Privacy policy
For data processing on the Website
Introduction
We welcome you to the "Fürstner Dentistry" information page, which deals specifically with data management. On this page you can read about the controller, the processing carried out by the controller and your rights and remedies.
Navigate to the privacy notice
The factsheet has been put together in great detailto ensure that all relevant information is included. However for clarity, we have divided the content of the prospectus into drop-down sections, so you can always easily navigate to the part you're looking for the answer to. There is also a way to view all the drop-downs at the touch of a button click to visitor even closes . After opening all the drop-downs you can even use the browser's search function to search the site for keywords and phrases.
Purpose of the privacy notice
The main aim of the prospectus is to provide you with complete and transparent information on., so that you can make informed choices about the processing subject to authorisation, as well as learn about processing activities and practices based on other legal bases.
As a secondary objective, of course, we can mention legal compliance. Therefore, all the information and mandatory content required is included in this leaflet. The general description of the data processing is mainly intended to give you a good overview of the data processing practices under discussion. If you want to know all the details of the data processing, you should also click on the relevant section of the privacy notice.
Possibility to amend the prospectus
We would like to draw your attention to the fact that in cases where data management practices change or other relevant changes come into force, to which it is necessary to react and adapt, we will update the privacy notice accordingly.
Data of the controller and the service provider supporting the lawfulness of the controller
Data controller data
hereinafter referred to as: "service provider" or "data controller"
In the main drop-down section "details of processing activities" you will find detailed descriptions of the processing operations. Within this section, there are some data processing operations where the data processing concerned is also linked to another service provider. In such cases joint processing is always explained in the section on processing.
Data of the service provider supporting the lawfulness of the data controller
Brand used by the data protection provider | Data protection service provider name | Data protection service provider mailing address | Data protection service provider representative | Data protection service provider phone number | E-mail address of the data protection service provider |
---|---|---|---|---|---|
Business Recovery | Legitimate online presence | Üzleti Fellendülés Kft. | 2120 Dunakeszi, Barátság útja 10/D mfsz. 105. | Norbert Éger | +36 20 775 55006 | adatvedelem@uzletifellendules.hu |
The service provider ensures the lawful online presence of the Data Controller and assists the Data Controller in protecting the rights of data subjects.
If you wish to exercise your data subject rights, you should also notify the controller and the service provider supporting the lawfulness of the controller. The easiest way to do this is to in the prospectus contact form in support of the exercise of rights fill in . This is the most effective way to ensure that both the controller and the service provider ensuring lawfulness are aware of the exercise of rights. This system and the form supporting the exercise of the right effectively support your data subjects' rights are maximised.
Details of data processing activities
The breakdown of the data processing follows the following logical structure:
- Purpose of the processing;
- Legal basis for processing (in the case of a legitimate interest, the interest is also specified);
- Scope of data to be processed;
- Source of data (if not collected from the data subject);
- Duration of data processing;
- Data transfers;
- Comment;
- Automated decision-making (explained in the data processing concerned);
- Example of data management.
Cookie treatments
General information about cookies
Cookies are small data packets. During the Internet services in the browser, so they are stored on the user's device. This technology is extremely useful for providing an efficient and modern internet service, but many types of personal data contain personal information that can be used to target, track and identify the user. Many cookies are only relevant to the user experience and do not contain personal data. Due to the different purposes of cookies, it is necessary to categorise cookies, define them by service and, more importantly, link certain cookies to permissions.
We distinguish between three types of cookies:
- Cookies for basic functionality;
- Cookies for statistical purposes;
- Advertising and targeting cookies.
The relationship between cookies and browsers
Cookie management is a technology supported by most browsers that allows you to manage, modify and delete cookies. The cookies small data filesthat websites place in your browser to store information about you and your online activities. Some cookies contain personal data, others do not. It is always the programmer's logic that determines what information and functions they want to collect or use.
In principle and in general, it can be said that it is the responsibility of data controllers (such as website owners) to provide a system on the site where the user can indicate which services, and therefore which cookies, he or she authorises or withdraws previously granted permission. However, current practice shows that very few people do this.
Control exercisable in browsers:
-
Prevent automatic acceptance of cookies:
- Advantage: The advantage of preventing automatic acceptance of cookies is that you have more control over what information websites may collect about you. This gives you more control over your personal data and minimises the traces of your online activity. However, it is important to be aware that websites may still be able to collect information about you without cookies by other means, such as IP addresses or other tracking technologies. Disabling cookies alone does not guarantee your full privacy or anonymity online.
- Disadvantages: It is also important to note that settings to disable cookies can sometimes be a disadvantage, as certain websites and services may need to use cookies to function properly. In this case, websites may have limited or no functionality.
-
Delete cookies:
- Manual deletion of cookies: In this case, the user deletes the cookies stored in the browser himself/herself. This allows you to update your data and gives you more control over your online activities.
- Banning third party cookies: This setting allows the user to disable cookies placed by third parties in the browser. This reduces the amount of data collected by third parties, which supports data protection.
- Cookies are deleted on exit: In this case, you can configure your browser not to prevent cookies from being installed, but to delete installed cookies after closing the browser. This means that data is only ever stored during the current session. One disadvantage of this could be, for example, that data entered in certain forms could be lost and have to be re-entered.
It is important to note that cookie settings may vary from browser to browser. The most popular browsers and their privacy settings are available on the following pages:
Cookies for basic functionality
The website uses only a basic functional cookie.
The website uses cookies to facilitate its basic operation, functionality and data protection compliance. These cookies are small files that the website places on the internet user's device (e.g. computer or phone).
Session identification
The website installs a so-called PHPSESSID cookie, which is a session cookie. The cookie is designed to ensure that all functions work properly, improve website performance and user experience. The PHPSESSID cookie allows you to the website creates a unique session for the user and stores information related to the current session. It is important to know that this cookie is only temporary and when you close the browser, it is automatically deleted from your device. No personal data is processed through the PHPSESSID cookie.
If you do not wish to accept the PHPSESSID cookie, in your browser settings you can easily disable the use of cookies. However, it is important to be aware that if you do so, parts of the website may not function properly and you may not be able to access or use all the functionality.
Cookies for data protection lawfulness
In addition, the website installs a number of basic functional cookies to, to ensure that consents are properly managed, including the possibility to withdraw consent. These cookies store consent information so that the website can manage the consent functions accordingly. All cookies that facilitate data lawfulness are automatically deleted after one year (365 days). These cookies do not contain personal identifiers or other personal information. We do not share this information with third parties during the processing and only in our own internal system, for the sole purpose of processing your contributions. These cookies are activated the first time you click on the buttons in the cookie bar. By clicking on them, you can express your consent or your refusal to give your consent. If you want to change your consent settings later, you can do so at any time by using the cookie bar. It is important to note that privacy-enhancing cookies cannot be completely excluded from the use of this website for legitimate interests. However, if you do not want to allow these cookies to be set in any way, you should disable the cookie bar buttons or use the appropriate browser settings.
Basic functional cookie details
Cookie name | The purpose of a cookie | Legal basis applied | Cookie data content: | Cookie lifetime: | Data transmission: | Can I be excluded from using the platform? | Cookie qualification: | First activity: | Data modification time: | Additional note to be attached to cookie: | Example of data management: |
---|---|---|---|---|---|---|---|---|---|---|---|
"PHPSESSID" | Supports the operation of the website. | Legitimate interest. | User session. | Closing the browser will also delete the cookie. | To be managed in its own internal system. It does not transfer data. No third party is connected to the processing. | Legitimate interests do not exclude. | A cookie that provides basic functionality. | It is activated when the session is started. | No data modification is possible. Closing the browser will delete the cookie. | A default identifier used by the website to identify sessions. Its value is a long string of numbers generated automatically and randomly by the server. The cookie provides a secure session. | A page of the website has been opened and the cookie is providing a secure session. |
"basic codes" | Ensures the lawful processing and withdrawal of consents. | Legitimate interest. | Contribution status. [Did the data subject give consent? Yes / No.] | 365 days. | To be managed in its own internal system. It does not transfer data. No third party is connected to the processing. | Not excluded for legitimate interests. (Clicking the cookie bar buttons will not install the cookie.) | A cookie that provides basic functionality. | On the first operation performed on the cookie bar. (Activated when a button is clicked.) | When a related user expressive activity is performed (click - when consent is changed). | To ensure that the consent settings work properly, reload your browser. | An operation has been performed on the user's cookie bar. The consent or refusal to give consent is recorded. |
"basic_code_management" | Ensures the lawful processing and withdrawal of consents. | Legitimate interest. | Contribution status. [Did the data subject give consent? Yes / No.] | 365 days. | To be managed in its own internal system. It does not transfer data. No third party is connected to the processing. | Not excluded for legitimate interests. (Clicking the cookie bar buttons will not install the cookie.) | A cookie that provides basic functionality. | On the first operation performed on the cookie bar. (Activated when a button is clicked.) | When a related user expressive activity is performed (click - when consent is changed). | To ensure that the consent settings work properly, reload your browser. | An operation has been performed on the user's cookie bar. The consent or refusal to give consent is recorded. |
"base_mode_messenger" | Ensures that Facebook Messenger Chat is handled in accordance with your consent. Activates integration with consent. In case of refusal or withdrawal of consent, does not allow the integration to be activated. | Legitimate interest. | Contribution status. [Did the data subject give consent? Yes / No.] | 365 days. | To be managed in its own internal system. It does not transfer data. No third party is connected to the processing. | Not excluded for legitimate interests. (Clicking the cookie bar buttons will not install the cookie.) | A cookie that provides basic functionality. | On the first operation performed on the cookie bar. (Activated when a button is clicked.) | When a related user expressive activity is performed (click - when consent is changed). | To ensure that the consent settings work properly, reload your browser. | An operation has been performed on the user's cookie bar. The consent or refusal to consent is recorded, which is the basis for activating or deactivating the integration. |
Additional website features and their data management
Contact form
Purpose of the processing
The purpose of data processing is to. contacting and maintaining contact.
