{"id":128,"date":"2024-10-13T14:58:25","date_gmt":"2024-10-13T12:58:25","guid":{"rendered":"https:\/\/flowhms.com\/?page_id=128"},"modified":"2024-12-06T16:16:16","modified_gmt":"2024-12-06T15:16:16","slug":"adatvedelmi-szabalyzat","status":"publish","type":"page","link":"https:\/\/flowhms.com\/en\/adatvedelmi-szabalyzat\/","title":{"rendered":"Terms and Conditions"},"content":{"rendered":"
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

PRIVACY POLICY
\nCONCERNING THE HOMEPAGE OF TMRW HOTELS LIMITED LIABILITY COMPANY (13272668)
\nAND THE USE OF THE SERVICES OF FLOW PMS SYSTEM
\nEffective: from the 1st day of June, 2023 till withdrawal
\n1. Introduction
\n1.1. TMRW Hotels Limited Liability Company (Company registration number: 13272668; tax number:
\nUTR:4844717529; registered seat: Bm Centre, 11 St. Martins Close, Winchester, United Kingdom, SO23 0HD;
\nelectronic contact details: info@flowpms.life; (hereinafter: \u201eService Provider, or Controller, respectively\u201d)
\nproduces the present Data Management Policy (hereinafter: \u201ePolicy\u201d) concerning the provision of advertising
\nspace and information, specifically but not exclusively the mediation of services (hereinafter \u201eServices\u201d)
\nspecified in clause 23 of Section 2 of Act CLXIV of 2005 on commerce.
\n1.2. The Data Subject is the registered user of the online accessible website http:\/\/www.flowpms.life, (hereinafter:
\n\u201eFLOW Homepage\u201d) or the party concluding a contract for Services with the Service Provider and its Partner
\n\u2013 see: General Contractual Conditions of the Service Provider \u2013 respectively, or the beneficiary indicated in the
\nsaid contract (hereinafter the \u201eData Subject\u201d).
\n1.3. The purpose of the Policy is to specify for the Users of the Service the scope of data processed by the Service
\nProvider, the method, purpose and legal grounds of data processing, as well as to ensure that the constitutional
\nprinciples of data protection and the requirements of data security are enforced, to prevent unauthorized access to
\nUsers’ data, the alteration of the data and the unauthorized disclosure or usage of the data.
\n2. 2.1. Legal regulations of data protection
\nLegal regulations with special significance from the aspect of the Policy:
\nThe Decree of the European Parliament and Council (EU) No. 2016\/679 on the protection of natural persons with
\nregard to the processing of personal data and the free flow of such data, as well as on the rescission of decree
\n95\/46\/EC (hereinafter: \u201eGDPR\u201d)
\n3. Definitions
\nData Subject: any specified natural person, identified by the personal data or a natural person who can be identified
\ndirectly or indirectly;
\nUser: the Data Subject who registers on Service Provider\u2019s Website and\/or Application and who concludes a contract
\nfor the Service with the Service Provider and its Partner, and furthermore who was specified as the beneficiary of the
\nService by the above person(s);
\nConsent: voluntary and express declaration of the Data Subject based on appropriate information and by which he\/she
\nprovides his\/her unambiguous consent to process the personal data concerning himself\/herself fully or covering
\ncertain operations;
\n1
\nPersonal data: data that can be connected to the Data Subject, specifically the Data Subject\u2019s name, ID, as well as
\nknowledge typical to his\/her one or several physical, physiological, mental, economic, cultural or social identity, and
\nthe conclusion concerning the Data Subject that can be drawn from the data;
\nController: the natural or legal entity or organisation without legal entity who or which independently or together with
\nothers specifies the purpose of managing the data, makes the decisions and executes them concerning data processing
\n(including the tool used) or has the decision executed by the data processor;
\nData processing\/processing: irrespective of the applied procedure any operation or the aggregate of operations carried out
\non the data, in particular collection, recording, organization, storage, alteration, usage, retrieval, forwarding, disclosure,
\ncoordination or combination, blocking, erasure and destruction as well as preventing the further use of the data, taking
\nphotos, voice or image recordings and recording the physical characteristics suitable to identify a person (e.g. finger-
\nor palmprints, DNA sample, iris image);
\nData transmission: making the data accessible to a specified third person, in particular the Partner to the contract as per
\nclause 1;
\nData processing: carrying out data processing operations, irrespective of the method and tool used to carry out the
\noperations and the location of the application;
\nPartner, Partners: contracted partners of the service provider, accommodation, hotels, hostels and apartments according to the
\nconcept laid down in act CLXIV of year 2005, Section 2 Clause 23 on trading and in VM decree No. 62\/2011. (VI. 30.) on
\nthe food safety conditions of the production and distribution of catering products that actually perform the mediated services
\nlaid down in clause 1;
\nDisclosure: making the data accessible to anybody
\nErasing data: making the data unrecognizable in such a way that it is not possible to restore it;
\nAutomatic processing: it includes the following operations if they are carried out in whole or in part with automated tools:
\ndata storage, logical or arithmetical operations on the data, alteration, erasure, retrieval and distribution of the data;
\nCookie: A cookie is a small text file stored on the hard drive of the computer or the mobile device and is activated at
\nlater visits. Webpages use cookies with the purpose to record the information connected to the visit (pages visited,
\ntime spent on the page, browsing data, exits etc.) and the personal settings; however, these data cannot be related to
\nthe Data Subject. This tool helps to design a user-friendly webpage in order to increase the online experience of the
\nData Subject. Most of the internet browsers automatically accept cookies; however, the Data Subjects have the
\nopportunity to delete or reject them. As all browsers are different the Data Subjects can set their preferences regarding
\ncookies individually, through the toolbar of the browser. If the Data Subject does not want to enable any cookie from
\nthe websites visited, he\/she can modify the settings of the browser so that he\/she receives a notification about the
\ncookies that have been sent or he\/she may simply reject all cookies or only cookies sent by certain websites. At the
\nsame time the user may delete the cookies stored on his\/her computer, notebook or mobile device at any time. For
\nfurther information concerning settings please refer to the Help of the browser. If the Data Subject decides to disable
\nthe cookies, he\/she must renounce certain functions of the website (e.g. the website would not remember that the
\nData Subject remained logged in). There are two types of cookies: \u201csession cookies\u201d and \u201cpersistent cookies\u201d.
