1. General Policies
Managing all the data related to services provided by a user of natural persons: the website operated by http://www.dentiumimplantcenter.hu/ addresses of Web sites and other specified therein ( "website" hereinafter) (1) The Elite Dent Bt..
The data controller in respect of these Regulations:
- Data: Elite Dent Bt.
- Company address: 1055 Budapest, Szent István krt 9. I. em. 3.
- Postal address: 1055 Budapest, Szent István krt 9. I. em. 3.
- Registration court: Fővárosi Törvényszék Cégbírósága
- Company registration number: 01-06-713064
- Tax number: 28938482-2-41
(2) The data protection information designed to determine the personal data processed by the controller, the method of data management and to ensure data protection constitutional principles, requirements for data security enforcement, and prevents data from unauthorized access, alteration or unauthorized disclosure of information, or use, in order to respect the user's privacy achieve natural persons.
to (3) Data expressed in paragraph (2) target the user will be handled in accordance with the legal provisions in force personal information, provide for their safety, take the technical and organizational measures and develop the rules of procedure that the relevant statutory provisions and other recommendations for enforcement are necessary.
2. Legal background
legal requirements for the handling of personal data Controller of the data processing must comply with all phases of.
Provisions processing by data controller is primarily governed by the laws set out below:
- Act V of 2013 on the Civil Code 2: 43§ (e)
- Act CXII of 2011 on Informational Self-Determination and Freedom of Information Law. TV. ( "Privacy tv.");
- 2001 CVIII on certain aspects of electronic commerce services and information society services. TV. ( "Eker TV..");
- XLVIII of 2008 on economic advertising activities basic conditions and certain limitations. TV. ( "GRT. TV.")
- Protection of Individuals with regard to Automatic Processing of Personal Data, Strasbourg, 1998. VI on the day of promulgation of the agreement dated 28 January 1981. law;
1995 CXIX of name and address data • for the purpose of research and direct marketing management. Act ( "Katv.")
(1) concerned: identified or defined on the basis of any personal data - identifiable natural person - either directly or indirectly;
(2) Data personal: the data subject may contact data - especially the names involved, identification, and one or more specific to his physical, physiological, mental, economic, cultural or social identity of knowledge - and this data is deductible conclusion of the data subject;
(3) contribution: the wishes of concerned volunteers and resolute expression, which is based on appropriate information, and which unambiguously consent to the personal data concerning them - manage - either wholly or certain operations;
(4) protest: the statement in question, which criticizes the handling of personal data and the elimination of data management, and managed data deletion requests
(5) Data Management: Regardless of the method used in any operation or set of operations which is performed upon personal data, such as collection, recording, organization, storage, alteration, use, transfer, disclosure, coordination, combination, blocking, erasure or destruction and to prevent further use of the data, Photographing, sound or video recordings or physical characteristics for identification purposes (eg, fingerprints, palm prints, DNA samples and iris images) recording
(6) data processing: technical tasks related to data processing operations, methods or means, and regardless of the application used to perform the operation site, provided that the technical tasks performed on the data.
(7) Data transfer: making a third party specified in the data accessible.
(8) disclosure: making information available to everyone.
(9) controller means the natural or legal person or legal entity without a body who or which alone or jointly with others, purpose of the processing of personal data determines decisions on data management (including instruments used in) making and implementing or appointed by a processor to implement.
(10) Data processing means any natural or legal person or entity without legal personality who or which is under contract - including the contracts concluded under the provisions of the legislation is a contract - is processing data.
(11) deletion of data: making data unrecognizable in such a way that the restoration is no longer possible.
(12) The data file is a record of all managed data.
(13) a third party means any natural or legal person or entity without legal personality who or which does not coincide with the data subject, the data controller or data processor;
4. The legal basis of data management
Stakeholders in accordance with the Data Manager data with current data protection legislation on the basis of their contribution or
- 2001 CVIII on certain aspects of electronic commerce services and information society services. TV. 13 / A §-a,
- XLVIII of 2008 on economic advertising activities basic conditions and certain limitations. TV. Based on § 6 of treats.
5. The scope of managed data, the purpose and duration of data management
Do not qualify as personal data are anonymous information that collects personal identification, exclusion of data management, and natural person is not placed in contact and their demographic does not qualify as personal data that have been collected, they will not turn to any personal data of identified persons and thus do not a connection can be a natural person.
Online Send a message or request quotation:
On the website it is possible to services provided by the Operator in connection with price or other request for information, which is required in the following personal information:
- e-mail address
- telephone number
Data management objective: Stakeholders personalized service and delivery quote request of the data subject.
Anonymous recipient identifier (cookie)
The Data Manager computer Affected anonymous recipient identifier (cookie, cookies) on which itself is in no way able to identify the person concerned only for the affected machine to recognize, name, email address or any other personal information is not required because when applying the solution to the user, the data controller does not transfer personal data, data exchange takes place solely between machines.
