Get in touch!

0 (535) 347 27 27

Legal Information
K. V. K. K. Legal Information Text

“ Op. Dr. Tuba POWERFUL Crescent”, as belonging to our patients that we obtain by considering the issues of the right to privacy of personal data, in accordance with the Law No. 6698 on Personal Data Protection, Data can be processed in that context, in his capacity as a principal of which are described below.

We collect your personal data to legal method and what is the reason?

Your personal data; KVKK with the health service, which is the Under side, for the establishment and fulfillment of the contract, in order to fulfill our legal obligations and fundamental rights and freedoms to avoid damage to your provided data for our legitimate interests, if processing is required, preventive medicine, medical diagnostic services execution, the ability to offer health services, finance and management for the purposes of the statistical work done for improving the quality of Service - in accordance with the relevant regulations to ensure safety in the work place and is processed by taking the measures taken by the European Council.

Your personal data; patient information forms, consent forms and patient treatment card to be filled by you, by the way, written, verbal , e-mail notifications by way of phone call records with the patient with the information you entered on our website, incoming notifications from your private health insurance company by way of your medical examinations, the result of which can test your medical examination you are being treated in hospital, a health care provider by way of notifications from closed-circuit security cameras are obtained by means of shooting.

Your personal data; inspection/diagnosis/treatment during and after us, in writing, verbally, electronically transmit your health information, your medical history, your credentials, your photo, security camera your registration, your contact information, your profession, patient information and consent in the texts you are reporting the data, examination results, and this information is stored in the environment refers to the physical and digital. Your personal data is prescribed by the fundamental principles of in accordance with KVKK, kvkk 5. and 6. the processing of personal data for the purposes specified in the articles and conditions in this “lighting with the real and legal persons mentioned in the text, and can be processed for the following purposes and can be transferred.

We're Doing It For What Purpose Your Personal Data?

Medical treatments and services your Personally Identifiable Information to provide you with information concerning our services by you to make the appointment in the event you have to make an appointment to be able to inform you about the activity of the topics related to products, services, and offer you the opportunity to enjoy the facilities and special campaigns, promotion, benefits such as discounts in your awareness, enjoyment, activities, services, and your awareness of developments, analyse for the improvement of the services are able to ensure the safety of the workplace. in order to prevent data losses copy/backup to make, billing, sms, and the commercial electronic message to be sent to you informing our followers for the purposes of our social media accounts in order, complaint and the measurement of patient satisfaction within our healthcare services to respond to all your questions and be able to maintain data security digital and physical, and as required by legal regulations, or in the manner required, to ensure the fulfillment of legal obligations and for the purposes specified in other kvkk can be processed.

To whom and for what purpose your personal data, we quote?

KVKK and above I and II. Your personal data in accordance with the articles; and in accordance with the fundamental principles prescribed by KVKK kvkk 8. and 9. the conditions and for the purposes specified in the articles and the processing of personal data for the above purposes; (in the event that you give consent) sms and e-mail your information to inform you about our services, be able to inform you about your appointments, activities, services, and your awareness of developments, sms, CMS commercial electronic message be sent to the company in order to service the batch submission received your e-mail address for billing our accountant, your image, photo and video, in the event you give your consent), the company that manages our social media accounts, office interior a closed-circuit camera to record in case of a legal obligation or legitimate interests, the company or the security authorities, and for other purposes specified in kvkk ; legal, legal requirement that we work in the legitimate interest attorneys, accountants, consultants, auditors in order to receive, including consulting we, our legal representatives and third party, Medical Laboratories services received for purposes of examination and analysis, law enforcement, may be transferred to public institutions and private persons.

As the owner of the data KVKK’ s 11. As Mentioned In The Clause What Are Your Rights?

As the owner of personal data your personal data has been processed learning if your personal data is processed, to request information in relation to it, whether it is used according to their purpose and the processing of your personal data, the purposes of learning, knowing your personal data is transferred to the third person of your personal data if it is missing or incorrectly processed, corrected them and ask to have your personal data transferred to third parties in this context to be notified of the relevant transactions, requesting Is processed in accordance with the provisions of the kvkk and other relevant laws, despite the fact that the disappearance of the reasons requiring to be processed in the event of requesting that your personal data be erased or destroyed your personal data transferred to third parties in this context and request to be notified of the relevant transactions processed data exclusively through automated systems by analyzing one that is against one's self to appeal to a result, you give your consent to the processing of personal data rollback, in case of damage due to unlawful processing of your personal data, you have the rights to demand for elimination of damages.

