1. Introduction 

1.1 The purpose of this Privacy Statement is to enable Flower Corner Budapest (operator: Iglo Corner Ltd.) transparently inform website users about the processing of their personal data by https://flowercornerbudapest.com (hereafter referred to as: Website).
The Service Provider shall comply with the applicable laws in the course of data processing, in particular the following:

• Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR),
• Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (Infotv.),
• Act C of 2000 on Accounting,
• Act CVIII of 2001 on electronic commerce services (Act on Electronic Commerce).

1.2 The Service Provider aims to ensure the highest level of protection of the data of registered Users of the Website.

2. Data of the Data Controller

Name: Iglo Corner Korlátolt Felelősségű Társaság

Address: 1201 Budapest, Vágóhíd utca 71

Tax number: 25347362-1-43

Company registration number: 01 09 209818

Name of representative: Bianka Tímea Alpári, managing director

E-mail: flowercornerbp@gmail.com
Phone number: +36 30 266 3300

Website address: https://flowercornerbudapest.com

3. Definitions

3.1 “Data Processor” - a person, organisation or program that collects, organises, analyses or interprets data for a specific purpose. Data security and protection play an important role in the data processing process, especially for personal data, which are protected by strict legislation.

3.2 “ Data processing”: - means any operation on personal data, whether by automated or manual means.

3.3 “Processing” means the activity that involves the collection, storage, organisation, modification, deletion and any other use of personal data. Personal data is information by which an individual can be identified and may include, for example, name, address, e-mail address, telephone number, as well as data relating to an individual's activities, purchases and preferences.

3.4 “Data Controller” -  a natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data. In the case of the Website, the data controller is Iglo Corner Ltd. (registered office: 1201 Vágóhíd utca 71, tax number: 25347362-1-43), which is responsible for the collection, storage, processing and protection of personal data provided by customers and interested parties.

3.5 “Data Breach” means an incident where personal data is damaged, lost, or subject to unauthorized access, disclosure, alteration or destruction.

3.6 “Recipient” means a natural or legal person, public authority, agency or other body to whom or to which personal data are disclosed, whether or not a third party. The recipients may include, for example:

• • • • • • Service Providers: third parties who provide various services to the Website (e.g. financial transactions, delivery services, marketing, etc.).
          • Public authorities: a public or municipal body to which personal data must be disclosed because of a legal obligation (e.g. tax authorities, police).
          • Partner companies: business partners with whom the Website has a direct relationship and who need the personal data to carry out joint activities.

3.7 “Data Subject Consent” - when registering, the data subject expressly expresses his or her consent to the storage and use of his or her personal data by the data controller for certain purposes.

3.8 “Personal Data” means any information relating to an identified or identifiable natural person. An identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.

4. Scope of the personal data processed, purpose and legal basis of the processing

4.1 Data subjects: all natural persons who make a purchase, place an order or use the services on the Website.

4.2  By deleting the registration, the personal data are deleted within 30 days at the latest, except for data that must be retained under the law (e.g. accounting documents: as these data must be retained for 8 years under Section 169 (2) of Act C of 2000 on Accounting.)

The accounting documents (including general ledger accounts, analytical or detailed records) directly and indirectly supporting the accounting accounts must be kept for at least 8 years in a legible form, retrievable by reference to the accounting records.

4.3 Potential data controllers who may have access to the data: personal data are sold by the data controller in compliance with the above principles.

4.4 Description of data subjects' rights in relation to data processing: 

You can change the following information under the “My account” menu item:

• • • • • User name, 
        • Password, 
        • Surname and First Name, 
        • Phone number
        • E-mail address
        • Billing name and address
        • Delivery name and address.

4.5 The User can access, modify or delete personal data in the ways mentioned below:

• • • • • By phone: +36 30 266 3300,
        • By e-mail: a flowercornerbp@gmail.com by e-mail
        • By post at the registered office of the Service Provider: 1201 Budapest, Vágóhíd utca 71.

6. Legal basis for processing

6.1 The User's consent, in accordance with the Infotv. Paragraph 5 (1) of the Act on Electronic Commerce Services and Certain Aspects of Information Society Services of 2001 (hereinafter: Elker Act), Article 13/A (3): 

The service provider may process personal data that are technically necessary for the provision of the service. The Service Provider shall, other things being equal, choose and in any case operate the means used in the provision of the information society service in such a way that personal data are processed only to the extent strictly necessary for the provision of the service and for the fulfilment of the other purposes set out in this Act, but only to the extent and for the duration necessary.The Service Provider shall process personal data on the following legal bases:

In the event of enforcement of claims arising from the contract, the period of limitation is 5 years pursuant to § 6:21 of Act V of 2013 on the Civil Code.

