As the Medical Park Hospital Group (the “Group”), we value the privacy of your personal data.
We take our duty to protect your personal data and confidentiality very seriously, and are committed to taking all technical and administrative security measures to ensure appropriate security level for your personal data.
1. Personal Data Collected by the Group
We may collect certain information from you related to the healthcare services offered by the Group. We process such information in compliance with the personal data processing principles and conditions provided in the Law No. 6698 on the Protection of Personal Data (the “Data Protection Law”). The information we collect for the purposes listed below in Section 2 may include the following
– your name, surname,
– your Turkish Republic identity, passport number,
– your birth place and date,
– your gender,
– your postal address,
– your telephone number,
– your e-mail address,
– patient protocol number assigned to you by the Group,
– your financial data such as payment and invoice information,
– your data related to private health insurance or Social Security Institution,
– biometric data within the scope of services financed by the Social Security Institution,
– your health data including but not limited to laboratory results, test results, medical examination results, check-up details, prescription information,
– your voice record when you contact us,
– CCTV image during your visits to the Group’s hospitals,
– your vehicle plate information when you use car park or valet services,
– identity information and health data disclosed by you when you use online services on our website medicalpark.com.tr,
– identity information and health data collected during your visit to websites mlpcareobesitycenter.com and mlpcareplasticsurgery.com,
– other information shared by you when you contact us through e-mail, call center or other channels.
2. Processing Purposes of Your Personal Data
We process your personal data collected within the scope of services provided to you for certain purposes including the purposes laid out below:
- fulfilling our legal obligations arising from the Fundamental Law No. 3359 on Health Services, Decree-Law No. 663 on Organization and Duties of Ministry of Health and Affiliated Institutions, Private Hospitals Regulation, Regulation on Processing and Protecting the Privacy of Personal Health Data and other relevant legislation,
- protecting public health, preventive medicine, medical diagnosis, medical treatment and care or for planning, management or financing of health services;
- informing you on your appointment when you request an appointment;
- internal planning and management of the Group
- conduct analysis to develop our services,
- confirming your identity;
- confirming your relations with contracted institutions;
- responding to requests of the Ministry of Health and other public organizations and institutions;
- responding to your requests and complaints with regard to our services;
- analyzing your use of healthcare services to develop our services;
- complying with the Group’s internal policy and principles;
- conducting patient satisfaction surveys after provision of services and increasing patient satisfaction;
- contacting you for informatory purposes related to our services;
- provision of medicines or medical devices.
We will not, however, use your personal data for any commercial purpose, except as required by the activities listed above and the relevant legislation.
3. Persons to Whom Your Personal Data Can be Transferred
By taking all technical and administrative security measures to ensure appropriate level of security in accordance with the Data Protection Law and the relevant healthcare legislation, for the purposes detailed in the above Section 2, we may share your personal data with institutions and organizations authorized in accordance with the provisions of the Fundamental Law No. 3359 on Health Services, Decree-Law No. 663 on Organization and Duties of Ministry of Health and Affiliated Institutions, Private Hospitals Regulation, Regulation on Processing and Protecting the Privacy of Personal Health Data and other relevant legislation; private insurance companies; our direct/indirect domestic/cross-border shareholders, affiliates and/or subsidiaries; our group companies; auditors; consultants; business partners and other third persons that we cooperate with and purchase contractual services from to conduct our operations.
4. Method and Legal Grounds of Personal Data Collection
Your personal data can be collected verbally, in writing or electronically for the purposes detailed above and with a view to complying with the Group’s contractual and legal obligations.
5. Your Rights
In accordance with Article 11 of the Data Protection Law, to the extent that your data is processed by the Group as data controller, you may resort to your rights listed below by sending a mail to the address Flatofis Haliç, Defterdar, Otakçılar Caddesi No:78, 34050 Eyüp/İstanbul:
- a) ask whether any of your personal data is being processed;
- b) request information with regard to the processing activities;
- c) ask the purposes of the processing;
- d) in the event your personal data is being shared with third persons within or outside the country, request information on such third persons;
- e) request correction of the personal data if the data is processed incompletely or inaccurately;
- f) request the deletion or disposal of personal data if the reasons for the processing of the personal data no longer exist or if the Group has no legal grounds or legitimate interest to process such data;
- g) object to negative consequences that may occur as a result of the processing of personal data by automatic means; and
- h) request indemnification if the you have incurred damages due to illegal processing of your personal data.
The Group will respond to your requests found in the application as soon as possible and in 30 days at the latest free of charge. However, if the relevant process requires an additional cost, a charge specified in the tariff designated by the Personal Data Protection Board will be taken.