Legal basis for processing
Legal basis for processing consent of the data subject [GDPR Article 6 (1) a)]. Consent may be withdrawn by any written communication. The easiest way to withdraw consent is to form to support the exercise of rights with the appropriate content.
Scope of data to be processed
Data provided when filling in the form:
- surname,
- first name,
- e-mail address and/or telephone number (When sending an SMS, the SMS texting and the time the message was sent),
- Free-text comment (optional),
More technical information:
- Declaration on the Privacy Notice (checkbox "checkbox"),
- Date the form was sent.
- Source URL (which page the user was on when they filled in the form),
- Message ID,
- Message read status (unread / read),
- Fact of designation (highlighted / not highlighted),
- An internal comment can also be associated with the contact.
Processing of data resulting from mailing:
Automatic email notifications will be sent to inform you of the success of the process. These are notifications will be sent to
- in the form of a confirmation e-mail to the user,
- to the Data Controller,
- and a technical e-mail address,
which is used only for logging the process. The system checks whether the e-mail notifications have been successfully successfully sent or not. Therefore, the following data and information are also recorded separately:
- E-mail subject,
- Content of the e-mail notification (form details and technical information),
- Status of sending an email (sent / failed),
- Date of successful mailing.
Duration of data processing
The data will be deleted immediately if any of the cases listed here apply:
- the purpose of the processing has ceased;
- there is no proper legal basis;
- when withdrawing consent to the processing;
- Objection against the controller;
- or a supervision order.
Data transfers and the parties entitled to access the data
No data transmission is carried out.
Who has access to the data:
- Hosting: The form is a mail form, so the data can be found in the mail system and in the database. Hosting provider details. 105., internet contact.
- Developer: The data will not be transmitted to the developer. However, due to the technical design, the developer may have access to the data, but may only carry out operations with the data on the basis of instructions from the controller or in relation to data protection lawfulness. Details of the developer service provider: Éger Norbert EV; address: 2120 Dunakeszi Barátság útja 10/D mfsz. internet contact.
Comment
In relation to the inclusion of contact details, it should be noted that it is mandatory to provide a contact details, because without this the purpose of data processing would be violated, and it would not be possible for the Service Provider to respond to the contact. However, one contact details is sufficient, the other is optional. Which contact details you choose to provide is entirely up to you. Thus, it is possible to enter more than one contact details, but this is not a prerequisite for submitting the form.
Example of data handling
After submitting the form, we will contact you using one of the contact details provided. This can be by email or telephone, which will allow us to respond to your enquiry or questions.
Facebook Messenger Chat
Purpose of the processing
The purpose of data processing is to. contacting and maintaining contact.
Legal basis for processing
Legal basis for processing consent of the data subject [GDPR Article 6 (1) a)]. The contribution may be withdrawn in proportion to the contribution groups. For messages, consent can be withdrawn through any communication channel, whereas for "fr" and "locale" cookies, consent can only be withdrawn through the cookie bar on the Controller's website [see Facebook Messenger].
For messages, the most effective: form to support the exercise of rights.
In the case of cookies, on the oven rails: [cc_show_cookie_banner_nsc_bar]
Scope of data to be processed
Messenger embedding enabled by the user:
If the embedding is approved by the user, the "fr" cookie is installed with the following information:
- Community account details
- The fact of using the Messenger application
The data is stored on the user's device and can only be accessed by the user and Facebook. The cookie has a lifetime of three months. The purpose of this cookie is to allow Facebook to display and/or retarget ads.
Access the Messenger app:
When the user enters Messenger by clicking on the top chat button ("Sign in to Messenger"), a so-called. "locale" will be installed on your device, which will store the following information:
- Last logged in user login details (Facebook username, Facebook password)
The data is stored on the user's device and can only be accessed by the user and Facebook. The cookie has a lifespan of one week and is intended to provide the user with a login option.
Duration of data processing
The data will be deleted immediately if any of the cases listed here apply:
- the purpose of the processing has ceased;
- there is no proper legal basis;
- when withdrawing consent to the processing;
- Objection against the controller;
- or a supervision order.
Data transfers and the parties entitled to access the data
Data is transferred to Facebook Inc. the cookies ("fr" cookies and occasionally "locale" cookies) and the messages sent. To disable further data transfers, you must deactivate Facebook Messenger in the cookie bar on the Service Provider's website, the consent is thereby withdrawn.
Comment
- Further information on cookies: The "fr" and "locale" cookies are exclusively cookies of Facebook Inc., the Service Provider has made their installation subject to permission only, which can be controlled by the user by using the cookie bar. We link the consent to a basic functional cookie. IP address recording and other identification is not performed by the settings. Withdrawing consent to the cookie bar will break the entire data connection, so in such a case all identifiability is broken, by which we also mean the applicability and usability of cookies. With regard to Facebook cookies, we do not have the right to delete data from the user's device and/or the technology used, so cookies already installed remain on the user's device until they expire, but any transmission of data through the website is immediately prohibited from the moment of withdrawal. The deletion of data on the user's device can only be applied by the user. The data subject can delete the cookies in his/her browser, which has been described previously: see. The relationship between cookies and browsers
- Shared data management: The Service Provider is the parent company of Facebook Inc. (Facebook Help Center; Facebook Privacy Policy; Facebook Cookie Notice) is using the product or service of the "Facebook Community Portal". Facebook Inc. and the Service Provider are joint controllers of the data processed within the platform.
Example of data handling
Example 1: The user enables the "Facebook Messenger" integration on the cookie bar.
Example 2: The user can use theFacebook Messengercookie bar, you click on the "Sign in to Messenger" button.
Facebook Messenger Cookie Details
Cookie name | The purpose of a cookie | Legal basis applied | Cookie data content | Cookie lifetime | Data transmission | Can I be excluded from using the platform? | Cookie classification | First activity | Data modification time | Additional note to be attached to the cookie | Example of data handling |
---|---|---|---|---|---|---|---|---|---|---|---|
"fr" | Possibility of displaying an advertisement and/or retargeting. | Consent of the data subject on the part of the controller; legitimate interest on the part of Facebook. | Community account details and the fact that you are using the cookie. | Three months. | Facebook Inc. | No. | Advertising and targeting cookies. | Immediately after the integration is approved. | After the session. | Data file location: user device used. (Data can only be accessed by the user and Facebook.) This cookie is excluded when using Facebook, due to Facebook's standard operating practice. | The user enables the "Facebook Messenger" integration on the cookie bar. |
"locale" | Providing the user with the possibility to log in. | Consent of the data subject on the part of the controller; legitimate interest on the part of Facebook. | Community account details, password and the fact of the cookie application. | One week. | Facebook Inc. | No. | Facebook's assessment is that it is basic. For the purposes of the Service Provider's assessment, Facebook, as a third party, can only install the cookie if the data subject has given its explicit consent to the use of Facebook Messenger. | For login behaviour (when clicking on the top chat button - "Sign in to Messenger"). | No data modification will be made. | Data file location: user device used. (Data can only be accessed by the user and Facebook.) This cookie cannot be accessed at the same time as Facebook is used, due to Facebook's standard operating practice. | Once the user has approved the Facebook Messenger cookie bar, he or she clicks on the "Sign in to Messenger" button. |
Anonymous statistics
Due to the anonymous nature of the statistics no processing of personal data takes place.
The statistical system used on the website is managed exclusively in its own internal system, so no data transfer will not take place! With regard to cookie management, the internal statistical system does not set any cookies. The system stores an anonymised version of the IP address.
Background information to achieve anonymity as part of the duty to inform:
If you do not have an IP address, you cannot participate in network communication. So you must in any case have a unique access ID. This is the IP address (Internet Protocol). The network card recognized by the operating system is used for the IP address is uniquely assigned. Thus, each endpoint of the network communication is assigned at least one IP address must have an IP address.
The IP address is made up of exactly 32 bits (IPv4), which store two values: the Network ID and the host ID (HOST ID).
The system replaces the part identifying the HOST (octet) with 0 and only then is the in the website database. This procedure ensures the anonymity of the user, since the modified storage the original IP address can no longer be recovered, making it impossible to identify the user.
Handling and public disclosure of customer feedback submitted through a form
Purpose of data processing
Purpose of the processing: the person filling in the form publication of its opinion.
Legal basis for processing
Legal basis for processing consent of the data subject [GDPR Article 6 (1) a)]. Consent may be withdrawn by any written communication. The easiest way to withdraw consent is to form to support the exercise of rights with the appropriate content.
