DISCLOSURE TEXT ON THE PROCESSING AND PROTECTION OF PERSONAL DATA
Smart Fue Istanbul Health Service. Ind Trade Co. Ltd. as the data controller (“Smart Fue Istanbul”), we attach great importancae to the protection of your personal data within the scope of the Personal Data Protection Law No. 6698 (“Law”) and related sub-legislation, as well as in accordance with the GdpR (General Data Protection Regulation). Clarification Text (“Text”) on the Processing and Protection of this Personal Data has been prepared in order to enlighten you about the sources from which we obtain your personal data, our legal reasons for obtaining and processing personal data, for what purposes we process your personal data, whether we transfer personal data and to whom we transfer it, and your legal rights. Smart Fue Istanbul processes your personal data in accordance with the law and prevents the unlawful processing and unlawful access of your personal data, and has taken all necessary technical and administrative measuresto ensure the appropriate level of security in order to ensure the protectionof personaldata.
PEOPLE WE PROCESS DATA FROM
Smart Fue Istanbul, as a data controller, processes personal data limited to the following groups of persons.
Our workers,
Our Labor Candidates (including the references declared by job applicants)
Our Interns and On-The-Job Training Trainees,
Our patients,
Persons interviewed and contacted for diagnosis, treatment or to receive such services,
Relatives and companions of the patients,
Parties to all kinds of commercial activities or authorized or employees of persons or companies to whom we cooperate or cooperate due to commercial activity (Procurement, advertising, support, marketing, accommodation, transportation, reference sources, etc.)
Shareholders or persons interviewed for shareholders,
Legal Advisors, Lawyers and Consultants or authorized or employees of consulting companies,
Visitors
Legal representatives, parents, guardians or guardians of all data owners
Persons who are parties to legal processes and their legal representatives
3rd parties with whom we have contacted our company without any commercial or legal connection.
PERSONAL DATA WE PROCESS
Smart Fue Istanbul, as the data controller, processes the following personal health data, general and private personal data according to the principles of “compliance with the law”, “necessity”, “suitability for purpose” and “limitation”.
Identity Data
The name and surname, nationality, T.C. identification number of the persons to be processed, passport number and information in case of non-Turkish citizenship or temporary TC identification number, place and date of birth, marital status, gender information are all data related to identity.
Communication Data
Residence address, correspondence address, mobile phone number, e-mail address, such as all data related to communication.
Audio and Visual Data
The data of the person who is recorded in this scope are the video and audio recordings taken by the company’s security cameras with the closed circuit camera system, the audio call recordings held if you contact our call center, the confirmation and proof that promotion, research, medical or aesthetic/cosmetic procedures have been performed with special written consent and consent, or the person data recorded in order to convince other patient candidates to perform medical processing.
Personal Data
Data obtained in accordance with the law or employment contract regarding the personal transactions of workers such as the starting date, wages, number of working days per month.
Training Data
Data on training status for workers, prospective workers, interns or on-the-job training trainees or other persons involved in the company.
Business and Professional Data
All data on work or occupation in terms of workers, prospective workers, interns or on-the-job training trainees or other persons involved in the company. (Including professional experience, diploma, course data)
Comment and Complaint Data
It is the comment and complaint data transmitted to our Company through the website or through other channels in order to evaluate the services we provide.
Location or Location Data
It is the address or location data that people transmit by any means and voluntarily.
Transaction Security Data (IP Data and Cookies)
IP address, browser information, website login and password information,(Mac ID, IP address information, website login and password information) are covered.
Law Data
All data and enforcement data regarding the plaintiff and defendants of the persons. Data related to workers working in the company and any person who has a case or enforcement action with the company.
Financial Data
Data of individuals, such as bank account number and IBAN number. It is the data requested and processed in terms of the workers working in the company and the patients receiving services from the company.
Health Data
Laboratory and imaging results, medical test results, blood type, examination data, prescription information, which should be followed up in medical files for legal reasons, all kinds of health data obtained during the execution of medical diagnosis, treatment and care services. In addition, the health report and other medical documents contained in the workers’ personal file are also covered.
Vehicle License Plate Data
Vehicle license plate data is included in this scope if the company’s parking or private valet service is used.
Customer Transaction Data
Call center records, invoices, promissory notes, checks, toll booth receipts, order information, request information, etc. are the data in this scope.
Disguise Data
Body data, etc. fixtures, uniforms, materials and shoe numbers, etc. are covered.
