1.       THANK YOU

2.   DEFINITIONS

3.   GENERAL INFORMATION

3.1     Contact details of the Data Controller

3.2     About the Data Protection Officer

4.   DESIGNATED DATA PROCESSING

4.1     Contact us

4.2     Server logging

4.3     Cookie (“cookie”) management

4.4     Management of the data of participants of the first aid course

4.5     Contact management

4.6     Display of trainers’ details on the website

4.7     Data processing related to the Company’s Facebook page

5.   HOW PERSONAL DATA ARE STORED, SECURITY OF PROCESSING

6.   THE RIGHTS OF DATA SUBJECTS

6.1     Right of access to personal data (Article 15 GDPR)

6.2     Right to rectification (Article 16 GDPR)

6.3     Right to erasure (right to be forgotten, Article 17 GDPR)

6.4     Right to restriction of processing (Article 18 GDPR)

6.5     Right to data portability (Article 20 GDPR)

6.6     Right to object (Article 21 GDPR)

7.   PROCEDURAL RULES

8.   AMENDMENTS TO THE PRIVACY NOTICE

9.   ENFORCEMENT OPTIONS

1.

Dear Customer!

Thank you for taking the time to visit the website https://gazdisuli.com/ (hereinafter referred to as the “website”) of PetWiseCare. Ltd. (hereinafter referred to as “the Company”). This will provide you with detailed information about the Company’s data management practices.

PetWiseCare Ltd. is committed to protecting the personal data of our customers. To this end, the Company handles personal data confidentially and in accordance with the European and Hungarian legislation in force, in particular the following legislation:

• Regulation 2016/679 of the European Parliament and of the Council (General Data Protection Regulation or GDPR);
• the     information  right to self-determination   and     freedom of information act 2011.     CXII.         of 2011 (Infotv.);
• the Civil Code 2013. V of 2013 (Civil Code);
• on the basic conditions and certain limitations of commercial advertising activities of 2008. XLVIII. (Grt.);
• 1995. évi CXIX. törvény a kutatás és a közvetlen üzletszerzés célját szolgáló név- és lakcímadatok kezeléséről (Katv.),
• the 1997 Act on consumer protection. CLV of 1997. Act on the Consumer Protection Act (Fgytv.);
• the Act on Accounting 2000. of 2000 (Act C of 2000 on Accounting Act).

THE GDPR 13. Article 13 of the GDPR, PetWiseCareKft. provides the following information on the processing of data:

2. DEFINITIONS

The following definitions of terms used by the Company in this Privacy Notice have the meaning given to them by the GDPR:

1. ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
2. “processing” means any operation or set of operations which is performed upon personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
3. “restriction of processing” means the marking of stored personal data for the purpose of restricting their future processing;
4.  “pseudonymisation” means the processing of personal data in such a way that it is no longer possible to identify the natural person to whom the personal data relate without further information, provided that such further information is kept separately and technical and organisational measures are taken to ensure that no natural person who is identified or identifiable can be linked to that personal data;
5.  ‘controller’ means a natural or legal person, public authority, agency or any other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of the processing are determined by Union or Member State law, the controller or specific criteria for the designation of the controller may also be determined by Union or Member State law;
6. “processor” means a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller;
7.  “recipient” means a natural or legal person, public authority, agency or any other body to whom or with which personal data is disclosed, whether or not a third party. Public authorities which may have access to personal data in the context of an individual investigation in accordance with Union or Member State law are not recipients; the processing of those data by those public authorities must comply with the applicable data protection rules in accordance with the purposes of the processing;
8. “third party” means a natural or legal person, public authority, agency or any other body other than the data subject, the controller, the processor or the persons who, under the direct authority of the controller or processor, are authorised to process personal data;
9. “the data subject’s consent” means a freely given, specific, informed and unambiguous indication of his or her wishes by which the data subject signifies, by a statement or by an act expressing his or her unambiguous consent, that he or she signifies his or her agreement to the processing of personal data concerning him or her;
10. “data breach” means a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;
11. “enterprise” means any natural or legal person carrying on an economic activity, regardless of its legal form, including partnerships or associations carrying on a regular economic activity;
12.  “information society service” means Directive (EU) 2015/1535 of the European Parliament and of the Council (19) 1. (EU/15/1535) (19);

