The data shared by you are stored, processed and shared with the relevant parties in order to carry out statistical studies on the clinics, beauty centers and institutions within the FindClinics.net site and to reach you when necessary.
The User explicitly acknowledges that he consents to the storage and processing of this Personal Data by FindClinics.net and its business partners Clinic, Beauty Center and Institution owner companies within the framework of the "Personal Data Protection Law".
The user agrees to process and transfer all personal data shared to third parties as defined in the Personal Data Protection Law No.6698 in accordance with the information text.
• GENERAL INFORMATION ABOUT THE PERSONAL DATA PROTECTION LAW
The purpose of this Law is to protect the fundamental rights and freedoms of individuals, especially the privacy of private life, in the processing of personal data, and to regulate the obligations of natural and legal persons who process personal data and the procedures and principles to be followed.
The provisions of this Law shall apply to natural persons whose personal data are processed, and to real persons and legal entities who process such data fully or partially automatically or by non-automatic means provided that they are part of any data recording system.
The protection and legal assurance of personal data, which is regulated as a constitutional right, is important in terms of fundamental rights and freedoms. In accordance with the Personal Data Protection Law (KVKK), your personal data are only within the framework explained below; will be processed, recorded, stored, updated and shared with third parties where permitted by the legislation.
1. Explicit consent Consent on a specific subject, based on information and declared with free will,
2.Anonymization: Making personal data unrelated to a certain or identifiable natural person under any circumstances, even by matching with other data,
3. President: President of the Personal Data Protection Authority,
4. Related person: The real person whose personal data is processed,
5. Personal data All kinds of information about a natural person whose identity is known or can be determined,
6.Processing of personal data: Obtaining, recording, storing, preserving, changing, reorganizing, disclosing, transferring, taking over, making personal data fully or partially automatic or non-automatic, provided that it is a part of any data recording system. All kinds of operations performed on data such as bringing, classifying or preventing their use,
7. Board: Personal Data Protection Board,
8. Authority: Personal Data Protection Authority,
9.Data processor: The real or legal person who processes personal data on behalf of the data controller, based on the authority given by the data controller,
10.Data recording system: The recording system in which personal data are structured and processed according to certain criteria,
11. Data controller: Refers to the natural or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system.
As FindClinics.net; Personal data of real persons, including our members, our users who visit our website and mobile applications, our business partners and our employees, are processed in accordance with the Constitution of the Republic of Turkey, international agreements to which our country is a party on human rights and the Law on the Protection of Personal Data (KVKK) numbered 6698. and it is our priority to ensure that the rights of the data subject are effectively exercised.
Within the scope of the protection of personal data, it is our basic principle to implement our policy by taking into account the constitutional fundamental rights and freedoms of customers. In this context, we take all measures in accordance with the current legislation, giving importance to the protection of the privacy of private life, communication confidentiality, freedom of thought and belief, and the right to resort to effective legal remedies for persons who share their personal data.
This Policy explains the methods we follow for the processing, storage, transfer and deletion or anonymization of personal data shared during our commercial or social responsibility and similar activities within the framework of the principles mentioned in the KVKK.
All personal data processed by the Company, including our users, business contacts, business partners, employees, members, third parties, are covered by this Policy.
Our policy is applied in activities related to the processing of all personal data owned or managed by the Company, and it has been handled and prepared by observing the KVKK and other relevant legislation on personal data and international standards in this field.
• LEGAL OBLIGATIONS
As a data controller in accordance with the KVKK, the legal obligations within the scope of protection and processing of personal data are listed below,
• OUR LIGHTING OBLIGATION
While collecting personal data as a data controller;
1. While collecting personal data as a data controller;
2. The purpose for which your personal data will be processed,
3. Our identity, information about the identity of our representative, if any,
4. To whom and for what purpose your processed personal data can be transferred,
5. Our method of collecting data and its legal reason,
6. We have the obligation to inform the Relevant Person regarding the rights arising from the law.
• OUR LIABILITY TO ENSURE DATA SECURITY
As a data controller, we take the administrative and technical measures stipulated in the legislation to ensure the security of personal data under our responsibility. Obligations regarding data security and the measures taken are detailed in sections 9 and 10 of this Policy.
• CLASSIFICATION OF PERSONAL DATA
• PERSONAL DATA
Personal data; all kinds of information regarding an identified or identifiable natural person.
