CLARIFICATION TEXT ON PROCESSING AND PROTECTION OF PERSONAL DATA

As Eunike Health Inc. (“ Eunike Health”), the data controller, we attach great importance to the protection of your personal data in accordance with the Law on the Protection of Personal Data (“ LPPD ”) numbered 6698 and General Data Protection Regulation (“GDPR”). This Clarification Text on the Processing and Protection of Personal Data (“Clarification Text”) has been prepared in order to enlighten you about the sources from which we obtain your personal data, our legal reasons for obtaining and processing your personal data, the purposes for which we process your personal data, whether we transfer personal data and to whom we transfer it, and your legal rights. Eunike Health processes your personal data in accordance with the LPPD, prevents unlawful processing of your personal data and illegal access to this data, and has taken all necessary technical and administrative measures to ensure the most appropriate level of security in order to preserve personal data.

PERSONS WHOSE DATA WE PROCESS

Eunike Health, as a data controller, processes personal data limited to the following groups of people.

  • Our workers
  • Our employee candidates (including reference persons declared by job applicants)
  • Our interns and on-the-job training trainees,
  • Our patients,
  • Persons who are interviewed and contacted for diagnosis, treatment, or receiving such services,
  • Patient relatives and companions,
  • Parties of any commercial activity or persons with whom we cooperate or will cooperate due to commercial activity, or authorized individuals or employees of companies (supply, advertising, support, marketing, accommodation, transportation, reference resources, etc.),
  • Shareholders or persons with whom shareholding negotiations are held, Our legal advisors, lawyers, and consultants or authorized or employees of consultancy companies, visitors,
  • Legal representatives, parents, guardians or guardians of all data subjects,
  • Persons who are parties in legal processes and their legal representatives,
  • Third parties with whom we have contacted, although they do not have a commercial or legal connection with our company.

PERSONAL DATA THAT WE PROCESS

Eunike Health, as a data controller, processes the following personal health data, general and special quality personal data, in accordance with the principles of "compliance with the law", "necessity", "fit for purpose" and "limitation".

Identity Data

All identity-related data such as name-surname, nationality, and T.R. identity number of the persons whose data will be processed; if you are not a Turkish citizen; passport number and information, temporary T.R. identity number, place and date of birth, marital status, and gender information.

Communication Data

It is all communication-related data such as residence address, correspondence address, mobile phone number, and e-mail address.

Visual and Audio Data

The image and sound recording taken by the closed circuit camera monitoring system recorded by the company security cameras, the audio recordings kept if you contact our call center, the confirmation, and proof of the promotion, research, medical or aesthetic/cosmetic procedure with special written consent and permission (consent). Person data recorded by photograph or video for convincing medical treatment of the patient or other patient candidates are the data within this scope.

Personnel Data

It is the data obtained in accordance with the law or employment contract regarding the personnel transactions such as the start date of the workers, the wage, and the number of working days per month.

Training Data

It is the data on the educational status of the workers, candidate workers, interns or on-the-job training trainees, or other related persons working in the company.

Job and Occupation Data

It is all data related to the job or profession in terms of workers, worker candidates, interns or on-the-job training trainees, or other related persons working in the company. (Including professional experience, diploma, and course data)

Comment and Complaint Data

It is the data of comments and complaints transmitted to our company by giving approval and consent on the website or through other channels in order to evaluate the services we offer.

Location Data

It is the address or location data that people transmit by any means and with their own consent.

Process Security Data (IP Data and Cookies)

IP address, browser information, website login and password information, (Mac ID, IP address information, website login, and password information) are within this scope.

Legal Data

It is all the data and enforcement data regarding the persons being the plaintiff or the defendant. It is the data about the employees working in the company and any person who has a lawsuit or enforcement proceeding with the company.

Financial Data

It is the data of individuals such as bank account numbers and IBAN numbers. It is the data requested and processed in terms of employees working in the company and patients receiving service from the company.

Health Data

All kinds of health data obtained during the execution of medical diagnosis, treatment, and care services such as laboratory and imaging results, medical test results, blood group, examination data, and prescription information, must be followed for legal reasons in medical files, processed with the consent of the person. In addition, the health report and other medical documents in the employee's personnel file are also within this scope.

Vehicle Plate Data

If the company's parking lot or private valet service is used, the license plate data is within this scope.

Customer Process Data

Call center records, invoices, promissory notes, checks, box office receipts, order information, demand information, etc. are within this scope.