3. GENERAL INFORMATION

3.1 Contact details of the Data Controller

Name: PetWiseCare Kft

represented by: Dr. Pálma Piller, Managing Director

Seat: 1054 Budapest, Honvéd u. 8. I.floor door 2

Phone number: +36303074093

E-mail address: hello@petwisecare.com

3.2 About the Data Protection Officer

Please be informed that the Company is subject to GDPR 37. is not obliged to appoint a Data Protection Officer under Article 37 of the GDPR, as it is not a public authority or a body with public responsibilities, its activities do not include operations requiring systematic and systematic large-scale monitoring of users, and it does not process a large amount of sensitive data or personal data relating to criminal convictions and offences in the course of its core activities.

If you have a data protection question, please send it to the e-mail address hello@petwisecare.com and the Company’s staff will immediately start processing the data or questions you have indicated and investigating the matter.

4. DESIGNATED DATA PROCESSING

In the spirit of transparency required by the GDPR, you can find out about the data processed to achieve these purposes, their legal basis and the duration of processing, broken down by each processing purpose below.

To ensure that data is protected against unauthorised access, we have taken appropriate technical precautions and will take all possible measures to maintain maximum protection.

4.1 Contacting us

If you have any questions or are interested in our services, you can contact us via the main email address on the website or by using the contact form.

The contact form only asks for your information so that we can contact you and respond to your enquiry.

Only provide your telephone number if you specifically want us to respond to your query or enquiry via this method.

1. 1. Purpose of processing: contacting the data subject
   2. Data processed: e-mail address, first and last name, telephone number (optional)
   3. Legal basis for processing: consent of the data subject [Article 6(1)(a) GDPR]
   4. Duration of data processing: until the end of the contact (until the data subject has answered your question or provided you with the information requested), but for a maximum of 3 months.

 4.2 Server logging

When you visit the https://gazdisuli.com/ website, the web server only records an IP address.

The data generated will not be linked to other data during the analysis of the log files.

4.2.1.    Purpose of processing: to monitor the functioning of the system

4.2.2.    Legal basis for processing: legitimate interest of the controller [Article 6(1)(f) GDPR]. Legitimate interest: secure operation of the website 4.2.3.     Scope of data processed: IP address of the computer

4.2.4.    Duration of processing: 6 months

4.3 Cookie (“cookie”) management

1. 1. Factsheet

Cookies (“cookies”) are packets of information that are sent by the provider’s web server to the user’s device via the browser when using the webshop. The main purpose of cookies is to record the user’s data in order to analyse his/her activity on the website. If the browser returns a previously saved cookie, the cookie management service provider may, for statistical purposes, link the user’s data saved during his current visits to previous visits, but only in relation to its own content, in a non-identifiable form.

Cookies allow the website to recognise previous visitors. Cookies therefore help the data controller to optimise the website, i.e. to tailor the website’s services to users’ habits. Cookies can also be used to:

● remember the settings so that the user does not have to re-enter them,

● remember previously entered data, so you do not have to re-enter it,

● analyse the use of the website to ensure that improvements are made using this information to ensure that it works as well as possible for the user, that the user can easily find the information they are looking for, and

● helps display ads that match the user’s interests by monitoring user behaviour.

The Company uses the following cookies (name-description-lifetime):

“_ga”    This cookie collects information about the use of the website, it does not collect personally identifiable information, but it does collect information about how often and in what format you visit the website.    2 years

“_gid”:    Identifier to distinguish users.    24 hours.

“_gat”:    This is a temporary identifier.    1 minute

1. Purpose of data management: to identify the current session of users, to store the data detailed above in order to improve the user experience, to make it more convenient 
2. Legal basis for processing: consent of the data subject GDPR 6. Article 6(1)(a)
3. Management of cookies from external service providers on the website

The independent measurement and auditing of the website’s traffic and other web analytics data is supported by Google Analytics as an external service provider.

The cookie associated with Google Analytics only records non-personally identifiable information.

More information on this processing is available at http://www.google.com/intl/hu/policies/.

You can delete the cookie from your computer or disable the use of cookies in your browser. You can usually manage cookies by going to the Tools/Preferences menu of your browser and selecting Privacy/Preferences/Custom Settings, then selecting the cookie, cookie or tracking option. If you change these settings, some features or features may not work as intended.

You can find more detailed information and further information about cookies at www.nopara.org, www.youronlinechoices.com/hu/ and http://www.allaboutcookies.org .

4.4 Data management of first aid course participants

One of the Company’s business activities is the provision of personal training courses for livestock farmers. During these courses, certain personal data of the participants are processed by the Company for the purpose of monitoring participation and issuing certificates of course completion.

4.4.1.   Purpose of processing: identification, verification of participation, issuing of certificates

4.4.2.   Legal basis for processing: performance of a contractual obligation (Article 6(1)(b) GDPR).

4.4.3.   Personal data processed: name of the keeper, e-mail address 

4.4.4.   Duration of processing: 5 years from the date of participation in the course

4.4.5.   Data will be transmitted: to the authority in case of an inspection, to the Company’s employees and its assistant subcontractor

1. Data processors:

Illés Annamária ev., assistant

Seats: 

4.6 Data processing related to the Company’s Facebook page

In order to promote the Company and to disseminate information, the Company maintains its own public page on the Facebook community portal, which is administered by the Company’s CEO.

Facebook Page operators and Facebook are considered to be joint controllers.

Facebook’s privacy policy can be found at the following link: https://www.facebook.com/privacy/explanation

1. Purpose of data processing: promotion of the Company, dissemination of information
2. The legal basis for processing is the data subject’s consent [GDPR 6. Article 6(1) (a)), for the closed page the fulfilment of a contractual obligation (GDPR Art. Art. (b)).
3. Data processed: first and last name of the data subjects, the image of the data subject in the photo, in the case of videos, the image and voice of the data subject;
4. Duration of data processing: for professionals of the Company, until the termination of the contract or withdrawal of consent; for other data subjects, until the withdrawal of consent or in accordance with Facebook’s policy.

5. HOW PERSONAL DATA ARE STORED, SECURITY OF PROCESSING

The Company is committed to data security and follows strict security standards in the storage, transmission and protection against accidental loss, destruction and damage of personal data. The Company does this by

• IT measures (e.g. choice of appropriate software, programs, firewall, SSL standard, backups),
• technical measures (e.g. physical protection by ensuring the locked storage of documents) and
• organisational measures (for example, the use of a system of access rights for the person (subcontractor) carrying out processing on behalf of the Company, whereby such person has access only to information that is essential for his or her work).

The Company stores the personal data in Hungary, at the Company’s headquarters, on its own data storage media. Backup is done using a GDPR-compliant cloud service.

For the website http://gazdisuli.hu, the hosting providers:

• Name: Google Cloud EMEA Limited

  Registered office/office: Velasco, Clanwilliam Place, Dublin 2, Ireland

6. RIGHTS OF DATA SUBJECTS

If you, as a data subject, wish to exercise your rights under the GDPR, please contact us using the contact details provided in section 3.1.

You may exercise the following rights, at your option:

6.1 Right of access to personal data (Article 15 GDPR)

By exercising this right, you will have the opportunity to request a copy of the personal data we hold about you and to make sure that we have acted lawfully.

Information is free of charge, but additional copies will be charged based on the administrative cost.

6.2 Right to rectification (Article 16 GDPR)

You have the right to have inaccurate personal data corrected or incomplete personal data completed at your request. We will do so promptly (without undue delay).

