Privacy policy

Consent to the use of cookies

We use essential cookies to ensure the basic functionality of this website.
With your consent, we also use analytics cookies to understand how our website is used and to improve your experience.
You can accept all cookies, reject non-essential cookies, or customise your preferences at any time.
For more information, please see our Cookie Policy. More information

Individual consents

Save settings

Reject non-essential cookies Accept all

PRIVACY POLICY

If you are my client, newsletter subscriber, or website visitor, you entrust me with your personal data. I take this responsibility seriously and I am committed to protecting your privacy, ensuring transparency, and complying with the GDPR (General Data Protection Regulation).

Please read this Privacy Policy carefully to understand how your data is collected, used, protected, and what rights you have.

1. Data Controller
Name: Tarpataki Lenka – Sole Entrepreneur (Egyéni Vállalkozó, EV)
Registered address: 1048 Budapest, Csíksomlyó utca 2. 2/8, Hungary
Tax number: 91562199-1-41
Websites: www.lenkatarpataki.com / www.lenkatarpataki.cz
Email (EN/HU): info@lenkatarpataki.com
Email (CZ/SK): info@lenkatarpataki.cz

I act as the Data Controller under GDPR, meaning:
– I determine why and how your personal data is processed
– I decide which processors I work with
– I am responsible for the security and lawful handling of your data

I confirm that I follow all obligations required by GDPR and relevant Hungarian and EU law.

2. Contact for Privacy Matters
If you need assistance regarding your personal data, you may contact me at:
📧 info@lenkatarpataki.com

(You asked not to publish a phone number, so the phone number is removed.)

3. What Personal Data I Process and Why
I only process personal data that you voluntarily provide or that is technically necessary for operating my website or services.

3.1. Providing Services (Coaching, Online Consultations)
I process:
– Name
– Email
– Billing information
– Coaching notes (voluntary information you share during sessions)
– Video or audio recordings (ONLY with explicit written consent)

Purpose:
– delivering coaching sessions (online/offline)
– preparing session notes
– managing appointments
– sending follow-up materials

Legal basis:
GDPR Art. 6(1)(b) – performance of a contract.

Recordings are never made without your explicit consent.

Retention: 5 years (then securely deleted).

3.2. Digital Products (e-books, PDFs, meditations)
I process:
– Name
– Email
– Billing info
– Purchase and download history

Purpose:
– delivering the purchased digital content
– resolving technical issues
– issuing invoices

Legal basis:
GDPR Art. 6(1)(b) – contract performance
GDPR Art. 6(1)(c) – legal obligation (invoicing)

3.3. Payments (via Stripe)
I do not receive or store any payment card details.

Stripe processes:
– card details (tokenized)
– transaction ID
– payment status
– billing data

Legal basis:
GDPR Art. 6(1)(b) – contract performance
GDPR Art. 6(1)(f) – legitimate interest (fraud prevention)

3.4. Invoicing (via Számlázz.hu)
Hungarian law requires electronic invoicing.

Számlázz.hu receives:
– name
– billing address
– email
– purchase details

It automatically reports invoices to the Hungarian Tax Authority (NAV), as required by law.

Legal basis: GDPR Art. 6(1)(c) – legal obligation.

3.5. Newsletter & Marketing Emails
I process:
– name
– email
– language preference
– email interaction data (opens, clicks)

If you are a customer
I may send newsletters based on legitimate interest for up to 3 years after your last purchase.

If you are not a customer
I send newsletters only with your explicit consent.

You can unsubscribe at any time by clicking the link in any email.

Advanced marketing (remarketing / ads)
I use your email for targeted advertising (e.g., Facebook custom audiences) only if you explicitly consent.

Consent can be withdrawn at any time.

3.6. Website Visitors – Cookies and Analytics
When visiting my site, I process:
– IP address
– pages visited
– time spent on the website
– device & browser info
– cookies

Types of cookies:
– Essential cookies (legitimate interest)
– Analytics cookies (GA4) – only with consent
– Marketing cookies – only with consent
– Stripe technical cookies (for secure payments)

You can disable cookies in your browser at any time.

4. Legal Bases for Processing
I process your data only when one of these applies:

Contract performance (coaching, product delivery)
Legal obligation (invoicing, accounting)
Legitimate interest (security, communication, existing clients)
Consent (marketing, recordings, analytics cookies)

5. Data Processors I Work With
I only work with verified, GDPR-compliant third parties:

Processor
Purpose
Location
Számlázz.hu
invoicing + NAV reporting
Hungary
Stripe Payments Europe Ltd.
payment processing
EU/USA
Google LLC (GA4, Drive)
analytics / file storage
EU/USA
SmartEmailing
newsletters
EU
Mioweb
website platform
EU
Wise Europe
multi-currency banking
EU
All processors follow GDPR and provide DPA agreements.

6. Data Security
I protect your data using:

– encryption
– two-factor authentication
– access restrictions
– secure cloud storage (Google Drive EU priority)
– regular system updates
– internal confidentiality rules

I treat your personal data with the same care as my own.

7. Your Rights Under GDPR
As a data subject, you have the right to:

– access your data
– request correction
– request deletion (“right to be forgotten”)
– restrict processing
– object to processing
– withdraw consent at any time
– request data portability

To exercise your rights, contact me at:
📧 info@lenkatarpataki.com

8. Complaints
If you believe your data is not handled lawfully, you may contact:

National Authority for Data Protection and Freedom of Information (NAIH)
1125 Budapest, Szilágyi Erzsébet fasor 22/c
Website: https://www.naih.hu

You also have the right to seek remedy before a court.

9. Changes to This Privacy Policy
I may update this policy as needed.
The latest version is always available on this website - November 2025.