General Data Protection Regulation (GDPR) | Sirinyali Dental Clinic Antalya Smile Studio

General Data Protection Regulation (GDPR)

Explanation text for the processing of personal data

Dent Sirinyali Ltd. Sti. shall be hereinafter referred to as the COMPANY, and the “Law on the Protection of Personal Data” shall be referred to as GDPR(KVKK).

This explanation text is prepared within the framework of article 10 of GDPR (KVKK) “Obligation of Data Controller to Inform”. During the collection of your personal data, it is prepared in order to inform you in the most transparent manner as to what purposes your data shall be processed, to whom and for what purposes your processed data may be transferred, about the method of collecting your personal data and the legal reasons as well as about your rights specified in article 11 of the relevant law when we are fulfilling our obligation to inform as the COMPANY.

By the data controller COMPANY, your personal data shall be collected, processed, stored, updated in case of any change in data, transferred to third persons in cases specified in the law provided that it does not violate the legislation, and classified within the scope of the conditions specified below. . The explanations provided for your “Personal Data” in the Explanation Text covers your “Sensitive Personal Data” as well.

1. PERSONAL DATA COLLECTED FROM YOUR AS THE DATA SUBJECT

Your personel data requested from you rely on the condition of providing service.

1.1. For Patients Who are to be Examined or Treated:

i) Your Identity Information:

In case you are a Turkish citizen; 1. Your name, Surname, R.o.T. ID Number, Gender, Date of Birth, Identity Card Number

In case you are not a Turkish citizen;

1.2.Your name, Surname, Nationality, Temporary Identity Number or Passport Number, Gender, Date of Birth

ii) Your Contact Information:

1.3. Your address in Turkey.

1.4. Your GSM Number, E-Mail Address

(YOUR DATA IN ARTICLES 1-2-3-4 ABOVE ARE PROCESSED IN CASE YOU SHARE EXPRESS CONSENT ACCORDING TO article 5/1 of KVKK.)

iii) Your Test Results Obtained During Examination and Treatment;

1.5. Your laboratory and imaging results, dental x-ray, test results, examination data, prescription details, your previous illnesses, your permanent diseases, blood type, your health data obtained during the medical diagnosis, treatment and during the conduction of care services you present for the purpose of monitoring the process in your patient tracing file created within the COMPANY during your examination and treatment are processed for the purpose of conducting medical diagnosis, treatment, and care services GDPR (KVKK) 6/3f.

1.6. Your financial data such as payment and invoicing,

1.7. Your private health insurance and SSI data,

1.8. For the purpose of planning and financing of health services, your data related to

your private health insurance and Social Security Institution data,

1.9. Your Social Security Institution data within the scope of the services financed by SSI,

(YOUR DATA IN ARTICLES 5-6-7-8-9 ABOVE ARE PROCESSED FOR THE PURPOSE OF THE FULLFILLMENT OF GDPR(KVKK) 5/Ç LEGAL OBLIGATION).

1.10. Your comments, responses, and evaluations on the website and social media accounts opened for the name of the COMPANY. (THESE ARE PROCESSED AS THESE DATA ARE PUBLICIZED BY THE DATA SUBJECT AS SPECIFIED IN KVKK 6/D)

1.11. Your closed circuit camera records taken during your visits for your examination and treatment processed performed within the COMPANY (Under each camera within our hospital, there is an explanation text where you, dear patients/visitors, can easily see).

1.12. Your personal data and location detals in the forms and questionnaires you have filled in the website https://sirinyalidental.com/ of the COMPANY.

For the visitors;

1.13. Your degree of relation to the patient,

1.14. Your closed circuit camera records and voice records taken during your visits to the COMPANY (Under each camera within the COMPANY, there are QR codes which you, dear patients/visitors, can easily see, which will lead an explanation text).

