Privacy Notice — Rebelframes

1. Controller Details

The following legal entity is responsible for the data processing activities described in this notice:

Name:Rebelframes Korlátolt Felelősségű Társaság (Rebelframes Ltd.)

Registered address:1037 Budapest, Medvehagyma utca 7. A. ép., Hungary

Company registration number:01-09-386620

Tax number:29311794-2-41

Representative:Dániel Rózsa, CEO

Email:daniel.rozsa@rebelframes.com

2. Purposes, Legal Basis and Duration of Data Processing

2.1. Website visits, log data and cookies

Purpose: Secure and optimal operation of the website, statistical analysis.

Legal basis: Legitimate interests of the Controller [GDPR Art. 6(1)(f)].

Data processed: IP address, browser type, operating system, time of visit.

Duration: Depending on cookie type (until end of session or max. 1 year).

2.2. Contact and enquiry requests

Purpose: Responding to enquiries, providing information about services.

Legal basis: Voluntary consent of the data subject [GDPR Art. 6(1)(a)].

Data processed: Name, email address, phone number, message content.

Duration: Until purpose is fulfilled or until consent is withdrawn.

2.3. B2B direct business outreach (Cold Outreach)

Purpose: Presenting AI integration and advisory services to relevant business decision-makers.

Legal basis: Legitimate interests of the Controller [GDPR Art. 6(1)(f)]. A legitimate interest assessment has been conducted, considering the professional nature of the services and the business activities of recipients.

Data processed: Name, job title, business email address, company details.

Source: Publicly available business databases, professional profiles (LinkedIn).

Duration: Until objection (unsubscribe) or maximum 2 years.

2.4. Contractual partners and service provision

Purpose: Fulfilling advisory contracts, project management.

Legal basis: Performance of a contract [GDPR Art. 6(1)(b)].

Data processed: Contact and representative data of contracting parties, project-specific data.

Duration: 5 years following termination of the contractual relationship (civil law limitation period).

2.5. Billing and accounting obligations

Purpose: Fulfilling statutory obligations, invoicing.

Legal basis: Compliance with a legal obligation [GDPR Art. 6(1)(c)].

Data processed: Name / Company name, billing address, tax number.

Duration: 8 years (accounting document retention period).

3. Data Processors

The Controller engages the following categories of data processors:

IT and hosting services (Google Ireland Ltd., hosting provider).
Accounting and tax services provider.
Business CRM and marketing automation software (where applicable).

4. Data Security

Rebelframes Kft. takes all reasonably expected technical and organisational measures (encryption, access management, backup procedures) to protect personal data, with particular regard to business secrets and personal data processed during AI advisory services.

5. Data Subject Rights

You are entitled to request access to your data, and to request its rectification, erasure, and restriction of processing. You may also object at any time to processing based on legitimate interests (e.g. cold email outreach).

6. Remedies

Please contact us with any queries. In case of complaint, you may contact the National Authority for Data Protection and Freedom of Information (NAIH), 1055 Budapest, Falk Miksa utca 9-11., Hungary, www.naih.hu, or a court of competent jurisdiction.