Privacy Policy
In compliance with the Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information and the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), we hereby inform you about the processing of personal data provided by you:
Data controller
| Name of data controller | BMS Eurasia Kft. Dentium Europe |
|---|---|
| Address of data controller | 22. Népfürdő street, Budapest 1138 |
| Contact details of data controller: | Email: europe@dentium.com |
| Telephone: +36 70 555 4393 | |
| Website: https://dentiumeurope.com/ |
Functional cookies
2/1. Data processed
Scope of data processing, purpose and legal basis for data processing, duration (storage) of data processing
| Personal data | Purpose of data processing | The legal basis for processing data | Duration (storage) of data processing: |
|---|---|---|---|
| Cookie ID
IP address |
Ensuring the basic functioning of the website | Legitimate interest – GDPR Article 6 paragraph 1 letter f) | Temporary cookies – they remain on the user’s device for the duration of the given browsing session and are then deleted.
Persistent cookies – they remain on the user’s device until you delete them manually. |
Does profiling occur during data processing?
| Answer | Short, understandable description of profiling |
|---|---|
| No | — |
Does automated decision-making occur during data processing?
| Answer | Short, understandable description of profiling |
|---|---|
| No | — |
If yes, the data subject has the right to request for manual, human intervention.
Source of processed personal data:
| Device used by the data subject |
|---|
Data will be transmitted to:
| Category | Name of the company, address of headquarters, business activity |
|---|---|
| Data processors (performing technical tasks related to data processing) |
Cloudways Junction Business Centre 1st Floor Sqaq Lourdes, St Julians, Mosta STJ 3334, Malta Website hosting provider Codebuild Kft 9023 Győr, Szigethy Attila út 61. 3. em. 7. Website operator, Cookie management application |
| Recipients | Dentium Co., Ltd. 1F B102, 76, Changnyong-daero 256beon-gil, Yeongtong-gu, Suwon-si, Gyeonggi-do, Republic of Korea, External system administrator, IT service provider |
Data transmission to a third (non-EU) country
| Name of the company, place of transmission, guarantee of transmission, purpose of transmission |
|---|
| In case of ‘Dentium Co., Ltd.: Republic of Korea, Adequacy decision (COMMISSION IMPLEMENTING DECISION (EU) 2022/254 of 17 December 2021 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate level of protection of personal data provided by the Republic of Korea under the Personal Data Protection Act, data storage, possible access by the parent company |
Joint data processing occurs:
| Answer | Name of joint data controller, its headquarters |
|---|---|
| No | — |
Access to data and security measures:
| Restriction of access | Personal data can be accessed by the employee who is required to perform his/her duties, as well as by the management. |
|---|---|
| Data security measures |
HTTPS security protocol on the website Anti-virus on computers Computers, mobile devices are password protected Password protection for applications Rights management |
Rights of the data subject:
| Rights of data subject based on legal basis and their explanations |
|---|
|
Right to information – Data Subject shall have the right to find out the way personal data is handled before data processing begins Right to rectification – Data Subject is entitled to request the correction of his/her personal data if stored data by data controller do not correspond to reality and he/she can prove it. Right of access – Data Subject shall have the right to request for personal data stored about him/her from the data controller. Right to object – If the legal basis is based on a legitimate interest or public authority, the data subject may object to the processing of his/her personal data, however objection does not mean the immediate deletion of data. Right to restriction of processing – Data Subject shall have the right to request for suspension of personal data processing for the period of investigation if he/she does not consider the data controller entitled. Right to data portability – Data Subject shall have the right to receive the personal data concerning him or her in a structured, digital form. Right to review of automated individual decision-making – Data Subject may have the right to request for manual review of all data processing where data controller has applied automated decision-making with legal effect on data subject. |
Measuring and marketing cookies
2/2. Data processed
Scope of data processing, purpose and legal basis for data processing, duration (storage) of data processing
| Personal data | Purpose of data processing | The legal basis for processing data | Duration (storage) of data processing: |
|---|---|---|---|
|
Cookie ID IP address |
Analysis of the visitors’ site usage habits, use of analytical, statistical and marketing cookies | With the consent of the data subject – GDPR Article 6 paragraph 1 letter a) |
Temporary cookies – they remain on the user’s device for the duration of the given browsing session and are then deleted. Persistent cookies – they remain on the user’s device until you delete them manually. |
Does profiling occur during data processing?
| Answer | Short, understandable description of profiling |
|---|---|
| No | — |
Does automated decision-making occur during data processing?
| Answer | Short, understandable description of profiling |
|---|---|
| No | — |
If yes, the data subject has the right to request for manual, human intervention.