Your Rights As The Owner What Data Will You Use?

Kvkk 11. to exercise the rights mentioned above according to the article; “ Op. Dr. Tuba Crescent POWERFUL ” (contact address: Mustafa Kemal Mahallesi, Dumlupınar bulvarı no : 274 Blk B on the outskirts of Ankara. No:50, 06510 Çankaya/Ankara), by contacting your written application in person or by transmitting through a notary public can contact you. “Op. Dr. Tuba Crescent POWERFUL” depending on the nature of the request, the request as soon as possible and no later than thirty (30) days shall conclude.

Of The Law “Governing The Rights Of The Person Concerned” 11. article is within the scope of your claims, “according to the communiqué on procedures and principles of Application Data Manager of the personal data protection authority “Nasuh Akar Quarter 1407 Sokak No: 4 Çankaya / Ankara” address, or may submit in writing to www.kvkk.gov.tr you can apply online to address.

Your Personal Data And How Long Will I Be Covered For?

Kvkk in accordance with the lighting in the text, and the text of your personal data which are processed for the purposes specified in the consent, KVKK md. 7/f.1. according to the purpose of requiring the processing is eliminated and/or process your data in accordance with legislation we are compelled to the statute of limitations expired, will be deleted by US, will be destroyed or anonimlestirere will continue to be used.

In accordance with KVKK “Op. Dr. Tuba Crescent POWERFUL” in Cases that can handle your personal data without your explicit consent:

Kvkk 5. according to the article, in the following cases mentioned above without requiring your explicit consent and your personal data can be processed in accordance with the law which is taken:

The law expressly stipulated that in the event due to the actual impossibility, as the owner of the data, you must be in a condition to explain your consent, the legal validity of your consent or unrecognized cases, your own or someone else's life or physical integrity for the protection of the processing of your personal data to fulfil a legal obligation obligatory obligatory use of your personal data or a right to be publicly available by you, the property's forced to commit the data to be protected is provided to avoid damage to your basic rights and freedoms that you have to be, “Dr. Op. Crescent powerful practice be compulsory for the legitimate interests of processing data of Tuba.

Data Security

“Op. Dr. Tuba Crescent POWERFUL” as the person responsible for data within the scope of KVKK; unlawful processing of personal data and prevent unlawful access to your personal data, prevent your personal data in order to ensure the appropriate level of security necessary to ensure the safekeeping of all physical, digital, technical and administrative measures.

Cookie Policy

Op. Dr. Tuba Crescent POWERFUL” as our websites“Site”), practices, or other similar online or offline for your use in the digital environment that we offer all our media (the aforementioned channels all together “Platform” will be referred to as.) cookies to enhance your use or your experience during your visit (“cookies”use we make.

Law No. 6698 on protection of personal data use of cookies (“EUROPEAN Law”) and is carried out in accordance with the regulations.

This cookie is the purpose of the text being used during the lighting of the cookies that are obtained through the use of the platform collection is to provide information with regard to the processing of personal data is you. In this text, and to control cookies, which we use cookies on our site for which we want to explain to you how.

On our site can opt out of the cookies we use, their types or functions, or you can change application on our website and we can add new cookies. Therefore, the text of the terms of this Cookie, we reserve the right at any time to change the lighting. Any changes that have been performed on the current lighting in the cookie text on the site, although the application is to be published in any public media or shall become effective. Date of last update can be found at the end of the text.

Your personal data are processed for the purposes detailed information about processing and protection of personal data within our site via the link below or you can reach from the policy section.

K. V. K. K. Policy

1. What Is A Cookie?

A cookie when you visit a web site you require to recognize our website later and is a small text file that is stored on your computer or mobile device. Protects it from attack, recording more in the future if you have been automatically remembers the answers that you give.

2. For Which Purposes Does Use Cookies?

Our site uses cookies and our application for a variety of purposes, and these we are processing your personal data via cookies. The main purposes are as follows:

  • Perform the basic functions required for the operation of the site and application. 
  • Site and application, to analyze and improve the performance of the application site. 
  • Enhancing the functionality of the site and application and provide ease of use. 
 

3. Collection Of Personal Data And The Legal Cause, Method, Transfer To Third Parties

Your personal data within the scope of your visit to our website, or your use of the application are collected electronically through Cookies based on our legitimate interests for legal reason therefore.

