1.       WELCOME

2.   DEFINITIONS

3.   GENERAL INFORMATION

3.1     Contact details of the Data Controller

3.2     About the Data Protection Officer

4.   NAMED DATA PROCESSING

4.1 Contacting

4.2 Server Logging

4.3 Cookie Management

4.4 Handling data of participants in the first aid course

4.5 Managing contact persons’ data

4.6 Displaying instructors’ data on the website

4.7 Data processing related to the Company’s Facebook page

5.  METHOD OF STORING PERSONAL DATA, SECURITY OF DATA PROCESSING

6.  RIGHTS OF DATA SUBJECTS

6.1 Right of access to personal data (GDPR Article 15)

6.2 Right to rectification (GDPR Article 16)

6.3 Right to erasure (right to be forgotten, GDPR Article 17)

6.4 Right to restriction of processing (GDPR Article 18)

6.5 Right to data portability (GDPR Article 20)

6.6 Right to object (GDPR Article 21)

7.  PROCEDURAL RULES

8.  MODIFICATION OF THE DATA PROCESSING NOTICE

9.  LEGAL REMEDIES

1.

Dear Customer,

Thank you for taking the time to review the data protection and privacy notice of the operator of the website https://gazdisuli.com/ (hereinafter referred to as: the website), PetWiseCare Ltd. (hereinafter referred to as: the Company). Through this notice, you can gain detailed insight into the Company’s data processing practices.

Our company, PetWiseCare Ltd., is committed to protecting the personal data of its clients. To this end, the Company handles personal data confidentially and in accordance with the applicable European and Hungarian legislation, paying special attention to the following laws:

• Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation or GDPR);
• Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (Infotv.);
• Act V of 2013 on the Civil Code (Ptk.);
• Act XLVIII of 2008 on the Basic Conditions and Certain Limitations of Economic Advertising Activities (Grt.);
• Act CXIX of 1995 on the Use of Name and Address Information for Research and Direct Marketing Purposes (Katv.);
• Act CLV of 1997 on Consumer Protection (Fgytv.);
• Act C of 2000 on Accounting (Számtv.).

According to Article 13 of the GDPR, PetWiseCare Ltd. provides the following information about data processing:

2. DEFINITIONS

The meanings of the terms used by the Company in this data processing notice – based on the GDPR – are as follows:

1. “Personal data”: any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person;
2. “Data processing”: any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction;
3. “Restriction of data processing”: the marking of stored personal data with the aim of limiting their processing in the future;
4.  “Pseudonymization”: the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately, and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person;
5.  ‘Data controller”: the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the data controller or the specific criteria for its nomination may be provided for by Union or Member State law;
6. “Data processor”: a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the data controller;
7.  “Recipient”: a natural or legal person, public authority, agency, or another body, to whom or which the personal data are disclosed, whether a third party or not. However, public authorities that may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall comply with the applicable data protection rules according to the purposes of the processing;
8. “Third party”: a natural or legal person, public authority, agency, or another body other than the data subject, data controller, data processor, and persons who, under the direct authority of the data controller or data processor, are authorized to process personal data;
9. “The data subject’s consent”: any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
10. “Data protection incident”: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise processed;
11. “Enterprise”: a natural or legal person engaged in economic activity, regardless of its legal form, including partnerships or associations regularly engaged in an economic activity;
12.  “Information society service”: a service as defined in point (b) of Article 1(1) of Directive (EU) 2015/1535 of the European Parliament and of the Council.

3. GENERAL INFORMATION

3.1 Contact details of the Data Controller

• Name: PetWiseCare Ltd.
• Representative: Dr. Pálma Piller, Managing Director
• Registered Office: 1054 Budapest, Honvéd u. 8. 1st floor, door 2
• Phone Number: +36303074093
• Email Address: support@petwisecare.com

3.2 About the Data Protection Officer

We inform you that, based on Article 37 of the GDPR, the Company is not required to appoint a data protection officer, as it does not qualify as a public authority or body, does not engage in activities that involve regular and systematic large-scale monitoring of users, and does not process a large number of special categories of data or personal data relating to criminal convictions and offenses as part of its main activities.

If you have any data protection-related questions, please send them to the email address support@petwisecare.com, and the Company’s staff will promptly begin processing the data or questions you have indicated and investigate the matter.

4. DESIGNATED DATA PROCESSING

In the spirit of transparency required by the GDPR, you can find detailed information below, segmented by specific data processing purposes, about the data processed to achieve these purposes, their legal basis, and the duration of data processing.

To ensure protection against unauthorized access, we have implemented appropriate technical precautions and take all possible measures to maintain maximum protection.

4.1 Contacting us

If you have any questions or are interested in our services, you can contact us via the central email address provided on the website or through the contact form.

The contact form only requests data from you to enable us to reach out and respond to your inquiry.

Please provide your phone number only if you specifically wish to receive a response via this channel to your question or inquiry.

