Data policy


  1. Purpose of the policy

The purpose of these regulations is to define the personal data management procedure by KriXKraX Catering Kft. (hereinafter: Data Controller), which operates the Vietnámigulyá HK restaurant, and to provide information about it in an understandable and easily accessible form to the persons concerned, for guests (hereinafter: Data Subject).

The website operated by KriXKraX Catering Kft. uses so-called cookies.

  1. Name and contact details of data controller

Name of the Data Controller: KriXKraX Catering Kft.

address: 1027 Budapest, Bem József u. 6. 1st floor. 3.

company registration number: Cg. 01-09-428220.

tax number: 32515778-2-41.



phone number: +36 30 136 2397

The Data Controller handles the Data Subject's personal data in connection with the table reservation as follows:

The purpose of data management is to provide administrative activities related to table reservations

The legal basis for data management is the Data Subject's voluntary and express consent based on Article 6, Paragraph 1, Point a) of the GDPR.

In the case of data management based on consent, the Data Subject has the opportunity to withdraw consent at any time without restriction. The withdrawal does not affect the legality of the previous data management.

The following personal data are stored:

– e-mail,

– phone number,

– name,

- fact of table reservation,

- the time of table reservation.

Data management retention period: until the table reservation is made or until the consent of the Data Subject is withdrawn.


KriXKraX Catering Kft.. uses the following business organization as data processor:

Name of data processor, company registration number: NeerY Solutions Kft., Cg. 13-09-224139

Registered office of the data processor: 2040 Budaörs, Szabadság út 121. Floor IV. Door 14

Brief description of data processing activity: provision of table reservation service

The data processing information of the data processor is available here:

  1. What are cookies and what are their purposes?

When the Data Subject visits the page indicated in the policy, a file, so-called a cookie is sent to your computer, which can serve several purposes, but essentially, with the help of the stored cookie, we obtain information about the activity performed during the visit to the site.

Some of the cookies we use are essential for the proper technical operation of the site, while there are some that collect information (statistics) about the use of the website to make the site even more convenient and useful. Some cookies are only temporary and disappear when the browser is closed, while there are also persistent versions that remain on the computer for a long time.

Retrieving previously downloaded and saved cookies from the website allows us to link the data subject's browsing session with the data of a previous browsing session. Linking browsing history and analyzing browsing habits helps us to provide a unique user experience to the Data Subject.

  1. Types of cookies used

 4.1. Cookies supporting basic functionality

The cookies that support the basic operation are necessary for browsing the website and using the functions, among other things they allow the Data Subject to comment on the operations performed on the given page. Without the use of cookies that support basic operation, the smooth use of the website cannot be ensured. Their validity period covers the duration of the given visit, cookies are automatically deleted at the end of the work process or when the browser is closed.

4.2. Cookies for statistical purposes

The Data Processor can analyze the Data Subject's visits to the website and the activities performed during these visits. These are used to measure website visits and user activity on the website, in order to continuously improve the effectiveness of the website. These cookies cannot identify the Contact, for example, they collect information such as which page the visitor viewed, which part of the website the user clicked on, how many pages were visited, how long each session was viewed, and any error messages .

Google Analytics uses cookies to store data on how the Data Subject uses the website, and in the process also prepares an analytical report on the performance of the website. The data collected may anonymously include the number of visitors, their source and the pages visited. The usage information generated by the cookies is transmitted to Google's own servers and stored there. The data retention period of cookies is 2 years from the date of installation on the Data Subject's device.

Cookies placed by third parties on our site:

Measurement and customization:

Google (Google Analytics)


Google (Youtube)

Social media:



The storage of cookies can be prevented by setting the browser software accordingly.


  1. Regulation and deletion of cookies

Some browsers automatically accept cookies by default, but this setting can also be changed in order for the Data Subject to prevent automatic acceptance in the future. In case of conversion, the browser will offer the option to set cookies each time.

If the Data Subject wants to delete cookies from our website or does not want to use them, you can find information from the information below, depending on the browser you have.

Internet Explorer:




Please note that if cookies are disabled, certain elements and the full functionality of the website may not be available.


  1. Legal basis for processing personal data

 6.1 In the case of cookies that support basic functionality, the legal basis is Article 6, paragraph 1, point (f) of the GDPR, according to which data processing is necessary to enforce the legitimate interests of the data controller or a third party, unless these interests are overridden by the interests of the data subject or fundamental rights and freedoms that require the protection of personal data. It is the Data Controller's legitimate interest to ensure the proper functioning of its website both technically and technically.

6.2. The legal basis for the use of cookies for statistical purposes is point a) of Article 6 (1) of the GDPR, that is, the Data Subject's voluntary and express consent to data management. Consent to data management can be withdrawn at any time.

In the case of data management based on consent, the Data Subject has the opportunity to withdraw consent at any time without restriction. The withdrawal does not affect the legality of the previous data management.

  1. Stakeholder rights related to data management

The Data Subject may, at any time, without limitation, request:

– information on the details of data management,

- correction of inaccurate data,

- deletion, if there is no further purpose or legal basis for data management,

- restriction of processing if you consider the data processing to be unlawful, but do not request deletion, or until the data accuracy request is assessed,

- you can object to the processing of personal data.

Based on the right to restriction - in the absence of a request to the contrary - we only store the data, we do not perform any other operations with the data.

The Data Controller fulfills the Data Subject's request regarding the exercise of his rights related to this data management without undue delay, but no later than within 30 days of its receipt. If necessary, this deadline can be extended by another two months. However, the Data Controller shall inform the Data Subject of the extension of the deadline, indicating the reasons for the delay, within one month of receiving the request.


The Data Subject may exercise these rights at any time in a written request sent to the Data Controller by mail or in an electronic message via e-mail at the contact details provided.

The Data Controller collects the data directly from the Data Subject when the contact is established. The Data Controller may not refuse to fulfill the Data Subject's request to exercise his rights, unless the Data Subject cannot be identified.


  1. The legal enforcement options available to the data subject in relation to this data management

If the Data Controller does not fulfill its obligations in relation to any of the above requests of the Data Subject, the Data Subject may file a complaint with the National Data Protection and Freedom of Information Authority /In Hungarian: Nemzeti Adatvédelmi és Információszabadság Hatóság or NAIH/.

NAIH contact details:

Address: 1055 Budapest, Falk Miksa street 9-11.

Mailing address: 1363 Budapest, Pf. 9.

Phone number: 06 1/391-1400

Fax: 06 1/391-1410

URL of the NAIH website:

Without prejudice to the available non-judicial remedies, including the right to file a complaint with the NAIH, all data subjects are entitled to effective judicial remedies if, in their opinion, their rights related to the processing of their personal data have been violated.

The adjudication of the lawsuit falls within the jurisdiction of the court. The Data Subject may decide to initiate the lawsuit before the court of his place of residence or residence.

You can access the list of courts at

Effective date of the regulations: 01.06.2024.