Lighting in the scope of the framework specified for the purposes of the act KVK 5. in the second paragraph of Article processing conditions in the presence of at least one statutory data to be processed without your consent your personal data will be possible. Otherwise, legal, data processing conditions in the absence of your consent, your personal data will be processed only in cases where.

In any case, the lighting within the scope limited as to achieve the objectives mentioned above text of your personal data and in accordance with regulations that have benefitted from our services to third parties, suppliers, law enforcement, public and private legal entities we may share with.

4. As The Owner Of The Data, What Are Your Rights?

KVK 11 of the code. according to the article, data owners,

  • If your personal data has been processed learning
  • Personal data is processed, to claim knowledge of it,
  • Purposes of the processing of personal data, whether they are used according to their purpose and learning
  • Your personal data is transferred within or outside the country, the knowledge of third parties,
  • Missing or incorrectly personal data is processed, and ask to have them corrected in this context, personal data transferred to third parties to be notified of the process of requesting,
  • KVK is processed in accordance with the provisions of the act and other relevant legislation, although in the case of the disappearance of the reasons requiring processing, destruction or deletion of your personal data and, in this context, the process of requesting to be notified of the personal data transferred to third parties,
  • By analyzing the processed data exclusively through automated systems, one against one's self, the result of the appeal,
  • In case of damage due to unlawful processing of personal data has the right to demand the elimination of damages.

Your rights as listed above for your application; the application in person or through a notary, you can do.

 

Reference MethodThe Address Of The Reference
A written application personallyMustafa Kemal Mahallesi, Dumlupınar Bulvarı No : 274 Mahall Ankara B Blk. No:50, 06510 Çankaya/Ankara
Application with the applicantMustafa Kemal Mahallesi, Dumlupınar Bulvarı No : 274 Mahall Ankara B Blk. No:50, 06510 Çankaya/Ankara

A request by a third party on behalf of the owner of personal data are not able to be. Depending on the nature of your request free of charge within thirty days as soon as possible and in any event not later, your application will be terminated. Also a cost to be determined by the personal data protection board should arise according to the schedule reserves the right to charge a fee by you.

5. Our site and our application is using cookies

Cookies, owners, service life and can be categorized in terms of their intended use. Below is our website and you can find the different types of cookies that we use in our implementation. Our site and our application for both First-party cookies (placed by the site you are visiting), as well as third party cookies are placed by the site you are visiting external servers) are used.
The platform is created on the part of the cookies, third party cookies are different companies that have a business relationship oversees. It is active by the time that session cookies and persistent cookies are used. Session cookies are deleted along with the visitor's leaving the platform when the use of the persistent Cookie may remain in the device for various periods of visitors depending on the field. According to the intended use on the platform technical cookies, personalization cookies, authentication cookies, and analytical cookies are used.

6. How Can I Check The Use Of Cookies?

The preferences of our visitors and users about the use of cookies and similar technologies for us is essential. By contrast, the platform, are indispensable for the operation of cookies, which requires the use of. In addition, the closure of some Cookies in the case of the platform, we would like to remind some of the functions that can be partially or completely.

The choice of the platform on how to manage the cookie is used in information is as follows:

Visitors to the viewing platform has the opportunity to personalize their preferences regarding cookies by changing the settings of the browser. If the browser that is being used is offering and if it is possible to change preferences for cookies through the browser settings.

Thus, the scanner will vary according to the facilities that it has to offer, although the data owners choose to receive a warning prior to the use of cookies by blocking the use of cookies or to delete cookies or just some of the offers the possibility to drop.

Bu konudaki tercihler kullanılan tarayıcıya göre değişiklik göstermekle birlikte genel açıklamaya https://www.aboutcookies.org/ ulaşmak mümkündür. Çerezlere ilişkin tercihlerin, ziyaretçinin Platforma erişim sağladığı her bir cihaz özelinde ayrı ayrı yapılması gerekebilecektir.

Click to turn off cookies managed by Google Analytics.

Personalized advertising provided by Google to manage experience, please click here.

For many companies in terms of advertising activities that uses Cookies preferences can be managed through Your Online Choices.

To manage cookies on mobile devices in the settings menu of the mobile device can be used.

You have the possibility to personalize your preferences regarding cookies by changing your browser settings. The above-mentioned prior to making the adjustment by using this site, you consent to the collection of your personal data and cookies processing of personal data located on the illumination of a statement of our site and you agree to be bound by the Privacy Policy.