For Personnel and Doctors;

Data Collected During Job Application

1.15. Your name, Surname, Gender,

1.16. Graduate and Associate Educational Information,

1.17. Specialty Field Information

1.18. GSM Number, E-Mail Address

1.19. Foreign Language Knowledge Level

(YOUR DATA IN ARTICLES 11-12-13-14-15-16-17-18-19-20-21 ABOVE ARE PROCESSED IN CASE YOU SHARE EXPRESS CONSENT ACCORDING TO article 5/1 of KVKK.)

iv) Data Collected From Employed Personnel and Doctors

1.20. Your name, Surname, Gender, R.o.T. Identiy Number, Identity or Passport Photocopy

1.21. Your Address,

1.22. GSM Number, E-Mail Address

1.23. Bank Account Number/IBAN Number To Which Your Wage is Deposited (Financial Data),

1.24. Health Board Report Indicating There Is No Obstacle for You to Perform Your Profession

1.25. Specialty Field Information (DATA IN ARTICLES 23-24-25-26-27-28 ABOVE ARE PROCESSED FOR THE FULFILLMENT OF LEGAL OBLIGATION SPECIFIED ON GDPR (KVKK) 6/Ç).

2. For What Purposes Your Personal Data Is Processed

Processed if you give express consent within the scope of GDPR (KVKK) article 5/1

Processed in order to fulfill the legal obligation within the scope of GDPR (KVKK) article 5/1ç.

Processed if the data are publicized by the data subject within the scope of GDPR(KVKK) article 5/1d.

  • In case you make a job application to the COMPANY, your data are processed during and following the recruitment, checking the compliance of experience, knowledge and skills with the sought criteria,
  • For the fulfillment of obligations of the COMPANY employees arising out of employment contract and/or legislation,
  • Ensuring the security of COMPANY fixtures and/or resources,
  • Execution of the contracts signed between the parties and providing the authority control of the signing parties, planning of commercial and/or business strategies in accordance with COMPANY procedures and/or relevant legislation, ensuring and provision of commercial job security,
  • Ensuring the accuracy and actuality of the data collected by the COMPANY from the patients, personnel, doctors and the partners of the COMPANY with a business relation,
  • Planning and execution of skill – career development activities of personnel and doctors employed within the COMPANY,
  • Creation of visitor and patient records, tracing the same, as well as ensuring the discipline, security and checks in the company campus,
  • In cases required by public safety; informing authorized public institutions and organizations upon request,
  • Performance of required transactions and businesses for the benefit of the parties before the contractual legal persons to the extent required by the provision of service or employee – employer relation or any other business relation,
  • For the purpose of the conduction of necessary opreation activities within the company,
  • Ensuring the human resources management,
  • Taking the necessary steps in making commercial decisions, implementation and performance of the same,
  • Planning and management of the internal operation of the institution by the company management,
  • Analyzing for the purpose of the improvement of health services by quality, patience experience, and information systems departments.

For these purposes, the data may be automatically processed as a whole or in part, or may also be processed in ways which are not automatic on the condition that it is part of a data record system.

3.For What Purposes Your Data is Transferred to Whom

Within the framework of Health Services Fundamental Law numbered 3359, Decree Law Concerning the Organization and Duties of the Ministry of Health and Affiliates, Private Hospitals Regulation, Regulation on the Processing of Personal Health Data and the Protection of Privacy, regulations of the Ministry of Health, articles 8 and 9 of GDPR (KVKK) numbered 5598 and the provisions of other relevant legislation, in line with the purposes specified in article 2 above; your personal data may be shared with and transferred to

  • Ministry of Health, and its affiliated institutions and family physician centers
  • Private insurance companies
  • Social Security Institution
  • Directorate General of Security and other law enforcement
  • General Directorate of the Census
  • Turkish Pharmacists’ Association
  • Judicial authorities (Courts and Enforcement Offices)
  • Laboratories, medical centers, ambulance, medical device and health service providing institutions within the domestic borders with which the COMPANY is in cooperation for medical diagnosis and treatment
  • Medical institution where the patient is transferred or has applied himself/herself
  • Your legal representatives whom you have expressly authorized
  • Third persons from whom the COMPANY receives consultancy including the attorneys, tax consultants, and auditors
  • Regulatory and supervisory institutions and official bodies
  • Suppliers from whom the COMPANY benefits from the services and with whom the COMPANY is in cooperation
  • Cloud service providers who have servers within the domestic borders for the storage of personal data
  • DATA IS NOT TRANSFERRED ABROAD

4. Collection Methods and Legal Causes of Personal Data

Provided that it is in accordance with articles 5 and 6 of GDPR (KVKK), your personal data may be automatically collected as a whole or in part, or may also be collected in ways which are not automatic on the condition that it is part of a data record system in electronic or physical environments.

