Updated on 17 November, 2020
Protecting your personal data and your private sphere is very important to us. To ensure that you are fully aware of the collection and use of personal data on our website, please take note of the following information.
1. Data Controller
Mediso Kft. (seated at 1037 Budapest, Laborc utca 3.; hereinafter referred to as “Mediso” or ‘Data controller’) as operator of the website under the domain wwww.mediso.com as data controller provide you (hereinafter referred to as “User”, “you” or “Data Subject”) with the following privacy notice pursuant to Art. 13 and 14 of the Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”) regarding the data management in connection with the operation of the website and the connecting services.
The provision of personal data is voluntary and based on the User’s agreement as well as needed to fulfil Mediso’s services to the User, based on Art. 6 of GDPR. The personal data that you supply Mediso with will be processed for the purposes as specified in Art. 2 of the present notice.
Personal data concerning you, supplied by you, will be processed in compliance with the principles of necessity, fairness, lawfulness and transparency established in GDPR. The terms of this privacy notice shall be valid from when your consent is given, until when it is withdrawn.
Your personal data will be processed by employees of Mediso on a need-to-know basis, acting as data controllers and managers, with or without the aid of electronic, print, IT or remote instruments and, in any event, according to logic closely correlated with the purposes listed below.
By using the website as well as the services of Mediso the users while browsing through the website and the applicants for the job offers published thereon shall accept all terms and conditions of the present notice, therefore we kindly ask you to read this notice carefully before using the website or its services.
The data controller
Seat: 1037 Budapest, Laborc utca 3
Company reg. number: 01-09-065375
represented by: Bagaméry István
e-mail address: firstname.lastname@example.org
Phone number: +36 1 399 3030
2. Collection and Processing of Personal Data
2.1 Contact Forms – Online Request, Application
The User may send Mediso information through contact forms available on the website, as well as contact Mediso by e-mail through the email address email@example.com. Mediso will store and use your name, e-mail address, country, company or other institution, address, phone number and any other personal data you enter into the contact forms for the purpose of contacting you individually and deliver all information you need. Data you enter when completing an online request or application form, will be stored and used for the purpose of the process you requested. This will only happen after you have agreed to your data being stored and processed, indicated by accepting the appropriate checkbox provided with the contact form. Your data shall be stored per your consent, until either you withdraw your consent or the purpose of the handling of the personal data is fulfilled.
Your data shall be handled by Mediso’s following employees: managing director; personnel concerned with answering your question, contact and data protection; data protection officer.
Your data shall be handed over to the following entities: Google; cloud computing and hosting provider; supervisory authorities in cases required by statutory law.
2.2 Job Application
You may hand in your job application to Mediso. Mediso may handle your personal data in order to evaluate whether to enter into an employment agreement, moreover, to supply you with information regarding Mediso and/or any job openings. By sending your personal data, you give your consent for the storage and evaluation of your personal data, moreover, you give your consent for Mediso to store your data in its database in order to send you job opportunities.
Personal data handled by Mediso, if provided by you: name; e-mail address; any other CV information provided by you.
Your data shall be handled by Mediso’s following employees: managing director; HR personnel and administrator; data protection personnel; data protection officer.
Your data shall be handed over to the following entities: occupational physician; cloud computing and hosting provider; third party recruitment officer; supervisory authorities.
2.3 Browsing Mediso’s Website – Cookies and Google Analytics
Mediso’s website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses “cookies”, text files which are stored on your computer and which allow an analysis of your use of the website. The information generated by the cookie about your use of this website (including your IP address) is transferred to a Google server in the USA and stored there. The European Commission – under Art. 45 of GDPR – has recognized USA as providing adequate protection for personal data to be transmitted. Google will use this information to evaluate your use of the website in order to compile reports on website activities for website operators and to provide other services related to use of the website and the internet. Google will also transmit this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Under no circumstances will Google connect your IP address with other data from Google.
You can prevent the installation of cookies through an appropriate setting in your browser; however, we hereby inform you that in such case you may not be able to make full use of all the functions of this website. By using this website, you declare your agreement with the processing of the data collected about you by Mediso and Google in the manner previously described and for the purposes previously mentioned. You can revoke permission for your data to be collected and stored at any time with future effect. Alternatively, you can install the deactivation add-on for Google Analytics (https://tools.google.com/dlpage/gaoptout?hl=en ), so long as it is available for your browser.
Please note that this website uses Google Analytics with the IP anonymization extension, which means that IP addresses are only used in shortened form to prevent them being directly linked to an individual.
Personal data handled by Mediso in relation to cookies, if provided by you: IP address; browsing history on Mediso.com;
Your data stored in cookies shall be handled by Mediso’s following employees: managing director; website maintenance; data protection personnel; data protection officer.
Your data stored in cookies shall be handed over to the following entities: Google and Google’s partners in connection with Google Analytics services; cloud computing and hosting provider; supervisory authorities. Personal data are handled on a non-automated way.
3. Third parties, data processing
Mediso and its data processors are entitled to know about the personal data according to the relevant legislation.
Mediso retains the right to involve further data processors into the data controlling on which it shall inform the data subjects by amending the present notice.
