+36704350201
Whatsapp
DATA MANAGEMENT INFORMATION
This informational document contains the activities related to the processing of personal data by Rosental Dental Health and Service Limited Liability Company (registered office: 1221 Budapest, Bencés utca 32.; company registration number: 01 09 275649) (“Service Provider” or “Rosental Dental”). You will receive information about what personal data we process, for what purpose and legal basis, for how long, who may get acquainted with the processed personal data, who may have access to them, as well as a detailed explanation of your rights related to data processing.
1.How does it handle personal data?
During its activities, Rosental Dental has become aware of information relating to a natural person (e.g., personal identification data, contact information, health data, etc.), that is, personal data, and manages it as a data controller in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), which relates to the protection of natural persons with regard to the processing of personal data and the free movement of such data, as well as the repeal of Directive 95/46/EC, and other relevant Hungarian data protection laws.
Rosental Dental Health and Service Limited Liability Company
Headquarters: 1221 Budapest, Bencés utca 32.; company registration number: 01 09 275649
Email address: recepcio@rosental.hu
Website: https://rosentaldental.hu/
Company registration number 01 09 275649
Phone number +36 70 305 7113
The personal data handled by Rosental Dental can be accessed by its employees to the extent necessary for the performance of their duties and for the provision of services to you, under a confidentiality commitment. In addition, it may transfer the data it handles to third parties, for example: to authorities, in order to fulfill its legal obligations, or for the purpose of providing services to you (e.g., in the case of engaging an external service provider), and also when it uses a third party acting in its name and at its instructions for certain data processing operations (e.g., data storage). In this latter case of data processing, Rosental Dental ensures that personal data is only transferred to data processors who provide adequate guarantees for the security of data processing and your personal data.
2. How does Rosental Dental ensure data security?
The Data Controller takes into account the current state of technology when determining and applying measures to ensure the security of data, and protects personal data with appropriate measures against unauthorized access, alteration, transmission, disclosure, deletion, or destruction, as well as against accidental destruction and damage, as well as against unavailability arising from changes in the technology used.
3. Personal data: GDPR Article 4.
Any data, information, or factor concerning an identified or identifiable natural person (“data subject”) based on which the given natural person can be identified. These include, in particular: name, number, location data, online identifier, data referring to the physical, physiological, genetic, mental, economic, cultural, or social identity of the natural person. The processing of personal data also includes taking photographs, making audio or video recordings, as well as collecting physical characteristics suitable for identification.
4.Special data: GDPR Article 9.
Within the scope of personal data, special data includes information relating to racial or ethnic origin, political opinion, religious or philosophical beliefs, trade union membership, as well as genetic and biometric data that can identify natural persons, health data, and data relating to the sexual life and sexual orientation of natural persons.
The processing of these data is only possible with the exclusive consent of the data subject. If the data subject refuses consent, the processing of the aforementioned special data is prohibited.
5. Technical data
The data that is technically recorded during the operation of the system: the data of the patient’s computer that are generated during the use of the service and are recorded by the Rosental Dental system as a result of automatic technical processes. The data that is automatically recorded is logged by the system automatically upon entry and exit, without your separate statement or action. This data cannot be linked to other personal user data.
6. Cookie
During visits to the website, one or more cookies – small files containing a sequence of characters – are sent by Rosental Dental to the visitor’s computer, which allows the browser to be uniquely identified. These cookies are provided by Google and their use is facilitated through the Google Analytics system.
These cookies are only sent to the visitor’s computer when certain subpages are visited, meaning that they only store the fact and time of visiting the respective subpage, without storing any other information or data.
7. Used Cookies:
7.1. Session cookie: automatically deleted after the user’s visit. These cookies help the website to operate more efficiently and securely.
7.2. Persistent cookie: permanent cookies for a better user experience (e.g., providing optimized navigation). These cookies are stored longer in the browser’s cookie file. The duration depends on the settings you use in your internet browser.
7.3. Cookie used for password-protected sessions.
7.4. Security cookie: External servers help independently measure and audit the website’s traffic and other web analytics data (Google Analytics). Data handling information is available from the data controllers. (Their contact information: www.google.com/analytics)
If you do not wish for Google Analytics to measure the data mentioned above in the described manner and for the stated purpose, install the add-on that blocks this in your browser. The ‘Help’ function found in the menu bar of most browsers provides information on how to disable cookies, how to accept new cookies, or how to instruct your browser to set new cookies, or how to turn off other cookies.
8. Data Processors
Rosental Dental transfers personal data to the following data processors, which process the data for the purposes specified in this notice:
8.1. Accounting Service Providers
o Data processors who perform data processing tasks related to accounting and document storage services.
8.2. Server Providers
o Data processors who store and manage data as part of server services.
