(for health service related data processing)

Please carefully read this data processing information before starting your consultancy session.
Thank you.

Representative of data controller: Name: ClinTrial Audit Health Services and Pharmaceutical Retail Limited Liability Company
Seat: 4032 Debrecen, Poroszlay út 110.
Phone: +36 30 2281385
Represented by: CEO Beáta Lénárt dr. Várkonyiné
Purpose of data processing: it is necessary for the provision of health consultancy and other supplementary services (e.g. drug prescription, therapy advice, etc.; hereinafter: care) requested by you.
Legal basis for data processing: the legality of our data processing is based on our legal duty prescribed by Hungarian Law to record, maintain, and handle your data as part of your patient documentation.
Scope of processed data: your personally identifying data (e.g. name, date of birth, etc.), as well as health data (e.g. bloodwork, other health conditions, etc.).
Recipients: the data will not be made accessible to unauthorized persons under any circumstances; if we use the services of another health care provider or data processor (e.g. IT professionals, etc.), you will be informed about this in our Specific Data Protection Terms.
Crossborder data transfer: your data will be transferred abroad at your request only.
Length of data storage: as a base rule, your data handled as part of your patient documentation are kept for 30 years, then destroyed; other data are usually kept for 5 years.
Your rights: you have the right to receive advance information on data processing; to request that we give you access to learn about our data handling operations; to request your data to be corrected, restricted in handling or, in a given case, deleted.
Legal remedies: if in your assessment our data handling is in breach of law, you can file for a procedure by the National Authority for Data Protection and Freedom of Information (mailing address: 1530 Budapest, Pf.: 5., e-mail: ), or turn to a legal court.
Data source: the data are obtained directly from you, starting when you indicate your intention to receive care from us.
Automated decision-making: we do not do this; we never make decisions on your data without human supervision (e.g. no automated test assessment, profiling, etc.).
Data safety: in handling and storing your data, we ensure their enhanced protection in relation to their being special data entitled to the highest level of protection. We use lockable cabinets and rooms, and keep paper-based documents under supervision, as well as using password protected, secure computing equipment with controlled access and logged, retroactively traceable operations.
Risks: risks of course may arise, e.g. theft of data storage devices, unauthorized access, etc., but we strictly adhere to, and have others adhere to, security measures to avoid these.
Incident response: incidents are a breach of security; we respond by implementing mandatory measures consistent with the severity of the incident and, if prescribed by law, also notify the authorities and you.

For further data processing information, see our Specific Data Protection Terms documents.