⚡ Claim Your 14-Day Free Trial Start Now
RoomRaiser

RoomRaiser Ltd. Privacy Policy

Effective Date: January 1, 2025

Last Updated: January 1, 2025

1. Introduction

RoomRaiser Ltd. (hereinafter: Data Controller) as Data Controller informs you, as data subject, about the purpose of processing your personal data, the legal basis and duration of data processing, the scope of data processed, the persons entitled to access the data, your rights related to data processing, and the available legal remedies.

Please read this privacy notice carefully to understand how we process your personal data and learn about your rights related to data processing.

Our data processing practices are based on Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information and the European Union's General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, hereinafter: GDPR).

2. Data Controller Information

Company Name: RoomRaiser Ltd.

Registered Office: 2089 Telki, Levendula utca 16., Hungary

Company Registration Number: 13-09-239828

Tax Number: 27843840-2-13

Representative: András Dávid Buzás, Managing Director

Phone: +36 70 510 6414

E-mail: info@roomraiser.com

3. Description of Data Controller's Various Data Processing Activities

3.1. Description of data processing activities

Purpose of data processing:

  • Data processing necessary for establishing, maintaining customer relationships, concluding contracts, and fulfilling contractual obligations.

Description of data processing purpose:

  • Data processing necessary for establishing contact with the Data Controller (e.g., requesting quotes, providing offers, concluding contracts), maintaining contact, and fulfilling contractual obligations.

Categories of personal data processed:

  • Email address, phone number, name.
  • Other personal data provided by the data subject during contact.

Legal basis for data processing:

  • The Data Subject's name, phone number, and email address are processed under GDPR Article 6(1)(f) - the Data Controller's legitimate interest.
  • Other personal data provided by the Data Subject during contact is processed under GDPR Article 6(1)(a) - the Data Subject's voluntary consent.

Consequences of not providing data:

  • Contact with the Data Controller will not be possible.

Data retention period:

  • 2 weeks following the end of the data processing purpose

Data subjects:

Any person who wishes to establish contact with the Data Controller through the https://roomraiser.com/ website, as well as contact persons named in contracts concluded by the Data Controller, other persons participating in contract fulfillment (e.g., managers, etc.). Data subjects can request the legitimate interest assessment test by contacting info@roomraiser.com.

Source of personal data:

The Data Subject's personal data is provided by the legal entity or natural person establishing contact, maintaining contact, concluding contracts, or fulfilling contracts with the Data Controller, or directly by the Data Subject themselves.

Is the Data Subject obliged to provide personal data?

  • Providing name, position, phone number, and email address is mandatory; providing other personal data is voluntary.

Does profiling or automated decision-making occur within the data processing activity?

  • No

3.2. Data Security Measures

Description of data security measures:

The Data Processor undertakes to implement appropriate technical and organizational measures throughout the full scope of its data processing activities, taking into account the state of the art, the costs of implementation, the nature, scope, context and purposes of processing, and the risk of varying likelihood and severity for the rights and freedoms of natural persons, and to assist the Data Controller to the fullest extent possible in fulfilling its obligations to data subjects regarding the exercise of their self-determination rights.

The Data Processor protects data with appropriate measures, particularly against unauthorized or unlawful access, alteration, transmission, public disclosure, loss, deletion or destruction, as well as accidental destruction, alteration and damage, and inaccessibility due to changes in the applied technology.

Data security measures implemented by the Data Processor:

  • Measures to ensure the ongoing confidentiality, integrity, availability and resilience of systems and services used for processing personal data.
  • Physical security measures regarding the location of personal data processing.
  • Measures to restrict access to personal data.
  • Measures to protect data during transmission of personal data.
  • Where applicable, measures for pseudonymisation and encryption of personal data.
  • Measures to ensure that access to personal data and data availability can be restored in a timely manner in case of a security/data protection incident.
  • Procedures/measures for regular testing, assessment and evaluation of the effectiveness of technical and organizational measures implemented to ensure the security of data processing.

Persons with access to personal data:

  • The Data Controller's executive officers and employees.

Transfer of personal data to third countries or international organizations:

  • The Data Controller does not transfer the above-mentioned personal data of data subjects to third countries outside the European Union territory or to international organizations.

4. Rights of Data Subjects Regarding Their Processed Personal Data

The description of individual rights and concepts and how to exercise them are contained in the following sections. (Abbreviations: Y = yes / N = no / G = according to conditions set forth in GDPR)

Data subject rights:

  • Withdrawal of consent: N
  • Access: Y
  • Rectification: Y
  • Erasure (right to be forgotten): Y
  • Restriction of processing: G
  • Data portability: N
  • Objection: Y
  • Automated decision-making, including profiling: N

4.1. Right of Access

The data subject has the right to obtain from the Data Controller confirmation as to whether or not personal data concerning them is being processed, and, where that is the case, access to the personal data and related information.

4.2. Right to Rectification

The data subject has the right to obtain from the Data Controller without undue delay the rectification of inaccurate personal data concerning them. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.

4.3. Right to Erasure ('Right to be Forgotten')

The data subject has the right to obtain from the Data Controller the erasure of personal data concerning them without undue delay, and the Data Controller has the obligation to erase personal data without undue delay where the conditions set forth in the GDPR apply.

4.4. Right to Restriction of Processing

The data subject has the right to obtain from the Data Controller restriction of processing where one of the conditions set forth in the GDPR applies.

4.5. Right to Object

The data subject has the right to object, on grounds relating to their particular situation, at any time to processing of personal data concerning them which is based on point (f) of Article 6(1) of the GDPR, including profiling based on those provisions.

5. Exercising Data Subject Rights

To exercise the above rights, the data subject may contact the Data Controller at the following addresses:

Postal address: 2089 Telki, Levendula utca 16., Hungary

Email address: info@roomraiser.com

Phone: +36 70 510 6414

6. Legal Remedies

If the data subject believes that the processing of their data violates the GDPR provisions, they are entitled to lodge a complaint with the supervisory authority.

In Hungary, the supervisory authority is:
National Authority for Data Protection and Freedom of Information
Address: 1055 Budapest, Falk Miksa u. 9-11., Hungary
Postal address: 1374 Budapest, P.O. Box 603., Hungary
Phone: +36 1 391 1400
E-mail: ugyfelszolgalat@naih.hu
Website: https://www.naih.hu

In case of GDPR violation, the data subject may also seek judicial remedy.

7. Amendments to Privacy Policy

The Data Controller reserves the right to modify this privacy policy from time to time. We will notify data subjects of any changes through our website. We recommend reviewing this privacy policy periodically.

© 2025 RoomRaiser Ltd. All rights reserved.

For questions about this Privacy Policy, please contact us at info@roomraiser.com