Chepter I: General provisions
1. Contents of Policy
The service of Privát Doktor Egészségügyi Szolgáltató és Adatfeldolgozó Zrt. (Registered office: 1095 Budapest, Mester utca 5 .; company registration number: 01-10-045987; „Data Manager”) is called collects the results of measurements of the essential life functions of natural persons (hereinafter referred to as "Stakeholders"; "Stakeholder"), and provides evaluation feedback from operators and / or experts in a contractual relationship with the Data Controller in order to monitor and evaluate the data subject's health status (hereinafter referred to as the "Service"). A detailed description of the operation of PrivátDoktor's services can be found on the website http://www.PrivátDoktor.hu.
Third parties involved in the sale of the Private Doctor are considered to be the Data Processor of the Data Controller.
The terms used in this policy are in accordance with the terms of
1.1. KEY TERMS AND INTERPRETATIONS IN THE POLICY:
1.2. PRINCIPLES APPLICABLE TO DATA PROCESSING
The Data Controller
The Data Management Information and other information related to the data management of the Data Controller are available on the website http://www.privatdoktor.hu (hereinafter: the “Website”) and in the PrivátDoktor mobile application. If you have any questions regarding the data management of the Data Controller or this Data Management Information, please contact the Data Protection Officer of the Data Controller, Szilvia Piliskó, at the e-mail address dpo@privatdoktor.hu. The Data Controller reserves the right to change the Policy, of which it provides information in the form of a system message and by publishing it on the Website in accordance with the applicable legislation.
2. Data controller, data processor and place of data management
The controller of the data (hereinafter: Data Controller or Operator) is Privát Doktor Egészségügyi Szolgáltató és Adatfeldolgozó Zrt. (Registered office: 1095 Budapest, Mester utca 5 .; company registration number: 01-10-045987; represented by: Tibor Papp)
Phone number: +36209444177
Name and contact details of the data protection officer of PrivátDoktor: Szilvia Piliskó
Phone number: +36203443733
E-mail address: dpo@privatdoktor.hu
During data management, the Data Controller uses a data processor (that is a service provider providing assistance in the technical implementation of data management).
Name of the data processor:
Private Intelligence Kft.
Headquarters: 2626 Nagymaros, Jánoshegy dűlő 12622. Private Intelligence Kft. Performs sales and contact activities for the Data Controller.
S+H Informatikai Zrt.
Headquarters: 1132 Budapest, Visegrádi utca 40. S + H Informatikai Zrt. Provides the Data Controller software to the Data Controller and ensures its continuous operation.
Invitech ICT Services Kft.
Headquarters: 2040 Budaörs, Edison utca 4. Invitech ICT Services Kft. Provides physical protection at the bodies of the Data Manager
Place of data management and data processing: No data transfer takes place to Hungary, to a third country or to an international organization.
3. Circumstances of the data management of the Private Doctor, legal basis and cases of data management
The Data Controller's data management is carried out according to the following legal bases, in the cases belonging to the legal bases:
1) Consent-based data processing – GDPR Article 6 (1) (a)
Relevant cases (including related data entry, modification, deletion processes and data access rights):
registration
When registering on the Website, the Data Subject must provide the necessary information. The data controller will then send a confirmation e-mail to the e-mail address provided, which will include a link to activate the registration.
providing contact personal information
With the statement of the Data subject
optional age
It is up to the Data subject to decide whether to indicate his or her age. The Service is only available to adults. Specifying the age accurately may improve the quality of the Service.
recording incoming telephone calls to customer service
In the event of a telephone call to the customer service, the customer service shall, if appropriate, make a brief written record of the notification. At the request of the data subject, the note will be sent to him in the form of an e-mail.
complaint, storage of error reporting emails
If the complaint or error report is sent by e-mail, the sent e-mail will always be stored, so if personal data is included in the report, it will be stored together with the report.
recording the data included in complaints and error reports in the ticketing system
In the PrivátDoktor, the so-called ticketing systems work. These are used by the most competent person to find a solution as quickly as possible by collecting faults in a system.
