Translated from Hungarian to English -

1038 Bp., Kázmér utca 4; HP 8-20; Sat 8-14


Service provider / Organizer details:

Service provider name: BodyBalance4You Health Center

EV Balázs Melinda.

Headquarters: 1038, Budapest, Kázmér utca 4

Location: 1038 Bp, Kázmér utca 4

Postal address: 1036 Budapest, Bécsi út 85

Registry court: Company Court of the Capital City Court

Tax number: 57218564-1-41

E-mail address:


Phone number: +36204179241

Please use our services only if you agree with all points of the General Terms and Conditions and consider them binding on you. This document will not be filed, it will only be concluded in electronic form (it is not considered a written contract), and it does not refer to a code of conduct. The GTC can be downloaded from the following link: []

The following general terms and conditions (hereinafter: GTC) contain the conditions for using the services provided by BodyBalance4You Health Center. The Customer accepts these rules by ticking the box on the order form, and also accepts our cancellation policy by clicking "accept" for the event sent by or . Cancellation policy:
Our cancellation policy also becomes acceptable by filling out the data sheet authenticated with your signature during the first health assessment.


For online classes

1. On the "Order" tab, select the desired service, add it to the "Cart", and finally click on the "Payment" button. (Payment by bank transfer or PayPal)

2. Registration is required for all live video call classes, which the participant can do by clicking on the "Login" tab or by contacting the following contact number: +36204179241

3.1 Individual classes: login via the link received in the email - on Google "Meet")

3.2 Group classes: login via the link received in the email - on Google "Meet")

4. Live video call at the specified timesn

For treatment in the doctor's office / at home / physiotherapy

1. By phone:or +36204179241

2. By email: or

3. By filling out a form


You can also pay the price of the selected ONLINE service by bank transfer in advance. If you choose this payment method, please click on the "Order" tab and then place the service you want to purchase in the "basket". You can check the selected service on the "Basket" tab, and finally click the "Payment" button. Fill in the requested personal data, accept the policy, and finally click the "Complete order" button. Then, please transfer the amount of the requested service by logging into your own banking interface or via the PayPal interface. Notice: order number, which we send by email.

Our account number required for transfer:

Account number: 11773119-00478339-00000000, OTP BANK


The organizer is the owner of the contents published on the website. Any duplication, distribution, use, or change of these contents, especially for commercial purposes, requires the organizer's prior express written consent.


Everyone can do the online exercise programs at their own risk. Due to the lack of personal control, the staff of BodyBalance4You assumes no responsibility for possible injuries related to the exercises.

It is definitely recommended to consult your doctor, physiotherapist, or therapist before the exercises!


- Filing a complaint with the territorially competent consumer protection authority (

If the applicant notices a violation of his consumer rights, he is entitled to file a complaint with the competent consumer protection authority according to his place of residence. After evaluating the complaint, the authority decides on the conduct of the consumer protection procedure.

In order to resolve a consumer dispute related to the quality and safety of the service, as well as the conclusion and performance of the contract, out of court, the applicant may initiate a procedure at the conciliation board operating under the competent professional chamber according to the organizer's seat ( ?id=bodies).

In the application of the rules applicable to the Conciliation Board, a consumer is also a non-governmental organization, church, apartment building, housing association, micro, small and medium-sized enterprise under a separate law who buys, orders, receives, uses, makes use of goods, or commercial communications or offers related to the goods addressee.

The applicant is entitled to assert his claim arising from a consumer dispute before the court in the framework of a civil procedure under the Civil Procedure Code and CXXX of 2016 on the Civil Procedure Code. according to the provisions of the law.


CXII of 2011 on the right to information self-determination and freedom of information. according to law, Regulation 2016/679 of the European Parliament and Council (EU) (April 27, 2016), in relation to the services on the website, BodyBalance4You-Egészségközpont - BALÁZS MELINDA EV. (hereinafter: Data Controller/Company) performs data management.

Name of data controller: BALÁZS MELINDA EV.

Headquarters: 1038 Bp, Kázmér utca 4

Location: 1038 Bp, Kázmér utca 4

Postal address: 1036 Budapest, Bécsi út 85

Registry court: Company Court of the Capital City Court

Tax number: 57218561-1-41

E-mail address:


Phone number: +36204179241

Name of data processor: Googl Inc.

