PRIVACY NOTICE FOR PATIENTS
I. Data Controller
In accordance with the Law No. 6698 on the Protection of Personal Data (“Law”), your personal data is processed as the data controller, Treat and Travel (“Treat and Travel” or “Company”) within the scope described below.
II. Personal Data Collection Methods and Legal Reasons
Our company collects personal data directly from you, from the contractual relationship between you and us, from our website, mobile applications, e-mail, postal, fax, notifications from administrative and judicial authorities, and data learned audibly, electronically or in writing through other communication channels. In accordance with the personal data processing conditions specified and limited to the purposes stated below, especially for the purposes of the execution of the relationship between you and us and the compliance of the activities with the legislation, in line with the following legal reasons specified in Articles 5 and 6 of the Law:
It is necessary to process your personal data, provided that we establish a contractual relationship with you or are directly related to our performance obligation arising from this contract (processing and transferring all your identity information, communication, health and related data required for the provision of health tourism service during the establishment of the contract)
Being mandatory for the establishment, use or protection of a right (providing information security, ensuring the security of legal transactions, execution of payment processes, follow-up and execution of legal affairs, storage of personal data that may be required during the statute of limitations)
Clearly stipulating the process by which we process your personal data in laws (keeping transaction records within the scope of the Law and Law No. 5651)
Situations that are mandatory in order to fulfil our legal obligations (processing your personal data due to the performance of financial, tax and similar obligations, fulfilling legal requests within the scope of regulatory and supervisory activities)
Obligatory in line with our legitimate interests, provided that it does not harm your fundamental rights and freedoms (executing/supervising business activities, ensuring the security of data controller operations)
Your express consent, when necessary (positioning the analytical cookies used on the website on your device and sending you a commercial electronic message with your consent)
III. Personal Data Processing Purposes
Your personal data could be processed for the purposes stated below, which are the subject of your disclosure to us, especially for establishing a contractual relationship with you and managing all phases of this contract process, planning,and executing end-to-end marketing processes, ensuring information security and legal transaction security, and fulfilling our legal obligations. can be processed:
Management of Health Tourism Processes: Processing of your personal data in the context of planning and execution of health tourism processes before and during the contract [identity, communication, health, physical space security, transaction security, audio-visual records data]
Organization and Event Management: Processing your personal data in the context of planning and execution of organizations and events to be held before and during the contract [identity, communication, health, physical space security, transaction security, visual and audio recordings data]
Execution of Marketing Processes of Products / Services: Execution of product and service marketing processes based on the information you provided during product / service sales [identity, communication, health, legal action, customer transaction, risk management, marketing]
Execution of Product / Service Sales Processes: using your personal data in online sales, technical support,and management processes [identity, communication, health, finance, customer, customer transaction, audio, request/complaint/reputation management data]
Execution/Audit of Business Activities: Carrying out service sales and intermediation activities by us and auditing the business activities we carry out, planning in-house reporting and business development activities, tracking the contacts of branch employees with customers, opening potential customer records, measuring branch and employee performance, and providing service. planning of processes [identity, finance, health, customer, customer transaction, request/complaint/reputation management data]
Execution of Supply Chain Management Processes: Execution of processes related to business partners, suppliers and other stakeholders regarding products and services [identity, communication, health, financial data, customer, customer transaction, request/complaint/reputation management data]
Execution of Finance and Accounting Affairs: Execution of finance and accounting processes based on this information during product/service sales to be made by you, tracking of accounting, and purchasing transactions [identity, communication, health, finance, customer, customer transaction data]
Execution of Communication Activities: When necessary, contacting you in line with the information you have provided, informing you about your contract, making payment reminders, contacting you by SMS, e-mail, and telephone within the scope of the performance of the contract, planning and/or execution of after-sales support services activities [identity, contact, health, customer, customer transaction, financial data]
Execution of Advertising / Campaign / Promotion Processes: Execution of advertising / campaign / promotion processes, profiling, analysis, marketing, and advertising processes [identity, communication, health, customer, customer transaction data]
Receiving and Evaluating Suggestions for the Improvement of Business Processes: Analysis, improvement,and development of our processes according to the feedback we receive from you [identity, communication, health, customer, customer transaction data]
Execution of Customer Relationship Management Processes: Managing our relations regarding the products and services offered to you, meeting your requests, and providing feedback [identity, communication, health, customer, audio-visual data]
Execution of Activities for Customer Satisfaction: Carrying out activities to ensure customer satisfaction by using your information during product/service sales, customer relationship management activities to increase customer experience [identity, communication, health, customer, customer transaction, finance, audio, request/complaint /reputation management data]
Execution of Company/Product/Services Loyalty Processes: Increasing your confidence in the services we offer you within the scope of customer relations [identity, communication, health, customer, customer transaction, finance, marketing data]
Making Statistical Evaluations and Market Research: Improving all business processes and conducting research for new markets [communication, customer, health, customer transaction, finance, demand/complaint/reputation management data]
Execution of Activities in Compliance with the Legislation: Ensuring compliance with legal rules in business processes, especially Law No. 6698, ensuring that our activities are carried out in accordance with internal procedures and relevant regulations, planning and execution of activities [identity, communication, finance, customer, customer transaction, visual, audio, request/complaint/reputation management data]
Execution of Audit/Ethical Activities: Conducting audit activities during product/service sales, detecting, and preventing fraudulent transactions, managing internal control and audit activities [identity, communication, health, finance, customer, customer transaction, audio-visual data, health, request/complaint/reputation management data]
Follow-up and Execution of Legal Affairs: Follow-up of contract processes and/or legal affairs and requests, alternative dispute resolution methods and completion of litigation processes, management of processes with notaries, judicial and administrative authorities [identity, communication, health, finance, customer, customer transaction, visual, audio, request/complaint/reputation management data]
Execution of Information Security Processes: Ensuring transaction security in your transactions during the sale of products/services, making necessary arrangements to ensure that the processed data is up-to-date and correct, establishing and operating the information infrastructure, ensuring physical security and cyber security, ensuring the security of the internet branch, ensuring transaction security and processing of IP, MAC address and similar data and log records for this purpose [identity, communication, finance, customer, customer transaction data, visual, audio data, request/complaint/reputation management data]
Execution of Risk Management Processes: In order to determine and manage the legal, technical and financial risks required during the establishment of the contractual relationship, to ensure risk management, to carry out legal notifications by making financial controls and reports, to determine and implement commercial and business strategies based on quantitative information about transactions, and to evaluate their applications. making necessary credit inquiries [identity, communication, legal action, customer transaction, transaction security, risk management, finance, marketing, audio-visual data]
Ensuring the Security of Data Controller Operations: Ensuring information security, physical security, legal transaction security, ensuring the legal, technical, and commercial occupational safety of the data subjects in a business relationship [identity, communication, health, customer, customer transaction, risk management, finance, physical space security, location, audio-visual, transaction security data]
Providing Information to Authorized Persons, Institutions and Organizations: It is processed within the scope of the purposes of providing information as required by the legislation, meeting the requests from legal authorities [identity, communication, health, finance, customer, customer transaction, visual, audio, request/complaint/reputation management data].
