Cookie Policy
🇬🇧 English version | 🇭🇺 Magyar verzió
Effective from: 22 April 2026
The Controller provides the data subjects with the following prior information regarding personal data processed through the „https://premiumretrofit.net” website, in accordance with Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter: GDPR).
Identity and contact details of the Controller
- Name
- Lencse Gábor ev. (hereinafter: the Controller)
- Registered office
- 2142 Nagytarcsa, Tompa M. u. 2. A. ép. 1., Hungary
- Postal address
- 2142 Nagytarcsa, Tompa M. u. 2. A. ép. 1., Hungary
- Representative
- Lencse Gábor
- Telephone
- +36 70 633 0795
- info@premiumretrofit.net
The Controller is not required to appoint a data protection officer.
Cookie processing
The website uses cookies. Cookies are small data files that websites use to ensure their proper operation and to make the user experience more efficient. These files are placed on the User’s device when the website is visited, and are read back during subsequent visits, thereby identifying the User. Under the GDPR these files qualify as personal data, as the cookie provider is able to link the User’s current visit with previous visits, though only in respect of its own content.
Scope of processed data: information stored in the log files sent by the internet browser.
Data subjects: natural persons who visit the website.
Legal basis for placing the cookies: all cookies listed below are strictly necessary either for the transmission of a communication over an electronic communications network or for the provision of a service explicitly requested by the user (browsing the website, operating the shopping cart, completing the payment flow). Under Article 5(3) of Directive 2002/58/EC (ePrivacy Directive) and Section 155(4) of Act C of 2003 on Electronic Communications (Hungarian implementation), these cookies are exempt from the prior consent requirement.
GDPR legal basis for processing the personal data derived from these cookies: performance of a contract — Article 6(1)(b) GDPR (shopping cart, session, payment), and the Controller’s legitimate interest in the secure operation of the website and fraud prevention — Article 6(1)(f) GDPR.
The Controller does not place any advertising, remarketing, external analytics (e.g. Google Analytics) or behavioural-tracking cookies on the website, so consent-based cookies [Article 6(1)(a) GDPR] do not arise on this site. The CookieYes banner exists solely to display this information and to log its display (see the cookieyes-consent cookie in the table above).
Cookies used on the website
| Name | Category | Retention | Purpose / function |
|---|---|---|---|
| cookieyes-consent | necessary | 1 year | Stores the user’s cookie consent preferences (CookieYes). |
| woocommerce_cart_hash | necessary | session | Identifier of the shopping-cart contents — used by WooCommerce to show the correct cart until checkout is completed. |
| woocommerce_items_in_cart | necessary | session | Tracks the number of items in the cart between browser refreshes. |
| wp_woocommerce_session_* | necessary | 48 hours | Identifier of the WooCommerce customer session (a unique code that allows the server to link cart/order data to the visitor). |
| __stripe_mid | necessary | 1 year | Fraud- and abuse-prevention cookie of the Stripe payment service. Placed only during the payment flow. |
| __stripe_sid | necessary | 30 minutes | Stripe payment session cookie. Placed only during the payment flow. |
| wpEmojiSettingsSupports | necessary | session | Set by WordPress when testing the browser’s emoji-rendering capability. Purely functional, no personal data. |
Persons authorised to access the data
Personal data collected through cookies, and the conclusions drawn from them, may be accessed only by the Controller.
Processors
To achieve the purposes of the processing, the Controller uses the following processor:
CookieYes Limited
- Registered office
- 3 Warren Yard Warren Park, Wolverton Mill, Milton Keynes, MK12 5NW, United Kingdom
For the operation and availability of the website, the Controller uses the following hosting provider:
REFA-Controlling Energia Kft. (hosting provider)
- Registered office
- 1036 Budapest, Kiskorona utca 6. 5. em. 25., Hungary
Location and method of processing
The data is stored electronically in the Processor’s secure system.
Links
For links to other websites placed on the website, the privacy notice of the respective site applies; the Controller cannot influence the processing carried out there.
Data security
The Controller takes all technical and organisational measures and establishes the procedural rules necessary to enforce the GDPR’s rules on confidentiality and data security.
The Controller protects the data it processes by appropriate measures against unauthorised access, alteration, transmission, public disclosure, deletion or destruction, and against accidental destruction or damage.
In its data processing activities the Controller preserves:
- confidentiality: protecting the information so that it is accessible only to authorised persons;
- integrity: protecting the accuracy and completeness of the information and the processing method;
- availability: ensuring that when an authorised user needs the information, it is actually accessible, along with the tools required to access it.
Through physical, administrative and logical protective measures, the Controller ensures that the website does not suffer information-security or data-protection incidents, and that its IT system is properly protected against computer fraud, espionage, fire and flood, viruses, and computer intrusions.
Automated decision-making
The Controller does not carry out automated decision-making in connection with the processing purposes set out in this notice, and does not process personal data for profiling purposes.
Rights of the data subject, enforcement
The data subject has the right, at any time and without restriction, to request information about, access to, rectification, erasure or restriction of processing of their personal data, and to request data portability, as well as to withdraw their consent. The data subject may exercise the above rights through the Controller’s contact details.
Without undue delay — and in any event within one month of receiving the request — the Controller informs the data subject of the action taken. Where necessary, this period may be extended by a further two months.
If a data subject becomes aware of any breach relating to the processing of their personal data, they may contact the Controller, the Hungarian National Authority for Data Protection and Freedom of Information (NAIH), or a court:
Hungarian National Authority for Data Protection and Freedom of Information (NAIH)
- Postal address
- 1363 Budapest, Pf. 9., Hungary
- ugyfelszolgalat@naih.hu
- Website
- http://naih.hu
Regional Court of Budapest Environs
- Postal address
- 1590 Budapest, Pf. 225., Hungary
- birosag_bkt@birosag.hu
📄 Download Cookie Policy (PDF)
For questions about this document, please contact us at info@premiumretrofit.net.