ATLAS GLOBAL BRANDS KFT.
Privacy Policy
Effective from: 1 January 2026 · Version: 1.0
Atlas Global Brands Kft. (hereinafter: “Controller”) places the highest importance on protecting the personal data of natural persons (“Data Subject”) who visit its website or contact us through the contact form. The purpose of this Privacy Policy is to inform the Data Subject — before any processing takes place — in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”) and Hungarian Act CXII of 2011 on the right of informational self-determination and freedom of information (“Info Act”).
1. The Controller
Company name | Atlas Global Brands Kft. |
Registered seat | 1054 Budapest, Honvéd utca 8. 1 emelet 2 ajtó |
Company reg. no. | 01 09 449125 |
Tax number | 32912900-2-41 |
Represented by | Palombino Emanuele Anthony |
E-mail | tony@greenchilijam.eu |
Phone | + 36 70 791 3115 |
Website | www.greenchilijam.eu |
The Controller has not appointed a Data Protection Officer, as the obligation under Article 37(1) GDPR does not apply to its processing activities.
2. Definitions
Personal data: any information relating to an identified or identifiable natural person (“Data Subject”).
Processing: any operation or set of operations performed on personal data, whether or not by automated means.
Consent: any freely given, specific, informed and unambiguous indication of the Data Subject's wishes.
3. Scope, purpose, legal basis and duration of processing
3.1 Contact form — Consumer recommendation (B2C)
When the user selects “I am a guest — I know a place this would fit perfectly” on the website's contact form:
Data processed | name, e-mail address, name of recommended venue, free-text message |
Purpose | processing the Data Subject's recommendation, contacting the recommended venue, replying to the Data Subject |
Legal basis | Art. 6(1)(a) GDPR — consent of the Data Subject |
Retention | until consent is withdrawn, but in any case data will be deleted no later than 12 months after collection |
3.2 Contact form — B2B partner inquiry
When the user selects “I am a venue owner / manager” on the website's contact form:
Data processed | name, e-mail address, phone number, name of venue, free-text message |
Purpose | processing of business inquiry, preparing contract conclusion, arranging a product tasting |
Legal basis | Art. 6(1)(b) GDPR — steps prior to entering into a contract at the
request of the Data Subject |
Retention | for the duration of the business relationship, or — if no contract is concluded — 24 months after the last contact |
3.3 Cookies
The website uses cookies that are necessary for its operation as well as for analytics purposes:
Functional cookies | required for the basic operation of the website; legal basis: Art.
6(1)(f) GDPR — legitimate interest; no consent required |
Analytics cookies | anonymized traffic data (e.g. Google Analytics); legal basis: Art. 6(1)(a) GDPR — consent; retention: max. 26 months |
Marketing cookies | where applicable; legal basis: Art. 6(1)(a) GDPR — consent; retention: max. 13 months |
4. Transfers and data processors
The Controller does not share personal data with third parties, except for the following data processors who act on behalf of and under the instructions of the Controller:
Hosting provider | WIX — website operation |
E-mail service | Private Email and Google Workspace— communications |
Web analytics | Google Ireland Limited (Google Analytics) — only with consent, in anonymized form |
CRM / newsletter | Notion— contact management |
Transfers outside the EU (e.g. to the USA) take place only with appropriate safeguards under Chapter V of the GDPR (e.g. EU–US Data Privacy Framework, Standard Contractual Clauses).
5. Rights of the Data Subject
Under the GDPR, the Data Subject has the following rights:
-
Right to information and access (Arts. 13–15 GDPR) — to request information on whether their data is being processed, for what purpose, for how long, etc.
-
Right to rectification (Art. 16 GDPR) — to have inaccurate data corrected or
incomplete data completed. -
Right to erasure — “right to be forgotten” (Art. 17 GDPR).
-
Right to restriction of processing (Art. 18 GDPR).
-
Right to data portability (Art. 20 GDPR) — to receive data in a structured, machine-
readable format. -
Right to object (Art. 21 GDPR) — to object at any time to processing based on
legitimate interest. -
Right to withdraw consent — for consent-based processing, at any time and free of
charge.
Rights may be exercised by writing to tony@greenchilijam.eu or by post to the Controller's
registered seat. The Controller will respond within 30 days from receipt of the request.
5. Rights of the Data Subject
The Controller protects personal data through appropriate technical and organisational
measures, in particular:
-
SSL/TLS-encrypted data transfer on the website.
-
Access control: only authorised employees have access to the data.
-
Regular backups.
-
Data processing agreements with all data processors.
7. Personal data breach
In the event of a personal data breach, the Controller will notify the Hungarian National Authority for Data Protection and Freedom of Information (NAIH) within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in a risk to the rights
and freedoms of the Data Subjects.
8. Complaints and legal remedies
If the Data Subject believes that the processing of their data infringes the GDPR or the Hungarian Info Act, they may lodge a complaint with the supervisory authority:
Supervisory authority | Hungarian National Authority for Data Protection and Freedom of Information (NAIH) |
Address | 1055 Budapest, Falk Miksa utca 9–11., Hungary |
Mailing address | 1363 Budapest, Pf.: 9., Hungary |
Phone | +36 (1) 391-1400 |
E-mail | ugyfelszolgalat@naih.hu |
Website | www.naih.hu |
The Data Subject may also seek a judicial remedy. Such proceedings fall within the jurisdiction of the regional court (törvényszék).
9. Final provisions
The Controller reserves the right to amend this Privacy Policy at any time. The amended Policy enters into force upon publication on the website. Matters not regulated by this Policy are governed by the GDPR and the Hungarian Info Act.