prevention and Combating of Money Laundering and Terrorist Financing
    Act CCXXXVII of 2013 on Credit Institutions and Financial Enterprises

Scope of data access

The personal data provided by the Users can be accessed by the employees of the Operator.
The Operator does not transfer personal data to third parties other than those indicated. This does not apply to any mandatory transfers of data required by law, which can only take place in exceptional cases. Before fulfilling each official data request, the Operator examines for each data whether the legal basis for the data transfer really exists.

Rights of the data subject and possibilities of enforcement
Within the period of data processing, you have the following rights in accordance with the provisions of the Regulation:
• the right to withdraw consent
• access to personal data and information related to data management
• the right to rectification
• data management restrictions
• right of cancellation
• the right to protest
• the right to portability.

If you wish to exercise your rights, this will involve your identification and the Data Controller must communicate with you. Therefore, personal information will be required for identification purposes (but identification may only be based on data that the Data Controller handles about you anyway) and your data management complaints will be available in the Data Controller’s email account within the timeframe specified in this information. If you have been our customer and would like to identify yourself for complaint or warranty purposes, please also provide your order number for identification. Using this, we can also identify you as a customer.

Right to information

The Data Controller takes appropriate measures to provide the data subject with all information concerning the processing of personal data referred to in Articles 13 and 14 of the GDPR and Articles 15-22. According to Article 34 information shall be provided in a concise, transparent, comprehensible and easily accessible form, in a clear and comprehensible manner.

Right to access

You have the right to receive feedback from the Data Controller whether your personal data is being processed and, if data is being processed, you are entitled to:

have access to the personal data processed and
• be informed by the Data Controller of the following information:

  • purposes of the data management;
  • the categories of personal data processed about you;
  • information of the recipients with whom the Data Controller has communicated or will communicate personal data;
  • the intended duration of the storage of personal data or if this is not possible, the criteria for determining this period;
  • your right to ask the Data Controller to rectify, delete or restrict the processing of your personal data;
  • the right to lodge a complaint with the supervisory authority;
  • if the data was not collected from you, all available information about their source;
  • the fact of automated decision-making (if such a procedure has been used), including profiling, and at least in these cases, understandable information about the logic used and the significance of such data management and the expected consequences for you.

The purpose of exercising the right may be to establish and verify the lawfulness of the data processing, therefore in case of repeated requests for information, the Data Controller may charge a fair fee for the provision of the information.

Access to the personal data is ensured by the Data Controller by sending you the processed personal data and information by e-mail after your identification. If you have a registration, we will provide access so that you can view and verify the personal information we manage about you by logging into your user account.

Please indicate in your request whether you are requesting access to personal data or requesting information on data processing.

Right of rectification

You have the right to request the Data Controller to correct your inaccurate personal data without delay.

Right to cancellation

The data subject has the right to have the personal data deleted by the Data Controller without undue delay upon his/her request for any of the following reasons:

  • personal data are no longer required for the purpose for which they were collected or were processed in other way;
  • the data subject withdraws the consent on which the data processing was based and there is no other legal basis for the data processing;
  • the data subject protests against the data processing and there is no overriding legitimate reason for the data processing;
  • personal data has not been processed legally;
  • personal data must be deleted in order to fulfill the legal obligation of EU or Member State law applicable to the Data Controller;
  • personal data were collected in connection with the provision of information society services.

Deletion of data may not be initiated if the data processing is necessary: for the purpose of exercising the right to freedom of expression and information; for the purpose of fulfilling an obligation under EU or Member State law governing the processing of personal data or performing a task carried out in the public interest or in the exercise of official authority vested in the controller; in the field of public health, or for archival, scientific and historical research or statistical purposes, in the public interest; or to bring, assert or defend legal claims.

Right to restrict data processing

Upon the request of the data subject the Data Controller shall restrict the data processing if one of the following conditions is met:

  • the data subject disputes the accuracy of the personal data, in this case the limitation applies to that period, which allows the examination of the accuracy of the personal data;
  • the processing is unlawful and the data subject opposes the deletion of the data and instead requests that their use be restricted;
  • Data Controller no longer needs the personal data for the purpose of data processing, but the data subject requests them for legal claims;
  • or data subject has protested to the data processing; in that case, the restriction applies for time as long as it is established whether the legitimate reasons of the controller take precedence over the legitimate reasons of the data subject.

If data processing is restricted, personal data may be processed without storage only with the consent of the data subject or for the purpose of bringing, enforcing or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the EU or Member State.

Right to carry data

If the data processing is carried out automatically or if the data processing is based on your voluntary consent, you have the right to ask the Data Controller to receive the data provided by you to the Data Controller, which the Data Controller provides to you in xml, JSON or csv format. If this can be technically solved, you may request the Data Controller to transfer the data in this form to another data controller.

Right to protest

The data subject has the right to protest at any time, for reasons related to his situation, to the processing of his personal data in the public interest or in the exercise of public authority or to the processing of data controllers or third parties, including profiling based on those provisions. In the case of protest, the Data Controller may no longer use the personal data, except some legitimate reasons which take precedence over the interests, rights and freedoms of the data subject or which relate to the submission, enforcement or protection of legal claims.

Right to withdrawal

The data subject has the right to withdraw his or her consent at any time.

Right to apply to the courts

In the case of a breach of the rights, the data subject may take legal action against the Data Controller.

Procedure of Authority for Data Protection

An inquiry might be initiated on the basis of the complaint at Hungarian National Authority for Data Protection and Freedom of Information:

  • Name: Hungarian National Authority for Data Protection and Freedom of Information
  • Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.
  • E-mail:
  • Homepage:

Other provisions

Information on data processing not listed in this prospectus will be provided at the time of data collection. We inform our clients that the court, the prosecutor, the investigating authority, the infringement authority, the administrative authority, the National Data Protection and Freedom of Information Authority, the Magyar Nemzeti Bank (the central bank of Hungary), or other bodies are authorized to contact the Data Controller to provide information, disclose data, transfer documents.

The Data Controller provides personal data to the authorities, if the authority has indicated the exact purpose and scope of the data, only to the extent strictly necessary to achieve the purpose of the request.

This document contains all relevant data management information related to the operation of the website in accordance with the General Data Protection Regulation No. 2016/679 of the European Union (hereinafter: Regulation GDPR) and Annex CXII. TV. (hereinafter: Infotv.).