• Purpose of Data Processing: Contacting the data subject
• Scope of Data Processed: Email address, first and last name, phone number (optional)
• Legal Basis for Data Processing: The data subject’s consent [GDPR Article 6(1)(a)]
• Duration of Data Processing: Until the contact is concluded (i.e., until the data subject’s question is answered or information is provided in response to their inquiry), but for a maximum of 3 months.

 4.2 Server logging

When visiting the website https://gazdisuli.com/, the web server records only the IP address.

The generated data is not linked with other data during the analysis of log files.

4.2.1 Purpose of Data Processing: Monitoring the system’s operation

4.2.2 Legal Basis for Data Processing: Legitimate interest of the data controller [GDPR Article 6(1)(f)]. Legitimate interest: the secure operation of the website.

4.2.3 Scope of Data Processed: The computer’s IP address

4.2.4 Duration of Data Processing: 6 months

4.3 Cookie (“cookie”) management

Information: Cookies are information packages sent by the service provider’s web server to the user’s device through the browser when using the online store. The primary purpose of cookies is to record user data to analyze the user’s activities related to the website. If the browser sends back a previously saved cookie, the service provider managing the cookie can connect the data saved during the user’s current visits with previous data for statistical purposes, but only in an anonymous form.

Cookies enable the website to recognize previous visitors. They help the data controller optimize the website, making its services more user-friendly. Cookies can also:

• Remember settings, so users do not have to enter them repeatedly.
• Remember previously entered data, so users do not have to type them again.
• Analyze the use of the website to implement improvements, ensuring the website operates according to user expectations and helps users find the information they seek.
• Display advertisements tailored to users’ interests based on their behavior.

The Company uses the following cookies (name-description-duration):

• “_ga”: This cookie collects data about the use of the website, but not personal data; it records how often and in what form the website is visited. Duration: 2 years

• “_gid”: Identifier for distinguishing users. Duration: 24 hours

• “_gat”: A temporary identifier. Duration: 1 minute

• Purpose of Data Processing: Identifying the users’ current session, storing the data detailed above to improve the user experience and make it more convenient.

• Legal Basis for Data Processing: The data subject’s consent [GDPR Article 6(1)(a)].

Cookie Management by External Service Providers on the Website: The independent measurement and auditing of the website’s traffic and other web analytics data are assisted by an external service provider, Google Analytics.

The cookie related to the Google Analytics program records only non-personally identifiable information.

More detailed information about this data processing can be found at: http://www.google.com/intl/hu/policies/.

You can delete the cookie from your computer or disable the use of cookies in your browser. You can generally manage cookies in the Tools/Settings menu under Privacy/History/Custom settings or under the terms cookie or tracking. If you change these settings, some features or characteristics may not function correctly.

You can learn more about cookies and obtain further information on the following websites: www.nopara.org, www.youronlinechoices.com/hu/, and http://www.allaboutcookies.org.

4.4 Data management of first aid course participants

One of the Company’s business activities is conducting in-person courses for pet owners. During these sessions, the Company processes some personal data of participants to verify attendance and issue certificates of course completion.

4.4.1 Purpose of Data Processing: Identification, verification of participation, issuing certificates

4.4.2 Legal Basis for Data Processing: Fulfillment of contractual obligations (GDPR Article 6(1)(b)).

4.4.3 Scope of Personal Data Processed: Name and email address of the pet owner

4.4.4 Duration of Data Processing: 5 years from the date of course participation

4.4.5 Data Transfer: In case of inspection, to the authority, to the Company’s employees, and its assistant subcontractor

4.5 Data processing related to the Company’s Facebook page

For the purpose of promoting the Company and providing educational content, the Company maintains a public page on the Facebook social networking platform, which is administered by the Company’s managing director.

The operators of Facebook pages and Facebook itself are considered joint data controllers.

Facebook’s data protection policies can be found at: https://www.facebook.com/privacy/explanation.

• Purpose of Data Processing: Promoting the Company, providing educational content
• Legal Basis for Data Processing: The data subject’s consent [GDPR Article 6(1)(a)]; for the closed page, fulfillment of contractual obligations [GDPR Article 6(1)(b)].
• Scope of Data Processed: The data subject’s first and last names, the image of the data subject appearing in photos, and in videos, the data subject’s image and voice
• Duration of Data Processing: For the Company’s professionals, until the termination of the contract or withdrawal of consent; for other data subjects, until the withdrawal of consent or in accordance with Facebook’s policies.

5. HOW PERSONAL DATA ARE STORED, SECURITY OF PROCESSING

The Company prioritizes data security and follows strict security protocols in storing, transmitting, and protecting personal data against accidental loss, destruction, and damage. The Company ensures this through:

• IT measures (e.g., selecting appropriate software and programs, firewalls, SSL standards, and backups),
• Technical measures (e.g., providing physical protection, ensuring that documents are stored securely in a locked environment), and
• Organizational measures (e.g., implementing an authorization system for persons processing data on behalf of the Company (subcontractor), ensuring that such persons can only access information essential to their work).

