EMSEY SAĞLIK HİZMETLERİ VE İŞLETMELERİ TUR. OTEL. TİC. A.Ş
CLARIFICATION TEXT
As Emsey Sağlık Hizmetleri ve İşletmeleri Tur. Otel. Tic. A.Ş., we hereby present the information notice regarding the company's personal data processing activities prepared in accordance with Article 10 of the Law on the Protection of Personal Data No. 6698 ("Law") for the knowledge of the public and relevant individuals.
ARTICLE 1: DATA CONTROLLER
Your personal data may be processed by Emsey Sağlık Hizmetleri ve İşletmeleri Tur. Otel. Tic. A.Ş as the data controller, within the scope described below. The concept of data controller refers to the natural or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system.
You can contact the data controller through the following channels:
Address : Çamlık Mahallesi Selçuklu Cad. No:22 Pendik İstanbul
Phone Number : 444 25 99
E-mail : kvkk@emseyhospital.com
Web site : www.emseyhospital.com
ARTICLE 2: PERSONAL DATA
The personal data collected by our institution will be processed in accordance with the provisions stated below and in compliance with the Law on Protection of Personal Data No. 6698, the Private Hospitals Regulation, regulations of the Ministry of Health, and other relevant legislation.
CATEGORY | PERSONAL DATA TYPE |
Family Members and Close Relatives Information | Name, surname, national identification number (TCKN), date of birth, mother's name, father's name related to the personal data owner's children, spouses, and parents. |
Vehicle Information | Information related to the vehicle associated with the personal data owner and used in case of parking service: license plate, brand, model information |
Information System Registration Information | Data obtained during the use of institutional information systems: email records, internet usage records, mail traffic monitoring information, address registration system records, IP address tracking, Mac ID, computer username, computer passwords, internet records, intranet records, cookies, and other digital data |
Financial Information | Information associated with the personal data owner and indicating the financial outcome of the transactions they have made: Individual company information, invoices, payment data, check-promissory note-valuable document information, IBAN information, bank account number, only the information printed on the receipt of the credit card, your invoice information, enforcement deduction documents, policies; Data related to private health insurance, Social Security Institution, Private Pension Fund, Contracted Institutions. |
Health Information | Data obtained, used, and generated during the provision of healthcare services: Examination and diagnosis information, clinical information, health reports, laboratory results, pathology results, blood type, imaging results and reports, biometric and genetic data, surgery and intervention information and reports, patient monitoring information, medication and application information, used material information, diet information, surgical images, laboratory samples, pathology samples, prescription information, admission and discharge information, appointment information, treatment-related photographs and video recordings, nursing forms, physician forms, patient and caregiver education information, any kind of health data related to vaccination administration |
Physical Space Security Information | Entry and exit records, visitor information, continuous recording camera footage in common areas, forensic incident reports and records |
Visual and Audio Data | Data related to a specific or identifiable individual, including photographs and camera recordings (excluding records falling under Physical Space Security Information), audio recordings, and personal data contained in document copies |
Personnel Transaction Information | Data associated with personnel, including ID number, passport number, ID card serial number, full name, photograph, place of birth, date of birth, age, place of registration in the population records, certified copy of personal record document, occupation information, ID card and driver's license copies, nationality, blood type, gender, father's name, mother's name, marital status, signature, email address, mobile phone number, telephone number, address records in the registration system, identity information related to the personnel's children, spouse, guardian, education information, any information legally required to be included in the personnel file (e.g., salary, social security premiums, etc.) and supporting documents (such as payroll), permission information, Military Service Status Document, Diploma Copy, Employment Contract, Family Status Chart, Family Declaration Form, KVKK Commitment Letter, District Health Directorate Health Personnel Notifications, Ambulance Card, Employment Certificate, Copies of Identification Documents of Relatives, International Workforce Automation System Data (Spouse Nationality, Language, Number of Children, Phone Number, etc.), SPTS Data (Turkish ID, Position), KBS Data (Date of Employment, Residential Address, Turkish ID, Position), Professional Courses and Seminars, Work Experience, Skills, Competencies, Emergency Contact Information, Education Information, Performance Evaluation Forms and Data, Entry and Exit Records, Hospital-Related Travel, Information on Attended Meetings, Security Clearance, Retirement Information, Date of Employment, Termination of Employment Information, Timeline Information, Employment Contract, Military Service Status, Disciplinary and Security Information, Insurance Policy Information, Certificates, Course Information, Conference Information, Seminar Information, Complaint and Suggestion Information, Education and Exam Information, Courses and Activities attended for career development, Reports related to these activities, Criminal Record, Health Information, Membership Information for Associations/Unions/Foundations, Warning/Record/Report Information, Dress Code, Convictions and Security Measures-related data, Reference Checks, IBAN, Bank Account Number, Occupational Accident Report, Biometric Data, Resignation Letter, Termination Notification Document, Previous Employment History.
