Aestella Clinic

Privacy and Data Security Policy

The purpose of the Privacy and Data Security Policy is


The purpose of the Privacy and Data Security Policy ( hereinafter referred to as the Policy ) is to define the privacy and data security policy of Aestella Clinic [ i.e. Togala Ltd. , Place of business : 1095 Budapest , Lechner Ödön fasor 10/B / Millenium Gardens / company registration number: Cg; 01-09-386340, tax number;24926025-2-42,represented by Jacquess Cousseau, as Togala Ltd ) the detailed rules of data processing in its organization , to ensure that the constitutional principles of health and personal data protection and the disclosure of data of public interest , as well as data security requirements are met in the course of data processing. Ensure that patients are protected in all areas of the services provided by the institution and that they are informed of their rights and of the processing of their data.

Scope of the Code


a) Members and staff of the Aestella Clinic, in particular those who, according to their job description, are responsible for processing health data, personal data and data of public interest

b) Persons and organisations having a contract or a business relationship with the Aestella Clinic.

c) The protection of the personal and specific data of all patients who come into contact with the Aestella Clinic.

Legal basis for the Policy


a) Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information (hereinafter referred to as: Info.),

b) Act V of 2013 on the Civil Code

c) Act XLVII of 1997 on the processing and protection of health and related personal data , and the

d) Decree No 62/1997 (XII.21.) NM on certain issues of processing of health and related personal data.

e) Regulation (EU) 2016/679 of the European Parlament and of the Council,

f) the provisions of Act XLVIII of 2008 on the Basic Conditions and Certain Restrictions of Economic Advertising Activities.

g) Regulation (EU) No. 2016/679 of the European Parlament and of the Council (“GDPR”) and Act CXII of 2011 on the Right to Information and Self-Determination

Interpretative provisions


Personal data: any data, information or factor relating to an identified or identifiable natural person (“data subject”) which permits the identification of that natural person. In particular: name, number, location data, online identifier, data revealing the physical, physiological, genetic, mental, economic, cultural, social identity of a natural person. Furthermore, the taking of photographs, sound recordings, video recordings and the collection of physical characteristics which can be used to identify a person ( Article 4 GDPR ). 

Medical records: records or any other form of data, irrespective of medium or form, containing medical and identity data brought to the attention of the healthcare provider in the course of treatment; special categories of personal data: data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data which can be used to identify natural persons, biometric data, health data, data concerning the sex life or sexual orientation of natural persons. The processing of these data shall be subject to the exclusive consent of the natural person concerned. If the data subject refuses to give his or her consent, the processing of the data referred to above is prohibited.

Medical confidentiality: medical and personal data which have come to the knowledge of the controller in the course of medical treatment, as well as data relating to necessary or ongoing medical treatment or treatment which has been completed, and other data obtained in connection with medical treatment;

Technical data: data which are technically recorded during the operation of the system: data on the Patient’s computer which are generated during the use of the service and which are recorded by the Institution’s system as an automatic result of technical processes. The automatically recorded data are automatically logged by the system on entry and exit without any specific declaration or action by the Data Subject. These data cannot be linked to other personal user data. Access to the data is restricted to the Institution.

Purpose of data processing


The Aestella Clinic’s employees may process personal data only in the course of carrying out the activities within the scope of the company’s activities, to the extent necessary for the performance of their duties as defined in their job description, in accordance with the legal provisions and this Privacy Policy.

The primary purpose of this Policy is to define and comply with the basic principles and provisions governing the processing of data of natural persons who come into contact with the Aestella Clinic, in order to protect the privacy of natural persons in accordance with the applicable legal provisions and official resolutions.

The purpose of processing health and personal data is to promote the preservation, improvement and maintenance of health. To promote the effective medical treatment activities of the Company.

Principles of data processing


a) “Purpose limitation principle”. The data must be processed in accordance with the purpose of the processing at all stages, and the collection and processing of the data must be fair and lawful.

b) “Lawfulness, fairness and transparency”.

(c) “Proportionality, necessity” or “data minimisation” principle. Personal data may be processed only to the extent and for the duration necessary for the purpose of the processing. Accordingly, the Data Controller shall process only and exclusively such data as is strictly necessary for the purpose of the processing.

d) “Accuracy” principle.

(e) ‘Limited Retention’ Principle: Personal data should be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data should be kept for longer periods only if the personal data will be processed for archiving purposes in the public interest, scientific and historical research purposes or statistical purposes in accordance with Article 89(1) of Regulation EU 2016/679, subject to the implementation of appropriate technical and organisational measures as provided for in this Regulation to protect the rights and freedoms of data subjects

(f) “Integrity and Confidentiality” principle: the Data Controller shall ensure the prevention of accidental or unlawful destruction or accidental loss, access, alteration or dissemination of personal data stored in automated data files by applying appropriate security measures to protect such data.

g) “Accountability” Principle: The Controller is responsible for compliance with points a) to f) and with the provisions of the Policy and must be able to demonstrate such compliance.