6.3 Right to erasure (right to be forgotten, Article 17 GDPR)

You have the right to have your personal data deleted at your request. We will do so promptly (without undue delay). If the personal data has been disclosed, we will take all reasonable steps to inform the other data controllers that you have requested the deletion of the links to or copies of the personal data in question.

In any case, we are obliged to delete your personal data without undue delay (not on request) in the following cases:

1. the personal data are no longer necessary for the purposes for which they were collected;
2. if you withdraw your consent on which the processing is based and there is no other legal basis for the processing;
3. if you object to the processing and there are no overriding legitimate grounds for the processing;
4. despite our best efforts, we have unlawfully processed your personal data;
5. personal data must be erased in order to comply with a legal obligation under applicable Union or Member State law;
6. personal data was collected in connection with the provision of information society services to children under 16 years of age.

6.4 Right to restriction of processing (Article 18 GDPR)

1. If you believe that the personal data we process is inaccurate, you can request that we restrict the processing until the actual accuracy or inaccuracy of the data is known.
2. If the processing is unlawful, but you do not want us to delete your data because it is in your interest for some reason, you can ask us to restrict the processing instead.
3. If the purpose of the processing has ceased, but you do not want us to delete the data because you need it to pursue a claim, you can also request a restriction.
4. If you have objected to the processing, but we believe that the Company Lawyer’s grounds prevail – in which case the restriction will apply for the period until this issue is resolved.

6.5 Right to data portability (Article 20 GDPR)

You have the right to request that your personal data processed be transferred to another controller in an electronic and structured form or, where technically feasible, to request us to do so.

6.6 Right to object (Article 21 GDPR)

You have the right to object to the processing of your personal data for direct marketing or profiling purposes. In this case, the data will not be processed for this purpose.  

You may also object if the processing is based on the legitimate interests of the Company (or a third party). In such cases, the data may only be further processed in very exceptional cases (compelling legitimate grounds).

7. PROCEDURAL RULES

If you want to exercise your rights, we will inform you of the action taken on your request without undue delay and at the latest within one month of receiving it. If necessary, and taking into account the complexity of the request and the number of requests, this time limit may be extended by a further two months.

You will be informed of the extension, stating the reasons for the delay, within one month of receipt of the request. If you have submitted your request electronically, the information will be provided electronically unless you request otherwise.

If we do not take action on your request, we will inform you without delay, but no later than one month from the date of receipt of the request, of the reasons for non-action and of your right to lodge a complaint with the National Authority for Data Protection and Freedom of Information and to seek judicial remedy.

We will provide you with the requested information free of charge. However, in the event that your request is clearly unfounded or excessive, in particular because of its repetitive nature, we may charge a fee or refuse to act on it.

We will inform all recipients to whom or with whom the personal data have been disclosed of any rectification, erasure or restriction of processing carried out, unless this proves impossible or involves a disproportionate effort. Upon request, we will inform you of these recipients.

We will provide you with a copy of the personal data processed upon request. However, we may charge a fee for additional copies. If you have submitted your request electronically, the information will be provided in electronic format unless you request otherwise.

8. CHANGES TO THE PRIVACY NOTICE

The Company reserves the right to unilaterally amend this Policy at any time.

By using the website, the data subject accepts the provisions of the Policy in force at any given time, without the need to obtain the consent of the individual data subject.

9. ENFORCEMENT OPTIONS

9.1.  In order to enforce his/her rights, the data subject may contact the National Authority for Data Protection and Freedom of Information, whose contact details are:

Head office: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.

Postal address: 1530 Budapest, Pf.: 5.

Phone: +36-1-391-1400

Fax: +36-1-391-1410

E-mail: ugyfelszolgalat@naih.hu

Website: http://www.naih.hu

9.2.  In addition to the above, the data subject may also have recourse to the courts if his or her rights are infringed. The court has jurisdiction to hear the case. You can also choose to bring the case before the court of your place of residence or domicile. On request, the Company will provide you with detailed information on the possibilities and means of redress.

PetWiseCare Ltd.

2023. 08.17.