|
Legal Transaction Information | Legal proceedings, lawsuits, and any data, information, and documents related to asserting our rights associated with the data subject: Information obtained through Consumer Arbitration Boards, BİMER (Presidency of the Republic of Turkey Communication Center), CİMER (Prime Ministry Communication Center), Enforcement Offices, and Courts. |
Contact Information | Email address, phone number, mobile phone number, address, residence, address registry system records, and other contact information |
Identity and Personal Information | Turkish Identification Number (TCKN), Temporary TCKN, Passport number, National Identity Card Serial Number, Name-Surname, Photograph, place of birth, date of birth, age, place of registration in the population records, exemplified population registration certificate, occupation information, national identity card, driver's license, professional ID card, photocopies of national identity card, photocopies of driver's license, photocopies of professional ID card, nationality, blood type, gender, father's name, mother's name, marital status, signature, mother's identification number, insurance number, company information of employment, educational information, patient number, protocol number, and other identifying information about you |
Intern Student Information: | Information associated with intern students, such as Student ID, Student occupation information, school information, student grade information, student faculty and department information, IBAN information |
Personnel Information | All kinds of information that should be included in the personnel file by law (e.g., salary, social security premiums, etc.) and the documents supporting them (such as payroll), diploma, health screening information, health reports, declaration of signatures, powers of attorney |
Marketing Information | Data to be used for marketing purposes: Reports and evaluations indicating the individual's habits and preferences, targeting information, cookie records, information obtained through campaigns and direct marketing activities, and other marketing data collected |
Personnel Candidate Information | Job application forms, job interviews and evaluations, cover letters, CVs, reference information, associated with job applicants |
Patient and Patient Relative Communication | Your call center voice recordings, emails, letters, completed surveys, thank you and complaint forms, satisfaction results, data collected through institution websites, data collected through social media websites, personal data obtained when you reach us through websites where patient complaints and satisfactions are shared or through various means. |
Health Record Documents | Consent forms, commitments, and other documents obtained from patients or their relatives to provide healthcare services and establish the legal infrastructure of the provided service |
ARTICLE 3: PURPOSES OF PROCESSING PERSONAL DATA
Personal data is processed by us only for the following purposes:
a- Conducting medical diagnosis, treatment, and care services, preventive medicine, and safeguarding public health, planning and managing healthcare services and financing
b- Planning, managing, and supervising the operation of our hospital
c- Sharing requested information with the Social Security Institution, private insurance companies, and contracted institutions within the scope of healthcare services financing
d- Identity verification processes
e- Procurement of medications, supplies, and services
f- Managing call center and appointment processes
g- Managing accommodation, transportation, and parking services
h- Analyzing and storing health data
i- Carrying out human resources processes
j- Ensuring corporate communication and providing information about our services
k- To ensure company security,
l- To carry out data and information security processes
m- To fulfill risk management and quality improvement activities, and implement corporate policies
n- To measure service satisfaction and respond to any questions and complaints
o- To conduct statistical studies
p- To perform tasks and transactions as a result of signed contracts and protocols
q- To establish contact with individuals and legal entities in business relations with the company; to share information with the Ministry of Health and relevant public institutions and organizations in accordance with the relevant legislation
r- To fulfill legal reporting requirements
s- To ensure compliance with legal obligations as required or mandated by legal regulations,
t- To fulfill the burden of proof in potential legal disputes that may arise
u- To handle/monitor the company's legal affairs
ARTICLE 4: THE PARTIES THAT PERSONAL DATA MAY BE TRANSFERRED AND THE PURPOSE OF TRANSFER
Personal data may be shared with the company's business partners, suppliers, legally authorized institutions and organizations, and legally authorized private legal entities within the framework of the purposes stated in Articles 8 and 9 of the Law, which include the planning and execution of activities necessary to personalize the products and services offered by the company based on the preferences, usage habits, and needs of the relevant individuals, carrying out necessary work by the business units to benefit the relevant individuals from the products and services offered by the company, conducting necessary work by the relevant business units for the realization of the company's commercial activities and related business processes, planning and execution of the company's commercial and/or business strategies, and ensuring the legal, technical, and commercial-business security of the company and the individuals in a business relationship with the company.