Updated Date: 13.09.2021

 

 Adobe Analytics http://www.adobe.com/uk/privacy/opt-out.html
 AOLhttps://help.aol.com/articles/restore-security-settings-and-enable-cookie-settings-on-browser
Google AdWords https://support.google.com/ads/answer/2662922?hl=en
Google Analytics https://tools.google.com/dlpage/gaoptout
Google Chrome http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=95647
Internet Explorerhttps://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
MozillaFirefoxhttp://support.mozilla.com/en-US/kb/Cookies
Operahttp://www.opera.com/browser/tutorials/security/privacy/
Safarihttps://support.apple.com/kb/ph19214?locale=tr_TR
Data retention and destruction Policy

1. INTRODUCTION 

1.1 purpose 

Personal data retention and destruction policy (“policy”),“ Op. Dr. Tuba Crescent POWERFUL Practice” (“Institution”) which is operated on transactions and business activities related to storage and disposal has been prepared in order to determine the procedures and principles.

Institution;institution employees, employee candidates, patients, suppliers, service providers, visitors and other third parties of personal data of the Turkish republic constitution, international agreements, the law on protection of personal data No. 6698 (“Law”) and other applicable legislation of the concerned persons in accordance with the rights that are processed as a priority to ensure the effective use of it is committed. Procedures for the disposal and storage of personal data, and work is performed in accordance with the policy, which was prepared by the agency in this regard.

1.2 Scope 

Institution employees, employee candidates, patients, suppliers, service providers and other third parties the personal data of visitors to this privacy policy are managed by the organization or institution within the scope of processed personal data with regard to the processing of personal data of all recording environments and activities to which this policy applies.

1.3 abbreviations and definitions 

Recipient Group : Personal data is the natural or legal person the category of the data transferred by the principal.

Explicit Consent : Related to a specific topic, based on informed consent and free will, are described.

Anonymous Making : Personal data, by matching with other data or identifiable natural person cannot be linked to a specific ID in no way even making.

Running : “Op. Dr. Tuba Crescent POWERFUL Practice ” the staff of the institution.

Patient : “Op. Dr. Tuba Crescent powerful practice from health care, medical treatment and the person who receives services.

Electronic Media : Personal data of the electronic devices can be created with it can be read, can be written where can be changed and environments.

Non-Electronic Media : The electronic environment outside of all written, printed, visual, etc. other environments.

Service provider : a specific contract with the agency that provides service protection of personal data within the framework of the natural or legal person. 

Contact : Personal data is processed by a real person.

Related User : Technically, data storage, data protection and backup, which is responsible for excluding the person or unit responsible for authorization and in accordance with the instruction or data from within the organization responsible for are the people who process personal data.

Destruction : Personal data deletion, destruction or has been rendered anonymous.

Law : Law No. 6698 On Protection Of Personal Data.

Recording Medium : Fully or partially automated, or be part of any data recording system to record non-personal data processed in any environment that contains automated ways.

Personal Data : All kinds of information about identified or identifiable natural person.

The Inventory Of The Processing Of Personal Data : Data processing activities, depending on the principals of the business processes they are accomplishing personal data; the purpose and legal reason of personal data processing the data category, data is transferred to the recipient group and associating with a group of people created by the subject of personal data required for the purposes they are processed and the maximum conservation of the duration of the measures prescribed by explaining the transfer of personal data to foreign countries and data protection detaylandirdik inventory.

The Processing Of Personal Data : Your personal data completely or partially automated, or be part of any data recording system to record non-automatic means obtaining, recording, storage, modification, rearrangement, disclosure, transfer, acquisition, can be obtained, making classification such as the Prevention of the use or any operation that is performed on the data.

The Personal Data Of A Private Nature : Of persons, race, ethnic origin, political opinion, philosophical belief, religion and sect, or other beliefs, costume and clothing, Association or trade union membership, health, sexual life, criminal convictions and security measures, with data on genetic and biometric data.

Periodic Destruction : The disappearance of all of the conditions of law in the processing of personal data retention and destruction of personal data in the case of ex officio be performed and repeated at intervals specified in the policy to delete, destroy, or the process of making anonymous.

Policy : Personal data retention and destruction Policy

Process Data : By the power vested in the principal the principal data of the natural or legal person, who process personal data on behalf of data.

Data Recording System : Personal data is processed by the recording system configured according to specific criteria.

Data Responsible : Determines the purposes and means of the processing of personal data, the establishment and management of a natural or legal person responsible for data recording system.

Data Principals Registration Information System : Data refers to the record of principals and processes for their use in other related internet-accessible on the record, the president created and managed by the information system.

