Menu Close
Menu Close
+36205319682
drvizelikornel@gmail.com
On working days 08:00-19:00
Appointment booking
menu

DATA PROCESSING NOTICE
Website: http://www.drvizeli.hu
Effective: May 11, 2026
1. Introduction

As a data controller, Dr. Kornél Vizeli, attorney at law, pays special attention to the protection of personal data, the attorney's obligation of confidentiality, and to ensuring that data processing carried out during the use of the website, contact, and use of attorney services is carried out in a transparent, legal, and secure manner.
The purpose of this data management information is to provide website visitors, interested parties, customers and other persons affected by data management with clear information about the main rules of data management.
During data processing, the Data Controller acts in particular on the basis of the following legal provisions:
Regulation (EU) 2016/679 of the European Parliament and of the Council, i.e. the General Data Protection Regulation (GDPR);
Hungarian legislation on the right to informational self-determination and freedom of information;
legislation relating to legal practice, legal confidentiality and chamber obligations;
rules relating to civil law, taxation, accounting and record-keeping obligations.
2. Data controller's data
Name of data controller
Dr. Kornél Vizeli, attorney at law
Headquarters / office address
4024 Debrecen, Csapó Street 2. 1st floor 4.
Chamber identification number / KASZ
36071472
Chamber of Records
Debrecen Bar Association
Email address
drvizelikornel@gmail.com
Phone number
+36 20 531 9682
Website
http://www.drvizeli.hu
Data Protection Officer
The Data Controller is not obliged to appoint a data protection officer, and has not appointed a data protection officer.
For data protection issues, the Data Controller can be contacted at the above contact details.
3. Principles of data management
The Data Controller processes personal data lawfully, fairly and transparently. Data processing is carried out exclusively for specified, explicit and legitimate purposes.
The Data Controller strives to process only personal data that is necessary to achieve the given data processing purpose. The data is only kept for the necessary period of time and ensures its security through appropriate technical and organizational measures.
Given the specific nature of the legal profession, the Data Controller is subject to a legal confidentiality obligation with regard to the data, information and documents that come to his/her attention.
4. Data processing related to visiting the website
When you visit our website, certain technical data may be automatically recorded. Such data may include, in particular:
IP address;
the date of the visit;
the pages visited;
browser type;
the type of operating system;
the referring page;
technical log data.
The purpose of data management is to ensure the operation of the website, maintain the security of the IT system, troubleshoot, prevent abuse, and perform statistical analysis.
Legal basis for data processing: the Data Controller's legitimate interest in the safe and proper operation of the website.
Duration of data management: the Data Controller and the hosting service provider generally retain technical log data for the period specified in the technical settings of the website and the service provider, unless longer retention is required due to a security incident or legal dispute.
Recipients of data: hosting service provider, web developer, system administrator or other IT service provider involved in the operation of the website.
5. Data processing via contact form
When using the contact form available on the website, the interested party may provide personal data to the Data Controller.
The scope of the processed data includes in particular:
name;
email address;
telephone number, if included in the form;
the subject of the message;
the information provided in the message;
the date of dispatch;
technical data, such as IP address, if recorded by the system.
The purpose of data processing is: to receive contact, respond to the interested party's request, make preliminary arrangements, make an appointment, provide an offer, and clarify whether the Data Controller can provide legal services in the given case.
Legal basis for data processing: the consent of the data subject, which is given by completing and submitting the form. If the request later leads to a legal mandate, the legal basis for data processing may also be the preparation of the contract and then the performance of the mandate relationship.
Important notice: submitting the contact form does not in itself create an attorney-client relationship. An attorney's mandate is established solely on the basis of a separate agreement or mandate contract.
Special data and confidential information: the Data Controller requests that the interested party, if possible, not send special data, business secrets, sensitive personal data or detailed case files via the contact form, unless it is absolutely necessary to respond to the request. If the data subject nevertheless provides such data, the Data Controller will process it to the extent necessary to handle the request.