Your personal data will only be shared with the institution listed below for the purposes stated above, in accordance with relevant laws and regulations:
a- Social Security Institution
b- Private Health Insurance Companies
c- Ministry of Health and its affiliated units
d- Ministry of Labor and Social Security and its affiliated units
e- General Directorate of Security and similar law enforcement agencies
f- General Directorate of Population
g- Turkish Pharmacists' Association
h- Medical Device Authority
i- Public Prosecutors' Offices, Courts, Execution Offices, Consumer Arbitration Committees, and all types of judicial units
j- Laboratories, centers, companies, and similar third parties and companies with whom we collaborate for medical diagnosis and treatment purposes
k- Company lawyers for legal proceedings
l- Official and private institution representatives authorized to audit our institution
m- Other official authorities authorized by laws
n- Our shareholders
o- Mobildev company, which handles SMS and email notifications
p- E-Güven company, which manages e-signature processes
q- İş Bankası A.Ş. for salary processing related to personnel
r- Ministry of Treasury and Finance and its subunits
s- Marketing and Corporate Communication activities conducted by our contracted marketing agency
t- Transfer company with whom we have a contract for patient transfer services from the airport
u- Companies with whom we have contracted for personnel meal and transportation processes
v- Translation agencies for translation services upon request for foreign patients
ARTICLE 5: METHOD AND LEGAL REASON FOR PERSONAL DATA COLLECTION
Your personal data is obtained through verbal, written, visual, or electronic means, including records in the Social Security Institution (SGK) system and private insurance companies, records from other healthcare institutions when referred to our institution, email communications, call center logs, and our website through verbal, written, and similar channels. The collected data is stored in electronic and physical environments in compliance with relevant laws and regulations.
The legal grounds for the collection and processing of personal data are as follows:
a- The storage of personal data directly related to the establishment and performance of contracts,
b- The storage of personal data for the establishment, exercise, or protection of a right
c- The mandatory storage of personal data for the legitimate interests of the company, provided that it does not harm the fundamental rights and freedoms of individuals
d- The storage of personal data for the purpose of fulfilling any legal obligations of the company
e- The explicit provision in the legislation for the storage of personal data
f- The existence of explicit consent from data subjects for storage activities that require obtaining their explicit consent
ARTICLE 6: SPECIAL CATEGORY PERSONAL DATA PROCESSING CONDITIONS
ARTICLE 6 - (1) The race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance, clothing, association, foundation or trade union membership, health, sexual life, criminal record, and security measures-related data, as well as biometric and genetic data, are considered as special category personal data.
(2) The processing of special category personal data without the explicit consent of the data subject is prohibited.
(3) Personal data other than health and sexual life data mentioned in the first paragraph may be processed without seeking the explicit consent of the data subject in cases prescribed by the law. Personal data related to health and sexual life can only be used for the purpose of protecting public health, performing preventive medicine, medical diagnosis, treatment and care services, planning and managing health services and financing, by persons or authorized institutions and organizations under the obligation of secrecy without seeking the explicit consent of the person concerned. can be processed.
(4) In the processing of special category personal data, it is also mandatory to take sufficient measures determined by the Board.
ARTICLE 7: RIGHTS OF THE DATA SUBJECT and APPLICATION
The individual whose personal data is being processed, referred to as the data subject, is entitled to the following rights and may apply to the company:
a- To learn whether their personal data is being processed
b- To request information if their personal data has been processed
c- To learn the purpose of the processing of personal data and whether they are being used for the intended purpose
d- To know the third parties to whom personal data is transferred, whether domestically or internationally
e- To request the correction of incomplete or inaccurate personal data
f- To request the erasure or destruction of personal data
g- To request notification of the transactions made in accordance with subparagraphs (e) and (f) to the third parties to whom personal data is transferred
h- Objecting to the emergence of a result against the individual solely based on the automated processing of data
i- Requesting remedies for damages suffered due to the unlawful processing of personal data
For your requests within the scope of the Law, you can click on the hospital name you want to apply to from the list below, fill out the PERSONAL DATA PROTECTION LAW (KVKK) APPLICATION FORM, and personally deliver it to the address Çamlık Mah. Selçuklu Cad. No:22 Pendik / İstanbul, send it through a notary public,
· or send it to kvkk@emseyhospital.com using your registered electronic email address in our system.
· Camlik Mah. Selcuklu Cad. No:22 Pendik / Istanbul address can be delivered in person,
· You can send it through a notary public,
· You can send it to kvkk@emseyhospital.com via your electronic e-mail address registered in our system.
Our institution will respond to the request as soon as possible and no later than 30 days, free of charge, depending on the nature of the request. However, if the process requires any additional costs, the fee specified in the tariff determined by the Personal Data Protection Board will be charged by the hospital.
Kind Regards,
Emsey Sağlık Hizmetleri ve İşletmeleri Turizm Otelcilik Ticaret A.Ş.