Clothing Data

Size data etc. fixture, uniform, material and shoe size, etc. are in this scope.

Biometric Data

Palm biometrics, fingerprint, retinal scan, face recognition, etc. are in this scope.

Risk Management Data

The data processed for managing commercial, technical, and administrative risks are within this scope.

Physical Space Security

Entry-exit registration information of employees and visitors, and security camera records are the data in this scope.

Association, Foundation, and Union Data

Association and foundation data may be required in social responsibility and workplace organizations, and union data may be required during the deduction of union dues.

III. PROCESSING OF PERSONAL DATA

A. ACQUISITION OF PERSONAL DATA

1. How Personal Data is Collected, Through Which Channels

Your Personal Data Can be Collected;

  • 1.2.As a result of your conversation with our call center,
  • 1.3.As a result of the interview made through the live support application on our website,
  • 1.4. As a result of the interview to be made by reaching Eunike Health personnel via phone, WhatsApp application, or e-mail,
  • 1.5. As a result of communication you have over the phones used by Eunike Health marketing and promotion personnel, or via SMS or applications such as WhatsApp etc.
  • 1.6. As a result of your communication with doctors or related personnel by phone, SMS or WhatsApp etc. in case of your application to Eunike Health Center.
  • 1.7. As a result of face-to-face meetings with doctors or related personnel in case of your application to Eunike Health Center,
  • 1.8. Personal data of the person and company officials or employees with whom business relations are made as a requirement of the commercial activity, on the contracts and other commercial activity documents, and on the communication platforms,
  • 1.9. As a result of personal data being included on the contract and other commercial activity documents of our Legal Advisors, Lawyers, and Consultants or authorized or employees of consultancy companies, on communication platforms,
  • 1.10. As a result of the applications made through panels such as "contact us" or "get information" through the promotion and advertisement on social media,
  • 1.11. As a result of requesting a mobile phone number for personal data and encryption requested in accordance with the legislation in order to be able to connect to the broadcast in the wireless network (Wi-Fi) specific to the guests within the scope of the wireless Internet service,
  • 1.12. Obtaining data in the form of recording MAC ID (Device Identity Information) from the logins made to the website,
  • 1.13. In case of contact with Eunike Health without any commercial or legal connection, personal data of third parties are included in the communication platforms,
  • 1.14. Similarly, through other legal data acquisition ways.

B. PURPOSE OF THE PROCESSING OF PERSONAL DATA AND LEGAL REASONS

1. Purposes of Collecting and Processing Personal Data

Your personal data mentioned above and your personal data of special nature will be processed for the following purposes.

  • 1-Fulfilling legal obligations and carrying out all kinds of business within the legal framework,
  • 2-Fulfillment of the provisions of the contract,
  • 3-Providing health services (Execution of medical or cosmetic diagnosis, examination, treatment, and all kinds of care services),
  • 4-Commercial activity and business requirements,
  • 5-Sectoral (health) requirements;
    • 5.1. Maintaining public health, preventive medicine, medical diagnosis, treatment, and care services regardless of whether there are patients or not
    • 5.2. Sharing the information requested by the Ministry of Health and all other relevant official institutions and organizations in accordance with the health legislation,
    • 5.3 Financing your health services, examination, diagnosis, and treatment expenses by the patient services, financial affairs, marketing departments,
    • 5.4. Informing the patients about the appointment through the customer representatives, call center, and other channels,
    • 5.5. Identity confirmation by patient services, other operating units,
    • 5.6. Measuring, increasing, and researching patient satisfaction by hospital management, patient rights, patient experience departments,
    • 5.7. Billing by patient services, financial affairs, marketing departments,
    • 5.8. To be able to answer all kinds of questions and complaints about our health services by the hospital management, patient rights, and call center, patient relations department,
  • 6-Technical Requirements;
    • 6.1.Planning and management of the internal functioning of the institution by the call center, sales specialists, management,
    • 6.2.The quality of service delivery, patient experience, research, and analysis made by the IT departments to increase the quality of health services,
    • 6.3.Training of workers by human resources management and relevant departments,
    • 6.4. Monitoring and prevention of abuse or unauthorized transactions by the internal audit and information technology department,
    • 6.5. Carrying out risk management and quality improvement activities by information technology departments,
    • 6.6. Taking all necessary technical and administrative measures within the scope of data security by the management and IT department,
    • 6.7. Providing necessary communication by the officials in order to carry out transportation, accommodation, and courtesy services within the scope of health tourism,
    • 6.8. Patient relations, marketing, call center, participation in campaigns and providing campaign information, designing special content, tangible and intangible benefits on the web and other mobile channels, social media and conveying them to the addressees,
    • 6.9. To be able to carry out training activities by the educational institutions with which the institution is in cooperation,
2. Legal Reasons for the Collection and Processing of Personal Data