The legal causes for the collection and processing of your personal data, which is specified in detail in Article 1 are as follows:

  • Private Hospitals Regulation
  • Regulation on the Processing of Personal Health Data and the Protection of Privacy
  • Health Services Fundamental Law numbered 3359
  • Decree Law Concerning the Organization and Duties of the Ministry of Health and Affiliates numbered 663
  • Regulations of the Ministry of Health, Turkish Code of Obligations numbered 6998
  • Enforcement and Bankruptcy Law numbered 2004, Labor Law numbered 4537
  • Social Securities and General Health Insurance Law numbered 5510
  • Turkish Commercial Code numbered 6102
  • Turkish Penal Code numbered 5237 and other legislative provisions

5.Your Rights as the Data Subject

As per article 11 of GDPR (KVKK) “Rights of Data Subjects” and as per the additional paragraph of article 20 of the Constitution of the Republic of Turkey “Privacy of Private Life” dated 07.05.2010, in case you apply the company as the Data Subject you have the rights;

  • to learn whether his/her personal data are processed or not
  • to demand for information as to if your personal data have been processed
  • to learn the purpose of the processing of your personal data and whether these personal data are used in compliance with the purpose
  • to know the third parties to whom your personal data are transferred in country or abroad
  • to request the rectification of the incomplete or inaccurate data, if any
  • to request the erasure or destruction of your personal data under the conditions referred to in Article 7 of GDPR (KVKK)
  • to request reporting of the operations carried out pursuant to sub-paragraphs (f), (d) and (e) of GDPR (KVKK) to third parties to whom your personal data have been transferred
  • to object to the occurrence of a result against the person yourself by analyzing the data processed solely through automated systems
  • to claim compensation for the damage arising from the unlawful processing of his/her personal data

6. Your Application to the COMPANY as the Data Subject

For your applications to the COMPANY as the Data Subject, the COMPANY shall provide positive or negative response with justification within 30 days. As a rule, the applications to be made by parties are free, and in case the transaction requires a cost, the COMPANY reserves the right to demand the cost.

You may deliver it by hand to our address Çağlayan mah. Bülent Ecevit Bul.Kardelen Sitesi B Blok No:150/A Muratpaşa / ANTALYA

send it to hello@sirinyalidental.com via e-mail with secure electronic signature, mobile signature or with your e-mail address hello@sirinyalidental.com recorded in our system.

And you may transmit it on CONTACT US section at the address https://www.sirinyalidental.com/

7. COMPANY Information (Data Controller)

Company Name: Özel Dent Şirinyalı Ağız ve Diş Sağlığı Polikliniği

Contact Information

Address: Çağlayan mah. Bülent Ecevit Bul.Kardelen Sitesi B Blok No:150/A Muratpaşa/ANTALYA

Telephone: +90 553 017 51 52

Mail Address: info@sirinyalidental.com

Web Address: https://www.sirinyalidental.com/

REPRESENTATIVE: Alper YILDIZ

You may contact the COMPANY for detailed information.

Patient Name Surname:_______________________________Signature:_________Date:_______________

Write “I have understood what I read”: _____________________________________________________

What is your degree of relation to the patient under 18 years old?

Patient Relative Name Surname :_______________________________Signature:_________Date:_______________

Write “I have understood what I read”: _____________________________________________________

TRANSLATOR

Name Surname :_______________________________Signature:_________Date:_______________

_________________________________________________________________________________

_________________________________________________________________________________

I am told by the patient/patient relative that all the information I have translated has been understood.

(1 copy of the form shall be given to you accordingly.).