Content Comparison

...

• You have the right to object against our data processing any time in case such processing is based
  on “legitimate interest,” as indicated below.

• Definitions not specified in this Privacy Policy shall have the meaning as set out in the Agreement
  or the SkinAid T&C. Please make sure that You are familiar with such definitions.

• Please contact us first if you have any concern regarding our data processing.

I. Data controller and contact details:
- Name: Dermus Limited Liability Company (“Dermus”).
- Postal address: H-1114 Budapest, Kanizsai utca 2-10. C. ép. 2. em. 11. (Hungary);
- E-mail:privacy@dermusvision.com

II. General information on processing

a. Customer as sole data controller: The Customer is regarded as a sole data controller on whose behalf You may process certain personal data of the Captured Data’s subject within the scope of the business or not-for-profit activity of the Customer and in compliance with the Local Provisions. Data processing of Dermus and Customer may not create any joint controller or controller-processor status between them.

b. No processing of patient personal data: Dermus will only process your personal data if such processing has a specific purpose and an appropriate legal basis as set out in this Privacy Policy. Dermus does not process personal data of the Captured Data’s subject (the “patient”). Only non-identifiable patient data may be uploaded to the SkinAid Catalogue (e.g., year of birth, sex, other associated metadata). Customer shall be solely responsible for any data processing which is the result of linking non-identifiable patient data recorded in the SkinAid Catalogue with other patient data recorded separately by Customer/User or a third party, resulting in the (potential) identification of an actual patient.

c. Legal bases of processing: the following legal bases may apply pursuant to the general data protection regulation 2016/679 of the European Union (the “GDPR”):

i. performance of a contract [Section (1)b of Article 6 of the GDPR]: in this case, processing is not mandatory, but in the absence of such processing, the Service cannot be performed by Dermus;

ii. compliance with a legal obligation[Section (1)c of Article 6 of the GDPR]: in this case, processing is mandatory by virtue of law in order to comply with the applicable statutory provisions (e.g., mandatory data storage);

iii. legitimate interest [Section (1)f of Article 6 of the GDPR]: in this case, the legal or business interests of Dermus (e.g., pursuing claims) require the processing of certain of your personal data against your interests in a justified and balanced manner.

d. Transfer of personal data: Dermus is entitled to transfer your personal data to (i) its trusted data processors (acting on behalf of Dermus); and to (ii) its legal representatives (acting as a sole data controllers) if pursuing legal claims. The data storage and hosting service providers, indicated in the SkinAid T&C, act as sole data controllers in accordance with their own privacy policies.

e. While using the Service, Dermus reserves the right to contact the User for future commercial purposes in connection with the Service or any future services of Dermus. System or error messages regarding the use of the Service are not considered business offers or newsletters.

f. Matters not regulated herein shall be governed by the GDPR and the relevant provisions of the respective Hungarian law. Dermus may from time to time update this Privacy Policy and will notify User in a timely and notable manner before such update becomes effective.

III. Purposes of processing

a. Registration (creating

...

an account in the SkinAid web application):

...

4IV. Your rights relating of our data processing

...