GENERAL TERMS AND CONDITIONS AND PRIVACY POLICY

Effective date: 18/02/2026

This document governs the General Terms and Conditions (GTC) and Data Processing Policy of C-RT Media Kft., including the www.cyphertown.hu website and related services.

1. DATA CONTROLLER INFORMATION

Company name: C-RT Media Kft.
Registered address: 4254 Nyíradony, Galamb utca 18., Hungary
Tax number: 32094066-2-09
EU VAT number: HU32094066
Phone: +36 30 526 6840
Email: tamas@crtmedia.hu
Website: https://cyphertown.hu

Data Protection Contact Person:
Name: Tamás Rácz
Phone: +36 30 526 6840
Email: tamas@crtmedia.hu

Hereinafter referred to as: Data Controller

2. ACCEPTANCE OF TERMS

By using the cyphertown.hu website, subscribing to the newsletter, purchasing tickets, or contacting the Data Controller, the user accepts the terms outlined in this document.

The Data Controller reserves the right to modify these terms at any time. Updates will be published on the website.

3. PURPOSE OF DATA PROCESSING

Personal data is processed for the following purposes:

• Providing event information
• Processing ticket purchases
• Issuing invoices
• Communication with users
• Sending newsletters and marketing communications (with consent)
• Ensuring website functionality and security
• Compliance with legal obligations

Legal basis under GDPR Article 6:

• Article 6(1)(a) — Consent
• Article 6(1)(b) — Contract performance
• Article 6(1)(c) — Legal obligation
• Article 6(1)(f) — Legitimate interest

4. TYPES OF DATA COLLECTED

The Data Controller may process the following personal data:

Contact data:

• Name
• Email address
• Phone number

Billing data:

• Billing name
• Billing address
• Tax number (if applicable)

Technical data:

• IP address
• Browser type
• Device information
• Website activity data

Communication data:

• Messages sent via contact forms
• Email correspondence

Payment data:

Online card payments are processed through the Barion Payment Zrt. system.

The Data Controller does NOT have access to card details.

Barion Payment Zrt.
Supervised by Hungarian National Bank
License number: H-EN-I-1064/2013

Website: https://barion.com

Barion acts as an independent data controller.

5. DATA RETENTION PERIOD

Personal data is retained as follows:

Invoices and accounting data:
8 years + 1 year (required by accounting law)

Contact and communication data:
Maximum 5 years

Newsletter subscription data:
Until withdrawal of consent

Technical and cookie data:
Maximum 12 months or according to cookie settings

After retention expires, data is permanently deleted.

6. COOKIES POLICY

Cookies are small text files stored on the user’s device.

Purpose of cookies:

• Ensuring website functionality
• Improving user experience
• Saving user preferences
• Providing analytics and performance insights

Types of cookies used:

Essential cookies
Required for website operation.

Functional cookies
Store user preferences.

Analytics cookies
Help understand website usage.

Marketing cookies
Used only with user consent.

Users can accept, reject, or modify cookie settings through the cookie consent banner.

Users may also delete cookies through browser settings.

7. DATA SECURITY

The Data Controller implements appropriate technical and organizational measures to protect personal data, including:

• Access control systems
• Secure servers
• Encryption where applicable
• Protection against unauthorized access
• Regular security monitoring

Data is protected against:

• Unauthorized access
• Alteration
• Disclosure
• Loss or destruction

8. DATA PROCESSORS

The Data Controller may use trusted service providers, including:

Payment processor:
Barion Payment Zrt.

Website hosting provider

Email and newsletter systems

These processors are contractually obligated to comply with GDPR.

9. USER RIGHTS UNDER GDPR

Users have the following rights:

Right of access
Users may request information about their personal data.

Right to rectification
Users may request correction of inaccurate data.

Right to erasure
Users may request deletion of their personal data.

Right to restriction
Users may request limitation of processing.

Right to data portability
Users may request transfer of their data.

Right to withdraw consent
Users may withdraw consent at any time.

Right to object
Users may object to data processing.

Right to lodge a complaint
Users may file a complaint with the supervisory authority:

National Authority for Data Protection and Freedom of Information (NAIH)
Address: 1055 Budapest, Falk Miksa utca 9-11
Website: https://naih.hu
Phone: +36 1 391 1400
Email: ugyfelszolgalat@naih.hu

10. NEWSLETTER AND MARKETING COMMUNICATION

Newsletter subscriptions are based solely on voluntary consent.

Users may unsubscribe at any time by:

• clicking the unsubscribe link, or
• contacting tamas@crtmedia.hu

After unsubscribe, data will be deleted.

11. LIABILITY

The Data Controller takes all reasonable steps to ensure data security.

However, the Data Controller is not liable for damages caused by:

• user negligence
• incorrect data provided by the user
• external cyber attacks beyond reasonable protection

12. THIRD-PARTY LINKS AND SERVICES

The website may contain links to external services such as:

• Facebook
• Instagram
• Ticket platforms
• Payment processors

These services operate under their own privacy policies.

The Data Controller is not responsible for third-party data processing.

13. GOVERNING LAW

This document is governed by:

Hungarian law
and
European Union General Data Protection Regulation (GDPR)

Applicable laws include:

Regulation (EU) 2016/679 (GDPR)
Act CXII of 2011 (Hungary)
Act C of 2000 on Accounting

14. CONTACT

For privacy or legal inquiries:

C-RT Media Kft.
4254 Nyíradony, Galamb utca 18.
Email: tamas@crtmedia.hu
Phone: +36 30 526 6840