Privacy and Data Management Information

1. Basic Provisions

Based on this Privacy and Data Management Notice, the data controller for the personal data processed is Ritka.hu Kft. (1112 Budapest, Csárda utca 4., VAT number: 13213374-2-43; Company Registration Number: Cg.01-09-723932.; hereinafter referred to as Data Controller or Ritka.hu Kft.), and as such, it is responsible for ensuring that the data processing complies with applicable laws, including the protection of natural persons with regard to the processing of personal data and the free movement of such data, as well as the repeal of Regulation 95/46/EC, in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as GDPR) and Act CXII of 2011 on Informational Self-Determination and Freedom of Information (hereinafter referred to as Infotv.). Ritka.hu Kft., as the data controller as defined in Article 4(7) of the GDPR and Article 3(9) of the Infotv., respects the privacy of all individuals who provide their personal data and is committed to protecting it. By registering a user account, the user (hereinafter referred to as “You” or “User”) agrees that Ritka.hu Kft. processes their personal data in accordance with the provisions set out below. Please read the Terms and Conditions (hereinafter referred to as “Terms of Use” or “T&C”) before reading this Privacy and Data Management Notice. Click here to view the Terms of Use. In light of the above, Ritka.hu Kft. provides the following information pursuant to Article 13 of the GDPR and Section 20 of the Infotv.

2. Scope of Processed Personal Data

In this Privacy and Data Management Notice, the term “personal data” refers to any information that alone or in combination with other data can be used to identify a natural person, as well as any other information that is considered personal data under the laws applicable to Ritka.hu Kft., including the GDPR. This Privacy and Data Management Notice also applies to all personal data that is processed in any form in connection with you as a User under the applicable law, including data collected, retained, stored, transmitted, disclosed, or otherwise used by Ritka.hu Kft.
The Data Controller processes only the personal data that you provide, as well as the data you submit when ordering services, such as: basic personal information (last name, first name); contact information (email address); details of purchase history (active subscriptions and individual purchases), and records of visits to our website.

3. Principles Relating to the Processing of Personal Data

The processing of your personal data is governed by the following principles:

1. a) Principle of Lawfulness, Fairness, and Transparency: Personal data must be processed lawfully, fairly, and in a transparent manner in relation to the data subject.
2. b) Principle of Purpose Limitation: Personal data shall be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
3. c) Principle of Data Minimisation: Personal data must be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
4. d) Principle of Accuracy: Personal data must be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.
5. e) Principle of Storage Limitation: Personal data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed. Personal data may be stored for longer periods insofar as the data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, subject to appropriate technical and organisational measures.
6. f) Principle of Integrity and Confidentiality: Personal data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing, accidental loss, destruction, or damage, using appropriate technical or organisational measures.
7. g) Principle of Accountability: The Data Controller shall be responsible for, and able to demonstrate compliance with, all of the above principles.

4. Duration of Data Processing

Ritka.hu Kft. processes and stores the personal data obtained in the course of fulfilling its contractual obligations until the purpose of data processing has been achieved. If any applicable law prescribes a mandatory retention period for certain personal data, the duration of data processing shall comply with the retention period specified by law.

5. Legal Bases for the Use of Your Personal Data

The use of your personal data is based on the following legal grounds:

1. a) Issuance of invoices in compliance with accounting laws: legal basis – Article 6(1)(c) of the GDPR.
   b) Communication and contact: legal basis – Article 6(1)(f) of the GDPR.
   c) Processing of employee data: legal basis – Article 6(1)(b) and (c) of the GDPR.
   d) Processing of data of contractual partners: legal basis – Article 6(1)(b) of the GDPR.
   e) Marketing activities: legal basis – Article 6(1)(a) of the GDPR. The Data Controller also operates a Facebook page for marketing purposes.
   f) Server logging and use of ’’cookies”: legal basis – Article 6(1)(a) of the GDPR.
2. Cookies

Cookies are small text files placed in your browser by websites you visit, for the purpose of ensuring the efficient operation of the site or providing web-based services and functionalities. According to applicable legal regulations, cookies may only be stored on your device with your consent, except in cases where the use of cookies is strictly necessary for the provision of a service available through this website.

