Privacy Policy

Privacy and Data Processing Notice

Effective date: 1 January 2026

Data Controller: Both Béla

Website: https://christora.com

Contact: info@christora.com

1. Introduction

Both Béla, as the operator of the Christora community portal and webshop, is committed to the lawful, fair, and transparent processing of personal data.

This Privacy and Data Processing Notice explains what personal data we process in connection with the operation of the christora.com website, the use of the community portal, user registration, purchases made in the Christora Shop, and contact with the operator; for what purposes, on what legal basis, for how long, and what rights data subjects have.

The processing of personal data is carried out in particular on the basis of the following laws:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council, the General Data Protection Regulation, commonly known as the GDPR;
  • the applicable Hungarian data protection laws;
  • accounting, taxation, consumer protection, and electronic commerce regulations.

2. Data Controller Information

Name of the data controller:
Both Béla

Mailing address:
7150 Bonyhád, Arany János utca 15.
Magyarország

Email:
info@christora.com

Website:
https://christora.com

3. Scope of This Notice

This Notice applies to the personal data processed on the Christora website and in connection with the related services, especially in the following cases:

  • visiting the website;
  • creating a user account;
  • using a community profile;
  • publishing posts, comments, photos, and other content;
  • community interaction with other users;
  • purchasing in the Christora Shop;
  • invoicing and order fulfillment;
  • shipping;
  • customer service contact;
  • complaint handling;
  • data processing for technical, security, and operational purposes.

Christora operates as a Christian community portal and retail webshop.

4. Categories of Personal Data Processed

4.1 Website Visit and Technical Data

During the operation of the website, the following technical data may be processed:

  • IP address;
  • browser type and version;
  • device information;
  • operating system data;
  • time of visit;
  • pages viewed;
  • system security log data;
  • data processed by cookies and similar technologies.

These data are necessary for the operation, security, troubleshooting, performance improvement, and abuse prevention of the website.

4.2 Registration and User Account Data

When using the Christora community portal, the following data may be processed:

  • username;
  • email address;
  • password in encrypted form;
  • time of registration;
  • account status;
  • profile name;
  • profile picture;
  • cover image;
  • profile data provided by the user;
  • community connections, follows, friendships;
  • technical data related to user activities.

4.3 Community Content

On the Christora community platform, users may publish their own content. This may include, in particular:

  • posts;
  • comments;
  • photos;
  • reactions;
  • likes;
  • community interactions;
  • public or partially public content connected to the profile.

The user is responsible for what personal data or other content they publish on the community platform.

4.4 Mustard Seed Points, Ranks, and Badges

On the Christora community portal, points, ranks, and badges may appear in connection with user activity.

In this context, the following may be processed in particular:

  • the user’s activity data;
  • acquired Mustard Seed points;
  • achieved ranks;
  • earned badges;
  • related community events and log data.

These data are necessary for the operation of community functions, improving the user experience, and displaying community activities in a playful way.

4.5 Purchase and Order Data

In the case of purchases made in the Christora Shop, the following data may be processed:

  • customer name;
  • billing name;
  • billing address;
  • shipping name;
  • shipping address;
  • email address;
  • phone number;
  • data of ordered products;
  • order date;
  • order ID;
  • order status;
  • payment method;
  • shipping method;
  • payment and fulfillment status.

4.6 Invoicing and Accounting Data

For issuing invoices and fulfilling legal obligations, the following data may be processed:

  • billing name;
  • billing address;
  • tax number, if relevant;
  • invoice number;
  • order data;
  • payment data;
  • date of invoice issue.

The retention period of accounting documents is governed by Hungarian accounting rules; the generally applied retention period for accounting documents is 8 years.

4.7 Shipping Data

For the purpose of delivering orders, the following data may be processed and transferred to the shipping service provider:

  • recipient name;
  • shipping address;
  • phone number;
  • email address;
  • parcel ID;
  • other data necessary for the delivery of the order.

The Christora Shop currently delivers within the territory of Hungary, using the services of Magyar Posta.

4.8 Contact and Customer Service Data

In the case of contact, customer service administration, complaint handling, or guarantee administration, the following may be processed:

  • name;
  • email address;
  • phone number, if provided by the data subject;
  • content of the message;
  • order ID, if relevant;
  • subject of the complaint or administration;
  • responses and documents generated during the administration.

