Privacy Policy

1. INTRODUCTION

Midmar Miskolc Tourism Marketing Nonprofit Ltd. (hereinafter: Data Controller) is committed to protecting the personal data of its users. The purpose of this notice is to present the data processing activities carried out on the miskolctitkai.hu website in a clear and understandable form, in accordance with the European Union’s General Data Protection Regulation (GDPR) and the domestic Act on Information Self-Determination.

The Data Controller stores and manages personal data in compliance with data protection laws. By using the website, visitors accept and acknowledge the provisions contained in this Privacy and Data Processing Policy as binding.

No personal user data is generated solely by visiting the website. However, an information file known as a “cookie” may be placed on the user’s storage via their browser, which uniquely identifies the user during their next visit and allows their browsing on the website to be tracked. Users can remove this information file at any time using their browser settings. Further information regarding the use, application, and removal of cookies can be found below.

Data Controller Information:

  • Company Name: Midmar Miskolci Idegenforgalmi Marketing Nonprofit Közhasznú Kft.
  • Headquarters: 3530 Miskolc, Széchenyi István u. 16.
  • Tax Number: 24113917-2-05
  • Phone Number: +36 46 350 425
  • E-mail Address: info@visitmiskolc.hu

Providing personal data is not required to view the publicly available information on the miskolctitkai.hu website.

By entering the miskolctitkai.hu website—if your browser settings allow it and you expressly approve it during your first visit or at any time thereafter—the website may automatically save information from your computer or the device used for browsing (tablet, smartphone, etc.) or place “Cookies” or other similar programs on it.

The Data Controller uses two types of cookies during the operation of the website:

  1. Essential Cookies: These are strictly necessary for the operation of the website. These cookies are automatic and cannot be turned off. Essential cookies automatically record the following data about visitors: browser type, time of visit, address of the visited page, operating system characteristics (e.g., type, set language), and the address of the previously visited page. The Data Controller uses this data exclusively for website analysis and monitoring secure operation.
    • Purpose of data processing: Monitoring secure operation and performing website analysis.
    • Legal basis for data processing: The consent of the data subject.
  2. Analytical Cookies: These are Google Analytics cookies that influence the operation of measurement codes. Users must explicitly consent to these by checking the corresponding option. The cookies only take effect after this.
    • Legal basis for data processing: The consent of the data subject.

The website provides the opportunity for visitors to change their previous cookie settings at any time during use.

Cookies

A Cookie is a file that may be placed on a computer or other browsing device when a visitor visits a website. Cookies store information related to the use of the website. Cookies serve multiple functions, including gathering information, remembering user settings, enabling the website owner to understand user habits, and enhancing the user experience. The purpose of processing data stored in cookies is to improve the user experience and develop the website’s online services. The cookies used on the website do not store information suitable for personal identification. You have the option to prohibit the storage of cookies in your browser.

Which Cookies Do We Use?

Some cookies are strictly necessary for the site to function, while others are used to increase performance and user experience.

Strictly Necessary Cookies

Some of the cookies we use are essential for you to navigate between pages and view certain protected content.

Session Cookies

Session cookies are temporary cookies that only remember your activity while you are on the site and expire when the web browser is closed.

Persistent Cookies

Persistent cookies serve to remember your preferences within the site and remain on your desktop or mobile device even after you close the browser or restart your computer. We use these cookies to analyze user activity to create visit patterns, helping us improve website functionality for you and other visitors. These cookies also allow us to display targeted advertisements to you and measure the effectiveness of our site features and ads.

Statistical Cookies

Our staff and service providers also use analytical tools to assess the popularity of site content, what our visitors are interested in, and how we can improve the site’s operation. By applying statistical cookies, we examine how many unique users visit the site and how frequently. This data is used exclusively for statistical purposes, and visitors are not identified by name.

Third-Party Cookies

We use the following third-party cookies:

WordPress

Functional

Usage

We use WordPress for website development. Read more about WordPress

Sharing data

This data is not shared with third parties.

Functional

Name
WP_PREFERENCES_USER_*
Expiration
persistent
Function
Store user preferences
Name
wpEmojiSettingsSupports
Expiration
session
Function
Store browser details
Name
wp-settings-*
Expiration
persistent
Function
Store user preferences
Name
wordpress_test_cookie
Expiration
session
Function
Read if cookies can be placed
Name
wp_lang
Expiration
session
Function
Store language settings
Name
wordpress_logged_in_*
Expiration
persistent
Function
Store logged in users

Elementor

Statistics (anonymous)

Usage

We use Elementor for content creation. Read more about Elementor

Sharing data

This data is not shared with third parties.

Statistics (anonymous)

Name
elementor
Expiration
persistent
Function
Store performed actions on the website

Google Fonts

Marketing

Usage

We use Google Fonts for display of webfonts. Read more about Google Fonts

Sharing data

For more information, please read the Google Fonts Privacy Statement.