VERBIS : Principals Registration Information System Data

Regulation : Published in the official gazette dated 28 October 2017 of personal data deletion, destruction or anonymization on regulation.

2.RESPONSIBILITY AND TASK DISTRIBUTIONS 

All organizational units and employees, technical and administrative measures that are being taken under the policy by the units responsible for the proper implementation of staff training and awareness raising, monitoring and continuous control to prevent unlawful processing of personal data, personal data, and preventing access to personal data is processed for purposes of lawful and unlawful storage of personal data in all environments technical and administrative measures for ensuring data security issues to the units responsible for the introduction of active support. The names of the retention and disposal of personal data involved in the process, units, and mission belonging to the distribution of are given in Table 1.

Table 1: retention and disposal processes in task distribution

 

TITLETASK
Data ManagerEmployees are responsible to comply with the policy.
Data ManagerThe preparation of the policy, development, implementation, and updating it and posting about and the institution is responsible for canceling the decision of the storage.
Data Security OfficerIt is responsible for providing technical solutions needed for the implementation of the policy.
Other UnitsThe task in accordance with the directive from the implementation of the policy and is responsible for internal tasks that are defined

 

3.RECORDING MEDIA 

Personal data by the agency are listed below in environments that are stored in a safe manner in accordance with law.

Table 2: personal data storage environments

 

Electronic EnvironmentsNon-Electronic Media
Servers (domain, backup, e-mail, database, web, file sharing, etc.)Software (Office software, portal, EBYS, VERBIS.)Information security devices (firewalls, intrusion detection and Prevention, log file, antivirus, etc. Personal computers (Desktop, notebook)mobile devices (phone, tablet, etc.)Optical drives (CD, DVD, etc.)Removable drives (USB, memory card, etc.)Printer, scanner, copierPaper manual data recording systems (survey forms, visitor entry book)Written, printed, visual environments

 

4.COMMENTS REGARDING THE RETENTION AND DISPOSAL

Institution employees, employee candidates, patients, suppliers, visitors and service provider in the relationship as the current and third persons, institutions or organizations of their employees personal data are stored and destroyed in accordance with the law. In this context, the storage and disposal related to detailed explanations below, respectively, have been given.

4.1 Storing Comments On

Article 3 of the law defined the concept of the processing of personal data in Article 4, the personal data processed in connection with the purpose they are processed, limited and restrained to be stipulated in the relevant legislation or for the purpose they are processed, and retained as long as required should be indicated that, in terms of the processing of personal data in Article 5 and 6 were counted. Accordingly, within the framework of our corporate activities or personal data are stored until the appropriate time to our processing purposes stipulated in the relevant legislation.

4.1.1 Legal Reasons To Keep That Requires 

Institution and its activities in the personal data processed within the framework of the relevant legislation shall be retained until such time. In this context, personal data;

  • Law No. 6698 on protection of personal data
  • The Act Of 5651
  • Turkish code of obligations No. 6098,
  • The Turkish Commercial Code No. 4721,
  • Law No. 6563
  • Regulations and legislation related to private health insurance
  • Patient Rights Directive and related legislation
  • The Statute Of Deontology,
  • Social insurance and General Health Insurance Law No. 5510, insurance legislation
  • No. 6331 Occupational Health and Safety Act,
  • Information Act No. 4982,
  • The law on the use of the right of Petition No. 3071,
  • 4857 and
  • Retired Health Law No. 5434
  • Law No. 2828 on social services
  • Buildings and workplace health and safety requirements to be taken in supplements,
  • Archive Services Regulation
  • Other secondary legislation within the framework of these laws which are in force in accordance with the prescribed retention period, until it is stored.
 

 

4.1.2 Purpose Of Processing That Requires You To Keep 

Within the framework of the activities of the institution in which stores personal data for the following purposes.

  • The performance of the health service
  • Billing operations
  • Carry out the process of human resources.
  • Corporate communication are available.
  • The safety and control of the institution,
  • Ensure the security of data,
  • Ensure the physical security of the institution of the interior,
  • Staff training
  • As a result of agreements and protocols signed, and be able to perform business operations.
  • VERBIS within the scope of employees, data principals, representatives of the contact person responsible for the data and the data of those who committed preferences and needs, identify and edit if necessary, update the services accordingly.
  • Required by legal regulations, or in the manner required, ensure the fulfillment of the legal obligations.
  • A business relationship with the institution in real / liaison with entities provide.
  • For information on your social media accounts
  • Sms, to send an electronic message to be able to be able to respond to any questions and complaints within the health services
  • Financial consultancy, Legal Consultancy Services, Recruitment
  • Burden of proof as evidence in legal disputes that may arise in the future.
 