Scope of data to be processed
The data to be processed can be broken down into three categories: mandatory data, which are required to be provided in order to submit a customer response, system-generated data, and extra data, which are not required to be provided in order to submit the form.
Required data:
- Last name;
- First name;
- E-mail address (contact only);
- With stars Evaluation;
- Photo from about the author of the opinion (screenshot);
- Opinion at;
- Opinion Description of (including impressions, beliefs, opinions);
- the recording of a consent to the processing.
System-generated data:
- Opinion serializer;
- Source ID (form identification);
- Opinion category (not always used);
- The exact date for submitting your comments;
- Acceptance of the Privacy Notice;
Extra data:
- Title;
- Private profile web contact details (e.g. link to a private Facebook page);
Duration of data processing
The data will be deleted immediately if any of the cases listed here apply:
- the purpose of the processing has ceased;
- there is no proper legal basis;
- when withdrawing consent to the processing;
- Objection against the controller;
- or a supervision order.
Data transfers and the parties entitled to access the data
Displaying opinions on the website is of course about public publication, so disclosure is the primary objective. Therefore, the approved photograph, audio, video or other information will be made publicly available.
Processing of data resulting from mailing:
Automatic email notifications will be sent to inform you of the success of the process. These are notifications will be sent to
- in the form of a confirmation e-mail to the user,
- to the Data Controller,
- and a technical e-mail address,
which is used only for logging the process. The system checks whether the e-mail notifications have been successfully successfully sent or not. Therefore, the following data and information are also recorded separately:
- E-mail subject,
- Content of the e-mail notification (form details and technical information),
- Status of sending an email (sent / failed),
- Date of successful mailing.
Comment
The form gives you the option to upload various files and then select the use to which you wish to give your consent. Of course, consent can be withdrawn at any time without giving reasons, which is a fundamental right under the GDPR. Once the form has been submitted, an electronic record of the completion of the form will be created and sent in pdf format to the e-mail address provided.
The form here available at.
Examples of data handling
The user writes a public opinion about the Service Provider.
Show public reviews on the website
Facebook and Google reviews are only personal data that have already been disclosed by the person who wrote the review (the data subject) of his or her own free will. Public data can be displayed on the website without any restrictions. If the data subject changes his or her preferences regarding the disclosure of data, he or she will automatically be removed from the website's systems.
Facebook reviews
When publishing a business-related review on Facebook, the person publishing the review can define the audience to which the review is directed. Facebook's rules state that only publicly shared testimonials count towards the overall page rating. We can only display these Facebook reviews on the website.
Source:
How the rating of a page is determined
Recommend a business on Facebook
Google reviews:
Google allows only one option for Google reviews: public disclosure.
The Google warning that pops up when you fill in the form is:
"Your posts will appear publicly with your profile name and profile photo. They will be visible on Google services across the web, including Google Maps and Search, as well as on third-party websites and apps that use Google services. Entries must comply with Google's policies. More information. In the case of beta questions, the answer may not be publicly displayed during the experiment and only you and/or other participants in the experiment may see it. Answers may be deleted after the experiment."
Further Google information on data disclosure:
The public opinion can also be published on the website on the basis of public disclosure.
Embed YouTube videos on your website
Purpose of data processing
The purpose of the processing is to. the videos should be displayed in the website environment and be playable and viewable.
Legal basis for processing
Legal basis for processing consent of the data subject [GDPR Article 6 (1) a)]. By updating this page, your consent will be automatically withdrawn. The system will disconnect the existing data connection and disable the integration until the user re-enables it.
Scope of data to be processed
There is no processing of personal data by the controller.
However, by using the YouTube platform, Google (Alphabet Inc., address: Mountain View) immediately installs its own cookies on the user's device and may also carry out additional processing operations related to Google's service. The data files installed by Google are precisely advertising and targeting cookies and collect the user's IP address.
Details of Google advertising and targeting cookies
General technology description of Google cookies here available at.
However, for the sake of full transparency, we have also summarised Google's advertising and targeting cookies in a table, following the rules already shared in this briefing. It is important to note that Google can change the cookie parameters at any time, so the link above is the primary source of information. The transparency table we have summarised is as follows:
Cookie name | The purpose of a cookie | Legal basis applied | Cookie data content | Cookie lifetime | Data transmission | Can I be excluded from using the platform? | Cookie classification | First activity | Data modification time | Additional note to be attached to the cookie | Example of data handling |
---|---|---|---|---|---|---|---|---|---|---|---|
"DV" | It is used to save the data collected about the user. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Preferred language, the number of search results to display on the site and whether they should activate Google SafeSearch. | 7 minutes | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After a video is started, it saves the data collected about the user. |
"OTZ" | This cookie collects information about user behaviour and navigation, which is used to optimise Google's advertising and search features. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Customer identification, behaviour and navigation data. | 1 month | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | Once a video is started, the data collected about the user is transmitted and saved. |
"YSC" | Associate user entries with the user. Used for security purposes, to detect robotic attacks. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Information about user entries. | Until the end of the session. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Third party basic operation cookie. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | It checks user activity after a video has been started. Used to filter out robots. |
"LOGIN_INFO" | The cookie wants to identify the user's login to the Google account. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Information about signing in to your Google Account. | 3 months. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | Once a video is started, it identifies whether the user is signed in to their Google Account. |
"VISITOR_INFO1_LIVE" | The cookie is intended to determine whether the user is using the old or the new video player. It is also used to detect and solve problems with the video player service. Google sometimes also uses it for ad display. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Release number of the video player. Feedback on playback problems. | 1 year. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After starting a video, it determines which version of the video player the user is using. |
"SID" | Used to authenticate users. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | The cookie stores the digitally signed and encrypted credentials associated with the user's Google Account, as well as the last time they signed in. | 2 years. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | Once the video is started, it authenticates the user if possible. |
"HSID" | Used to authenticate users. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | The cookie stores the digitally signed and encrypted credentials associated with the user's Google Account, as well as the last time they signed in. | 2 years. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | Once the video is started, it authenticates the user if possible. |
"SSID" | This cookie is used to save data collected about the user. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Preferred language, the number of search results to display on the site and whether they should activate Google SafeSearch. | 2 years. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After a video is started, it saves the data collected about the user. |
"APISID" | This cookie is used to save data collected about the user. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Preferred language, the number of search results to display on the site and whether they should activate Google SafeSearch. | 2 years. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After a video is started, it saves the data collected about the user. |
"SAPISID" | This cookie is used to save data collected about the user. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Preferred language, the number of search results to display on the site and whether they should activate Google SafeSearch. | 2 years. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After a video is started, it saves the data collected about the user. |
"__Secure-3PSID" | Create a user profile of the interests of your website visitors to display relevant and personalised ads and use remarketing tools. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Interests and other personal browsing data. | 2 years. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After starting a video, the user creates a profile or modifies an existing one. |
"__Secure-3PAPISID" | Create a user profile of the interests of your website visitors to display relevant and personalised ads and use remarketing tools. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Interests and other personal browsing data. | 2 years. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After starting a video, the user creates a profile or modifies an existing one. |
"__Secure-3PSIDCC" | Create a user profile of the interests of your website visitors to display relevant and personalised ads and use remarketing tools. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Interests and other personal browsing data. | 1 year. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After starting a video, the user creates a profile or modifies an existing one. |
"__Secure-1PSID" | Create a user profile of the interests of your website visitors to display relevant and personalised ads and use remarketing tools. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Interests and other personal browsing data. | 2 years. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After starting a video, the user creates a profile or modifies an existing one. |
"__Secure-1PAPISID" | Create a user profile of the interests of your website visitors to display relevant and personalised ads and use remarketing tools. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Interests and other personal browsing data. | 2 years. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After starting a video, the user creates a profile or modifies an existing one. |
"SIDCC" | Create a user profile of the interests of your website visitors to display relevant and personalised ads and use remarketing tools. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Interests and other personal browsing data. | 1 year. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After starting a video, the user creates a profile or modifies an existing one. |
"1P_JAR" | Create a user profile of the interests of your website visitors to display relevant and personalised ads and use remarketing tools. Google also records search terms, phrases and other data, including statistical data collection and tracked conversion rates, in its search services. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Interests and other personal browsing data. | 1 month. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After starting a video, the user creates a profile or modifies an existing one. |
"NID" | This cookie is used to save data collected about the user. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Preferred language, the number of search results to display on the site and whether they should activate Google SafeSearch. | 6 months. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | After a video is started, it saves the data collected about the user. |
"SEARCH_SAMESITE" | This cookie is responsible for transmitting the data collected about the user. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | The data content is not known. | 6 months. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | Once a video is started, the available data is sent to Google's servers at certain intervals. |
"IDE" | Show ads. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | It does not process personal data. | 13 months. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | Once the video has been started, a customised advertisement is set up. |
"DSID" | Identify logged-in users on servers other than Google. | Consent of the data subject on the part of the controller; legitimate interest on the part of Google. | Fact of login, person identification, status of advertising settings. | 2 weeks. | Alphabet Inc. | No. When you start the video, the cookie is installed. | Advertising - targeting cookies. | After approval in the video lockers. | Sends data when the session is finished. | Consent can be managed in the placeholder displayed at the video site. When the page is reloaded, the integration connection is broken and the website will no longer transmit data, only in case of repeated consent. | Once the video is started, the user will be identified if possible. |
Duration of data processing
The video integration data connection will be immediately terminated when the page is reloaded or refreshed and all previously allowed data transmissions will be terminated. Installed by Google but cookies may still be stored in the browser until the time specified in the cookie details. If you wish to delete the data files and cookies stored in your browser, please use the "The relationship between cookies and browsers" can help.