Data Manager to manage cookies in order to learn more about the Stakeholders use new information and thus, improving the quality of services, as well as during the visit of a customized portal sites, marketing (advertising) materials show me.
The data subject shall have the power to prohibit a browser setting unique identification mark (cookie) on your computer. Affected notes that disabling cookies, certain services will not function properly.
Using social plugins (Facebook, Twitter, Linked-in)
The Portal extensions are disabled by default. The plug-ins will only be enabled when you click on the button dedicated to the question. The extension of the authorization creates the link between the concerned sides and contribute to the data of Facebook / Twitter / Linked-in for the transmission.
If the Target is logged in to Facebook / Twitter / Linked-inre, you may find that the social networking community account of the visit to affected associates.
If the Affected by clicking the appropriate button on your browser to transmit information directly to a social network and stores them there.
The scope and purpose of data collection, the data for further processing and use of the rights and settings for the protection of personal data information by Facebook / Twitter / Linked-in Facebook // Twitter / Linked-in privacy statement can be found.
A cookie is installed will help you get ads related to the Service's products and services are displayed Portal visited by the visitors in the future with other Google Display, websites belonging to network and on facebook.
User cookies at any time and opt out of personalized ads from Google ads preferences may surface.
Log files (logfiles s)
To use the service, the system automatically logs the following information:
- the user's dynamic IP address
- Depending on the settings on the user's browser and operating system used by the user type
- activity related to a user webpage
The use of this data is a part of technical points - such as analyzing the secure operation of servers, provide additional
CONTROLS, on the other hand, the controller of this data to create usage statistics page, a user needs analysis to use in order to raise the quality of services.
These data are not suitable for the user to identify them and the Data Manager does not connect with other personal data.
Personal data relating to (3) Data to touched any of the above purposes other than those specified - thus increasing the efficiency of particular services or for market research - just manage with the prior definition of target data management based on the consent of the State concerned.
These data can not be linked without the identity of the consent of the concerned can not be transferred to third parties.
In the data controller is obliged to cancel if the data management goal is eliminated or affected so provides.
(4) The Controller ensures that the recipient of stress before and during use of the service at any time ascertain that the
Data Manager with the data management purposes to which types of data, including the management of a recipient can not directly contact information.
(5) data processing by the data controller in each case the legal basis of the consent of the affected.
(6) Duration of data management:
Relevant data is processed on the basis of the consent of the contribution amendment or withdrawal can be managed. Data management is the period of the end of the personal data concerned is obliged to delete the Data Manager.
The data for orders made during the shipment and including telephone customer service known audio recording of the Data Manager in order to prove any legal disputes, the general statutory limitation period, that is five (5) years from the store.
The data for invoicing, accounting requirements of the Data Manager to fulfill, within the meaning of § 169 of the Act C of 2000 XCII of 2003 on eight (8) years, or the Rules of Taxation. dividing of time limitation prescribed by law treats.
(7) It is possible that the full implementation of the services of certain personal information to the Affected Data to a third party - on a temporary basis - if found to be necessary consents - data processing or data management purposes - has it, in particular:
- If online payment is made via the website, the Controller transmits the required number of payment card / credit card provider to the financial institution, without having to retain it.
- If the event on the website of the ordered products shipped contracted partner companies for the Data Manager gives information (name, delivery address) is required to be delivered product and delivery fulfillment. The delivery partners responsible for delivery of data transferred in relation to the data processor means, who these data in addition to the fulfillment of delivery can not be used for other purposes.
(8) The site visitor to independent data extraction and analytics provider using Google Anatitycs software so that data in respect of Google Inc., is acting as a data processor. Google Inc.'s privacy policies available on the http://www.google.com/intl/hu ALL / privacypolicy.html side.
Using the services of this website acknowledges that the processing of the data by Google by using the site's contribution.
(9) If the services' in which personal data - such as the case of online payment card signifi- require the user to online sent from the service, the Data Manager provides channel adequate protection of such messages - SSL connection - provides.
(11) If the content of a website is a joint service partner maintains the right to use your personal data in common, however, in the present Data Management Regulations - in accordance with the rules on handling the same content provided in the existing contractual relationship with a partner - will still apply.
(12) (7) - in the case of data processing referred to in paragraph (11) shall be clearly indicated in the data or data processing, the data controller and the data processor persons.
6. It is the right
(1) the data subject may request the data controller
the management of personal data) information,
b) correction of personal information, as well as
c) personal data - with the exception of mandatory data management - deleting or blocking.
(2) At the request of the concerned in writing within 30 days of the Data Manager no later than the submission of such a request, the date information managed by it, and it provides that processed by trusted data processing or data is concerned, they are the source of the data management purpose, grounds and duration of the processor name, address and activities related to data management, and - in the case concerned the transfer of personal data - data transmission and recipient of the legal basis.