2) validation related data processing – GDPR Article 6 par. (1) (c)
enter billing information
The Service can only be used against payment, the fee for the Service will be invoiced, which requires requesting and handling the data listed in the applicable legislation.
3) enforcement of a legitimate interest related data processing – GDPR Article 6 par. (1)(f)
company connections related data management: technical contact details, etc.
PrivateDoctor provides companies with the opportunity to provide PrivateDoctor subscriptions to their colleagues. In the case of this agreement, it is necessary to keep in touch with the companies, therefore certain well-defined data will be recorded in connection with the accession, e.g. contact details.
Register of PrivateDoctor users by customer service
In connection with the operation of the Private Doctor, it is necessary that the colleagues performing customer service and billing tasks also have the necessary access to perform the task.
Register of PrivateDoctor users by operation
In connection with the operation of the Private Doctor, it is necessary that the colleagues performing the operational tasks also have access.
Logging the activities of administrators
During the operation of the Private Doctor, the activities of the Operators, Customer Service and Administrators in the Private Doctor are logged for security and retrieval reasons.
Security log files
During the operation of the Private Doctor, security events are logged for security and retrieval reasons.
Personal data processed on the basis of these legal bases can become the property of the Data Controller in two ways:
1. They shall be made available directly to the Data Controller by the Data Subject
2. The Data Controller does not receive the personal data directly from the Data Subject
The table below summarizes the data processing cases for the different legal bases, the scope of the personal data for each case, the purpose and duration of the processing and the number of the legal provision establishing the data processing case, if any. In some cases, the range of data treated is wider, so a list of these data can be found in Table 1. is included in Annex.
Chapter II: Data Management Summary
1. Management of personal data collected directly from the Data subject person
Data management case: registration
Legal basis: Data management based on the consent of the Data subject (GDPR Article 6, par (1) a) and for Social Security number the Article 9, par. (2) a). Target: access to the services provided by the Private Doctor Data content: Email address, password, First name, last name, gender, year of birth, language, status, date of registration, deregistration, unique ID, Social Security number or passport number Optional: telephone number, second e-mail address, place of residence, login authentication Data management time: In the case of non-mandatory data: the duration of the use of the Service or until the withdrawal of the consent, for mandatory data: until withdrawal of consent or 5 years after termination of service.
Data management case: contact
Legal basis: Data management based on the consent of the Data subject (GDPR Article 6 par. (1) a) Target: contact with the user Data content: e-mail address, phone number Data management time: consent, until withdrawal
Data management case: data measured by measuring instruments
Legal basis: Data management based on the consent of the Data subject (GDPR Article 6 par. (1) a) and for health data the Article 9 par. (2) a) Target: serves the purpose of data storage and data analysis Data content: type of measurement: body weight, body composition, pulse, pulse wave, ECG, skin temperature, blood sugar, blood pressure data, blood oxygen level, time of measurement, date of collection, date of upload, time of arrival at the server, length of measurement time, status, degree of measurement latitude, degree of measurement length, occupancy, unique identifier, data upload device, specification identifier. Data management time: until withdrawal (typically the duration of the subscription to the Service)
Data management case: data processed in connection with a measuring instrument
Legal basis: Data management based on the consent of the Data subject (GDPR Article 6 par. (1) a), and for health data the Article 9 par. (2) a) Target: device identification Data content: MAC ID, device name and type, status, owner, registration date, which user has the device, deregistration date, unique ID, user assigned to the device. Data management time: During the period of provision of the service
Data management case: age
Legal basis: Data management based on the consent of the Data subject (GDPR Article 6 par. (1) a) Target: Customization of service provision, checking the legal conditions of concluding a contract Data content: age (year of birth) Data management time: consent, until withdrawal
Data management case: Evaluation by operators
Legal basis: Data management based on the consent of the Data subject (GDPR Article 6 par. (1) a) pontja, and for health data the Article 9 par. (2) a). Target: statistical analysis of the measured data Data content: measured data, age, gender, contact data Data management time: consent, until withdrawal, or for the duration of the relevant subscription
