Privacy Policy

Tommy-Invest Elektronikai Kft. is committed to protecting the personal data and privacy of its customers and all those who visit our websites. These Regulations (hereinafter: Regulations) primarily deal with the confidential management and protection of customers’ personal data via the Internet, but they are also applicable to data held exclusively on paper or other data carriers, which are obtained from customers who come into contact with them, for example in the context of marketing campaigns. The Regulations describe what data Tommy-Invest Elektronikai Kft. can collect about you and how they can be used by Tommy-Invest Elektronikai Kft., the members of the trade network and their suppliers.

This Policy provides you with important information about the protection of your personal data and your rights regarding it. For data protection issues not mentioned in the Regulations, the general data protection provisions written in the General Terms and Conditions apply. The user of the website acknowledges that he has read and accepted these Regulations and the GTC on the general rules for the use of the website. If the user does not accept these conditions, he has the right to stop using the website and not to provide any personal data.

1. Who collects the personal data (person of the data manager)?

Your data is collected by Tommy-Invest Elektronikai Kft.

Headquarters: 1121, Budapest, Hóvirág út 42



2. Concepts related to personal data:

personal data: data that can be associated with the specified natural person (hereinafter: data subject), the conclusion that can be drawn from the data, regarding the data subject. During the processing of personal data, it maintains its quality as long as the relationship with the data subject can be restored;

special data: personal data relating to racial origin, national, ethnic, and ethnic affiliation, political opinion or party affiliation, religious or other beliefs, health status, pathological passion, sexual life, and criminal record;

data management: collection, recording and storage, processing, utilization (including transmission and disclosure) and deletion of personal data, regardless of the procedure used. Changing data and preventing their further use is considered data management;

data processing: performing data management operations, technical tasks, regardless of the method and tool used to perform the operations, as well as the place of application;

data transfer: if data is made available to a specific third party;

disclosure: if data is made available to anyone;

data controller: a natural or legal person or an organization without legal personality who determines the purpose of personal data management, makes and implements decisions regarding data management, or can entrust the implementation to a data processor. In the case of mandatory data management, the purpose and conditions of data management, as well as the data controller, are determined by the law or municipal decree ordering data management;

data processor: a natural or legal person, or an organization without legal personality, who processes personal data on behalf of the data controller;

data erasure: making data unrecognizable in such a way that their recovery is not possible;

automated data file: series of data to be processed automatically;

machine processing: includes the following operations, if they are performed partially or fully by automated means: storage of data, logical or arithmetic operations performed on data, alteration, deletion, retrieval and distribution of data.

3. Data management principles:

  1. data may only be obtained and processed fairly and lawfully;
  2. data may only be stored for a specified and lawful purpose and may not be used in any other way;
  3. data must be proportionate to the purpose of their storage and must comply with this purpose, they cannot expand beyond it;
  4. data must be accurate and, if necessary, timely;
  5. the method of data storage must be such that the data subject can be identified only for the time necessary for the purpose of storage,
  6. personal data relating to racial origin, political opinion, religious or other beliefs, as well as health and sexual life cannot be processed by machine, unless the domestic law provides adequate safeguards. This also applies to personal data related to criminal convictions,
  7. adequate security measures must be taken to protect personal data stored in automated data files to prevent accidental or unlawful destruction or accidental loss, as well as unlawful access, alteration or distribution.

4. Additional guarantees protecting data subjects:

Everyone has the right to

  1. find out about the automated file of personal data, its main purposes, as well as the person managing the data file and his usual place of residence or headquarters;
  2. be informed at reasonable intervals and without excessive delay or cost, whether your personal data is stored in an automated data file, and be informed about this data in a form that you can understand;
  3. in justified cases, correct or delete this data in the simplest and fastest possible way;
  4. can avail of legal remedies if his request for information or, in justified cases, communication, correction or deletion, as stipulated in the legislation, is not fulfilled. At the request of the data subject, the data controller shall provide information on the data managed by it or processed by the processor commissioned by it, the purpose, legal basis, duration of data processing, the name, address (headquarters) of the data processor and its activities related to data processing, as well as by whom and for what purpose it is or was received data. The data controller is obliged to provide the information in writing in an understandable form as soon as possible, but no later than 30 days after the submission of the request. In the event of a violation of their rights, the data subject may appeal to the court against the data controller. The data controller is obliged to compensate the damage caused to others by the illegal processing of data of the data subject or by violating the requirements of technical data protection. The data controller is also liable to the data subject for damage caused by the data processor. The data controller is released from liability if it proves that the damage was caused by an unavoidable cause outside the scope of data management. There is no need to compensate the damage if it resulted from intentional or grossly negligent behavior of the injured party.