In each case, you have the option to decide whether to accept cookies or not. Most browsers allow you to control the use of cookies. You can disable cookies by adjusting your browser settings. The method for blocking cookies differs for each browser, so please refer to the additional information available under the “Help” or equivalent menu in your browser. Cookies can be either permanent (essential) or temporary. A permanent cookie is stored by the browser for a specified period unless the user deletes it, while a temporary cookie is not stored by the browser and is automatically deleted when the browser is closed. A web beacon is also known as a web bug, pixel tag, 1×1 transparent GIF, or electronic fingerprint. A web beacon is a transparent image, usually 1×1 pixel in size, placed on a webpage as part of the site but is invisible. Using these, it is possible to recognize the computer’s IP address, the URL of the visited page, the duration of the visit, and the type of browser. Essential cookies allow functionalities such as login and registration with a user account. These data are processed by the Data Controller based on a legitimate interest in fulfilling the contract and ensuring the purchase of product offerings. Functional cookies from the Data Controller analyze traffic and improve the website’s performance, remembering language and other user settings. For website optimization, creating user profiles, and improving services, Ritka.hu Kft. uses web analytics tools, specifically Google Analytics and Facebook Pixel. The data obtained through analytic cookies used by these tools is anonymous. These data are processed by the data controller based on legitimate interest. Deleting cookies used by Google Analytics is possible at the following website: http://tools.google.com/dlpage/gaoptout. Deleting cookies used by Facebook Pixel is possible at the following website: https://www.facebook.com/…929738210704. If the Data Controller’s cookies are disabled, the visitor will not be able to fully utilize the functionality of the website. When analytical cookies are turned off, the website visitor loses the ability to customize the offers. The website visitor agrees to send data about marketing cookies to advertising and social networks through browser settings. Adjusting the browser settings also influences the functionality of other cookies.

For detailed cookie management, please refer to our official COOKIE POLICY (EU) page in English.

7. Commercial Communication Sent via Email

It is possible that for business/marketing purposes, the Data Controller may send email messages to the email address you provided during registration with information, offers, and updates regarding the Data Controller or its products. This commercial communication sent via email is not considered unsolicited commercial communication. It is sent based on the legitimate interest of the Data Controller. Commercial communication sent via email regarding products (such as movies) that are not directly linked to the offered products will be sent based on the User’s consent. You have the right to unsubscribe from email-based commercial communication at any time by clicking the link in the received email message or by modifying the settings in your user account.

8. Recipients of Personal Data (Subcontractors)

The recipients of personal data are individuals who are involved in providing the service, contractual payments, and marketing services. The Data Controller does not intend to transfer your personal data to a third country (including countries outside the EU) or any other international organization.

9. Your “Data Subject Rights”

We inform you that, as a data subject, you have specific rights related to your personal data, as set forth in Articles 15–21 of the GDPR (hereinafter referred to as “Data Subject Rights”). The Data Subject Rights at least include the following:

1. a) Right of Access: You are entitled to access your data and request information on whether your data is being processed.
2. b) Right to Rectification: You may request the correction of outdated or incorrect data from the Data Controller through the contact details provided above, either in writing or via email. The Data Controller will comply with this request without undue delay.
3. c) Right to Erasure and Right to be Forgotten (only applicable to data processing based on consent): You are entitled to request the immediate deletion of your data if it is no longer necessary for the purposes for which it was collected or processed, or if you withdraw your consent for data processing, object to the processing, or if the processing is unlawful, or if data deletion is required by law. The Data Controller will comply with this request without undue delay. You may request the deletion of your data at help@onemorelikemovie.com.

The “Right to be Forgotten” means that if you request the deletion of your data, the Data Controller will not only delete the personal data from its system, but also, considering the available technology and the cost of implementation, take reasonable steps – including technical measures – to inform data controllers that handle the relevant personal data about your request for the deletion of links to or copies of such data.

1. d) Right to Restriction of Processing: You have the right to restrict the processing of your data in the following cases:

• If you dispute the accuracy of the personal data, the restriction will apply for the period necessary for the Data Controller to verify the accuracy of the data;
• If there is a possibility of unlawful processing, but you oppose the deletion of the data, you may request that its use be restricted instead;
• If the Data Controller no longer needs the data for processing, but you require it for the establishment, exercise, or defense of legal claims; or
• If you object to the processing; in this case, the restriction will apply until it is determined whether the legitimate grounds of the Data Controller override your own grounds.

