Privacy Policy

for Visitors and Registered Users of www.labocorpgroup.com

Introduction

The service provider/data controller manages the data of individuals registered on the website to provide them with appropriate services. The service provider aims to fully comply with the legal requirements related to the management of personal data, particularly those outlined in Regulation (EU) 2016/679 of the European Parliament and the Council.

This Privacy Policy has been prepared based on Regulation (EU) 2016/679 of the European Parliament and the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, considering the provisions of Act CXII of 2011 on the right to informational self-determination and freedom of information.

Name of Service Provider/Data Controller:

• Name/Company Name: LABOCORP FZCO
• Registered Office: Dubai Silicon Oasis, DDP, Building A1, Dubai, United Arab Emirates
• Tax Number: 28131
• Website Name and Address: https://www.labocorpgroup.com

Contact Information of the Data Controller:

• Email: uk@labocorpgroup.com
• Email: emirates@labocorpgroup.com

Definitions

• GDPR (General Data Protection Regulation): The new Data Protection Regulation of the European Union.
• Data processing: Any operation or set of operations performed on personal data or data sets, either automated or non-automated, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
• Data processor: A natural or legal person, public authority, agency, or other body that processes personal data on behalf of the data controller.
• Personal data: Any information relating to an identified or identifiable natural person (data subject). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
• Data controller: A natural or legal person, public authority, agency, or other body that determines the purposes and means of processing personal data, either alone or jointly with others.
• Consent of the data subject: A freely given, specific, informed, and unambiguous indication of the data subject's wishes, by which they signify agreement to the processing of personal data relating to them by a statement or clear affirmative action.
• Data protection incident: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
• Recipient: A natural or legal person, public authority, agency, or other body to whom personal data is disclosed, whether or not it is a third party. Public authorities receiving data in accordance with a legal obligation are not considered recipients.‍
• Third party: A natural or legal person, public authority, agency, or other body other than the data subject, data controller, data processor, or persons authorized to process personal data under the direct authority of the data controller or processor.

Principles of Data Processing

The data controller declares that it processes personal data in accordance with the provisions of this privacy policy and complies with relevant legal regulations, paying particular attention to the following:

• Personal data must be processed lawfully, fairly, and transparently for the data subject.
• Data collection must only be conducted for specified, explicit, and legitimate purposes.
• The processing of personal data must be adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
• Personal data must be accurate and kept up-to-date. Inaccurate data must be erased or rectified without delay.
• Personal data should be stored in a manner that permits identification of data subjects only as long as necessary. Extended storage is only permissible for public interest archiving, scientific or historical research, or statistical purposes.
• Data must be processed in a secure manner using appropriate technical or organizational measures to ensure protection against unauthorized or unlawful processing and accidental loss, destruction, or damage.
• The principles of data protection must apply to all information relating to an identified or identifiable natural person.

Key Information about Data Processing

• Purpose of Data Processing: To provide additional services and contact registered users of the website.
• Legal Basis for Processing: The consent of the data subject.
• Scope of Data Subjects: Registered users of the website.
• Duration of Data Processing and Data Erasure: Data will be processed for the duration required to fulfill the purpose of the data collection. Once the purpose is achieved, data will be erased immediately. Consent for processing can be withdrawn at any time by sending an email to the contact address provided. In the absence of legal impediments, data will be deleted.
• Authorized Data Access: The data controller and its employees.
• Rights of the Data Subject: Data subjects may request access, rectification, erasure, restriction of processing, object to processing, and exercise the right to data portability regarding their personal data.
• Withdrawal of Consent: The data subject may withdraw their consent for data processing at any time without affecting the lawfulness of processing based on consent before its withdrawal. The withdrawal can be initiated by sending an email to the contact addresses provided.
• Filing Complaints: The data subject may file a complaint with the supervisory authority regarding data processing practices.
• Providing Personal Data: To utilize the benefits of registration and specific website functions, it is necessary to provide the requested personal data. The refusal to provide such data does not entail any disadvantage; however, some functions of the website cannot be accessed without registration.‍
• Correction and Deletion of Data: The data subject may request corrections or deletions of their personal data via email, phone, or postal mail using the contact details provided earlier.