Source of processed personal data:
| Device used by the data subject |
|---|
Data will be transmitted to:
| Category | Name of the company, address of headquarters, business activity |
|---|---|
| Data processors (performing technical tasks related to data processing) |
Cloudways Junction Business Centre 1st Floor Sqaq Lourdes, St Julians, Mosta STJ 3334, Malta Weboldal hosting provider Codebuild Kft 9023 Győr, Szigethy Attila út 61. 3. em. 7. Website operator, Cookie management application |
| Recipients | Dentium Co., Ltd. 1F B102, 76, Changnyong-daero 256beon-gil, Yeongtong-gu, Suwon-si, Gyeonggi-do, Republic of Korea, External system administrator, IT service provider |
Data transmission to a third (non-EU) country
| Name of the company, place of transmission, guarantee of transmission, purpose of transmission |
|---|
| In case of ‘Dentium Co., Ltd.: Republic of Korea, Adequacy decision (COMMISSION IMPLEMENTING DECISION (EU) 2022/254 of 17 December 2021 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate level of protection of personal data provided by the Republic of Korea under the Personal Data Protection Act, data storage, possible access by the parent company |
Joint data processing occurs:
| Answer | Name of joint data controller, its headquarters |
|---|---|
| No | — |
Access to data and security measures:
| Restriction of access | Personal data can be accessed by the employee who is required to perform his/her duties, as well as by the management. |
|---|---|
| Data security measures |
HTTPS security protocol on the website Anti-virus on computers Computers, mobile devices are password protected Password protection for applications Rights management |
Rights of the data subject:
| Rights of data subject based on legal basis and their explanations |
|---|
|
Right to information – Data Subject shall have the right to find out the way personal data is handled before data processing begins Right to rectification – Data Subject is entitled to request the correction of his/her personal data if stored data by data controller do not correspond to reality and he/she can prove it. Right of access – Data Subject shall have the right to request for personal data stored about him/her from the data controller. Right to erasure (”right to be forgotten”) – Data Subject is entitled to request for permanent deletion of his/her data, unless data processing is based on the fullfillment of a contract, fulfillment of a legal obligation or in the exercise of an official authority vested in the controller. Withdrawal of consent – The data subject shall have the right to withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, the data subject shall be informed thereof. It shall be as easy to withdraw as to give consent. Right to restriction of processing – Data Subject shall have the right to request for suspension of personal data processing for the period of investigation if he/she does not consider the data controller entitled. Right to data portability – Data Subject shall have the right to receive the personal data concerning him or her in a structured, digital form. Right to review of automated individual decision-making – Data Subject may have the right to request for manual review of all data processing where data controller has applied automated decision-making with legal effect on data subject. |
3. Cookies applied
| Name of cookie | Type of cookie | Source of cookie | Duration of data processing (expiration date) | Purpose of cookie |
|---|---|---|---|---|
| VISITOR_INFO1_LIVE | marketing | .youtube.com | 180 days | May enable personalized recommendations on YouTube based on past views and searches. |
| VISITOR_PRIVACY_METADATA | required | .youtube.com | 1 year 30 days | Stores the user’s cookie consent state for the current domain. |
| YSC | marketing | .youtube.com | End of session | Used to track the views of embedded videos on Youtube pages. YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
| __Secure-ROLLOUT_TOKEN | marketing | dentiumeurope.com | 180 days | unclassified |
| test_cookie | required | dentiumeurope.com | The test_cookie is set by doubleclick.net and is used to determine if the user’s browser supports cookies. | |
| SOCS | required | .youtube.com | 1 year 30 days | Google uses the ‘SOCS’ cookie, which lasts for 13 months, to store a user’s state regarding their cookies choices. |
| __Host-GAPS | functional | dentiumeurope.com | This cookie allows the website to identify a user and provide enhanced functionality and personalisation. | |
| __Secure-YEC | functional | .youtube.com | 1 year 30 days | To detect spam, fraud, and abuse to help ensure advertisers are not incorrectly charged for fraudulent or otherwise invalid impressions or interactions with ads, and that YouTube creators in the YouTube Partner Program are remunerated fairly. |
| PHPSESSID | functional | dentiumeurope.com | 2 days | The PHPSESSID cookie is native to PHP and enables websites to store serialised state data. It is used to establish a user session and to pass state data via a temporary cookie, which is commonly referred to as a session cookie. |
| JSESSIONID | functional | End of session | Track the user’s behavior on the website and help websites identify users browsing through the web pages of a website | |
| __cf_bm | required | 1 day | Identify and mitigate automated traffic to protect your site from bad bots. | |
| Bcookie | required | 1 year | To store browser details. | |
| Bscookie | required | 1 year | To store logged in users. | |
| Lang | functional | End of session | Language settings. | |
| li_alerts | preference | 1 year | To store if a message has been shown. | |
| li_gc | functional | 18 months | This is a cookie from LinkedIn and is used for storing visitors’ consent regarding the use of cookies for non-essential purposes | |
| Lidc | functional | 1 day | To select the right data center for the user’s activity. |
What does „cookie” stand for?