Duration of data processing: the Data Controller will generally retain the data sent via the contact form for 30 days from the date of response to the request. If the request leads to a lawyer's mandate, the data will be retained in accordance with the rules governing client relations and lawyer's document management. If a legal dispute, claim enforcement or official request arises, the data may be processed until the claim becomes time-barred or the procedure is closed.
Recipients of data: the hosting provider, website operator, web developer, email provider, spam and security filter provider, as well as WordPress.com or other website management provider, if the website operates on such a system, may contribute to the operation of the contact form.
Contact form technical provider: to be specified based on the actual technical settings of the website, in particular taking into account WordPress.com, Automattic Inc. or the form management plugin used.
6. Contact by email and phone
The Data Controller also accepts inquiries via email or telephone.
Processed data: name, e-mail address, telephone number, content of the message, information regarding the case, and other data voluntarily provided by the data subject.
The purpose of data processing is: maintaining contact, providing information, scheduling appointments, and preliminary consultation regarding legal services.
Legal basis for data processing: the consent of the data subject, preparation of a contract or the legitimate interest of the Data Controller in handling incoming requests.
Duration of data management: 1 year from the closing of the request, or in the event of a lawyer's mandate, the period according to the rules on the preservation of lawyer's documents.
7. Data processing related to legal representation
If a legal relationship of attorney-at-law is established between the interested party and the Data Controller, the Data Controller processes the personal data necessary for the performance of the assignment.
Scope of processed data: identification data of the client and the persons involved in the case, contact data, case files, contracts, official or court documents, financial data, data relating to the right of representation, and other personal data arising from the nature of the given case.
Purpose of data processing: preparation and fulfillment of legal mandates, legal advice, document drafting, representation before courts, authorities and other bodies, contact, invoicing, fulfillment of legal obligations.
The legal basis for data processing is: performance of a contract, compliance with a legal obligation, or the legitimate interests of the Data Controller or the customer. In some cases, the consent of the data subject may also be relevant.
Duration of data processing: the retention period of documents and data related to the attorney's mandate is determined in accordance with the laws governing attorney activities, accounting, taxation, money laundering prevention, statute of limitations and chamber obligations.
8. Billing-related data processing
The Data Controller issues an invoice in connection with the remuneration of the lawyer's services.
Processed data: name or company name, address or registered office, tax number, billing data, performance and payment data.
Purpose of data processing: issuing invoices, fulfilling accounting and tax obligations.
Legal basis for data processing: fulfillment of a legal obligation.
Duration of data processing: retention period required by accounting and taxation rules.
Recipients of data: accountant, invoicing program provider, tax authority, or other bodies specified by law.
9. Data processing related to appointment booking
If it is possible to book an appointment on the website or by email, the Data Controller processes the data necessary to arrange the appointment.
Processed data: name, e-mail address, telephone number, chosen time, subject of the request, any additional information provided.
Purpose of data processing: booking appointments, organizing consultations, maintaining contact.
Legal basis for data processing: preparation of a contract or consent of the data subject.
Duration of data management: 1 year from the date of completion or deletion, or in the event of a lawyer's mandate, the period according to the lawyer's document management rules.
10. Newsletter and marketing inquiries
The Data Controller does not send newsletters and does not use the data provided through the website for marketing purposes, unless the data subject has given their separate, express consent to this.
If the Data Controller introduces a newsletter or marketing solicitation in the future, this can only be done on the basis of separate consent. In such a case, the data subject has the right to withdraw his/her consent or unsubscribe from the newsletter at any time.
11. Cookies and similar technologies
The website may use cookies. A cookie is a small data file that is placed on the visitor's device.
Cookies can be:
cookies that are strictly necessary for operation;
statistical cookies;
convenience or functional cookies;
marketing or tracking cookies.
Functional cookies: these are necessary for the basic functioning of the website, therefore separate consent is not necessarily required for their use.
Statistical and marketing cookies: as a general rule, these may only be used with the prior consent of the data subject.
If the website runs on WordPress.com or uses built-in WordPress plugins, statistical tools, reCAPTCHA, maps, video embedding, or social media elements, these may result in independent data processing or data transfer.
It is advisable to include a detailed list of cookies used on the website in a separate cookie notice or cookie settings panel.