Performance of data protection tasks


The Head of the institution shall supervise the performance of data protection tasks. In this context, he shall adopt the data protection policy and ensure its implementation.

The Head of Administration shall ensure ;

a) appointing the Data Protection Officer

(b) monitoring data protection activities

(c) the preparation and updating of the Policy

(d) training in data protection

By completing the form, the data subject gives his/her consent to the storage and processing of his/her data as set out in this Privacy Policy.

Data Controller ;

The natural or legal person who, alone or jointly with others, determines the purposes, legal basis and means of the processing of personal data.

Designation of the Institution as controller ;

Name : Togala Ltd / Aestella Clinic /

Registered office : 1064 Budapest, Izabella utca 80.

Location : 1095 Budapest , Lechner Ödön fasor 10/B / Millenium Gardens /

Phone number : 06/70-600-1325

E mail :

Data Processor :

A natural or legal person or any other body which processes personal data on behalf of the controller , performs technical tasks related to the processing of personal data on the controller’s instructions.

A data processor is an internal employee of the Institution who, on the basis of the instructions and authorisation of the Head of the Institution, processes personal and specific data of Patients and performs technical tasks related to the processing.

Legal basis for processing the data


– Exclusive patient consent

– Fulfilling a legal obligation

– Legitimate interest of the institution, patient, third party

Patient ( Data Subject ) consent:

Under the GDPR Regulation, the consent of Data Subjects must be voluntary , specific , informed and unambiguous. In the case of special categories of personal data – health data – the consent must be explicit in addition to the above.

Compliance with a legal obligation :

The processing of personal and special categories of data recorded and stored in the Institution’s system is necessary to comply with other legal obligations imposed on the Institution as Data Controller by EU and national law.

Legitimate interests of the institution , patient , third party :

The legal basis for the processing of personal and sensitive data is the legitimate interest of the Institution , the patient , the third party , as there is an electronic camera system on the premises of the Institution , which is capable of recording and storing images and sound recordings. The purpose of the operation of the camera system is to protect persons and property, to protect business secrets and to clarify the facts in the event of a dispute.

The recording of health data is part of medical treatment. The doctor carrying out the treatment shall determine, in accordance with the professional rules, which health data, in addition to the compulsory data to be recorded, are necessary for the purpose of the treatment.

Other persons carrying out activities related to the treatment of the Data Subject may collect health data in accordance with the instructions of the treating physician and to the extent necessary for the performance of his or her tasks.

Duration of processing


The Aestella Clinic shall process the data provided in accordance with this Privacy Policy only for the time necessary to achieve the purpose of the processing.

The medical records shall be kept for at least 30 years from the date of recording and the final report for at least 50 years. If further record keeping is no longer justified, the records shall be destroyed.

All e-mails received will be deleted, together with the information contained in the message, after a maximum of 5 years from the date of transmission.

Pursuant to Article 17 ( 1 ) of the GDPR Regulation : the data processed by the Data Controller shall be erased from the database of the Data Controller without undue delay at the request of the Data Subject ( Patient ) , unless there is no other legal basis for the processing except the consent of the Data Subject .

Pursuant to Article 17 (3) of the Regulation, where the personal data processed are necessary for the exercise of legal claims or settlement of accounts with public authorities, the processing may be carried out, despite the Data Subject’s request, for the fulfilment of a legal obligation or on the basis of a legitimate interest.

The controller shall erase personal data from records and documents containing personal data if ;

a) the purpose of the processing has ceased or the period of storage of the data specified by law has expired

b) the processing is unlawful

c) the data subject requests it

d) ordered by a court or the Data Protection Commissioner

(e) it is incomplete or incorrect and cannot be lawfully corrected

The scope of persons having access to the data, data portability


The data may be accessed primarily by internal staff of the Institution. To the extent necessary, data relating to the treatment of the Patient shall be transmitted to medical institutions and public authorities. The legal basis for the transfer of data is the fulfilment of the legal obligation of the Institution based on the law.

Current list of data processors ;

Mariann Baláti / accountant /

Address; 1064 Budapest , Izabella utca 80.

Scope of data transmitted ; patient name , postcode and address , account

Magyar Posta Zrt.

Head office; 1138 Budapest , Dunavirág u. 2-6

Tax number ; 10901232-2-44


Website ;

Scope of data transmitted ; patient name, postcode and address , account

Data Processing – Data Security


Patients’ personal and health ( special ) data are processed and stored with the express consent of the Patient. The data are processed by the internal staff of the Aestella Clinic. The data will be stored in a computer encrypted system , locked away on paper and inaccessible to third parties.

The data controller shall ensure the protection of health and personal data against unauthorised access, alteration, disclosure, disclosure, erasure, destruction and damage and shall be responsible for the maintenance of the records.

