Privacy Notice

1. Introduction

The purpose of this Privacy Notice is to set out the data protection principles and data processing practices applied by Seadec Delicate Kft., the operator of the website www.seadecmedical.com (hereinafter referred to as the “Website”) (hereinafter referred to as the “Data Controller”). This Privacy Notice also describes the Data Controller’s data protection and data management policy, which the Data Controller acknowledges as binding upon itself.

The Data Controller is committed to ensuring the highest possible level of protection of the personal data of users registered on or otherwise using the Website.

By accessing or using the Website, or by using any of its services or applications, the User acknowledges and agrees that their personal data will be processed in accordance with the provisions of this Privacy Notice.

2. Data Controller Details

Company name: Seadec Delicate Kft.
Registered office: 1024 Budapest, Fillér utca 8–12, Building A, 6th floor, Unit 16, Hungary
Company registration number: 01-09-292391
Tax number: 25847934-2-41
Email address: seadechu@seadec.hu

3. Definitions

The terms used in this Privacy Notice shall be interpreted in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – “GDPR”) and, where applicable, Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information. In particular:

  • Personal Data: any information relating to an identified or identifiable natural person.
  • Data Subject: any identified or identifiable natural person to whom Personal Data relates (for the purposes of this Privacy Notice: the User).
  • Consent: any freely given, specific, informed, and unambiguous indication of the Data Subject’s wishes by which they signify agreement to the processing of Personal Data.
  • Processing: any operation performed on Personal Data, whether or not by automated means.
  • Data Controller: the entity which determines the purposes and means of the processing of Personal Data.
  • Data Processor: an entity which processes Personal Data on behalf of the Data Controller.
  • Recipient: a person or entity to whom Personal Data is disclosed.
  • Restriction of Processing: the marking of stored Personal Data to limit its processing.
  • Erasure: the irreversible deletion of Personal Data.

4. Principles of Data Processing

The Data Controller processes Personal Data in accordance with applicable data protection legislation, in particular the GDPR. Personal Data shall be:

  • processed lawfully, fairly, and transparently;
  • collected for specified, explicit, and legitimate purposes;
  • adequate, relevant, and limited to what is necessary;
  • accurate and kept up to date;
  • stored only for as long as necessary;
  • processed in a manner that ensures appropriate security.

5. Legal Basis for Processing

The processing of Personal Data related to the operation of the Website and the provision of its services is primarily based on the User’s voluntary consent pursuant to Article 6(1)(a) GDPR.

Consent is given by the User when registering for or using the services of the Website.

The Data Controller may send newsletters or other marketing communications to the User if the User has given prior, explicit, and voluntary consent during registration. The Data Controller is not obliged to verify the accuracy of the data provided by the User.

The User may withdraw their consent at any time. Upon withdrawal, the Data Controller shall cease sending marketing communications and shall delete the User’s data from the relevant mailing lists.

Independently of consent, and even after its withdrawal, the Data Controller may process Personal Data where such processing is necessary:

  • for compliance with a legal obligation (e.g. accounting or contractual obligations); or
  • for the purposes of the legitimate interests of the Data Controller or a third party, provided that such interests are proportionate and do not override the fundamental rights and freedoms of the Data Subject
    (Article 6(1)(b), (c), and (f) GDPR).

6. Categories of Personal Data Processed

Based on the User’s voluntary consent, the Data Controller processes the following categories of Personal Data:

  • Contact enquiries: surname, given name, email address, telephone number
  • Quotation requests: surname, given name, email address, telephone number, company name

The User is solely responsible for the accuracy and truthfulness of the Personal Data provided.

7. Purpose of Data Processing

Personal Data is processed for the following purposes:

  • responding to enquiries and quotation requests;
  • sending newsletters and marketing communications where consent has been provided;
  • fulfilling legal and contractual obligations of the Data Controller.

The Data Controller does not disclose Personal Data to unauthorized third parties.

8. Duration of Processing and Data Retention

Personal Data is processed only for as long as necessary to fulfil the purposes for which it was collected.

The User may modify their Personal Data at any time after logging into the Website.

The User may request the deletion of their Personal Data by sending an email to seadechu@seadec.hu. The Data Controller shall also delete Personal Data without a request if processing becomes unlawful, the purpose of processing ceases, the statutory retention period expires, or deletion is ordered by a court or supervisory authority, unless deletion is prohibited by law.

Instead of deletion, Personal Data may be restricted if requested by the User or if deletion would adversely affect the User’s legitimate interests. Restricted data shall only be processed for as long as the reason for restriction exists.

Following the withdrawal of consent, the Data Controller may continue to process Personal Data where required to comply with legal obligations, in particular accounting obligations.

9. Right to Object

The User may object to the processing of their Personal Data by sending an email to seadechu@seadec.hu, in particular where:

  • processing is based on legitimate interests;
  • Personal Data is used for direct marketing, opinion polling, or research purposes; or
  • in any other case provided for by law.

The Data Controller shall examine the objection within 15 days and shall inform the User of its decision in writing.

If the objection is justified, the Data Controller shall cease processing, restrict the data, and notify all recipients to whom the affected data were previously disclosed.

The User may seek judicial remedy within 30 days if they disagree with the Data Controller’s decision or if the Data Controller fails to respond within the statutory deadline.

10. Right of Access and Information

The User may request information at any time regarding the processing of their Personal Data by emailing seadechu@seadec.hu.

Upon request, the Data Controller shall provide information regarding:

  • the processed Personal Data;
  • the source of the data;
  • the purpose, legal basis, and duration of processing;
  • the identity of data processors;
  • recipients of data transfers.

Information shall be provided in writing, free of charge, within 30 days.

Requests submitted from the email address previously provided by the User shall be considered authenticated. Requests submitted from other email addresses or in writing must be accompanied by adequate proof of identity.

11. Legal Remedies and Supervisory Authority

The User may enforce their rights before the competent courts in accordance with applicable Hungarian civil law and data protection legislation.

The User may also lodge a complaint with the National Authority for Data Protection and Freedom of Information (NAIH):

Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C
Postal address: 1530 Budapest, P.O. Box 5
Email: ugyfelszolgalat@naih.hu
Phone: +36 1 391 1400
Website: www.naih.hu