Privacy Policy

Effective: January 1, 2026 · GDPR compliant

In brief: TervKapu only processes data necessary to provide the service. We do not sell data, profile users, or display advertisements.

1. Data Controller

Controller: TervKapu

Email: info@tervkapu.hu

Website: www.tervkapu.hu

2. Personal Data Processed

Registration: name, email address, password (stored encrypted)
Usage: uploaded file names, timestamps, IP address (security logging)
Cookies: session ID, language preference (1 year)

3. Purpose and Legal Basis

Service delivery – legal basis: contract performance
Security logging – legal basis: legitimate interest
Email notifications – legal basis: consent / contract

4. Data Storage and Security

Data is stored on EU servers. Passwords are bcrypt-hashed. Database communications are encrypted. Email verification and rate limiting protect registration from abuse.

5. Data Sharing

We do not share personal data with third parties, except when legally required or for hosting infrastructure (data processing agreement in place). No ad networks, social trackers, or analytics cookies.

6. Retention Periods

Account data: until account deletion
Security logs: 90 days
Uploaded files: until project deletion

7. Your Rights (GDPR)

You have the right to access, rectification, erasure, data portability, and objection. Send requests to info@tervkapu.hu – we respond within 30 days.

8. Complaints

You may lodge a complaint with the Hungarian data protection authority: naih.hu

9. Cookies

Functional cookies only: session cookie (login state) and language preference (dpv_lang, 1 year). No third-party, tracking, or advertising cookies.