top of page


Please read the Prospectus carefully.

The operator of the website, hereinafter Data Controller:

Flower-Power Consulting Kft.

2030 Érd, Páva u. 26 / b. 

Company registration number: 13-09-167659

Tax number: 24801544-1-13



Phone: +36 30 639 7656


The Data Controller is not obliged to appoint a Data Protection Officer under Article 37 of the GDPR.

The Data Controller does not use a data processor or transfer data abroad.

Pursuant to Article 13 of the General Data Protection Regulation of the European Union (Regulation No. 679/2016, hereinafter: GDPR), the Data Controller shall provide the following information:

1. Data management principles

The Data Controller respects the privacy of all persons to whom personal data are transferred and is committed to protecting them.

The Data Controller acts in accordance with the requirements of good faith, fairness and transparency in cooperation with the Users during the data management. The Data Controller processes only the data specified by law or provided by the Users for the purposes specified below.

The scope of the personal data processed is proportionate to the purpose of the data processing and may not extend beyond that.

In all cases where the Data Controller wishes to use the personal data for a purpose other than the purpose of the original data collection, he / she shall inform the User thereof and obtain his / her prior express consent or provide him / her with an opportunity to prohibit the use.

The data controller does not check the personal data provided to him. The person who provided the data is solely responsible for the adequacy of the personal data provided.

The personal data of a person under the age of 16 may be processed only with the consent of the adult exercising parental control over him or her. The Data Controller is not in a position to check the consent of the consenting person or the content of his / her statement, so the User or the person exercising parental supervision over him / her guarantees that the consent complies with the law. In the absence of a consent statement, the Data Controller will not collect personal data concerning data subjects under the age of 16.


2. Legal basis for data management

The legal basis for data processing is the User's voluntary express consent based on appropriate information (Section 5 (1) (a) of the Information Act) and Article 6 (1) (f) of the GDPR. Users voluntarily contact the Data Controller, register voluntarily, and use the Data Controller's service voluntarily.

The User has the right to withdraw his consent at any time. Withdrawal of consent shall not affect the lawfulness of the data processing prior to withdrawal.

The use of personal data is based on the following:

the)     issue of an invoice in accordance with accounting legislation: legal basis: Article 6 (1) (c) GDPR

b)     contact: legal basis: Article 6 (1) (f) GDPR. In the case of the data of the employees and employees of the partners, the legal basis of the data management is a balance of interests. The legitimate interest of the data controller: business continuity.

c)     processing of data of contractual partners: legal basis Article 6 (1) (b) GDPR

d)     marketing activity: legal basis: Article 6 (1) (a) GDPR.

For the purpose of marketing activities, there is also a Facebook and Instagram page, however, an independent database is not created or profiled.

e)     online registration legal basis: GDPR Article 6 (1) (a)

3. What data do we request and process?

- When subscribing to the newsletter: name, e-mail address

- When ordering a service: name, e-mail address, telephone number, billing information

- Information related to the photo tour required by our travel partner for booking accommodation and flights.

- All communications exchanged with or addressed to us, by letter, order form, email or social media.


4. Data Management Objectives

The Data Controller performs data management in accordance with the law for the following purposes:

  1. In connection with the provision of our service and the fulfillment of our customers' orders, the data of the users of the service in order to fulfill a legal obligation and maintain a customer relationship;

  2. To inform existing and potential customers;

  3. For existing and potential customers for marketing purposes;

  4. To manage partner contact information;

  5. To facilitate internal administration;

If the User of the Data Controller's Website Stay in touch with us! You enter your name and e-mail address in the section and then click the Subscribe button, at the same time you consent to the Data Controller contacting him / her by e-mail at the given contact details and sending him / her a newsletter or information material by direct inquiry. By subscribing, the user also agrees to send dDM emails. The User may withdraw his consent at any time from any newsletter without giving a reason by clicking on the unsubscribe link at the bottom of each newsletter or by e-mail on request: .

The Data Controller may organize prize games aimed at increasing the number of registrations, subscriptions and followers. Participation in the sweepstakes is not tied to the payment of bets or purchases, so the sweepstakes does not qualify as a sweepstakes subject to a license or notification. The legal basis for data management is the User's consent. If the User registers for the Sweepstakes or registers for the purpose of participating in the Sweepstakes, he / she provides his / her data and consents to the processing of his / her data in accordance with the provisions of this Prospectus. The statement of acceptance and the provision of data constitute consent.

