|
Smylist Kft. (seat: 1115 Budapest, Bártfai street 59. VIII. 27., Hungary; Company Registry No: 01-09-908756; Registering authority: Metropolitan Court as Company Court; tax number: 14545463-2-43) (hereinafter referred as Service Provider) operates a professional website and webshop under the www.smylist.com website. In the course of this activity, Service Provider processes data of visitors and registering users (Users) of the website. In connection with such data processing, Service Provider hereby informs Users of the personal data processed by it via the website, its principles and practice followed in relation to processing personal data, the organizational and technical measures taken for the protection of personal data, and the means and possibilities of exercising rights by the data subjects.
Service Provider observes the inherent rights of the visitors of the website; processes personal data recorded confidentially, in accordance with data protection laws and international recommendations, according to the present privacy statement.
By using the website, You as User accept the following, and consent to the data processing defined below.
Terminology
Act LXIII of 1992 regulates the protection of personal data and the publicity of information of public interest (hereinafter referred as DPA). Pursuant to the act:
'data processing' shall mean, irrespective of the procedure used, any operation or set of operations that is performed upon data, such as the collection, taking, recording, organization, storage, alteration, use, disclosure, publication or otherwise making accessible, alignment or combination, blocking, deletion or destruction, as well as disabling further use of such data. Photographing, sound or image recording, as well as the recording of physical attributes suitable for identification purposes (such as fingerprints and palm prints, DNA samples and retinal images) shall qualify as data processing. 'personal data' shall mean any information relating to a specific (identified or identifiable) natural person (hereinafter referred to as data subject) and any deductions with respect to the data subject that can be made from such data. In the course of data processing, such personal data shall be treated as such as long as its relation to the data subject is restorable. A person is identifiable especially if he/she can be identified, directly or indirectly, based on a name, identification number or one or more factors specific to his/her physical, physiological, mental, economic, cultural or social identity. 'data management' shall mean the performance of technical operations related to data processing, irrespective of the method and instruments employed for such operations and the venue where it takes place. 'disclosure’ shall mean making certain data available to a specific third party. 'deletion' shall mean the destruction or elimination of data sufficient to make them irretrievable.
Designation of the data processor
Smylist Kft. (seat: 1115 Budapest, Bártfai street 59. VIII. 27., Hungary)
Data processor’s identity number of registration:
Considering that the data processing applies to Users in a client relationship with the data processor, the registration of the data processing is not necessary based on Section 30 paragraph a) of Act LXIII of 1992 on the protection of personal data and the publicity of information of public interest.
Legal grounds of data processing
Data processing by Service Provider shall take place based on the voluntary consent of Users in accordance with section 3 subsection (1) paragraph a) of the DPA, and based on Act CVIII of 2001 on electronic commercial services and on information society services. User consents to each data processing by using the website, registering on it, and providing the data in question voluntarily.
Data processed
Technical data. During the use of the website, Service Provider automatically records, for technical reasons, the IP address of the User, the type of operation system and browser used by User, as well as further information. The system records these data continuously, but does not link them to data provided during registration or usage. Data arising from the above are not accessible for Users, but only for Service Provider.
Service Provider may record the data of the websites from where User reaches Service Provider’s website, the data of the websites that User visited at our website, as well as the time and duration of the visit. It is not possible to deduce the identity of the person or the profile of the User from these data.
The system identifies the computers of the visitors of the website with a so-called cookie.
Service Provider may use the above information exclusively for the technical operation of the website, and for statistic purposes.
Registration. In the course of registration, User shall mandatorily provide the following personal data:
- user name chosen
- password
- name
- date of acquisition of dentist degree or dental technical qualification
- name and address of the dentist’s surgery/dental technical surgery, surgery’s central phone number
- own e-mail address.
After providing the data, Service Provider sends the User the link needed to validate the registration via e-mail.
The purpose of the data processing related to registration is to identify the visitors of the website for using the services of the website, to document service provision and the suitability of performance, and to allow billing, if necessary.
After registration, User may voluntarily provide further data for the purpose of improving the service and the software licensed by Service Provider.
Service Provider undertakes not to send e-mail messages to User’s e-mail address provided in the course of registration, except e-mails related to services used by User.
Webshop. Service Provider operates an online shop via the website, whereon the software products developed by Service Provider may be acquired and the services provided by Service Provider may be ordered. Service Provider processes technical data of usage of the webshop (e.g.: data of initiated, pending transactions), and data provided by User during the ordering process.
Software activation and license file generation. Using the website, User may activate the software copies purchased from Service Provider. In the course of activation, User shall provide the unique ID of the given software, and Service Provider, in connection with the above, shall record the time of activation. Following activation, User shall provide the hardware key (in case of more than one computers: hardware keys) generated by the software in the process of installation, based on the hardware data of the computer used by User. Furthermore, Service Provider stores the license file placed at User’s disposal as a result of the process, with which the software can be used in the operating environment given. The purpose of the above data processing is to manage licenses, to prevent illegal use, and to fulfill tasks and support related to license management.
Software User database. Service Provider operates a registry to manage the licenses granted (in fact, the software users), the license expiries and renewals, based on the data provided by Users. Service Provider may use the registry to provide related support services.
Software support. User may use the support and the customer service provided by Service Provider via the website after registration and logging in to the website. In the course of using the services, certain personal data may be communicated, in order to allow such support.
Service Provider will send notifications to User by e-mail on making available any updates downloadable free of charge.