\nSession cookies: these are stored by the computer, notebook or mobile device only temporarily until the Data Subject
\nleaves the given website; these cookies help the system to remember information while the Data Subject makes a visit
\nfrom one page to another, so the Data Subject must not repeatedly enter or complete the given information.
\nPersistent cookies: these are stored on the computer, notebook or mobile device even after leaving the website. With
\nthese cookies the website will recognize \u2013 although personally would not identify \u2013 the Data Subject as a returning
\nvisitor. The persistent cookies are stored on the computer or mobile device of the Data Subject as files.
\nFlash cookies: Adobe Flash Player that is used to run certain types of animated banners and different types of videos
\n(youtube, vimeo) is able to store information on the computer, notebook or mobile device. The acceptance of \u201eFlash
\ncookies\u201d cannot be set through the Web browser. If the Data Subject does not want to receive Flash cookies it must
\nbe set on the website of Adobe: www.adobe.com\/hu\/privacy\/cookies.html. If the Data Subject disables Flash cookies
\nit is possible that he\/she would not be able to use certain functions of the websites \u2013 in this case the Homepage \u2013 e.g.
\nthe videos attached to the articles would play incorrectly.
\nSystem: the entirety of the technical solutions operating the pages and services of the Controllers and their partners
\naccessible through the internet.
\nOtherwise under the concepts used in the present Policy the contents of the explanations made of the concepts in the
\nTMRW GTC of the Service Provider as well as in section 3 of the Info Act and Article 4 of the GDPR shall be
\nunderstood with the condition that in case of deviations the contents laid down in the GDPR shall be governing.
\n4. 4.1. 4.2. Purposes of data processing and the scope of data processed by the Service Provider
\nService Provider declares that it processes personal data only for exercising rights or fulfilling obligations. It does not
\nuse the personal data processed for private purposes and data processing always complies with the purpose limitation
\nprinciple \u2013 if the purpose of data processing has terminated or data processing is otherwise unlawful the data will be
\nerased.
\nIn order to prevent abuse, the Flow Homepage can only be used after registration
\n(hereinafter: \u201eRegistration\u201d) in accordance with the prevailing general contractual terms and conditions (hereinafter
\n\u201eTMRW GTC\u201d) of the Service Provider, in order to ensure Services, prevent abuse and avoid safety hazards. Contract aiming at
\n2
\n4.3. Services is established through the booking (hereinafter: \u201eBooking\u201d) of the Data Subject as user, registered in
\naccordance with the prevailing general contractual terms and conditions of Service Provider.
\nService Provider may process the personal data of the Data Subjects for the following purposes, in the following
\nscope and proportion:
\nSpecification of the
\npurpose of data
\nprocessing:
\n1. Registration; specifically
\n– the identification of the Data Subjects;
\n– Communication with the Data Subjects and providing information to them
\nDescription of the
\nprocesses and
\noperations:
\nSee: TMRW GTC item V
\nExpected duration
\nand deadline of data
\nprocessing:
\nAs a general rule till the deletion of the registration, in cases exceeding that
\n\u2022 for 5 years for the data concerned with regard to Section 78 paragraph (3) of the Act
\non the Rules of Taxation
\n\u2022 for 8 years for the data concerned with regard to Section 169 (1)-(2) of the
\nAccounting Act
\n\u2022 In addition, for a longer period if it is provided by law
\nThe controller retains the right to process the relevant data to the extent necessary for the
\ndeadlines exceeding the above deadlines till the deadline open to enforce the demands well-
\nfounded by rights and obligations arising from activities giving cause for data processing
\nPersonal data
\n– scope, type and
\ncategories
\nData to be provided as a condition of the Registration: surname and first name (if different,
\nname at birth also), place and date of birth, mother\u2019s name, tax identification code,
\nnationality, personal identification number, identification card number, home address (or
\nresidence, notification address), email address, phone number or other contact possibility
\nof the registering Data Subject
\nLocation of data
\nprocessing
\nAt the controllers, see below.
\nLegal grounds of
\ndata processing
\nGDPR, Chapter II, Article 6 (a), (b), (c)
\nSpecification of the
\npurpose of data
\nprocessing:
\n2. Booking; specifically
\n– the identification of the Data Subjects;
\n– Getting acquainted with the requirements of the Data Subjects;
\n– Communication with the Data Subjects and providing information
\nDescription of the
\nprocesses and
\noperations:
\nSee: Clause VI of TMRW GTC
\nExpected duration
\nand deadline of data
\nprocessing:
\nAs a general rule till the deletion of the registration, in cases exceeding that
\n\u2022 for 5 years for the data concerned with regard to Section 78 (3) of the Act on the
\nRules of Taxation
\n\u2022 for 8 years for the data concerned with regard to Section 169 (1)-(2) of the
\nAccounting Act
\n\u2022 In addition, for a longer period if it is provided by law
\nThe controller retains the right to process the relevant data to the extent necessary for the
\ndeadlines exceeding the above deadlines till the deadline open to enforce the demands well-
\nfounded by rights and obligations arising from activities giving cause for data processing.
\nPersonal data
\n– scope, type and
\ncategories
\nData to be provided depending on the type of Booking if these were not provided during
\nRegistration: surname and first name (if different, name at birth also) place and date of
\nbirth, mother\u2019s name, nationality, home address (or residence, notification address), email
\naddress, phone number or other contact possibility of the Data Subject entitled to use the
\nService
\nLocation of data
\nprocessing
\nAt the controllers, see below.
\nLegal grounds of
\ndata processing
\nGDPR, Chapter II, Article 6 (1) (a), (b), (c)
\nSpecification of the
\npurpose of data
\nprocessing:
\nProvision of Service; specifically
\n– Getting acquainted with the requirements of the Data Subjects;
\n– Communication with the Data Subjects and providing information to them
\nDescription of the
\nprocesses and
\noperations:
\nSee: Clauses VI-XX of TMRW GTC
\nExpected duration
\nand deadline of data
\nAs a general rule till the deletion of the registration, in cases exceeding that
\n3
\nprocessing: Personal data
\n– scope, type and
\ncategories
\nLocation of data
\nprocessing
\nLegal grounds of
\ndata processing
\nSpecification of the
\npurpose of data
\nprocessing:
\nDescription of the
\nprocesses and
\noperations:
\nExpected duration
\nand deadline of data
\nprocessing:
\nPersonal data
\n– scope, type and
\ncategories
\nLocation of data
\nprocessing
\nLegal grounds of
\ndata processing
\nSpecification of the
\npurpose of data
\nprocessing:
\nDescription of the
\nprocesses and
\noperations:
\n\u2022 for 5 years for the data concerned with regard to Section 78 (3) of the Act on the
\nRules of Taxation
\n\u2022 for 8 years for the data concerned with regard to Section 169 (1)-(2) of the
\nAccounting Act
\n\u2022 In addition for a longer period if it is provided by law
\nThe controller retains the right to process the relevant data to the extent necessary for the
\ndeadlines exceeding the above deadlines till the deadline open to enforce the demands well-
\nfounded by rights and obligations arising from activities giving cause for data processing.
