Data Protection Notice

Vintage Motorcycle Company - The Vintage Riders

The purpose of this Notice is to inform the users (hereinafter referred to as “User(s)” or “Data Subject(s)”) of website (hereinafter referred to as “Website”) on the facts and information related to the data processing performed on the Website, before the start of the data processing.

Providing personal data to visit the Website is not required, however, certain services of the Website cannot be used before providing the personal data of the User.

We hereby inform you that the personal data provided by you is processed by Vintage Motorcycle Company Bt. (Budai út 266, Székesfehérvár 8000, Hungary; VAT number: 25859492-1-07; registration number: ; represented by Executive Kristóf Kalocsa; hereinafter referred to as “Data Controller”) in a confidential manner, in accordance with the applicable statutory provisions on data protection and the content of this Notice.


Types of data processing performed on the Website

Website visitor data – server log files

When the Website is used, the data recorded in the log file is stored and used exclusively for technical (analyzing the safe operation of the servers; performing subsequent checks; detecting, preventing and inspecting attacks on the Website) and statistical purposes. For this purpose, the internet service provider of the Website automatically records and saves the information of the so-called server log files automatically forwarded to us by your browser. The Data Controller will not link the sets of data generated this manner to any information received from other sources and suitable for personal identification. If we become aware of any specific suspicion related to any unlawful use of the Website, we reserve the right to perform the subsequent assessment of such data.


If you have any question, or if you wish to learn more about the Data Controller or the services provided by the Data Controller, you can contact the Data Controller by using the relevant form when you use the Website.

Scope of the processed data: name, email

Purpose of data processing: answering the questions of the User, providing the requested information

Legal basis of data processing: freely given consent of the Data Subject

Duration of data processing: the provided personal data will be deleted within 30 days after answering the question or providing the requested information.

Data processing for marketing communication purposes

The Users can subscribe to the newsletter of the Data Controller when they use the Website. The subscription to the newsletter is optional. The User can cancel the subscription to the newsletter anytime.

Scope of the processed data: first name, last name, email

Purpose of data processing: providing information on current affairs, news or legislative changes by the means of sending electronic newsletters.

Legal basis of data processing: Legitimate interest of the Data Controller on providing information to clients (potential, current or former clients) on news related to professional matters, current affairs or legislative changes by the means of providing an electronic newsletter service.

Duration of data controlling: until the termination of the newsletter service or the cancellation of the subscription to the newsletter.

Management of cookies on the Website

Just like other websites and internet service providers, sometimes we need to place data files (or cookies) on your computer, which are necessary for the proper operation of the Website.

What are these cookies?

Cookies are small text files which are stored on the computer or mobile device of the User by the Website. By using cookies, the Website records your operations and personal settings (e.g. username, language, font size, any other unique setting related to the layout of the website) for a while, so you don’t have to provide them each time you visit our website or navigate from one page to another.

What types of cookies are we using?

The following types of cookies are used when you visit the Website:

Temporary cookies

These cookies are necessary for navigating on our website and they allow you to log into the customer site.

Permanent cookies

These cookies serve to recognize your browser again when you visit our website for the next time.

Performance cookies

These cookies serve to collect anonymized data on your user habits in relation to our website. The visited subpages and links are registered by these cookies. This allows us to manage your preferences in a more suitable manner when you visit our website for the next time, thereby we can provide you with interesting information and offers.

Functionality cookies

These cookies serve to store the settings (such as language settings or font size settings) set by you on our website. This improves the functionality of our website for your comfort.

Third party cookies

These cookies serve to collect anonymized data on your user habits in relation to our website and other websites. Third party cookies are applied in case of Google Analytics; you can find more detailed information on Google Analytics below.

Google Analytics

This website uses Google (Universal) Analytics, the web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies which are analyzing the way our website is used.

The information on the use of the website (including your IP address and the URL addresses of the visited websites) generated by the cookies is used for the benefit of Google and us, for the purpose of assessing the user activity performed by you on our website, preparing reports about your website activity, and providing further services to us related to the website and internet usage. The anonymized IP address forwarded from your browser by Google Analytics will not be linked to any other data of Google.

