MEDIMETAL’S PRIVACY POLICY FOR THE WEBSITE

     

    In this document, we inform you, as a visitor and user of the website of Medimetál Gyógyászati Termékeket Gyártó és Forgalmazó Kft. (registered at the Egri Törvényszék Cégbírósága under Company Registration Number Cg.10-09-022022, abbreviated company name: Medimetál Kft., registered office: 3300 Eger, Eger Berva felsőtárkányi 2478. hrsz., Hungary, tax identification number: 11169891-2-10., hereinafter referred to as the “Company”), about our Company’s data processing and data protection policies.

    • Principles

    In the course of data processing, our Company follows the following principles:

    1. a) We handle personal data lawfully, fairly, and transparently for you.
    2. b) We collect personal data only for specific, clear, and lawful purposes and do not process them in ways incompatible with those purposes.
    3. c) The personal data we collect and process are appropriate and relevant to the purposes of data processing and are limited to what is necessary.
    4. d) Our Company takes every reasonable measure to ensure that the data we handle are accurate and up to date. Inaccurate personal data are promptly deleted or corrected.
    5. e) We store personal data in a form that allows you to be identified only for the time necessary to achieve the purposes of data processing.
    6. f) We ensure the appropriate security of personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage through the application of suitable technical and organizational measures.

    Our Company processes your personal data

    1. a) based on your prior informed and voluntary consent and only to the necessary extent and always in a purpose-bound manner, i.e., we collect, record, organize, store, and use your data.
    2. b) In some cases, the processing of your data is based on legal requirements and mandatory. In such cases, we draw your attention to this fact.
    3. c) In certain cases, the processing of your personal data is in the legitimate interest of our Company or a third party, such as the operation, development, and security of our website.

    • Data Controller

    Our Company’s name: Medimetál Gyógyászati Termékeket Gyártó és Forgalmazó Kft.

    Our Company’s registered office: 3300 Eger, Eger Berva felsőtárkányi 2478. hrsz., Hungary

    Our Company’s website: www.medimetal.hu, www.medimetal.com

    Phone number: +36 36 415577

    Email address: medimetal@medimetal.hu

    Tax identification number: 11169891-2-10, Community VAT number: HU11169891

    Company registration number: 10-09-022022

    The contact information of our company’s data protection officer (email address): datacontroller@medimetal.hu

    In the course of data processing, our company, in order to provide high-quality service to our customers, engages the following data processors:

    Name

    Address

    Activity

    PANNONLAN Rendszerház Kft.

    1172 Budapest, Naplás u.158.

    IT service

    MediaCenter Hungary Kft.

    6000 Kecskemét, Erkel Ferenc u. 5.

    Web hosting service

     

    The data we handle:

    Name of activity and purpose of data processing

    Legal justification

    Data processed

    Duration

    Website visit

    Purpose: Ensuring the proper and high-quality operation of the website, monitoring and improving the quality of our services, identifying malicious visitors attacking our website, measuring website traffic, and for statistical purposes.

    Legitimate interest of our company

    IP address 

    Visiting date and time

    Data of the visited subpages

    The operating system and browser type used by you

    7 days

    Administration

    Purpose: Sending a message through the website’s contact page, subsequent response to the message.

    •  
    • User’s consent [Article 6(1)(a) of the GDPR]
    • Name
    • E-mail address
    • Personal message

    In the case of a user sending an email, the processing of personal data will continue until the user requests the deletion of their personal data.

     

    We request personal data from our website visitors and users only when they wish to send a message through the Contact page of the website.

    • Cookies

    Cookies are small data files (hereinafter referred to as ‘cookies’) that are downloaded and stored on your computer through the website as you use it. Most commonly used web browsers (Chrome, Firefox, etc.) accept and allow the downloading and use of cookies as the default setting. However, it is up to you to modify your browser settings to reject or disable them, and you can also delete cookies already stored on your computer. More information about using cookies can be found in the ‘help’ section of individual browsers.

    There are cookies that do not require your prior consent. Our website provides brief information about these cookies at the beginning of your first visit. Examples of such cookies include authentication, multimedia player, load balancing, session cookies for customizing the user interface, and user-centric security cookies.

    For cookies that require consent, if data processing begins with your visit to the website, our Company inform you and request your consent at the start of your first visit.

    Accepting cookies is not mandatory, but our Company does not take responsibility if our website does not function as expected due to the absence of cookie acceptance.

    For detailed information on third-party cookies, you can visit https://www.google.com/policies/technologies/types/, and for data privacy, you can refer to https://www.google.com/analytics/learn/privacy.html?hl=en.

    • Additional data processing related to the use of the website

     

    You voluntarily provide us with your personal data during your relationship with our Company, which is why we ask that you ensure that your data is truthful, correct and accurate, because you are responsible for them. Incorrect, inaccurate or incomplete data can be an obstacle to the use of our services.

    If you do not provide your own personal data, but someone else’s, we assume that you have the necessary authorization.

    You can withdraw your consent to data processing at any time free of charge in writing (at datacontroller@medimetal.hu) by withdrawing your consent to data processing.

    We undertake to register the withdrawal of consent – for technical reasons – with a deadline of 15 days, however, we would like to draw your attention to the fact that in order to fulfill our legal obligations or assert our legitimate interests, we may process certain data even after the withdrawal of consent.

