Privacy Policy

Storage of personal data, policies


RIAVITA PHARMA Kft. (székhely: Budapest, Ferenciek tere 5., cg: 01-09-392982, e-mail: telefonszám:+36(70) 547-5096, a továbbiakban: Data controller) a jelen adatvédelmi tájékoztatóval tájékoztatja a oldalt felkeresőket az általa kezelt személyes adatokról, a személyes adatok kezelésével kapcsolatos gyakorlatáról, a személyes adatok védelme érdekében tett intézkedéseiről, valamint az érintettek jogairól, eleget téve ezzel az adatkezelésről szóló 2016/679 sz. EU rendelet és az információs önrendelkezési jogról és az információszabadságról szóló 2011. évi CXII. törvény által előírt, személyes adatkezeléshez kapcsolódó, előzetes tájékoztatási kötelezettségének.

The data management practice of the data controller is regulated by EU Regulation 2016/679 (GDPR) and Act CXII of 2011 on the right to informational self-determination and freedom of information. (hereinafter: Info Act.), the legal basis of data processing is section §6(1) and §5(1)(a) of these laws, the voluntary consent of the person interested in or registering on the website.

Terms used in the PP under the Info Act:
Data controller

A natural or legal person or an organization with no legal personality, which alone or jointly with others determines the purpose and means of data processing, makes and implements decisions on data processing (including the means used) or make decisions executed by the data controller;

Data Subject

Any determined, identified on the basis of personal data or - directly or indirectly – identifiable natural person;

Personal data

Data related to the data subject, in particular the data subject's name, identification code and knowledge of one or more physical, physiological, mental, economic, cultural or social identities, as well as the conclusion may be drawn from the data concerning the data subject;


A voluntary and firm declaration of the data subject's intention, based on adequate information, giving his or her unambiguous consent to the processing - in whole or in part - of his/her personal data;

Right of objection

Statement by the data subject objecting to the processing of his/her personal data and requesting the termination of the data processing or the deletion> of the processed data.

According to EU regulation 2016/679 and Section 4(1) of the Info Act, the personal data of the data subject may only be processed for a specific purpose, in order to exercise a right and fulfill an obligation.

According to the law, only such personal data of the data subject may be processed, which is essential for the realization of the purpose of data processing and is suitable for achieving the purpose. The personal data of the data subject may be processed only to the extent to achieve the purpose and for the time necessary.

The data controller acts in accordance with the data security requirements of the law.

The use of your personal data is based, inter alia, on the following legal bases:
  • the data required to complete the order or the steps required prior to the order, legal basis: Article 6(1)(a) and (b) of the GDPR
  • registration required for the order, Article 6(1)(a) and (b) of the GDPR
  • issue of an invoice in accordance with accounting legislation; legal basis: Article 6(1)(c) of the GDPR
  • contact - legal basis: Article 6(1)(f) of the GDPR. The legitimate interest of the data controller: business continuity.
  • processing of data of contractual partners - legal basis: Article 6(1)(b) of the GDPR
  • marketing activity - legal basis: Article 6 (1) (a) GDPR. e.g. visiting a website without making a purchase
  • for the purpose of marketing activities, a Facebook page is also operated, however, an independent database is not created or profiled.
  • legal basis for online registration: Article 6(1)(a) of the GDPR
  • legal basis for the use of cookies: Article 6(1)(a) of the GDPR

Az adatkezelés célja  a weboldalon található szolgáltatásra vonatkozó szerződéskötés és teljesítése, így a rendelésre vonatkozó regisztráció,  a rendelés feldolgozása, áruszállítással történő teljesítése, a szolgáltatásokra való  bejelentkezésre, a szolgáltatás iránt érdeklődő érintettekkel  a szolgáltatások megismertetése, az érintettekkel való  kapcsolattartás, illetve az ezekhez kapcsolódó ügyviteli feladatok ellátása, továbbá az esetleges garanciális ügyintézés, panaszkezelés.

Based on the voluntary consent, data subject provides the following data for the purpose of first contact, registration, communication:

  • name
  • home address
  • E-mail address
  • phone number

The data subject gives his/her voluntary consent at the data controller to the processing of the data regarding the data mentioned above, personally by using the website. The consent also covers operations of data collection, entry, recording, organization, storage, use, deletion and destruction.

By providing E-mail address, the data subject consents to sending information about and prospectus of services provided by the data controller.

The data controller shall take all necessary security, organizational and technical measures to ensure the highest level of security of the personal data processed by data controller and to prevent their unauthorized alteration, destruction and use.