Please note that if your data processing is restricted as outlined above, the Data Controller can only process such personal data in the following cases:

• With your consent, or
• For the establishment, exercise, or defense of legal claims, or
• For the protection of the rights of another natural or legal person, or
• For important public interest in the Union or a Member State.

If you have requested the restriction of the processing of your data as described above, the Data Controller will inform you in advance of the removal of the restriction.

The Data Controller will also inform all recipients of your personal data about any rectification, deletion, or restriction of processing, unless this proves impossible or requires disproportionate effort. Additionally, if you request, the Data Controller will inform you about the recipients without undue delay.

1. e) Right to Object: You have the right to object to the use of your personal data for direct marketing purposes.
2. f) Right to Data Portability: You are entitled to request a copy of your personal data processed by the Data Controller in a structured, commonly used, and machine-readable format, or to request its transfer to another service provider.

• You are entitled to request the transfer of your personal data to a third-party service provider, or to request that such transfer be prohibited.

1. g) Right to Object to Processing: You have the right to object to the processing of your personal data.
2. h) Right to Lodge a Complaint: You have the right to lodge a complaint with the competent supervisory authority, which in this case is the National Authority for Data Protection and Freedom of Information (NAIH).

10. Other Provisions

 We will provide separate information about data processing not listed in this notice before collecting the data. We would like to inform you that the court, the prosecutor, the investigating authority, the authority responsible for administrative offenses, the public administration authority, the supervisory authority (the National Authority for Data Protection and Freedom of Information), or other bodies authorized by law, may request information, the provision of data, transfer, or the provision of documents from the Data Controller. The Data Controller will provide personal data to authorities only to the extent necessary and to the degree required to fulfill the purpose of the request, provided that the authority has specified the exact purpose and scope of the data.

11. Modification of the Notice 

The Data Controller reserves the right to modify this Notice at any time but commits to making it publicly available and publishing it. The current version of the Notice can be accessed on the Company’s website at www.onemorelikemovie.hu.

1. Remedies Information:

Information, Complaint: If you believe that your rights related to the processing of your personal data have been violated, you can contact the Company’s Data Protection Officer for information and to exercise your rights. The Company can be reached for data protection issues by sending an email to help@onemorelikemovie.com. Complaint to the Authority: Additionally, you have the right to file a complaint with the National Authority for Data Protection and Freedom of Information (NAIH). The Authority will only investigate complaints that have been preceded by an inquiry with the Data Controller regarding the exercise of the affected party’s rights.

The Data Protection Supervisory Authority in Hungary:

• Name: National Authority for Data Protection and Freedom of Information
• Address: 1363 Budapest, P.O. Box 9.
• Email: ugyfelszolgalat@naih.hu

Judicial Path: According to the provisions of Act CXXX of 2016 on Civil Procedure, the adjudication of data protection cases falls under the jurisdiction of the court of first instance. The lawsuit may be filed before the court located at the residence or habitual residence of the data subject, at the data subject’s discretion.

Right to Compensation and Damages: We inform you that if you suffer property or non-property damage as a result of the violation of mandatory data protection regulations – particularly the GDPR and the Information Act referenced above – you are entitled to compensation from the Data Controller or the affected data processors. Furthermore, you can claim compensation for the violation of your personal rights pursuant to Section 2:52 of the Civil Code. All data controllers involved in the data processing are liable for any damages caused by unlawful data processing. Data processors involved in the data processing are only liable for damages caused by data processing if they failed to comply with the obligations specifically imposed on data processors under the GDPR, or if they disregarded or acted contrary to the lawful instructions of the Data Controller. The Data Controller and the data processor are exempt from responsibility under the above provisions if they can prove that they are not responsible for the event that caused the damage.

13. Security of Personal Data

The Data Controller declares that it has taken all necessary technical and organizational measures to protect personal data. The Data Controller’s administrator has implemented appropriate technical measures to ensure the storage of data and the physical storage of personal data in paper form. The Data Controller further declares that only authorized individuals have access to personal data.

14. Final Provisions

The Data Controller is entitled to modify this Privacy and Data Processing Notice at any time. This Privacy and Data Processing Notice entered into force on May 1, 2025, and is valid until revoked.