1600 Amphitheater Parkway, Mountain View, CA 940043

web analytics service

You expressly consent to the DATA PROCESSOR transferring your personal data to a data processor engaged in data processing in a third country. An adequate level of protection of personal data is ensured, as the mandatory legal act of the European Union establishes it on the basis of its conformity decision.

Source of personal data

The Health Service Provider only collects and processes personal data that the Customer voluntarily provides, or which are necessary for personal identification and medical treatment. These data (in particular the following data: name, address, telephone number, e-mail address) are used to ensure (and improve) the services we provide to the Customer, as well as to comply with professional guidelines (data on health status), and to achieve the goals specified in this Privacy Policy need.

Voluntarily provided data is required solely for the purpose of providing and developing our services.

If the Customer gives his voluntary consent in a separate declaration to the use of his provided data for the delivery of SpineArt Health Center advertising mails (in SMS or e-mail), then the purpose of data management is also to send these mails.

The range of processed data (among which data is entered according to the data subject's choice): Name / maiden name, Place of birth, year, month, day, Residential address / place of residence, TAJ number, Treating doctor, Diagnosis, health documentation data.

The Health Service Provider does not use or may use the personal data provided for purposes other than those specified in this Data Management Information. The release of personal data to third parties or authorities - unless the law has binding force to the contrary - can only take place with the prior express consent of the person concerned.

The Health Service Provider does not verify the veracity of the personal data provided. The data subject is responsible for the adequacy of the data provided.

Purpose of data processing

The data management is based on voluntary consent, with the fact that in the case of the examination sheet (medical documentation), the basis of the legal management is Act XLVII of 1997. Act on the management and protection of health and related personal data § 30 paragraph (7).

Duration of data management: The management of personal, non-mandatory data lasts from their voluntary provision until their deletion. The Health Care Provider will delete the provided data within 25 days after the withdrawal of the relevant declaration of consent.

Invoicing data are stored for 8 years based on the mandatory provisions of the law.

By providing his data, the Customer expressly consents to their use for the above purposes. In accordance with the applicable legal regulations, the Health Care Provider stores the Customer's personal data only as long as it is justified in order to achieve the specified goals, or until the Customer withdraws his consent to the processing of the data.

Under no circumstances will the Health Service Provider transfer, transmit or make public the Customer's personal data to a third party other than the employee entrusted with data processing, unless required to do so by law, authority or court.

1. Basic principles of data management; data security

1.1. The Data Controller handles personal data obtained in the course of its activities in accordance with the applicable legal provisions - in accordance with the provisions of the data protection information. The data manager processes personal data exclusively for specific purposes, in order to exercise rights and fulfill obligations.

1.2. We inform you that the management and recording of data - in all stages of data management - meets the requirements of fairness and legality.

1.3. The data manager only handles personal data that is essential for the realization of the purpose of data management and is suitable for achieving the purpose. The data controller processes personal data only to the extent and for the time necessary to achieve the purpose.

1.4. At every stage of the data management, the Data Controller ensures that you can find out at any time which types of data the Data Controller processes for which data management purposes, as well as prohibit the data management - with the exception of mandatory data management - at any time.

1.5. The Data Controller plans and executes data management operations in such a way as to ensure the protection of your privacy.

2. Legal basis of data management - purpose - time - - range of data processed

2.1. The legal basis for data management: CXII of 2011 on the right to self-determination of information and freedom of information. according to Article 5 (1) point a) of the Act, your voluntary consent and the data controller's legitimate interest according to Article 6 (5) - (6), or Article 6 (1) of the GDPR.

2.2. Personal data can be processed if the data subject consents to it, or if it is ordered by law or - based on the authority of the law, within the scope defined therein - by a local government decree for a purpose based on public interest.

2.3. The consent or subsequent approval of the minor's legal representative is not required for the validity of the legal declaration containing the consent of the minor concerned who has reached the age of 16.

2.5. The Data Controller manages the following data:

When visiting the website: IP address, e-mail address;

In case of online registration to use the service: name, address, telephone, email address.;

When sending a newsletter: name, email address.

2.6. Purposes of data management: Online application to use the service, information on the website, sending a newsletter in the evening, making contact.

The primary purpose of the data management carried out by the Company is for the Company to provide you with the service in an efficient, secure and personalized form.