In absence of relevant legislation Mediso shall only hand over personal data to third parties with the explicit consent of the given data subject.
4. Right of Revocation
The User may withdraw his/her consent for the handling of his/her personal data for any or all of the purposes as specified in Art. 2. at any time, free of any charge. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
The User may withdraw his/her consent by sending Mediso an appropriate message by e-mail or post, or any other appropriate method indicated in the corresponding part of Art. 2.
If the handling of personal data is based on the User’s consent, revoking such permission results in the deletion of the User’s corresponding personal data.
5. Data Protection
When using the online form your personal data is transmitted over the internet in encrypted form using SSL. By taking technical and administrative measures, we secure our website and other systems against attempts by unauthorised persons to delete, destroy, access, alter or transmit your data.
You recognise and accept that in case of providing your personal data on the website – despite the fact that Mediso has up-to-date security tools at its disposal for preventing the unauthorized access to the personal data – the full defence of the personal data on the internet cannot be warranted.
Therefore, in case of unauthorized access despite our efforts Mediso is not liable for this access and understanding for the personal data as well as the resulting damages arisen at the data subjects.
The security of the data is ensured by the Data Controller in the most up-to-date way possible. The Data Controller undertakes to immediately suspend the service and publish a statement in the event of personal data breach that occur despite the above measures, and to keep a record of the data protection incidents and the measures taken. If the incident posed a risk to the rights and freedoms of the Data Subject, it shall act in accordance with Section 8 of the Prospectus.
6. Links to Other Websites
Our internet presence includes links to other websites. We are not able to influence whether the operators of other websites comply with privacy regulations.
As a provider we are responsible for our own content according to the general laws. Our own content is to be distinguished from the links to content supplied by other providers. We take no responsibility for third-party content provided for use via links, and we do not adopt their content as our own.
Solely the provider of the page to which the link is directed is liable for illegal, incorrect or incomplete content, and especially for damage that results from the use, or lack thereof, of such
7. Rights of the data subjects
Mediso informs you that you may request (i) information on the handling of your personal data and access to your personal data (eg. information on ongoing data processing and its details, such as purpose, data categories, possible recipients, storage period), (ii) correction (eg. inaccurate data correction or completion of incomplete data), (iii) restriction of the processing of personal data (e.g. in case of dispute over the accuracy of personal data, in case of illegal data processing, if the Data Subject objects to the deletion and requests limited use), (iv) deletion (e.g. in case of withdrawal of consent or termination of the purpose of data processing), (v) the termination of the processing of your personal data for a specified purpose or a part thereof, (vi) may object to the processing of your personal data (e.g. in the case of data processing based on the legitimate interests of the data controller or a third party, thus during profiling).
The Data Subject is entitled to receive his / her electronically processed personal data in a structured, widely used, machine-readable format (data portability).
You may also request information on the personal data processed by the potential data processor, their source, the purpose, legal basis, duration of the data processing, the name, address and activities related to the data processing of the data processor. The Data Controller and the Data Processors used by it are entitled to get acquainted with the personal data in accordance with the applicable legislation. In the case of transfer of personal data, you may also request information on the legal basis and recipient of any transfer.
8. Procedure in case of personal data breach
A personal data breach is any event that results in the unlawful handling or processing of personal data in connection with personal data managed, transmitted, stored or processed by the Data Controller, in particular unauthorized or accidental access, alteration, communication, deletion, loss or destruction and accidental destruction and harm. In the event of a personal data breach, you may request information on the circumstances of the incident, its effects and the measures taken to remedy it; if the incident is likely to pose a high risk to your rights and freedoms, the Data Controller shall, without undue delay, inform you in the manner specified in Article 34 of the GDPR.
9. Legal remedies
In relation to data processing, you have the following legal remedies, namely the right of appeal and protest provided for in Chapter VIII and article 21 of the GDPR and you may enforce your rights and claim for damages and compensation before a court in accordance with the provisions of Section 23 of the Act CXII of 2011.
If you have not been able to settle your objection, complaint or request with Mediso (the data controller) in a reassuring manner, or if you at any time consider that there has been a violation of your personal data or that there is a direct danger thereof, you may notify the Nemzeti Adatvédelmi és Információszabadság Hatóság (National Data Protection and Freedom of Information Authority; NAIH; headquarters 1055 Budapest, Falk Miksa utca 9-11, 1363 Budapest, Pf.: 9.) thereof.
In addition, the you havethe right to go to court in the following cases:• against a legally binding decision of the supervisory authority;• if the supervisory authority does not deal with the complaint;• if the supervisory authority does not inform it of the developments or the outcome of the complaint procedure within 3 months;• if, in your opinion, the Data Controller or the Data Processor employed by it has violated its rights under the GDPR as a result of data processing that does not comply with the provisions of the GDPR.
10. Further Information and Contact
If you have any further questions regarding data protection, please contact us. For questions on the collection, processing or use of your personal data, to obtain information on, correct, block or erase your personal data or to revoke any permissions you have given, please contact:
- e-mail address: firstname.lastname@example.org
- postal address: 1037 Budapest, Laborc utca 3.