    In the event of the use of misleading personal data, or if one of our visitors commits a crime or attacks our Company’s system, we will immediately delete the visitor’s data at the same time as canceling their registration, and – if necessary – we will keep them for the duration of the establishment of civil liability or the conduct of criminal proceedings.

    • Other data processing measures

    Your data can only be forwarded within the framework defined by law, and in the case of our data processors, we ensure by stipulating contractual conditions that they cannot use your personal data for purposes contrary to your consent. More information can be found in point 2.

    Courts, prosecutors and other authorities (e.g. police, tax office, National Data Protection and Freedom of Information Authority) may contact our Company to provide information, provide data or make documents available. In these cases, we must fulfill our obligation to provide data, but only to the extent that is absolutely necessary to achieve the purpose of the request.

    Our company’s contributors and employees involved in data management and/or data processing are entitled to access your personal data to a predetermined extent – under the burden of confidentiality.

    We protect your personal data with appropriate technical and other measures, as well as ensure the security and availability of the data, as well as protect them from unauthorized access, alteration, damage, disclosure and any other unauthorized use.

    As part of organizational measures, we check physical access in our buildings, we continuously educate our employees and keep paper-based documents locked away with appropriate protection. As part of the technical measures, we use encryption, password protection and anti-virus software. However, we draw your attention to the fact that data transmission via the Internet cannot be considered a fully secure data transmission. Our company does everything in order to make the processes as safe as possible, however, we cannot assume full responsibility for data transmission through our website, but we adhere to strict regulations regarding the data received by our company in order to protect your data and prevent illegal access.

    • Your Rights and Remedies

    You about data management:

    • You can request information,
    • You can request the correction, modification or addition of your personal data managed by us,
    • You can object to data processing and request the deletion and blocking of your data (with the exception of mandatory data processing),
    • You can take legal action before the court,
    • You can file a complaint with the supervisory authority or initiate a procedure (https://naih.hu/panaszuegyintezes-rendje.html).

    Supervisory Authority: Nemzeti Adatvédelmi és Információszabadság Hatóság  (National Data Protection and Freedom of Information Authority)

    • Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22/c., Hungary
    • Mailing address: 1530 Budapest, Pf.: 5.
    • Phone: +36 (1) 391-1400
    • Fax: +36 (1) 391-1410
    • E-mail: ugyfelszolgalat@naih.hu
    • Website: https://naih.hu/

    Upon your request, we provide information about your data that is managed or processed by us – or by our commissioned data processor

    • about your data,
    • about their source,
    • the purpose and legal basis of data processing,
    • its duration, and if this is not possible, the criteria for determining this duration,
    • about the name and address of our data processors and their activities related to data processing
    • about the circumstances and effects of data protection incidents and the measures we have taken to prevent and eliminate them, and
    • in case of forwarding your personal data, about the legal basis of the data transfer and the recipient.

    We will provide our information as soon as possible, within 15 days (but no later than 1 month) from the submission of the application. Information can only be refused in cases provided for by law by indicating the legal place, as well as by providing information about the possibility of judicial remedy or turning to the Authority.

    Our company will notify you, as well as all those to whom it previously forwarded the data for the purpose of data processing, of the correction, blocking, marking and deletion of personal data, unless the failure to notify does not harm your legitimate interests.

    If we do not comply with your request for correction, blocking or deletion, within 15 days (but no later than 1 month) after receiving the request, we will inform you in writing or – with your consent – electronically, of the reasons for our refusal and inform you of the legal remedy in court, as well as the appeal to the Authority about the possibility.

    If you object to the processing of your personal data, we will examine the objection as soon as possible, within 15 days (but no more than 1 month) from the submission of the request, and we will inform you of our decision in writing. If we have decided that your protest is well-founded, in that case we will terminate the data management – including further data collection and transmission – and block the data, as well as notify all those to whom the personal data affected by the protest have been notified of the protest and the measures taken based on it. previously forwarded, and who are obliged to take action to enforce the right to protest.

    We will refuse to comply with the request if we prove that the data processing is justified by compelling legitimate reasons that take precedence over your interests, rights and freedoms, or that are related to the submission, enforcement or defense of legal claims. If you do not agree with our decision, or if we miss the deadline, within 30 days from the notification of the decision or the last day of the deadline, you can go to court – the seat of the Company (Egri Törvényszék, 3300 Eger, Barkóczy u. 1.), or to the court competent according to the place of residence of the person concerned. The adjudication of the lawsuit falls within the jurisdiction of the court. The court acts out of sequence in the case. A lawsuit initiated in connection with the protection of personal data is free of charge.

    We ask that you contact our Company before filing your complaint with the supervisory authority or the court – in order to negotiate and resolve the problem as quickly as possible.

    1. What are the main governing laws for our activities?
    • Regulation (EU) 2016/679 of the European Parliament and of the Council on the processing of personal data of natural persons (GDPR)
    • CXII of 2011 on the right to information self-determination and freedom of information law Hungary – (Info tv.)
    • Act V of 2013 on the Civil Code of Hungary (Ptk.)
    • Amendment of Privacy Policy

    Our Company reserves the right to amend this Privacy Policy, of which it will inform the affected parties in an appropriate manner. Information related to Privacy Policy is published on the website www.medimetal.hu.

     

    Eger, Hungary, 6 November 2023