§ 6:22 [Limitation period]
(1) Unless otherwise provided by this Act, claims shall be barred after five years.
(2) The limitation period shall begin to run when the claim becomes due.
(3) The agreement to change the limitation period must be in writing.
(4) An agreement excluding the statute of limitations shall be null and void.

7. Data processors and data transfers

7.1 The Service Provider will only transfer personal data to the following data processors to the extent necessary for the fulfilment of the order and the fulfilment of legal obligations:

The Service Provider does not transfer data to third countries or international organisations other than the above.

7.2 Purpose of data transfer and processing: payment and/or delivery of the ordered product.

7.3 The legal basis for the transfer of data: the User's consent, the Infotv. Article 5 (1) of the Act on Electronic Commerce Services and Certain Aspects of Information Society Services of 2001 (CVIII), Article 13/A (3) of the Act on Electronic Commerce Services and Information Society Services of 2001.

8. Data security

The Service Provider takes all technical and organisational measures to protect the data (encrypted data transmission, password protection, backups).

In the event of an external attack or a data breach, the Service Provider shall immediately take the necessary steps, notify the data subjects and the National Authority for Data Protection and Freedom of Information (NAIH) within 72 hours in accordance with Article 33 of the GDPR.

9. Risks and liability

9.1 Incidents will be investigated and reported in accordance with the procedures set out in the GDPR. In all cases, data subjects are informed of the scope of the data concerned and the measures taken.

9.2 In the event of a data breach:

• The account will be closed immediately.
• The user will be informed in detail within 72 hours of the incident, the scope of the data concerned and the action taken.
• The National Authority for Data Protection and Freedom of Information (NAIH) will be notified within 72 hours in accordance with Article 33 of the GDPR.
• The user may also contact the data controller directly for further information about the incident.

10. Profiling / Registration

10.1 You can use the Website and place an order without registering. However, it is possible to create a user account, which facilitates future purchases, allows you to keep track of previous orders and gives you access to discounts, personalised offers and services.

10.2 During the registration process, we collect and store the following information about users:

• • • Name
    • E-mail address
    • Password
    • Delivery name and address
    • Billing name and address (if different from the delivery address).

The above information is necessary to enable our Website to properly identify the customer, track their orders and ensure a fast and seamless shopping experience.

10.3 Profile use and data management:

Personalized offers: based on customers' previous purchases and preferences, we will only send personalized offers and recommendations if the user has given their explicit prior consent. 

If you agree:

• • • Order management: orders placed by customers are tracked and administered.
    • Communication: customers will be kept informed of the status of their orders, promotions and new products via the email address provided.
    • Personalised offers: we can send you personalised offers and recommendations based on your customers' previous purchases and preferences.
    • Account management: we allow customers to manage their account, including changing their password and updating their personal information.

The user can withdraw consent at any time by logging into his account or by sending an e-mail.

10.4 Data storage and security:

We treat all of our registered users' data confidentially and ensure that it is used only for the purposes for which it is collected. We store and process data in accordance with the applicable data protection legislation and take steps to ensure data security.

10.5 Entitlements:

Customers have the right at any time to submit a request for the processing of their personal data, including access, rectification, erasure or restriction of processing.

11. Cookies

11.1 A „cookie” is a small piece of data that a website places on your computer or mobile device when you visit it. Cookies are designed to allow websites to remember users and their preferences, and to track the number of visits and user interactions.

11.2 The use of the Website requires that cookies are enabled.

Which are responsible for:

11.2.1 User identification: cookies help to identify users, allowing them to log in and keep their login status without having to constantly re-enter their data.

11.2.2 Shopping cart function: cookies keep track of the products that customers have placed in their shopping cart, so that if a user leaves the site but returns later, their shopping cart will retain the products they have previously selected.

11.2.3 Personalised experience: cookies help online stores to offer personalised offers, relevant products and content to users based on their previous shopping and browsing habits.

11.2.4 Performance and analytics: cookies allow online stores to track visitor behaviour, such as which pages are the most popular and where visitors are coming from. This helps to continuously improve the site.

11.2.5 Ads and marketing: cookies are also used to serve targeted ads, as they collect information about users' interests so that relevant ads can be served to them.

11.2.6 Remembering preferences: cookies may store users' settings and preferences, such as language settings, filtering or display options.

11.3 Cookies used on the Website:

11.3.1 Session Cookies: these cookies are temporary and remain active only as long as the user is using the browser. They are deleted when the browser is closed. They are mainly used for identification and to improve the user experience.

11.3.2 Functionality Cookies: these cookies are used to improve the user experience, for example to remember settings or aspects chosen by the user.

11.3.3 Persistent Cookies: these cookies keep information in the user's browser for a longer period of time until the specified expiry date or until the user manually deletes them. They are used, for example, to store login information, language settings.