The protection of personal data is only related to real persons, and information belonging to legal entities that does not contain information about a real person is excluded from the protection of personal data. Therefore, this Policy is not applied to data belonging to legal entities.
• SPECIAL QUALITY PERSONAL DATA
Individuals' race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, dress and dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures, and biometric and genetic data are private. qualified personal data.
• PROCESSING OF PERSONAL DATA
• OUR PRINCIPLES OF PROCESSING PERSONAL DATA
We process personal data in accordance with the principles below.
1. Processing in accordance with the law and good faith
2. Ensuring that personal data are accurate and up-to-date when necessary
3. Processing for specific, explicit and legitimate purposes
4. Being connected, limited and measured with the purpose for which personal data are processed.
5. Retention of personal data stipulated by legal regulations and for our commercial legitimate interests.
• PERSONAL DATA PROCESSING PURPOSES
1. To carry out our activities,
2. To provide support services within the scope of the contract and within the framework of service standards,
3. To determine the preferences and needs of our members / users and to shape and update the services we provide within this scope,
4. To ensure that our legal obligations are fulfilled as required or required by legal regulations,
5. To be able to conduct market research and statistical studies,
6. Conducting survey, competition, promotion / channel development and sponsorship activities,
7. Evaluating job applications,
8. To establish contact with people who have a business relationship with the company,
10. Compliance management,
11. Vendor / supplier management,
12. Advertising sales on physical and digital platforms,
13. Legal reporting,
15. Loan calculation,
16. Managing membership processes through social networks,
17. Managing call center processes,
18. To determine the duration and content of the calls made through call centers and whether customer satisfaction is achieved,
19. To provide corporate communication,
20. Providing our users with the opportunity to customize their search preferences, so that they receive the most suitable service for them,
21. To ensure that members are aware of the advertisements and clinics determined to be suitable for them,
22. To individualize the advertisements according to the search criteria and to provide ad management,
23. To advertise and promote blogs and websites,
24. To send newsletters or to make notifications by e-mail.
• PROCESSING SPECIAL QUALITY PERSONAL DATA
Special quality personal data are processed by us by taking the administrative and technical measures stipulated by the laws and stipulated by the KVK Board and if there is express consent or when required by the legislation.
Special quality personal data related to health and sexual life can be processed by persons or authorized institutions and organizations under the obligation of confidentiality for the purpose of protecting public health, conducting preventive medicine, medical diagnosis, treatment and care services, planning and managing health services and financing, data other than the data of our employees are not processed by us. Such data belonging to our employees, on the other hand, can be processed by the persons stipulated in the laws.
• PROCESSING PERSONAL DATA COLLECTED VIA COOKIES
We can collect your personal data through cookies on our digital platforms, process, transfer and store the data we collect.
You can find detailed information about the cookies we use on our website.
• PROCESSING YOUR PERSONAL DATA WE COLLECT OVER YOUR DEVICES
Within the scope of the services we provide to you through our website and mobile application, your purchasing habits, your search preferences regarding location, type, price in the projects you are interested in, the frequency of visiting our website and using our mobile application, your financial planning, your e-mail opening and click frequency, as well as call centers. We collect the records of the conversations you make on your devices.
• PROCESSING PERSONAL DATA FOR HUMAN RESOURCES AND EMPLOYMENT PURPOSES
During the application process you will make as an employee candidate, you can share your CV, diploma etc. with us. We process, store and transfer your personal data in documents for the evaluation of your job application. The processing, transfer and storage of personal data you share as an employee candidate are covered by this Policy.
Personal data of the employee; Apart from this Policy, they are collected, processed and stored within the framework of our Human Resources Policy.
• PROCESSING OF PERSONAL DATA COLLECTED WITHIN MEMBERSHIP
Information such as name, surname, e-mail address, mobile phone number, fixed phone number, and postal address are collected from users through our website and mobile application.
Deletion, destruction or anonymization of personal data within the scope of membership is within the scope of Article 9 of this Policy.