This information is free if the person requesting information an application for the same area of the data controller has not yet been submitted in the current year. Otherwise the Data Manager establishes a fee, provided that the expenses shall be reimbursed if data is unlawfully processed or where the request for information led to correction.
(3) Verification of Data Management for data transmission legality and purpose of the information concerned will lead to transmission record that includes the date of the personal data it manages the transmission of the data to the legal basis and the recipient of the definition of the scope of the personal data transferred and the data prescribing other information specified by law .
(4) If the personal data of reality does not correspond to and reflect the true personal data to the Data Manager at the disposal of personal data corrected by the data controller.
(5) Personal data must be deleted if
a) the processing is unlawful;
b) the data subject requests (with the exception of mandatory data processing);
c) the incorrect or incomplete - and this condition can not be resolved legally - provided that the cancellation law does not preclude;
d) the purpose of processing has ceased to exist or the time limit for storing the data specified in the Act has expired;
e) the court or the Authority ordered.
Instead of (6) Delete the Data Manager to lock their personal data if the person so requests, or on the basis of the information available to assume that erasure could affect the legitimate interests of the data subject. The personal data locked so only as manageable as long as there is a data management purposes which are excluded from the deletion of personal data.
(7) Data indicating the personal data it processes if the concerned disputes the correctness or accuracy of the personal data at issue but the incorrectness or inaccuracy can not be clearly identified.
(8) The correction of the blocking of the signs and the cancellation of stakeholders, and shall be notified to all those who have been transferred for processing the data. The notification may be omitted if it is the purpose of the data processing having regard to the legitimate interest of the data subject are not prejudiced.
(9) If the data is correct, block or delete request for concerned it does not comply, it shall communicate the rectification, blocking or rejection of the request for removal from the factual and legal reasons in writing within 30 days of receipt of the request. In case of rejection of application for rectification, erasure or blocking the Data Manager application will inform the data subject of legal proceedings, as well as the possibility of occurrence Authority.
(10) the data subject may object to the processing of personal data if
a) when handling or transfer of personal data solely to fulfill a legal obligation of the controller or the controller, the data importer or a third person having a legitimate interest pursued by required, except for mandatory data management;
b) if the use of personal data or transmission of direct marketing, public opinion research or scientific research; as well as
otherwise specified c) Act.
The Data Management - Data Management for simultaneous suspension - a protest is required as soon as possible after the submission of the application, but, within a period not exceeding 15 days, and the result of the applicant in writing. If the objection is justified, the Controller is required for data management - to end and the data block, and the protest and the measures taken on the basis thereof all those whom passed before personal information involved in the protest and who - including further data collection and transmission of data is obliged to take action to enforce the right to object.
If the Target the Data Manager's decision does not agree, or if the Controller fails the 15-day deadline to affected against the decision - within 30 days of its notification, and the last day of the deadline date - go to court.
(11) the data subject of its rights specified in section 5 of the Act restrict the external and internal security of the state, such as national defense, national security, the prevention or prosecution of criminal offenses, for the security of the prison, and state or local government, economic or financial interests of the the European Union is an important economic or financial interests, and your occupations exercise of disciplinary and ethical violations, to prevent and detect labor law and health and safety breaches - including in each case the control and supervision - and to protect the rights of the data subject or of others.
(1) In case of infringement of the right to appeal Affected:
a.) the Office of the Privacy Commissioner (1051 Budapest, Nador u. 22.)
b.) the National Authority for Data Protection and Freedom of Information
Headquarters: 1125 Budapest, Szilagyi Erzsebet fasor 22 / c.
Postal address: 1530 Budapest, Pf fifth.
Tel: 06 391-1400 -1-
c.) the Affected residence, respectively. Competent Tribunal's place of residence.
The court shall give priority to the case. The legality of the Data Manager data management, data receipt to prove the legality of the data importer is required.
If the court accepts the application, the Data Manager to specify the information, data rectification, blocking, deleting, the decision on automated processing of data destruction, taking into account the right to object, and the Info-TV. the issue of data requested by the data importer as defined in § 21 requires.
If the court of Info-TV. in the cases specified in § 21 of the data importer rejects the request, the data controller is obliged to delete the personal data concerned within three days of notification of the judgment.
Controller is obliged to delete the data even if the data recipient of the Info-TV. within a specified period (5) and (6) of § 21 do not go to court.
The court may order a judgment - Data on the identity of the publication - disclosure if it is a larger number of affected interests and privacy rights require protected by this Act.
(2) violation of the requirements of the Data unlawful treatment of the data subject or of data security is obliged to compensate damage caused to others. In contrast to the stakeholders in the Data Manager is responsible for any damage caused by the data processing as well. The Data exempted from liability if it can prove that the damage was outside the scope of data management triggered by falling unavoidable reasons.
You do not have to reimburse the damage in so far as the victim of intentional or grossly negligent conduct came.