5. Purposes of Data Processing

The purposes of data processing include, in particular:

  • operating the Christora website;
  • providing the functions of the community portal;
  • creating and managing user accounts;
  • displaying profiles, posts, comments, and community interactions;
  • operating Mustard Seed points, ranks, and badges;
  • managing orders placed in the Christora Shop;
  • payment, invoicing, and order fulfillment;
  • shipping products;
  • handling customer service inquiries;
  • handling complaints and guarantee claims;
  • fulfilling legal obligations;
  • maintaining IT security;
  • preventing abuse, spam, and unauthorized activities;
  • developing the operation of the website.

6. Legal Bases for Data Processing

Personal data are processed only for specified, explicit, and lawful purposes.

6.1 Performance of a Contract

Legal basis: Article 6(1)(b) of the GDPR.

This legal basis may apply especially in the following cases:

  • creating and maintaining a user account;
  • providing the community service;
  • fulfilling webshop orders;
  • managing payment, shipping, and ordering processes.

6.2 Compliance With a Legal Obligation

Legal basis: Article 6(1)(c) of the GDPR.

This legal basis may apply especially in the following cases:

  • fulfilling invoicing obligations;
  • retaining accounting documents;
  • fulfilling consumer protection obligations;
  • handling requests from authorities;
  • fulfilling complaint handling obligations.

6.3 Legitimate Interest

Legal basis: Article 6(1)(f) of the GDPR.

This legal basis may apply especially in the following cases:

  • IT security;
  • preventing abuse;
  • protection against spam, unauthorized use, or damage;
  • system supervision;
  • troubleshooting;
  • internal administrative purposes;
  • presenting, enforcing, or defending legal claims.

When processing data on the basis of legitimate interest, the data controller takes into account the rights and freedoms of the data subjects.

6.4 Consent

Legal basis: Article 6(1)(a) of the GDPR.

Processing based on consent may include, in particular:

  • providing optional profile data;
  • using certain cookies or external services;
  • newsletter or marketing contact, if such a service is available;
  • data processing that requires separate consent due to law or the nature of the processing.

The data subject may withdraw their consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

7. Public Nature of User Content

On the Christora community portal, content published by users may be visible to other users and, in certain cases, to website visitors as well, depending on the selected privacy or visibility settings.

The user is responsible for what data, photos, posts, or other content they share.

The operator reserves the right to remove content that violates the law, community rules, or is incompatible with the purpose of Christora, and to restrict user access.

8. Data Processors and Third-Party Service Providers

The data controller may use external service providers for the operation of the website and webshop.

These may include, in particular:

  • hosting provider;
  • domain and IT service provider;
  • website operation and maintenance service provider;
  • payment service provider;
  • invoicing service provider;
  • accountant;
  • shipping service provider;
  • email sending service provider;
  • security, spam protection, or analytics service provider;
  • legal or administrative advisor.

Data processors may process personal data only according to the instructions of the data controller, the applicable contracts, and the law.

9. Data Transfer

Personal data may be transferred especially in the following cases:

  • to the shipping service provider for the purpose of delivery;
  • to the payment service provider for the purpose of processing payment;
  • to the invoicing and accounting service provider for the purpose of fulfilling legal obligations;
  • to the hosting provider or IT service provider for the purpose of operating the website;
  • to an authority, court, or other authorized body on the basis of a legal obligation.

The data controller transfers personal data only to the extent necessary.

10. International Data Transfer

Certain service providers used in the operation of Christora may process or transfer data outside the European Economic Area.

In such cases, the data controller strives to ensure that personal data are transferred with appropriate legal safeguards, for example:

  • on the basis of an adequacy decision by the European Commission;
  • by applying standard contractual clauses;
  • or according to another data transfer mechanism provided by the GDPR.

11. Cookies and Similar Technologies

The Christora website may use cookies and similar technologies for the operation of the website, the management of user sessions, maintaining security, improving the user experience, and providing certain statistical or convenience functions.

Cookies may include, in particular:

  • cookies necessary for operation;
  • session cookies;
  • security cookies;
  • login cookies;
  • convenience or preference cookies;
  • statistical or analytical cookies, if such cookies are in use.

The use of cookies that are not strictly necessary may require consent.

12. Data Retention Period

The data controller retains personal data only for as long as necessary.