• EXCEPTIONAL CASES WHERE EXPRESS CONSENT IS NOT SEEKED IN THE PROCESSING OF PERSONAL DATA
In exceptional cases listed below and arising from the law, we may process personal data without obtaining explicit consent:
1. It is clearly prescribed in the laws,
2.It is necessary to process personal data belonging to the parties of the contract, provided that it is directly related to the establishment or performance of a contract,
3. When data processing is mandatory for the establishment, use or protection of a right,
4. It is obligatory for us to process your data for our legitimate interests as a data controller, provided that it does not harm fundamental rights and freedoms.
5. Exceptional circumstances where special quality personal data can be processed without the express consent of the Relevant Person are specified in article 7.III of this Policy.
• TRANSFER OF PERSONAL DATA
• TRANSFER OF PERSONAL DATA INTO THE DOMESTIC
As a company, we act in accordance with the decisions and regulations stipulated in the KVKK and taken by the KVK Board regarding the transfer of personal data.
Without prejudice to the exceptional circumstances in the legislation, personal data and data of special nature are not transferred by us to other real persons or legal entities without the express consent of the Relevant Person.
In exceptional cases stipulated by KVKK and other legislation, the data can be transferred to the authorized administrative or judicial institution or organization in the manner stipulated in the legislation and depending on the limits, without the express consent of the Relevant Person.
In addition, with the exceptional circumstances stipulated by the legislation;
1. 7.VIII of the Policy. In the cases explained in article,
2. Regarding special quality personal data, in the 7.III. in the cases listed in article,
3. With the taking of the measures stipulated by the KVK Board and the relevant legislation, special quality personal data regarding the health and sexual life of the Relevant Person can only be protected by the protection of public health, preventive medicine, medical diagnosis, treatment and care services, health services and financing and for the purpose of its management, it can be transferred to persons under confidentiality obligation or authorized institutions and organizations without seeking express consent.
• TRANSFER OF PERSONAL DATA ABROAD
As a rule, personal data are not transferred abroad without the express consent of the Related Person. However, the 7.III of this Policy. and 7.VIII. In cases where there is one of the exceptional cases included in the articles, third parties who are abroad can only:
Being in countries with sufficient protection declared by the KVK Board;
If located in countries where there is not enough protection, personal data can be transferred abroad without explicit consent, provided that the data controllers in Turkey and in the said foreign country undertake an adequate protection in writing and the KVK Board has permission.
• PROVIDING OUR SERVICES AND TRANSFERRING PERSONAL DATA ABROAD FOR MARKETING ACTIVITIES
We work with service providers abroad for the purposes of developing the website and digital platforms, conducting surveys, increasing the variety of products and services according to the preferences of users and members, and measuring user experience. It is recommended to examine the relevant policies of service providers with whom we cooperate regarding the processing and protection of personal data.
• INSTITUTIONS AND INSTITUTIONS TO WHICH PERSONAL DATA IS TRANSFERED
1. Our suppliers,
2. Our business partners and business contacts,
3. Production companies,
4. Group companies,
5. Legally authorized public institutions and organizations,
6. Legally authorized private law persons,
7. It can be transferred to our shareholders according to the principles and rules explained above.
• MEASURES WE TAKEN REGARDING THE TRANSFER OF PERSONAL DATA IN ACCORDANCE WITH THE LAW
• TECHNICAL PRECAUTIONS
In order to protect personal data, but not limited to the aforementioned;
1. In-house technical organization for the processing and storage of personal data in accordance with the legislation,
2. Establishes the technical infrastructure to ensure the security of the databases where your personal data will be stored,
3. Monitors and controls the processes of the technical infrastructure created,
4. Determines the procedures for reporting the technical measures and audit processes we have taken,
5. It updates and renews the technical measures periodically,
6. Risky situations are re-examined and necessary technological solutions are produced,
7.We use virus protection systems, firewalls and similar software or hardware security products and establish security systems in accordance with technological developments,
8. We employ employees who are experts in technical matters.
• ADMINISTRATIVE MEASURES
To protect your personal data, but not limited to the aforementioned;
1. Establishes policies and procedures for access to personal data, including employees of the company and affiliates within our company,
2. Informing and educating our employees about the legal protection and processing of personal data,
3. In the contracts we make with our employees and / or in the policies we create, the company records the measures to be taken in cases where personal data are illegally processed by our employees,
4. We control the personal data processing activities of the data processors or partners of the data processors we work with.
