top of page

Privacy Policy



The site uses cookies - text files placed on your device to help provide a better user experience. Cookies generally record user habits, store information for transactions such as your purchases, and transmit anonymous tracking data to third-party applications such as Google Analytics. Cookies help to enhance your browsing experience. However, you have the option to disable cookies on this and other pages you browse. The easiest way to do this is to disable cookies in your browser. We recommend that you consult the "Help" section of your browser.

Privacy and data management information – VAD VÍZ STÚDIÓ

The electronic site operated by Vad Víz Stúdió ( respects the personal data rights of the persons visiting the site. In accordance with the relevant provisions of the legislation in force, by providing the data necessary to contact the website, you consent to the processing of your data by Vad Víz Stúdió as necessary in the context of this contact, in compliance with the legal provisions referred to.

Please note that the communication of data is voluntary and that you have the right to request information about the processing of your data and to request the rectification or cancellation of your data at any time by sending an e-mail to

Name of the data controller:

Available on the website under the short name of Privacy Policy and Statement (hereinafter referred to as the "Privacy Statement")
Name: Vad Víz Stúdió
represented by Zoltán Fehér

as the data controller (hereinafter referred to as the "Data Controller"), the users of the website operated by the Data Controller (hereinafter referred to as the "User"), in accordance with Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (hereinafter referred to as the "Infotv.") and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46/EC (General Data Protection Regulation) (hereinafter: GDPR), and the Users' Privacy Notice.


Scope of personal data processed:

When contacting us, the user provides the following personal data: (list of what has been requested, processed, usually name, e-mail address, telephone number,) other personal data if necessary. Data technically recorded during the operation of the system: the data of the user's computer logging in, generated during the use of the service and recorded by the data controller's system as an automatic result of technical processes. The data that are automatically recorded are automatically logged by the system at the time of logging in or logging out, without any specific declaration or action by the user. These data may not be linked to other personal user data, except in cases required by law. The data may only be accessed by the data controller.

Legal basis, purposes and methods of processing:

The processing is based on the voluntary and informed consent of the users, which includes their explicit consent to the use of their personal data provided during the use of the site. The legal basis for processing is the voluntary consent of the data subject pursuant to Article 6(1)(a) of the GDPR. The consent is given by the user by using the website, by contacting the controller or by voluntarily providing the data in question. The purpose of the processing is to ensure communication between the user and the controller. The controller stores the data provided by the user for a specific purpose, solely for the purpose of and in the course of the contact. The purpose of the automatically recorded data is to produce statistics, to improve the technical development of the IT system and to protect the rights of users. The data controller will not use the personal data provided to it for purposes other than those for which it is intended. Unless otherwise required by law, the disclosure of personal data to third parties or public authorities shall only be possible with the prior express consent of the user. Only the user providing the personal data is responsible for the accuracy of the personal data provided to the data controller. By providing an e-mail address, any user also assumes responsibility for the fact that he/she is the only one to receive services from the e-mail address provided. With regard to this assumption of responsibility, any liability in connection with access to an e-mail address shall be borne solely by the user who registered the e-mail address.

Duration of processing:

The processing of the personal data that you are required to provide when you contact us starts with the moment of contact and continues until the purpose is fulfilled or until the data is deleted at the User's request. In the case of non-mandatory and/or personal data, the processing lasts from the time the data is provided until the data in question is deleted. There is no logging on the website. The above provisions do not affect the fulfilment of legal (e.g. tax) retention obligations or processing based on additional consents given when contacting the website or otherwise.

Data subjects, data transfers, data processing:

The data may be accessed primarily by the designated staff of the controller, but will not be disclosed or transferred to third parties. The data controller may use external persons for the operation of the IT system and the handling of complaints. The Controller shall request a data management/privacy statement for the processing activities of such external contributors, and shall conclude a data processing contract for the processing of the data transferred, if justified. The Data Controller shall not be responsible for the other data processing practices of the third party processor. The transfer and use of the user's personal data may take place in the cases mandatorily provided for in the applicable legislation or on the basis of the user's consent.

Related concepts:

Data security: a system of technical and organisational solutions to protect against the unauthorised acquisition, modification and destruction of data.

Data processor: a natural or legal person, public authority, agency or any other body that processes personal data on behalf of the controller;

Data processing: any operation or set of operations which is performed upon personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

Restriction of processing: the marking of stored personal data for the purpose of restricting their future processing;

Right to data portability: the right to request the direct transfer of personal data between controllers.

Data protection: the set of principles, rules, procedures, instruments and methods of processing which ensure the lawful processing of personal data and the protection of the individuals concerned.

Data subject: any natural person who, by providing his or her data, contacts or has a legal relationship with the Data Controller, in particular a customer, a complainant, a whistleblower, a data subject, a contact person of a legal person, a subscriber to a newsletter;

Personal data: any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, number, location data, an online identifier or to knowledge of the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person, and to an inference relating to that person which can be drawn from the data.