\nInformation essential to exercise rights and obligations laid down in the GTC, over and
\nabove the data provided during Registration and Booking.
\nIn this scope, special data, thus data concerning health, could also be processed (See:
\nClause XI of TMRW GTC).
\nAt the controllers, see below.
\nGDPR, Chapter II, Article 6 (1) (a), (b), (c)
\nGDPR, Chapter II, Article 9 (2) (a), (c), (e)
\n4. Newsletter subscription; subscription for Direct Marketing
\nThe Registered Data Subjects have the opportunity to subscribe to the Service Provider\u2019s
\nnewsletter as per Section 6 of the Grtv on the specifically dedicated interface on the
\nFlow Homepage , and when making Booking to subscribe also to the newsletter
\nforwarded through the given Partner Service Provider (hereinafter:
\n\u201eSubscription to Newsletter\u201d). Service Provider may deliver online newsletters and
\nelectronic direct marketing messages containing novelties, news and offers to the Data
\nSubjects subscribed to the newsletter(s).
\nUntil user unsubscribes, otherwise by the cancellation of the Registration.
\nData to be provided as a condition of Direct Marketing Subscription if they were not
\nprovided during Registration or when the Data Subject intends to give different data:
\nname; email address; social media profiles of the subscribing Data Subject
\nThe possibility of unsubscribing is provided by a direct link in all newsletters.
\nAt the controllers, see below.
\nGDPR, Chapter II, Article 6 (1) (a)
\n5. Preparation of an anonymised database; preparation of statistics; specifically
\n– to better understand users\u2019 demands;
\n– in order to improve TMRW services
\nRegistered Data Subjects have the opportunity to allow Service Provider through their
\nexpress consent on the dedicated interface of the on the Flow homepage to obtain
\nauthorisation for collecting anonymised data of the Data Subjects about their habits of
\nusing the Service, in order to better serve them. Within this scope Service Provider is
\nfurthermore entitled to evaluate registered Data Subjects in its prize program or within
\nanother initiative with similar purpose based on Data Subject\u2019s bookings, orders and
\nconsumption data and grant discounts, price reductions, exclusive offers and promotions
\nin accordance with the evaluation. Service Provider records information in any of its
\ndatabases referred to above in such a way that the information itself is not suitable to
\nidentify Data Subjects in case of unauthorized access.
\nThe registered Data Subject may request Service Provider through email to take a view of
\nthe data collected related to his\/her user ID and may request that Service Provider deletes
\nthe connected information and data.
\n4
\nExpected duration
\nand deadline of data
\nprocessing:
\nUntil the deletion requested by the Data Subject; otherwise until the Registration is
\ncancelled.
\nThe Controller retains the right to process the relevant data to the extent necessary for the
\ndeadlines exceeding the above deadlines till the deadline open to enforce the demands well-
\nfounded by rights and obligations arising from activities giving cause for data processing.
\nPersonal data
\n– scope, type and
\ncategories
\nThe anonymised and\/or encoded system data, cookie data, orders submitted during
\nbookings, specific orders and additional consumption data concerning the Data Subjects.
\nLocation of data
\nprocessing
\nAt the controllers, see below.
\nLegal grounds of
\ndata processing
\nGDPR, Chapter II, Article 6 (1) (a)
\nGDPR, Article 22 (2) (c)
\nSpecification of the
\n6. To increase customer experience, technically improve the IT system, protection of users\u2019
\npurpose of data
\nrights
\nprocessing:
\nDescription of the
\nprocesses and
\noperations:
\nUntil the permission is granted the Flow homepage requests a permission from the
\nvisitor of the Flow homepage every time the page is opened for using the cookies
\napplied by the Flow homepage, for the following purposes: to provide better and faster
\ncustomer experience, to display tailor-made advertisements based on the automatically
\nrecorded data of the registered Data Subject, to prepare statistics, to technically improve
\nthe IT system and to protect the rights of the users.
\n(The above jointly referred to: customizing cookies.)
\nExpected duration
\nand deadline of data
\nprocessing:
\nUntil the period provided for the application of the cookies by Service Provider \u2013
\npublished on the Flow homepage \u2013 but not more than cancelling the Registration.
\nPersonal data
\n– scope, type and
\ncategories
\nThe anonymised and\/or encoded system data, cookie data, orders submitted during
\nbookings, specific orders and additional consumption data concerning the Data Subjects.
\nLocation of data
\nprocessing
\nAt the controllers, see below.