Biometric Data
This includes palm information, fingerprints, retinal scans, facial recognition, etc.
Risk Management Data
This includes the data processed for managing commercial, technical and administrative risks.
Physical Space Safety
Employee and visitors’ login and exit recording information, security camera recordings are the data in this scope.
Association, Foundation and Union Data
Association and foundation data may be required in social responsibility and workplace organizations, and union data may be required during union dues deduction.
III.PROCESSING OF PERSONAL DATA
- OBTAINING PERSONAL DATA
1.Through which channels and how personal data is collected
Your Personal Data;
1.2.As a result of the interview with our call center,
1.3.As a result of the interview made through the live support application on our website,
1.4. As a result of the meeting to be made by reaching Smart Fue Istanbul doctors or their relevant staff by phone WhatsApp Application or e-mail,
1.5. As a result of communication established via phones used by Smart Fue Istanbul marketing and promotion personnel or via SMS or WhatsApp etc. applications,
1.6. If you applyto Smart Fue Istanbul, as a result of your conversations with doctors or related staff via telephone, SMS or WhatsApp, etc.,
1.7. If you applyto Smart Fue Istanbul, as a result of face-to-face meetings with doctors or related personnel,
1.8. Personal data are included on the contract and other commercial activity documents of the persons and company officials or employees who have business relations as a requirement of commercial activity,
1.9.As a result of the presence of personal data on the contract and other commercial activity documents of our Legal Advisors, Lawyers and Consultants or authorized or employees of consulting companies,
1.10.As a result of the applications made through panels such as “contact us” or “get information” through the promotion and advertising made through social media,
1.11.As a result of requesting a mobile phone number for personal data and encryption requested by the legislation in order to connect to the broadcast in the broadcast of the wireless network (Wi-Fi) for guests within the scope of wireless Internet service,
1.12.Obtaining data in the form of saving MAC ID (Device Credential) from the logins to the website,
1.13. If we contactSmart Fue Istanbul without commercial or legal connection or if we are contacted, 3rd parties may have personal data on the communication platforms,
1.14.Similarly, through other legal data acquisition,
it is obtained from channels such as.
- PURPOSES FOR PROCESSING PERSONAL DATA AND LEGAL REASONS
1.Purposes for The Collection and Processing of Personal Data
Your above-mentioned personal data and your personal data of special quality will be processed for the following purposes.
1- Fulfillment of legal obligations and the execution of all kinds of work within the legal framework,
2-Fulfillment of the provisions of the Convention,
3-Provision of Health Services (Medical or medical/cosmetic diagnosis, examination, treatment and execution of all kinds of care services)
4-Commercial activity and operating requirements,
5-Sectoral (health) requirements;
5.1. Protection of public health, preventive medicine, medical diagnosis, treatment and maintenance services, whether sick or not,
5.2. Sharing the information requested by the Ministry of Health and all other relevant governmental institutions and organizations in accordance with the health legislation,
5.3. Financing of your health services by patient services, financial affairs, marketing departments, covering the costs of examination, diagnosis and treatment,
5.4. Informing patients about the appointment through the customer representative, call center and other channels,
5.5. Patient services, identification confirmation by other operations units,
5.6. Measuring, increasing and researching patient satisfaction by hospital management, patient rights, patient experience departments,
5.7.Billing by patient services, financial affairs, marketing departments,
5.8.To be able to answer all kinds of questions and complaints related to our health services by hospital management, patient rights and call center, patient relations department,
6.Technical requirements;
6.1. Call center, patient relations, planning and management of internal functioning of the institution by the hospital management,
6.2.Research and analyses carried out by service delivery quality, patient experience, itning departments in order to improve the quality of health services,
6.3. Training of workers by human resources management and quality departments,
6.4.Monitoring and blocking of abuse or unauthorized transactions by the internal audit and information processing department,
6.5.Quality, performance of risk management and quality improvement activities by computing departments,
6.6. Taking all necessary technical and administrative measures within the scope of data security by the hospital management and itany department,
6.7. To provide the necessary communication by the officials in order to fulfill transportation, accommodation and incentive services within the scope of health tourism,
6.8. Providing participation and campaign information to campaigns by patient relations, marketing, call center, department, designing and transmitting special content, concrete and abstract benefits on the Web and other mobile channels, social media,
6.9. To be able to carry out the education and activities of the educational institutions with which the institution cooperates,
- Legal Reasons for The Collection and Processing of Personal Data
Your personal data mentioned above and your personal data of special quality;
Health Services Basic Law No. 3359,
Decree no. 663 on the Organization and Duties of the Ministry of Health and its Subsidiaries,
Personal Data Protection Law No. 6698,
Regulation on Private Hospitals,
Regulation on the Processing of Personal Health Data and Protection of Privacy
Identity Notification Law No. 1774,
Labor Law No. 4857,
Social Insurance and General Health Insurance Law No. 5510,
It will be processed for legal reasons.