 

4.2 The Reasons Of Destruction 

Personal data;

  • No modification or processing that form the basis for repeal of the provisions of the relevant legislation,
  • The purpose of that require to be stored,processed or elimination
  • Processing personal data in the event that only occurred pursuant to the terms of explicit consent, taking back the explicit consent of the person concerned,
  • Pursuant to Article 11 of the law, the rights of the person concerned regarding the destruction or deletion of your personal data within the framework of his application to be accepted by the institution,
  • By the Relevant Person of the institution of personal data deletion, destruction or anonymization to reject the reference to find out the answer with the demand itself or in cases that do not respond within the time stipulated in the law; the person concerned to file a complaint with the Personal Data Protection Personal Data Protection Authority and approved by the agency this demand,
  • That requires the storage of personal data and personal data that is past the maximum period for the absence of any circumstances that would make it right to keep longer, in the event of the institution, upon request by the person concerned will be deleted, destroyed or ex officio deleted, destroyed or made anonymous.
 

 

5. TECHNICAL AND ADMINISTRATIVE MEASURES 

Secure storage of personal data, unlawful processing and access with the Prevention of personal data to be disposed of in accordance with the law of the fourth paragraph of Article 12 of the law with Article 6 of the act, pursuant to the personal data of a private nature for adequate measures to be determined by the board by the institution within the framework of the technical and administrative measures are taken.

5.1 Technical Measures 

By institution, committed in relation to personal data received technical measures are listed below:

  • Infiltration (Penetration) testing ICT systems for our institution's risk, threat, vulnerability, and, if applicable, the necessary precautions are taken by the openings uncovered.
  • Information Security Incident Management with real-time analysis results of the risks and threats that will affect the sustainability of information systems are constantly monitored.
  • The institution's information systems, equipment, software, and data necessary for the physical security measures are taken.
  • Environmental threats to ensure the security of Information Systems, Hardware (an access control system that allows only authorized personnel entry system room, 7/24 monitoring system, to ensure the physical security of edge forming a local area network switches, fire extinguishing system, air conditioning system, the physical environment where the data resides (archives , accounting, patient files, etc.) only in the presence of a person who is authorized keys, etc.) and software (firewalls, attack prevention systems, anti-virus software, the log record tracking system, network access control, malware blocking systems, etc.) precautions are taken.
  • To prevent unlawful processing of personal data identify risks and take appropriate technical measures to those risks, checks are carried out and measures taken for provided a regular basis is taken as support for the technical computing.
  • Access to personal data within the institution by creating access procedures related to reporting and analysis activities are carried out.
  • They recorded personal access to the storage areas where the data resides improper access or access attempts are kept under control.
  • Institution, personal data will not be accessible to interested users deleted and re-provides the necessary precautions to be used.
  • In the case of personal data obtained by others is unlawful to people about this situation and report to the board by the authority to an appropriate system and infrastructure has been established.
  • Are followed and the appropriate security patches and vulnerabilities of information systems being installed are kept up to date.
  • Strong passwords are used and processed personal data in electronic environments.
  • Safe record keeping processed personal data in electronic environments (logging) systems are used.
  • Providing safe and secure storage of personal data, data backup programs are used.
  • Electronic or non-personal data that is stored in the environment to access, according to the principles of access are limited.
  • Personal data that is required for qualified special lighting made if deemed necessary, legally consent were obtained.
  • Special processes of qualified employees who are involved in the processing of personal data personal data given training on private security, confidentiality agreements, powers of authorized users access to the data are defined.
  • Qualified special personal data processed, stored, and/or that are being accessed by unauthorized entry and physical security of the physical environment and providing adequate security measures are taken they blocked the exit.
  • Qualified special personal data via e-mail must be transferred encrypted corporate e-mail address or account are transferred to the pep. Portable memory, CD, DVD media, such as if it needs to be transmitted through cryptographic methods and it is encrypted with the cryptographic key is kept in a different environment. If you are transferring between servers in different physical environments, or data transfer by establishing a VPN between servers with FTP method is carried out. If you need to transfer paper documents through the medium of theft, loss or unauthorized persons and against such risks as seen by the paperwork necessary measures to be “hidden” in the format are sent.
 

