Last updated: 1 March 2026 · Version 1.0
Introduction
Our Commitment to Your Privacy
The BudaMed 2026 conference — Budapest International Conference on AI in Medical Education & Health Care — is organised by Avicenna International College (hereinafter "AIC", "we", "our", "the Organiser"), a duly registered educational institution in Budapest, Hungary. We are fully committed to protecting the privacy and personal data of all individuals who interact with our conference website, registration systems, and related digital services.
This Privacy Policy describes how we collect, process, store, protect, and share personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (the Hungarian Information Act), and all applicable Hungarian data protection legislation.
By accessing this website, submitting a registration or abstract, or otherwise engaging with BudaMed 2026 digital services, you acknowledge that your personal data may be processed in accordance with the terms of this Policy.
Summary: We collect only the data necessary to operate the BudaMed 2026 conference. We do not sell personal data to third parties. All data is processed in accordance with GDPR and Hungarian law, and you retain full rights over your information at all times.
Section 1
Data Controller
The Data Controller responsible for personal data collected through the BudaMed 2026 website and conference registration systems is:
- Organisation: Avicenna International College (AIC)
- Address: 1089 Budapest, Orczy Street 3–5, Hungary
- Conference contact: [email protected]
- Institutional contact: [email protected]
- Telephone: +36.30.823.75.92
Avicenna International College assumes full responsibility as Data Controller for all personal data collected in connection with the planning, promotion, registration, and delivery of the BudaMed 2026 conference.
Section 2
Categories of Personal Data We Collect
Depending on how you interact with BudaMed 2026, we may collect the following categories of personal data:
Registration and Attendance Data
- Full name, professional title, and academic affiliations
- Email address, telephone number, and postal address
- Country of residence and nationality (for delegate statistics)
- Dietary requirements or accessibility needs where voluntarily provided
- Participation type (in-person, virtual, speaker, poster presenter)
Abstract and Paper Submissions
- Author names, institutional affiliations, and correspondence details
- Abstract content and research keywords
- Preferred presentation format and thematic track selection
Technical and Usage Data
- Internet Protocol (IP) address and geographic region
- Browser type, version, and operating system
- Pages visited, session duration, and referral source
- Device identifiers and cookie data (see Section 10)
Communication Data
- Contents of enquiries submitted via contact forms or email
- Correspondence relating to sponsorship, exhibition, or speaker proposals
Section 3
How Personal Data Is Collected
Personal data is collected through the following channels:
- Online delegate registration forms and payment processing
- Abstract and full paper submission portals
- Sponsorship, exhibition, and workshop proposal enquiry forms
- Email correspondence directed to conference organisers
- Newsletter and programme update subscription forms
- Automated technical collection via website analytics and cookies
- On-site accreditation and registration processes during the event
We will always make clear at the point of data collection what information is required and for what purpose it will be used. Mandatory fields are clearly indicated in all forms.
Section 4
Purpose & Legal Basis for Processing
We process personal data only for defined, lawful purposes. The following table describes the purposes and their corresponding legal bases under GDPR:
Conference Management and Delivery
Processing registrations, issuing confirmation documents, managing delegate accreditation, CPD certificates, and on-site logistics. Legal basis: Performance of a contract (Article 6(1)(b) GDPR).
Abstract Review and Scientific Programme
Evaluating submitted abstracts and papers, communicating acceptance decisions, and scheduling presentations. Legal basis: Performance of a contract; legitimate institutional interests (Article 6(1)(b) and (f) GDPR).
Communication and Programme Updates
Sending registered delegates information about the conference programme, logistical updates, and post-event materials. Legal basis: Performance of a contract; legitimate interests (Article 6(1)(b) and (f) GDPR).
Marketing and Promotional Activities
Where you have provided explicit consent, sending promotional communications about BudaMed 2026 or future related conferences. Legal basis: Explicit consent (Article 6(1)(a) GDPR). Consent may be withdrawn at any time.
Legal Compliance
Meeting obligations under Hungarian law, EU regulations, and applicable academic and financial reporting requirements. Legal basis: Compliance with legal obligations (Article 6(1)(c) GDPR).
Website Operation and Security
Maintaining website functionality, monitoring for security incidents, and improving user experience through analytics. Legal basis: Legitimate interests (Article 6(1)(f) GDPR).
Section 5
Data Retention
Personal data is retained only for as long as is necessary to fulfil the purposes described in this Policy or as required by applicable law. Our standard retention periods are as follows:
- Delegate registration and attendance records: retained for 5 years following the conference for academic record-keeping and CPD certification purposes
- Abstract and paper submission data: retained for 7 years in accordance with academic publishing standards and institutional records requirements
- Financial transaction records: retained for 8 years in accordance with Hungarian accounting legislation (Act C of 2000 on Accounting)
- General enquiry and correspondence data: retained for 2 years from the date of last communication
- Website technical and analytics data: retained for 13 months in accordance with standard analytics practice
- Marketing consent records: retained for 3 years from the date consent was provided, or until withdrawn
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised in accordance with appropriate data destruction standards.
Section 6
Data Sharing and Third Parties
We may share personal data with carefully selected third parties only where necessary and on a strictly limited basis:
Academic and Scientific Partners
Abstract review committees, scientific programme chairs, and partner universities involved in the peer review process may access author information and submission content solely for the purpose of programme evaluation.
Service Providers
Trusted technology and event management service providers operating under binding data processing agreements, including: registration platform providers, email communication systems, payment processors, and on-site event logistics partners. All such providers are contractually obligated to process data exclusively on our instructions and to maintain appropriate security standards.
Regulatory and Legal Authorities
Where required by law, Hungarian educational authorities, tax authorities, or law enforcement bodies may receive personal data. Disclosure will only occur to the minimum extent legally required.