Personal data related to health and sexual life, as stated in Article 6 of the Law No. 6698, can only be processed by persons or authorized institutions and organizations under the obligation to keep secrets for the purposes of protecting public health, carrying out preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing, without seeking the explicit consent of the relevant person.
C.TRANSFER OF PERSONAL DATA
Your personal data,
Health Services Basic Law No. 3359,
Decree no. 663 on the Organization and Duties of the Ministry of Health and its Subsidiaries,
Personal Data Protection Law No. 6698 and all relevant sub-legislation,
Regulation on Private Hospitals,
Regulation on the Processing of Personal Health Data and Protection of Privacy
Identity Notification Law No. 1774,
Labor Law No. 4857,
Social Insurance and General Health Insurance Law No. 5510,
Within the framework of its provisions and for the purposes described above;
Ministry of Health, ministry sub-units and family medicine centers,
Private insurance companies (health, pension, life insurance and so on),
Social Security Institution,
Ministry of Family Work and Social Policies,
General Directorate of Police and other law enforcement agencies,
General Directorate of Population Citizenship Affairs,
Other authorized governmental institutions and organizations,
Turkish Pharmacists Association,
Judicial authorities, enforcement agencies, mediators,
Laboratories, medical centers, ambulances, medical devices and health services in turkey or abroad where we cooperate for medical diagnosis and treatment,
Health institution to which the patient is referred or the patient himself applies,
Legal representatives, guardians and guardians authorized in writing
All natural or legal third parties receiving consultancy services, including lawyers, tax advisors and auditors we work with under the contract,
Regulatory and supervisory institutions and official authorities,
Companies within the group of companies to which our Hospital is affiliated,
Banks where our company or patient or workers have accounts of persons who are associated with our company in accordance with any contract,
Private pension companies working under the compulsory or voluntary BES (Private Pension System),
Our suppliers, support service providers, archive service providers and business partners whose services we use or cooperate with (you can get information by contacting our hospital in writing for more detailed information.)
To our business partners and business contacts,
To our shareholders and to real or legal persons who have been interviewed
Outsourcing service providers,
Cargo or courier companies,
Air, land or sea passenger carriers,
Can be shared with .
IV.OUR MEASURES AND COMMITMENTS TO PROTECT PERSONAL DATA
Smart Fue Istanbul, as the data controller, protects your personal and private data of the above mentioned personal and special quality with great sensitivity in physical and electronic environments and by taking all kinds of administrative and technical measures in full compliance with the provisions of the legislation.
Smart Fue Istanbul has taken all administrative and technical measures to protect your personal data, as it has registered with VERBİS and included in its Personal Data Inventory.
Smart Fue Istanbul is committed to protecting all personal data. Technical and administrative measures to ensure the appropriate level of security are carried out using various methods and security technologies in order to prevent the unlawful processing and access of personal data and to ensure the protection of personal data.
Smart Fue Istanbul will not disclose the personal data obtained to anyone else in violation of the provisions of the Personal Data Protection Law No. 6698 and will not use it for any purpose other than for processing purposes.
Smart Fue Istanbul has prepared and signed all warnings or declarations of consent, commitments and implemented the necessary multifaceted audit activities for the situations where it is mandatory and necessary to share (transfer) personal data with outsourcing service servers and suppliers, consultants or lawyers.
V.PROCESSING OF PERSONAL DATA COLLECTED ON COOKIES
Smart Fue Istanbul does not place cookies on its website. During the use of our website and mobile application, IP address, browser information. (Mac ID, IP address information, website login and password information) are not received.
VI.YOUR RIGHTS TO PROTECT PERSONAL DATA
In accordance with Article 11 of the Personal Data Protection Law, you can exercise your rights in the processing and protection of your personal data by applying to Smart Fue Istanbul as a Data Controller by the following means, provided that you prove your identity.