Data management case: Expert evaluation
Legal basis: Data management based on the consent of the Data subject (GDPR Article 6 par. (1) a) and for health data the Article 9 par. (2) a) Target: Analysation of the data sent by the Operator Data content: measured data, age, no Data management time: consent, until withdrawal, or for the duration of the relevant subscription
Data management case: Record customer service inquiries
Legal basis: Data management based on the consent of the Data subject (GDPR Article 6 par. (1) a) Target: contact, retrievability Data content: contact details, recorded content of the conversation Data management time: consent, until withdrawal, or 1 year after the end of the administration
Data management case: Complaint, storage of error reporting emails
Legal basis: Data management based on the consent of the Data subject (GDPR Article 6 par. (1) a)a Target: contact, quality assurance, retrievability Data content: Email sent by the Data subject Data management time: in case of consumer protection issues for 3 years
Data management case: Recording of data contained in error reports in the ticketing system
Legal basis: Data management based on the consent of the Data subject (GDPR Article 6 par. (1) a) and for health data the Article 9 par. (2) a)a Target: efficient handling of error tickets, retrievability Data content: Personal data provided by the Data subject in the error reports Data management time: until deletion after troubleshooting
2. Not handling personal data collected directly from the Data Subject
Data management case: In the case of benefits provided by the Company, the related data management
Legal basis: Legitimate interest (6(1)f) Target: contact for contract and subsequent operation Data content: the name, position, telephone number and email address of the administrative contact person specified in the contract; Data management time: during the term of the contract
Data management case: Register of PrivateDoctor users by customer service
Legal basis: jogos érdek (6(1)f) Target: üperforming customer service tasks Data content: Name, birth name, (date of birth,) e-mail address, telephone number, type of service used Data management time: relationship with the Data subject + 5 years
Data management case: Register of PrivateDoctor users by operator
Legal basis: Legitimate interest (6(1)f) Target: performing customer service tasks Data content: Name, birth name, (date of birth,) e-mail address, telephone number, type of service used, measured data Data management time: relationship with the Data subject + 5 years
Data management case: Register of PrivateDoctor users by operation
Legal basis: Legitimate interest (6(1)f) Target: performing operational tasks Data content: Name, birth name, (date of birth), e-mail address, telephone number, type of service used, other details Data management time: job loading length +5 years
Data management case: Logging the activities of Operators, Administrators
Legal basis: Legitimate interest (6(1)f) Target: traceability of system operations Data content: events’ data Data management time: 5 years
Data management case: Security log files
Legal basis: Legitimate interest (6(1)f) Target: traceability of system operations Data content: events’ data Data management time: 5 years
Data management case: Cookies stored offline
Legal basis: Legitimate interest (6(1)f) Target: user identification required for measurement accuracy Data content: cookies with login information during the offline period Data management time: existence of a subscription relationship
Data management case: Invoicing
Legal basis: aBased on GDPR Article 6 par. (1) c the Accounting Act 168. § Target: Issuance of an invoice to certify the performance of the Service. Data content: billing information (according to the legal provisions in force at any time) Data management time: statutory period (up to 8 years from issue)
Chapter III: Data protection provisions provided by the GDPR
2. Persons accessing the data, data transfer from the Private Doctor
The Data Controller determines the access to the data available in the Private Doctor on the basis of the relevant legal regulations and the content of the statements made by the Data Subject.
Only the person authorized by the Operator, the Expert and the Data Subject may have access to the health and personal data processed in the Private Doctor, provided that this is not restricted by the Data Subject.
Persons entrusted by the Data Controller with the performance of tasks related to the operation of the applications may have access to the data of the Data Subject only in order to perform their tasks.
The transfer of data from the records of the Private Doctor is possible only on an appropriate legal basis, on the basis of an individual assessment, this does not affect the data subject's possibility to transfer data concerning his / her own data.The Data Controller uses data transfer in connection with the Service to the following service provider for the purpose indicated below:
Mobil4 Kereskedelmi és Szolgáltató Zrt.
