DATA PROTECTION INFORMATION
in which we inform you, as a visitor of our website, as well as the user of our services, regarding the data management and data protection rules of our Company.
1. What principles do we follow during our data management?
Our Company follows the below rules during data management:
- We manage personal data lawfully and honestly, and in a way that is transparent for you.
- We only collect personal data for defined, clear and lawful purposes, and we do not manage them in a way that is not reconcilable with these purposes.
- The personal data collected by us are appropriate and relevant from the aspect of our data management purposes, and are limited to those that are necessary.
- Our Company takes all reasonable measures to ensure that the data managed by us are accurate and up-to-date if that is necessary, we immediately delete or correct all inaccurate personal data.
- We store personal data in a form so you will only be identifiable for the time required to achieve the purposes of personal data management.
- With the application of the appropriate technical and organizational measures we ensure the proper security of personal data, the protection of data against unauthorized or unlawful management, accidental loss, destruction or damage.
Our Company manages your personal data as follows:
- We manage, meaning that we collect, record, systemize, store and use the data based on your prior notification and voluntary approval, as well as only to the necessary extent and in every case in a manner associated with the purpose.
- In certain cases the management of your data is based on provisions of law and is mandatory in nature, in such cases we will separately call your attention to this fact.
- Furthermore, in certain cases the management of your personal data is associated with the rightful interests of our Company or a third party, for example the operation, development and security of our homepage and webstore.
02. Data manager’s designation
Company name: Promecom Kft.
Company seat: H-1037 Budapest, Kunigunda útja 60.
Company site: H-1037 Budapest, Kunigunda útja 60.
Company homepage: http://franchise.medistance.com
Postal address: H-1037 Budapest, Kunigunda útja 60.
Phone number: +36-1-453-7103
Email address: firstname.lastname@example.org
Tax number: 12149425-2-41
Data manager registration number: NAIH-1032501/2016.
Company registration number: 01-09161525
Name, address and contact of our Company’s data storage service provider: Cogitnet Kft. (Budapest, Körtvélyes u. 24, H-1037)
During data management our Company employs the following data managers, for the sake of providing high quality standard service to our clients:
Name: Cogitnet Kft.
Address: Budapest, Körtvélyes u. 24, H-1037
- IT service
- Storage space service
- Database maintenance and processing, preparation of reports
Name: Google Analytics
Address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Activity: Preparation of reports
Address: Defiant, Inc., 800 5th Ave., Suite 4100, Seattle, WA 98104
Activity: Website security inspection
If we modify the range of our data managers, we will enter the changes into our present information.
Legal basis, purpose and method of data management
- Visiting our homepage
Data management purpose
- The purpose is to ensure the homepage’s normal, high quality operation
- Inspection and improvement of the quality of our services
- Identifying malicious visitors who attack our website
- Visitor number measurement
- Statistical purposes
Legal basis: Our Company’s rightful interest
- IP address
- Time of visit
- Data of visited subpages
- Type of operating system and web browser used by you
Duration: 26 months
2. Administration, complaints
Data management purpose: responding to comments and complaints
Legal basis: Legal obligation
- Email address
- Phone number
- Postal address
- Other personal messages
Duration: 5 years
Regarding your questions about data management, please contact the following for further information: email address: email@example.com, and postal address: H-1037 Budapest, Kunigunda útja 60. We will send our response without undue delay, within 3 business days, to the contact specified by you.
3. What are cookies and how do we manage them?
Cookies are small size data files that are placed onto your computer through the website by the usage of the website, in a way that they are saved and stored by your internet browser. The majority of the most frequently used internet browsers (Chrome, Firefox, etc.) accept and allow the downloading and usage of cookies in their default settings, but it is your choice to reject or disable them by modifying your browser settings, furthermore you can delete the cookies that are already stored on your computer. Certain browsers provide more detailed information regarding the usage of cookies in their “Help” menu item.