Special Data: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data and biometric data revealing the identity of natural persons, health data and personal data concerning the sex life or sexual orientation of natural persons.

Rights of the Data Subject (user) and their enforcement:

The user has the right to request information about the personal data concerning him/her processed by the data controller at any time and to modify them at any time. The User has the right to request the erasure of his/her data. The Data Controller shall, upon request of the User, provide information about the data concerning the User that it processes, the purpose, legal basis and duration of the processing, as well as about the persons who have received or received the data and for what purposes. The controller shall provide the user with the requested information in writing without delay, but no later than 25 days from the date of the request. The user shall have the right at any time to request the erasure of his or her incorrectly recorded data. The Data Controller shall delete the data within 3 working days of receipt of the request, in which case they shall not be recoverable. The deletion shall not apply to data processing required by law (e.g. accounting regulations), which shall be kept by the Data Controller for the necessary period. If the user provides third-party data or intentionally false data when contacting the service or causes damage in any way when using the websites, the controller is entitled to claim damages from the user. In such a case, the controller shall provide all reasonable assistance to the competent authorities in order to establish the identity of the offending person.

At the request of the Data Subject, the Data Controller shall provide information on the facts relating to the processing prior to the start of the processing. The Data Subject may, upon request, inspect the records containing his or her personal data, and the Data Controller shall provide him or her with his or her personal data and information relating to the processing thereof. The Data Subject shall have the right to request the rectification of his or her personal data or the integration of such data by means of a supplementary declaration. Upon written request, the Data Controller shall, where the legal conditions for doing so are met, erase the personal data relating to the Data Subject. The Data Subject may request in writing that the Data Controller restrict the processing if: - he or she contests the accuracy of his or her personal data, in which case the restriction shall be for the period of time necessary to allow the Wild Water Film Studio to verify the accuracy of the personal data; - the processing is unlawful and you oppose the erasure of the data and request instead the restriction of their use; - the Wild Water Film Studio no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims. You have the right to object to the processing of your personal data. If you object to processing, the restriction will apply for a period of time until it is determined whether the legitimate grounds of the Controller override the legitimate grounds of the Data Subject. The Data Subject shall have the right to receive personal data concerning him or her which he or she has provided to the Controller in a structured, commonly used, machine-readable format and the right to transmit such data to another controller (right to data portability) without hindrance from the Controller to which he or she has provided the personal data, where (a) the processing is based on the Data Subject's consent or on a contract and (b) the processing is carried out by automated means. The Data Subject may exercise the right to data portability where two conditions are met.

The Data Subject may initiate an investigation by the Data Protection Authority to examine the lawfulness of the Controller's action to restrict the exercise of his or her rights set out in points 1 to 5 or to reject his or her request to exercise those rights. The National Authority for Data Protection and Freedom of Information is entitled to conduct the procedure.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c;
Postal address: 1530 Budapest, PO Box 5.;
Phone number: +36 (1) 391-1400;
fax number: +36 (1) 391-1410;
e-mail address:;

The Data Subject may request the Data Protection Authority to initiate proceedings if he or she considers that, in the processing of his or her personal data, the Data Controller or a processor appointed or instructed by the Data Controller or a processor acting on his or her behalf infringes the provisions on the processing of personal data laid down by law or by a legally binding act of the European Union. The Data Subject may seek legal remedies before the competent court against the Controller or, in relation to processing operations within the scope of the controller's activities, against the processor, if the Data Subject considers that the Controller or the processor on whose behalf the Controller or the processor is acting is processing his or her personal data in breach of the provisions on the processing of personal data laid down by law or by a legally binding act of the European Union.

Use of e-mail addresses:

​The Data Controller pays particular attention to the lawfulness of the use of the e-mail addresses it processes, so it will only use them in the course of its contacts as set out below. The processing of e-mail addresses is primarily for the purpose of identifying the user, communicating and answering questions raised by the user in the course of the communication, and therefore e-mails are sent primarily for this purpose. In other cases, such as when sending newsletters, the user may specifically opt-in or opt-out of receiving such electronic communications.

Other provisions:

The data controller's computer system may collect data on the activity of users, which cannot be linked to other data provided by users when contacting us, nor to data generated when using other websites or services. In all cases where the data provided is intended by the data controller to be used for a purpose other than that for which it was originally collected, the user will be informed and given the opportunity to object to such use. The data controller undertakes to ensure the security of the data and to take technical measures to ensure that the data recorded, stored or processed are protected and to take all necessary steps to prevent their destruction, unauthorised use or unauthorised alteration. The Data Controller reserves the right to unilaterally modify this Privacy Statement and the Privacy Policy by giving prior notice to users. After the modification has entered into force, the user accepts the modifications by using the service and by doing so, the user accepts the modifications.

bottom of page