The Company stores personal data within Hungary at its headquarters on its own data carrier. Backups are conducted using a cloud service that complies with the GDPR.

For the website http://gazdisuli.hu, the hosting provider is:

• Name: Google Cloud EMEA Limited
• Registered Office/Location: Velasco, Clanwilliam Place, Dublin 2, Ireland

6. RIGHTS OF DATA SUBJECTS

If you, as a data subject, wish to exercise your rights under the GDPR, please contact us using the contact details provided in section 3.1!

You may exercise the following rights according to your choice:

6.1 Right of access to personal data (Article 15 GDPR)

By exercising this right, you can request a copy of the personal data stored about you and verify that we have processed it lawfully.

The information is provided free of charge, but an administrative fee may be charged for additional copies.

6.2 Right to rectification (Article 16 GDPR)

You have the right to request the correction of inaccurate personal data or the completion of incomplete personal data. We will fulfill this request promptly (without undue delay).

6.3 Right to erasure (right to be forgotten, Article 17 GDPR)

You have the right to request the deletion of your personal data. We will fulfill this request promptly (without undue delay). If the personal data has been made public, we will take all reasonable steps to inform other data controllers that you have requested the deletion of links to or copies of this personal data.

We are obliged to delete your personal data without a request and promptly (without undue delay) in the following cases:

• The personal data is no longer necessary for the purposes for which it was collected;
• You withdraw your consent on which the processing is based, and there is no other legal basis for the processing;
• You object to the processing, and there is no overriding legitimate ground for the processing;
• The personal data has been processed unlawfully despite our best efforts;
• The personal data must be deleted to comply with a legal obligation under Union or Member State law;
• The personal data was collected in connection with offering information society services to a child under 16 years of age.

6.4 Right to restriction of processing (Article 18 GDPR)

You can request restriction of processing if you believe the processed personal data is inaccurate until its accuracy is verified.

If the data processing is unlawful, but you do not wish for your data to be deleted because you have an interest in retaining it, you may request that we restrict the processing instead.

If the purpose of the data processing has ceased, but you require the data for legal claims, you can also request restriction.

If you objected to the data processing, but we believe that the Company’s legitimate interests override yours, the restriction applies until this matter is resolved.

6.5 Right to data portability (Article 20 GDPR)

You have the right to request your processed data in an electronic and structured format and transfer it to another data controller, or – if technically feasible – you can ask us to transfer it.

6.6 Right to object (Article 21 GDPR)

You have the right to object to the processing of your personal data for direct marketing or profiling purposes. In such cases, the data will not be processed for this purpose.

You may also object if the data processing is based on the legitimate interest of the Company (or a third party). In this case, the data can only be processed further in very exceptional cases (compelling legitimate grounds).

7. PROCEDURAL RULES

If you wish to exercise your rights, we will inform you of the actions taken in response to your request without undue delay and no later than one month from the receipt of the request. If necessary, considering the complexity of the request and the number of requests, this period may be extended by an additional two months.

We will inform you of the extension and the reasons for the delay within one month of receiving the request. If you submitted your request electronically, the information will be provided electronically unless you request otherwise.

If we do not take action based on your request, we will inform you of the reasons for not taking action without undue delay and no later than one month from the receipt of the request. You will also be informed of your right to lodge a complaint with the National Authority for Data Protection and Freedom of Information and to seek judicial remedy.

The requested information and communication will be provided free of charge. However, if your request is clearly unfounded or – especially due to its repetitive nature – excessive, we may charge a fee or refuse to act on the request.

We will inform all recipients of any rectification, deletion, or restriction of processing, except where this proves impossible or involves disproportionate effort. Upon request, we will inform you of these recipients.

We will provide you with a copy of the personal data undergoing processing upon your request. We may charge a fee for additional copies. If you submitted your request electronically, the information would be provided in electronic form unless you request otherwise.

8. CHANGES TO THE PRIVACY NOTICE

The Company reserves the right to unilaterally modify this Notice at any time.

By using the website, you accept the provisions of the Notice in force at any time, and no further consent from the data subjects is required.

9. ENFORCEMENT OPTIONS

9.1 In order to enforce your rights, you can contact the National Authority for Data Protection and Freedom of Information, whose contact details are as follows:

• Registered Office: 1125 Budapest, Szilágyi Erzsébet fasor 22/C
• Mailing Address: 1530 Budapest, P.O. Box: 5
• Phone: +36-1-391-1400
• Fax: +36-1-391-1410
• Email: ugyfelszolgalat@naih.hu
• Website: http://www.naih.hu

9.2 

In addition to the above, you may also take legal action if your rights are violated. The court of law is competent to hear such cases. The lawsuit can be initiated before the competent court of your residence or place of stay, according to your choice. The Company will provide you with detailed information about the possibility and means of legal remedies upon request.

10. Final provisions 

These data management policy is available on this website in both Hungarian and English. In the event of any discrepancy or inconsistency between the Hungarian version of the Data Management Policy and any other language version, the Hungarian version shall prevail.

PetWiseCare Ltd.

August 17, 2023