• STORAGE OF PERSONAL DATA
• STORING PERSONAL DATA FOR THE TIME REQUIRED FOR THE PURPOSE FORWARDED IN THE RELATED LEGISLATION OR FOR THE PURPOSE FOR THEIR PROCESS
We retain personal data for the period required by the purpose of processing personal data, without prejudice to the retention periods stipulated in the legislation.
In cases where we process personal data for more than one purpose, the data is deleted, destroyed or stored by anonymization in the event that the data processing purposes disappear or there is no obstacle in the legislation to delete the data at the request of the Related Person. Regarding destruction, deletion or anonymization, the provisions of the legislation and the decisions of the KVK Board are complied with.
• MEASURES ON STORAGE OF PERSONAL DATA
• TECHNICAL PRECAUTIONS
1. Establishes technical infrastructures and related control mechanisms for the deletion, destruction and anonymization of personal data,
2. Takes the necessary measures for the safe storage of personal data,
3. Employing employees with technical expertise,
4. Creating business continuity and emergency plans against the risks that may occur and developing systems for their implementation,
5. We establish security systems in accordance with technological developments regarding the storage areas of personal data.
• ADMINISTRATIVE MEASURES
Raises awareness by informing our employees about the technical and administrative risks associated with the storage of personal data,
In case of cooperation with third parties for the storage of personal data, contracts with companies to which personal data are transferred We include provisions for the persons to whom personal data are transferred to take necessary security measures in order to protect the transferred personal data and to store it securely.
• SECURITY OF PERSONAL DATA
• OUR LIABILITIES REGARDING THE SECURITY OF PERSONAL DATA
1. Personal data;
2. To prevent unlawful processing,
3. To prevent unlawful access,
4. We take administrative and technical measures according to technological possibilities and implementation costs to ensure that it is kept in accordance with the law.
• MEASURES WE TAKE TO PREVENT PERSONAL DATA FROM UNLAWFUL PROCESSING
1. Carrying out the necessary inspections within our company and getting them done,
2. Educates and informs our employees about the legal processing of personal data,
3. The activities carried out by our company are evaluated in detail on the basis of all business units, as a result of the said evaluation, personal data are processed by the relevant units,
4. In cases where cooperation is made with third parties for the processing of personal data, in contracts made with companies that process personal data; It includes provisions regarding the necessary security measures for persons who process personal data,
5. In case of unlawful disclosure of personal data or data leakage, we notify the KVK Board of the situation and carry out the investigations stipulated by the legislation and take measures in this regard.
• TECHNICAL AND ADMINISTRATIVE MEASURES TAKEN TO PREVENT UNLAWFUL ACCESS TO PERSONAL DATA
1. To prevent unlawful access to personal data;
2. Employing employees with technical expertise,
3. Periodically updates and renews technical measures,
4. Establishing access authorization procedures within our company,
5. Determines the procedures for reporting the technical measures and audit processes we have taken,
6. We create the data recording systems used in our company in accordance with the legislation and make periodic audits,
7. Creating emergency aid plans against the risks that may occur and developing systems for their implementation,
8.Trains and informs our employees about access to personal data and authorization,
9. In the contracts made with companies that provide access to personal data in cases where cooperation is made with third parties for activities such as the processing and storage of personal data; It includes provisions regarding the necessary security measures for persons who have access to personal data,
10. We establish security systems in line with technological developments in order to prevent illegal access to personal data.
• MEASURES WE TAKE IN CASE OF UNLAWFUL DISCLOSURE OF PERSONAL DATA
We take administrative and technical measures to prevent unlawful disclosure of personal data and update them in accordance with our relevant procedures. In the event that we determine that personal data is disclosed unauthorized, we create systems and infrastructures to report this situation to the Related Person and the KVK Board.
In the event of an illegal disclosure despite all administrative and technical measures taken, if deemed necessary by the KVK Board, this situation may be announced on the website of the KVK Board or by any other method.
• RIGHTS OF THE PERSONAL DATA OWNER
Within the scope of our disclosure obligation, we inform the Personal Data Owner and establish systems and infrastructures for this information. We make the technical and administrative arrangements necessary for the Personal Data Owner to exercise his rights regarding your personal data.