Your personal data mentioned above and your personal data of special nature will be processed due to these legal reasons:

  • Health Services Fundamental Law No. 3359,
  • Decree-Law No. 663 on the Organization and Duties of the Ministry of Health and its Affiliated Institutions,
  • Personal Data Protection Law No. 6698,
  • Regulation on Processing of Personal Health Data and Protection of Confidentiality
  • Identity Notification Law No. 1774,
  • Labor Law No. 4857,
  • Social Security and General Health Insurance Law No. 5510,

Protection of Personal Data No. 6698, as stated in paragraph 3 of Article 6 of the Law, personal data related to health and sexual life can only be used for the protection of public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing, may be processed by persons or authorized institutions and organizations under the obligation to keep secrets without seeking the explicit consent of the person concerned.

C. TRANSFERRING PERSONAL DATA

Your personal data may be transferred to:

  • Ministry of Health, sub-units, and family medicine centers affiliated to the ministry,
  • Private insurance companies (health, pension, life insurance, etc.),
  • Social Security Institution,
  • Ministry of Family, Labor and Social Policies,
  • General Directorate of Security and other law enforcement agencies,
  • General Directorate of Population and Citizenship Affairs,
  • Other authorized official institutions and organizations,
  • Turkish Pharmacists Association,
  • Judicial authorities, enforcement offices, mediators,
  • Laboratories, medical centers, ambulances, medical devices, and institutions providing health services in the country or abroad with which we cooperate for medical diagnosis and treatment,
  • The health institution to which the patient was referred or to which the patient applied himself,
  • Legal representatives, parents, and guardians authorized in writing
  • All natural or legal third parties who receive consultancy services, including lawyers, tax consultants, and auditors we work with under the contract,
  • Regulatory and supervisory institutions and official authorities,
  • Companies within the group of companies to which our institution is affiliated,
  • Banks where our company or the patients or our employees who are related to our company pursuant to any contract have accounts,
  • Private pension companies that work within the scope of compulsory or voluntary IPS (Individual Pension System),
  • Our suppliers, support service providers, archive service providers, and business partners whose services we benefit from or cooperate with (for more detailed information, you can obtain information by applying to our institution in writing.)
  • To our business partners and business contacts,
  • To our shareholders and real or legal persons with whom shareholder interviews were held,
  • Service providers from an outside source,
  • Cargo or courier companies,
  • Air, land, or sea passenger transport companies,
  • For the purposes mentioned above and within the framework of the terms:
  • Health Services Fundamental Law No. 3359,
  • Decree-Law No. 663 on the Organization and Duties of the Ministry of Health and its Affiliated Institutions,
  • Personal Data Protection Law No. 6698 and all relevant sub-legislation,
  • Regulation on Processing of Personal Health Data and Protection of Confidentiality
  • Identity Reporting Law No. 1774,
  • Labor Law numbered 4857,
  • Social Security and General Health Insurance Law No. 5510,

IV. OUR MEASURES AND COMMITMENTS TO THE PROTECTION OF PERSONAL DATA

Eunike Health, in its capacity as data controller, protects your personal and private data mentioned above, in physical and electronic environments, with great sensitivity and by fully complying with the provisions of the legislation, by taking all kinds of administrative and technical measures.

Eunike Health has taken all kinds of administrative and technical measures to protect your personal data, as recorded in VERBIS (Data Controllers Registry Information System) and included in the Personal Data Inventory.

Eunike Health is committed to protecting all personal data. In order to prevent the illegal processing and access of personal data and to ensure the protection of personal data, technical and administrative measures are carried out by using various methods and security technologies to ensure the appropriate level of security.

Eunike Health will not disclose the personal data it obtains to anyone else in violation of the provisions of the Law on Protection of Personal Data No. 6698 and will not use it for purposes other than processing.

Eunike Health has prepared and signed all warnings or consent statements, and undertakings, and has implemented the necessary multi-faceted audit activities in cases where it is mandatory and required to share (transfer) personal data with outsourced service providers and suppliers, consultants, or lawyers.