By viewing the Company's website, possibly registering on the site or using the services (contacting, logging in to the service, etc.), you consented to the use of your personal data for the following purposes:

  • identification required to use services,
  • contact,
  • technical operation of services,
  • providing information about the services, the products sold, marketing promotions, sending electronic advertisements related to the services,
  • market research, making market analyses,
  • compilation of statistics.

If you do not indicate your objection to data processing for the above purposes, we consider that you consent to the processing of your data in the following manner.

2.7. Duration of data management:

The duration of the processing of personal data generated in connection with the service usually extends to the duration of the legal relationship with you, at the end of which period the data relating to you and provided by you will be deleted or anonymized for statistical use:

  • processing of personal data provided in the context of possible registration begins with registration and continues until consent is withdrawn. This means the simultaneous cancellation of the registration.
  • in the case of data that can be optionally recorded, the data management lasts from the time the data is entered until its deletion (withdrawal of data management consent). Deletion of optionally recorded data does not result in automatic deletion of the registration.
  • Info TV. Section 6 (5) on the basis of the law, to fulfill the retention or other legal obligations required by law for the Company, and - if it is proportional to the restriction of the right to protect personal data - in order to enforce the legitimate interests of the Company or a third party without the Company's further separate consent, or You can process personal data even after withdrawing your consent.

3. Information on data management - cookie - data portability:

3.1. The Data Controller treats your personal data with the priority of fair procedure, transparency, purposefulness, data economy, limited storage, integrity and confidentiality.

3.2. Your personal data can only be accessed by the current managing director of the data controller and his authorized employees, who in all cases act in accordance with the relevant Hungarian legislation in force when handling personal data.

3.3. The data manager/data processor manages the data voluntarily provided by you during the use of the service in a single database and operates in accordance with the principle of data saving.

3.4. Certain data and IP addresses of the users' computers of the service are logged for the purpose of generating website visitation data and detecting possible errors and attack attempts. The data manager/data processor does not link the user's IP addresses to any other data that could be used to identify the user.

3.5. For the purpose of web analytics measurements, the website may contain links from and to external servers that are independent. The web analytics service provider does not handle personal data, only browsing-related data that is not suitable for identifying individuals. These services are provided by Google Inc. in the context of the Google Analytics service. More information about the service is available at

3.6. When you use some parts of the service, the data manager/data processor installs small data files (cookies) containing data that cannot be directly linked to you on your computer to record data, to facilitate your further visits, to increase the efficiency of the service, to deliver targeted advertising or other targeted content to you, or for market research purposes. Depending on your browser, but typically in the Settings/Privacy menu, you can set it to prohibit the sending of cookies. If cookies are not accepted, however, some pages or functions may not work perfectly.

3.7. You have the right to receive your personal data provided to the data controller in a segmented, widely used, machine-readable format and - if this is technically possible - to request their direct transmission between data controllers, if the processing of your personal data is based on consent or a contract and the data management takes place in an automated manner (Data Portability).

3.8. The data controller reserves the right to unilaterally modify this data protection information in order to ensure that it always complies with the applicable legal requirements

4. Data security - data protection incident

4.1. As part of the data controller's or activity's scope, the data processor ensures the security of your data, takes the technical and organizational measures and develops the procedural rules necessary to enforce the data protection rules. The data is protected in particular against unauthorized access, alteration, disclosure or deletion, as well as against damage or destruction.

4.2. By using the service, you and the operator establish a connection via a communication device, the information is provided on an open network (internet). This requires compliance with increased control and safety requirements on the part of the operator. Accordingly, it strives to ensure that its service is also considered technically secure and, to this end, implements security measures in accordance with industry standards (e.g. use of firewalls, encryption protocols, etc.).

4.3. The important task of the Data Controller is to treat data protection incidents with appropriate weight. In the event of accidental or illegal destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data, the Data Controller shall report it to the data protection authority immediately, but no later than within 72 hours, unless the incident is likely to involve no risk.

5. Other data management

We would like to inform you that the court, the prosecutor's office and the investigative authority may contact the data controller in order to provide information, communicate and transfer data, or make documents available.

5. Amendment

The Data Controller reserves the right to unilaterally modify the Data Protection Notice with prior notification to you, which notification will take place on the website interface. After the amendment enters into force, by using the service, you accept the contents of the amended Data Management Notice.

