[11 Dent Kft] (hereinafter: Data Controller), as the operator of the website available under the domain name [www.citysmile.hu] (hereinafter: Website), hereby informs you about the processing of your personal data in accordance with this notice, pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (27 April 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, “GDPR”).

1.) DETAILS OF THE DATA CONTROLLER

Data Controller: [11 Dent Kft]
Registered office: [1025 Budapest, Csatárka út 42-50]
Tax number: [25540905-2-41]
Company registration number: [: 01 09 281122]
E-mail: [citysmile.dentist@gmail.com]
Website: [www.citysmile.hu]
Mobile: [+36 20/9166963]

2.) SCOPE OF PROCESSED DATA

• Data processing in connection with contacting us

On the Website, on a dedicated interface, the User may provide their data in order to contact the Data Controller and receive information about the Data Controller’s services. During contact, the following personal data must be provided:

• • name:
  • e-mail address:
  • subject:
  • message:

The Data Controller processes the above-defined personal data of natural persons who contact or are in contact with it as non-contracting parties for the purpose of properly carrying out its activities and establishing and maintaining contact in connection therewith.

The processing of personal data is carried out based on the voluntary and explicit consent of the data subject. Consent is given on the Data Controller’s website when completing the Contact Form, by simultaneously reading and accepting this notice electronically.

The legal basis for data processing:

When visiting the website, under the “Contact” menu item, you have the option to contact the Data Controller and send a message electronically. The submitted message will be processed, and based on this, you will be contacted in a reply message regarding the subject of your inquiry.

The Data Controller will not use your personal data for any purpose other than the one described above.

The duration of data processing:

The Data Controller processes the data during the existence of the contact and thereafter for as long as maintaining contact with the data subject is necessary for carrying out its activities.

The personal data will be deleted without delay once the purpose of the data processing ceases to exist or upon the request of the data subject.

• Data processing in connection with dental treatment

Dental treatment means a situation in which a natural person, legal entity, or organization without legal personality gives the Data Controller a mandate to provide legal services.

The purpose of data processing is the conclusion and performance of the service contract, the verification of the rights and obligations related thereto, the enforcement of rights arising from it, and communication related to the conclusion and performance of the contract.

The Data Controller processes the following personal data of the natural person entering into a contract with it: name, residential address, mailing address, tax identification number, (tax number), telephone number, e-mail address, and further personal data related to the conclusion and performance of the contract.

The legal basis for data processing:

• activities carried out at the request of the contracting party prior to the conclusion of the contract,
• performance of the contract after its conclusion until its termination,
• in the event that the contract is not concluded, or after the termination of the contract, the legitimate interest of the Data Controller in being able to enforce any claims related to the contract and to prove the lawfulness of its procedure in the event of any legal dispute or inspection.

The duration of data processing:

If the contract is concluded, the Data Controller processes the personal data for the duration of the contract and, if the conclusion of the contract fails or after the contract has ended, for as long as claims may be asserted against or by it in connection with the failure of the conclusion of the contract or the contract itself – or, if a legal dispute has arisen in the meantime, until such dispute has been finally resolved.

The natural person concerned by data processing based on legitimate interest may object to such data processing at any time.

• Data processing in connection with the fulfilment of legal obligations prescribed by law

For the purpose of fulfilling legal obligations related to its activities, the Data Controller processes the personal data of natural persons related to contracts within the scope defined by the relevant legislation. Such obligations include in particular:

• • identification pursuant to Act LIII of 2017 on the Prevention and Combating of Money Laundering and Terrorist Financing (“Pmt.”);
  • fulfilment of assignments and related tasks,
  • identification of third parties involved in the performance of mandates and assignments, contacting such persons, communication, and preparation/conclusion of agreements,
  • fee and expense accounting, invoicing,
  • case registration,
  • document management for internal administration and in accordance with legal obligations,
  • conclusion, performance, and settlement of contracts with persons involved in or assisting the lawyer’s activity.

3.) PERSONS ENTITLED TO ACCESS PERSONAL DATA, DATA PROCESSING

The Data Controller and the Data Processors engaged by it are entitled to access personal data in accordance with the applicable laws. The following data processor, acting on behalf of the Data Controller, performs data processing:

• EZIT Kft., registered office: 1132 Budapest, Victor Hugo utca 18-22. The purpose of data processing is hosting services.

The Data Controller reserves the right to involve additional data processors in the future, about which it will inform the data subjects by amending this notice.

In the absence of an explicit legal provision, the Data Controller will only transfer personal data suitable for personal identification to third parties with the explicit consent of the data subject.

4.) RIGHTS OF THE DATA SUBJECT

• To receive transparent information about the processing of their data and feedback as to whether data processing is in progress, and to receive the information included in such transparent information. (Article 15 GDPR)
• To have inaccurate personal data concerning them corrected or incomplete personal data completed. (Article 16 GDPR)
• To have personal data concerning them erased. (Article 17 GDPR)
• At their request, to have the Data Controller restrict data processing. (Article 18 GDPR)
• To receive their personal data in an appropriate format and transmit them to another controller. (Article 12 GDPR)

5.) ACCESS TO DATA

During the period of data processing, the data concerned may be accessed by employees of the Data Controller only to the extent and for the period necessary for the performance of their duties, subject to confidentiality obligations.

6.) DATA SECURITY

The Data Controller undertakes to ensure the security of the data and to take the technical and organizational measures and establish the procedural rules necessary to ensure that the data collected, stored, and processed are protected, and to prevent their destruction, unauthorized use, and unauthorized alteration.

The Data Controller ensures that unauthorized persons cannot access, disclose, transmit, modify, or delete the processed data. The processed data may only be accessed by the relevant employees of the Data Controller, and the Data Controller shall not transfer them to any third party who is not entitled to access the data.

The Data Controller takes all measures reasonably expected of it to ensure that the data are not accidentally damaged or destroyed. The Data Controller also imposes the above obligation on its employees involved in data processing activities.

Under no circumstances does the Data Controller collect special categories of personal data, i.e. data relating to racial origin, membership of national or ethnic minorities, political opinions or party affiliation, religious or other philosophical beliefs, trade union membership, health status, pathological addictions, sex life, or criminal record.

7.) LINKS

The Data Controller accepts no responsibility for the content, data protection, or information security practices of external websites accessible from the Website via links. If the Data Controller becomes aware that a linked page or the linking itself infringes the rights of third parties or applicable laws, it will remove the link from the website without delay.

8.) LEGAL REMEDIES

The Data Controller does everything in its power to ensure that the processing of personal data is carried out in accordance with the applicable legal provisions. However, if the data subject feels that this has not been complied with, they may write to the e-mail address info@tancziko.hu or to the postal address 2300 Ráckeve, Pf. 32.

If the data subject feels that their right to the protection of personal data has been violated, they may seek legal remedy (lodge a complaint) with the competent authority in accordance with the applicable legislation.

• National Authority for Data Protection and Freedom of Information (registered office: 1055 Budapest, Falk Miksa utca 9-11., postal address: 1363 Budapest, Pf. 9.), or the data protection supervisory authority of the EU Member State of the data subject’s habitual residence, place of work, or the place of the alleged infringement, if the data subject believes that the processing of their personal data infringes the General Data Protection Regulation.

The data subject is entitled to initiate court proceedings before the court competent according to the place of establishment of the Data Controller or before the court of the EU Member State of the data subject’s habitual residence if the Data Controller has violated their rights under the applicable legislation. In Hungary, the data subject may also bring the action before the competent regional court of their place of residence or stay.

[Dated: Budapest, 21 February 2026.]