 

5.2 Administrative Measures

By the institution committed administrative measures in relation to personal data received are listed below:

  • The improvement of the quality of employees for unlawful processing of personal data to prevent unlawful access to personal data for the provision preventing the storage of personal data and on the premises are provided with training.
  • Activities that are executed by the supplier and the employees of the institution were purchased services, etc. private and corporate parties have signed confidentiality agreements.
  • Legal action against employees who violate security policies and procedures are applied.
  • KVKK Discipline Policy has been prepared.
  • KVKK Institution within the guidelines has been prepared.
  • KVKK cookie policy has been prepared.
  • The application form has been prepared in KVKK.
  • Before it starts the processing of personal data by the institution, the contacts of lighting the obligation is fulfilled, the law, if necessary, the consent of the persons concerned is taken.
  • Lighting has been prepared and consent forms.
  • For practice/physical space to inform KVK are available.
  • It complies with staff contracts.
  • The processing of personal data of the inventory has been prepared.
  • Premises of periodic and random audits are conducted.
  • Information security training for employees are provided.
  • That contain personal data of the physical environment is external risks (fire, flood, etc.) security can be provided against.
  • Your personal data is reduced as much as possible.
  • Qualified personal is defined and implemented special protocols and procedures for data security.
  • Pandemic required in the process and the necessary measures have been taken kvkk lighting and our patients and our staff are informed.
 

 

6. PERSONAL DATA DESTRUCTION TECHNIQUES 

The period prescribed in the relevant legislation or for the purpose they are processed at the end of the retention period for the personal data required by the authority upon the request of the person concerned or ex officio, again in accordance with the provisions of the legislation are destroyed by the following techniques.

6.1 Deletion Of Your Personal Data

The personal data will be deleted with the method given in Table 3.

Table 3: The Deletion Of Your Personal Data

Data Recording MediumDescription
Personal Data On ServersLocated in the server that requires the storage of personal data to the relevant user by the system administrator for the end of time is removed, and the access privileges of the deletion is done.
Located In The Electronic Environment Of Personal DataLocated in the electronic environment to the storage of personal data requires that the end of time, all except for the database administrator and employees (the users) that is made inaccessible and cannot be used again in any way.
Located In The Physical Environment Of Personal DataThe physical environment is maintained in the archives for the storage of personal data requires that the end of that time, except for the responsible manager document that is made for all employees and cannot be used again. Also read above in a way that cannot be drawn/painted/wiping apply to the dimming operation.
Personal Data In Portable MediaFlash-based storage environments that require the storage of personal data is maintained in that time the term given to the system administrator by the system administrator access only with an encryption key is encrypted and stored in secure operating environments.

6.2 Destruction Of Personal Data 

Personal data are destroyed by the agency by the methods given in Table 4.

Table 4: Destruction Of Personal Data

Located In The Physical Environment Of Personal DataThe paper located in that time the term of irreversibly to the storage of personal data requires the environment is destroyed.
Optical / Magnetic Media Personal DataOptical media, magnetic media the storage of personal data requires that the end of time melting, burning, or ground into a powder to be physically destroyed as the process to be applied. In addition, the magnetic media on by being subjected to a high magnetic field by passing a special device from the data must be rendered unreadable.

6.3 Anonymization Of Personal Data 

Anonymization of personal data, personal data or with other data of a natural person identifiable in no way be linked to eslestirils even specific ID to make.

To be " anonymized personal data; personal data, or third parties responsible for the data to be returned by and/or with other data, such as data recording media in terms of matching the field through the use of appropriate techniques and related activity, or even specific ID cannot be associated with an identified or identifiable natural person must be made.

7. RETENTION AND DESTRUCTION OF ALL TIMES 

By the institution within the scope of activities in relation to personal data being processed;

  • Depending on the process with respect to all personal data personal data within the scope of activities that are performed on the basis of the processing of personal data in the inventory of the storage time;
  • Data storage period on the basis of categories verbis in the record;
  • On the basis of the process of retention and destruction of personal data storage time the policy is located.

The storage in question on time, updates are made by the administrator of the institution, if necessary. The retention period for personal data, ex officio, which ended delete, destroy, or responsible for the security of the data is carried out by the process of making anonymous.

