GDPR PRIVACY

        ASİLA SAĞLIK HİZMETLERİ A.Ş.

PRIVACY & CLARIFICATION NOTICE

   

 

Dear Patient,

The General Data Protection Regulations (GDPR) replaces the Data Protection Act 1998 on 25 may 2018. Our Company is now required to tell all data subjects about the data that is collected about them. This form may also be used to collect certain data.

This Privacy & Clarification Notice states the data collected and processed by our Company in the name of data officer and will be valid for the personal data of the persons mentioned above:

Your Identity Information (Name and surname, TR Identity number or Passport number, if any, name and surname of the patient’s parent/guardian, TR identity number or passport number, signature, your nationality, date of birth) Your Contact Information (E-mail address, Telephone number, Address) Your Health Information (The operation you had at our ASİLA SAĞLIK HİZMETLERİ A.Ş., the tests, examinations, your operation history, the treatment and medications applied before and after the operation, the health information about the operation you want to have, and the health information you received from our ASİLA SAĞLIK HİZMETLERİ A.Ş. before the operation or data related to the health reports, health information, tests and examinations you have submitted to our Medical Center, your medical history information) and Financial Information (the amount you will pay/pay for the service you receive from our ASİLA SAĞLIK HİZMETLERİ A.Ş., your payment method, price offers offered to you, your bank account information) data as part of the registration system Providing you with the health services you have requested from our ASİLA SAĞLIK HİZMETLERİ A.Ş. in the province, carrying out studies to improve the health services of our ASİLA SAĞLIK HİZMETLERİ A.Ş., conducting and planning the business processes of our ASİLA SAĞLIK HİZMETLERİ A.Ş., performing the necessary tests, examinations and other procedures in order to comply with the legislation we are affiliated with while providing services. Providing information to authorized persons, institutions and organizations, following and executing legal affairs, executing emergency management processes, conducting / auditing business activities, health services and examination that can be offered to the service user within the scope of providing the services that are included in the field of activity of our company and that you have requested, Diagnosis, treatment, use in patient follow-up and promotion services after treatment, arrangement of all records and documents that will be the basis for the services provided in electronic (internet / mobile etc.) or paper media, as per the legislation It is processed for the purposes of transferring it to the Ministry of Health and other public institutions and organizations, complying with the obligations stipulated in the agreements made with public and private legal persons, and providing other requested services. Pursuant to Article 6/2-e of GDPR, “processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;” and 6/2-f “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.”, according to 6/2-c “processing is necessary for compliance with a legal obligation to which the controller is subject;” 6/3 “Persons or authorized institution that are under the obligation of confidentiality for the purpose of protecting public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and their financing. and organizations”, your biometric data is again under law number 5510 for the purposes of fulfilling our identity verification obligation in accordance with the Law and Social Security Institution Health Implementation Communiqué, informing authorized persons, institutions and organizations, tracking and executing legal affairs. and GDPR 9/3  “Personal data referred to in paragraph 1 may be processed for the purposes referred to in point (h) of paragraph 2 when those data are processed by or under the responsibility of a professional subject to the obligation of professional secrecy under Union or Member State law or rules established by national competent bodies or by another person also subject to an obligation of secrecy under Union or Member State law or rules established by national competent bodies.” in accordance with 5510 p. It is processed because it is stipulated in the Turkish Law and secondary legislation (Social Security Institution Health Implementation Communiqué).

TRANSFERRING PERSONAL DATA

ASİLA SAĞLIK HİZMETLERİ A.Ş., in accordance with the principles in Article 5 of  GDPR in line with the above-mentioned purposes; with the authorized public institutions and organizations, courts, prosecutors’ offices, enforcement offices and other judicial authorities, legal advisors, who request information in case of a possible conflict; can shared in accordance with the GDPR.