If the data controller is about to carry out further data processing, he/she shall provide preliminary information on the essential circumstances of the data management (legal background and legal basis of data management, purpose of data management, scope of processed data, duration of data management).

Due to legislative provisions - Article 7(1) of the GDPR. - the consent must be able to be verified later, therefore the data will be stored for the limitation period following the cessation of data processing.

During registration, ordering, subscribing to the newsletter, the IT system stores the IT data related to the consent for later proof.

The duration of data management lasts from the time of data registration to the deletion of the data by the data controller (see Data Access>).

Invoices are kept for at least eight years due to legal obligation. The retention period of the documents on which the invoice is based is eight years.

The retention period of the data provided for the purpose of contact is maximum one year after the contact is established.

Retention period of data related to contract fulfillment: five years.

In relation to personal data, the data subject has the rights specified by law.

Rights concerned
  • right of access (cognition of data, fact whether data are being processed);
  • in case of out-of-date or incorrect data, its correction;
  • deletion (only in the case of consent-based data management);
  • restrictions on data processing;
  • prohibiting the use of personal data for direct marketing purposes;
  • transfer of personal data to a third-party service provider, or its prohibition;
  • request a copy of any personal data processed by the data controller; or
  • objection to the use of personal data.

The data subject may submit his/her requests in writing, by registered mail to the official address of the data controller or by electronic way. At the request of the data subject, the data controller shall delete his/her data without undue delay if the data subject withdraws the consent on which the data processing is based. Data controller shall send answers without delay, but within 30 days to the address or E-mail address provided by data subject.

We are to inform you that the data controller is obliged to comply with the written data requests of the authorities based on legal authorization. The data controller is obliged to keep records of data-transfer based on §15(2)-(3) of the Info Act (to which authority, what personal data, on what legal basis, when was transmitted by the data controller), the content of which the data controller provides information on request, unless its disclosure is excluded by law.

The legal provisions concerning the procedure related to the possible infringement of the data subject and the obligations of the data controller are set out in Act No. 2016/679. EU regulation and Info Act.

In case of data protection incident (unlawful handling or use of personal data) the data controller is obliged to report the events no later than within 72 hours of becoming aware of the data protection incident. 

In the case of a breach of the processing of personal data, the data subject may lodge a complaint with the National Data Protection and Freedom of Information Authority in accordance with the provisions of the law (Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22/C. Website:, E-mail:, postal address: 1530 Budapest, Pf: 5)

Judicial process: data protection litigation falls within the jurisdiction of the tribunal. The action may, at the option of the person concerned, also be brought before the court of the place where the person concerned stays or is resident.

Pursuant to the law, in order for the consent to data processing to be voluntary, express and unambiguous and based on appropriate information, the data controller must always inform the data subject in advance, clearly and in detail before the data processing, by this very privacy policy about all the facts regarding the data processing.

A jelen tájékoztatást az érintett: honlapon ismerheti meg, azt az adatkezelő által nyújtott szolgáltatás igénybevételével, ráutaló magatartással fogadja el.

The data controller reserves the right to unilaterally amend this privacy policy information. The data controller shall publish the current version of this data management information on its website. By using the service provided by the data controller, the data subject accepts the contents of the amended data management information by conduct.

The data controller uses so-called cookies on the website, the legal basis of which is your consent. A cookie is a package of information that a website sends to your browser in order to save certain settings, facilitate the use of our website and contribute to the collection of statistical information (Cookie policy>)

Website operator, hosting provider

A honlapot a Riavita Pharma Kft. (levelezési cím: 1053 Budapest, Ferenciek tere 5. 2. em. 9/C., e-mail:, telefonszám: +36(70) 547-5096 üzemelteti. Az érintettek által megadott személyes adatokat az adatkezelő és üzemeltető harmadik személynek nem továbbítja. Adatkezelő adatfeldolgozót nem vesz igénybe/igénybe vesz.

A Riavita Pharma Kft. (székhely: Budapest, Ferenciek tere 5. 2. em. 9/C.) tájékoztatja a honlap látogatóit, hogy a honlap üzemeltetőjeként adatkezelőnek minősül és mint adatkezelő kizárólag az érintettek által rendelkezésre bocsátott személyes adatokat kezeli, az érintettek személyére, adataira vonatkozó valamennyi adatot, tényt, információt bizalmasan kezel.

Észrevételeit az e-mail címre küldheti.

Data access

Retrieval of personal information

Az alábbi űrlap segítségével kérheted adataid email címedre történő elküldését vagy adataid végleges törlését rendszerünkből. (A hitelességet biztonsági okokból ellenőrizzük!)

Select your request: