1. The purpose and scope of the information:
   The purpose of this information is to record the data protection and data management principles of the owner of the b-vital.hu website (B-VITAL KFT.), which as a data controller, is obliged to acknowledge.
   The information sheet contains the handling of personal data voluntarily provided by Users.
   The data will not be released to third parties, they will only be used to answer questions received, prepare and send offers.
   Az adatokat harmadik személynek nem adja ki, azok kizárólag a B-VITAL KFT. részére beérkezett kérdések megválaszolásához, ajánlatok elkészítéséhez és megküldéséhez kerülnek felhasználásra.
2. Relevant legislation:
   The data controller undertakes to carry out such activities in accordance with the laws in force at all times. At the time of publication of this document, they are:
   CVIII of 2001 Act on certain issues of electronic commercial services and services related to the information society (hereinafter: Electronic Commercial Act).
   XLVIII of 2008 Act on the Basic Conditions and Certain Limitations of Economic Advertising (hereinafter: Economic Advertising Act).
   CXII of 2011 Act on the right to self-determination of information and freedom of information. The latest status of the legislation is available on the net.jogtar.hu website by clicking here.
3. Concepts:
   CXII of 2011 based on § 3 of the Act

• Data controller: the natural or legal person or organization without legal personality who, independently or together with others, determines the purpose of data management, makes and implements decisions regarding data management (including the device used), or has them implemented by the data processor commissioned by it;
• Data processor: a natural or legal person, or an organization without legal personality, who processes data on the basis of a contract with the data controller, including contracts based on the provisions of the law;
• Data processing: performing technical tasks related to data management operations, regardless of the method and tool used to perform the operations, as well as the place of application, provided that the technical task is performed on the data;
• Data responsible: the body which produced the public interest data that must be published electronically, or whose operation generated this data;
• Data management: regardless of the procedure used, any operation performed on the data or the set of operations: collection, recording, organization, storage, change, use, query, transmission, disclosure, coordination or connection, locking, deletion and destruction of the data, as well as preventing its further use, taking photographs, audio or video recordings, and recording physical characteristics suitable for identifying the person (e.g. fingerprint or palm print, DNA sample, iris image);
• Data transfer: making the data available to a specific third party;le;
• Data deletion: making data unrecognizable in such a way that their recovery is no longer possible;
• Data marking: :providing the data with an identification mark for the purpose of distinguishing it;
• Data blocking:: providing the data with an identification mark for the purpose of limiting its further processing permanently or for a specified period of time;
• Data destruction: complete physical destruction of the data carrier containing the data;;
• Data provider: the body which – if the data responsible does not publish the data – publishes the data provided by the data responsible on the website;
• Data file: the totality of the data managed in a register;
• Third party: a natural or legal person, or an organization without legal personality, who is not the same as the data subject, the data controller or the data processor;
• EEA state: a member state of the European Union and another state party to the Agreement on the European Economic Area;
• Third country: any state that is not an EEA state.
• Data subject: any natural person identified or can be identified directly/ indirectly on the basis of personal data;
• Personal data: data that can be associated with the data subject - especially the data subject's name, identification mark, and one or more physical, physiological, mental, economic, cultural or social characteristics of the data subject - as well as the conclusion about the data subject that can be drawn from the data;
• Special data personal data relating to racial origin, belonging to a national and ethnic minority, political opinion or party affiliation, religious or other worldview beliefs, interest-representative organization membership, sexual life, health status, pathological passion data, as well as criminal personal data;
• Criminal personal data: personal data which can be associated with the person concerned during or prior to the criminal proceedings, in connection with the crime.
• Data of public interest: information or knowledge in the management of a body or person performing state or local government tasks and related to its activities or generated in connection with the performance of its public duties, which does not fall under the concept of personal data.
• Data that is public in the public interest:: all data that does not fall under the concept of data of public interest, made available by law in the public interest;
• Consent:: the voluntary and firm declaration of the data subject's will, which is based on adequate information, and with which he gives his unequivocal consent to the processing of his personal data - in full or covering certain operations;
• Objection:: the statement of the data subject objecting to the processing of his personal data and requesting the termination of the data processing or the deletion of the processed data;
• Disclosure:: making the data available to the public

4. Principles during data management

Personal data can be processed if:

• the person concerned consents to it, or
• it is ordered by law by a local government decree.
  The consent of the legal representative is required for the declaration of an incapacitated or limited minor, except for services where the declaration requires registration, which occurs frequently in everyday life.
  Personal data may only be processed for a specific purpose, in order to exercise a right and fulfill an obligation. All stages of data management must comply with this purpose.
  Only such personal data can be processed that is essential for the realization of the purpose of data management, is suitable for achieving the purpose, and only to the extent and for the time necessary for the realization of the purpose.
  Personal data can only be processed with consent based on appropriate information.
  The data subject must be informed - clearly and in detail - about all the facts related to the management of his data, including the purpose and legal basis of the data management, the person entitled to the data management and data processing, the duration of the data management, and who can see the data. The information must also cover the data subject's rights and legal remedies.
  The processed personal data must meet the following requirements:
• their admission and treatment is fair and lawful;
• they are accurate, complete and up-to-date; their storage method is suitable so that the data subject can only be identified for the time necessary for the purpose of storage.
  It is prohibited to use a general personal identification symbol that can be used without restriction.
  Personal data can only be transferred, and different data processing can only be linked, if the data subject has consented to it, or if the law allows it, and if the conditions for data processing are met for each individual piece of personal data.
  Personal data (including special data) may be transferred from the country to a data controller or data processor in a third country, regardless of the data carrier or the method of data transfer, if the data subject has consented to it or if it is permitted by law, and in the third country an adequate level of protection of personal data is ensured during the management and processing of the transferred data. Data transfer to the EEA states must be considered as data transfer within the territory of the Republic of Hungary.