Cookies are small files containing letters and numbers, punctuation and other technical characters that are stored on your device (computer, mobile phone, tablet, smart TV, etc.) when you visit certain websites. These are IT data that help the use of websites, which are sent by the web server to the user’s browser, are stored on the user’s device, and are returned by the browser to the server with every request directed to it. Cookies do not contain executable files, viruses, spyware programs, and do not access the user’s hard drive data.
Cookies usually contain: domain name, what it is valid for, the storage period and the stored value. It enables the recognition of the user’s device and browser, thus the appearance of content adapted to the visitor’s needs, as well as the basic browsing functions, – e.g. ensuring connected sessions. In addition to the user’s anonymity, they cookies support the creation of attendance statistics.
We do not store personally identifiable information in cookies, but in order to improve the user experience, we use encrypted information deriving from them. For example, they help us to identify and resolve errors or to determine the range of interesting, related products that we would like to draw your attention to while browsing our website.
Cookies which are essential for the operation of the website, as well as cookies that support anonymous attendance statistics, are already loaded during the first visit. The user cannot influence this.
Cookies applied to improve the user experience and for marketing activities are only loaded after consent can be given in the cookie notification “box”. This consent can be revoked at any time by using the link in the browser or in the footer of the website, or by deleting “cookieconsent_status”.
If you later contact us via a form – with your express consent – on a website where we use cookies, we may learn the data of your website visits after the form has been blocked with the help of these cookies. This is done to improve the user experience.
If you have accepted the cookie information on our websites, the information will not appear again until you delete the “cookieconsent_status” cookie using the link in the browser or the footer of the website.
If you decide to limit, block or delete cookies used by a website, you can do so using your browser. Since every browser is different, you can find information about changing the settings related to cookies in the Help menu of the program you are using (or from the user manual of your mobile phone).
4. Exercise of rights of data subject
If data subject has submitted a request to the data controller related to exercising of his/her rights described in point 3, the data controller shall respond without delay and at the latest within one month of receipt of the request, and also shall inform data subject regarding the measures taken in case of his/her request. If it is necessary, this deadline can be extended by another two months.
If the controller does not take action on the request of the data subject, the controller shall inform the data subject without delay and at the latest within one month of receipt of the request of the reasons for not taking action and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.
5.Filing a complaint
The data subject shall have the right to lodge a complaint with a supervisory authority:
| Name | National Authority for Data Protection and Freedom of Information (NAIH) |
|---|---|
| Seat | 9-11 Falk Miksa road, H-1055 Budapest |
| Postal address | Mailbox 9., H-1363 Budapest |
| ugyfelszolgalat@naih.hu | |
| Phone | +36 (1) 391-1400 |
| Fax | +36 (1) 391-1410 |
| Website | http://naih.hu |
6. Judicial remedy
Provisions for the judicial remedy are included in the Act CXII of 2011 on the Right of Informational Self- Determination and on Freedom of Information.
The data subject may apply to the court against the data controller in order to protect his/her data if he/she thinks that the data controller has violated the regulations of processing his/her personal data. The lawsuit may be initiated by data subject at the competent court based on his/her residence or temporary residence– according to his/her chioce. During the lawsuit a person who does not have any legal capacity can be a party concerned as well. The data protection authority can intervene in the lawsuit in order to win the case for data subject.
Any person who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right to receive compensation from the controller or processor for the damage suffered. A controller or processor shall be exempt from liability if it proves that it is not in any way responsible for the event giving rise to the damage.