Privacy Policy - Evergreen Dental

Privacy Policy

  1. Home
  2. /
  3. Privacy Policy


Evergreen Dental Kft. (hereinafter ‘Controller’; registered seat: 3075 Márkháza, 05/2 hrsz.) as Controller, during the management of personal data, complies with the provisions of the 2016/679 Decree of the European Parliament and of the Council (27th April 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and the relevant laws. 

Evergreen Dental Kft. respects Your (hereinafter: ‘Data Subject’) rights regarding the protection of personal data. This Notice briefly summarizes what kind of data are collected, how may we use them, and informs about the tools availed by us and your data protection and legal opportunities.

The detailed regulation is found in the aforementioned Decree, if You need more information, please study the Regulation.


  • ‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;;
  • ’Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • ’Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
  • ’Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
  • ’Recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
  • ’Third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
  • ’Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
  • ’Profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;
  • ’Personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;
  • ‘Authority’: the National Data Protection and Information Freedom Authority, 
  1. Controller (Service Provider) designation, contact details

Controller’s name: Evergreen Dental Korlátolt Felelősségű Társaság (Ltd.)

Registered seat: 3075 Márkháza, 05/2 hrsz.

Postal address: 1061 Budapest, Andrássy rd. 45. 1/ 4.

Company reg. No.: 01-09-283836

Call centre: +36 1 201 08 35

Customer Service e-mail address:

  1. Purpose of data processing, scope of processed data, term of data processing, persons entitled to learn data

Purpose of data processing

Personal data may be processed only for specified purposes, in the necessary extent, to exercise rights or fulfil obligations. The data processing shall comply with the purpose of data processing in each phase, the data collection and processing shall be legal and fair. Personal data may be processed only in the extent and for the term necessary for the achievement of the specific purpose. Controller regulated in internal regulations, that only the recipients involved in the achievement of the specific purposes shall process the data.

Controller processes personal data regarding the provisions of law in the following cases:

  • Invoice issuing about the order

Controller processes personal data on substantial public interest in the following cases:

  • Identification of data subject as customer,
  • Registering of the order of product/service, and fulfilment of ordered service, and sending related notifications, 
  • Payment transactions,
  • Registering the Data Subject’s data for the purposes of providing services,
  • Operation of IT background required to provide services,

Controller may process personal data upon Data Subject’s express and voluntary consent in the following cases:

  • Notification of relative provided by the Data Subject. (Personal data of the relative may be provided by the Data Subject only upon the prior, express and voluntary consent of the relative).
  • Analysis of the website’s use, development of user’s experience.

Provision of data upon voluntary consent is not required to arrange an Agreement, Data Subject is not obliged to provide his/her personal data for this purpose. Possible consequences of the omission of providing data:

Scope of processed data, term of processing, persons entitled to learn such data 

In accordance with the provisions above, referring to the designated legal basis, we collect and process the following data until the designated retention period. 


Name of data  Retention period
Name  The retention period following the cessation of legitimate interest or related provisions of laws (6:22§ of the Civil code): 5 years
Phone No.
E-mail address
Date of birth
Postal address
Patient No.
Social security No.
OEP membership No.
Medical data (contagious disease, allergy, therapy, eating disorder, recurring disease, genetic disease, smoking, hormone disorder, taken medicines and their dosage, other health-related information)
Type of necessary intervention


Name of data Retention period
invoicing name The retention period (6:22§ of the Civil code): 5 years
invoicing address
bank account number (if required)


Name of data Retention period
photo about the treatment area Retention period until unsubscribe
Name, phone number and e-mail address of person to be notified in case of emergency  Retention period until unsubscribe
Cookie Retention period until unsubscribe

Data subject may inform about how to unsubscribe in the Chapter 5 of the Informative.

Duration of processing:

Evergreen Dental Ltd. will process data that is processed on the basis of consent until your consent is withdrawn, but for a maximum of 5 years.
Medical records will be kept by our Company for at least 30 years from the date of their collection, in accordance with Article 30 of Act XLVII of 1997 on the management and protection of health and related personal data. Invoices must be kept for 8 years from the date of their issue in accordance with Article 169 § 2. of Act C of 2000 on Accounting. Therefore, in cases where the legal basis for the processing is based on law, Evergreen Dental Ltd. will process your personal data indicated therein for the period specified above, irrespective of any withdrawal of your consent.