Data transfers and the parties entitled to access the data
By enabling video integration, we load Google services onto the website, so you can data is transferred to Google in relation to data collected by Google. Of course, until the page is reloaded or updated, at which point the consent is automatically withdrawn.
Comment
Embedded videos can only be viewed by authorising them in the video lockers (click), are activated by consent. Before that, they are fully banned. Enabling video integration will install the Google ad cookies listed above.
By reloading or refreshing the website, the data connection will be interrupted and the cookies will no longer be identifiable.
In our Google account we have the possibility to manage the possibility of collecting data in the context of personalised advertising and, if authorised, the categories of interest.
Example of data handling
The user clicks on the video placeholder to be able to view the YouTube video from the page.
Comments and expressions of opinion
Purpose of data processing
The purpose of data processing is to. expressing your views on the website and building community.
Legal basis for processing
Legal basis for processing consent of the data subject [GDPR Article 6 (1) a)]. Consent may be withdrawn by any written communication. However, the withdrawal of consent and any data relating to the contribution the person who posted it can also permanently delete it in the control panel above the comments.
Scope of data to be processed
The data to be processed can be divided into two categories:
- mandatory data request for comments;
- optional data.
Mandatory data request for comments (if someone wishes to comment on content on the site, the following data will be marked or generated as mandatory):
- Name the basic need for fair address;
- Reference name (example: @name) - the system generates a public tracking address as a notification link based on the name, in the format "@givenusername";
- E-mail address ensuring communication;
- Public photo: If there is a public photo attached to the email address, the photo will be displayed. If there is a photo of the e-mail address that contains a photograph of the e-mail address, it is not considered personal data;
- Content of the post;
- The system automatically records thethe date of publication, or the fact of acceptance of the privacy notice.
- Is it currently available (online activity for logged in users);
- Title(if a title is attached to the user account);
- Comment status (status closed or you can add a comment);
- Private content: The person authorized to view private content can see the private nature of the post;
- Generated by other commenters responses and reactions.
If you want to leave a comment on the site as a non-logged-in user, a checkbox will appear (checkbox), the adoption of which provides a convenience function. The convenience feature allows you to avoid having to fill in the mandatory name and email address fields again when you post a new comment, as the system will be able to read the information from two cookies installed. Thus, after checking the box and publishing the post, the website installs two cookies on the user's device. Of course ticking the checkbox is optional, so if this is omitted, the cookies will not set. If you want to delete cookies, there are two ways to do this: firstly, when you repost a post, if you do not select the checkbox again, the cookies will be automatically deleted, on the other hand, you can manually delete cookies in your browser, which is described in this notice "The relationship between cookies and browsers" point has been explained in detail. The convenience feature encourages comments and community building.
Comment cookie details
Cookie name | The purpose of a cookie | Legal basis applied | Cookie data content | Cookie lifetime | Data transmission | Can I be excluded from using the platform? | Cookie classification | First activity | Data modification time | Additional note to be attached to the cookie | Example of data handling |
---|---|---|---|---|---|---|---|---|---|---|---|
"comment_author_[hash]" | Providing a comfort function. Automatically fill in the mandatory data request for the name in the comment form. | Consent of the data subject. | Name of the contributor. | 90 days. | No data transmission. Only the website can manage the data. | Yes. | A cookie that provides basic functionality. It is processed with consent due to the personal data content. | The cookie is set after the post is published. | It is overwritten when you send a new post. | With the cookie, you do not need to fill in the name information in the comment form, because the information will be read from the cookie by the site. It will automatically appear in the appropriate section of the comment form. | The user is posting on the site without logging in. |
"comment_author_email_[hash]" | Providing a comfort function. Automatic filling in of the mandatory request for information on e-mail address in the comment form. | Consent of the data subject. | Email address of the contributor. | 90 days. | No data transmission. Only the website can manage the data. | Yes. | A cookie that provides basic functionality. It is processed with consent due to the personal data content. | The cookie is set after the post is published. | It is overwritten when you send a new post. | With the cookie, you do not need to fill in the email address information in the comment form, because the information will be read from the cookie by the site. It will automatically appear in the appropriate section of the comment form. | The user is posting on the site without logging in. |
Optional data:
The site offers the possibility to
- emojik (emoticons),
- other comments can be with reaction supply (like/dislike),
- assessment can be given with stars,
- for file upload.
Duration of data processing
The data will be deleted immediately if any of the cases listed here apply:
- the purpose of the processing has ceased;
- there is no proper legal basis;
- when withdrawing consent to the processing;
- Objection against the controller;
- or a supervision order.
At the same time, the withdrawal of consent and any data that may be linked to a post the person who posted it can also permanently delete it in the control panel above the comments. If you get stuck in the process, feel free to use the a form to support the exercise of the rights of the person concernedto ensure that your rights as a data subject are respected.
Data transfers and the parties entitled to access the data
For the purposes of ensuring the data protection lawfulness of the Data Controller a "Legitimate online presence" which ensures the online presence of the Data Controller in such a way that it complies with the requirements of the GDPR and the domestic legislation to the maximum extent possible. Therefore covers three areas, each of which qualifies as a data transfer to a data processor, so that any transfer of data or access to data by right will be detailed separately:
- Hosting: The Data Controller uses a data processor for its entire online presence. Data of the hosting provider. 105., internet contact.
- Developer: The data will not be transmitted to the developer. However, due to the technical design, the developer may have access to the data, but may only carry out operations with the data on the basis of instructions from the controller or in relation to data protection lawfulness. Details of the developer service provider: Éger Norbert EV; address: 2120 Dunakeszi Barátság útja 10/D mfsz. internet contact.
-
Data protection lawfulness provider:Üzleti Fellendülés Kft.; address: 2120 Dunakeszi Barátság útja 10/D mfsz. 105., internet contact. The service provider supports the online legitimacy of the Data Controller:
- Legal practices onlyyou are willing to implement in the website;
- Gives advice to the Data Controller;
- Helps to in data management the protection of the data of the natural persons concerned and the exercise of their data subjects' rights.
Comment
Applicable moderation: The Service Provider reserves the right of moderation, including the right to select posts, including possible deletions.
Examples of data handling
The user publishes his/her comments and opinions on the site.
The user uses emoticons in their posts.
The user reviews other posts with a reaction (like/dislike).
The user is attaching a file in an approved format to their post.
The user also requests to be notified of his/her own and/or others' posts.
The user posts an anonymous comment on the website, which can only be seen by the website administrators.
Report a comment anonymously to the site administrators
Due to the anonymous nature of the reporting of a post, no personal data is processed by default. At the same time, you can select one of the notification categories"other" category also, which allows free-form texting.
If the notifier provides personal data in the free-text response, it will be the notifier is deemed to have given his or her explicit consent to the processing of his or her personal data. Consent may be withdrawn by any written communication.
In such cases, we try to minimise the duration of data processing, i.e. delete the message sent after the notification has been investigated, which is stored in the form of an e-mail and in the website's database.
Sign up to receive notifications of comments
Purpose of the processing
Purpose of the processing notify the user of comment activity.
Legal basis for processing
Legal basis for processing consent of the data subject [GDPR Article 6 (1) a)]. Consent may be withdrawn by any written communication. However, the withdrawal of consent and any data relating to the contribution the person who posted it can also permanently delete it in the control panel above the comments.
Scope of data to be processed
- E-mail address,
-
data associations required for technical implementation:
- the system associates a activation key,
- one comment Serial numbering;
- an subscription ID,
- and the content identifier also records
- we record the the exact date of subscription,
- and the the fact of consent.
Data transfers and the parties entitled to access the data
- Hosting: The Data Controller uses a data processor for its entire online presence. Data of the hosting provider. 105., internet contact.
- Developer: The data will not be transmitted to the developer. However, due to the technical design, the developer may have access to the data, but may only carry out operations with the data on the basis of instructions from the controller or in relation to data protection lawfulness. Details of the developer service provider: Éger Norbert EV; address: 2120 Dunakeszi Barátság útja 10/D mfsz. internet contact.
Comment
The deletion of data by the user deletes all related data together.
Automated decision-making
When subscribing to the comments notifications, it is important to know that our system uses automated decision-making. As a result, we want to assure you that. understand the logic behind such decisions, as they involve your personal data.
When you subscribe to a comment notification, the our system automatically creates a timer event associated with your email address. This event will be put on hold until you confirm your intentions via the confirmation email or until the 8 (eight) day. The confirmation e-mail contains a link to, if opened, all data is automatically deleted. Also from the standby state. The purpose and function of the confirmation email is to make sure that you have indeed requested the notification email.
If you have successfully confirmed the subscription, the system will set the previous waiting event associated with you to active. When the event you have signed up for occurs, an e-mail will be sent automatically to notify you.