Personal data can be processed if

  1. the person concerned consents to it, or
  2. it is ordered by law or – based on the authority of the law, within the scope defined therein – by a local government decree. In the public interest, the law can order the disclosure of personal data by explicitly indicating the scope of the data. In all other cases, disclosure requires the consent of the data subject, or in the case of special data, written consent. In case of doubt, it must be assumed that the data subject did not give his consent. The data subject’s consent shall be deemed to be given with regard to the data communicated by the data subject during his public appearances or provided by him for the purpose of disclosure.

Special data can be handled if

  1. the person concerned consents to data management in writing, or
  2. in the case of data relating to racial origin, belonging to a national and ethnic minority, political opinion or party affiliation, religious or other worldview convictions, interest-representative organization membership, the enforcement of a fundamental right based on an international convention or guaranteed by the Constitution, as well as national security, required by law for crime prevention or law enforcement;
  3. in other cases it is prescribed by law.

Regulations related to data management and the protection of visitors’ personal data apply only to natural persons, given that personal data can only be interpreted in relation to natural persons (on the basis of Act CXII of 2011 on the right to self-determination of information and freedom of information), therefore this data protection policy is binding only with regard to the management of the personal data of natural persons registering on the website.

Purpose-bound data management:

Personal data may only be processed for a specific purpose, in order to exercise a right and fulfill an obligation. All stages of data management must meet this goal. Only such personal data can be processed that is essential for the realization of the purpose of data management, is suitable for achieving the purpose, and only to the extent and for the time necessary for the realization of the purpose.

Data security:

A data controller, or a data processor within the scope of their activities, is obliged to ensure the security of the data, and is also obliged to take the technical and organizational measures and establish the procedural rules that are necessary to enforce the data protection law and other data and privacy protection rules. The data must be protected in particular against unauthorized access, alteration, disclosure or deletion, as well as against damage or destruction.

5. What data do we collect?

According to your choice, you can access and browse our websites without providing your personal data.

The term “personal data” refers to all information that directly or indirectly refers to a natural person identified or identifiable based on an identification number or one or more related data.

If Tommy-Invest Elektronikai Kft. collects your personal data, this data collection takes place in a confidential and transparent manner.

We collect your personal data either through a questionnaire, or when you register on our Tommy-Invest Elektronikai Kft. interfaces, or when you browse our pages, indicating in each case the data that must be provided to achieve the goal. If you do not wish to provide this data, you will not actually be able to access certain services and functions of our websites, and you will not be entitled to purchase our products and services via the Internet. The purpose of collecting additional data that is not mandatory is to get to know you better from the point of view of our products and services, so this data is provided on a voluntary basis, you can refuse to provide it.

Tommy-Invest Elektronikai Kft. takes all necessary measures at all times to ensure that the personal data it manages are accurate and, if necessary, up-to-date.

6. What kind of data processing takes place during the operation of the Website?

There is no registration

7. Who can see the personal data (data transfer)?

Tommy-Invest Elektronikai Kft. is entitled to share your personal data with Tommy-Invest Elektronikai Kft.’s partners and its commercial network. We may use the cooperation of subcontractors (all contributors are obliged to handle personal data according to our instructions) for the purpose of processing all or part of the personal data, to the extent necessary for the performance of their contractual service (for example: website hosting, providing services related to the use of the website or sending commercial offers).

8. Data security and confidentiality:

As a general rule, Tommy-Invest Elektronikai Kft. does not check the personal data provided to it. The person providing the data is solely responsible for the accuracy of the data provided.

Tommy-Invest Elektronikai Kft. takes appropriate protective measures to preserve the confidentiality and security of your personal data and to prevent these data from being damaged, deleted or accessed by unauthorized third parties.

Access to personal data is strictly limited to employees and agents and to the extent necessary for their tasks, who are subject to confidentiality and confidential data management obligations.

9. Data owner rights and enforcement:

The User may request free information about the details of the processing of his personal data, and in cases defined by law, may request their correction, deletion, blocking, or restriction of processing, and may object to the processing of such personal data.

Right of access: the User can receive feedback from Tommy-Invest Elektronikai Kft. about the management of his personal data and can access these personal data and the details of their management.

Right to rectification: at the User’s request, Tommy-Invest Elektronikai Kft. corrects inaccurate personal data relating to him without undue delay, and he is entitled to request the addition of incomplete personal data, including by means of a supplementary statement.

Right to erasure: at the request of the User, Tommy-Invest Elektronikai Kft. deletes the personal data relating to him, if Tommy-Invest Elektronikai Kft. does not need to process them, or withdraws his consent, or objects to the data management, or their processing is illegal.