  1. Collection, use and forwarding of personal data 

Controller, in case of collecting personal data, shall comply with the relevant provisions of laws, restrictions and ethic norms. 


  • Shall notify the Data Subject prior to the data processing according to the prescribed method about its data processing practices.
  • Shall collect, store and use personal data only for pre-defined purposes. The collected information shall always comply with the provided purpose, is relevant and is in appropriate extent.
  • Shall take reasonable measures to achieve the specific purpose, that Data Subject’s personal data   shall be accurate, complete, up-to-date and reliable for the actual purposes.
  • For promotional purposes, it shall use your personal data only upon your willing consent, and provide the Data Subject the opportunity to prohibit such communication.
  • Shall take proportional and reasonable measures to protect the Data Subject’s personal data, including cases when it discloses them to third parties. Data shall not be disclosed to third parties without the Data Subject’s prior, express consent.

Controller shall avail the following Data Processor(s) to process personal data for the activities listed below:

Data Processor Company reg. No./ VAT No. Performed activity
M.O.C. Hungary Kft. 01-09-860402 / 13537566-2-41 IT service provider
KF&t Kft. 01-09-163310 / 10691517-2-42 Bookkeeper
Herke & Szabó Law Office 02-06-065926 Attorney
Vesodent Kft. 06-09-019474 / 23898037-1-06 Medical sub-contractor
dr. Attila Simay / 67655889-1-25 Medical sub-contractor
dr. Gábor Nagy / 68684857-1-35 Medical sub-contractor
Schadent Acuta Kft. 01-09-209815 / 25347324-1-43  Medical sub-contractor
dr. Béla-Gábor Szabó  / 67969443-1-42 Medical sub-contractor
dr. Tamás Rádi / 67234655-1-26  Medical sub-contractor
  1. Access to personal data, modification, correction and portability


Data Subject is entitled to receive confirmation from Controller whether the processing of his/her data is in progress, and if yes, then (s)he is entitled to gain access to his/her personal data and the following information:

  1. purpose of data processing;
  2. categories of the relevant personal data;
  3. categories of such recipient(s), who the personal data are/will be disclosed to.

Modification, correction

Data Subject is entitled to make Controller forthwith correct the inaccurate personal data on request. Taking the purpose of the data processing into account, Data Subject is entitled to request the amendment of the deficient personal data, by means of providing supplementary statement.


Data Subject is entitled to receive the relevant personal data disclosed to Controller by him/her in a widely used, computer-compatible form, and further entitled to disclose such data to another Controller without Controller’s objection (who the personal data are disclosed to), provided that:

  1. the processing is based on voluntary consent or such an Agreement, whereas Data Subject is one of parties; and
  2. the processing is performed in an automated way.
  1. Erasure, restriction of personal data, right to object


[convert number="1" from="EUR" to="EUR"] €   It is Data Subject’s right and Controller’s obligation to erase date related to him/her without any delay, if any of the following reasons occur:

  1. personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  2. Data Subject withdraws his/her voluntary consent, which was the base of the data processing through the contact details provided by Controller, and the data processing no longer has legal grounds;
  3. Data Subject objects to the data processing for reasons related to his/her circumstances or due to direct marketing against the data processing, and there is no prevailing purpose to process data;
  4. the personal data have been unlawfully processed;
  5. the personal data need to be erased to fulfil legal obligation stipulated by the European Union or the Member State;
  6. the personal data have been collected in relation to the offer of information society services directly to minors.