6. Intended use

You are not entitled to use the website for other than the functions mentioned above. Illegal or unauthorized activities include, but are not limited to, the following:

- modification or reverse engineering of any part of the website;

- use of any automatic application, search robot, page finder or decryptor, or any other application that can be used to modify the website or any part of it;

- reformatting or editing any part of the website;

- creating or changing a user password using automatic methods or fraudulent or dishonest methods,

- access to data not intended for you or login to a server or identifier to which you are not authorized;

- it is forbidden to attempt to probe, spy or test the vulnerability of the system or the network, or to violate the system's security or authorization control measures without proper authorization.

7. Disclaimer

7.1. All information, data, definitions or descriptions appearing on the website are for your information only. The use of information and data appearing on the Data Controller's website is solely at your own risk and responsibility. The Data Controller regularly updates the data and information appearing on the website, but does not assume responsibility for their completeness, correctness or accuracy. The Data Controller is not responsible for data and information published by third parties in connection with its websites.

7.2. The Data Controller is not responsible for any damages that may arise in connection with the use of the website, its use, improper use or inability to use it, improper operation of the website, failure, malfunction, possible delay in the transmission of information, caused by a computer virus or other malicious code, they may arise from an error in the data transmission path, unauthorized changes to the data by anyone, or other reasons similar to those listed.

7.3. The Data Controller excludes all responsibility for the reliability, functionality or availability of the website. You use the website solely at your own risk, the Data Controller is not responsible for any damage that is the result of incorrect or faulty use or for property, non-property damage, consequential damage and lost profits that may result from the use of the site.

7.4. The Data Controller may or may not place links to the websites of third parties on the website, but does not assume any responsibility for the content and websites posted by third parties, nor is it liable for any damage resulting from the use of these websites. The terms of use of third-party service providers apply to the named pages and their use.

7.5. The Data Controller draws your attention to the fact that you may not transfer the use of services related to the use of the website to others, you are not entitled to transfer your rights to a third party by concluding an individual contract.

7.6. You are fully responsible for your use of any Services accessed through your password.

7.7. You are obliged to do everything you can to protect your personal data, especially the one-time password required to use the services provided by the Data Controller. You are responsible for all events and activities that took place using your login password.

7.8. The Data Controller does not check the personal data provided to him, and is not responsible for their authenticity. The person providing the data is solely responsible for the adequacy of the data provided. When you enter your e-mail address, you also assume responsibility for the fact that only you use the service from the e-mail address you provided. If you provided third-party data during subscription to the newsletter or registration, or caused damage in any way while using the website, the Data Controller is entitled to claim compensation from you.

7.9. The Data Controller assumes no responsibility for the successful management or resolution of reported problems. Its activities are limited solely to attempting to bring the reports to the attention of the relevant organization or office, and if feedback is received from the relevant body regarding a report, it will be made public.

7.10. Any user of the Data Controller's website who provides information to the Company using the website accepts that the Company has unlimited rights to such information, and that the Company may use such information in any way it chooses.

8. Compensation, compensation

You are responsible for compensating the Data Controller for damages of any nature (actual and consequential damages) resulting from improper use of the website or from violating the conditions specified in this Data Management Information.

9. Copyright protection, intellectual property rights

9.1. Due to the individual, original nature of the website's appearance, selection, arrangement and editing of its content, as well as the individual, original nature of the website, it is protected by international agreements, it is the property of the Data Controller, and the copyright holder is the Data Controller Company. Only BodyBalance4You-Egészségközpont Bt. is entitled to use, exploit and transfer the content of the website.

9.2. Without the prior written permission of the Data Controller, all or parts of the Content may not be duplicated, copied, republished or distributed in any form, unless the Data Controller clearly and specifically states that it allows any of these uses. It is also prohibited to create or modify any material or work arising from or based on the Content, including in particular the creation of fonts, icons, buttons, links, wallpapers, screensavers, text, images, graphics, logos, postcards, photos, audio and video materials, its unauthorized access, distribution, distribution and sale.

9.3. It is prohibited to modify, transform, or reproduce the whole or any element of the content, download, store, print for purposes other than your own personal use, use it in any way or form to create another website or any work, present, exhibit or distribute it for any purpose, for commercial purposes, business or to use, utilize, transfer or otherwise dispose of it for non-commercial purposes in any way and form.