Head office: 1016 Budapest, Krisztina krt. 75B
Mobil4 Kereskedelmi és Szolgáltató Zrt. Is a partner of the Data Controller and an independent data controller, which provides fee collection and collection services on the basis of a contract with the Data Controller. The details and conditions of the data transfer between the parties shall be settled in a separate data transfer agreement between the parties.
3. Data security
In particular, the Data Controller of the Private Doctor shall take administrative, physical and logical protection measures against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as accidental destruction and damage, and inaccessibility due to changes in the technology used.
In order to prevent unauthorized access, in addition to the encrypted storage of data, access to them is only possible after reliable authentication (certificate-based or two-factor authentication). With respect to the Private Doctor, all business and system events are logged, and administrative activities are recorded in a way that makes modification impossible. The only place for electronic data processing is the Data Controller's own servers, which are protected by the Data Controller's firewall and external service provider's software (identification, encryption, data protection). The physical protection of the servers is provided by Invitech ICT Services Kft., The servers are under constant guard in the server room of Invitech ICT Services Kft.
In order to prevent accidental destruction and damage of the data, the data files are saved regularly.
The Private Doctor, as a data controller, pays special attention to prevent the incorrect recording of the data of the Data Subjects, as well as to the data of the Data Subjects being recorded to another Data Subject. The data processing for the identification of the Data Subject all serves the purpose of ensuring the security and reliability of the treatment.
4. Management of personal data of third parties
In order to authorize and share the data of the Affected Third Party (eg treating physician, specialist), the e-mail address and name of this third party must be provided. The data subject is obliged to obtain from this third party the necessary data processing consent for the delegation process. If the requested person does not accept the request within 5 working days, the request shall lapse and an already accepted request may be withdrawn at any time.
5. Other data management
5.1. MANAGEMENT OF THIRD PARTY PERSONAL DATA
If the Data subject provides personal data of third parties, the Data subject is obliged to ensure that he or she obtains the necessary consent or other legal basis for the disclosure of the data and notifies the Data Controller of any changes in this regard. The Data subject shall refrain from transferring the personal data of third parties, unless the disclosure is necessary for the performance of a contract with the Data Controller.
5.2. SECONDARY USER
However, the third party authorized by the Data subject to access the personal data stored in the PrivateDoctor system may not initiate measurements by the secondary user.
If the Data subject grants a right of access to a secondary user, the Data subject must provide the Social Security number in addition to the data indicated in point 3 of the Data Management Information when granting the right of access in order for the treating physician to gain access to the health data. For the management of the Social Security number, the Data Management Information 3.1. is governed by the fact that Physicians do not have access to the data.
5.3. GROUP DATA MEASUREMENTS
The Private Doctor system also provides the ability for one or more individuals to access data from members of a specific group during group measurements.
Supervised group measurement: The person who creates the group registers the data of the members of the group on his / her own device, and then identifies the registered persons with a unique identifier (QR code) formed for each registration before each measurement. In the case of supervised group measurement, the person creating the group qualifies as an independent data controller, who is responsible for ensuring that the members of the group get acquainted with the data management conditions and this Data Management Information, in this case Privát Doktor Egészségügyi Szolgáltató és Adatfeldolgozó Zrt.
Device-passing group measurement: Group members perform the registration on their own device and then, after entering the QR code on the measuring device of the person creating the group, perform the measurement with the measuring device, which their own device transmits to the person creating the group. The person who creates the group is considered an independent data controller.
5.4. DATA MANAGEMENT FOR MARKETING PURPOSES
With the prior consent of the Data subject, the Data Controller may present or recommend its own or third party services or products to the Data subject. The Data subject may withdraw his / her consent at any time by e-mail (info@privatdoktor.hu). As profiling is carried out during data management for marketing purposes, the Data Controller has carried out the necessary impact assessment.
5.5. DATA PROCESSING FOR STATISTICAL PURPOSES
The Data Controller handles certain data (gender, age, measurement results) processed in the PrivateDoctor system after anonymization, deprived of their personal nature, for statistical purposes. The data will not be considered personal data after anonymization.