[convert number="2" from="EUR" to="EUR"] €   Where the controller has made the personal data public and is obliged pursuant to [convert number="1" from="EUR" to="EUR"] € to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

[convert number="3" from="EUR" to="EUR"] €   [convert number="1" from="EUR" to="EUR"] € and [convert number="2" from="EUR" to="EUR"] € shall not apply, if the processing is required:

  1. to exercise the right of freedom of expression and information;
  2. for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  3. for reasons of public interest in the area of occupational health or public health;
  4. for archiving purposes in the public interest, historical research or statistical purposes, if the exercise of right provided in  [convert number="1" from="EUR" to="EUR"] € would be impossible or would involve disproportionate effort to process data; or
  5. for the establishment, exercise and defence of legal claims.


[convert number="1" from="EUR" to="EUR"] €   Data Subject is entitled to make Controller restrict data processing, if any of the following conditions are met:

  1. Subject contests the accuracy of personal data, in this case, the restriction applies on that period, which enables the Controller to check the accuracy of the personal data;
  2. the data processing is unlawful, and Data Subject objects the erasure of the data, and request their restriction instead;
  3. Controller no longer needs the personal data for processing purposes, but Data Subject requests them for the establishment, exercise and defence of legal claims; or 
  4. Data Subject objected the data processing due to a reason related to his/her own circumstances; in this case the restriction applies on the period, until it is declared, that Controller’s legitimate interests override the Data Subject’s legitimate interests.

[convert number="2" from="EUR" to="EUR"] €   If the data management is restricted according to [convert number="1" from="EUR" to="EUR"] €, then such personal data may be processed (except storage) only upon Data Subject’s consent, or to submit, enforce or protect legitimate claims, or to protect the rights of other natural or legal persons, or based on substantial public interests of the European Union or any of its Member States.

[convert number="3" from="EUR" to="EUR"] € A data subject who has obtained restriction of processing pursuant to [convert number="1" from="EUR" to="EUR"] € shall be informed by the controller before the restriction of processing is lifted.


Data Subject is entitled to object the processing of his/her personal data due to his/her own circumstances anytime, if the data are processed within the exercise of public authority duties or to enforce the legitimate interests of Controller or a third party, including the profiling based on the aforementioned provisions. In this case, Controller shall no longer process personal data, except Controller is able to prove, that data processing is justified by such compulsive legal purposes, which override the interests, rights and freedom of the Data Subject, or which are related for the establishment, exercise and defence of legal claims.

 If the personal data are processed for direct marketing purposes, then Data Subject is entitled to object such processing of his/her personal data, including profiling, if it is related to direct marketing.

If Data Subject objects the processing of his/her personal data for direct marketing purposes, then such personal data shall no longer be processed.

  1. Automated decision-making based on personal data, profiling 

Controller performs neither manual, nor AI-supported automated decision-making or profiling.

  1. User’s opportunities for the establishment, exercise and defence of legal claims

User, in case of infringement of his/her personal rights, and in cases specified in this Regulation, may turn to the National Data Protection and Information Freedom Authority for help:

Name: National Data Protection and Information Freedom Authority
Postal address: 1530 Budapest, Pf.: 5.
Address: 1125 Budapest, Szilágyi Erzsébet alley 22/c.
Phone: +36 [convert number="1" from="EUR" to="EUR"] € 391-1400
Telefax: +36 [convert number="1" from="EUR" to="EUR"] € 391-1410

  1. Amendments to this Notice

Controller reserves the right to amend or update this ‘Notice’ anytime, without prior notification, the publishment the new version on its websites. Any amendment shall apply only on personal data collected following the disclosure of the new version.

Please regularly check our Notice to track the changes and get informed about how You are affected by these changes.

Last updated: 25th May 2018.

Use of Cookies

This Website, to optimize e-mail messages, online services, advertisements and interactive applications, may use ‘cookies’. Further information regarding data privacy is available on this page.

What are ‘cookies’?

‘Cookies’ are small files usually consisting of letters and numbers, which are sent to your browser’s cookie file located on your hard drive by our web server. This enables, for instance, our website to recognize the end-device used by the user, when establishing connection between the webserver and the browser. The main goal of the cookie is to enable our webserver to provide the user customized websites, which make the user’s experience more personal during using the website of Evergreen Dental Kft., and may better reflect on the user’s personal needs.