9.4. The Data Controller reserves all rights regarding the website - with the exception of downloading, storing and printing for personal purposes. You must respect all copyright and other rights related to the Content, copyright infringement may have civil (Chapter XIII of Copyright Act LXXVI of 1999) and criminal (Chapter XXXVII of the Civil Code) consequences.

10. Rights of the data subject - legal remedies

10.1. If, despite your objection, you suffer a violation of rights in connection with the processing of your personal data, you may use the following legal remedies:

the. you can request information about the management of your personal data, as well as request the correction of your personal data.

b. upon request, we provide information about the data we manage or the data processed by the processor we commission, the purpose, legal basis, duration of the data processing, the name, address (headquarters) of the data processor and its activities related to the data processing, as well as who receives it and for what purpose the data. We will provide the information in writing in an understandable form as soon as possible, but no later than 30 days after the submission of the application.

c. we delete your personal data,

i. if its handling is illegal,

ii. if you request

iii. if the purpose of data management has ceased, or

arc. the statutory period for data storage has expired,

v. it was ordered by the court or the data protection commissioner.

d. We will notify you of the correction and deletion, as well as all those to whom we previously forwarded the data for the purpose of data management. The notification can be omitted if this does not harm the legitimate interests of the data subject in view of the purpose of the data management.

e. You can object to the processing of your personal data if

i. the processing (forwarding) of personal data is necessary only to enforce the rights or legitimate interests of the data controller or data recipient, unless the data processing is mandated by law;

ii. personal data is used or forwarded for the purpose of direct business acquisition, public opinion polls or scientific research;

iii. the exercise of the right to protest is otherwise permitted by law.

10.2. The Data Controller - with the simultaneous suspension of data management - will examine the objection as soon as possible, but no later than 15 days after the submission of the request, and will inform you in writing of the result. If the protest is justified, we will terminate the data management - including further data collection and transmission - and block the data, as well as notify all those to whom we have previously forwarded the personal data affected by the protest about the protest and the measures taken based on it. are obliged to take measures to enforce the right to protest.

10.3. Please note that we cannot delete your data if data management is mandated by law. However, the data cannot be forwarded to the data recipient if the data controller has agreed to the protest, or the court has established the legitimacy of the protest.

10.4. If you do not agree with the decision made, you can appeal to the court within 30 days of its notification.

10.5. In the event of a violation of your rights, you may choose to initiate legal proceedings before the court of your place of residence or residence. The court acts out of sequence in the case.

10.6. In addition to the above, you can initiate an investigation by filing a report with the National Data Protection and Freedom of Information Authority, citing that a violation of rights has occurred in connection with the management of your personal data, or there is a direct risk of such violation:

11. Judicial enforcement; compensation; damages

11.1. In the event of a violation of their rights, the data subject may go to court against the Data Controller.

If the Data Controller causes damage to others by illegally handling the data subject's data or by violating data security requirements, it is obliged to compensate them.

If the Data Controller violates the data subject's right to privacy by illegally handling the data subject's data or violating data security requirements, the data subject may demand damages from the Data Controller.

11.2. By filing a report with the National Authority for Data Protection and Freedom of Information (NAIH), anyone can initiate an investigation with reference to the fact that a violation of rights has occurred in connection with the handling of personal data, or there is an immediate risk of such violation.

NAIH contact details:

postal address: 1530 Budapest, Pf.: 5.

address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c

Phone: +36 (1) 391-140

Fax: +36 (1) 391-1410



12. Concepts used in this Privacy Notice

Affected:any natural person identified or - directly or indirectly - identifiable on the basis of specific personal data

personal data:the data that can be linked to the data subject - in particular the data subject's name, identification mark, and one or more physical, physiological, mental, economic, cultural or social identity characteristics - as well as the conclusion about the data subject that can be drawn from the data;

special data:data relating to racial origin, belonging to a national and ethnic minority, political opinion or party affiliation, religious or other worldview beliefs, interest representation organization membership, health status, pathological passion, sexual life, as well as criminal personal data.

