Booking4pet

LOGIN
Booking4pet for kennels
LOGIN
Booking4pet for kennels

PRIVACY NOTICE
DATA MANAGEMENT AND DATA PROTECTION POLICY

BOOKING4PET ONLINE APPOINTMENT BOOKING AND REGISTRATION SYSTEM

1. PRINCIPLES OF DATA MANAGEMENT

The purpose of these provisions is to ensure that every person who uses the services in the form of accessing and using the booking4pet desktop background system and mobile phone application (hereinafter referred to as booking4pet) – regardless of their nationality or place of residence – has the right to self-determination and the right to the protection of personal data within the framework established by law. 

The Data Controller undertakes to protect the personal data of users and its partners and considers it extremely important that booking4pet respects usersbooking4pet’ right to informational self-determination.

The Data Controller treats personal data confidentially and takes all security-relevant, technical and organisational measures to ensure data security.

Personal scope of the information

This data management information sheet applies to all natural persons whose personal data is processed by the Data Controller in connection with the use of booking4pet.

Material scope of the information

The data management information applies to the data management activities in connection with the use of booking4pet.

Information about the data controller

Data controller:
Reinitz Investment Zrt.
registered office:1137 Budapest, Pozsonyi út 22.
E-mail: info@booking4pet.com (hereinafter: Data controller or first person plural)

Legal provisions, principles

When managing data, the Data Controller is bound by the following legal provisions

  • GDPR (General Data Protection Regulation) – REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (27 April 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and 95/46/ repealing the EC Regulation)
  • Data Protection Act – CXII of 2011 on the right to informational self-determination and freedom of information. Act and the legislation adopted for its implementation
  • Act CVIII of 2001 on Certain Issues of Electronic Commercial Services and Services Related to the Information Society;
  • Act V of 2013 on the Civil Code;
  • L of 2017 on the tax system. Act and the legislation adopted to implement it;
  • Act C of 2000 on Accounting and the legislation adopted for its implementation;
  • Act XLVIII of 2008 on the basic conditions and certain restrictions on economic advertising activity;
2. DEFINITIONS

“data processing”: the performance of technical tasks related to data management

“data processor”: the natural or legal person, public authority, agency or any other body that processes personal data on behalf of the controller (on behalf of, under the instructions of and on the basis of a decision of the controller)

“data processing”means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, segmentation, storage, conversion or alteration, retrieval, consultation, use, disclosure, transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

“data controller”: means the natural or legal person, public authority, agency or any other body that alone or jointly with others determines the purposes and means of the processing of personal data

“consent of the data subject”: the voluntary, specific and unambiguous expression of the data subject’s will, based on appropriate information, by which the data subject, by a statement or by a clear affirmative action, signifies his or her consent to the processing of personal data relating to him or her;

“data subject”: means an identifiable natural person to whom the personal data refer. (e.g.: a website visitor, a person who subscribes to the newsletter, a person who applies for a job advert)

 “third party”: the natural or legal person, public authority, agency or any other body other than the data subject, the data controller, the data processor and the persons who, under the direct authority of the data controller or the data processor, are authorised to process the personal data received from them;

“special data”: This includes personal data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data and biometric data for the purpose of uniquely identifying natural persons, data concerning health and personal data concerning a natural person’s sex life or sexual orientation;

“personal data”: Any information relating to a natural person (the data subject) (e.g. name, number, location data, online identifier or data relating to the physical, physiological, genetic, intellectual, economic, cultural or social identity of the natural person);

3. DATA MANAGEMENT ACTIVITIES

Use of booking4pet

Purpose of data management: operation of the booking4pet user accounts and functions of booking4pet
Legal basis for data processing: legitimate interest in the operation of booking4pet and the user accounts
Categories of personal data processed: Name (user name), e-mail address and personal data voluntarily provided within the booking4pet system
Duration of data processing: The duration of the processing of personal data corresponds to the duration of the operation of booking4pet and the operation of the user account.

4. YOUR RIGHTS

In connection with data management, you have the rights listed below.

Delete user account

Within the booking4pet mobile application, you can request the deletion of your user account, whereupon the personal data required to identify the user will be automatically deleted from the system.

Identification

In all cases, we must establish your identity before we can process your request. If we cannot identify you, we will unfortunately not be able to process your enquiry.

Answering the enquiry

Once you have been identified, we will provide you with information about your enquiry in writing, electronically or – at your request – verbally. Please note: If you have submitted your enquiry electronically, we will also respond electronically. Of course, you also have the option of requesting a different method in this case.

 

Administrative deadline

We will inform you of the action taken on your request within 1 (one) month of receipt of your request at the latest. If necessary, this period may be extended by a further 2 (two) months, taking into account the complexity of the request and the number of requests, of which we will inform you within the one-month administrative period.

We are also obliged to inform you if we do not take action within the one-month administrative period. You can lodge a complaint with the NAIH and exercise your right of appeal in court.

Administration fee

The requested information and measures are free of charge. An exception is made if the request is clearly unfounded or excessive, particularly due to its repetitive nature. In this case, we may charge a fee or refuse to fulfil the request. 

You can request information (access).

You can request information about whether your personal data is being processed (GDPR Article 15), and if so, which data:

– What is the purpose of the processing?

– What type of data is processed exactly?

– To whom do we transfer this data?

– How long do we store this data?

– What rights and remedies do you have in this context?

– From whom did we receive your data?

– Do we make automated decisions about you based on your personal data? In such cases, you can also request information about the logic (method) we use, the significance of such data management and the expected consequences.