Example of data handling
The user subscribes to a comment notification, so they will be notified when there is activity on their comments.
Subscribe to follow users
Purpose of the processing
Purpose of the processing notify the user of comment activity.
Legal basis for processing
Legal basis for processing consent of the data subject [GDPR Article 6 (1) a)]. Consent may be withdrawn by any written communication. However, the withdrawal of consent and any data relating to the contribution the person who posted it can also permanently delete it in the control panel above the comments.
Scope of data to be processed
- E-mail address,
-
data associations required for technical implementation:
- the system associates a activation key,
- one comment Serial numbering;
- an subscription ID,
- and the content identifier also records
- we record the the exact date of subscription,
- and the the fact of consent.
Data transfers and the parties entitled to access the data
- Hosting: The Data Controller uses a data processor for its entire online presence. Data of the hosting provider. 105., internet contact.
- Developer: The data will not be transmitted to the developer. However, due to the technical design, the developer may have access to the data, but may only carry out operations with the data on the basis of instructions from the controller or in relation to data protection lawfulness. Details of the developer service provider: Éger Norbert EV; address: 2120 Dunakeszi Barátság útja 10/D mfsz. internet contact.
Comment
The deletion of data by the user deletes all related data together.
Automated decision-making
When subscribing to user followings, it is important to know that our system uses automated decision-making. As a result, we want to assure you that. understand the logic behind such decisions, as they involve your personal data.
When you subscribe to another user's activity notifier, the our system automatically creates a timer event associated with your email address. This event will be put on hold until you confirm your intentions via the confirmation email or until the 8 (eight) day. The confirmation e-mail contains a link to, if opened, all data is automatically deleted. Also from the standby state. The purpose and function of the confirmation email is to make sure that you have indeed requested the notification email.
If you have successfully confirmed the subscription, the system will set the previous waiting event associated with you to active. When the followed user publishes a public post, it an e-mail will be sent automatically to notify you.
Example of data handling
A user subscribes to another user's posts, so they will be notified when the followed user posts a public post on the site.
Guide to the functions of the comment form
If a function does not appear, you should
- to check that you are logged in to the site,
- reload the page.
Icon | Function name | Description |
---|---|---|
Privacy settings | For guest users:
For registered users:
| |
Attachment filter | It filters out posts that have an attachment. | |
Filter for most reactions | It filters out the comments that get the most reactions. | |
Most active posts | Displays the most active comment chain. | |
Public content | Public content, anyone can view the post. Only registered users can use this feature. | |
Private comment | Post content is private and can only be viewed by the site administrators. Only registered users can use this feature. | |
Authorised response | Additional comments can be attached to the comment. Only registered users can use this function. | |
Forbidden to reply | The comment will be closed, so no further comments can be added. Only registered users can use this feature. | |
#{number} | Copy function | Copy the link and the location of the post to a clipboard. |
User tracking | The user can be tracked using this function. Pressing the button will send an email asking for confirmation. | |
Anonymous notification | Anyone can report inappropriate posts. Reporting is completely anonymous. | |
@felhasznalonev | Notification link | By pasting that user's "notification link" into the text of our post, you will tag the person who will receive an email notification of the tag. Only registered users can be flagged. |
Request notification | The presence of this icon indicates that an email notification will be sent in case of interaction. Click on the icon to change the status of the function. | |
Notification disabled | The presence of the icon indicates that even if there is an interaction, the commenter will not receive a notification. Clicking on the icon will change the status of the feature. | |
Settings | The icon calls up the settings. Of course, the options are displayed according to your privileges. |
Online appointment booking system
Purpose of the processing
Purpose of the processing booking a free appointment.
Legal basis for processing
Legal basis for processing consent of the data subject [GDPR Article 6 (1) a)]. Consent may be withdrawn by any written communication. The easiest way to withdraw consent is to form to support the exercise of rights with the appropriate content.
Scope of data to be processed
The data to be processed include mandatory, optional and system-generated data.
Required data:
- Name,
- e-mail address (confirmation and contact),
- name of service,
- service category,
- service price,
- booked appointment date and time,
- service location,
- the recording of a consent to the processing.
Optional data:
- phone number (for ease of communication, it is an advantage to provide a telephone number, but this is not a prerequisite for booking),
- free word Comment,
- internal note (to be recorded by the provider).
Data recorded by the system:
- Exact time of booking,
- Reservation ID,
- Booking status (confirmed/expected),
- E-mail logs (successful/unsuccessful mailings and data content and parameters of the mail).
Data transfers and the parties entitled to access the data
The system does not transfer data outside the server. It handles everything in its own internal system. The data management of the internal system covers the presence of two service providers:
For the purposes of ensuring the data protection lawfulness of the Data Controller a "Legitimate online presence" which ensures the online presence of the Data Controller in such a way that it complies with the requirements of the GDPR and the domestic legislation to the maximum extent possible. Therefore covers three areas, each of which qualifies as a data transfer to a data processor, so that any transfer of data or access to data by right will be detailed separately:
- Hosting: The Data Controller uses a data processor for its entire online presence. Data of the hosting provider. 105., internet contact.
- Developer: The data will not be transmitted to the developer. However, due to the technical design, the developer may have access to the data, but may only carry out operations with the data on the basis of instructions from the controller or in relation to data protection lawfulness. Details of the developer service provider: Éger Norbert EV; address: 2120 Dunakeszi Barátság útja 10/D mfsz. internet contact.
-
Data protection lawfulness provider:Üzleti Fellendülés Kft.; address: 2120 Dunakeszi Barátság útja 10/D mfsz. 105., internet contact. The service provider supports the online legitimacy of the Data Controller:
- Legal practices onlyyou are willing to implement in the website;
- Gives advice to the Data Controller;
- Helps to in data management the protection of the data of the natural persons concerned and the exercise of their data subjects' rights.
Processing of data resulting from mailing:
Automatic email notifications will be sent to inform you of the success of the process. These are notifications will be sent to
- in the form of a confirmation e-mail to the user,
- to the Data Controller,
- and a technical e-mail address,
which is used only for logging the process. The system checks whether the e-mail notifications have been successfully successfully sent or not. Therefore, the following data and information are also recorded separately:
- E-mail subject,
- Content of the e-mail notification (form details and technical information),
- Status of sending an email (sent / failed),
- Date of successful mailing.
Comment
The system will send a confirmation email if your booking is successful.
Example of data handling
The user books an appointment in the internal online appointment booking system.
General contact options
Electronic mail (E-mail)
Purpose of data processing
The purpose of the processing is to. written contact, written communication, traceability.
Legal basis for processing
Legal basis for processing consent of the data subject [GDPR Article 6 (1) a)]. Consent may be withdrawn by any written communication. The easiest way to withdraw consent is to form to support the exercise of rights with the appropriate content.
Scope of data to be processed
- e-mail address,
- e-mail subject,
- content,
- Send to Date,
- possible attachments.
Duration of data processing
The data will be deleted immediately if any of the cases listed here apply:
- the purpose of the processing has ceased;
- there is no proper legal basis;
- when withdrawing consent to the processing;
- Objection against the controller;
- or a supervision order.
Data transfers and the parties entitled to access the data
- Hosting: The Data Controller uses a data processor for the operation of its electronic mail services. Data of the hosting provider. 105., internet contact.
- Developer: The data will not be transmitted to the developer. However, due to the technical design, the developer may have access to the data, but may only carry out operations with the data on the basis of instructions from the controller or in relation to data protection lawfulness. Details of the developer service provider: Éger Norbert EV; address: 2120 Dunakeszi Barátság útja 10/D mfsz. internet contact.
Comment
In today's technological world, people are generally well informed about electronic mail (e-mail) about. Based on their own mailing system, the users concerned will know what data is recorded in the emails they send in that mailing system. By knowing their processes, it is clear that when they click on the "send" button, the users concerned consent to the processing of the data in the e-mails they send.
Examples of data handling
The Service Provider will reply to the letter sent to your e-mail address.
Postal correspondence
Purpose of data processing
The purpose of the processing is to. written contact, written communication, traceability.
Legal basis for processing
Legal basis for processing consent of the data subject [GDPR Article 6 (1) a)]. Consent may be withdrawn by any written communication. The easiest way to withdraw consent is to form to support the exercise of rights with the appropriate content.
Scope of data to be processed
- name of sender,
- His address is,
- letter to subject,
- content,
- the sending or receiving of Date.
Duration of data processing
The data will be deleted immediately if any of the cases listed here apply:
- the purpose of the processing has ceased;
- there is no proper legal basis;
- when withdrawing consent to the processing;
- Objection against the controller;
- or a supervision order.
Data transfers and the parties entitled to access the data
In relation to data processing no data transmission is used.
Comment
A basic condition for sending a postal letter is the provision of the data to be processed, which the postal service provider requires from the data subject in order to be able to deliver the letter. By sending the letter, the data subject demonstrably consents to the processing of the data relating to the postal letter he or she has sent.
Examples of data handling
The postal letter addressed to the Service Provider will be accepted.
Phone
Purpose of data processing
The purpose of data processing is to. contacting, maintaining contact.