You can find more information on the use of cookies by Google Analytics at the following link:

You can prevent the collection of the data generated by cookies on the use of the website (including your IP address) for Google or their processing performed by Google by downloading and installing the browser plugin available at the following link:

The legal basis of the use of cookies is your consent and our legitimate interest, in relation to the achievement of purposes designated for the certain types of cookies.

Maintenance of cookies

As you wish, you can maintain or delete cookies. Please visit website to learn more about this matter. You can delete every cookie stored on your computer, and the majority of internet browsers allows you to block their installation, e.g. you can set your browser in a manner which prevents the placement of any unique identification mark on the computer of the User (depending on the browser, generally accessible under Settings/Internet Settings of Tools menu). In this case, however, it is possible that you will have to set certain settings manually each time when you visit a certain site, and you also have to take into consideration that certain services and functions may not function properly (such as in case of customized solutions), the user will not be able to use certain functions of the service to the fullest extent.

Processing the data of job applicants

Purpose of data processing

The purpose of the data processing is the fulfillment of the job vacancies announced by the Data Controller, thereby identifying the job applicants (hereinafter referred to as “Applicants” or “Data Subjects”), contacting the Applicants, verifying the work experience required for the position to be fulfilled, and verifying the qualifications or any other trainings related to or promoting the position to be fulfilled.

Scope of processed data

A) first name, last name, email, telephone – and other data provided by the Data Subject

B) results of the aptitude test.

Legal basis of data processing:

In case of above point A) the consent given by the data subject – By sending their application, the applicants give their consent to the Data Controller to process their personal data in accordance with this Notice.

In case of above point B) the legitimate interests of the Data Controller.

Duration of data processing

The data is processed by the Data Controller until the achievement of the objective, therefore when the Data Controller selects one person from the Applicants to fulfill the announced position, the personal data of the Applicants not selected shall be deleted within 5 business days after the end of the selection procedure, unless the Applicant cancels its application and requests the deletion of its data, or gives an explicit consent to the Data Controller to continue the data processing for a defined period.

In case of a specific consent, the Data Controller may retain the personal data of the Applicants according to the above Point A) for 6 months, for the purpose of providing information on future vacancies.

Use of data processors

For the purposes detailed above, the Data Controller uses the following data processors:

I. Data processor used for storage services

Name and contacts of data processor: Rackforest Informatikai Kereskedelmi Szolgáltató és Tanácsadó Kft. (Phone/Fax: +36 70 362 4785; VAT number: 14671858-2-41; Company registration number: 01-09-914549; Seat: 3. em. 3008, Victor Hugo utca 18-22, Budapest 1132, Hungary)

Activity related to data processing: storage service

Data forwarding

Unless otherwise prescribed by these rules, the processed data will not be forwarded to third persons.

Data safety

The personal data provided by the Users is processed by the Data Controller and the data processor in a confidential manner and in compliance with the applicable data protection law, such as the provisions of Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information, Act VI of 1998 on the Ratification of Strasbourg Convention of 28 January 1981 for the Protection of Individuals with regard to Automatic Processing of Personal Data, and Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).

In order to ensure safe data processing, the Data Controller shall perform and ensure any measure related to the storage, processing and forwarding of data which promotes the computer and other safe data processing. To the extent reasonably expected, the Data Controller shall take the measures necessary to prevent any unauthorized access, modification, disclosure, erasure or damage of the personal data processed by it, and to guarantee the existence of the technical conditions necessary for this.

Scope of persons entitled to learn the data: The personal data provided by the Users may only be accessed by the Data Controller, and by the employees and agents of the Data Controller who are required to learn such data for the purpose of the completion of their tasks.

Your rights

You are entitled to receive feedback on whether your personal data is processed anytime, and if it is processed, you are entitled to receive access to the personal data and the following information:

a) purposes of data processing;

b) categories of concerned personal data;

c) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;

d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;

e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;

f) right to lodge a complaint to any supervisory authority;

g) any available information on the source of data if not collected from the data subject;

h) the existence of automated decision-making, including profiling and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

The Data Controller shall provide you with a copy of the personal data undergoing processing upon request.

You are entitled to request the rectification or completion of the inaccurate personal data anytime, and the Data Controller shall perform such request without any undue delay.