Certain cookies do not require your prior approval. Our website provides a brief notification regarding these at the time of the commencement of your first visit. Such are, for example work process cookies that assist in authentication, multimedia player use, overload prevention, user interface customization, as well as user friendly security cookies.
Our Company provides a brief notification regarding approval requiring cookies at the time of the commencement of your first visit, if the data management is initiated at the time of visiting the website.
Our Company does not apply or allow cookies by the use of which a third party can collect data without your approval.
Accepting the cookies is not mandatory, but our Company does not take responsibility for our website’s potential unexpected operation that results from not accepting cookies.
What kind of cookies do we apply?
- System cookies: The session cookie related to the firewall of the web application, which serves for the prevention of abuse by cross-references. Its purpose is to ensure the website’s operation. It does not require approval, validity time: end of browser session.
- Tracking cookies (originating from a 3rd party): For the identification of new sessions and visitors Google Analytics and Wordfence download a web tracking service. During visiting the website they link to the services of 3rd parties (e.g. Google). It does not require approval, validity time: 26 months.
- Tracking cookies: Saving your settings, increasing the effectiveness of our service. They require approval. Validity: In our system you can reject them at any time by clicking on the “cookies settings” button located in the footer.
- Marketing cookies: Sending tracking messages, and displaying customized advertisements in the form of popups and newsletters. Its purpose is to provide discounts, useful information and customized advertisements to consumers. Validity: In our system you can reject them at any time by clicking on the “cookies settings” button located in the footer.
- Wordfence cookies: Distinguishing between bots and humans. Distinguishing between logged-in system managers and other users. They establish if a user attacks the website and they take action.
4. What else should you know about our website’s data management?
In the case of using deceptive personal data, or if one of our visitors commits a criminal act or attacks our Company’s system, simultaneously with the cancellation of the specific visitor’s registration we immediately delete his/her data, or – if that is necessary – we store it for the duration of the establishment of civil law liability or the conducting of a criminal law proceeding.
5. Other data management issues
We may only transfer you data in compliance with provisions of law, in the case of our data managers we ensure by stipulating contractual conditions that they cannot use your personal data for purposes contrary to your approval. For further information see Section 2.
Our Company may only transfer data abroad in compliance with the applicable provisions of GDPR and the Act on the Right of Informational Self-Determination and on Freedom of Information (Info Act).
Courts of law, prosecutor‘s offices and other authorities (e.g. police, tax authority, the Hungarian National Authority for Data Protection and Freedom of Information) may contact our Main Office for information, data reporting or making data accessible. In these cases we must fulfil our data reporting obligation, but only to the extent that is absolutely necessary for satisfying the purpose of the contact.
The participants and employees conducting our Company’s data management and/or data processing are authorized to have access to your personal data, to a predetermined extent and subject to confidentiality obligation.
We protect your personal data with appropriate technical and other measures, and we ensure the security and availability of the data, furthermore we protect the data from unauthorized access, change, damage and disclosure as well as any other unauthorized use.
In the framework of organizational measures we inspect physical access in our buildings, we continuously educate our employees and we store paper based documents locked away under appropriate security. In the framework of technical measures we use encryption, password protection and antivirus software. However, we call your attention to the fact that data transmission via the internet cannot be considered absolutely secure data transmission. Our Company does everything possible to make our processes ever more secure, however we cannot take full responsibility for data transmission through our website, but regarding data transmitted to our Company we comply with strict regulations for the security of your data and the prevention of unauthorized access.
In relation to security issues we request your help: carefully safeguard the access password to our webstore, and please do not disclose your password to anyone.
6. Users’ rights and rights enforcement options
Regarding your data management
- You may request information
- You may request the correction, modification, supplementation of your personal data managed by us
- You may object to data management and may request the deletion or blocking of your data (with the exception of mandatory data management)
- You may seek legal remedy in a court of law
- You may lodge a complaint at the regulatory authority or may initiate a proceeding a (https://naih.hu/panaszuegyintezes-rendje.html).