Registration on the Website

• Purpose of Data Processing: To provide additional services and enable contact.
• Legal Basis: The consent of the data subject.
• Scope of Data Subjects: Registered users of the website.
• Duration of Data Processing: Processing continues until consent is withdrawn. Consent may be withdrawn at any time via email to the contact addresses provided.
• Erasure of Data: Data is deleted upon the withdrawal of consent.
• Authorized Data Access: The data controller and its employees.
• Storage Method: Electronic.‍
• Mandatory Nature of Data Submission: The provision of personal data is necessary for database identification and communication. Accurate name and address details are required for invoicing, which is a legal obligation.

Data Categories Processed

• Name: LaboCorp Group
• Company Name: LABOCORP FZCO
• Address: Dubai Silicon Oasis, DDP, Building A1, Dubai, United Arab Emirates
• Email: emirates@labocorpgroup.com
• Phone Number: +971509760434
• Registration Date: 23/03/2023

Purpose of Data Processing for Each Category:

• Identification, Communication, Invoicing: Applicable to name, company name, and address.
• Identification, Communication: Applicable to email, phone number.‍
• Technical Operations: Applicable to registration date and IP address.

Order Placement

• Purpose of Data Processing: To provide additional services, establish contact, and send confirmation emails. Orders can only be fulfilled if contact and billing details are provided, as they are necessary for communication and invoicing.
• Legal Basis: Consent of the data subject. For invoicing, processing is based on legal obligations.
• Scope of Data Subjects: Registered users placing orders through the website.
• Duration of Data Processing: Until the withdrawal of consent or as required by law. Consent may be withdrawn at any time by emailing the provided contact addresses.
• Erasure of Data: Data is deleted upon consent withdrawal unless legal obligations require otherwise.
• Authorized Data Access: The data controller and its employees.‍
• Storage Method: Electronic.

Cookies (Cookie Policy)

Cookies are small files that websites place on a user's computer containing information such as site settings or login status. Cookies are created by the websites visited and improve user experience by storing browsing data. They help the website remember user preferences and provide locally relevant content.

• Scope of Data Subjects: Visitors to the website.
• Purpose of Data Processing: To provide additional services, identify users, and track visitors.
• Legal Basis for Processing: The user's consent is not required if the cookies are strictly necessary for the website's functionality.
• Data Categories: Unique identifier, timestamp, and configuration data.
• Management of Cookies: Users can delete cookies anytime via browser settings.
• Authorized Data Access: The data controller does not process personal data through cookies.‍
• Storage Method: Electronic.

Social Media Platforms

Social media platforms act as tools for disseminating messages through community users. These platforms include public speeches, presentations, service or product descriptions, forums, blog posts, images, videos, sound recordings, message boards, and emails.

• Scope of Data Subjects: All registered users.
• Purpose of Data Processing: To promote the website or related pages.
• Legal Basis for Processing: Voluntary consent of the data subject.
• Duration of Data Processing: As specified in the policies of the relevant social media platforms.
• Data Categories: Personal data, including public profile pictures.‍
• Authorized Data Access, Deletion, and Storage: As governed by the respective social media platform's policies.

Google Analytics

• ‍Usage Status: The website does not use Google Analytics.

Rights Related to Data Processing

1. Right to Information: Data subjects may request information about the processing of their data, including the purpose, legal basis, duration, and source. The data controller will respond within 30 days.
2. Right to Rectification: Data subjects may request the correction or modification of their data, and the data controller will take action within 30 days.
3. Right to Erasure ("Right to be Forgotten"): Data subjects may request their data to be deleted, and the controller will comply within 30 days unless legal obligations prevent deletion.
4. Right to Restriction of Processing: Data subjects may request a restriction on processing for a specific reason.‍
5. Right to Object: Data subjects may object to data processing, and the controller will investigate and respond within 15 days.

Withdrawal of Consent

Consent for data processing can be withdrawn at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

Supervisory Authority

If unlawful data processing is suspected, the data subject may file a complaint with the National Authority for Data Protection and Freedom of Information (NAIH):

• Chairperson: Dr. Attila Péterfalvi
• Address: 1055 Budapest, Falk Miksa u. 9-11.
• Mailing Address: 1363 Budapest, Pf. 9.
• Phone: +36 1 391 1400
• Email: ugyfelszolgalat@naih.hu
• Website: http://www.naih.hu

Relevant Legal Framework

• Regulation (EU) 2016/679 (General Data Protection Regulation).
• Act CXII of 2011 on informational self-determination and freedom of information.
• Act CVIII of 2001 on electronic commerce and information society services.
• Act C of 2003 on electronic communications.