V. PROCESSING OF PERSONAL DATA COLLECTED THROUGH COOKIES

Eunike Health does not position cookies on its website. During the use of our website and mobile application, IP address, and browser information (Mac ID, IP address information, website login, and password information) are not received.

VI. YOUR RIGHTS REGARDING THE PROTECTION OF PERSONAL DATA

Pursuant to Article 11 of the LPPD, you can exercise your rights regarding the processing and protection of your personal data, provided that you prove your identity by applying to Eunike Health as a Data Controller through the following ways.

A. YOUR RIGHTS REGARDING YOUR PERSONAL DATA

  • 1. Learning whether your personal data is processed or not,
  • 2. If your personal data has been processed, requesting information about it,
  • 3. To learn the purpose of processing your personal data and whether they are used in accordance with the purpose,
  • 4. To know the third parties, to whom your personal data is transferred, in the country or abroad,
  • 5. Requesting correction of personal data in case of incomplete or incorrect processing
  • 6. Requesting the deletion or destruction of personal data,
  • 7. In case your personal data has been transferred to third parties, requesting that your personal data be corrected and deleted or destroyed, in case your personal data is incomplete or incorrectly processed, to be notified or forwarded to the relevant third party,
  • 8. Objecting to the emergence of a result against the person by analyzing the processed data exclusively through automated systems,
  • 9. Demanding the compensation of the damage in case of loss due to the illegal processing of personal data,

You can request the destruction (deletion, destruction, or anonymization) of your personal data from Eunike Health within the framework of the conditions stipulated in Article 7 of the LPPD. However, by evaluating your destruction request, which method is appropriate will be evaluated by our company according to the conditions of the concrete case. In this context, you can always request information from Eunike Health about why we have chosen the destruction method we have chosen.

Personal data collected about persons under the age of 18 are limited to their name, surname, age, and degree of affinity, and these data can only be given to us by the relevant adult (parent or guardian).

SITUATIONS OUT OF THE SCOPE OF THE RIGHT TO APPLICATION

Pursuant to Article 28 of the LPPD, personal data owners will not be able to assert their right of the application, since the following cases are excluded from the scope of the LPPD:

  • Processing personal data for purposes such as research, planning, and statistics by anonymizing them with official statistics.
  • Processing personal data for art, history, literature, or scientific purposes or within the scope of freedom of expression, provided that it does not violate national defense, national security, public security, public order, economic security, the privacy of private life, or personal rights or does not constitute a crime.
  • Processing of personal data within the scope of preventive, protective, and intelligence activities carried out by public institutions and organizations authorized by law to provide national defense, national security, public safety, public order, or economic security.
  • Processing of personal data by judicial authorities or execution authorities in relation to the investigation, prosecution, trial, and execution proceedings.

Pursuant to paragraph 2 of Article 28 of the Law on the Protection of Personal Data, it is not possible to assert the rights in the following cases, with the exception of the right to demand compensation for the damage:

  • Personal data processing is necessary for the prevention of crime or for criminal investigation,
  • Processing of personal data made public by the person concerned,
  • Personal data processing is necessary for the execution of supervisory or regulatory duties and for disciplinary investigation or prosecution by authorized public institutions and organizations and professional organizations in the nature of the public institution, based on the authority given by the law,
  • The processing of personal data is necessary for the protection of the economic and financial interests of the State with regard to budgetary, tax, and financial matters.

B. THE WAYS TO CONTACT OUR COMPANY TO EXERCISE YOUR RIGHTS

Your ways under the LPPD can be protected in the following ways:

  • 1- By filling out the Application Form on the LPPD on our company's website at " https://www.eunikehealth.com",
  • 2- By coming to the address of Istanbul Ritim Shopping Hall 21th Floor, No: 197, Cevizli, Zuhal Street, Maltepe Istanbul, where our company is headquartered, and filling in the Application Form on the LPPD to be obtained from the Human Resources Management department and handing it in person by signature,
  • 3- By sending a letter via notary public,
  • 4- By sending an e-mail to info@eunikehealth.com with a secure electronic or mobile signature, to the registered e-mail address.

Depending on the nature of your request and your application method, additional verifications (such as sending a message to your registered phone, or calling) may be requested by the Company in order to determine whether the application belongs to you or not, and thus to protect your rights. For example, if you apply through your e-mail address registered with the Company, you may be contacted using another communication method registered with the Company and you may be asked to confirm whether the application belongs to you.