12. Data processors
The Data Controller may use the following data processors during data processing activities. The list should be specified based on the actual technical settings of the website.
Data processor
Service
Scope of data processed
Headquarters / country
WordPress.com
hosting service
website technical data, form data
USA
Google
email service
correspondence data
USA
Kominvest Dou Ltd.
accounting
billing information
Hungary
NAV Online Account
invoicing
billing information
Hungary
WordPress.com / Automattic Inc.
website management / contact form
website and form data
USA
Data processors may process personal data only on the instructions of the Data Controller, to the extent necessary and in accordance with applicable data protection rules.
13. Data transfer to third countries
If the Data Controller uses a service provider that operates in a country outside the European Economic Area or transfers data there, the data transfer may only take place under the conditions permitted by the GDPR.
This may be the case in particular:
Using WordPress.com;
foreign email service provider;
cloud storage;
online appointment booking system;
statistical or marketing tool.
Details of such data transfer are contained in the data protection documentation of the respective service provider.
14. Data security
The Data Controller ensures the security of personal data through appropriate technical and organizational measures.
In this context, in particular:
restrict access to data;
uses password-protected systems;
strives to use secure communication channels;
ensures the secure storage of records and electronic documents;
makes data accessible only to authorized persons;
acts in accordance with the lawyer's obligation of confidentiality.
15. Rights of data subjects
The data subject has the right to request information from the Data Controller about the processing of his/her personal data. In particular, the data subject may exercise the following rights:
15.1. Right of access
The data subject has the right to request information about whether the Data Controller processes his or her personal data and, if so, what data, for what purpose, on what legal basis, for how long and to whom it is transmitted.
15.2. Right to rectification
The data subject may request the correction of inaccurate personal data or the completion of incomplete data.
15.3. Right to erasure
The data subject may request the deletion of their personal data if the purpose of the data processing has ceased to exist, the data processing is unlawful, the data subject has withdrawn their consent, or the legal conditions for the deletion of the data exist.
In the case of data related to legal practice, record keeping, accounting, taxation or the enforcement of legal claims, the right to erasure may be limited.
15.4. Right to restriction of data processing
The data subject may request the restriction of data processing, for example if they dispute the accuracy of the data or the data processing is unlawful, but the data subject does not request the deletion of the data.
15.5. Right to data portability
If the data processing is based on consent or a contract and is carried out by automated means, the data subject may request that the Data Controller provide the data concerning him or her in a structured, widely used and machine-readable format.
15.6. Right to object
The data subject has the right to object to data processing if the data processing is based on legitimate interests.
15.7. Withdrawal of consent
Where the processing is based on consent, the data subject has the right to withdraw his or her consent at any time. The withdrawal does not affect the lawfulness of the processing prior to its withdrawal.
16. Handling of data subject requests
The data subject can submit his/her data protection request to the following contact details:
Email: drvizelikornel@gmail.com
Postal address: 4024 Debrecen, Csapó Street 2. 1st floor 4.
The Data Controller shall respond to data subject requests within one month at the latest. If necessary, given the complexity of the request or the number of requests, this deadline may be extended in accordance with the rules of the GDPR.
The Data Controller is entitled to request proof of the data subject's identity before fulfilling the request, if identification is necessary.
17. Legal remedies
If the data subject believes that the processing of his or her personal data is unlawful, he or she has the right to file a complaint with the National Data Protection and Freedom of Information Authority.
National Data Protection and Freedom of Information Authority
Headquarters: 1055 Budapest, Falk Miksa Street 9-11.
Postal address: 1363 Budapest, P.O. Box 9.
Website: http://www.naih.hu
E-mail: ugyfelszolgalat@naih.hu
The data subject also has the right to apply to a court. The lawsuit may also be initiated before the court of the data subject's place of residence or residence, at the data subject's choice.
18. Amendment of the information
The Data Controller reserves the right to amend this data management information, especially in the event of changes in legislation, changes in official practice, changes in the operation of the website or the introduction of new data management activities.
The current data processing information is available on the website.
Effective: May 11, 2026

English
Translation

× Close