8.3. Delivery Service Providers
o Companies that carry out the delivery of shipments, managing the data required for delivery (name and address) based on a data processing agreement.
8.4. Other Healthcare Providers
o Healthcare providers who handle data necessary for performing laboratory tests, emergency care, and certain specialized treatments.
8.5. Authorities and Courts Defined by Law
o Those authorities and courts that, based on legal regulations, require data provision upon official request or summons.
8.6. Document Archiving, Record Storage Service Providers
o Data processors who perform tasks related to the archiving of documents and record storage based on a data processing contract.
Each of these data processors follows strict data protection rules and only has access to the data to the necessary extent, ensuring the security and confidentiality of the data.
9. Data processing
The table below provides a detailed overview of the various types of data processing by Rosental Dental, their purposes, the scope of the personal data concerned, the legal basis for data processing, duration, the recipients of data transfer, and the consequences of the failure to provide data.
| Data Processing, Type Data | Processing Purpose | Scope of Personal Data Involved | Data Processing Legal Basis | Data Processing Duration | Recipients Categories, Data Transfer |
| Appointment Scheduling | Appointment assurance and communication | Name, phone number, email address, appointment | Consent of the data subject | Creating the contract | |
Consent declaration for general dental procedures, implantation, conscious sedation | Identification of the data subject, providing appropriate service | Name, phone number, email address, appointment | Consent of the data subject, contract performance (Act XLVII of 1997 § 30 (1) point b, GDPR Article 6 (1) point a) | 30 years (health data), 50 years (discharge report), 10 years (imaging records) | |
| Dental care, performance of a contract for healthcare services | Providing healthcare services, performance of contract | Name, date of birth, mother’s name, address, phone number, email address, health insurance ID, other health data | Contract performance, legal obligation, legitimate interest (GDPR Article 6(1)(b), GDPR Article 6(1)(c), GDPR Article 6(1)(f), Act XLVII of 1997 Section 30(1)(b), Act C of 2000 Section 169(2)) | 30 years (health data), 50 years (discharge summary), 10 years (imaging records), 8 years (accounting data) | Health service providers, authorities, courts, data processors. |
| Complaint Handling | Investigation and handling of complaints | Name, email address, home address, content of the complaint | Contract performance, legal obligation, consent of the data subject (GDPR Article 6 (1) (b), GDPR Article 6 (1) (c), GDPR Article 6 (1) (a), Act CLIV of 1997) | 5 years (from the closure of the complaint case) | Authorities, courts, data processors |
| Communication | Communication, contract performance, service provision | Name, phone number, email address, content of the inquiry | Legitimate interest, consent of the data subject (GDPR Article 6 (1) (f), GDPR Article 6 (1) (a)) | 5 years (limitation period) | Data processors, authorities, courts |
| Application | Job placement | Name, phone number, email address, CV data | Consent of the data subject (GDPR Article 6 (1) (a)) | 2 years (in case of unsuccessful application) | |
| Social Media | Social profiles management, moderation | Name, data posted on social media | Consent of the data subject, legitimate interest (GDPR Article 6 (1) (a), GDPR Article 6 (1) (f)) | 5 years (general statute of limitations) |
10. Right to information
At the provided contact details, you can request specific information regarding whether we process your personal data, and if so, which data, for what purpose and legal basis, for how long, as well as information on how Rosental Dental obtained your personal data, whether it has been transmitted, or if access has been granted to a third party, and if so, to whom, when, for what purpose, as well as specific information about your rights related to data processing. Rosental Dental provides this information free of charge, but in the case of clearly unfounded or excessively repetitive requests, it may charge a reasonable fee (taking into account administrative costs) or may not fulfill the request for information.
You may request the issuance of a copy of your processed personal data in electronic or other (especially paper) format, for which we may charge a reasonable fee (considering administrative costs, proportional) by exercising the option provided by the relevant legislation.
Your request for information will be fulfilled by Rosental Dental while respecting the rights of others (especially the right to business secrets and the protection of intellectual creations).
11. Right to Rectification
If you become aware that any personal data (especially, for example, contact details, email address, telephone number) stored in the systems managed by Rosental Dental is incorrect (e.g., due to a typo) or incomplete, we will complete the incomplete personal data and rectify the incorrect personal data upon your request sent to the above contact details. Furthermore, we will inform those third parties to whom we have transmitted your personal data about the rectification, unless this is impossible or involves disproportionate effort.
12. Withdrawal of consent for data processing; right to deletion and ‘right to be forgotten’
You have the right to withdraw your consent for data processing at any time, which does not affect the lawfulness of the data processing based on consent before its withdrawal. If you withdraw your consent for data processing and
– there is no other legal basis for the data processing, or
– the purpose of the data processing has ceased, or
– the data processing is unlawful, or
– the data must be deleted according to legislation,
then, in response to your request sent to the contact details provided above, we will permanently delete your personal data and its copies from our systems, and we will destroy them. Furthermore, we will inform those third parties to whom we have transmitted your personal data, unless this is impossible or requires a disproportionate effort.
