Kullanım Koşulları ve Gizlilik Politikası
As Neosante, we attach great importance to the security of your personal data. In accordance with the Law on Protection of Personal Data No. 6698 ("Personal Data Law") and "Regulation on Processing and Maintaining the Privacy of Personal Health Data", as a healthcare institution, you will record, archive, and, where necessary, authorized third parties/institutions your personal information required to provide healthcare services. and we will process it in the ways listed in the Personal Data Law. For this reason, we inform you about our mutual rights and obligations and request your explicit consent.
1. Processing of Your Personal Data and Data Controller
As Neosante, in order to provide you with health services as a data controller, among them;
– Your identity information (Name Surname, TR Identity Number, passport number for non-Turkish citizens or temporary TR Identity Number, Place and Date of Birth, Marital Status, Gender information and a photocopy of the submitted Turkish Identity Card or Driver's License)
– Your contact information (such as address, telephone number, e-mail address)
– Patient / client number or your protocol number,
– Your bank account/Iban number, financial information regarding payment and billing,
– Your private health insurance or Social Security Institution data,
– Your other health data, including but not limited to, your external institution laboratory and imaging results, test results, examination data, check-up information, prescription information, which you submit for the purpose of being in your file,
– Your video and audio recording of the closed circuit camera system in the general areas of our center,
– If you have contacted our Call Center, your voice call recording,
– If you have benefited from the parking lot and valet service, your license plate information,
– Suggestions, comments and survey answers you share for the purpose of evaluating our services,
– By recording your personal information, including your IP address, browsing data obtained during use, especially your browser information, and medical data that you transmit through the mobile application with your consent, which we obtain during the use of our website and mobile applications, in any case, as stipulated in the Personal Data Law and subject to the conditions. We declare that we will process it in our archives.
2. Purpose and Legal Reason for Processing Your Personal Data
Among the purposes of processing your personal data;
- Protection of public health, medical diagnosis, treatment and care services,
– Sharing the requested information with the Ministry of Health and other public institutions and organizations in accordance with the relevant legislation,
- Providing you with information about your appointment if you make an appointment,
- Planning and managing the internal functioning of our center,
– Analysis for the purpose of improving health services,
– With the education/training institutions we cooperate with, in order to carry out their activities in their fields,
– Financing of health services, invoicing,
– Verification of your identity, verification of your relationship with contracted institutions,
– Responding to your questions or complaints about our services,
– Supply of drugs and medical devices,
– Participating in campaigns and providing campaign information by the Marketing, Media and Communication, Call Center departments, designing and transmitting special content, tangible and intangible benefits on web and mobile channels.
Legal reasons for the processing of your personal data; Law No. 2219 on Private Hospitals and Law No. 3359 on Health Services Fundamental Law, as well as legal regulations arising from related secondary legislation such as the Decree Law No. 663 on the Organization and Duties of the Ministry of Health and its Affiliates, Regulation on Private Hospitals, Health Practice Communiqué, and Patient Rights Regulation. fulfillment of our obligations and protection of public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing.
3. Transfer of Your Personal Data
For the purpose of public health and preventive medicine services and subject to the conditions in the Law on the Protection of Personal Data,
– T.C. Ministry of Health, Provincial Health Directorates, Public Health Centers and other units affiliated to the Ministry of Health, but not limited to, by the competent authorities, by persons appointed by the competent authorities or within the scope of e-pulse and similar systems established. upon request or within the scope of our notification and/or reporting obligation uploaded to us, your personal data with the relevant authorities and persons,
– With our direct/indirect/domestic/foreign shareholders, subsidiaries and/or affiliates, group companies,
– With our business partners,
– Legal representatives and third parties that we receive consultancy from and authorize, including the lawyers, consultants, auditors we work with,
– With domestic/foreign organizations and other third parties and their legal representatives, with whom we contractually receive services and cooperate in order to carry out our activities,
– If you use your private insurance with the Social Security Institution for patients under the SGK nationality, with your insurance company you are a member of, and with your institution, in case your billing will be made to the institution you work for,
– Laboratories, ambulances, medical devices and institutions providing health services in the country or abroad, with which we cooperate for medical diagnosis and treatment,
– With the relevant health institution when you need to be referred,
– With the legal representatives you have authorized,
can be shared.
4. Method of Personal Data Collection
Your personal data is collected verbally, visually, in writing or electronically from the call center, switchboard, internet, mobile applications, physical spaces and similar channels, depending on the nature of the service provided, within the scope of the above-mentioned purposes.
5. Security Measures Taken Regarding Your Personal Data
Our Health Institution, which, as a data controller, performs data processing activities such as obtaining, recording, storing, preserving, changing, reorganizing, disclosing, transferring, taking over, making available, classifying or preventing the use of your personal data;
a) To prevent the unlawful processing of your personal data,
b) To prevent unlawful access to personal data,
c) It is responsible for taking all kinds of technical and administrative measures to ensure the appropriate level of security in order to ensure the protection of personal data and takes these measures to the maximum extent.
In addition, additional security measures, which are determined by the Personal Data Protection Board and are not limited to the following, are also taken in the processing of sensitive personal data.
Our employees are trained on information security, patient privacy, and protection of personal data. Institutional policies and procedures are written on personal data security. Personal data is destroyed when the purpose of use ceases. Our systems containing personal data are routinely audited.
Contracts are made with the data processors from whom the service is provided. Up-to-date software is used. We have a security network designed against cyber attacks. Access to systems containing personal data is limited. Antivirus and anti spam programs are used. Information networks related to security problems are constantly monitored. Tests are carried out to identify system weaknesses. There is a corporate reporting system about the problems. In case of abuse of the systems, evidence is collected and reported to the Personal Data Protection Authority and a criminal complaint is filed with the Prosecutor's Office. Fire, flood, etc. in our physical environments where personal data are available. Protection measures have been taken against natural disasters and these environments are kept locked and entrances / exits are under control.
6. Your Rights as Data Processed Persons
By applying to our Health Institution within the scope of Article 11 of the Personal Data Law; You can learn whether your personal data is processed, you can request information if your personal data has been processed, you can learn the purpose of processing your personal data and whether it is used in accordance with this purpose, you can learn whether your personal data has been transferred, if it has been transferred, the third parties to whom it has been transferred, you can request correction of personal data if it is incomplete or incorrectly processed. You can request deletion within the framework of the stipulated conditions, you can request the correction and deletion of personal data to be sent to the third parties to whom the transfer is made, and in case you suffer damage due to processing in violation of the Personal Data Law, you can request the removal of the damage.