Marketing

Name
Google Fonts API
Expiration
expires immediately
Function
Read user IP address

YouTube

Marketing

Usage

We use YouTube for video display. Read more about YouTube

Sharing data

For more information, please read the YouTube Privacy Statement.

Marketing

Name
GPS
Expiration
session
Function
Store location data
Name
VISITOR_INFO1_LIVE
Expiration
6 months
Function
Provide ad delivery or retargeting
Name
YSC
Expiration
session
Function
Store and track interaction
Name
PREF
Expiration
8 months
Function
Store user preferences

Wistia

Marketing, Statistics

Usage

We use Wistia for video display. Read more about Wistia

Sharing data

For more information, please read the Wistia Privacy Statement.

Marketing

Name
wistia
Expiration
persistent
Function
Store performed actions on the website

Statistics

Name
wistia-video-progress-*
Expiration
persistent
Function
Store if the user has seen embedded content

Complianz

Functional

Usage

We use Complianz for cookie consent management. Read more about Complianz

Sharing data

This data is not shared with third parties. For more information, please read the Complianz Privacy Statement.

Functional

Name
cmplz_user_data
Expiration
365 days
Function
Read to determine which cookie banner to show
Name
cmplz_id
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_saved_services
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_consented_services
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_policy_id
Expiration
365 days
Function
Store accepted cookie policy ID
Name
cmplz_marketing
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_statistics
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_preferences
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_functional
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_banner-status
Expiration
365 days
Function
Store if the cookie banner has been dismissed
Name
cmplz_saved_categories
Expiration
365 days
Function
Store cookie consent preferences

Google Analytics

Statistics

Usage

We use Google Analytics for website statistics. Read more about Google Analytics

Sharing data

For more information, please read the Google Analytics Privacy Statement.

Statistics

Name
_ga
Expiration
2 years
Function
Store and count pageviews
Name
_ga_*
Expiration
1 year
Function
Store and count pageviews

Polylang

Functional

Usage

We use Polylang for locale management. Read more about Polylang

Sharing data

This data is not shared with third parties.

Functional

Name
pll_language
Expiration
persistent
Function
Store language settings

Miscellaneous

Purpose pending investigation

Usage

Sharing data

Sharing of data is pending investigation

Purpose pending investigation

Name
ml_guid
Expiration
Function
Name
elementor-global-variables
Expiration
Function
Name
elementor_sidebar_menu_expanded_v2_elementor-custom-elements
Expiration
Function
Name
__mp_opt_in_out_*
Expiration
Function
Name
elementor-global-variables-watermark
Expiration
Function
Name
e_library
Expiration
Function
Name
e_kit-elements-defaults
Expiration
Function
Name
wpc*
Expiration
Function
Name
wp-settings-time-1
Expiration
Function
Name
elementor_sidebar_menu_expanded_v2_elementor-templates
Expiration
Function
Name
elementor_wpdash_session
Expiration
Function

You can disable cookies for all websites. Please note that if you delete all cookies, settings previously specified on the website will be lost, including the preference to opt-out of cookies, as this preference itself requires a cookie to be stored. For more information on how to disable cookies by modifying your browser settings, please visit http://www.aboutcookies.org/ and http://www.cookiecentral.com/faq/.

With the exception of essential cookies, you may reject or block all or specific cookies downloaded during your visit to the website.

By modifying your browser settings, you can change your preferences regarding the Data Controller’s website or any third-party website. Please note that most browsers automatically accept cookies. Therefore, if you do not wish to allow the use of cookies, you must disable them by clicking the “I do not allow” button in the pop-up window. If you reject the use of cookies, you will still be able to visit our websites, but some functions may not work properly. If you wish to view the content of a cookie, click on the cookie itself to open it. You will see a short string consisting of text and numbers.

The operation and significance of cookies are detailed below:

XSRF-TOKEN

  • Description: This is a security cookie designed to prevent attacks known as Cross-Site Request Forgery (CSRF). In such an attack, if someone sends a POST request to the site from an external page or through a program without this token, the system will reject the request as an untrusted source. This eliminates a significant portion of potential attacks.
  • If you reject this cookie: In this case, your requests will be discarded by the system. For example, if you wish to fill out the contact form but have not enabled the cookie, the system will terminate the connection citing an insecure source, and you will not be able to use the services as intended.
  • Encryption: The cookie is hashed and generated by the server before every request; therefore, it is practically impossible to forge. No information about the system user can be derived from it, as it is not stored on the server side either.

Cookies refer to the following data:

Description: The following data is never stored on the user’s machine. What is stored on the user’s machine is only a hashed “token” of the cookie, which allows us to know on the server side which data to access; however, this token strictly identifies the following data on the server side:

  • Session history: previous page.
  • A token generated from the user’s machine characteristics. This is not suitable for identification because we do not store this information; it is only hashed one-way. Every request is hashed regardless of the machine it originates from, but if the hash of a request matches the hash of a previous request, we know it belongs to the same session. This allows us to track sessions. (Multiple users may log in from one machine sequentially; in this case, the session remains the same but the user is different, therefore the session is not suitable for identification).
  • Referrer: i.e., where the user arrived at the page from.