\nLegal grounds of
\ndata processing
\nGDPR, Article 22 (2) (c)
\n(In consideration of which Article 6 (1) (a) of Chapter II; Article 9 (2) (a) of the GDPR)
\n5. Sumary of the legal grounds of data processing
\n5
\n5.1. Service Provider processes the personal data lawfully, in accordance with the following clauses of Article 6 (1) of
\nChapter II of the GDPR:
\n(a) \u2013 \u201cthe data subject has given consent to the processing of his or her personal data for one or more specific purposes\u201d –
\n, I\/N
\n(b) \u2013
\n\u201cprocessing is necessary for the performance of a contract to which the data subject is party or in order to take steps
\nat the request of the data subject prior to entering into a contract\u201d –
\n,
\nI\/N
\n(c) \u2013
\n\u201cprocessing is necessary for compliance with a legal obligation to which the controller is subject\u201d –
\n, I\/N
\n(d) \u2013
\n\u201cprocessing is necessary in order to protect the vital interests of the data subject or of another natural person\u201d –
\n, I\/N
\n(e) \u2013
\n\u201cprocessing is necessary for the performance of a task carried out in the public interest or in the exercise of official
\nauthority vested in the controller\u201d –
\n,
\nI\/N
\n(f) \u2013
\n\u201cprocessing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party,
\nexcept where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which
\nrequire protection of personal data, in particular where the data subject is a child\u201d –
\n,
\nI\/N
\nand, in the case of special categories of personal data, in accordance with the following clauses of Article 9 (2) of
\nChapter II of the GDPR:
\n(a) \u2013 \u201cthe data subject has given explicit consent to the processing of those personal data for one or more specified
\npurposes, except where Union or Member State law provide that the prohibition referred to in paragraph 11 may not be
\nlifted by the data subject\u201d –
\n,
\nI\/N
\n(b) \u2013
\n\u201cprocessing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller
\nor of the data subject in the field of employment and social security and social protection law in so far as it is authorised by
\nUnion or Member State law or a collective agreement pursuant to Member State law providing for appropriate safeguards
\nfor the fundamental rights and the interests of the data subject\u201d –
\n,
\nI\/N
\n(c) \u2013
\n\u201cprocessing is necessary to protect the vital interests of the data subject or of another natural person where the data
\nsubject is physically or legally incapable of giving consent\u201d –
\n,
\nI\/N
\n(d) \u2013
\n\u201cprocessing is carried out in the course of its legitimate activities with appropriate safeguards by a foundation,
\nassociation or any other not-for-profit body with a political, philosophical, religious or trade union aim and on condition
\nthat the processing relates solely to the members or to former members of the body or to persons who have regular contact
\nwith it in connection with its purposes and that the personal data are not disclosed outside that body without the consent of
\nthe data subjects\u201d –
\n,
\nI\/N
\n(e) \u2013
\n\u201cprocessing relates to personal data which are manifestly made public by the data subject\u201d –
\n, I\/N
\n(f) \u2013
\njudicial capacity\u201d –
\n\u201cprocessing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their
\n,
\nI\/N
\n(g) \u2013
\n\u201cprocessing is necessary for reasons of substantial public interest, on the basis of Union or Member State law which
\nshall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and
\nspecific measures to safeguard the fundamental rights and the interests of the data subject\u201d –
\n,
\nI\/N
\n(h) \u2013
\n\u201cprocessing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working
\ncapacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health
\nor social care systems and services on the basis of Union or Member State law or pursuant to contract with a health
\nprofessional and subject to the conditions and safeguards referred to in paragraph 32\u201d
\n–
\n,
\nI\/N
\n(i) \u2013
\n\u201cprocessing is necessary for reasons of public interest in the area of public health, such as protecting against serious
\ncross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or
\nmedical devices, on the basis of Union or Member State law which provides for suitable and specific measures to safeguard
\nthe rights and freedoms of the data subject, in particular professional secrecy\u201d –
\n,
\nI\/N
\n(j) \u2013
\n\u201cprocessing is necessary for archiving purposes in the public interest, scientific or historical research purposes or
\nstatistical purposes in accordance with Article 89(1)3 based on Union or Member State law which shall be proportionate
\nto the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to
\nsafeguard the fundamental rights and the interests of the data subject\u201d.
\nI\/N
\n6. Method of data collection
\n6.1. The data of the Data Subjects according to clause 7 of the present Policy are received and obtained by Service
\nProvider through its Flow homepage or in every case, based on the voluntary consent of
\n1 (1) Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union
\nmembership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data
\nconcerning health or data concerning a natural person’s sex life or sexual orientation shall be prohibited.
\n2 \u201cPersonal data referred to in paragraph 1 may be processed for the purposes referred to in point (h) of paragraph 2 when those
\ndata are processed by or under the responsibility of a professional subject to the obligation of professional secrecy under Union or
\nMember State law or rules established by national competent bodies or by another person also subject to an obligation of secrecy
\nunder Union or Member State law or rules established by national competent bodies.\u201d
\n3 \u201cProcessing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, shall be
\nsubject to appropriate safeguards, in accordance with this Regulation, for the rights and freedoms of the data subject. Those
\nsafeguards shall ensure that technical and organisational measures are in place\u201d
\n6
\nthe registering party or the registered Data Subjects, respectively. For the authenticity of the personal data provided it
\nis always the registering entity and the registered Data Subject, respectively, responsible. Service Provider does not
\nverify the personal data given to him.
\n6.2. By accepting the present Policy, the Data Subjects are obliged to accept the provisions of the present Policy and give
\ntheir consent that Service Provider processes the data included in clause 7.
\n6.3. By using the Flow homepage or and by concluding the contract for the Services, respectively, the Data Subjects
\nexpressly accept the present Policy.
\n7. Principles of Data processing
\n7.1. Personal data may only be obtained and processed in a fair and lawful manner.
\n7.2. Personal data may only be stored for specified and lawful purposes and may not be used in any different way.
\n7.3. The scope of the Personal Data processed must be proportionate to the purpose of their storage, must meet this goal
\nand may not extend beyond it.
\n7.4. Appropriate safety measures must be taken to protect the personal data stored in the automated data files to prevent
\naccidental or wrongful destruction or accidental loss as well as unauthorized access, alteration or distribution.
\n8. Registering data processing activities
\n8.1. Service Provider and, where applicable, the Service Provider’s representative, shall maintain a record of processing
\nactivities under its responsibility. That record shall contain all of the following information:
\n– the name and contact details of the controller and, where applicable, the joint controller, the controller\u2019s representative
\nand the data protection officer;
\n– the purposes of the processing;
\n– a description of the categories of data subjects and of the categories of personal data;
\n– the categories of recipients to whom the personal data have been or will be disclosed including recipients in third
\ncountries or international organisations;
\n– where applicable, transfers of personal data to a third country or an international organisation, including the
\nidentification of that third country or international organisation and, in the case of transfers referred to in the second
\nsubparagraph of Article 49(1) of the GDPR, the documentation of suitable safeguards;
\n– where possible, the envisaged time limits for erasure of the different categories of data;
\n– where possible, a general description of the technical and organisational security measures referred to in Article 32 (1).
\nService Provider shall make the record available to the supervisory authority on request.
\n9. Data Protection Officer
\n9.1. With respect to the fact that the obligatory event laid down in Article 37 of Chapter IV of the GDPR subsists \u2013
\nprocessing of special categories of personal data, regular and systematic monitoring of data subjects on a large scale \u2013, a data protection
\nofficer was appointed on 1 June 2022.