Rights of data subjects ( Patients )


Right to transparent information ;

Patients have a fundamental right to adequate and transparent information, which is an obligation of the institution. The information must be provided to the patient in a comprehensible manner and free of charge.

If the patient requests information, it shall be provided without undue delay and within a maximum of 30 days.

Right of access ;

Under the right of access, the Data Controller ( Institution ) must provide the Patient with a copy of the personal data which are the subject of the processing at the Patient’s request.

Right to data portability ;

On the basis of the right to data portability, the Data Subject ( Patient ) has the right to receive the data relating to him/her provided by the Institution as Data Controller in a structured, commonly used, machine-readable format and the right to transmit these data to another Data Controller without being prevented from doing so by the Institution.

Right to rectification ;

On the basis of this right, the Patient shall have the right to have inaccurate personal and particular data relating to him or her corrected by the Institution without undue delay upon his or her request.

Right to be forgotten ( erasure );

On the basis of this right, the Patient may , where there is no other legal basis for the processing, request the erasure of his personal and specific data processed by the Institution and the removal of traces of the processing.

Right to object ;

In the case of processing based on legitimate interest, the Data Subject ( Patient ) may object in writing to the further processing of his/her personal data despite his/her request for erasure. In this case, the Institution must prove that the Data Subject has a legitimate interest in the further processing of his/her data.

Right to restriction of processing ;

The Data Subject shall have the right to obtain, at his or her request, restriction of processing by the controller if any of the following conditions are met ;

– the data subject contests the accuracy of the personal data

– processing is unlawful but the data subject opposes the erasure of the data

– the controller no longer needs the personal data for the purposes of the processing but the data subject requires them for the establishment, exercise or defence of a legal claim

– the data subject has objected to processing on the basis of legitimate interest, in which case the restriction shall continue until it is established that the legitimate interest of the controller prevails.

Data protection incident handling


A personal data breach is the unlawful processing or handling of personal data, in particular unauthorised access, alteration, disclosure, transmission, disclosure, erasure or destruction, as well as accidental destruction or damage.

Procedures in the event of a personal data breach ;

Data breach management is always the responsibility of the controller.

– Categorisation of the incident according to the risk to the rights and freedoms of natural persons

– notification of the incident to the supervisory authority within 72 hours

– taking measures to remedy the incident

– identification of those responsible

– informing data subjects



Right to complain ; 

If the Data Subject considers that the processing of personal data concerning him or her does not comply with the legal requirements, he or she may lodge a complaint with the National Authority for Freedom of Information and Data Protection (NAIH). The complainant may appeal against the decision of the NAIH in court.

Name : NAIH

Headquarters ; 1125 Budapest, Szilágyi Erzsébet fasor 22/C

Telephone : 06 – 1 – 391-1400

Website :

Claim for compensation ;

Any person who suffers damage as a result of a breach of the provisions of the Info Act and the Regulation is entitled to claim compensation for material and non-material damage from the controller or processor.

The controller and the processor shall be exempt from liability if they prove that they are not in any way responsible for the event giving rise to the damage.

Asset protection


Electronic surveillance system ;

Togala Ltd. operates an electronic surveillance and recording system, which includes cameras at the entrance, in the waiting room and in the treatment rooms.

Purpose of data processing;

To prevent, detect, trace and prove offences in order to protect human life, limb and property, to identify unauthorised persons entering the premises, to record the fact of entry, to document the activities of unauthorised persons, to investigate the circumstances of any accidents at work or other premises.

Legal basis for processing ;

The consent of the data subject by entering the territory of Togala Ltd.

Type of personal data processed ;

The facial images and other personal data of persons entering the Togala Ltd. premises, as shown in the images and recorded by the monitoring system.

Duration of the processing ; DPA. 31 (3) (c).

Data processor ;

Name ; Togala Ltd.

Registered office ; 1064 Budapest, Izabella utca

Location : 1095 Budapest , Lechner Ödön fasor 10/B / Millenium Gardens /

Use of recordings ;

Togala Ltd. or the Data Subject whose rights or legitimate interests are affected by the image recording is entitled to view the current image of the cameras. The Data Controller shall record the name of the person who views the recorded images, the reason for and the time of accessing the data. Transmission of data in the event of offences or criminal proceedings to the authorities conducting such proceedings.

Other provisions


1./ The Institution undertakes to inform the Patient of any use of the data provided by the Institution for purposes other than those for which they were originally collected, and to arrange for the Patient’s prior express consent to such use or to give the Patient the opportunity to oppose such use.

2./ The Institution undertakes to ensure the security of the data, to take the technical measures necessary to ensure that the data recorded, stored or processed are protected and to take all necessary steps to prevent their destruction, unauthorised use or unauthorised alteration. It also undertakes to require any third party to whom it may transfer or transmit the data to fulfil its obligations in this respect.

3./ The Institution reserves the right to unilaterally modify this Policy by giving prior notice to the Data Subjects through the Website.