Image

Privacy Policy

Privacy Policy for www.bluebishoprelo.com

Blue Bishop Relocation Kft. – Privacy Policy

Version: 1.1 (revised 25 August 2025)

 

Controller Information

Company (Controller): Blue Bishop Relocation Kft. („BBR”)

Registered Office: 1174 Budapest, Dobos István Street 9. 6th floor, door 2

Company Registration Number: 01-09-445918

Tax Number: 32849488-2-42

EU VAT Number: HU32849488

Representatives: Ádám Papp and Henrietta Kígyósi, Managing Directors

Phone: +36 20 523 4677

Email: office@bluebishoprelo.com

Website: https://www.bluebishoprelo.com

Hosting Provider (Processor): Tárhely.Eu Szolgáltató Kft.

 

1. Definitions and General Principles

Data Subject: any identified or identifiable natural person whose personal data is processed by BBR (e.g. clients, employees of B2B clients – “assignees”, family members, prospects, website visitors).

Personal Data: any information relating to the data subjects

Controller: Blue Bishop Relocation Kft.

Processor: a service provider processing data on behalf of the Controller (e.g. hosting provider, IT operator, CRM).

Durable Medium: any instrument that allows the information to be stored in a way accessible for future reference in its unchanged form (e.g. e-mail, PDF).

BBR processes personal data lawfully, fairly, and transparently, limited to what is necessary and for the period required for the purposes of processing (Article 5 GDPR).

 

2. What data we process, for what purpose and on what legal basis?

2.1. Contact and Quotation (pre-sales)

Purpose: responding to inquiries, assessing needs, preparing offers.
 Data processed: name, contact details, employer/assigning company (if applicable), country/purpose of relocation, content of inquiry.
 Legal basis: GDPR Article 6(1)(b) – steps prior to entering into a contract; in some cases Article 6(1)(f) – legitimate interest (documentation, quality assurance).
 Retention: 12 months, or until conclusion of contract/closure of inquiry.

 

2.2. Performance of Contract – Relocation Cases

Purpose: provision of relocation and destination services, coordination of administrative processes (e.g. immigration/authority procedures, housing and school search, assistance with utilities and bank account opening, moving arrangements).
 Data processed: identification and contact details; passport/ID, visa/permit application data; marital status and family member data; address; relevant parts of the employment contract; insurance information; metadata of documents required for case management.
 Legal basis: GDPR Article 6(1)(b) – performance of a contract; Article 6(1)(c) – legal obligation (e.g. accounting retention); Article 6(1)(f) – legitimate interest (assertion of claims, IT security). In case of special categories of data: GDPR Article 9(2)(a) – explicit consent, and in some cases Article 9(2)(f) – establishment, exercise or defence of legal claims.
 Retention: client file: 5 years after termination of contract; accounting records: 8 years.

 

2.3. Processing of Family Members’ Data

Purpose: supporting family relocation (school enrolment, permits).
 Legal basis: performance of the main Client’s contract (Article 6(1)(b)), and where required: explicit consent (Article 9(2)(a)).
 Note: in the case of minors, the consent of the legal representative is required.

 

2.4. Client Communication and Project Management

Purpose: task coordination, status updates, scheduling of appointments and deadlines.
 Legal basis: Articles 6(1)(b) and 6(1)(f).
 Retention: 3 years from the closure of the case.

 

2.5. Invoicing and Finance

Purpose: invoicing, bookkeeping, statutory retention.
 Legal basis: Article 6(1)(c) – legal obligation (Accounting Act, VAT Act).
 Retention: 8 years.

 

2.6. Marketing and Newsletters (optional)

Purpose: sending news, articles, and offers by e-mail.
 Legal basis: Article 6(1)(a) – consent; unsubscribe available at any time with one click.
 Retention: until withdrawal of consent or after 2 years of inactivity.

 

2.7. Website Visits and Cookie Data

Purpose: operation of the website, performance measurement, user experience, marketing optimisation.
 Legal basis: necessary cookies – Article 6(1)(f) legitimate interest; non-essential cookies – Article 6(1)(a) consent (true opt-in).
 Retention: according to the Cookie Policy.

 

3. Sources of Data

Data are provided directly by the Data Subjects. In the case of B2B assignments, data may also be supplied by the employer/HR department, as well as by authorities and institutions involved in the relocation process (e.g. certificates, forms). Public sources (e.g. company register) are used only to the extent necessary.

 

4. Recipients and Processors

4.1. Typical Recipients (independent controllers)

Authorities and public offices (immigration, document, address, tax authorities).

Educational institutions, banks, insurance companies, utility providers.

Real estate agencies, moving companies, translators, notaries.

 

4.2. Processors

Hosting/IT: Tárhely.eu Szolgáltató Kft.

E-mail/communication: Microsoft 365, video conferencing tools.

Project/CRM: project management or CRM systems (if applied).

Accounting/invoicing: accountant and invoicing service provider.

The current, named list is available upon request; contracts include the provisions required under Article 28 GDPR.

 

4.3. Data Protection Officer (DPO)

BBR has not appointed a Data Protection Officer, as it is not legally required to do so. However, for data protection matters we can be contacted at the above contact details.

 

5. International Data Transfers

Due to the nature of relocation cases, personal data may be transferred to countries outside the EEA (e.g. the USA, certain Asian countries). Safeguards for such transfers include Standard Contractual Clauses (SCC), adequacy decisions, Binding Corporate Rules (BCR), risk assessments, as well as appropriate technical and organisational measures.

 

6. Data Security

Access management and regular review of authorisations, logging, endpoint protection; encrypted and secure document sharing; data processing agreements; incident management procedures.

BBR takes all necessary technical and organisational measures to protect personal data. In the event of a personal data breach, BBR will notify the NAIH within 72 hours in accordance with Articles 33–34 GDPR, and if necessary, will also inform the affected data subjects.

 

7. Data Subject Rights and Remedies

The rights of the data subject include: access, rectification, erasure, restriction, data portability, objection, and withdrawal of consent at any time.

Contact: office@bluebishoprelo.com

Response deadline: 1 month

Supervisory Authority (NAIH): 1055 Budapest, Falk Miksa Street 9–11.; 1363 Budapest, P.O. Box 9.; +36 (1) 391-1400; ugyfelszolgalat@naih.hu; https://www.naih.hu

Judicial remedy: civil court proceedings may also be initiated before the competent court at the place of residence.

 

8. Cookie Information – Short Version

The use of necessary cookies is based on our legitimate interest. Non-essential cookies (statistics, marketing) are placed only with your prior consent; consent may be withdrawn at any time via the “Cookie settings” link in the footer. The cookie list available on the website contains the fields: name, provider, purpose, expiry, and type.

 

9. Version Control and Amendments

This Privacy Policy may be updated when necessary; changes will be published on the website. In case of significant amendments, existing clients will also be informed by e-mail.

 

Frequently Asked Questions

Do we process special categories of data?

Yes, only if required by the case (e.g. certain immigration procedures), and in such cases only with explicit consent or another valid legal basis.
 Do we carry out profiling?

No, we do not perform profiling or automated decision-making with legal effect.
 Who can access the data?

Only those whose role requires it – based on role-based access.