Legal basis for processing
Legal basis for processing consent of the data subject [GDPR Article 6 (1) a)]. Consent may be withdrawn by any written communication. The easiest way to withdraw consent is to form to support the exercise of rights with the appropriate content.
Scope of data to be processed
- name,
- phone number,
- call Date,
- When sending an SMS, the SMS texting and the time the message was sent.
Duration of data processing
The data will be deleted immediately if any of the cases listed here apply:
- the purpose of the processing has ceased;
- there is no proper legal basis;
- when withdrawing consent to the processing;
- Objection against the controller;
- or a supervision order.
Data transfers and the parties entitled to access the data
The phone applications used by the Service Provider often require permission to access contacts. The Service Provider may grant an application access to the directory.
Comment
Account assignment options: It is also possible to call from a hidden number and with number dialling. Not from a hidden number, in the case of number dialling, the phone number is automatically stored in the call log. By verbal agreement, the phone number can be saved. When saved, the phone number is stored in the directory. Withdrawal of consent may be requested by any written communication and the Data Controller will carry out the deletion without delay.
Encryption on iPhone: Settings/Phone/Show my caller ID.
Number crunching on Android: Settings/Calls/More settings.
Example of data handling
After a phone call, we will save each other's contact details.
Backups
Purpose of data processing
Purpose of the processing restore the website to its original, correctly functioning state; possible avoid accidental data loss. If necessary, proving the lawfulness of.
Legal basis for processing
Legal basis for processing legitimate interest [GDPR Article 6 (1) f)].
Scope of data to be processed
In this privacy notice the data referred to by the processing operations described, which at some level interact with the website interface.
Duration of data processing
The data will be deleted immediately if any of the cases listed here apply:
- the purpose of the processing has ceased;
- there is no proper legal basis;
- when withdrawing consent to the processing;
- Objection against the controller;
- or a supervision order.
Automatic backup has a retention period of 10 days, while manual backup has a retention period of six months.
Data transfers and the parties entitled to access the data
- Hosting: The Data Controller uses a data processor for its entire online presence. Data of the hosting provider. 105., internet contact.
- Developer: The data will not be transmitted to the developer. However, due to the technical design, the developer may have access to the data, but may only carry out operations with the data on the basis of instructions from the controller or in relation to data protection lawfulness. Details of the developer service provider: Éger Norbert EV; address: 2120 Dunakeszi Barátság útja 10/D mfsz. internet contact.
Comment
Two types of backups: There are two types of backups. One type is automatic backup, which is always the stores data backdated to ten days from the reference date. The other type is manual backup with a retention period of six months. This system is suitable to ensure the online presence of the Service Provider within an appropriate security framework. In exceptional cases, the backups may be kept in a locked manner, if this is necessary for professional reasons or for the presentation, enforcement or defence of claims.
Your rights in relation to your backups: Where a data subject has exercised his or her rights as a data subject, whether in relation to a modification, deletion or other operation, this is also handled appropriately in the case of backups. If it would be a disproportionate effort to create a new backup of the modified data, the enforcement claim will be recorded with the backup. In the event of enforcement action by a data subject (e.g. rectification, deletion, etc.), we will endeavour to overwrite the backups as soon as possible.
Example of data handling
Both automatic and manual backups of the website, including the file system and databases, are made.
Processing of special measures to facilitate the exercise of justice
Purpose of data processing
Purpose of the processing facilitate your exercise of rights.
One tool for this is the "Form to support the exercise of rights concerned", which allows you to enforce your rights in the simplest and quickest way, which is also linked to the purpose of the processing.
Legal basis for processing
Legal basis for processing fulfil a legal obligation [GDPR Article 6 (1) c)].
The Data Controller is obliged to take all measures necessary to assist the data subject in exercising his or her rights [Article 12(2) GDPR]. The Data Controller shall provide the means to enable the electronic submission of applications [GDPR (59) Recital 59].
Scope of data to be processed
- Which right you wish to exercise;
-
You as data that help to identify the data subject:
- Surname, because of the basic need for fair address;
- first name, because of the basic need for fair address;
- e-mail address (for contact purposes other than identification);
-
If you think that further identification is required it is possible to specify the identification
- free word descriptionsal;
- Photo by uploading;
- fileby uploading.
-
Different data requests per selected right:
-
In the case of the right to information
-
A information in what form you would like to receive it
- in writing (no additional personal data required);
-
orally
- required for the first day of availability,
- a which days of the week free to search,
- from availability timezone
-
and the phone numberEnter.
- If you choose a time slot or date that would cause disproportionate difficulty or if you select a date that is too late, we will provide you with the appropriate information by e-mail.
-
A information in what form you would like to receive it
-
In case of right of access
- No detailed information is required for enforcement.
-
In case of a right to rectification
-
the data to be corrected and the data to be replaced (in tabular form);
- data to be corrected (currently incorrect data);
- correct data
-
A statement that if you want to fill in incomplete data by supplementary declaration supplement. In such a case (in tabular form)
- which has incomplete personal data;
- data update (personal data).
-
the data to be corrected and the data to be replaced (in tabular form);
-
Right to erasure (or "forgetting")
-
selecting categories of data deletion:
- all data;
- or only certain data/data [in such a case the data category and the data(s) to be deleted required (in tabular form)].
-
selecting categories of data deletion:
-
Right to blocking (restriction of processing)
-
Justification for data limitation (further data request logic is done accordingly)
-
where the accuracy of personal data is disputed
-
the data to be corrected and the data to be replaced (in tabular form);
- data to be corrected (currently incorrect data);
- correct data
-
the data to be corrected and the data to be replaced (in tabular form);
- suspected unlawful processing free word description, which is suitable for conducting an internal investigation;
-
"retain personal data for the establishment, exercise or defence of legal claims" in case of selection
-
which personal data you want to block (in tabular form);
- data category;
- data to be placed under blocking
-
which personal data you want to block (in tabular form);
-
declaration on the further processing of data subject to contained processing
- Contribution for further processing;
- or private data until the time of blocking, cannot be handled except for storage.
-
where the accuracy of personal data is disputed
-
Justification for data limitation (further data request logic is done accordingly)
-
In the case of the right to data portability
-
declaration on data portability
-
personal data only wishes to take over;
-
which personal data you wish to receive (in tabular form);
- data category;
- data subject to data portability.
-
which personal data you wish to receive (in tabular form);
-
or requests its direct transfer between controllers.
-
which personal data you wish to transfer(in tabular form);
- data category;
- data subject to data portability.
-
the data of data controllers must be provided
- name of the controller(s);
- the registered office of the controller(s);
- the mailing address of the controller(s);
- the tax number of the controller(s);
- the e-mail address of the controller(s);
- the name of the data protection officer or representative of the controller(s) (if there is a designated person);
- contact details of the Data Protection Officer or representative of the controller(s) (if there is a designated person).
-
which personal data you wish to transfer(in tabular form);
-
personal data only wishes to take over;
-
declaration on data portability
-
In case of a right to object
- a free-word expression of protest against processing based on legitimate interests.
If you wish to object to the use of cookies for basic functionalitywhich the Data Controller processes on the basis of a legitimate interest, then. it is important that you know exactly which cookies the website has installed on your device and which cookies you object to.
With the principle of data economy in mind, we will only record the existence and status of the basic functional cookies if the objection is directed against them. To do this, we use logic that allows us to read the basic functionality cookies on your user device. This is an automated decision-making process used by the website.
We want to assure you that understand the logic behind such decisionsas they may affect your personal data. If the following keywords are included in the free-text form of the objection, the names and values of the basic functional cookies will also be read. In many cases this can help clarifywhich cookies the website has installed on your device that you object to.
Of course, the basic functional cookies read in this way are also automatically included in the confirmation e-mail.
Please note that the following keywords are monitored by the system when expressing your objection in free-text: 'cookie', 'cookies', 'cakes', 'cookie bar', 'cookie settings', 'cookies', 'cookies', 'cookies', 'cookies', 'banners', 'cookies', 'cookies', 'cookie-related'.
-
In case of withdrawal of consent
- free-word explanation on which consent you wish to withdraw.
-
In case of a right to compensation
- free-word explanation on the presentation of a claim for damages.
- In the case of the right to legal redress the form cannot be filled in, it only provides the relevant information.
-
In the case of the right to information
- Other free-word explanations(optional).
More technical information:
- Declaration of awareness of the privacy notice (checkbox "checkbox"),
- Submission ID of the claim form,
- Submission serial number of the claim form,
- Date of submission of the request to exercise rights,
- Source URL (which page the user was on when they filled in the form),
- Form ID,
- Status of the reading of the request to exercise a right (unread / read),
- Fact of designation (highlighted / not highlighted),
- An internal comment may be attached to the exercise of rights request.
Processing of data resulting from mailing:
Automatic email notifications will be sent to inform you of the success of the process. These are notifications will be sent to
- in the form of a confirmation e-mail to the user,
- to the Data Controller,
- and a technical e-mail address,
which is used only for logging the process. The system checks whether the e-mail notifications have been successfully successfully sent or not. Therefore, the following data and information are also recorded separately:
- E-mail subject,
- Content of the e-mail notification (form details and technical information),
- Status of sending an email (sent / failed),
- Date of successful mailing.