Conference Publications
Where authors have consented to publication, names, institutional affiliations, and abstract content may appear in the conference programme, proceedings, or related academic publications.
We do not sell, rent, or trade personal data to any commercial third party under any circumstances. All data sharing arrangements are governed by appropriate legal agreements and are limited to the specific purposes described above.
Section 7
International Data Transfers
BudaMed 2026 is an international conference and may involve delegates, speakers, and reviewers from outside the European Union. Personal data is primarily processed and stored within the European Economic Area (EEA).
Where it becomes necessary to transfer personal data outside the EEA — for example, in communicating with internationally based speakers or academic partners — we ensure that such transfers are subject to appropriate safeguards as required by Chapter V of the GDPR. These safeguards may include:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Transfers to countries recognised by the European Commission as providing an adequate level of data protection
- Explicit consent of the data subject for specific transfers
Section 8
Data Security
Avicenna International College and the BudaMed 2026 Organising Committee implement appropriate technical and organisational security measures to protect personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures include:
- Encrypted data transmission using industry-standard TLS/HTTPS protocols
- Access controls restricting personal data to authorised personnel only
- Secure server infrastructure hosted within the European Union
- Regular security assessments and staff data protection training
- Documented incident response and data breach notification procedures
In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of individuals, we will notify the Hungarian National Authority for Data Protection and Freedom of Information (NAIH) within 72 hours of becoming aware of the breach, in accordance with Article 33 of the GDPR. Where the breach is likely to result in a high risk to individuals, affected data subjects will also be informed without undue delay.
While we apply stringent safeguards, no system of electronic data transmission or storage is entirely immune from risk. Delegates are encouraged to exercise reasonable caution when submitting sensitive personal information through any digital channel.
Section 9
Your Rights Under GDPR
As a data subject under the GDPR and Hungarian data protection law, you are entitled to exercise the following rights with respect to your personal data. We will respond to all valid requests within one calendar month of receipt.
Right of Access
You may request a copy of the personal data we hold about you and information about how it is being processed.
Right to Rectification
You may request correction of any inaccurate or incomplete personal data held on your behalf.
Right to Erasure
You may request deletion of your personal data where there is no overriding legal basis or legitimate reason for its continued retention.
Right to Restriction
You may request that we restrict the processing of your personal data in certain defined circumstances.
Right to Data Portability
Where processing is based on consent or contract, you may request your data in a structured, commonly used, machine-readable format.
Right to Object
You may object to processing based on legitimate interests, including direct marketing activities, at any time.
Right to Withdraw Consent
Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
Right to Lodge a Complaint
You have the right to submit a complaint to the NAIH or to the competent supervisory authority in your country of residence.
You also retain the right to lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH): Falk Miksa utca 9-11, 1055 Budapest · naih.hu
Section 10
Cookies and Tracking Technologies
The BudaMed 2026 website uses cookies and similar tracking technologies to ensure proper functionality, improve user experience, and gather anonymous statistical data on website usage. A cookie is a small text file placed on your device when you visit a website.
Categories of Cookies Used
- Essential cookies: Required for the website to function correctly, including maintaining session state and enabling secure registration processes. These cookies cannot be disabled.
- Analytics cookies: Used to collect anonymous data on how visitors interact with the website, including pages viewed and session duration. This data is used exclusively to improve the website experience.
- Preference cookies: Store your settings and preferences to provide a more personalised experience on return visits.
- Third-party cookies: Certain pages may embed content from third-party services (such as maps or video platforms) that set their own cookies. We have no control over these cookies and recommend reviewing the relevant third-party privacy policies.
Upon your first visit to the BudaMed 2026 website, you will be presented with a cookie consent notice permitting you to accept all cookies, accept essential cookies only, or adjust your preferences. You may modify your cookie preferences at any time through your browser settings.
Section 11
User-Submitted Content
Where the BudaMed 2026 website or related platforms invite users to submit content — including abstracts, comments, testimonials, or other contributions — the following terms apply:
You retain all intellectual property rights in content you submit. By submitting content, you grant the BudaMed 2026 Organising Committee a non-exclusive, royalty-free licence to publish, reproduce, and distribute that content in connection with the conference, its proceedings, and promotional materials. We reserve the right to edit, moderate, or decline to publish submitted content at our discretion.
You must not submit content that is defamatory, misleading, infringing of third-party intellectual property rights, or otherwise unlawful. The Organising Committee reserves the right to remove any content that violates these requirements without prior notice.
Section 12
Children's Privacy
BudaMed 2026 is a professional academic conference directed exclusively at adult participants. This website and its digital services are not intended for use by individuals under the age of 18.
We do not knowingly collect personal data from minors. If we become aware that personal data has been inadvertently collected from an individual under the age of 18, we will take immediate steps to delete such data from our systems. If you are a parent or guardian and believe that a minor has submitted personal information through our website, please contact us immediately at [email protected].
Section 13
Third-Party Websites and Links
The BudaMed 2026 website may contain links to external websites operated by partner institutions, academic publishers, or other third parties. These links are provided for informational purposes only. We are not responsible for the content, privacy practices, or data processing activities of any third-party website.
We strongly encourage you to review the privacy policies of any external website you visit via a link from our platform. Your interactions with third-party websites are governed solely by their respective terms and policies.
Section 14
Updates to This Policy
This Privacy Policy may be revised periodically to reflect changes in applicable law, our data processing practices, or the structure of the conference organisation. Any material updates will be published on this page with a revised effective date.
Where changes are significant, we will notify registered delegates by email. Continued use of the BudaMed 2026 website following publication of an updated Privacy Policy constitutes acknowledgment of and agreement with the revised terms.
We recommend reviewing this Policy periodically to remain informed of how your personal data is being protected.