A.YOUR RIGHTS WITH YOUR PERSONAL DATA
- Whether your business data is processed or not,
2.Requesting information about your business data if it is processed,
- The purpose for which your private business data is processed and the use of the min accordance with the purposes of theuse of the
- To know the second person forward that your business data is transferred in the dormitory or abroad,
- Request that personal data be damaged if in complete or in adcurable
- Requesting the deletion or destruction of personal data,
- If your business data has been transferred to these cond person, you may not be ̂ your business data incomplete or inaccurate, and request that the three related to the deletion or destruction of the personal data be notified and transmitted to the relevant threepersons,
8.Objecting to the conclusion of the person himself by analyzing the data obtained in the form of automated systems,
- To request compensation for damages in cases of damages due to the processing of personal data in accordance with the law,
rights.
You may request the destruction (deletion, destruction or anonymization) of your personal data within the framework of the conditions stipulated in Article 7 of the Personal Data Protection Act. However, by evaluating your extermination request, which method is appropriate will be evaluated by our company according to the conditions of the concrete event. In this context, you can always request information about why we choose the method of destruction we choose.
Personal data collected about persons under the age of 18 are limited to their first name, surname, age and degree of proximity and may only be provided to us by the relevant adult (guardian or guardian).
SITUATIONSOUTSIDE THESCOPEOF THE RIGHTTO HIT
In accordance with Article 28 of the Personal Data Protection Act, personal data owners will not be able to assert their application rights as the following conditions are excluded from the scope of the KVK Law:
Processing personal data with purposes such as research, planning and statistics by anonymizing it with official statistics.
Not to violate or criminalize the national defense of personal data, national venity, public venity, public sector, economic security, privacy or personal rights for art, history, literature or scientific purposes or within the scope of freedom of expression.
The national defense of personal data, national̂, venity, public power, public health or economic security, aswell as the public, which is authorized by law, to to work within the scope of the activities of the institution sand organizations.
Processing of personal data by judicial authorities or execution authorities in relation to questioning, firing, trial or execution.
In accordance with paragraph 28 of the Personal Data Protection Act, it is not possible to assert the rights in the following cases, except for the right to claim compensation for the damages:
The criminal processing of the person’s business data processing is required to be carried out or to conduct a criminal inquiry,
Processing of personal data made available by the person concerned,
Based on the authority granted by the law of the private data processing, the revs of the revised and authorized public institutions and organizations and the professional organizations in the public institution are subject to the disciplinary questions or firings are required,
It is necessary to protect the economic and financial profits of the State in relation to these ,tax and financial issues of the business data processing.
- WAYS TO CONTACT OUR COMPANY TO EXERCISE YOUR RIGHTS
Your rights under the Personal Data Protection Act;
1-Our company’s “www.thesmartfueistanbul.com” by filling out the Application Form on the Protection of Personal Data at the website,
2-Our company has its headquarters in Yeşilçimen St. Fulya Polat Tower Residence No:445 Şişli/Istanbul, filled out the Application Form on the Protection of Personal Data to be obtained from the Human Resources Management department and delivered it in person for signature,
3-By sending a letter through the notary,
4- info@thesmartfueistanbul.com by sending e-mail to the registered e-mail address with secure electronic or mobile signatures to com Mail,
You can use it.
According to the nature of your request and the method of application, additional verifications (such as sending a message to your registered phone, calling) may be requested by the Company to determine whether the application is yours and thus to protect your rights. For example, if you apply through your registered e-mail address, you may be contacted using another communication method registered with the Company and may be asked to determine whether the application is yours.
Your requests in your application will be finalized free of charge as a rule within thirty working days at the latest, depending on the nature of the request. However, if the transaction requires a separate cost for the Company, a fee not exceeding TL 50 (Fifty) may be charged by the Personal Data Protection Authority as stated in the Communiqué on the Procedures and Principles of Application to the Data Controller published in the Official Gazette dated 10.03.2018 and numbered 30356. If your application is due to the error of our company, which is the Data Controller, the paid fee will be refunded to you.
Your proper requests for Personal Data Protection will be finalized free of charge in general within thirty working days at the latest from the date of arrival at our company.
In case of your application, “Smart Fue Istanbul” has the right to request some overproving information from you in order to confirm that you are the right person. Unless you cancel your application, you agree to these requests from Smart Fue Istanbul.
RIZA AND APPROVAL
When you read this Clarification Text, in this context, Smart Fue Istanbul Health Service. Ind Trade Co. Ltd you acknowledge, declare and undertake that you are fully and fully informed about the processing of your personal data and consent to the processing of your personal data.