Data transfers and the parties entitled to access the data
For the purposes of ensuring the data protection lawfulness of the Data Controller a "Legitimate online presence" which ensures the online presence of the Data Controller in such a way that it complies with the requirements of the GDPR and the domestic legislation to the maximum extent possible. Therefore covers three areas, each of which qualifies as a data transfer to a data processor, so that any transfer of data or access to data by right will be detailed separately:
- Hosting: The Data Controller uses a data processor for its entire online presence. Data of the hosting provider. 105., internet contact.
- Developer: The data will not be transmitted to the developer. However, due to the technical design, the developer may have access to the data, but may only carry out operations with the data on the basis of instructions from the controller or in relation to data protection lawfulness. Details of the developer service provider: Éger Norbert EV; address: 2120 Dunakeszi Barátság útja 10/D mfsz. internet contact.
-
Data protection lawfulness provider:Üzleti Fellendülés Kft.; address: 2120 Dunakeszi Barátság útja 10/D mfsz. 105., internet contact. The service provider supports the online legitimacy of the Data Controller:
- Legal practices onlyyou are willing to implement in the website;
- Gives advice to the Data Controller;
- Helps to in data management the protection of the data of the natural persons concerned and the exercise of their data subjects' rights.
Comment
Form structure, guide:
- Choose which right you want to exercise, then read the related leaflet to make sure you have chosen the right one. Then click on the "Next" button.
- Please specify your enforcement needs, then click on the "Next" button.
- Provide the personal data necessary for identification and contactwhich allow us to identify you in accordance with the GDPR. After thatuse the "Submit" button to send us your enforcement request.
Limit number of items to be uploaded: With regard to the photo and file upload options for contact identification, please note that the file upload limit for both is ninety-nine (99) photos / files.
Upload total file size: Regarding the photo and file upload options that facilitate contact identification, it should be noted that in both cases, the system allows a total of one hundred (100) MB of data to be uploaded.
Enabled file extension for photos:
- JPG
- PNG
Allowed file extensions for files:
- Photos (jpg, jpeg, png, gif, bmp);
- Audio files (mp3, wav, ogg, oga, wma, mka, ra, mid, midi);
- Videos (avi, divx, flv, mov, ogv, mkv, mp4, m4v, divx, mpg, mpeg, mpe);
- Documents (pdf, doc, ppt, pps, xls, mdb, docx, xlsx, pptx, odt, odp, ods, odg, odc, odb, odf, rtf, txt)
- Zip archive files (zip, gz, gzip, rar, 7z)
Explanation related to file extensions
Photos from:
- jpg: Image file format.
- jpeg: Another common image file format for storing compressed images.
- png: Image file format that supports transparency and higher color encodings.
- gif: Image file format that contains animated images (moving images) also for storage can be used to store.
- bmp: Image file format that stores simple, uncompressed images.
Audio material:
- mp3: An audio file format that uses high compression to store music content.
- wav: Audio file format that stores uncompressed audio files.
- ogg: Audio file format that uses high quality compression.
- oga: Ogg container file format, which allows you to create different audio files combinations of different types of audio files.
- wma: Windows Media Audio, a compressed audio format developed by Microsoft.
- mka: Matroska container file format that allows multi-channel audio files to be storage.
- ra: RealAudio, a compressed audio format developed by RealNetworks.
- mid: MIDI, a file format in which musical information is stored.
- midi: MIDI file format containing music data.
Videos:
- avi: Audio Video Interleave, a former, widely used video container file format.
- divx: Video compression technology and container format that provides high quality compression quality.
- flv: Flash Video, a format often used to stream videos.
- mov: QuickTime file format, often used by Apple products.
- ogv: Ogg Video, an open source video file format.
- mkv: Matroska video container, which allows you to store various video and audio files simultaneous storage.
- mp4MPEG-4, a popular video and audio file format.
- m4vMPEG-4 video file, especially for Apple devices.
- mpgMPEG, the video file format developed by the Moving Picture Experts Group.
- mpeg: Another MPEG video file format.
- mpe: MPEG is a video file format that stores small, compressed videos.
Documents:
- pdf: Portable Document Format, a file format that uses the original formatting preserves the original format.
- doc: Microsoft Word document format.
- ppt: Microsoft PowerPoint presentation file format.
- pps: Microsoft PowerPoint presentation file format (for individual presentations).
- xls: Microsoft Excel spreadsheet file format.
- mdb: Microsoft Access database file format.
- docx: Microsoft Word XML-based file format (for newer versions).
- xlsx: Microsoft Excel XML-based file format (for newer versions).
- pptx: Microsoft PowerPoint XML-based file format (for newer versions).
- odt: OpenDocument Text, an open standard text editor file format.
- odp: OpenDocument Presentation, an open standard presentation file format.
- ods: OpenDocument Spreadsheet, an open standard spreadsheet file format.
- odg: OpenDocument Graphics, an open standard graphics file format.
- odc: OpenDocument Chart, an open standard chart file format.
- odb: OpenDocument Database, an open standard database file format.
- odf: OpenDocument Formula, an open standard formula file format.
- rtf: Rich Text Format, a formatted text file format.
- txt: Simple text file format.
Zip archive files:
- zip: A compressed archive file format that can contain multiple files and folders.
- gz: Gzip, compressed file format.
- gzip: Another compressed file format.
- rar: RAR, Roshal Archive, is another compressed archive file format.
- 7z: 7-Zip, an efficient archive file format with high compression ratio.
Example of data handling
You fill in the "contact form in support of the exercise of rights"to enforce your rights, to refer it to.
Affected rights, legal remedies
The Data Controller may refuse requests for the exercise of rights in only two cases, the burden of proof for which lies with the Data Controller. These cases are the following:
- If they cannot identify you properly.
- If your request is clearly unfounded or excessive, in particular because of its repetitive nature.
You have the following rights:
Right to transparent information
Information content requirements
As an interested party You have the right to. at the official contact details of the Data Controller or at on the form supporting the exercise of rights via written request information about how
- what your personal data,
- what legal basis,
- what kind of data management for the purpose of,
- how much period treats.
It also has the right to on data transfers also to know that
- what your details,
- who,
- when or with what regularity
were shared.
Including cases where your personal data You have provided it to the Controller or the Controller has collected it from another source. In relation to data collected from other sources, the Data Controller shall indicate the the source of the data and the categories of personal data is.
Formal requirements for information
The Data Controller shall provide the information in a concise, transparent, understandable and easily accessible form, clearly and comprehensibly worded must provide. If you have submitted your request electronically, the information should be provided electronically where possible, unless you request otherwise. At your request, information may also be provided orally, provided that you can provide appropriate proof of your identity.
Information deadline
The Controller shall, without undue delay and in any event. must inform you of the measures taken to exercise your rights within one month of receiving your request. If necessary, taking into account the complexity of the request and the number of requests, this period may be extended by a further two months. The Data Controller shall inform you of the extension of the time limit stating the reasons for the delay from the date of receipt of the request within one month must inform you.
Free exercise of rights
All information and measures concerning the exercise of rights be provided free of charge. If your request is manifestly unfounded or excessive, in particular because of its repetitive nature, the Data Controller has the right to refuse such a request or to charge a reasonable fee taking into account administrative costs.
Identification of the data subject
Where the Data Controller has reasonable doubts about the identity of the natural person submitting the request, may request additional information necessary to confirm the identity of the data subject.
Right of access
As an interested party You have the right to. from the Data Controller get feedback on whether whether your personal data are being processed. Where such processing is ongoing is in progress, is entitled to receive all relevant information. The Data Controller may use the following shall provide the data subject with a copy of the personal data processed.
Right to rectification
As an interested party You have the right to request that we. the Controller without undue delay correct inaccurate personal data about you. Taking into account the processing of data the purpose of the processing, you have the right to request the rectification of incomplete personal data, including a supplementary declaration supplementary information.
Right to erasure (or "forgetting")
As an interested party You have the right to request that we. the Controller without undue delay delete personal data about you, if the conditions for cancellation are apply.
Right to blocking (restriction of processing)
As an interested party You have the right to request that we. the Data Controller restrict data processing, block data, if are as follows one of the following is met:
- You contest the accuracy of your personal data. In such a case, the period of restriction shall be the accuracy of the personal data.
- Unlawful processing has occurred, and you object to the deletion of the data and instead request to restrict its use.
- Where the Controller no longer needs the personal data for the purposes of processing, but You needs them for the establishment, exercise or defence of legal claims.
- If you have exercised your "Right to object". In such a case, the period of restriction shall be until it has been established whether the legitimate grounds of the Controller prevail over your legitimate interests. legitimate grounds.
Possible processing of blocked data
Blocked personal data in the except for storage only
- with your consent,
- or to bring, enforce or defend legal claims,
- or to protect the rights of another natural or legal person,
- or an important public interest of the Union or of a Member State
can be managed.
Withdrawal from closed treatment
Before the Controller exempts your personal data from closed processing, will inform you in advance that the restriction on the processing of your data will be lifted will be removed.
Right to data portability
As an interested party You have the right to have your personal data, which the Data Controller provided by the Data Controller, in a structured, widely used, machine-readable format, and has the right to transfer these data to another controller,
where the legal basis for the processing is
- consent of the data subject (GDPR Article 6 (1) a) );
- or contractual performance (GDPR Article 6 (1) b) )
or the processing is carried out by automated means.