11.3.4 Performance Cookies: these cookies help us monitor and improve the performance of our websites by collecting information about how users use the website.

11.4 Accepting and rejecting cookies

When logging in to the Website prior, active consent must be given for all cookies that are not necessary (marketing, profiling, analytics cookie).
The user you can select by type, which allows cookies:

• Functional cookies (required): automatically enabled.
• Analytical cookies: special permission required.
• Marketing / profiling cookies: separate permission required.
  You can withdraw your consent at any time by going to the cookie settings.

The use of cookies is controlled by a cookie when you enter the website. consent-management window where users can give permission by type (necessary, analytical, marketing).

If you do not give your consent to the use of certain cookies (e.g. marketing, analytical or profiling cookies), certain features of the Website will not be available to you.

You can modify or withdraw your acceptance of cookies at any time in your browser settings.

For more information on how to delete cookies, please follow the links below:

Mac Safari - https://support.apple.com/hu-hu/guide/safari/sfri11471/16.0/mac/11.0

Google chrome -  https://support.google.com/chrome/answer/95647

Internet Explorer -  http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11

Mozilla Firefox - https://support.mozilla.org/hu/kb/weboldalak-altal-elhelyezett-sutik-torlese-szamito

12. Rights and opportunities

12.1 Right of withdrawal: customers have the right to withdraw from a purchase within 14 days without giving any reason if they have made a purchase online. They must do so in writing.

12.1.1 Return of the product: in case of exercising the right of withdrawal, the customer may return the purchased product and the Website is obliged to refund the purchase price.

12.1.2 Warranty and guarantee: a 14-day cancellation period applies to products on the Website. In addition to the above, the website offers the right to withdraw from the sale of goods “GTC”- find information on the “Article 12” below.

12.2 Data protection rights

12.2.1 Protection of personal data: customers have the right to have their personal data processed by the Website kept secure. Customers have the right to access, rectify, delete or limit the processing of their data.

12.2.2 Right to data portability: customers can request the conversion and transfer of their personal data to another service provider.

12.3 Enforcement options

12.3.1 Complaints: if the customer is dissatisfied with the product or service, he/she may first complain to one of the operator contact details indicated on the Website.

12.3.2 Referral to a conciliation body: if the complaint is not settled, customers can refer the complaint to the local conciliation body, which offers mediation and an amicable solution to resolve the dispute.

12.3.3 Court proceedings: if the conciliation body has not been successful, customers can pursue their legal claims in court.

12.4 Right to information

12.4.1 Providing information: Websites are required to provide information to customers about products, prices, delivery and the right of withdrawal.

12.5 Consumer Protection Authority

12.5.1 Shoppers can also enforce their rights with their local consumer protection authority, which investigates complaints from shoppers and takes action to stop infringements.

These rights and options help customers to protect their interests against websites, ensuring that they are treated fairly.

Users can exercise their rights using any of the following contact details: 

• • • • E-mail: flowercornerbp@gmail.com
      • Phone number: +36 30 266 3300

13. Guarantee/Warranty

13.1 Warranty validation

We can provide a guarantee if the following points are met (if this is not the case, we will unfortunately not be able to enforce the guarantee):

• • • Take a photo of the product to clearly see the problem
    • Once you have done this, send us the photo by e-mail to flowercornerbp@gmail.com-.
    • In the email, please include the order number, the name of the product and explain your problem.
    • If the problem is covered by the warranty, we can either replace the product (if we have the product in stock or if we have the supplies to assemble the composition) or provide a refund.

13.2 Further in the “GTC”-for information on the warranty and how to claim under warranty, see “Articles 11-12” below.

14. Remedies

14.1 Recourse to the supervisory authority: if users feel that their legitimate interests have been harmed by our processing, they have the right to lodge a complaint with the competent data protection authority. In Hungary this is the National Authority for Data Protection and Freedom of Information (NAIH), whose contact details are: NAIH website. 

14.2 Contact us: to exercise your rights of redress, please contact us using the contact details below:

• • • • • E-mail: flowercornerbp@gmail.com
        • Phone number: +36 30 266 3300

15. Amendment of the declaration

The Service Provider reserves the right to modify this Privacy Policy. We will inform our Users of any changes via the Website. The amended Privacy Statement will take effect from the date of its publication.

16. Contact us

For any questions, comments or complaints, please contact us using one of the contact details below:

• • • • • E-mail: flowercornerbp@gmail.com
        • Phone: +36 30 266 3300

17. Final provisions
The Service Provider guarantees that all data processing activities comply with the applicable EU and Hungarian legislation and the guidelines of the NAIH.

We process users' data only for the purposes and on the legal bases set out above.

Budapest, 25.11.2025.

Iglo Corner Ltd.

Data Controller