Privacy Policy — Tisztaklíma9ker

1. Data controller

Name: Tisztaklíma9ker (sole proprietor)

Registered address: 1092 Budapest, Ráday utca 25., 2. emelet 3. ajtó

2. Scope of personal data processed

We process the following data, only to the extent necessary for the given purpose:

Data type	Purpose of processing	Legal basis
Name, phone number, email address	Processing appointment bookings, sending confirmations	Performance of contract (GDPR Art. 6(1)(b))
Home address / service address	Performing the on-site service	Performance of contract (GDPR Art. 6(1)(b))
Email address (contact)	Answering inquiries, customer support	Legitimate interest (GDPR Art. 6(1)(f))
Billing data (if applicable)	Fulfilling legal obligations	Legal obligation (GDPR Art. 6(1)(c))

3. Data retention period

Booking-related data: 2 years from the completion of the service, unless a longer retention period is required by law.
Billing data: 8 years under the Hungarian Accounting Act (Act C of 2000).
Email correspondence: 1 year from the resolution of the matter.

4. Cookies

This website uses its own cookie consent solution. Your consent preferences are stored locally in your browser (localStorage) and are not transmitted to any third party. Non-essential (marketing, statistics) scripts are blocked using the type="text/plain" attribute until you explicitly grant consent. Consent is valid for 12 months, after which it will be requested again.

Statistics cookies (consent required)

The following cookies are only placed if you enable the statistics category in the cookie settings panel.

_ga (Google Analytics 4)

A cookie placed by Google Analytics that stores a unique visitor identifier to distinguish repeat visits. Expiry: 2 years. Legal basis: GDPR Art. 6(1)(a) — your consent.

_ga_YBT7L8D1DX (Google Analytics 4)

A cookie linked to the GA4 measurement ID that stores session state. Expiry: 2 years. Legal basis: GDPR Art. 6(1)(a) — your consent.

Marketing cookies (consent required)

The following cookies are only placed if you enable the marketing category in the cookie settings panel. Without your consent, these cookies will not load.

_fbp (Meta Pixel)

A cookie placed by the Meta (Facebook) Pixel that stores a unique browser identifier. Purpose: measuring the connection between website visits and Facebook ads (conversion tracking). Expiry: 3 months. Legal basis: GDPR Art. 6(1)(a) — your consent.

_fbc (Meta Pixel)

Stores the click identifier from Facebook ads. Only created if you arrived at the website via a Facebook advertisement. Expiry: 2 years. Legal basis: GDPR Art. 6(1)(a) — your consent.

This website does not perform behavioral profiling. The Meta Pixel only transmits aggregated conversion data (page views, booking intent, contact actions) to Meta Platforms for ad measurement purposes.

5. Data processors and third parties

The data controller uses the following service providers as data processors:

Google Calendar (Google LLC)

The online booking system automatically syncs confirmed bookings to the data controller's Google Calendar (for internal scheduling purposes). Data transferred: booking date and time, selected service, and customer contact details (name, email, phone number). Data is transferred to Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) servers, which constitutes a transfer outside the EU. Legal basis for this transfer: the EU-US Data Privacy Framework, of which Google is a certified member. Their privacy policy: policies.google.com/privacy

Telegram (Telegram FZ-LLC)

The data controller receives instant notifications of new bookings via Telegram messages to speed up internal response. Data transferred: booking date and time, selected service, customer name and contact details. Data is transferred to Telegram FZ-LLC (registered in Dubai, United Arab Emirates) servers, which constitutes a transfer outside the EU. Legal basis for this transfer: the European Commission's Standard Contractual Clauses. Their privacy policy: telegram.org/privacy

Google Fonts (Google LLC)

We use the Google Fonts API to load website fonts. During loading, your IP address may be transmitted to Google LLC (USA) servers, which constitutes a transfer of data outside the EU. The legal basis for this transfer: the EU-US Data Privacy Framework, of which Google is a member. Their privacy policy: policies.google.com/privacy

Hosting provider

We use Hostinger International Ltd. (registered address: 61 Lordou Vironos, 6023 Larnaca, Cyprus) as our hosting provider. The hosting provider may access web server log files (IP address, visit time, requested page) as a data processor. Data is stored within the EU. Their privacy policy: hostinger.com/privacy-policy

Google Analytics 4 (Google LLC)