13.Right to Object
If the data processing is based on the legitimate interest of Rosental Dental or a third party, you have the right to object to the data processing at the contact details provided above, in which case we will no longer process your personal data, unless there are compelling legitimate grounds for the processing.
14. Restriction of data processing
You can request the restriction of data processing related to your personal data at the contact details provided above, in which case Rosental Dental may only store your personal data without using it or carrying out further processing operations (e.g., transfer, deletion); the latter may only take place during the restriction if you consent to them, or if they are necessary for the establishment, exercise, or defense of legal claims, or for the protection of third-party rights, the Union, or an important public interest of an EU member state. Furthermore, we will inform those third parties to whom we have forwarded your personal data about the restriction, unless this is impossible or requires a disproportionate effort.
You may request the restriction of data processing
– if you believe that your data is inaccurate and you do not want it to be used until it has been corrected, or
– if you believe that the data processing is unlawful, or
– if the purpose of data processing has ceased, but you do not want your data to be deleted because you need it, for example, for the presentation, protection, or enforcement of a legal claim.
You may request the restriction simultaneously with an objection to the data processing based on the legitimate interest of Rosental Dental or a third party, in which case the restriction will last until the request for the objection has been assessed at most.
15. Data Portability
If the data processing is based on your consent, necessary for the performance of a contract with you, or carried out automatically, you can request the transfer of the personal data you provided to Rosental Dental in a structured, commonly used, machine-readable format to yourself or another data controller specified by you, with the exception of medical data, which requires a waiver of medical confidentiality. We will fulfill your request while respecting the rights of others (especially the right to business secrets and the protection of intellectual property).
16. How can rights related to data processing be enforced?
You can submit your request or inquiry regarding the exercise of your rights related to data processing at the contact points provided above. Please include at least two personal data points in your request that will allow us to identify you (e.g., name and phone number, name and email address). You can also make your request or comment verbally at the designated phone number, but we will respond in writing in all cases (primarily in the form you choose; if that is not provided, we will respond at our discretion either electronically via email or on paper via postal mail). We kindly ask you to indicate in your written request (submitted via e-mail or on paper) how you would like to receive a response (e.g., electronically via e-mail or on paper by mail); otherwise, we will send the response to you in the format corresponding to your request. We will provide a substantive response to your request or inquiry regarding data processing within 30 days from receipt, or exceptionally (e.g., due to the complexity of the request) within 60 days. In the latter case, we will inform you separately about the extension of the response deadline and its reasons within 1 month from the receipt of the request.
17. Data processing related to minors?
If you have not yet turned 16 years old, you can exercise the rights detailed above with the consent of your legal representative, namely, your parent who exercises parental authority. If you have turned 16 but have not yet turned 18, you can independently give consent to data processing, but you can only exercise the rights detailed above with the consent of your legal representative, namely, your parent who exercises parental authority.
18. What rights can be exercised regarding the personal data of deceased relatives?
The rights to access, rectification, erasure, objection, and restriction of processing regarding the personal data of the affected person may be exercised by the person authorized in a public document or a private document of full probative value during the five years following the death of the affected person. If the affected person did not authorize anyone during their lifetime, then for five years following the death, a close relative (the spouse, direct descendants, adopted children, stepchildren, foster children, adoptive parents, stepparents, foster parents, and siblings, with the first one to act among the close relatives) is entitled to exercise the rights to rectification and objection, and in cases where the processing of data was unlawful even during the affected person’s lifetime, or the purpose of data processing ceased with the death of the affected person, they may also exercise the rights to erasure and restriction of processing. Regarding the personal data of the deceased individual, we will respond to inquiries or requests received from the authorized person within 25 days from the date of receipt.
19. Remedies
You can file a complaint regarding data processing with the National Authority for Data Protection and Freedom of Information at the following contact details:
National Authority for Data Protection and Freedom of Information
Headquarters: 1055 Budapest, Falk Miksa Street 9-11
Mailing address: 1374 Budapest, P.O. Box 603.
Email address: ugyfelszolgalat@naih.hu
Phone number: +36 (1) 391-1400
Website: http://naih.hu
Beyond the rights and claims related to data management, you can also turn to court to enforce them. You may initiate legal proceedings before the competent court based on your residence or place of stay.
Rosental Dental may amend this data management notice especially in the case of new data processing being implemented or changes to ongoing data processing, which will be communicated primarily on its website to inform its clients and other affected individuals.
This notice is effective from July 4, 20224.