Privacy Policy

Last updated: March 2025 (see app release notes).

UroSystem – Privacy Policy

Urosystem Zrt (hereinafter referred to as Provider, Controller or Data Controller) meets its information obligations related to data processing by issuing this Policy. The Provider acknowledges the content of this legal notice as binding for itself and guarantees that all data processing operations related to its activities comply with the requirements defined in this Policy and the rules of law in force.

The Controller:

  • reserves the right to change this Policy;
  • is committed to the protection of the personal data of its clients and partners and considers respect of its clients’ right for informational self-determination particularly important;
  • will process personal data confidentially and take all security, technical and organizational measures to guarantee the security of such data;
  • will process personal data only for specific, explicit and legitimate purposes, for the purposes of exercising a right or fulfilling an obligation; will collect it taking the principle of fairness and legality into consideration and process it in adherence to such principles;
  • will process only personal data that is indispensable and suitable for the purposes of data processing. The Provider will process personal data to the extent and for the period necessary for implementing the purpose. Personal data will be stored in a form to enable identification of the data subject only for the period necessary for achieving the specific purposes, i.e. collection and further processing of the personal data.

The Controller’s data processing principles are in accordance with the legal regulations related to data protection.

The Controller is the operator of the app.urodapter.com webpage (Webpage). For the purposes of this Policy, each individual who enters or visits the Webpage and provides his or her data referred to herein is considered a user (hereinafter referred to as User).

1. Whose data is being controlled?

Every User is a subject to data controlling. Persons who do not share any personal data are covered by the Cookie Policy. Persons who provide personal data during contact are considered Data Subjects/Users.

2. What sort of personal data is being controlled?

The following personal data are controlled for contact services (Users) by sending an e-mail or filling out the contact form:

  • Name (first name, surname)
  • Email address
  • Company/Institution
  • the text of the message

3. What sort of health data is being controlled?

We do not process health data during the provision of services currently available on our Webpage.

4. What is the legal basis of collecting and controlling personal data?

The legal basis of collecting and controlling personal data are:

(a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes;

(b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

(c) processing is necessary for compliance with a legal obligation to which the Controller is subject.

If the legal basis of the controlling of the personal data is the consent of the Users, then before giving consent, they should receive clear, written information about our privacy procedures which you can accept by placing a tick in the appropriate check box and which means to give the consent to the control of your personal data.

5. What is the duration of data controlling?

If the legal basis of the controlling of the personal data is the consent of the Users, then we are allowed to control your personal data for a 3 years period, but controlling ends instantly in case of the withdrawal of a consent, a request of deleting or destroying. The consent can be withdrawn at any time.

6. What is the purpose of data collecting and controlling?

  • Making it available for the Users to contact us.
  • Making it available for the Users to ask for information.
  • The easy and efficient use of the Webpage for the Users.

7. Who can access the data?

No Visitor, User or unappointed third party can access to any other data.

The staff of the Webpage and appointed third parties can access all data, however, they are not allowed to use them for any other purpose than described in section 6., nor transfer or sell them to any unappointed third parties.

8. To whom is data transferred?

Hosting and forms: This Webpage is hosted on Netlify. Contact form submissions are processed by Netlify as part of hosting. Netlify acts as a processor under its own privacy policy and data processing terms.

We do not use the third-party marketing or analytics integrations that appeared in older versions of this policy (e.g. social networks, video platforms listed for generic tracking). The current app does not load Google Analytics or similar trackers.

Any data have to be transferred to third parties if they are required for investigating and/or examining criminal cases or cases of natural security. If this happens, the third party who requires the data must define what data they need and name the exact purpose of data controlling, too.

Apart from the cases described above, no data can be transferred to any other third parties without the consent of the Visitor or the User.

9. Progressive Web App (PWA) and local caching

When you install or use this site as a PWA, your browser may store app shell assets and media (such as instruction videos) locally on your device for offline use. This caching is performed by your browser and the service worker; it is not used by us to identify you beyond what you submit through the contact form.

10. What happens if personal data are not shared?

No Visitor or User is obligated to share any personal data, visiting the webpage is possible without doing so (or after withdrawing a consent to Data Controlling). In this case, however, they may have limited access to our services on the Webpage.

Data protection

The Data Controller makes every effort (that can be expected rationally) so that the principles of the safety of data can prevail. This can be summarized in the following way.

1. Availability — Those who have the right to access the necessary data are able to do so at any time.

2. Confidentiality — Every piece of data is available only for those who are authorized to control and process it.

3. Authenticity and Integrity — During the process of data storing and controlling the data itself remains unchanged.

While the data is being stored, the Data Controller performs every measure of protection and precaution (that can be expected rationally) so that the data shall be protected against stealing, unauthorized accessing, becoming damaged, corrupted, deleted, destroyed and published (regardless of a result of an intentional or unintentional act), failures of electronic or any other forms (including natural disasters).

Data breach and its handling

In case of data breach of high risk, the Data Controller informs the persons who are involved (due to their rights) with no delay.

The Data Controller need not inform the persons who are involved if:

  • the Data Controller performed actions which made the data affected by the breach incomprehensible (e.g. by using encryption on the data);
  • informing the persons who are involved would require actions of unproportional effort (in this case information shall be provided in another form, e.g. publishing);
  • due to the actions performed by the Data Controller the high risk does not exist anymore.

Cookies

The Webpage does not use cookies. Further information is in the Cookie Policy.