contribution: the voluntary and decisive declaration of the data subject's will, which is based on adequate information, and with which he gives his unequivocal consent to the processing of his personal data - in full or covering certain operations

protest:the statement of the data subject objecting to the processing of his personal data and requesting the termination of data processing or the deletion of the processed data

data manager:the natural or legal person or organization without legal personality who, independently or together with others, determines the purpose of data management, makes and implements decisions regarding data management (including the device used), or has them implemented by the data processor

data handling:regardless of the procedure used, any operation performed on the data or the set of operations, including in particular the collection, recording, recording, organization, storage, change, use, query, transmission, disclosure, coordination or connection, locking, deletion and destruction of the data, as well as preventing its further use, taking photographs, audio or video recordings, and recording physical characteristics suitable for identifying the person (e.g. fingerprint or palm print, DNA sample, iris image);

data transfer:making the data available to specific third parties;

data deletion:rendering the data unrecognizable in such a way that its recovery is no longer possible;

data lock:providing the data with an identification mark for the purpose of limiting its further processing for a definitive or specified time;

data destruction:complete physical destruction of the data carrier containing the data

data processing:performing technical tasks related to data management operations, regardless of the method and tool used to perform the operations, as well as the place of application, provided that the technical task is performed on the data

data processor:the natural or legal person or organization without legal personality who, or on the basis of which contract - including contracts concluded under the provisions of the law - performs data processing

data file:the totality of the data managed in one register

third person:a natural or legal person, or an organization without legal personality, who is or is not the same as the data subject, the data manager or the data processor.

EEA State:a member state of the European Union and another state party to the Agreement on the European Economic Area, as well as the state whose citizen is a citizen of the European Union and its member states, and a state party to the Agreement on the European Economic Area based on an international treaty concluded between a state that is not a party to the Agreement on the European Economic Area enjoys the same legal status as a citizen of a state

third country:any non-EEA state.

13. Current legislation on data management

- CXII of 2011 on the right to information self-determination and freedom of information. law,

- the European Parliament and Council (EU) 2016/679 no. General Data Protection Regulation (April 27, 2016) GDPR.

- Act V of 2013 - on the Civil Code (Ptk.);

- CLV of 1997. law - on consumer protection (Fgytv.);

- XIX of 1998 law - on criminal procedure (Be.);

- Act C of 2000 - on accounting (Accounting Act);

- CVIII of 2001 Act - on certain issues of electronic commercial services and services related to the information society (Eker. tv.);

- Act C of 2003 - on electronic communications (Eht.);

- CXXXIII of 2005 Act - on the rules for the protection of persons and property, as well as private investigative activities (SzVMt.);

- XLVIII of 2008 Act - on the basic conditions and certain limitations of economic advertising activity (Grt.),

- 2012 CLIX. law - on postal services (Postatv.).

- CLXV of 2013 on complaints and announcements of public interest. law (Pktv.)

If you have any questions about our company's data management, please contact us.

14. Data management related to the operation of the electronic asset protection system

Purpose of data management

For asset protection purposes, BodyBalance4You operates and operates a camera system in the BodyBalance4You Health Center (1038 Budapest, Kázmér utca 4), in the customer waiting rooms and in the passers-by. Cameras were not placed in the examination and order rooms and changing rooms.

Legal basis for data management

The legal basis for data management is the consent of the person concerned, which is given by entering the premises monitored by the camera, and the legitimate interest of the BodyBalance4You Health Center in property protection.

Scope of affected personal data

In this context, the personal data managed by BodyBalance4You is the photograph taken of the person concerned, the behavior of the person concerned in the picture, and the time when the picture was taken.

The person operating the electronic monitoring system:

Balázs Melinda

Location and duration of storage of the recording
Xiaomi camera software application, which communicates from an SD card (64Gb), approx. The storage period is 14 days. The system deletes the history if the entire storage space is used.

Data security measures related to the storage of recordings; Xiaomi account protects access to the camera system

Duration of data management; deletion

The recordings are made by trehab physiotherapy in accordance with CXXXIII of 2005 on the rules for the protection of persons and property, as well as private investigative activities. based on the law, in the absence of official or judicial use, approx. It is automatically deleted after 14 days.

Recipient categories, data transfer

BodyBalance4You only forwards the camera recordings to the authorities and courts defined by law, upon their official inquiry or invitation, based on the law.

Consequence of failure to provide data

In the event of a failure to provide data, services cannot be provided at health service locations where cameras have been placed.

