HUNMED Partners Korlátolt Felelősségű Társaság, (registered office: 1077 Budapest, Rózsa utca 38. A. ép.; registration number: 01-09-423705, hereinafter referred to as the "Company" or the "Controller") is considered as the controller of personal data in accordance with the General Data Protection Regulation and the Information Act (hereinafter referred to as the "Controller") due to the processing of personal data by visitors to the website www.odoktor.hu (hereinafter referred to as the "Website").
Contact details:
Address: 1077 Budapest, Rózsa utca 38. A. ép.
E-mail: info@odoktor.hu
Contact details of the Data Protection Officer:
UNI HILL Consulting Kft.
Donát Dékány
info@unihill.hu
Terms not otherwise defined in this Privacy Notice have the meaning given to them in the General Terms and Conditions.
1Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC
2 Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information
It is of importance for the Data Controller to provide its services to its customers in accordance with the needs and requirements of the modern age. This Policy contains detailed information about the processing of data during your visit to the Website.
Anyone's use of the Website's services and the provision of Personal Data in connection therewith is voluntary.
The Controller explicitly draws attention that a transfer of Personal Data to a third country takes place and informs the user of the Website as data subject that
- in case of transferring data to the United States, the United States ensures an adequate level of protection – comparable to that of the European Union – for personal data transferred from the EU to US companies. - in case of transfer to Kazakhstan, due to the absence of an adequacy decision and appropriate safeguards such transfers may involve risks. The user of the Website as data subject shall explicitly consent to the transfer.
However, without consent to the provision and processing of Personal Data, the services of the Website may not be used.
You can make an appointment for a medical examination at a health institution via the website or use the Website as a healthcare service provider. Your Personal Data will be processed as described below:
The Company uses cookies to facilitate the use of its Website.
A cookie is a small packet of data that is stored by Internet services in your browser. A cookie is a technology that is essential for the operation of an online service that provides an efficient and modern user experience.
The User can find out about the current cookies in the pop-up window on the Website and set his/her preferences when he/she uses the Website.
The User has the option to maintain and/or delete cookies at his/her convenience, which he/she can set in the internet browser settings.
| Scope of data processed | Purpose of data processing | Legal basis for data processing | Data recipients, contractual partners, data processors | Duration of data processing |
|---|---|---|---|---|
| a) name b) e-mail address c) phone number d) selected health institution e) selected specialist f) selected medical service, examination g) place and time of medical examination h) fee for a medical examination i) review on the provided treatment j) type, date, nature of the treatment | The purpose of the data processing is to operate the appointment booking system available on the Website, to book appointments to the medical institutions and specialists (Partners) available on the Website, and to maintain contact with (e.g. to change or cancel an appointment). In case of healthcare professionals, the purpose of the data processing, further to the above, is to generate review of the services. | Explicit consent of the data subject /User (Article 6(1)(a) and Article 9 (2)a of the General Data Protection Regulation). | Health institutions and specialists available on the Website, visitors of the Website, analytics and marketing service providers.
Please note that the Data Controller is not responsible for the adequacy of the data management of the Partners, so please give your consent to the transfer of data by familiarizing yourself with the data management rules of the Partner concerned.
Data Processor: • QAZMED Partners LLP (registered office: Astana, Dom 11, kv. 366, prospekt Qabanbai Batyr, registration number: 161140013287) – providing marketing advisory and programming activities (monitoring the system, identifying bugs, optimizing the performance, error detection) • Twilio (registered office: 94105-1554 San Francisco, 101 Spear St FL 5, registration number: 4518652) – providing SMS, Whatsapp and API Services • Mailchimp (The Rocket Science Group LLC, registered office: 30308-2172 Atlanta, 675 Ponce De Leon Ave NE Ste 5000) – providing email services• Amazon AWS (registered office: 98101-1424 Seattle, 1915 Terry Ave) – providing Cloud servers and cloud storage • Medio MedTech Zrt. (registered office: 1095 Budapest, Lechner Ödön fasor 2. 7. em. 13. ajtó, registration number: 01-10-141172) - providing online appointment booking infrastructure • Google (registered office: 94043-1351 Mountain View, 1600 Amphitheatre Pkwy, registration number: 3582691) (Gmail, Google Analytics, Google maps, etc.) • Sentry (Functional Software, Inc., registered office: 94107-1308 San Francisco, 132 Hawthorne St) (indicting error logs) | The Website will process Personal Data until you request to withdraw your consent. |
The Data Controller attaches the utmost importance to ensuring that the rights of Data Subjects with regard to data processing are adequately protected at all times when processing Personal Data of natural persons. In this context, the following rights shall apply. In the event of any request by a data subject in relation to the processing of Personal Data, the Data Controller will ensure the exercise of the data subject's right within the shortest possible time from the receipt of the request, but not later than 1 month or, if it needs further information to ensure the exercise of the right, will contact the Data Subject without delay by e-mail or telephone (preferably using the same means of communication as the Data Subject used) to deal with the request.