top of page

RGPD

 

A. Data Controller

 

This Clarification Text has been prepared by Dentasay Sağlık Hizmetleri Sağlık Turizmi Eğitim Araştırma Tıbbi Cihazları İnşaat Sanayi ve Ticaret Limited Şirketi (“Dentasay” or “Company”), as the Data Controller, in order to inform you transparently regarding the methods of collection of your personal data, the purposes and legal grounds for processing your personal data, the principles regarding data transfer (if applicable), and your rights as a data subject under the Law on the Protection of Personal Data No. 6698 (“Law” or “KVKK”).

 

This Clarification Text specifically applies to the processing of personal data obtained from patients, potential patients, patient relatives, and/or third parties for the purposes of providing medical healthcare services, ensuring maximum patient satisfaction, and other objectives stated below, within the scope of medical services and commercial activities.

 

Dentasay may update and amend the provisions of this Clarification Text at any time by publishing them in accordance with applicable legislation. Updates and amendments made by Dentasay shall become effective as of the date they are published. Pursuant to the Law, your personal data shared with Dentasay shall be collected and processed within the scope specified below by Dentasay, as the Data Controller.

B. Personal Data Processed and Processing Purposes

 

Depending on the healthcare service relationship between you and Dentasay, the types and quantities of personal data processed may vary based on the reason for processing. However, the personal data you share with Dentasay or obtained by Dentasay from third parties are categorized as follows:

Personal Data Categories

Personal Data Collected

Identity Data

Name-Surname, Turkish National ID Number, Date of Birth, Place of Birth, Patient Guardian Information

Visual and Audio Data

Photographs and Video Recordings (With Explicit Consent)

Contact Data

Phone Number, Address Information

Patient Transaction Data

Invoice and Other Payment Information

Physical Space Security

Security Camera Recordings

Health Data

Data collected within the scope of the Patient Medical History and Consent Forms; Blood Type, Medical and Health History, Medical Diagnosis, Medications Used, Patient Complaints, Allergy Information, Other Patient Information, Information on Procedures to be Applied

Other Data

Signature Data

*If the patient is under 18 years of age or has a legal guardian, the explanations regarding identity, contact, transaction, and signature data also apply to the parent/guardian/representative.

 

Purposes of Processing Personal Data

 

Dentasay processes your personal data described in this Clarification Text for the following purposes:

  • Evaluation of the patient, provision of healthcare services, protection of public health, preventive medicine, medical diagnosis, treatment, and care services

  • Tracking the preparation processes of medicines and dental materials, procurement of relevant medical materials

  • Carrying out processes necessary for patient treatment through medical imaging

  • Creating, tracking, and informing about appointments; managing communication activities

  • Conducting financial and accounting activities, fulfilling tax obligations, issuing invoices and professional receipts for the provided healthcare services

  • Archiving/storing data related to healthcare services in compliance with legislation

  • Following up and conducting legal proceedings

  • Ensuring that activities are carried out in compliance with legislation

  • Conducting analyses to improve healthcare services, providing training to employees, monitoring and preventing misuse and unauthorized transactions, performing risk management and quality improvement activities, responding to any questions and complaints regarding healthcare services provided/to be provided

  • Planning and executing patient relationship management processes

  • Taking all necessary technical and administrative measures within the scope of data security, ensuring patient rights, measuring, increasing, and researching patient satisfaction

  • Conducting Emergency Management processes

  • Conducting Audit/Ethics activities

  • Verifying patient identity

  • Ensuring physical space security

  • Fulfilling legal obligations under the Basic Law on Health Services No. 3359, Decree Law No. 663 on the Organization and Duties of the Ministry of Health and its Affiliated Institutions, the Regulation on Private Health Institutions for Outpatient Diagnosis and Treatment, the Regulation on Personal Health Data, and other relevant regulations

  • Storing personal data required to be retained under relevant legislation, providing information to the Ministry of Health and authorized institutions, and fulfilling official requests

  • Determining the appropriate treatment method based on the patient’s medical history and consent forms

  • Procuring medicines and/or medical devices based on the patient’s complaints and health data

C. Methods and Legal Grounds for Collecting Personal Data

 

Your personal data are processed in accordance with the general principles set out in Article 4 of the Law: lawfulness, fairness, accuracy, up-to-dateness, specific, explicit, and legitimate purposes, relevance, limitation, and proportionality to the purpose, and retention for as long as required by applicable legislation or the purpose of processing.