On the personal data of the Personal Data Owner;
1. Learning whether personal data is processed,
2. Requesting information if personal data has been processed,
3.Learning the purpose of processing personal data and whether they are used appropriately for their purpose,
4. To know the third parties in the country or abroad to whom personal data have been transferred,
5. To request correction of personal data in case of incomplete or incorrect processing,
6. To request the deletion or destruction of personal data in case the reasons requiring the processing of personal data disappear,
7.Requesting that the correction, deletion or destruction processes mentioned above be notified to third parties to whom personal data have been transferred,
8. To object to an unfavorable result arising from the analysis of the processed data exclusively through automated systems,
9. In case of damage due to unlawful processing of personal data, it has the right to demand the compensation of the damage.
• USE OF RIGHTS REGARDING PERSONAL DATA
Personal Data Owner, if a separate method is determined by the KVK Board, the Personal Data Owner can send his / her request to Yakuplu Mah. Yakuplu Cad. Hasırcılar Rezidans No: 6 İç Kapı No: 21 Beylikdüzü / İstanbul with wet signature.
In the application containing the explanations about the right that the Personal Data Owner will make to use the above-mentioned rights and that he / she requests to use; The requested matter should be clear and understandable, the requested subject should be related to the person of the applicant, or if someone is acting on behalf of someone else, it should be specially authorized in this matter and this authorization should be documented, it should also include the identity and address information of the application and documents proving its identity should be attached to the application.
These requests will be made individually and requests made by unauthorized third parties regarding personal data will not be taken into consideration.
• EVALUATION OF THE APPLICATION
• TIME FOR ANSWERING THE APPLICATION
Requests for personal data shall be concluded as soon as possible and in any case within 30 (thirty) days at the latest, or against the fee in the tariff, in case the conditions in the tariff to be published by the KVK Board regarding the fee are met.
It may be possible to request additional information and documents during the application or while the application is being evaluated.
• OUR RIGHT TO REFUSE THE APPLICATION
Applications regarding personal data;
1. Processing personal data for purposes such as research, planning and statistics by anonymizing them with official statistics,
2.Processing of personal data for artistic, historical, literary or scientific purposes or within the scope of freedom of expression, provided that it does not violate the privacy of private life or personal rights or does not constitute a crime,
3. Processing of personal data made public by the Personal Data Owner,
4. The application is not based on a just cause,
5. The application contains a request contrary to the relevant legislation,
6. In cases where the application procedure is not followed, it is justified and rejected.
• EVALUATION PROCEDURE OF THE APPLICATION
11.II.A. of this Policy In order to start the response period specified in the article, you must send the requests made in writing and with wet signature, or send the applicant's identity with documents and documents certifying the identity of the applicant by other methods determined by the KVK Board.
If the request is accepted, the relevant process is applied and a written or electronic notification is made. If the request is rejected, the reason is explained and the applicant is notified in writing or electronically.
• RIGHT OF COMPLAINTS TO THE PERSONAL DATA PROTECTION BOARD
In cases where the application is rejected, the response we have given is insufficient or the response is not given in time; the applicant has the right to complain to the KVK Board within 30 (thirty) days from the date of learning the answer and in any case within 60 (sixty) days from the date of application.
• PUBLICATION AND STORAGE OF THE DOCUMENT
This Policy is stored in two different media, printed on paper and electronically.
• UPDATE PERIOD
This Policy is reviewed at least once a year and is updated in accordance with the principles determined in the Documentation Management Procedure, if needed.
This Policy is deemed to have entered into force after its publication on the Company website.
FindClinics.net reserves the right to change these Terms and Conditions at any time by posting the amended terms on the website with a new active date indicator.
Effective Date: 20.01.2021
(i) This policy comes into effect on the date the Customer registers on the Website or when performing other actions (when submitting a request or subscribing for submission);
(ii) For developers, payment terms for services are set by separate contracts / agreements.
The User has the right to terminate such access from accessing your Personal Account without the possibility of recovery. In this case, the user does not have the right to re-register the e-mail address previously used, including the user and part of the identified identity data.
FindClinics.net in its sole discretion, including any termination of the Services, other rules of Website operation, general and partial suspension or temporary suspension of access to the Services, as well as the User violating this User Agreement. reserves the right to block access to the User's Personal account.
The User whose access to the Services has expired or whose information has expired, is not entitled to recreate the new account (including the e-mail address previously specified by the User) on the Site without obtaining special permission from FindClinics.net. The user does not have the right to use another user's credentials to access the Web site.