Unauthorized persons may not access the recordings, only authorized employees and contributors of BodyBalance4You, to the extent necessary for the performance of their duties. You, as an affected person, can request that BodyBalance4You not destroy the recordings, pending a court or authority inquiry, but for a maximum of 30 days, if it is necessary to assert your right or legitimate interest (e.g. to reveal the circumstances of a possible crime). You, as the data subject, can only request a copy of a recording in which no other person appears or is unrecognizable.

Rights of data subjects:

1. (Right of access:
Since any number of data subjects can be captured on the same video camera surveillance recording, filtering would result in further processing of the personal data of other data subjects. It may adversely affect the rights and freedoms of other data subjects in the video recording if the data subject wishes to receive a copy of the recording (Article 15 (3)). In order to avoid this, the data controller must therefore take into account that in some cases it may not be possible to release the video recording due to its high impact on the private sector, if other data subjects can be recognized on it. However, the protection of the rights of third parties cannot be used as an excuse for denying the rightful demand of individuals for access, therefore the data controller is required to use technical measures (such as image editing, including masking or distortion) for such cases in order to fulfill the access request. However, data controllers are not obliged to implement such technical measures if they can otherwise ensure that they can respond to a request under Article 15 within the time limit provided for in Article 12 (3). )
2. Right to erasure
The right to erasure (the right to be forgotten) If the data controller continues to process personal data beyond real-time monitoring (e.g. through storage), the data subject may request the erasure of personal data in accordance with Article 17 of the General Data Protection Regulation. Based on the request, the data controller is obliged to delete the personal data without undue delay if one of the circumstances listed in Article 17 (1) of the General Data Protection Regulation exists (and none of the exceptions listed in Article 17 (3) of the General Data Protection Regulation is applicable ). This scope also includes the obligation that personal data must be deleted if they are no longer needed for the purpose for which they were originally stored, or if the data management is unlawful (see also Article 8 chapter [Duration of data storage and obligation to delete]). In addition, depending on the legal basis of the data management, personal data must be deleted: - in the case of consent: if the consent is withdrawn (and there is no other legal basis for the data management); - in connection with a legitimate interest: if the data subject exercises his right to object, and there is no overriding, compelling legitimate reason for the data processing; or in the case of direct business acquisition In relation to video camera surveillance, it is worth noting that personal data are considered deleted under the General Data Protection Regulation if, for example, the image is obscured in such a way that the personal data previously visible in the image cannot be retrieved retroactively. - in the case of consent: if the consent is withdrawn (and there is no other legal basis for data processing); - in connection with a legitimate interest: if the data subject exercises his right to object, and there is no overriding, compelling legitimate reason for the data processing; or in the case of direct business acquisition In relation to video camera surveillance, it is worth noting that personal data are considered deleted under the General Data Protection Regulation if, for example, the image is obscured in such a way that the personal data previously visible in the image cannot be retrieved retroactively. - in the case of consent: if the consent is withdrawn (and there is no other legal basis for data processing); - in connection with a legitimate interest: if the data subject exercises his right to object, and there is no overriding, compelling legitimate reason for the data processing; or in the case of direct business acquisition In relation to video camera surveillance, it is worth noting that personal data are considered deleted under the General Data Protection Regulation if, for example, the image is obscured in such a way that the personal data previously visible in the image cannot be retrieved retroactively.
3. The right to protest:
Pursuant to Article 21 of the General Data Protection Regulation, the data subject has the right to object at any time for reasons related to his own situation. If the data controller does not prove the existence of compelling legitimate reasons that take precedence over the rights and interests of the data subject, it must stop processing the data of the objecting individual.

15. Final Provisions

1.Placing an electronic order on the website

The Customer confirms that he has been informed about all the circumstances of the protection of personal data and fully accepts them;

2.The Customer accepts these rules by ticking the box on the order form, and also accepts our cancellation policy in thebb4you.naptar@gmail.comby clicking on "accept" for the event. Cancellation policy:

3.The Operator may update these rules at any time. A new, updated version is available on the public website.

Our contact details:

Managing Director: EV Balázs Melinda.

Headquarters: 1038 Bp, Kázmér utca 4

Location: 1038 Bp, Kázmér utca 4

Phone number: +36-20-417-9241

E-mail address:

Budapest, May 2019

BodyBalance4You-Health Center

© BodyBalance4You-Health Center

1038 Budapest, Kázmér utca 4 ------+36204179241


  • Hungarian
  • English