Direct transfers between data controllers
Taking into account the above conditions and other legality aspects You have the right to. - if technically feasible - request the direct transfer of your personal data between data controllers.
Right to object
As an interested party You have the right to. at any time, for reasons related to their own situation object to the processing of your personal data on grounds of public interest and legitimate interest [ Article 6(1)(e) or (f) of the GDPR] based against the treatment of, including based on those provisions also profiling.
Post-objection processing operations by the Data Controller
As a general rule, the Controller may no longer process personal data, except for storage. Thus, the personal data must be blocked (restriction of processing). In such a case, the period of restriction will continue until it is established whether the legitimate grounds of the Data Controller prevail over your legitimate grounds.
In the following two cases, the Data Controller may continue the processing despite your objection:
- Where the Data Controller proves that., that the processing is carried out in a justified by overriding legitimate reasonswhich take precedence over the interests, rights and freedoms of the person concerned,
- or which relate to the presentation, exercise or defence of legal claims.
Automated decision-making on individual cases, including profiling
As an interested party You have the right not to be subject to processing that is based solely on automated processing - including the profiling is - the scope of a decision based onwhich would have legal effects on you or which would be of similar importance to you. affect you to a significant extent.
The entitlement described above does not apply in the following cases:
- when the automated processing is Contract between you and the Data Controller conclusion or performance of the contract;
- when the decision on automated processing is based on the law applicable to the controller is allowed by EU or national law, which affects the rights and freedoms of the data subject, and legitimate interests; or
- for your based on your explicit consent.
Request for human intervention
You have the right to request human intervention by the Data Controller., express his or her views and object to the decision. In the case of express consent, this not applicable.
Right to withdraw consent
As an interested party You have the right to withdraw your consent at any time.
The withdrawal of consent shall not affect the processing based on consent prior to the withdrawal. the lawfulness of the prior consent.
Right to compensation
Any person who is a member of the GDPR has suffered pecuniary or non-pecuniary damage as a result of the breach, he or she is entitled to receive compensation from the controller or processor for the damage suffered.
Responsibility of the controller(s)
All data controllers involved in the processing are liable for any damage caused by the GDPR-was caused by processing that infringes.
Responsibility of the data processor(s)
The processor is liable for damage caused by the processing only if.
- has not complied with the GDPR-the obligations specifically imposed on processors by Directive 95/46/EC, or
- if you have disregarded lawful instructions from the controller; or
- acted in a way that was contrary to them.
Universal liability
Where more than one controller or more than one processor, or both the controller and the processor
data subject in the same processing and is liable for the damage caused by the processing on the basis of the above, each controller or processor shall be jointly and severally liable for the entire damage in order to ensure that the data subject is effectively compensated.
Exemption from liability
The controller or processor shall be exempt from the liability described above if it proves that it is not in any way responsible for the event giving rise to the damage.
Right to legal redress
If your objections, complaints or requests concerning your personal data have not been satisfactorily resolved by the Data Controller, or if you consider at any time that a violation of your rights has occurred or is imminent in relation to the processing of your personal data, you may lodge a complaint with the National Authority for Data Protection and Freedom of Information. have the right to make a complaint or take legal action. You can also decide to bring the action in the court of your domicile (permanent address) or residence (temporary address). tribunal before it starts.
Data Protection Authority procedure
A notification can be made to the National Authority for Data Protection and Freedom of Information:
Name of authority: | Abbreviated name of the authority: | Authority website: | Authority's seat: | Authority mailing address: | Branch e-mail address: | KR ID: | Telephone: | Fax: |
---|---|---|---|---|---|---|---|---|
National Authority for Data Protection and Freedom of Information | NAIH | https://naih.hu/ | 1055 Budapest, Falk Miksa utca 9-11. | 1363 Budapest, Pf. 9. | ugyfelszolgalat@naih.hu | 429616918 | +36 (1) 391-1410 |
Form to support the exercise of rights concerned
Data protection concepts and explanations
The National Authority for Data Protection and Freedom of Information (NAIH) data protection dictionary here available at.
Data protection
NAIH definition:
"The set of principles, rules, procedures, instruments and methods of processing which ensure the lawful processing of personal data and the protection of the individuals concerned."
Personal data
Definition under GDPR:
'Identified or identifiable natural person' means ("concerned") any information relating to; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;"
NAIH definition:
"Any specified, identified or identifiable natural person [concerned] the data that can be associated with it and the inference that can be drawn from the data concerning the data subject. The personal data shall retain this quality during the processing for as long as the link with the data subject can be re-established. The link with the data subject may be re-established if the controller has the technical conditions necessary for its restoration."
Cookies ("cookies")
NAIH definition:
"Short data files placed on the user's computer by the website visited. The purpose of the cookie is to make the given infocommunication, internet service easier and more convenient. There are several types, but they generally fall into two broad categories. The first is the temporary cookie, which is only set by the website during a particular session (e.g. during the security identification of an internet banking transaction) on the user's device, the other type is the persistent cookie (e.g.: language settings for a website)which remains on the computer until the user deletes it. Under European Commission guidelines, cookies are [unless they are strictly necessary for the use of the service] can only be placed on the user's device with the user's permission. Cookies raise a number of privacy concerns, for example, they can be used to track a user's browsing habits."
Data subject/Print
NAIH definition:
"Any natural person identified or otherwise identifiable, directly or indirectly, on the basis of specified personal data. In particular, a person shall be regarded as identifiable where he or she can be identified, directly or indirectly, by reference to a name, an identification mark or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity."
Special data
NAIH definition:
"Personal data revealing racial or ethnic origin, nationality, political opinions or political party affiliations, religious or philosophical beliefs, membership of representative organisations, sex life, health, pathological or criminal convictions or passions."
Data management
Definition under GDPR:
"Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;"
NAIH definition:
"Regardless of the procedure used, any operation on data, such as collection, recording, recording, organisation, storage, alteration, use, retrieval, disclosure, transmission, alignment or combination, blocking, erasure or destruction of data, prevention of their further use, taking of photographs, audio or video recordings, or any physical characteristics which permit identification of a person, shall be prohibited. (finger or palm print, DNA sample, iris image, etc.) fixing."
Data Controller
Definition under GDPR:
"A natural or legal person, public authority, agency or any other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of the processing are determined by Union or Member State law, the controller or the specific criteria for the controller's designation may also be determined by Union or Member State law;"
NAIH definition:
"The person or body who determines the purposes for which the data are processed shall be the controller of the data. (including the device used) or has it implemented by a processor on its behalf."
Data processing
NAIH definition:
"Performing technical tasks related to data processing operations (regardless of the method and means used to carry out the operations and the place of application)."
Data processor
Definition under GDPR:
"A natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller;"
NAIH definition:
"The person or entity that processes the data on the basis of a contract with the controller, including a contract entered into pursuant to a legal provision."
Profiling
Definition under GDPR:
"Any form of automated processing of personal data whereby personal data are used to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict characteristics associated with the performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements of that natural person;"
Rights of the person concerned
NAIH definition:
"The data subject must be clearly informed of all the details of the processing before the processing starts and at any time at his or her request. The data subject may also request the rectification and, in certain cases, the erasure of his or her data, and may object to the processing of his or her personal data in cases specified by law."
Contribution
NAIH definition:
"A voluntary and explicit indication of the data subject's wishes, based on adequate information, by which he or she gives his or her unambiguous consent to the processing of personal data concerning him or her, either in full or in relation to specific operations. For special data, a written form is required."
Appropriate information
NAIH definition:
"The data subject must be informed before the processing starts whether the processing is based on his or her consent or whether it is mandatory, and must be informed clearly and in detail of all the facts relating to the processing of his or her data, in particular the purposes and legal basis of the processing, the identity of the controller and processor, the duration of the processing and the persons who may access the data. The information shall also cover the rights and remedies of the data subject with regard to the processing."
Processing for specific purposes
NAIH definition:
"Personal data may only be processed for specified purposes, for the exercise of a right or the performance of an obligation. At all stages of processing, the purpose of the processing must be fulfilled and the collection and processing of data must be fair and lawful. Only personal data which is necessary for the purpose of the processing and is adequate for the purpose shall be processed. Personal data may only be processed to the extent and for the duration necessary to achieve the purpose. The processing shall ensure that the data are accurate, complete and, where necessary for the purposes for which they are processed, kept up to date, and that the data subject can be identified only for the time necessary for the purposes for which they are processed."
NAIH
NAIH definition, self-definition:
"The national data protection authority established by the Infotv. on 1 January 2012, replacing the institution of the Data Protection Commissioner, whose task is to protect the two information rights and to supervise the lawfulness of data processing in Hungary."
Infotv.
NAIH definition, self-definition:
"Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information, adopted by Parliament on the basis of Article VI of the Fundamental Law in order to ensure the right to informational self-determination and freedom of information, on the basic rules for the enforcement of these rights, and on the supervisory authority (NAIH) created. The aim of the Act is to ensure that the privacy of natural persons is respected by data controllers and to ensure transparency in public affairs by enforcing the right to access and disseminate data of public interest and in the public domain.