6. Rights of the Data Subject in relation to data management
6.1. REQUEST FOR INFORMATION AND EXERCISE OF THE RIGHT OF ACCESS
The Data Subject is entitled to request information at any time about the personal data processed by the Data Controller concerning him / her and information related to their handling. The Data Subject is obliged to send his / her request for access to the data to the Data Controller in writing and to provide the requested data in writing (electronically or by post), the Data Controller does not provide oral information in this connection. The identity of the Data Subject is verified by the Data Controller.
At the request of the Data Subject, the Data Controller shall provide information on the data processed by him, his data processed by the data controller entrusted by him or at his disposal, their source, purpose, legal basis, duration, name, address and activities related to data processing. the legal basis and the addressee of any transfer. The data controller shall provide the requested information in writing within 30 days of the submission of the request.
After the information, the Data Subject, if he / she does not agree with the data management and the correctness of the processed data, may request the rectification, supplementation, deletion, restriction of the processing of personal data concerning him, as specified in point 5.
The Data Subject may contact the data protection officer of PrivátDoktor with any questions or remarks related to data management.
6.2. CORRECTION, SUPPLEMENTATION, DELETION OF PERSONAL DATA, RESTRICTIONS ON DATA PROCESSING
6.2.1. The right to correct and supplement processed personal data
The Data Subject has the right to have inaccurate personal data concerning him or her corrected without undue delay upon request. Taking into account the purpose of the data processing, the Data Subject is entitled to request the completion of incomplete personal data.
6.2.2. Right of cancellation (forgetting)
At the request of the Data Subject, the Data Controller shall delete the personal data of the Data Subject without undue delay if any of the specified reasons exists:
i) personal data are no longer required for the purpose for which they were collected or otherwise processed by the Data Controller;
ii) the data subject withdraws his or her consent on which the processing is based and there is no other legal basis for the processing;
iii) the Data Subject objects to the processing for reasons related to his / her own situation and there is no lawful reason for the processing, or the Data Subject objects to the processing of personal data relating to him / her for direct business acquisition, including profiling, insofar as it relates to direct business acquisition;
iv) personal data is unlawfully processed by the Data Controller;
v) personal data must be deleted in order to fulfill a legal obligation under Union or Member State law applicable to the controller;
vi) personal data have been collected in connection with the provision of information society services directly to children.
The Data Subject may not exercise his / her right to delete or forget if data management is necessary
i) for the purpose of exercising the right to freedom of expression and information;
ii) on grounds of public interest in the field of public health;
iii) (for archiving purposes in the public interest, for scientific and historical research purposes or for statistical purposes, where the exercise of the right of erasure would make such processing impossible or seriously jeopardize; obsession
iv) to bring, assert or defend legal claims.
In the case of consent-based data management, the deletion of the provided data can be initiated in the form of an e-mail sent to the Data Controller or during the editing of your own profile.
6.2.3. Right to data management restriction
The Data Subject is entitled to restrict the data processing at the request of the Data Controller if the
i) the Data Subject disputes the accuracy of the personal data, in which case the restriction applies to the period of time that allows the Data Controller to verify the accuracy of the personal data,
ii) the processing is unlawful and the Data Subject objects to the deletion of the data and instead requests that their use be restricted,
iii) The Data Controller no longer needs the personal data for the purpose of data processing, but the Data Subject requests them in order to submit, enforce or protect legal claims,
iv) the Data Subject objects to the data processing; in this case, the restriction shall apply for the period until it is determined whether the legitimate reasons of the Data Controller take precedence over the legitimate reasons of the Data Subject.
The Data Controller shall inform the Data Subject, at whose request the data processing has been restricted, in advance of the lifting of the data processing restriction.
6.3. PROTECTION AGAINST THE PROCESSING OF PERSONAL DATA
The Data Subject has the right to object at any time, for reasons related to his or her own situation, to the processing of his or her personal data in the case of data processing ordered by law or based on a legitimate interest. The exact scope of these data processing cases can be found in Section 3.3 of this prospectus, and the scope of the data processed in these cases can be found in the spreadsheet in Chapter II.