The data collected by cookies is managed by the operator.

DATA PROCESSING ON THE WEBSITE

Contact Details (Form)

If you send us a message via the form on the website or by e-mail, we process the following data:

  • Data processed: Name, e-mail address, phone number, message text.
  • Purpose of data processing: Responding to inquiries, providing information about tours, scheduling appointments.
  • Legal basis: Article 6(1)(a) of the GDPR—the consent of the data subject to the processing of their personal data, as the data subject chose to send an inquiry to the Data Controller via the website.
  • Duration of data processing: Data arriving through the form is stored only until the purpose of the contact is fulfilled or until the legally prescribed retention period (e.g., 3 years in case of complaint handling).

Information Regarding Ticket Purchase

No direct ticket sales take place on our website. You can purchase tickets for the Forest Gastro-Express experience tour through the external interface: https://visitmiskolc.jegyx1.hu/.

Important: When you click the ticket purchase button, you leave the miskolctitkai.hu site. The operator of the ticket sales system is responsible for the processing of data provided during ticket purchase (e.g., billing name, address, bank card details) according to their own privacy policy; no data processing for this purpose takes place on this website.

Newsletter Subscription

If you subscribe to the newsletter service on the website, we process the following data:

  • Data processed: Name, e-mail address.
  • Purpose of data processing: Sending newsletters issued in connection with the miskolctitkai.hu website.
  • Legal basis: Article 6(1)(a) of the GDPR—the data subject’s consent.
  • Duration of data processing: Data is stored until withdrawal of consent, but at most for the duration of the website’s newsletter function.

Technical and Analytical Data (Cookies)

  • Data processed: IP address, browser type, time spent on the site, subpages visited.
  • Purpose of data processing: Ensuring the technical operation of the website, creating statistical analyses to improve user experience.
  • Legal basis: Article 6(1)(a) of the GDPR—the data subject’s consent.
  • Duration of data processing: Cookie data is stored until deletion, but for a maximum of one year.

DATA STORAGE AND SECURITY

The Data Controller takes all necessary technical and organizational measures to ensure data security:

  • The website has an SSL certificate (encrypted channel).
  • Data is stored on secure servers accessible only by authorized personnel.
  • Personal data provided by you can only be accessed by specifically authorized employees of the Data Controller and persons in a legal relationship with it who participate in performing tasks for the purpose of data processing.

DATA TRANSFER TO THIRD PARTIES

We do not transfer data to third parties for any purpose, including marketing. The Data Controller utilizes Miskolc Holding Zrt. as a data processor for website operation, providing hosting services.

LINKS TO EXTERNAL SITES

Our site may contain links to other sites not operated by us (e.g., the ticket sales interface or social media pages). The Data Controller assumes no responsibility for the content or data processing practices of these sites. We recommend reading the privacy notices on those sites as well.

VISITOR’S RIGHTS

The data subject may request the rectification, erasure, or blocking of their personal data from the Data Controller and may request information about their data, its source, the purpose, legal basis, and duration of processing, activities related to data processing, and the circumstances and effects of any potential personal data breach and measures taken to address it.

  • Right to withdraw consent: The data subject has the right to withdraw their consent at any time. This does not affect the lawfulness of processing based on consent before its withdrawal.
  • Right to information: The data subject may request information on what personal data is processed, on what legal basis, for what purpose, from what source, for how long, and to whom access was granted or to whom the data was forwarded.
  • Right to rectification: The data subject may request that the Data Controller correct or supplement incorrectly or incompletely recorded data.
  • Right to blocking (restriction of processing): The data subject may request the blocking of data until the assessment of a request to exercise a legal claim or an objection.
  • Right to object: The data subject may object to the processing of their personal data.
  • Right to erasure: The data subject may request erasure if:
    • The data is no longer necessary for the original purpose.
    • Consent is withdrawn and there is no other legal basis.
    • The objection is successful.
    • The data was processed unlawfully.
    • Erasure is required by law.

Requests can be sent to info@visitmiskolc.hu. The Data Controller shall inform the data subject of measures taken within 25 days of receipt.

REMEDIES

If you believe your rights have been violated, please contact us first. If the complaint is not resolved satisfactorily, you may contact:

National Authority for Data Protection and Freedom of Information (NAIH)

  • Address: 1055 Budapest, Falk Miksa utca 9-11.
  • Mailing Address: 1363 Budapest, Pf.: 9.
  • Phone: +36 1 391 1400
  • E-mail: ugyfelszolgalat@naih.hu
  • Website: www.naih.hu

You may also turn directly to the court if you believe your personal data is being processed in violation of data protection rules.

©2026 Midmar Ltd. – All rights reserved