\nService Provider hereby informs the Data Subjects that in case they observe disquieting procedures, incidents or any
\nother circumstances from the aspect of data protection the lawfulness of which is otherwise objectionable from a legal
\nand\/or technical, organisational point, or the investigation of which is at least justified, the Data Subjects can make
\nannouncement and get in touch with the data protection officer by informing the competent employee or manager of
\nthe Service Provider, but independently of him\/her, at the following contact details.
\nName and contact details of the Data Protection Officer: Gergely T\u00e1lasi, info@flowpms.life
\n10. Transfer of data
\n10.1. Service Provider is entitled and obliged to transfer to the competent authorities all personal data available to it and
\nregularly stored by it the transfer of which is made obligatory by legal regulation or legally binding enforcement notice.
\nService Provider may not be held responsible for such transfer and for the resulting consequences.
\n10.2. In addition to the above, the Service Provider may transfer data exclusively to the Partners related to the Service
\nProvider, and, within them, exclusively to Partners who have contractual obligation to provide Services with respect to
\nthe Data Subject; accordingly, the Service Provider may transfer data to a Partner exclusively for the purpose and to
\nthe extent of performing Services. The data of individual Partners are available in the booking menu item of the
\nFlow homepage; however, the Service Provider will send the relevant data of the Partner concerned as the data
\nprocessor of Service Provider \u2013 name, registered seat, contact details, scope of data to be transferred by indicating the purposes
\nof data processing, the physical locations of data processing if outside the system \u2013 to the Data Subject when confirming the
\nbooking.
\n7
\n10.3. 10.4. In relation to the above and otherwise, if the Service Provider transfers the operation or utilization of the content
\nservices on the Flow homepage in whole or in part \u2013 including the Partners as well \u2013 than it can transfer the data
\nprocessed by it to this third person in full, without requesting specific consent for further processing.
\nService Provider transfers data, in addition to the above, exclusively to processors in contractual relationship with it,
\nand, within them, only to those who are bound by contractual obligation in connection with the Flow homepage or
\nand the system(s) serving them; accordingly, the Service Provider transfers data to third persons exclusively and to
\nthe extent of fulfilling the purposes indicated in the present Policy. This data transfer may not bring the Data Subject
\nconcerned into a position more disadvantageous than the data processing and data security rules indicated in the
\nprevailing text of the present Policy.
\nProcessors of the Service
\nProvider
\nscope of data affected purpose(s) of data
\nprocessing affected
\nPhysical location(s) of data
\nprocessing
\nAmazon Web Services,
\nInc.
\nRegistered office: 410
\nTerry Avenue North
\nSeattle, WA 98109-5210
\nUSA
\nContact details:
\nMailing address: Box
\n81226 Seattle, WA 98108
\nTelephone: (206) 266-
\n4064
\nFax: (206) 266-7010
\nE-mail:
\nabuse@amazonaws.com
\nhttps:\/\/aws.amazon.com
\nName of Data Subject,
\nemail address of Data
\nSubject, invoicing
\naddress of Data Subject,
\nroom type affected by
\nthe booking(s), room
\nnumber affected by the
\nbooking(s), name of
\nhotel affected by the
\nbooking(s)
\nData processing of
\nCustomer contracts
\nAutomated cloud
\nservice of the TMRW
\nSystem; performing
\nbackup operations of
\nthe TMRW System
\nAmazon Web Services (AWS)
\nEC2 cloud-based service
\nprovider
\nMore information:
\nhttps:\/\/aws.amazon.com\/about
\n-aws\/global-
\ninfrastructure\/?hp=tile&tile=gi
\nmap
\n10.5. Service Provider undertakes as a general obligation that any transfer carried out by the Service Provider may not bring
\nthe user concerned into a position more disadvantageous than the data processing and data security rules indicated in
\nthe prevailing text of the present Policy.
\n10.6. Service Provider does not transfer the personal data of the Data Subjects to third countries and international
\norganisations (outside the EU, non-EEA countries) except when the Data Subject provided its specific consent and
\naccording to the conditions laid down in a written declaration issued by the parties by providing appropriate
\nguarantees that suit the provisions of the GDPR.
\nThe above stipulation does not extend to cases laid down in Article 45 of the GDPR according to which if the
\npurpose of a transfer is a governmental and\/or international organisation for which a valid, so-called \u201eadequacy
\ndecision\u201d issued by the Committee is in force no separate consent is required for such a transfer. At the date of the
\npresent instrument, accepted adequacy decision is in force for the following third countries: Andorra, Argentina, Faroe
\nIslands, Guernsey, Israel, Jersey, Canada, Isle of Man, Switzerland, Uruguay, U.S.A. (Privacy Shield), New Zealand \u2013 in
\ncase of Japan and South Korea the adequacy procedure is in progress.
\n11. The security of data processing
\n8
\n11.1. In accordance with the obligation of Section 32 of the GDPR, the Service Provider \u2013 by keeping in mind as its
\nobligation \u2013 does its utmost so as to ensure the security of the data of the Data Subjects; furthermore it takes the
\nnecessary technical and organisational measures and develops the rules of procedure that are required to enforce the
\nrules of the GDPR and other rules of data and secret protection.
\n11.2. Service Provider processes data primarily in the frame of automatic processing \u2013 Flow homepage as well as the
\nsystems serving them \u2013 and processing any data requiring human intervention may only take place exceptionally and to
\nthe extent justified. The activities of the Service Provider and the processors involved by it suits the following
\nrequirements: organisational security, security connected to employees, external persons and security connected to
\nthe environment, classification and verification of assets, communication and operational management, access
\ncontrol, operational continuity management, systems engineering and maintenance.
\n11.3. The so-called cloud-based applications are also part of the System serving the Flow homepage (see: Service
\nProvider\u2019s prevailing general contractual terms and conditions). Service Provider chooses its partners providing cloud services
\nwith the utmost possible care \u2013 see among the processors indicated \u2013 and takes all generally expected measures to
\nconclude contracts with them that keep in view the data security interests of all concerned and the data processing
\nprinciples of which are transparent to it, and to regularly check data security. Physically, the data of the Data Subjects
\nare stored in the cloud. By accepting the present Data Processing Policy, the Data Subject expressly agrees to the
\ntransfer required for making use of the cloud-based applications.
\n11.4. 11.5. 11.6. Partners can process personal data in exceptional cases only, following prior notice and exclusively for providing
\nServices and\/or for fulfilling legal obligations \u2013 e.g. storage of invoices \u2013 for which data processing the present Policy must
\nbe applied in an appropriate manner; otherwise the Partners may only carry out data processing activities in
\nconnection with performing Services.
\nService Provider protects the data in particular against unauthorized access, alteration, transmission, disclosure,
\ncancellation or destruction as well as against accidental destruction and damages. The data automatically and
\ntechnically recorded in the course of the operation of the Service Provider\u2019s system(s) are stored in the System
\ncalculated from the generation of such data for a period justified by the aspect of ensuring the operation of the
\nSystem. Service Provider ensures that these automatically recorded data cannot be connected to other personal data
\nwith the exception of cases made mandatory by the law. If the Data Subject terminated its consent to process his\/her
\npersonal data or has unsubscribed from the Flow homepage, his\/her person will not be identifiable from the
\ntechnical data thereafter, not including the investigating authorities and their experts.
\nLinks: It is possible that reference or link can be found on the Service Provider\u2019s Flow homepage pointing to sites
\nmaintained by other service providers and financial enterprises (including buttons and logos pointing to login and
\nshare options), where the Service Provider has no influence on the experience of processing personal data and
\nwhere Service Provider does not carry out data sharing\/transfer, respectively. Service Provider draws the attention
\nof the Data Subjects to the fact that by clicking on such links they may reach the sites of other service providers and
\nfinancial enterprises. In such cases Service Provider recommends that the Data Subjects by all means read the data
\nprocessing policies concerning the use of these sites. If the Data Subject modifies or deletes any of his\/her data on an
\nexternal website, this would not affect the Service Provider\u2019s data processing, such modification must be made
\nalso on the Flow homepage.
\n12.
\n13. 13.1. 13.2. 13.3. 13.4. The period of data processing
\nIn case of registered Data Subjects until the registration is cancelled.
\nThe data of not registered Data Subjects are cancelled when the related Service is closed in the system of the Service
\nProvider.
\nThe data provided for the newsletter subscription and Direct Marketing are deleted without delay when the Data
\nSubject unsubscribes or when the registration expires.
\nOtherwise, the Service Provider deletes the data processed upon the request of the Data Subject except for the data
\nthe continued processing of which is necessary for settlement disputes or other legal disputes between the parties –
\nuntil they are settled \u2013 and\/or due to legal regulations. Within the latter, in particular, but not exclusively:
\nthe data concerned with regard to Article 78 (3) of the Act on the Rules of Taxation, for 5 years
\n9
\nthe data concerned with regard to Article 169 (1)-(2) of the Accounting Act
\nIn addition, for a longer period, if it is provided by the laws.
\n13.5. Service Provider retains the right to process the relevant data to the extent necessary for the deadlines exceeding the
\nabove deadlines till the deadline open to enforce the demands well-founded by rights and obligations arising from
\nactivities giving cause for data processing.
\n14. The source of data processing
\n14.1. The data processed are obtained directly from the registered Data Subject; in consideration of that, the Service
\nProvider only starts processing the data provided to it \u2013 the data are recorded in its system only then \u2013 when the
\nregistered Data Subject makes a declaration by undertaking criminal liability during the bookings that the data were
\nprovided with the knowledge and explicit consent of the Data Subject designated as qualified for the given Service
\nwith the purpose of identification and making use of the Service.
\n15. 15.1. 16. 16.1. 16.2. 16.3. 16.4. 16.5. Possibilities of modifying the Data Processing Policy
\nService Provider retains the right to unilaterally modify the present Policy in the future. It will publish the new Policy
\non the Flow homepage.
\nProviding information, right to object, erasing data, data processing restrictions
\nThe Data Subject may request information about the processing of his\/her personal data and may also request the
\nrectification of these personal data and \u2013 with the exception of data processing ordered by legal regulation \u2013 the
\ndeletion of them based on the present Policy, in particular on the contact details provided above.
\nUpon the request of the Data Subject submitted by email, the Service Provider provides information about the data
\nprocessed, the purpose of data processing, its legal grounds, the period of processing, the name and address (seat) of
\nthe processor and its activities related to data processing, and, in addition, who shall receive or have received the data
\nand for what purpose. The controller is obliged to respond within the shortest time possible but within maximum
\nfifteen (15) days counted from the submission of the request in an easy to understand manner and free of charge \u2013
\nrefunding of costs is charged by the Service Provider in exceptional cases only (if the party requesting the information
\nhas not yet submitted a request to the controller concerning the same scope of data in the current year. In other cases,
\nrefunding of costs may be established. The rate of refunding may be laid down in the contract concluded between the
\nparties. The already paid cost refunding must be reimbursed, if the data was processed unlawfully or the request for
\ninformation has led to rectification.
\nIf the provision of information to the Data Subject cannot be refused according to the law, the Service Provider gives
\ninformation about the data of the Data Subject processed by it or by the processor commissioned according to its
\ninstructions, the sources of these data, the purpose of data processing, the legal grounds, duration, name and address
\nof the data processing entity and its activities related to data processing, the circumstances of the data protection
\nincident, its effects and the actions taken to prevent them, and furthermore \u2013 in case of transmitting the personal data
\nof the Data Subject \u2013 about the legal grounds of data transmission and the addressee of it. Moreover, the information
\ncovers the information specified in Articles 13 and 14 of Chapter II of the GDPR.
\nService Provider is obliged to rectify the personal data not corresponding to the facts. The controller erases the
\npersonal data if processing of them is unlawful, the Data Subject requests it \u2013 in this case within maximum five (5)
\ndays \u2013
\n, if it is incomplete or incorrect \u2013 and this status cannot be rectified legitimately \u2013 provided that erasure is not
\nexcluded by law, if the purpose of data processing has discontinued, the period of storing the data specified by the law
\nhas expired or the Court or the National Authority for Data Protection and Freedom of Information has ordered it.
\nService Provider shall inform the Data Subject as well as all other entities to whom it transferred the data for data
\nprocessing purposes about the rectification and erasure. This notification may be ignored, if it does not hurt the
\nrightful interests of the Data Subject in consideration of the purpose of data processing.
\nIf the Data Subject uses personal data unlawfully or deceptively, or commits a crime, the Service Provider retains the
\nright to preserve the relevant data in case of using them in this manner for demonstration in the incidental litigious
\nand non-litigious procedure until the procedure is concluded. The latter shall be applied appropriately to the case
\nwhen the Data Subject requested the erasure of the personal data in order to prevent or at least render more difficult
\nthe enforceability of the rightful claim of the Service Provider and\/or Partner.