Right to be forgotten: Tommy-Invest Elektronikai Kft. tries to notify all data managers who have known or could have learned about the User’s data that may have been made public, of the User’s request for deletion.

Right to limit data processing: Tommy-Invest Elektronikai Kft. – at the request of the User – limits data processing if the accuracy of personal data is disputed, or data processing is illegal, or the User objects to data processing, or if Tommy-Invest Elektronikai Kft. no longer needs the personal data provided.

Right to data portability: the User may receive the personal data provided by him/her in a segmented, widely used, machine-readable format, or may transmit them to another Tommy-Invest Elektronikai Kft.

Tommy-Invest Elektronikai Kft. examines the application as soon as possible, but within 30 days at the latest – 15 days in case of objection – and makes a decision on the validity of the application, of which the applicant is informed in writing. If Tommy-Invest Elektronikai Kft. does not fulfill the User’s request, it will inform the User of the factual and legal reasons for rejecting the request in its decision.

The User can assert his rights in court based on Act V of 2013 on the Civil Code, and according to the provisions of Infotv. to the National Data Protection and Freedom of Information Authority (1125 Budapest, Szilágyi Erzsébet fasor 22/c.; https://www. can turn to and file a complaint.

10. Protection of personal data of minors:

The internet websites of Tommy-Invest Elektronikai Kft. (hereinafter together: websites or websites) are generally not intended for minors under the age of 14. Therefore, we do not collect and process personal data on children under the age of 14 without the verifiable and informed consent of their parents or guardians (hereinafter collectively: parents), so that the child’s parents can request the release and deletion of the child’s data.

If the age becomes apparent to Tommy-Invest Elektronikai Kft. during data processing or data management, the data can be used to obtain parental consent.

11. Cookies:

The websites use cookies in order to adapt to user preferences and optimize the internet pages. In order for you to be able to connect to and customize the site and services, the website’s servers may install cookies on your computer. These cookies make browsing and using the website easier.

Management of cookies:

There are several options for managing cookies. The settings modify internet surfing and access to services that require cookies to be enabled. You can make or change your cookie settings at any time as described below. The choices are offered by the Internet software. You can set the software so that cookies are registered by the terminal or, on the contrary, reject them, or automatically all of them, or filtered according to the identity of the sender. You can set the software anyway to occasionally offer to allow or reject cookies before the particular cookie is registered on the terminal.

Enable cookies:

Enabling cookies on a terminal primarily depends on the will of the terminal user, which can be expressed or modified at any time for free as offered by the navigation software. If you consent to the registration of cookies on the terminal, the cookies built into the pages and content you view are temporarily stored in a dedicated location in the terminal, from which only the sender can release them.

Disable cookies:

If you do not allow the registration of cookies on the terminal or delete those registered there, you will not have access to certain functions, which may be necessary for surfing on our website/app. This happens, for example, if you want to access content or services that require you to identify yourself. The same happens if we – or our partners – cannot recognize the Internet software used by your terminal, its language and display parameters for technical purposes or the country from which your terminal connected to the Internet. In such a case, we disclaim responsibility for the consequences of the reduced operation of the services, which may occur because you have rejected or canceled the cookies necessary for operation.

How to make the settings depending on the specific software?

Every Internet program is different when it comes to managing cookies. You can find the description in the program’s help, where you can see how you can change the settings related to cookies.

Internet Explorer™:






“Flash”© cookies of “Adobe Flash Player”™:

“Adobe Flash Player”™ is an IT application that allows you to quickly develop dynamic content using the “Flash” computer language. Flash (and similar types of applications) remember content parameters, preferences and usage through technology similar to cookies. However, “Adobe Flash Player”™ does not handle this information and your settings through the same interface as offered by Internet software. If your terminal is capable of displaying content developed with the Flash computer language, please go directly to the Flash cookie management tool:

Settings addressed directly to us:

If you do not want advertising platforms to register cookies on your terminal for the purpose of advertising, you can disable this using the browser on your terminal. This will register a cookie on your terminal with the sole purpose of deactivating advertising services on advertising platforms. Regardless, advertising messages will appear on your terminal. It will only block techniques designed to target advertising to your surfing and interests. Attention, this setting also works with the help of a cookie. If you delete all cookies from the terminal (via the Internet software), we – or our partners – will not even know that you have chosen to disable them. targeted advertising messages, you can do this using your browser.

The cookies on our site:

When you connect to our website, with your consent we can install cookies on your terminal, which recognize the search program of your terminal during the validity of the given cookie. We use cookies for the purposes specified below, depending on whether you have consented to this based on the parameters of the navigation software you used when you entered the website. You can change your decision at any time.