 

Your personal data are collected by Dentasay through digital and/or physical means via:

  • Patient information forms (Medical History and Consent Forms)

  • Dentasay website, social media accounts, or other communication channels

  • Requests and/or complaints submitted to Dentasay headquarters

  • Objections or disputes regarding pricing and collections through phone calls, petitions, emails, or official request letters from patients/patient relatives or authorities

 

Sensitive personal data related to health and sexual life may be processed without explicit consent only for the protection of public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of healthcare services and financing, by persons under confidentiality obligations or authorized institutions, in accordance with the Law.

 

Legal Grounds:

Your personal data described in this Clarification Text are processed based on legal obligations, legitimate interests of the data controller, performance of contractual processes, necessity for the establishment or exercise of a legal right, and explicit legal provisions.

 

Visual, audio, and identity data (limited to Name-Surname) may be shared on Dentasay’s social media accounts (Twitter, Facebook, Instagram, LinkedIn, etc.), website, Telegram, and WhatsApp platforms based on explicit consent, and may also be shared with digital marketing agencies Dentasay works with.

D. Transfer of Personal Data and Purposes

Personal Data Categories

Recipients

Purposes of Transfer

Identity Data

Ministry of Health, Authorized Institutions, Financial and Legal Advisory Firms, Authorities (where necessary)

Fulfilling legal obligations; with explicit consent, sharing with agencies, social media accounts, website, Telegram, and WhatsApp platforms for patient story sharing

Visual and Audio Data

Agencies, Social Media Accounts, Website, Telegram, WhatsApp (with explicit consent)

Sharing patient stories based on explicit consent

Contact Data

Ministry of Health, Authorized Institutions

Fulfilling legal obligations

Patient Transaction Data

Authorized Institutions, Financial and Legal Advisory Firms, Notaries

Fulfilling legal obligations, conducting legal follow-ups, and managing complaints

Physical Space Security Data

Judicial and Administrative Authorities, Law Enforcement, Courts, Law Firms

Fulfilling legal obligations

Health Data

Ministry of Health, Authorized Institutions

Fulfilling legal obligations

Other Data

Judicial and Administrative Authorities, Courts, Law Firms

Fulfilling legal obligations

E. Security of Your Personal Data

 

To protect your personal data, the Data Controller takes appropriate technical and organizational measures consistent with applicable privacy and data security laws and regulations to prevent risks such as destruction, loss, alteration, unauthorized disclosure, or unauthorized access.

 

Personal data covered by this Clarification Text are accessible only to limited persons within the Data Controller’s organization and will be deleted, destroyed, or anonymized after the retention period specified by law.

F. Rights and Obligations of the Data Subject

 

You may submit your requests regarding your rights under Article 11 of the Law by using the methods specified in Article 13 of the Law and in the Communiqué on the Procedures and Principles of Application to the Data Controller.

 

Additionally, you can submit your requests to Dentasay Sağlık Hizmetleri Sağlık Turizmi Eğitim Araştırma Tıbbi Cihazları İnşaat Sanayi ve Ticaret Limited Şirketi via the methods provided on the form available at www.dentasay.com.

 

Data Controller Company Contact Information:

Dentasay Sağlık Hizmetleri Sağlık Turizmi Eğitim Araştırma Tıbbi Cihazları İnşaat Sanayi ve Ticaret Limited Şirketi

Address: İnönü Mahallesi İnönü Cad. No: 1/1 Sancaktepe/İstanbul | Phone: +90 216 606 44 99

Mersis No: 0292104809000001 | Tax Office/No: Sultanbeyli V.D./2921048090

Website: www.dentasay.com | E-mail: info@dentasay.com

bottom of page