The data retention period may vary depending on the purpose and legal basis of the processing:

  • user account data: for as long as the account exists, or in the case of a deletion request, taking into account legal and technical conditions;
  • community content: until the content is deleted, the account is deleted, or the content is removed by the operator;
  • order data: for the period necessary for order fulfillment, complaint handling, and handling legal claims;
  • invoicing and accounting data: for the retention period required by the applicable accounting and tax rules;
  • customer service and complaint handling data: after the closure of the case, for the period necessary for enforcing legal claims;
  • technical log data: for as long as necessary for security and operational purposes.

After the retention period expires, the data controller deletes or anonymizes the personal data, unless further retention is required by law.

13. Data Security Measures

The data controller applies appropriate technical and organizational measures to protect personal data.

These may include, in particular:

  • SSL encryption;
  • password-protected systems;
  • access control;
  • permission management;
  • regular security updates;
  • spam and abuse protection;
  • security measures provided by the hosting provider;
  • backups;
  • internal administrative rules;
  • incident handling procedures.

The data controller strives to ensure that personal data can be accessed only by those who need access in order to perform their duties.

14. Rights of Data Subjects

Under the GDPR, data subjects have several rights, including the right of access, rectification, erasure, restriction of processing, objection, and data portability; the NAIH also provides separate information on data subject rights.

The data subject may request:

  • information about the processing of their personal data;
  • access to the personal data processed about them;
  • rectification of inaccurate data;
  • completion of incomplete data;
  • erasure of personal data;
  • restriction of data processing;
  • object to certain data processing operations;
  • receive their data in a portable format, if the legal conditions for this are met.

Requests may be submitted at the following email address:

info@christora.com

The data controller responds to requests without undue delay, but no later than within the deadline specified by law.

15. Deletion of User Account and Handling of Content

The user may request the deletion of their user account.

Deletion of the account does not necessarily result in the immediate deletion of all data if the retention of certain data is required by law or justified by the legitimate interest of the data controller, for example due to handling legal claims, investigating abuse, or fulfilling accounting obligations.

The deletion or anonymization of community content published by the user may also depend on technical and community operation characteristics.

16. Processing of Minors’ Data

When using the Christora community portal and webshop, the processing of minors’ personal data may take place only in accordance with the applicable laws.

If the data controller becomes aware that minors’ data have been unlawfully entered into the system, it will take the necessary measures to delete the data or regularize the data processing.

17. Complaint and Legal Remedy

The data subject may contact the data controller with any question, request, or complaint related to data processing:

info@christora.com

The data subject also has the right to lodge a complaint with the supervisory authority:

Nemzeti Adatvédelmi és Információszabadság Hatóság

Website: https://www.naih.hu

The data subject may also turn to a court if they believe that the processing of their personal data is unlawful.

18. External Links and Third-Party Content

External links, embedded content, or third-party services may appear on the Christora website.

The data controller is not responsible for the independent data processing practices of third parties. Such services are governed by the privacy rules of the relevant third party.

19. Modification of This Notice

The data controller reserves the right to modify this Privacy and Data Processing Notice.

The modified Notice enters into force upon publication on the website, unless the data controller specifies a different date.

Continued use of the website means that the user has familiarized themselves with the current Notice.

20. Final Provisions

The purpose of this Notice is to present the data processing practices of the Christora community portal and webshop in a transparent manner.

In matters not regulated in this Notice, the GDPR and the applicable Hungarian and European Union laws shall apply.

Latest Photos

64979c38fd0c2e14daabba44ede0765a.jpg
35e8bc203faaa79e69f6952404e6dc7f.jpg
10bfa0d483f76431bbb37cbd525f8e31.jpg
d413c735baf17983dc79ed0205db625d.jpg
1a5bfa7f02756655948bf3f7d9376900.jpg
9779ffbb6ca2ed7105f14cff195eb25f.jpg
b770cd418963ef65859d0c6d2522b313.jpg
7fa12a3e58b572444da9cd6eb9b84764.jpg
a9e91281c1b5423611ae4265e7171c10.jpg
05662cd9a1cdd94e12ef885c4abb4382.jpg
ff6d802ef72e76bf05b0d236a6b08a36.jpg
570d24d67121d6c8b05b48755f79b269.jpg

Latest Videos

christora.com
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.