IV. Transfer of Personal Data
In accordance with the principle of proportionality, our company takes care to process your personal data by taking the necessary technical and administrative measures within the framework of the “need to know” and “need to use” criteria. We have to transfer the personal data we process with third parties for certain purposes, since the execution or control of business activities, ensuring business continuity and operation of digital infrastructures necessitate continuous data flow with different stakeholders. In addition, it is very important that your personal data is accurate and up to date in order tofulfil its contractual and legal obligations fully and properly. For this, we have to work with various business partners and service providers.
Your personal data, in line with the realization of the above-mentioned purposes and limited to the fulfilment of these purposes:
With health service providers and agencies in health tourism processes
With notaries in the certification processes of documents
With our business partners who provide services in the field of organization and event
With business partners and service providers that provide call centre services for the delivery of customer services.
With the parties involved in the realization of these transactions for the purpose of performing the transactions to be carried out within the scope of the contract or transfer of receivables or financing.
With our relevant business partners, consultants and service providers, banks, financial advisors for the management of financial and accounting processes, identification and evaluation of risks, and prevention of fraud.
With the e-invoice business partner to send the e-invoice to the customer electronically; with cargo and courier companies in order to deliver physical contracts or invoices.
In order to fulfil tax obligations, with tax offices, during tax audits, invoices and collection receipts are submitted to the representatives of the Ministry of Finance.
With the relevant service provider and business partner for website usage preferences and browsing history, segmentation, and communication with the customer in line with their tastes and preferences.
With business partners and service providers providing services in this field for profiling, analytics, customization of services, marketing, and advertising purposes
With the Ministry of Commerce and the authorized company in the context of the message management system registration for the management of messages, and the authorized commercial message infrastructure provider for message sending.
In addition, with our business partners and service providers that provide, operate, or provide services to our IT infrastructure, with our business partners and service providers providing services in the field of quality control, complaint management and risk analysis, with our relevant business partners for the management of marketing processes and identification of potential customers, joint branding studies have been carried out. with third parties, with lawyers and other consultants for the purpose of executing contract processes and litigation/enforcement proceedings, with our business partners providing private integrator, independent audit, customs, financial advisor/accounting services, legally authorized public institutions and private persons or organizations and third parties, within the scope of fulfilment of obligations, lawyers, auditors, forensic experts, cyber security consultants, tax consultants and other third parties and business partners from whom we receive consultancy and services, regulatory and supervisory institutions, courts and enforcement offices. to other official institutions, in all processes; execution of risk management and financial reporting processes, with other public institutions or organizations authorized to request your personal data, limited to the purposes specified in this clarification text, and processed in the country or abroad.
V. Rights of the Data Subject
As the person whose personal data is processed, your requests within the scope of Article 11 of the Law regulating the rights of the person concerned (learning personal data processing, requesting information about the processing, learning the relevance of the processing for the purpose, knowing the persons to whom the transfer is made, requesting the correction of incomplete or incorrect processing, requesting their deletion or destruction), requesting the notification of all automatic transactions to third parties, objecting to the analysis, demanding the removal of the damage) You can contact email@example.com
COMMITMENT TO THIRD PARTY AND ACCOMPANYING PARTNERS
All kinds of third parties whose information I have shared with your company, especially those who will be references, other third parties whose information is requested for the establishment of a customer relationship, my spouse, relatives whose consent is legally required, or the persons I have specified as a guarantor, to process the personal data of your company and to inform the data subjects that they can be contacted. I undertake that it was done by me and that their consent was obtained.
EXPLICIT CONSENT AND COMMERCIAL COMMUNICATION APPROVAL
Within the scope of the privacy notice presented to you by our company, we request your explicit consent for the processing of your personal data for the purposes of profiling, analysis, customization of the services offered, marketing and advertising and commercial communication with you in accordance with the Law No. 6653 on the Regulation of Electronic Commerce.
I consent to the processing of my personal data for the purposes of profiling, analysis, customization of the services offered, marketing and promotion, advertising and I allow commercial communication with me for these purposes.