5. The following shall have access to the data processed:

a) The operator of the website, the data controller:

Flower-Power Consulting Kft. (See details above)

Access all data.

b) Website hosting provider:

You will have access to all the information you provide through the website.

c) Accountant of the Data Management Company:

Tax Security Ltd.

Only for invoicing, you can access the data on the invoices: name / company name, home address / registered office address.

6. Duration of data management

The Data Controller will delete the personal data if

(a) its handling is unlawful; If it turns out that the data is being processed illegally, the Data Controller shall carry out the deletion immediately.

b) requested by the User (except for statutory data processing); The User may request the deletion of data processed on the basis of the User's voluntary consent. In this case, the Data Controller deletes the data. Deletion can only be refused if the processing of the data is authorized by law. The Data Controller shall in all cases provide information on the refusal of the request for cancellation and on the legislation enabling the processing of data.

(c) the data are incomplete or incorrect and this condition cannot be legally remedied, provided that deletion is not precluded by law;

d) the purpose of the data processing has ceased or the term for the storage of the data specified by law has expired;

Deletion may be refused (i) for the purpose of exercising the right to freedom of expression and information, or (ii) if the processing of Personal Data is authorized by law; and (iii) to bring, assert or defend legal claims. In all cases, the Data Controller shall inform the User of the refusal of the cancellation request, indicating the reason for the refusal of the cancellation.

Once the request to delete personal data has been fulfilled, the previous (deleted) data can no longer be recovered.

Newsletters sent by the Data Controller can be unsubscribed via the unsubscribe link. In case of automatic unsubscription from the newsletter, the Data Controller describes the User about the newsletter sending service from which the unsubscription took place.

As the Data Controller provides a continuous service to the User, the relationship between the parties is not limited in time. Based on all this, in the absence of a request from the User, the Data Controller shall process the data as long as there is a connection between the Data Controller and the User and as long as the Data Controller can provide a service to the User. All other data will be deleted by the Data Controller if it is obvious that the data will not be used in the future, ie the purpose of data management has ceased.

e) ordered by a court or the National Data Protection and Freedom of Information Authority If a court or the National Data Protection and Freedom of Information has ordered the deletion of data, the deletion shall be carried out by the Data Controller.

In the case of data processing ordered by law, the deletion of data is governed by the provision of law.

In the event of deletion, the Data Controller will render the data unfit for personal identification.

See the table at the bottom of the page for more information.

7. Rights of the data subject

In connection with your personal data, the data subject has the rights specified by law.

Rights concerned:

the)     right of access (knowledge of data, whether data is being processed);

b)     if a piece of data is out of date or incorrect, correct it;

c)      deletion (only for data processing based on consent);

d)     restrictions on data processing;

e)     prohibiting the use of personal data for direct marketing purposes;

f)   transfer or prohibit the transfer of your personal data to a third party service provider;

g)     request a copy of any personal data processed by the controller; obsession

h)     protest against the use of personal data.

If you have any requests or questions regarding data management, you can send your request by post or electronically to the following addresses: 2330 Dunaharaszti, Tátika u. 3., e-mail:  We will send your answers without delay, but within 30 days to the address you requested.

8. Modification of the Privacy Policy

The Data Controller reserves the right to amend this Prospectus at any time by unilateral decision. In the event of an amendment to this Prospectus, the Data Controller is entitled (but not obliged) to inform the Users about the amendment by sending a system message. Based on the information contained in the notice, the User is entitled to exercise his rights related to data management in the manner described in this Prospectus and the legislation in force at any time. By logging in next, the User accepts the provisions of the Prospectus in force at any time, in addition, it is not necessary to seek the consent of each User.  

9. Cookie information

This site does not use its own cookies, only 2 third-party content:

  • Cookies used by Google Analytics, which is therefore third-party content: the collection is not carried out by the Data Controller but by Google for analytical purposes. This information is not dangerous, but contributes to the site  to improve the quality of the user experience and for statistical purposes. By visiting our website, you also consent to the use of cookies. You can access the Google Analytics Privacy Policy and Information here:

  • We also have a Facebook page, which can be accessed at:, as well as the Instagram page, the contact details of which are:  The owner of Facebook as a third party uses cookies. You can find Facebook's Privacy Policy here:

10. Remedies Information

In Hungary, the data protection supervisory authority: National Data Protection and Freedom of Information Authority (1125 Budapest, Szilágyi Erzsébet fasor 22 / C) .

Judicial process: data protection litigation falls within the jurisdiction of the tribunal. The parties will try to settle any legal disputes out of court, if they fail, the jurisdiction of the Székesfehérvár General Court will be accepted, which the User will accept by accepting this Data Management Information.

bottom of page