As a rule, your requests in your application will be concluded free of charge within thirty working days at the latest, depending on the nature of the request. However, if the transaction requires a separate cost for the Company, as stated in the Communiqué on Application Procedures and Principles to the Data Controller published in the Official Gazette dated 10.03.2018 and numbered 30356 by the Personal Data Protection Authority, a fee not exceeding 50 (Fifty) TL in total may be requested.

In order to confirm that you are the right person in case of your application, “Eunike Health” has the right to request some confirmatory information from you. Unless you cancel your application, you are deemed to have accepted these demands of Eunike Health.

CONSENT and APPROVAL

When you read this Clarification Text, you accept, declare and undertake that you are fully and completely informed about the fact that Eunike Health carries out data processing, that you have been informed about the processing of your personal data, and that you have given your consent to the processing of your personal data.

Legal Warning

Eunike Health Web Site, its content, and applications are for informational and educational purposes only and are not created for the purpose of providing any medical advice or providing any physician-patient relationship.

The information on our site cannot be compared with the information provided as a result of physician examination and consultation of physicians. The opinions and documents stated in the sources do not reflect the official opinions of Eunike Health Center unless clearly stated.

Privacy Statement

You can visit all sections on www.eunikehealth.com. as often as you wish, without providing your personal information, read the necessary explanations, and have more detailed information about our center. Name, surname, date of birth, gender, marital status, education, occupation, telephone, mobile phone, address, and city information you have given to our website will not be shared with third parties in any way.

The contact (telephone and e-mail) information you have shared via the Contact Forms on the above-mentioned site can be used to deliver the information you have requested through Eunike Health Center and/or its authorized solution partners. The information you provide on the website of Enuike Health Center will be used to ensure that this health institution reaches you in a shorter time and to inform you.

Eunike Website Terms of Use

Eunike Health Center offers services to correct aesthetic imperfections in your face and body. Every service in the center is inspected by official or semi-official institutions (T.R. Ministry of Health, General Directorate of Foundations, ISO, etc.). In accordance with the relevant laws, the public is protected by law within the framework of the services provided and the nature of the treatments applied.

Anyone who visits this https://www.eunikehealth.com site or requests to benefit from the services offered on this site accepts all of the terms and conditions in this "Terms of Use and Legal Notice".

Eunike Health Center reserves the right to make changes, at any time, to the information under the heading "Terms of Use and Legal Notice" and other instructions on this site. These changes will be valid and binding from the date they are published on this site.

It is the responsibility of the site user to follow the changes. Eunike Health Center has no obligation to notify you of changes separately. By continuing to use the services of the Eunike Health Center site, you are deemed to have accepted these changes.

Provisions Regarding the Use of the Site

Links on the Eunike Health Center site may take you outside the Eunike Health CENTER site and Eunike Health Center assumes no responsibility for the content, accuracy, or function of these sites. Eunike Health Center is not responsible for any subsequent changes in the linked sites. Eunike Health Center or its affiliates, and other third parties involved in the creation, production, or transmission of this site, cannot be held responsible for direct, indirect, incidental, collateral, or penal damages, losses, and damages that may arise from the user's access to this site or use of the site.

Visitors to our website acknowledge that the files available for download on our website are not guaranteed to be free of viruses or any other malicious or harmful code or material. All software and hardware need to be required for the prevention of such malicious and damaging codes or materials, the accuracy of data inputs and outputs or the recovery of any lost data is the responsibility of the user. The user accepts that she assumes all responsibility and risks arising from the use of the site.

The website provides the site and all elements included in its content "as is" and does not provide any express or implied warranties about the website or any service, information, or any element included in the site content or any use of the site. It is the sole responsibility of the user to evaluate the accuracy of all opinions, advice, services, or other information and material provided through the Eunike Health Center site.

Copyright

All kinds of texts, images, sounds, animations, video files, and all other materials and designs published on this site are copyrighted in accordance with Law No. 5846 and the relevant Legislation. This copyright belongs to Eunike Health Center and no item can be copied, used, or used on other sites for commercial purposes.







Update Date 19.09.2022 14:04

CONTACT INFORMATION


EUNIKE HEALTH SAĞLIK HİZMETLERİ A.Ş.
Mersis No: 0381099689000001
Contact link: https://www.eunikehealth.com
E-Mail: info@eunikehealth.com
Address: Istanbul Ritim Shopping Hall 21th Floor, No: 197, Cevizli, Zuhal Street, Maltepe Istanbul.
Phone: +90 530 628 54 68