PRIVACY NOTICE

Privacy Notice

The purpose of this Privacy Notice is to inform you about the data processing operations of Anna Üveges E.V. (address: 1041 Budapest, Károlyi István u. 27-29. 1 lph 1. em. 6 a.) (hereinafter referred as the „Data Controller” or Anna Üveges E.V.) in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council from 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, repealing Regulation (EC) No 95/46/EC (General Data Protection Regulation (GDPR)) in accordance with the provisions of the Hungarian legislation in force.

Anna Üveges E.V. is a Data Controller (hereinafter referred to as Data Controller) in respect of the processing activities described in this Privacy Notice. Contact details of the Data Controller: telephone: +36308743350, e-mail: info@uvegesanna.hu

The Data Controller shall comply with the provisions of the applicable legislation during its data processing and shall fully respect the fundamental rights and privacy of individuals in its data processing practices, the provisions of the General Data Protection Regulation and the nature of the service it provides. The Data Controller shall pay particular attention to collecting, storing and using only the personal data necessary for the activities, for the period and under the conditions set out in this Privacy Notice.
If you have any questions or comments, please contact us at info@uvegesanna.hu.

I.

In the course of professional activities the Data Controller carries out the following operations on the website www.uvegesanna.hu:

Type and purpose of data processing Scope of the data processed Duration of data handling Legal basis of processing
Contact Name, email address, phone number, information shared by you In the case of a consultation until the end of the 5th year following the end of the consultation, otherwise at the end of the six months following the request GDPR § 6 (1) f) legitimate interest of the controller
Consultation, provision of therapeutic services, communications Name, date of birth, address, telephone number, e-mail address, identifiable data of a minor, personal data relating to you or a third party that you disclose, a special category of personal data or other information, individual consultation contract, parental declaration Until the end of the 5th year after the end of the contract (end of consultation) Your consent in accordance with GDPR 6(1)(a) and 9(2)(a) and GDPR 6 (1) (b) performance of the contract between the parties
Payment of the service fee In the case of bank transfer, the data in the transfer report Until the end of the eighth year following the year of payment GDPR 6 (1) c) legal obligation: Accounting Act 169 § (2)

You may at any time obtain prior information on the Data Controller’s processing activities by consulting the Privacy Notice on the website. The Data Controller will consider as your voluntary consent (pursuant to Articles 6(1)(a) and 9(2)(a) of the GDPR) the fact that you have contacted him or her on your own initiative and disclosed to him or her during the consultation the personal data concerning you or another person that you wish to share. You may withdraw your consent at any time, but in this case the Data Controller may not be able to continue to provide the consultation service to you.

II.

The personal data is stored in the email account of the Data Controller, on the storage space of its website and in the personal, paper or electronic notes of the Data Controller.

The Data Controller keeps personal data stored on paper or electronically in secure conditions (locked cabinet and lockable room, password protected), so that no other person has access to it.

The consultation/therapy service can take place in a face-to-face (offline) or virtual (online) environment, neither of which is recorded – even at the request of the client. In the case of virtual (online) consultations, temporary invitations are deleted on a monthly basis, while permanent invitations are deleted the week after the consultation is closed.

The Data Controller uses NetMasters Europe Kft. (head office: 4200 Hajdúszoboszló, Diószegi S. u. 5., Company registration number: 09-09-025522, szia@netmasters.hu) as data processor for the provision of hosting services and email correspondence. The data is stored in the European Union.

We take appropriate technical and other measures to protect your personal data and to ensure its security and availability and to protect it from unauthorised access, alteration, damage, disclosure or any other unauthorised use. We use password protection and anti-virus software as part of our technical measures. Please note, however, that data transmission over the Internet cannot be considered a completely secure transmission.

III.

Use of website cookies and similar technologies

Cookies are small text files that are stored on the terminal equipment (computer or mobile device) of the user when he/she visits certain websites. Cookies can be used for various purposes, for example, they may be necessary for the proper functioning of the website or to deliver targeted advertising to you through an external service provider.

You can find the scope and characteristics of the cookies used on this website in the cookie panel. When you visit the website you are free to choose whether or not to use cookies with your consent.

IV.

Please note that you may exercise your rights under the law by sending an email to the email address provided above, within the limits set by the law.

a) You may request... access to or a copy of the personal data we process about you (Article 15).
b) information on the main characteristics of the processing (purpose, scope of the data processed, processors involved, duration of the processing) (Article 15)
c) that inaccurate personal data concerning you be corrected or incomplete personal data be completed without undue delay (Article 16).
d) the erasure of personal data relating to you without undue delay (Article 17) if (i) the personal data are no longer necessary for the purposes specified in point 1, (ii) you object to the processing and the controller has no other legal ground for processing, (iii) the processing is unlawful. Data may not be erased if necessary for the establishment, exercise or defence of legal claims.
e) the restriction of the use of the data (Article 18).
f) to receive the data about you in a commonly used, machine-readable format or to transfer it directly to another controller (Article 20).
g) You may... object to processing, after which the controller may process your data for the purposes set out in point 1 only if the controller has compelling legitimate grounds for doing so (Article 21(1)).
h) initiate proceedings with the supervisory authority of the place of residence, work or where the alleged infringement took place (Article 77).

The supervisory authority in Hungary is the National Authority for Data Protection and Freedom of Information (1055 Budapest, Falk Miksa utca 9-11. or 1374 Budapest Pf. 603).

In the event of a breach of rights, you may also initiate legal proceedings against the controller or processor before the courts of the Member State in which the controller or processor is established or before the competent court in your place of residence.

We will reply to your request for information within a maximum of 30 days, using the contact details provided.

An up-to-date version of our Privacy Notice is available on our website.

Budapest, 22 July 2024