\nThe Data Subject may object to the processing of his\/her personal data, specifically
\n– if the processing or transfer of the personal data is necessary only for compliance with a legal obligations to which
\nthe Service Provider is subject or the enforcement of the rightful interests of the Service Provider, the receiver of
\nthe data or a third person, except for mandatory data processing;
\n– if the personal data are used or transferred for direct marketing purposes and for the purposes of opinion polling
\nor scientific research, and
\n– in other cases specified by law.
\n10
\n16.6. Service Provider shall examine the objection within the shortest possible period but maximum within fifteen (15)
\ndays, makes a decision regarding its grounds and informs the applicant about the decision in writing. Service Provider
\nsuspends data processing for the period of the investigation but for maximum five (5) days. If the objection is
\njustified, the head of the organisational unit processing the data shall proceed in accordance with the provisions
\nspecified by the GDPR. In addition, the Data Subject may exercise the right to object using automated devices based
\non technical specifications by renouncing the Service included in the TMRW GTC, cancelling the registration and
\napplying other related options available in the TMRW System (Article 21 (6) of the GDPR).
\n16.7. If the Service Provider establishes that the objection of the Data Subject is well-founded, terminates data processing \u2013
\nincluding further data recording and transfers \u2013
\n, blocks the data, and notifies all to whom it previously transferred the
\npersonal data affected by the objection about the objection and the actions taken, and who are obliged to take
\nmeasures in order to enforce the right to object. If the Data Subject does not agree with the decision of the Service
\nProvider, or if the Service Provider neglects the deadline, the Data Subject may go to law within thirty (30) days
\ncounted from the date of communicating the decision or the last day of the deadline, respectively.
\n16.8. Service Provider shall compensate for the damages caused to other parties by the unlawful processing of the data of
\nthe Data Subject or by violating the requirements of technical data protection. Service Provider shall be exempted
\nfrom liability, if it demonstrates that the damage was caused by force majeure outside the scope of data processing. No
\ncompensation for the damage is due if it originates from the deliberate or negligent behaviour of the aggrieved party.
\n16.9. Information to the Data Subjects can be omitted\/rejected or restricted for reasons set forth in the provisions of
\nArticle 13 (4) and Article 14 (5) of the GDPR and by providing a detailed justification, if
\n– the Data Subject already has the information;
\n– the provision of such information proves impossible or would involve a disproportionate effort, in particular for
\nprocessing for archiving purposes in the public interest, scientific or historical research purposes or statistical
\npurposes, subject to the conditions and safeguards referred to in Article 89(1) of the GDPR or in so far as the
\nobligation is likely to render impossible or seriously impair the achievement of the objectives of that processing. In
\nsuch cases the controller shall take appropriate measures to protect the data subject’s rights and freedoms and
\nlegitimate interests, including making the information publicly available;
\n– obtaining or disclosure is expressly laid down by Union or Member State law to which the Service Provider is
\nsubject and which provides appropriate measures to protect the data subject’s legitimate interest; or
\n– where the personal data must remain confidential subject to an obligation of professional secrecy regulated by
\nUnion or Member State law, including a statutory obligation of secrecy.
\n16.10. Otherwise, the Data Subject is entitled to get access to the personal data concerning him\/her as well as to the
\nfollowing information:
\n– Copies of the personal data (for additional copies costs are charged)
\n– The purposes of data processing;
\n– The categories of data;
\n– Data related to automatic decision making and profiling;
\n– Information concerning the source in case of taking over data;
\n– Recipients to whom the data have been or will be disclosed;
\n– Information and guarantees related to transfers to third countries;
\n– The period and aspects of storage,
\n– Rights of the Data Subjects
\n– Right to contact the authorities.
\n16.11. Complying with its obligation specified in Article 14 (3) of Chapter III of the GDPR, the Service Provider, if the
\npersonal data has not been obtained from the Data Subject, in particular, if it has been provided by a registered user in
\nrelation to the Data Subject entitled to use the Service, the Service Provider shall inform the Data Subject without
\ndelay, but within one month at the latest, of all information the knowledge of which is contained in this Policy, via the
\ncontact details known by the Service Provider.
\n16.12. The way of exercising the right to access: If the Data Subject submitted the application electronically, the information
\nmust be made available in a widely used electronic format unless the Data Subject requests otherwise.
\n16.13. The right to request a copy may not affect negatively the rights and freedom of others.
\n16.14. If the Service Provider has made the data public and is obliged to erase them in such a way that it makes reasonably
\nexpected steps by taking into account available technology and the costs of implementation in order to inform other
\nprocessors in connection with the deletion of the relevant links, copies and duplicates.
\n11
\n16.15. Data Subject may not avail itself of the right of deletion and to be forgotten, if data processing is necessary: for the
\nfreedom of expression, to perform a legal obligation or to exercise public power, for reasons of public interest in the
\nareas public health, for archiving purposes in the public interest, for scientific and historical research purposes and for
\nthe exercise of legal claims.
\n16.16. Service Provider shall restrict data processing upon the request of the Data Subject if
\n– the Data Subject disputes the accuracy of the personal data
\n– data processing is unlawful, and the Data Subject opposes the erasure of the data
\n– the Service Provider no longer needs the data any more but they are required by the data subject for the establishment,
\nexercise or defence of legal claims;
\n– the Data Subject has objected to processing and the Service Provider is still carrying out an investigation.
\n17. Notification obligation
\n17.1. Service Provider shall communicate any rectification or erasure of personal data or restriction of processing to each
\nrecipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate
\neffort.
\n18. Data portability
\n18.1. The Data Subject is entitled to receive his\/her data made available to the Service Provider:
\n– in a structured, commonly used and machine readable format
\n– have the right to transmit those data to another controller
\n– may request that the personal data shall be transmitted directly from one controller to another \u2013
\n– where technically feasible
\nExcept when the processing is for the performance of a task carried out in the public interest or in the exercise of
\nofficial authority.
\n19. Remedies
\nThese conditions are governed by UK law. The court in the district where the controller has its place of business has
\nthe sole jurisdiction if any dispute regarding these conditions may arise, save when a legal exception applies.
\nDated: 1. June 2023
\nTMRW Hotels Ltd
\n\u2026\u2026\u2026\u2026\u2026\u2026\u2026\u2026\u2026\u2026\u2026.