The cookies we send allow you to:

– compile statistics and measure the visitation and use of the elements that make up the website (visited sections and contents), so that we can improve its operation and increase interest in our services;

– change the design of our website according to the preferences displayed on your terminal (used language, image resolution, used operating system, etc.), with the help of reading and display software and devices on your terminal;

– You store the data of the form filled out on our website/application (when logging in or logging in), or the data relating to the products, services or information you have selected on our website (ordered service, basket contents, etc.);

– You can access reserved parts of our website, such as your account, using the identifiers and data that you previously provided to us;

– to develop security measures, such as asking you to re-enter a content or service after a certain period of time.

Cookies sent by third parties on our website …

Our website may contain cookies sent by third parties (communication agencies, viewership measurement company, etc.), which enable these third parties to collect navigation information about the terminals accessing the website during the validity period of the cookies.

Cookies compiled and used by third parties are subject to the data protection policy of these companies. We inform you about the subject of the cookies we are aware of and the means by which you can express your choice regarding the management of cookies.

We can integrate IT applications from third parties into our website, thanks to which you can share the content on our website with others or share your opinion about the content of our website with others. This is what buttons such as « Share », « Like » are used for in the case of social media such as Facebook, Twitter, LinkedIn.

These social media can identify you with the help of the mentioned buttons, even if you did not use them when visiting our website. These application buttons enable the relevant social media to track your visit to our website, simply from the fact that your account was activated on your terminal (logged in) during your visit to the website.

We cannot control in any way what procedures social media use when collecting data related to your visit and how they handle the collected personal data. Please read the social media privacy policies regarding the purposes for which navigation data collected through application buttons is used. Privacy policies allow you to influence social media practices, primarily by personalizing accounts.

The usefulness of Cookies:

Our goal is to present the most effective advertisements possible. Therefore, the technology of cookies allows us to determine, within a suitable time, which advertisement to display on your terminal, based on your previous visits to one or more websites or applications. Your interest in the advertising content displayed on the terminal determines the sources of advertising income, thanks to which you can operate services that are often offered to users for free. You would also be happier to see advertisements on your terminal that are relevant to your interests, rather than advertisements that are completely uninteresting to you. Similarly, advertisers prefer that their advertisements reach users who may be potentially interested in the offer.

More information:

If your terminal is used by several people, or if several Internet programs are running on the terminal, we cannot clearly guarantee that the services and advertisements intended for your terminal really reach a specific user and not another user of the terminal.

If applicable, the sharing of the use of the terminal with other people and therefore the settings related to the management of cookies also fall under your decision and your responsibility.

12. Links to other websites:

Websites can navigate to websites of third parties using links. Tommy-Invest Elektronikai Kft. has no control over these websites and cannot be held responsible for their content or their personal data management. In order to ensure the security of your personal data, we recommend that you read the policies on the confidential management and protection of personal data of the websites accessed through our websites.

13. Other:

Tommy-Invest Elektronikai Kft. may collect data on the User’s activity, which cannot be linked to other data provided by the User during registration, nor to data generated when using other websites or services.

If Tommy-Invest Elektronikai Kft. wants to use the provided data for a purpose other than the purpose of the original data collection, it will inform the User of this and obtain their prior, express consent, or provide them with the opportunity to prohibit the use.

Tommy-Invest Elektronikai Kft. undertakes to take care of the security of the data, and also takes the technical measures to ensure that the recorded, stored, and managed data are protected, as well as to do everything possible to prevent their destruction, unauthorized use, and unauthorized modification.

Tommy-Invest Elektronikai Kft. keeps a record of the data management activities carried out under its responsibility (record of data management activities) in accordance with Article 30 of the GDPR.

A data protection incident is a breach of security that results in accidental or illegal destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data. In the event of a data protection incident, Tommy-Invest Elektronikai Kft. is obliged to act in accordance with Articles 33 and 34 of the GDPR. Tommy-Invest Elektronikai Kft. keeps records of data protection incidents, indicating the facts related to the data protection incident, its effects and the measures taken to remedy it.

Tommy-Invest Elektronikai Kft. is entitled to unilaterally modify these Regulations at any time. Tommy-Invest Elektronikai Kft. informs the User about the modifications via the Website interface. After the modification, the use of the Website is conditional on the User expressly accepting them through the Website and in the manner provided there.

14. More important legislation:

All operations with your personal data are carried out in compliance with applicable laws. Regarding data management, CXII of 2011 on the right to information self-determination and freedom of information. Act, and CVIII of 2001, which regulates certain issues of electronic commercial services and services related to the information society. law.

15. Amendment of the Regulations:

Here, Tommy-Invest Elektronikai Kft. amends these Regulations on its own or on the basis of its legal requirements, we publish them on our website, the amendment is effective from the time of publication. That is why we ask and call you that the latest version is available on the websites.