Regulatory authority: Hungarian National Authority for Data Protection and Freedom of Information
- Headquarters: H-1125 Budapest, Szilágyi Erzsébet fasor 22/c.
- Postal address: H-1530 Budapest, Pf.: 5.
- Phone: +36 (1) 391-1400
- Fax: +36 (1) 391-1410
Upon your request we provide information regarding your data managed by us, and data processed by us or by our assigned data processors as follows:
- About your data
- Their source
- The purpose and legal basis of data management
- The duration of data management, and if this is not possible, about the criteria for determining the applicable duration
- The names, addresses of our data processors, and their data management related activities
- The circumstances of data breach incidents, their effects as well as our measures taken for their mitigation and prevention, furthermore
- In the case of the transmission of your personal data, about the legal basis and addressee of the data transmission
We provide information as soon as possible, within 3 business days calculated from the submission of the request. We provide information free of charge, except if you have already submitted a request to us related to the identical range of data in the current year. We refund the fee already paid by you, if we managed the data unlawfully, or if the request for information resulted in a correction of data. We may only deny providing data in cases specified by law, with the indication of the provision of law, and along with information related to legal remedy in a court of law as well as regarding a complaint to the Regulatory Authority.
Our Company will notify you about the correction, blocking, marking and deletion of your personal data, furthermore we will notify all those to whom we previously transmitted the data for the purpose of data management, except if the lack of notification does not violate your rightful interests.
If we fail to fulfil your request for correction, blocking or deletion, we will notify you in writing – upon your approval by electronic means - within 3 business days calculated from the receipt of your request, regarding the reason for our rejection of the request, along with information related to the options of legal remedy in a court of law as well as regarding a complaint to the Regulatory Authority.
If you object to the management of your personal data, we will inspect your objection as soon as possible, within 3 business days calculated from the submission of the objection, and we will notify you regarding our decision in writing. If we have decided that your objection is valid, then we will terminate the data management – including further data collection and data transmission - and block the data, furthermore we will notify regarding the objection and the measures taken on its basis, all those to whom we previously transmitted the data for the purpose of data management related to the person affected by the objection, and those who are obligated to take action for the enforcement of the objection right.
We will reject the request, if we can prove that the data management is justified by rightful reasons with mandatory force, which enjoy priority against your interests, rights and liberties, or which are related to the submission, enforcement or protection of legal claims. If you disagree with our decision, or if we miss the applicable deadline, you may seek legal remedy in a court of law within 30 days calculated from the decision notification or the last day of the deadline.
Decisions regarding data protection lawsuits are within the jurisdiction and competence of courts of law, the lawsuit may be initiated – according to the choice of the affected person – in a court of law corresponding to the affected person’s permanent address or place of residence. Foreign citizens may also contact the competent regulatory authority corresponding to their place of residence.
Please, before contacting the regulatory authority or a court of law regarding your complaint, contact our Company for consultation and the fastest possible solution to the arisen problem.
The affected person may exercise his/her rights at our following contacts:
H-1037 Budapest, Kunigunda útja 60.
7. What are the main provisions of law applicable to our activity?
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
- Act on the Right of Informational Self-Determination and on Freedom of Information (Info Act)
- Act V of 2013 on the Civil Code
- Act CVIII of 2001 on certain issues of electronic commerce services and information society services (E-commerce Act)
- Act C of 2003 on Electronic Communications
- Act CLV of 1997 on Consumer Protection
- Act CLXV of 2013 on Complaints and Public Interest Disclosures
- Act XLVIII of 2008 on Essential Conditions of and Certain Limitations to Business Advertising Activity
- Act C of 2000 on Accounting (Accounting Act)
8. Modification of the data management information
Our Company reserves the right to modify the present data management information, of which it shall duly notify the affected persons. The publication of information related to data management shall be at https://franchise.medistance.com/privacy-policy/
23. November 2018