Privacy notice

The data controller of the personal data submitted on riczu.hu is the sole proprietorship trading as Riczu Works. We have not appointed a Data Protection Officer (we are not required to), and we handle data-protection enquiries directly.

Legal name

Riczu Gábor e.v.

Brand

Riczu Works

Registered address

Agyag utca 3, 4400 Nyíregyháza, Hungary

Registration number

60965950

Tax ID

91358044-2-35

EU VAT ID

HU91358044

Statistical number

91358044-5611-231-15

Email (quote requests)

ajanlat@riczu.hu

Email (privacy enquiries)

info@riczu.hu

Phone

+36 70 123 4567

We process only the data needed to prepare a quote, perform the contract, and meet our legal obligations. The table below shows processing by purpose.

• 01

  Purpose

  Contact and quote preparation based on the form submitted on the website

  Legal basis

  GDPR Art. 6(1)(b), steps prior to entering into a contract at the data subject's request

  Retention

  until the quote process is closed, or 1 year from the last contact (if no contract is signed)

  Data processed

  name, email and/or phone, project type, message content, time of submission

• 02

  Purpose

  Performance of the contract (survey, design, build coordination)

  Legal basis

  GDPR Art. 6(1)(b), performance of a contract

  Retention

  until the end of the civil-law limitation period after performance (5 years), or until warranty expiry where applicable (max. 10 years)

  Data processed

  name, contact details, location, technical and project-specific data

• 03

  Purpose

  Invoicing and retention of accounting records

  Legal basis

  GDPR Art. 6(1)(c), compliance with a legal obligation (Sztv. § 169)

  Retention

  8 years from invoice issue date, per the Hungarian Accounting Act

  Data processed

  billing name, address, tax number (if any), performance data

• 04

  Purpose

  Operating the website, security logging, abuse prevention

  Legal basis

  GDPR Art. 6(1)(f), legitimate interest (operations and IT security)

  Retention

  max. 30 days, or until incident closure in case of a security event

  Data processed

  IP address, request time, browser and device identifier, referrer URL

• 05

  Purpose

  Anonymous traffic statistics and performance measurement

  Legal basis

  GDPR Art. 6(1)(f), legitimate interest (service quality)

  Retention

  per the Vercel service retention period

  Data processed

  anonymised page-view and performance data, no cookies

We use the following data processors to deliver the website and emails. They have access to the data only within the scope of our contract and this notice.

• Processor

  Vercel Inc.

  Activity

  Hosting, server infrastructure, anonymous traffic measurement (Vercel Analytics, Speed Insights)

  Location

  USA / EU regions

  Safeguard

  EU–US Data Privacy Framework (DPF) certification and the European Commission's Standard Contractual Clauses (SCC)

• Processor

  Resend, Inc.

  Activity

  Transactional email delivery (quote-request notifications, confirmation emails)

  Location

  USA / EU regions

  Safeguard

  EU–US Data Privacy Framework (DPF) and SCC

• Processor

  Cloudflare, Inc.

  Activity

  DNS and email routing (DNS resolution for the riczu.hu domain and inbound mail forwarding)

  Location

  USA / global network

  Safeguard

  EU–US Data Privacy Framework (DPF) and SCC

Some of the processors listed above operate parts of their infrastructure in the United States. The legal basis for the transfer is the European Commission's EU–US Data Privacy Framework adequacy decision and the Standard Contractual Clauses (SCC, per Commission Implementing Decision (EU) 2021/914). These partners handle your data under their own privacy policies and our written processor agreements.

Copies of the appropriate safeguards (DPF certification, SCC) are available on request to info@riczu.hu.

riczu.hu does not place marketing tracking cookies. We collect data technically necessary for the website to function, plus anonymous traffic data via Vercel Analytics and Speed Insights. These do not identify individuals and do not set advertising cookies in your browser. There is therefore no cookie banner.

The website is served over HTTPS. Data submitted via the quote form is transmitted to the email provider over an encrypted channel. We choose processors with industry-grade data security controls (encryption at rest and in transit, access management, logging). Personal data is accessible only to those who need it to perform their work.

In the event of a personal-data breach (unauthorised access, destruction, loss), we will notify NAIH within 72 hours of becoming aware of it, and (if the breach is likely to result in a high risk to your rights) we will also notify you directly (GDPR Arts. 33–34).

Under the GDPR you have the following rights regarding your personal data. You can exercise any of them via email at info@riczu.hu and we will respond on the merits within 30 days.

• 01 · Access

  You may ask what data we hold about you, what we use it for, and for how long.

• 02 · Rectification

  You may ask for inaccurate or incomplete data to be corrected or completed.

• 03 · Erasure

  You may request deletion of your data when there is no longer a legal basis to process it. This does not apply to data on accounting records during the 8-year retention period.

• 04 · Restriction

  In some cases you may ask us to suspend processing (for example, while contested data is being verified).

• 05 · Objection

  You may object to processing based on legitimate interest. We will continue only if there is a compelling reason.

• 06 · Portability

  You may request the data you provided in a structured, machine-readable format (e.g. JSON).

If you believe your personal data has been mishandled, please contact us first at info@riczu.hu and we will investigate the complaint as a priority. Independently of this you may turn to the supervisory authority or a court at any time.

We update this notice from time to time as the law changes or our services evolve. The current version is always available on this page; the effective date is shown at the top. For material changes we also notify quote requesters by email.

Effective: 8 May 2026 · Version: v1.0