METHODS OF COLLECTION OF PERSONAL DATA

ASİLA SAĞLIK HİZMETLERİ A.Ş. collects your personal data verbally, in writing or electronically, through the forms you fill in our ASİLA SAĞLIK HİZMETLERİ A.Ş. or on the internet, or the forms to be filled by the ASİLA SAĞLIK HİZMETLERİ A.Ş. employees based on the information you provide. In case of a possible conflict, transfer to the relevant authorities, transfer to the authorized persons and institutions in the performance of the contract, creating a database, making a list, filling out documents, writing petitions, filling out forms, automatically or non-automatically depending on the nature of the work and the nature of the personal data requested/required to be processed, are being processed.

MEASURES TO PROTECT YOUR PERSONAL DATA

Protection of personal data is an important issue for ASİLA SAĞLIK HİZMETLERİ A.Ş.. As ASİLA SAĞLIK HİZMETLERİ A.Ş., we take the necessary technical and administrative measures to protect personal data against unauthorized access or loss, misuse, disclosure, alteration or destruction of this information. Our company undertakes to keep your personal data confidential, to take all necessary technical and administrative measures and to show due diligence for ensuring confidentiality and security. ASİLA SAĞLIK HİZMETLERİ A.Ş. immediately notifies you and the Personal Data Protection Board in the event that personal data is damaged or in the hands of third parties as a result of attacks on the website and the system, despite taking the necessary information security measures.

KEEPING YOUR PERSONAL DATA CORRECT AND UP-TO-DATE

When you share your personal data with ASİLA SAĞLIK HİZMETLERİ A.Ş., you know that the accuracy and keeping of this information is important both in terms of the rights you have over your personal data within the meaning of the GDPR and other relevant legislation, and that you are fully responsible for providing false information. You accept and declare that it will be your own. You can make the necessary notifications about the changes and/or updates regarding the personal data you have shared, from the below mentioned KEP address or our company’s address via physical mail or through communication channels such as e-mail, fax, cap address or call center specified on our websites.

DELETING, DESTROYING OR ANONYMOUSING YOUR PERSONAL DATA

Your personal data processed for the purposes specified in this Information text according to the article 11 of the GDPR when the “purpose requiring processing disappears” and the periods determined by the Laws, if any, expire; In line with our Company’s Personal Data Retention and Destruction Policy, it will be deleted, destroyed or anonymized by us, ex officio or upon your request, and will continue to be used.

YOUR RIGHTS BASED ON GDPR

  1. learning whether it has been processed or not,
  2. requesting information if processed,
  3. learning the purpose of processing and whether it is used in accordance with its purpose,
  4. to know the third parties to whom it was transferred in the country / abroad,
  5. enable correction to data for accuracy.
  6. request the deletion or removal of personal data where there is no compelling reason for its continued processing.
  7. object to processing of personal data that is likely to cause, or is causing damage or distress
  8. to obtain and reuse your personal data for your own purposes across different services.
  9. prevent processing for the purpose of direct marketing
  10. object to decisions being taken by automated means
  11. in certain circumstances have inaccurate personal data rectified, blocked, erased or destroyed; and
  12. in case you submit your requests regarding your right to demand the compensation of the damage due to unlawful processing, to the ASİLA SAĞLIK HİZMETLERİ A.Ş. in accordance with the application procedures set forth in the Communiqué on Application Procedures and Principles to the Data Controller, as soon as possible and at the latest 30 ( within thirty) days, free of charge. However, if the process requires an additional cost, ASİLA SAĞLIK HİZMETLERİ A.Ş. may request the fee in the tariff determined by the Personal Data Protection Board.
  13. claim compensation for damages caused by breach of the Data Protection Regulations

IDENTIFICATION OF COMPANY

ASİLA SAĞLIK HİZMETLERİ A.Ş.

VKN: 0861096374

Address: Maltepe Mah. Londra Asfaltı Cad. No:32/1H

KEP Address: asilasaglik@hs01.kep.tr

        Patient or Patient’s Parent/Guardian:

Name and surname:

Date:

Signature: