We also handle personal and sensitive data about our clients
Your personal data will be handled based on the Regulation (EU) No 2016/679 of the European Parliament and of the Council of 17 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Regulation (EC) No 95/46 (general data protection regulation, in the following: GDPR), and Act CXII of 2011 (Infotv.) on the right to information self-determination and freedom of information.
Based on Article 6 (1) of the GDPR, certain data of our customers are personal data, other data based on Article 9 (1) are special categories of personal data (personal data referring to racial or ethnic origin, political opinion, religious or philosophical beliefs or trade union membership, and genetic and biometric data for the unique identification of individuals, health data and personal data concerning the sexual life or sexual orientation of individuals), which can be handled in a more limited way, with stricter guarantees.
For all data processed about you, we will ensure that it is protected in accordance with the guarantees that GDPR sets out for the processing of special data.
What do we handle and why?
We handle the personal information of our clients who turn to us – if we receive it – the client’s
- name, date of birth, place of birth, mother’s birth name, address of residence or stay,
- email address and phone number as contact information, and
- documents, statements and other information handed over to us as data related to the use of the services provided by Trauma Center.
The purpose of data management is to provide the services used by our clients and to settle accounts during the audit that controls our activities.
The legal basis for data management is that you have given your consent to the processing of your personal data [Article 6 (1) (a) GDPR] and that you can report on the activities of the Trauma Center during a donator audit [Article 6 (1) (c) GDPR] and in the case of possible donator claims, Trauma Center has a legitimate interest in being able to prove the provision of the service [Article 6 (1) (f) GDPR].
Who has access to your data?
With respect to each of the recorded data, the data manager is Trauma Center Nonprofit Kft. (registered office: 1133 Budapest, Kárpát u. 1/B VI/24. registry court: Budapest – Capital Regional Court, independently represented by: Orsolya Jeney executive director, contact e-mail address: email@example.com, contact telephone number: 06 1 619 3884, data protection officer contact: firstname.lastname@example.org). Your data may be disclosed to the staff of Trauma Center or, in the case of any audit, to the staff of the inspection body.
Trauma Center will not make the processed data available in any form other than those listed above without your express prior consent.
What organizational and security measures do we apply to protect your data?
Your data may only be accessed by senior officials of Trauma Center and employees who are responsible for providing the services to you. Your data is stored on a private IT database with a password, developed specifically for this purpose.
How long do we handle your data?
The data will be processed until the withdrawal of consent, but no later than five years from the date of the event organized by Trauma Center. The data will also be kept for five years in the event of withdrawal of consent in accordance with Article 6 (1) (c) and (f) of the GDPR, in order to be able to prove the participation on the event during the audit.
If, at the end of the deadlines above, there is a legal proceeding initiated by either the Trauma Center, you or someone else in which the processing of Trauma Center’s claims still requires the handling of data, the deletion of the data will take place upon final closure of this procedure.
Can you request the deletion, correction or restriction of data management?
You may request the deletion of data if you consider that the processing is unlawful, no longer necessary for the purposes for which it was handled or if the data must be deleted based on an EU or Member State legal obligation.
Of course, in case of incorrect data recording or a change in your data, you can request the correction of the processed data.
You may object to the handling of the data after the service has been provided, in which case your data will be deleted, unless we can prove that the processing is justified by compelling legitimate reasons which take precedence over your interests, rights or related to filing, enforcement or defence of legal claims.
How can you have access to your personal information and what remedies do you have?
You can ask Trauma Center for information about which personal data we handle for what purpose and in what way, and you can request a copy of the personal data we handle. We will fulfill these requests once for free.
In order to protect your data, we can only grant your rights of disposal and access after prior identification. Therefore, we ask you to report your requests, statements and complaints related to data handling in writing.
In addition, you may file an action to the Budapest-Capital Regional Court (1055 Budapest, Markó u. 27. Mailing address: 1363 Bp. Pf. 16.) or to the court competent according to your place of residence for the unlawful handling of your personal data or the violation of your rights to information self-determination, or the Hungarian National Authority for Data Protection and Freedom of Information (1135 Budapest, Szilágyi Erzsébet fasor 22/C., www.naih.hu).
Az vagyok, aki vagyok. Úgyse lehetek más: miért féljek hát fölfödözni, ki vagyok?Szophoklész: Oedipusz király