5. Personal data managed on the b-vital.hu website, the purpose and duration of data management:

• Name of the data controller: B-VITAL KFT.
• Name of data management: Data required for making offers and providing information
• Purpose of data management: Contact necessary for making quotations and providing information
• Legal basis for data management: Voluntary consent of the data subject (Act CXII of 2011 § 5 (1) a))
• Place of actual data management: 2890 Tata, Tavasz utca 142.
• Automation of data management: machine
• Data deletion deadline: At the request of the contracting authority or interested party
• The scope of those affected: Quotation requesters, interested parties, newsletter subscribers

6. Information and contact details of the data controller: 

• Name: B-VITAL KFT.
• Address: 2890 Tata, Tavasz utca 142.
• Tax number: 14740297-2-11
• Phone: +36 20-3888-506
• E-Mail: edina.nemeth@b-vital.hu edina.nemeth@b-vital.hu

7. Use of cookies

The b-vital.hu website uses cookies. Cookies are not programs, but small information files. Cookies enable the website to collect data about the user's browsing habits.
Most websites on the Internet use cookies to provide a greater user experience.
Cookies can be deleted from the user's computer or blocked in the browser settings. However, blocking cookies may reduce the user experience.

Google's cookie policy: https://policies.google.com/technologies/cookies

8. Hosting service provider of b-vital.hu

Company name: MediaCenter Hungary Kft.
Postal address: 6001 Kecskemét, Pf.: 588
Headquarters address: 6000 Kecskemét, Sosztakovics u. 3. II/6.
Phone: +36 76 575 024
Fax: +36 76 575 024
Tax number: 13922546-2-03

9. Legal remedy

The data subject may request information about the management of his personal data, and may request the correction of his personal data or, with the exception of the data management mandated by law, the deletion of his personal data in the manner indicated at the time of data collection, or via the data manager's customer service.
At the request of the data subject, the data controller provides information about the data it manages, the purpose, legal basis, duration of data processing, the name, address (headquarters) of the data processor and its activities related to data processing, as well as about who and for what purpose the data is or has been received. The data controller shall provide the information in writing in an understandable form as soon as possible, but no later than 30 days after the submission of the request. This information is free of charge if the information requester has not yet submitted an information request for the same area to the data controller in the current year. In other cases, the data controller may determine reimbursement.
The data controller deletes the personal data if its processing is illegal, the data subject requests it, the purpose of the data processing has ceased, or the statutory period for storing the data has expired, it was ordered by the court or the data protection commissioner.
The data controller notifies the data subject of the correction and deletion, as well as all those to whom the data was previously transmitted for the purpose of data management. The notification is omitted if this does not violate the legitimate interest of the data subject in view of the purpose of the data management.
The data subject may object to the processing of his personal data if:

• the processing (forwarding) of personal data is necessary only to enforce the rights or legitimate interests of the data controller or data recipient, unless the data processing is mandated by law;
• personal data is used or forwarded for the purpose of direct business acquisition, public opinion polls or scientific research;
• the exercise of the right to protest is otherwise permitted by law.

The data controller will examine the objection as soon as possible, but no later than 15 days after the submission of the request, with the simultaneous suspension of data management, and will inform the applicant in writing of the result. If the protest is justified, the data controller will terminate the data management - including further data collection and data transmission - and block the data, as well as notify all those to whom the personal data affected by the protest was previously transmitted about the protest and the measures taken based on it and who are obliged to take measures to enforce the right to protest.
If the data subject does not agree with the decision made by the data controller, he may appeal to the court within 30 days of the decision being made. The data controller cannot delete the data subject's data if that data management is ordered by law. However, the data cannot be forwarded to the data recipient if the data controller has agreed to the protest, or the court has established the legitimacy of the protest.
The data subject may apply to the court against the data controller in case of violation of his rights. The court acts out of sequence in the case.
The data subject may apply to the court against the data controller in case of violation of his rights. The court acts out of sequence in the case.

You can file a legal remedy or complaint with the National Data Protection and Information Authority:
Name: National Data Protection and Information Authority
Headquarters: 1125 Budapest Szilágyi Erzsébet fasor 22/c.
Postal address: 1530 Budapest, Pf.: 5.
Phone: +36 1 391 1400
Fax: +36 1 391 2410
Web: Web: http://naih.hu