We use Google Analytics 4 (Measurement ID: G-YBT7L8D1DX) for measuring website traffic statistics. Data processed: anonymised IP address, pages visited, visit duration, device type, traffic source. Data collection only begins after you grant statistics cookie consent. Data is transferred to Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). The legal basis for this transfer: the EU-US Data Privacy Framework, of which Google is a certified member. Their privacy policy: policies.google.com/privacy

Meta Platforms, Inc. (Facebook Pixel)

This website uses Meta Pixel technology for measuring advertising effectiveness (conversion tracking). The Pixel is only activated after you grant marketing cookie consent. Data processed: browser identifier, pages visited, click events (booking intent, contact actions). Data is transferred to Meta Platforms, Inc. (1 Hacker Way, Menlo Park, CA 94025, USA). The legal basis for this transfer: the EU-US Data Privacy Framework, of which Meta is a certified member. Their privacy policy: facebook.com/privacy/policy

The data controller does not sell personal data to third parties and does not perform marketing-related profiling.

6. AI chatbot (OpenAI)

Use of the AI chatbot available on this website (Tisztaklíma9ker assistant) is voluntary and optional: processing only begins if you open the chat window and send a message.

Purpose of processing

Customer-service information (pricing, service area, booking process), and optional call-back requests (capturing contact details and forwarding them by e-mail to the data controller).

Legal basis

Consent of the data subject — GDPR Article 6(1)(a). Opening the chat window and sending a message constitutes a clear affirmative action. Consent may be withdrawn at any time by closing the chat window; withdrawal does not affect the lawfulness of processing before withdrawal.

Scope of data processed

The content of the messages you type in the chat; if you submit a call-back request: name and e-mail or phone number; technical data: hashed IP address (for abuse prevention), token usage, language preference.

Processor and transfer outside the EU

Messages are processed for reply generation and automatic content moderation by OpenAI, L.L.C. (3180 18th Street, San Francisco, CA 94110, USA) as a data processor, on the gpt-4o-mini and omni-moderation-latest models. The transfer is to a third country (USA); its legal basis is the European Commission's Standard Contractual Clauses. According to OpenAI's own policy, API request content is retained for up to 30 days for abuse monitoring, after which it is deleted (unless legally required to be retained). Their privacy policy: openai.com/policies/privacy-policy

Retention at the data controller

Message content is not stored on the data controller's server — it remains only in your browser's sessionStorage and is automatically deleted when the tab is closed. Anonymous usage logs (token count, language, hashed IP) are retained for up to 12 months. Rate-limit files are automatically deleted within 25 hours. For call-back requests, the submitted contact details are processed as part of the e-mail communication flow described in Section 3.

Limitations and safety

The chatbot does not provide medical, legal, or financial advice. Reply generation does not constitute automated individual decision-making within the meaning of GDPR Article 22 (see Section 8). Please do not share sensitive personal data (e.g. health, financial information, payment-card data) during the chat conversation.

7. Your rights

Under the GDPR, you have the following rights:

Right of access

You may request information about what data we process and for what purpose.

Right to rectification

You may request the correction of inaccurate or incomplete data.

Right to erasure

You may request the deletion of your data if the legal basis for processing has ceased.

Right to restriction

You may request the restriction of processing in certain cases.

Right to object

You may object to processing based on legitimate interest at any time.

Right to data portability

You may request your data in a machine-readable format.

You can exercise your rights at info@tisztaklima9ker.hu. We will respond to your request within 30 days.

8. Automated decision-making and profiling

The data controller does not carry out solely automated individual decision-making (including profiling) within the meaning of GDPR Article 22 that produces legal effects concerning you or similarly significantly affects you. The AI chatbot reply generation described in Section 6 is informational in nature and does not result in such a decision. Your personal data is processed for the purpose of fulfilling bookings and maintaining customer relations, in a process requiring human decision-making.

9. Filing a complaint

If you believe that the processing of your data violates GDPR provisions, you may file a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH):

Name: Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH)

Address: 1055 Budapest, Falk Miksa utca 9–11.

Phone: +36 1 391 1400

Email: ugyfelszolgalat@naih.hu

Website: naih.hu

10. Amendments to this policy

The data controller reserves the right to amend this privacy policy. Data subjects will be informed of changes by updating this page. The effective date of any amendment is the "Last updated" date shown at the top of this page.