Basic actions of the Act. CXII of 2011 on Informational Self-Determination and Freedom of Information (“Privacy Act”)
Person in question: any distinct natural person identified or directly/indirectly identifiable by personal data
Personal data: data that can be associated with the person in question – especially the person’s name, ID, or any information about his/her physical, physiological, mental, economical, cultural or social characteristic, and any conclusion from the data in connection with the person in question;
a) personal data about race, nationality, ethnicity, political opinion or preference, religious or other beliefs, membership in interest groups, sexual orientation,
b) personal data about health, addictions, or criminal data;
Data manager: a natural or legal person, or organisation without a legal personality, which alone or with others determines the goal of data management, makes decisions about data management (including its tools), carries out these decisions, or orders data analyzers to implement them.
Data management: regardless of the method, data management includes action or actions carried out using the data. Managing data can mean to gather, record, enter, organize, store, change, use, inquire, forward, publish, synchronize or connect, embargo, or delete data, to prevent further use, to take pictures, audio or video recording of the data, or to track physical characteristics used to identify a person (for example finger- or hand print, DNS sample, Iris picture);
Forwarding data: to make data available for a third person;
Data processing: completing technical actions in connection with data management, regardless of the method or tools used suring the process, or the place of application, providing that the technical actions are carried out on the data;
Data processor: a natural or legal person, or organisation without a legal personality, which carries out the processing of the data according to its contract with the data manager – including contracts based on legal regulations;
4. Desciplines of data management
4. § (1) Managing personal data is only legal for a distinct aim, or to practice the law or fulfill commitments. Data management has to be in line with its aim in every phase, and the recording and managing of data must be legal and fair.
(2) Personal data can only be managed if it is crucial and applicable to reach the goal of the data management. Personal data can only be managed on a necessary level, and as long as it is needed for reaching the aim of the data management.
(3) Personal data remains personal during the data management as long as its connection with the person in question can be restored. This connection is restorable if the data manager possesses the technical conditions needed for the restoration.
(4) The accuracy and complete nature of data must be ensured during data management. If needed – based on the goal of data management – the up-to-date nature of the data must be ensured. Additionally, the person in question should be identifiable only for the time period needed to reach the goal of data management.
5. The legal foundation of managing data
5. § (1) Personal data can be managed, if
a) the person in question gives his/her consent, or
b) the law, or local government authorized by the law for specific issues orders it according to the goal based on public weal (from now on: mandatory data management).
(2) Special data can be managed according to 6. § or
a) if the person in question gives his/her written consent for the data management
1. Name of the company managing the data:
Pharmapromo (from now on Company)
2. Address of the company managing the data:
4026 Debrecen, 20 Csemete Street
4. Data management registry ID:
The application for managing data has been provided, approval is pending.
5. Description of data management:
Managing personal and special data that has been entered through the mobil application ’GynAssist’ by the user.
6. The legal foundation of managing data:
Based on Act. CXII of 2011 5.§ on Informational Self-Determination and Freedom of Information (“Privacy Act”) the voluntarily given consent of the user. Managing data happens based on the voluntarily given, informed and certain consent of the user.
7. Data managed:
- The data provided by the user voluntarily through the mobile application (name, email address, practice information).
The Company informs the user that this data can be provided voluntarily. In case the data is provided by the user, this act is considered as an implied conduct, which means that the user consented the Company to manage the provided personal and special data.
- The Company uses the data provided only for statistical reasons which excludes personal data.
8. The goal of data management:
To store special data provided through the application by the user (name, email address, practice information) to make this data available for patients in the mobile application, Ladies’ Diary (under the Dr. Profile menu). Additionally, this makes it possible for users to access the data previously entered via a single login without registration after downloading the application on a new device, or downloading it again after an earlier deletion.
10. Deleting data:
Users can ask Pharmapromo to delete her personal or special data, this request should be sent to [email protected]. Five business days within receiving the request Pharmapromo deletes all the data in question. The data deleted cannot be restored.
11. Name of the company processing the data:
Processing the data: Amarone Kft.
12. Address of the company processing the data:
1044 Budapest, Megyeri u. 207/B Megyeri Street, Apt. I/4.
13. Description of data processing:
Technical tasks in connection with data management processes, which happen mechanically.
14. Data privacy arrangements:
Personal data is stored inside of Hungary on servers owned by the Company. All data (personal and additional) provided by the user is stored on a secure, closed server. The protection of the data provided by the users and informational self-determination are of high importance for the Company.
15. Forwarding data:
Pharmapromo informs the user and asks for promission before forwarding any data to a third party. Pharmapromo is managing a registry about forwarded data.
17. User rights in connection with management of their personal data:
Users can require information about management of their personal data. The company or person managing the data informs the user about the data managed on the site, the goal, legal foundation, duration of the data management, about the name, address of the data manager, the activities in connection with data management and about third parties who received their data and the purpose of forwarding the data. Information requirements can be sent to [email protected], replies can be expected within 8 working days. Users can ask Pharmapromo to delete their data according to the terms mentioned in the section „Duration of data management.”
18. Options for legal claims:
Legal claims by users can be made in front of court according to the Act. CXII of 2011 on Informational Self-Determination and Freedom of Information (“Privacy Act”) or based on the Civil Code of Hungary. Users can also turn to the President of the National Authority for Data Protection and Freedom of Information (Dr. Attila Péterfalvi, President of the National Authority for Data Protection and Freedom of Information, 1125 Budapest, 22/C Szilágyi Erzsébet Alley, postal address: 1530 Budapest, P.O. Box 5.)
With additional questions and comments, please contact the application operator at [email protected]
19. User consent:
Content of the user data management consent:
My personal and special data provided through the mobil application, GynAssist can be used and analyzed by the Company (Pharmapromo) according to the Data management description. The data management description can be accessed here: http://www.pharmapromo.hu/gynassist-privacy-policy