Application to courses. In addition, it is also possible to apply to so-called ‘smile courses’ by means of the website. In the course of application, the data to be provided by User obligatorily or optionally, alter on a case by case basis, depending on the purpose and characteristics of the given course. The purpose of data processing is to identify the participants, ensure contact with them, and to enable related billing, if applicable, and furthermore, to enable Service Provider and the trainer of the course to develop the professional content of the event taking into account certain characteristics of the participants.
Reseller login. Service Provider provides certain services to its contracted resellers via the website. Related registration and service provision shall be take place in accordance with the specific agreements with such resellers.
Even for the above mentioned purposes, data will be processed exclusively in the manner prescribed by law, to the extent and the duration necessary to achieve the purpose, and only with the personal data that is indispensably necessary for the above mentioned purposes, and suitable to attain such purposes.
Duration of data processing
Processing of personal data provided obligatorily in the course of registration shall start with the registration and end with cancellation. In case of voluntary data, data processing shall last from the date providing the data in question until deleting it. User may delete his/her registration at any time; while Service Provider may only delete his/her registration in the cases and manner regulated in the Terms of Use.
Service Provider shall store data related to licenses for the time of validity of the license, and shall retain such data for 6 months calculated from the termination of the license.
The system stores log information for 6 months calculated from the date of logging, except for the date of the last visit which is automatically overwritten by the system.
The above provisions do not affect the fulfillment of particular data retention obligations set forth by law (e.g. in accountancy laws), or data processing based on additional consents provided in the course of registration on the website, or in any other manner.
Disclosure, data management
Related to the registration for courses, User’s data may be disclosed to organizations and persons participating in the organization and performance of the course, for the purpose of preparation and implementation of the course. Service Provider shall not be liable for the processing practices of such external actors.
Beyond the above, transmission of personal data related to User is possible exclusively in cases set forth by law, or with the consent of User.
Service Provider is entitled to resort to a technical data manager (system operator, freighter company, accountant) for the operation of the underlying IT system, the performance of orders, and accounting.
Data security
Service Provider shall take all steps necessary to guarantee the security of data provided by Users in the course of network communications as well as the storage and keeping the data. Service Provider shall store the data provided on a dedicated, 24-hour guarded server situated in the territory of the Hungarian Republic, at Service Provider’s external premises.
Access to personal data is strictly limited in order to prevent unauthorized access, alteration and usage of the personal data.
User may record data to be provided during registration and the usage of the webshop using a website with a secure online connection (SSL). Further information:
http://www.netlock.hu/USEREN/index.html.
Rights of Users and remedies
User may request information about personal data processed by Service Provider pertaining to User, and furthermore, with the exception of the user name chosen, User may modify or delete his/her data at any time by means of the administration surface accessible on the website.
Based on a request by the User, Service Provider shall inform User about the data processed by Service Provider related to User, the purpose, legal basis and period of data processing, furthermore, to whom and for what purpose Service Provider provides or has provided User’s data. Service Provider must comply with the request for information in writing, within no more than 30 days from the submission of the request.
User may exercise his/her rights through the following availability:
Anita Berényi
Address: SMYLIST Ltd., H-1115 Budapest, Bártfai utca. 59. 8/27., Hungary
Email: anita.berenyi@smylist.com
User may have a recourse to the colleagues of Service Provider with any questions and observations related to data processing through the above contacts.
User may at any time require the deletion or alteration of his/her data recorded incorrectly. Certain data can be altered or deleted by User himself/herself via the website; in other cases, Service Provider shall delete data within no more than 3 working days from the receipt of the request, and in such a case, no restoration of the data will be possible. Deletion does not include data processing prescribed by law (e.g. accountancy laws), which are preserved by Service Provider for the prescribed period.
User may apply to court for remedy according to the provisions of the DPA and the Civil Code of Hungary (Act IV of 1959), and may also solicit the help of the data protection commissioner (1051 Budapest, Nádor street 22. Address: 1387 Budapest Pf. 40, further information: http://abiweb.obh.hu/abi/).
Service Provider may claim damages in case User provided third party’s data in the course of registration to use the services, or caused damages in any manner during the usage of the website. In such cases, Service Provider provides all cooperation and support to authorities facilitate identification of the wrongdoer.
Usage of e-mail addresses
Service Provider pays special attention to the lawfulness of using the e-mail addresses processed by Service Provider, thus, the above mentioned addresses can be used for sending (information or advertisement) e-mail only in the way determined hereunder.
Processing e-mail addresses serves principally the identification of User, the performance of orders, and contact during usage of the service ; thus, e-mail is sent primarily with these purposes.
In case of any changes in services provided by Service Provider, or in the Terms of Use, Service Provider informs Users of such changes and other similar services in an electronic form, via e-mail in certain cases. Unsubscribing from such a ‘notification list’ is not possible; however, Service Provider shall not use such lists for advertising purposes.
Service Provider may only send e-mails to e-mail addresses provided in the course of registration with advertisements and commercial contents with User’s prior express consent and in cases and manner set forth by law.
Miscellaneous terms and conditions
Service Provider reserves the right to amend the present Privacy Statement unilaterally, with the prior notification of users. After the entry into force of the amendment, User accepts the contents of the amended Privacy Statement by using the service, with conduct that implies acceptance.
User acknowledges that even if Service Provider has had the Privacy Statement translated to other languages, this was done for the convenience of the Users, and even in such case the English language version shall prevail in connection with data processing issues and the extent of he consent provided by User. In case of any inconsistency between the English language version and any other language version, the English version shall prevail.
|