\nrepresented by Csaba Kat\u00f3 managing director
\n12<\/p>\n<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"

PRIVACY POLICY CONCERNING THE HOMEPAGE OF TMRW HOTELS LIMITED LIABILITY COMPANY (13272668) AND THE USE OF THE SERVICES OF FLOW PMS SYSTEM Effective: from the 1st day of June, 2023 till withdrawal 1. Introduction 1.1. TMRW Hotels Limited Liability Company (Company registration number: 13272668; tax number: UTR:4844717529; registered seat: Bm Centre, 11 St. Martins Close, […]<\/p>","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-128","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"\nAdatv\u00e9delmi Szab\u00e1lyzat - Flow HMS<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/flowhms.com\/en\/adatvedelmi-szabalyzat\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Adatv\u00e9delmi Szab\u00e1lyzat\" \/>\n<meta property=\"og:description\" content=\"PRIVACY POLICY CONCERNING THE HOMEPAGE OF TMRW HOTELS LIMITED LIABILITY COMPANY (13272668) AND THE USE OF THE SERVICES OF FLOW PMS SYSTEM Effective: from the 1st day of June, 2023 till withdrawal 1. Introduction 1.1. TMRW Hotels Limited Liability Company (Company registration number: 13272668; tax number: UTR:4844717529; registered seat: Bm Centre, 11 St. Martins Close, […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/flowhms.com\/en\/adatvedelmi-szabalyzat\/\" \/>\n<meta property=\"og:site_name\" content=\"Flow HMS\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-06T15:16:16+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"39 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/flowhms.com\/adatvedelmi-szabalyzat\/\",\"url\":\"https:\/\/flowhms.com\/adatvedelmi-szabalyzat\/\",\"name\":\"Adatv\u00e9delmi Szab\u00e1lyzat - Flow HMS\",\"isPartOf\":{\"@id\":\"https:\/\/flowhms.com\/#website\"},\"datePublished\":\"2024-10-13T12:58:25+00:00\",\"dateModified\":\"2024-12-06T15:16:16+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/flowhms.com\/adatvedelmi-szabalyzat\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/flowhms.com\/adatvedelmi-szabalyzat\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/flowhms.com\/adatvedelmi-szabalyzat\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Kezd\u0151lap\",\"item\":\"https:\/\/flowhms.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Adatv\u00e9delmi Szab\u00e1lyzat\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/flowhms.com\/#website\",\"url\":\"https:\/\/flowhms.com\/\",\"name\":\"Flow HMS\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/flowhms.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/flowhms.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/flowhms.com\/#organization\",\"name\":\"Flow HMS\",\"url\":\"https:\/\/flowhms.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/flowhms.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/flowhms.com\/wp-content\/uploads\/2024\/10\/Flow_logo_lockup_color-1.png\",\"contentUrl\":\"https:\/\/flowhms.com\/wp-content\/uploads\/2024\/10\/Flow_logo_lockup_color-1.png\",\"width\":567,\"height\":174,\"caption\":\"Flow HMS\"},\"image\":{\"@id\":\"https:\/\/flowhms.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Adatv\u00e9delmi Szab\u00e1lyzat - Flow HMS","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/flowhms.com\/en\/adatvedelmi-szabalyzat\/","og_locale":"en_US","og_type":"article","og_title":"Adatv\u00e9delmi Szab\u00e1lyzat","og_description":"PRIVACY POLICY CONCERNING THE HOMEPAGE OF TMRW HOTELS LIMITED LIABILITY COMPANY (13272668) AND THE USE OF THE SERVICES OF FLOW PMS SYSTEM Effective: from the 1st day of June, 2023 till withdrawal 1. Introduction 1.1. TMRW Hotels Limited Liability Company (Company registration number: 13272668; tax number: UTR:4844717529; registered seat: Bm Centre, 11 St. Martins Close, […]","og_url":"https:\/\/flowhms.com\/en\/adatvedelmi-szabalyzat\/","og_site_name":"Flow HMS","article_modified_time":"2024-12-06T15:16:16+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"39 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/flowhms.com\/adatvedelmi-szabalyzat\/","url":"https:\/\/flowhms.com\/adatvedelmi-szabalyzat\/","name":"Adatv\u00e9delmi Szab\u00e1lyzat - Flow HMS","isPartOf":{"@id":"https:\/\/flowhms.com\/#website"},"datePublished":"2024-10-13T12:58:25+00:00","dateModified":"2024-12-06T15:16:16+00:00","breadcrumb":{"@id":"https:\/\/flowhms.com\/adatvedelmi-szabalyzat\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/flowhms.com\/adatvedelmi-szabalyzat\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/flowhms.com\/adatvedelmi-szabalyzat\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Kezd\u0151lap","item":"https:\/\/flowhms.com\/"},{"@type":"ListItem","position":2,"name":"Adatv\u00e9delmi Szab\u00e1lyzat"}]},{"@type":"WebSite","@id":"https:\/\/flowhms.com\/#website","url":"https:\/\/flowhms.com\/","name":"Flow HMS","description":"","publisher":{"@id":"https:\/\/flowhms.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/flowhms.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/flowhms.com\/#organization","name":"Flow HMS","url":"https:\/\/flowhms.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/flowhms.com\/#\/schema\/logo\/image\/","url":"https:\/\/flowhms.com\/wp-content\/uploads\/2024\/10\/Flow_logo_lockup_color-1.png","contentUrl":"https:\/\/flowhms.com\/wp-content\/uploads\/2024\/10\/Flow_logo_lockup_color-1.png","width":567,"height":174,"caption":"Flow HMS"},"image":{"@id":"https:\/\/flowhms.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/flowhms.com\/en\/wp-json\/wp\/v2\/pages\/128","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/flowhms.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/flowhms.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/flowhms.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/flowhms.com\/en\/wp-json\/wp\/v2\/comments?post=128"}],"version-history":[{"count":10,"href":"https:\/\/flowhms.com\/en\/wp-json\/wp\/v2\/pages\/128\/revisions"}],"predecessor-version":[{"id":689,"href":"https:\/\/flowhms.com\/en\/wp-json\/wp\/v2\/pages\/128\/revisions\/689"}],"wp:attachment":[{"href":"https:\/\/flowhms.com\/en\/wp-json\/wp\/v2\/media?parent=128"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}