What types of cookies are used by the website?

Evergreen Dental Kft. may use two types of cookies on this Website:

Temporary (session) cookie: these are temporary cookies, that are stored in the cookie file until the end of your browsing. These cookies are required for the proper operation of certain functionalities or applications related to the Website.

Permanent (persistent) cookie: we use persistent cookies for to provide better user’s experience (eg. providing optimized navigation). These cookies are stored for longer period of time in the browser’s cookie file. This period depends on the settings applied in your browser. Persistent cookies enable the transfer of information to the webserver in all cases, when somebody visits the website. Persistent cookies are also known as tracking cookies.

If You wish to learn more about this topic, You can find several articles on the Internet, such as the website.

Cookies required for the proper operation of the website

The website can not operate without these cookies, therefore banning them may prevent the loading of the website.

Preferential cookies

These cookies enable the website to remember your preferences regarding the display of the website, such as language or visitor’s location.

Third party, marketing cookies

Evergreen Dental Kft. may avail the services provided by third-party advertisers (Google, Facebook, LinkedIn) to send advertisements and optimize our marketing communication. Third-party advertisers may use cookies to measure the efficiency of their ads, and the customization of their content. Information collected by third-party advertisers may be eg. geolocation data (specified based on the IP address) or contact details such as e-mail address.

Statistical cookies

Information received using tracking pixels or cookies are anonymous and not interconnected to personal data. Their goal is to understand and analyse the visitor’s site visiting habits. Evergreen Dental Kft. does not share these information with third parties for the purposes of independent use.

Enabling and disabling cookies and similar technologies

You can set your browser to deny cookies or to accept cookies only from certain websites. By clicking on the following links, You can learn the cookie settings of each browser. You can also read useful information in the help menu of your browser.

We raise your attention, that in case of disabling these cookies, certain elements or the complete functionality of the Website will become unavailable.

List of cookies used by the Website

Name of cookie Service Provider Type Expiry Purpose of use
@@History/@@scroll|# HTML Persistent Remembers the user’s last scrolling position on each page to support navigation backwards.
@@History/@@scroll|# HTML Persistent Remembers the user’s last scrolling position on each page to support navigation backwards..
@@History/@@scroll|# HTML Session Remembers the user’s last scrolling position on each page to support navigation backwards.
_ga HTTP 2 years A cookie generating anonymous statistical data regarding visitor’s habit, supporting us to continuously develop our website.
_gat HTTP Session A cookie used by Google Analytics that helps us limiting the search rates.
_gid HTTP Session A cookie generating anonymous statistical data regarding visitor’s habit, supporting us to continuously develop our website.
_pinterest_cm HTTP 1 year A cookie used by Pinterest, which remembers the services availed by the user.
collect Pixel Session Collects data about the device used by the visitor and his/her behaviour, and sends them to Google Analytics.
NID HTTP 6 months Registers an individual ID, which identifies the returning user’s device. The ID is used to provide customized ads.
_mkra_ctxt HTTP Session Intercom enables us to provide live chat on our website. This cookie attempts to remember the user to continue the conversation between the different pages of the website and when re-visiting the page.
intercom-id-pst8q2m0 HTTP 270 days Uncategorized.

[Information should be requested from Tibor, we have found no description about the goal of this cookie.]


If You have any question or remark about this Privacy Policy, please contact us on the following address. You can contact us the same way, if You request notification about data collected via the Website, or request the correction, locking or deletion of the information.

Customer Service e-mail address:

Phone: 00 36 1 201 08 35

VAT No.: 25588435-2-42

Company reg. No.: 01-09-283836

Date: 19th June 2018.

Consent to the data management is voluntary. In that unanticipated event, if your Privacy Data are infringed, You may turn to the Information Freedom Authority or Court.

Information on the registration system at Evergreen Dental

For Evergreen Dental, it is important to serve its telephone customers
more efficently. To this end, it is expanding its customer service activities.
The extended customer service system is operated by Szondaphone Kft.
Evergreen Dental ensures that the applicable personal data protection rules are fully enforced throughout the entire process.