You are also entitled to withdraw your consent anytime. You can withdraw your consent by cancelling your subscription to the newsletter by using the proper link, or by sending your request to withdraw your consent in any other case to the Data Controller as prescribed by this point. If you cancel your subscription to the newsletter/withdraw your consent, your personal data will be deleted from the register of the Data Controller within 5 business days after your withdrawal.

You can withdraw your consent given for storing cookies in accordance with point “Management of cookies on the Website”.

The withdrawal of your consent does not affect the legality of any data processing performed before the withdrawal based on your consent.

Upon the request of the Data Subject, the Data Controller shall delete the personal data related to the Data Subject without undue delay, if

– the personal data is no longer required for the original purpose of storing or other processing;

– the consent providing a basis for data processing is withdrawn by the Data Subject, and the data processing has no other legal basis;

– the personal data is processed for direct marketing purposes, the Data Subject objects to the data processing, and the data processing has no legitimate purpose which overwrites the above right;

– the personal data was processed unlawfully; or

– the personal data must be deleted in order to comply with an obligation imposed on the Data Controller by EU or national law.

Where the Data Controller has made the personal data public and is obliged pursuant to this point to erase the personal data, the Data Controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

The above provision on deletion shall not be applicable if the data processing is necessary

a) for exercising the right of freedom of expression and information;

b) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

c) based on public interests related to public health;

d) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in so far as the right for erasure likely to render impossible or seriously impair the achievement of the objectives of that processing; or

e) for establishing, exercising or defending legal claims.

Upon the request of the Data Subject, the Data Controller shall restrict data processing, if

– the accuracy of the personal data is contested by the Data Subject, for a period enabling the Data Controller to verify the accuracy of the personal data;

– the processing is unlawful and the Data Subject opposes the erasure of the personal data and requests the restriction of their use instead;

– the Data Controller no longer needs the personal data for the purposes of the processing, but they are required by the Data Subject for the establishment, exercise or defense of legal claims; or

– the personal data is processed for direct marketing purposes, the Data Subject objects to the data processing, pending the verification whether the legitimate grounds of the Data Controller override those of the Data Subject.

Where processing has been restricted according to the above, such personal data shall, with the exception of storage, only be processed with the data subject’s consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. A Data Subject who has obtained restriction of processing shall be informed by the Data Controller before the restriction of processing is lifted.

In addition to the above, the Data Subject should also be allowed to receive personal data concerning him or her which he or she has provided to the Data Controller in a structured, commonly used, machine-readable and interoperable format, and should be allowed to have the personal data transmitted directly from one controller to another, where technically feasible.

Complaints may be lodged at the following addresses: Budai út 266, Székesfehérvár 8000, Hungary by post and by email.

For the purpose of identification, it is always important to provide personal data correctly.

The Data Controller shall provide information on action taken on a request of the Data Subject for exercising its rights to the Data Subject without undue delay and in any event within 30 days of receipt of the request.

Where the Data Subject makes the request by electronic form means, the information shall be provided by electronic means where possible, unless otherwise requested by the Data Subject.

In case of rectification, restriction or erasure, the Data Controller shall inform the Data Subject and anyone who received the data for data processing earlier.

If the Data Controller does not take action on the request of the Data Subject, the Data Controller shall inform the Data Subject without delay and at the latest within 30 days of receipt of the request of the reasons for not taking action and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.

The User shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her. In this case, the data controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.

Concurrently with the suspension of the data processing, the data controller shall assess the request and inform the data subject on its outcome as soon as possible, but no later than 30 days after performing the assessment. If the objection of the data subject is reasoned, the data controller shall terminate the data processing – including any further recording and forwarding of data – and restrict the processing, and it shall inform anyone on the objection and the measures taken on the basis of it who received the objected personal data earlier, and anyone who shall be informed to enforce the right for objection.

In case of any violation of the above rights, the Data Subject may turn to a court or the National Authority for Data Protection and Freedom of Information.

National Authority for Data Protection and Freedom of Information

Address: Szilágyi Erzsébet fasor 22/c, Budapest 1125, Hungary

Phone: +36 (1) 391-1400

Fax: +36 (1) 391-1410



The Data Controller reserves the right to modify this Notice unilaterally after informing the User in advance. The User accepts the modified Notice by using the service after the time when the modification becomes effective.

Done in Székesfehérvár on 16 August 2018