Table 5: Table, Storage and disposal on the basis of the duration of the process

Activities for preparation and execution of contracts following the expiration of the retention period of 10 years after the end of the contract in the time of the first periodic destruction

The execution of corporate communication activities following the expiration of the retention period of 10 years after the end of the activity in the time of the first periodic destruction

PROCESSSTORAGE TIMEDESTRUCTION TIME
Patient records and diagnostic and treatment process execution.20 years from the completion of the processFollowing the expiration of the retention period in the time of the first periodic destruction
Services outside the institution treatment processes (communication, etc.), preparation of activities icrasisozlesme10 yilsurec the completion of 10 years from the completion of the processThe period following the expiration of the retention period following the expiration of the first periodic destruction destruction in the time of the first periodic suresindesaklama
Accounting Processes10 years from the completion of the processFollowing the expiration of the retention period in the time of the first periodic destruction
Yurutulmesiisten human resources processes allocated for personnel severance pay , notice Pay, payments, documents, payroll informationThe completion of the contract expiration of 5 years from the date tells 10The period following the expiration of the retention period following the expiration of the first periodic destruction destruction in the time of the first periodic suresindesaklama
Log sistemleridona yurutulmesikamera kayitlarimusteri the recording track of the process and potential customers on hardware and software access data (Cookies, Cookies)CMS Records1 2 yil2 you were following the completion of the process from the completion of aykayit yilka for a period of 3 years from the date ay13The period following the expiration of the retention period following the expiration of the first periodic suresindesaklama the first periodic destruction destruction destruction suresindesaklama the expiration of the period following the expiration of the period following the first periodic suresindesaklama the expiration of the period following the first periodic in the time of the first periodic destruction destruction suresindesaklama

 8. THE TIME OF THE PERIODIC DESTRUCTION

The periodic destruction of the institution in accordance with Article 11 of the regulation is determined as the duration of 6 months. Accordingly, in the months of June and December of each year, the institution periodic destruction process is carried out.

9. SPECIAL PROCESSING OF PERSONAL DATA

9.1 In terms of data protection, the owner of more critical importance to the various aspects of the processing of personal data believed to have special custom illustrates the sensitivity.

Qualified special personal data in accordance with the act, to be determined by the board, provided that adequate measures are in place, the following terms are processed in the presence of:

  • If you have the express consent of the data owner or
  • If you have the express consent of the data owner the data owner's private qualified health and sexual life of the personal data outside the law prescribed in the special qualified personal data to the health of your sex life and of the owner of the data, however, Public Health Protection, preventive medicine, medical diagnosis, treatment and care services execution, for the purposes of the planning and management of health services financing, or persons under the obligation of confidentiality by the authorized institution is processed.
 

SPECIAL MEASURES RELATING TO THE PROCESSING OF PERSONAL DATA

6 of the law. Special item which is included in the processing of personal data in accordance with the decision of the board dated 31.01.2018 number 2018/10 data in his capacity as a principal, the following measures are taken:

Special to the security of personal data is a systematic, rules are clear, manageable, and sustainable this policy has been identified. Special processes for employees that are involved in the processing of personal data,

  • Privacy contracts is made of
  • Authorized users access to the data, the scope and duration of authority is clearly defined,
  • The authorization checks are carried out periodically.
  • Qualified personal is defined and implemented special protocols and procedures for data security.
  • Change the task or work in this area is separated from the immediate removal of the powers of the employees. In this context, data is returned to inventory their assigned by the principal.
  • Qualified special personal data processed, stored, and/or the environment are being accessed, the physical environment;
    • * Special character according to the nature of the personal data of the environment, adequate security measures (electrical leakage, fire, flood, theft, etc. case) are
    • * Unauthorized access is prevented by ensuring the physical security of these environments.
 
 

10. THE TRANSFER OF PERSONAL DATA SPECIAL

Qualified in accordance with law specific to be achieved, personal data, processing data for the purposes of the owner's private data to third parties qualified personal data is not transferred.

11. THE POLICY OF PUBLICATION AND STORAGE

Politics, wet-signed (printed paper) on the Web page that is published in two different media and in electronic environment is disclosed to the public. Printed paper copy is also stored in the file by the data manager.

12. THE PERIOD OF THE POLICY IS UPDATED 

Policy reviewed and updated as needed sections are necessary.

13. REPEAL THE POLICY EFFECT AND 

The policy entered into force on the date written below is considered. Old wet repeal of the policy of signed copies to be given by the data manager with the decision cancelled (cancellation cancellation by writing shot or bowl) for a period of at least 5 years and shall be signed by the data manager are stored. 13.09.2021

Op. Dr. Tuba Hilal Güçlü, was born in Erzurum in 1979. Undergraduate pre-medicine at the Medical School of Selcuk university education and then received the degree of doctor successfully completing training.
Facebook Instagram Youtube
Op. Dr. Tuba Hilal Güçlü © 2024. All rights reserved.