– If you have established that your data has been transferred to an international organisation or a third country (non-EU member state), you can request proof of what guarantees the proper handling of your personal data.

– You can request a copy of your processed personal data. (Additional copies may be charged on the basis of administrative costs)

 

You can request a correction

You can request that we correct or complete your inaccurate or incomplete personal data (GDPR Article 16).

You can request the deletion of your personal data

You can request that we erase your personal data (GDPR Article 17) if:

  • The personal data is no longer needed for the purpose for which it was processed;
  • In the case of data processing based solely on your consent;
  • if it is established that the personal data is being processed unlawfully;
  • It is required by EU or national legislation;

 

We cannot delete personal data if it is necessary:

You can request that we erase your personal data (GDPR Article 17) if:

  • The personal data is no longer needed for the purpose for which it was processed;
  • In the case of data processing based solely on your consent;
  • if it is established that the personal data is being processed unlawfully;
  • It is required by EU or national legislation;

You can request that we restrict data processing

You can request that we restrict data processing (GDPR Article 18) if one of the following applies:

  • You contest the accuracy of the personal data. In this case, the restriction applies for the period that enables us to verify the accuracy of the personal data
  • The processing is unlawful, but you oppose the erasure of the data and request the restriction of their use instead
  • We no longer need the personal data for the purpose of data processing, but you need it to assert, enforce or defend legal claims
  • You have objected to the data processing; in this case, the restriction will apply for the period until it is clarified whether the legitimate reasons of the data controller take precedence over your legitimate reasons.

In the event of restrictions, personal data may only be processed with your consent, with the exception of storage, or in order to assert, enforce or defend legal claims, or to protect the rights of another natural or legal person, or in the important public interest of the Union or a Member State.

We will inform you in advance about the possible cancellation of the restriction.

You can request the transfer of your personal data (right to data portability)

You have the right to receive your personal data processed by us in a machine-readable format (GDPR Article 20), and you also have the right to transfer this data to another data controller – or at your request – if the data processing is based solely on your consent or with you or is based on a contract concluded on your behalf and is carried out by automated means.

The aforementioned right does not apply if the data processing is necessary for the performance of a task carried out in the public interest or for the performance of a task carried out in the exercise of official authority vested in the controller.

You can object to the processing of your personal data

You can object to the processing of your personal data (GDPR Article 21) if:

  • Data processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller, including profiling based thereon;
  • Data processing is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party, including profiling based on those interests;

In the above cases, the personal data will be erased unless their processing is justified by compelling legitimate grounds that override your interests, rights and freedoms or that relate to the establishment, exercise or defence of legal claims.

You can also object to the processing of your personal data if

  • The data is processed for the purpose of direct marketing (in this context, you can also object to profiling), in which case the personal data will be erased
  • The personal data is processed for scientific and historical research purposes or for statistical purposes. In this case, the personal data will be erased unless the data processing is necessary for the performance of a task carried out for reasons of public interest.

Legal remedies

You can file a complaint with the NAIH

If you believe that the handling of your personal data violates the provisions of the Data Protection Regulation, you have the right to lodge a complaint with the National Authority for Data Protection and Information Security (NAIH).

president: Dr Attila Péterfalvi

mailing address:             1363 Budapest, Pf.: 9.

address:                             1055 Budapest, Falk Miksa utca 9-11.

Phone:   +36 (30) 683-5969 and +36 (30) 549-6838, +36 (1) 391-1400

web:      http://naih.hu

e-mail:   ugyfelszolgalat@naih.hu

 

You can go to court

If you believe that the processing of your personal data violates the provisions of the General Data Protection Regulation and your rights under the General Data Protection Regulation have therefore been violated, you have the right to go to court. The court has jurisdiction to decide on the dispute. At the choice of the data subject, the dispute may also be brought before the court of the data subject’s domicile or place of residence. A person who otherwise lacks legal capacity may be a party to the proceedings. The authority may intervene in the dispute in order to win the case for the data subject. In addition to the provisions of the Data Protection Regulation, Act V of 2013 on the Civil Code, Book Two, Part Three, XII. The provisions contained in its title (§ 2:51 – § 2:54) as well as other statutory provisions relating to court proceedings are applicable.

Compensation and damages

If the Data Controller causes damage or violates the data subject’s personal rights by unlawful processing of the data subject, compensation may be claimed from the Data Controller. The data controller shall be exempt from responsibility for the damage caused and from the obligation to pay compensation if it proves that the damage or infringement of the data subject’s personal rights was caused by an unavoidable cause outside the scope of data management.

5. DATA SECURITY

The personal data you provide will be treated confidentially by the Data Controller in accordance with data protection regulations.

We will do our best to take the appropriate technical and organisational measures to ensure a level of data security appropriate to the risk that we guarantee, taking into account the current state of science and technology, the costs of implementation and the nature of data management and the risks to the rights and freedoms of natural persons. We always treat personal data confidentially, with restricted access, encryption and the highest possible level of resilience to ensure that it can be recovered in the event of a problem. We regularly test our system to ensure security.

When determining the appropriate level of security, we take into account the risks arising from data management, in particular those arising from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise managed. We do our best to ensure that persons acting under our control who have access to personal data can only handle this data in accordance with our instructions, unless they are obliged to deviate from this by EU or member state law.

6. DATA FORWARDING

We inform you that we do not transfer data to third countries or international organisations.

<END OF THE PRIVACY NOTICE>