If the Data Subject objects to the processing of personal data, the Data Controller may not further process the data, unless the Data Controller proves that the data processing is justified by compelling legitimate reasons which take precedence over the interests, rights and freedoms of the data subject or which have legal claims. related to the submission, enforcement or protection of.
The Data Subject may, in his or her own words, object to the processing of his or her personal data within the scope set out above.
6.4. RIGHT TO DATA PORTABILITY
Data portability enables the Data Subject to obtain and further use the data transferred by him / her in the Data Management System. In all cases, the right is limited to the data provided by the Data Subject, there is no possibility for the portability of other data. (eg statistics, transaction data, etc.) Based on the above, the right to data portability applies to contact data and disposition settings provided in the framework of digital self-determination.
The Data Subject may receive the personal data concerning him / her in the Data Management System in a structured, widely used, machine-readable format if:
i) the processing is based on consent pursuant to Article 6 (1) (a) or Article 9 (2) (a) or on a contract pursuant to Article 6 (1) (b); and
ii) the data processing is automated.
6.5. AUTOMATED DECISION - MAKING IN INDIVIDUAL CASES
The Data Subject has the right not to be covered by a decision based solely on automated data processing, including profiling, which would have legal effects on him or her or would be similarly significantly Data subject.
7. Dealing with privacy incidents
A data protection incident is a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to, personal data that is transmitted, stored, or otherwise handled. During the handling of the incident, the data controller is obliged to act in accordance with the provisions approved in the Incident Management Regulations. In order to control the measures related to the data protection incident, to inform the supervisory authority and to inform the data subject, the Data Controller keeps a register containing the scope of personal data Data subject by the incident, the scope and number of data subjects, the date, circumstances, effects and measures taken. If the Data Controller considers that a particular incident is likely to jeopardize the rights and freedoms of the data subjects, it shall inform the supervisory authority of the data protection incident without undue delay and within a maximum of 72 hours. If the Data Controller considers that a particular incident is likely to pose a high risk to the rights and freedoms of the data subjects, it shall inform the data subject of the data protection incident without undue delay.
8. Remedies
In accordance with Article 77 of the GDPR, the Data Subject may, if he or she considers that the processing of personal data concerning him or her does not comply with the requirements of the GDPR, submit a complaint by e-mail or post to the National Data Protection and Freedom of Information Authority (NAIH). It is not possible to enforce any rights over the phone.
The Data Subject may exercise his / her rights at the following contacts:
Name: National Data Protection and Freedom of Information Authority
Mailing address: 1363 Budapest, Pf. 9.
E-mail address: ugyfelszolgalat@naih.hu
web: http://naih.hu
The Data Subject may also assert his or her rights before the court having jurisdiction over the place of residence or stay.
Chapter IV: Provisions taken by the controller
1. Provide virus protection
Data Manager provides automatic virus protection on servers with direct client traffic and automatically updates the virus library to the latest version, ensuring that the antivirus solution is kept up to date.
2. Ensuring integrity
Based on the principle of integrity, the Data Controller ensures that the modification of the data can be established.
3. Ensuring confidentiality
The Data Controller ensures, through its identification and authorization management register, that the personal data stored and available in the Private Doctor can only be accessed by authorized persons.
The identification and authorization management record data is stored encrypted.
4. Ensuring availability
The Data Controller shall make backup copies of the data stored on a physical data carrier in connection with the operation of the Private Doctor in accordance with the relevant internal regulations .:
A full backup of the PROD_PrivatDoktor, TST_privatdoktor and DEV_privatdoktor databases is automatically created at 05:00 every day.
The backups are stored separately on a dedicated server dedicated to this purpose, which can receive the saved data via ssh, so after a successful backup, the generated files are also copied to this server.
This currently automatically saves MSSQL databases once a day (05:00).
When the saved files are automatically deleted, a log file is created from the source server during the backup, so that the sequence of events can be traced, an error and / or a notification letter is generated when the save is successful. After the retention period expires, the old backup files will be deleted.
Chapter V: Final provisions
The provisions of this Prospectus shall be communicated to persons performing tasks related to the Private Doctor, handling or processing personal data. This Prospectus must also be published on the website of the Private Doctor.