General Clarification Text Relating To The Processing Of The Personal Data (GDPR)

  1. General Definition

Personal data consists of any data of the natural person whose ID is identified and identifiable under the Law. Sensitive Personal Data, a specific kind of personal data, refers to race, ethnicity, political thought, philosophical belief, religion, sect, other beliefs, dress and clothing, association, foundation or union membership, health, sexual life, criminal conviction and security measures, biometric and genetic data.

Processing of the personal data, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, making available, classifying or preventing the use, obtaining personal data completely or partially automatically or by non-automatic means provided that it is a part of any data recording system, mean all kinds of operations performed on data.

  1. Data Controller

Your personal data is handled by ÖZEL BEYHEKİM HASTANESİ SAĞLIK HİZ.SAN.TİC.LTD as the data controller. STI. (“Data Controller”), in accordance with the Law No. 6698 on the Protection of Personal Data (“Law”), within the scope described below. You can examine what your personal data is, how they are collected, what personal data may be subject to processing by us, and the details of the purposes of processing this data from the tables below.

  1. Groups of Persons whose Personal Data are Processed

We process the personal data of the following groups of people within the scope of the hospital.

  • Employees
  • Interns
  • Members of the Board of Directors
  • Employee Candidates
  • Visitors
  • Supplier Officials / Employees
  • Patients
  • Relatives of Patients
  • Parent/Guardian/Representatives
  • Notifying Third Parties

Personal Data of Employees and Interns

Detailed information about the processed personal data of employees and interns is published in a way that only our employees and interns can access, and they have been informed in detail on this matter. If you are a former employee or trainee of Beyhekim Hospital, you can exercise your rights regarding your personal data processed while you are an employee or trainee by using one of the application channels in this Clarification Text.

Personal Data of the Members of the Board of Directors

Detailed information about the processed personal data of the member of the Board of Directors is published in a way that only our employees and interns can access, and they have been informed in detail on this matter. If you are a former member of the Board of Directors of Beyhekim Hospital, you can exercise your rights regarding your personal data processed while you are an employee or trainee by using one of the application channels in this Clarification Text.

Personal Data of the Candidate Employees

 

Processed Personal Data

 

ID Details:  Name, Surname, Marital Status Information, Driver’s License Information, Military Status, Information, Date of Birth, Place of Birth, Photocopy of Driver’s License, Signature, Identity Card, Photocopy of Identity Card)

Contact Details: E-mail Address, Mobile Number

 

Personal Information: CV Information, Position Application, Height/Weight Information, Reference Information

Professional Experience Information:  Course Information, Certificates, Vocational Training Information, Foreign Language Knowledge, Computer Usage Information, Diploma Information

 

Personal Data Processing Purposes

 

Your personal data is processed for the purposes of Execution of Candidate Employee / Intern / Student Selection and Placement Processes, Execution of Application Processes of Candidate Employee, Planning of Human Resources Processes and Execution of Contract Processes.

 

Method of Obtaining Your Personal Data:

 

It is collected through online electronic forms, e-mail, job application form, İŞKUR and private employment offices, electronic forms, and printed forms.

Legal Reasons for Processing Your Personal Data:

 

Your Personal Data is processed by Beyhekim Hospital in line with the realization of the above-mentioned purposes, based on the legal reasons specified in the Article 5 of the Personal Data Protection Law and the relevant legislation.

●             The necessity of processing the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract,

 Provided that it does not harm the fundamental rights and freedoms of the data subject, data processing is mandatory for the legitimate interests of the data controller.

Personal Data of the Visitors
 
Processed Personal Data

 

ID Data: Name Surname

 

Contact Information: Mobile Phone Number, E-Mail Address

 

Transaction Security Information: Port Information, IP Address Information, Website Input-Output Information, Device MAC Address

Physical Space Security Information: Entry-Exit Records Information, Visiting Information, CCTV Records

 

Personal Data Processing Purposes

Your Identity and Contact Data; It is processed for the purpose of Execution and Audit of Business Activities, Execution of Occupational Health and Safety Activities, Providing Information to Authorized Persons, Institutions and Organizations, Creation and Tracking of Visitor Records,

Your Transaction Security Data; It is processed for the purpose of Execution of Information Security Processes, Execution and Control of Business Activities, Providing Information to Authorized Persons, Institutions and Organizations.,

Physical Space Security Data; It is processed for the purpose of Providing Physical Space Security, Execution and Supervision of Business Activities, Execution of Occupational Health and Safety Activities, Giving Information to Authorized Persons, Institutions and Organizations, Creation and Tracking of Visitor Records.

Method of Obtaining Your Personal Data:

ID Data; are collected through information systems and electronic devices.

Your Contact Information is collected through online electronic forms, e-mail, job application form, İŞKUR and private employment offices, electronic forms and printed forms.

Your Transaction Security Information is collected through information systems and electronic devices.

Physical Space Security Information is collected through printed forms.

Legal Reasons for Processing Your Personal Data:

 

Your Personal Data is processed by Beyhekim Hospital in line with the realization of the above-mentioned purposes, based on the legal reasons specified in the Article 5 of the Personal Data Protection Law and the relevant legislation;

●             expressly stipulated in the law,

●             It is processed on the basis of legal reasons that the data controller is mandatory in order to fulfill its legal obligation.

●             The necessity of processing the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract,

●             Provided that it does not harm the fundamental rights and freedoms of the data subject, data processing is mandatory for the legitimate interests of the data controller.

 
Personal Data of Supplier/Supplier Employees
Processed Personal Data

 

ID Information: Name-Surname, T.C. Identity Number, Signature and Signature Circular
Contact Details: Work Phone Number, Mobile Phone Number, Workplace Address, Work Place Name-Title, Electronic Mail Address, Fax Number, Other Phone Number Information
Personal Data: Position, Title Information, Company Name
Financial Information: Bank Account Information

 

Personal Data Processing Purposes:

 

Your personal data is processed for the purpose of Execution of the Procurement of Goods / Services, Execution of Finance and Accounting Affairs, Execution / Audit of Business Activities, Execution of Contract Processes, Execution of Supply Chain Management Processes.

Method of Obtaining Your Personal Data:

Your identity information is collected through company software, call center calls, customer experience research, social media accounts, platforms managed by third parties, printed forms, contracts, e-mail and documents declared by you.

Your personal information is collected through company software, contracts, e-mail, and printed forms.

Your contact information is collected through contracts, company-owned software, platforms managed by third parties, printed forms, meetings, and events.

Your contact information is collected through contracts, company-owned software, platforms managed by third parties, printed forms, meetings and events.

Your financial information is collected through printed forms.

 

Legal Reasons for Processing Your Personal Data:

 

Your Personal Data is processed by Beyhekim Hospital in line with the realization of the above-mentioned purposes, based on the legal reasons specified in the Article 5 of the Personal Data Protection Law and the relevant legislation;

  • expressly stipulated in the law,
  • It is processed on the basis of legal reasons that the data controller is mandatory in order to fulfill its legal obligation.
  • The necessity of processing the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract,
  • Provided that it does not harm the fundamental rights and freedoms of the data subject, data processing is mandatory for the legitimate interests of the data controller.

 

Personal Data of the Patient

 

 

Processed Personal Data

 

Identity Information: Name-Surname, Date of Birth, Place of Birth, T.R. Identity Number, Foreigner Identity Number, Marital Status, Patient Number, Nationality, Parent Name, Gender, SSI Registration Number, Identity Card-Identity Photocopy, Photograph, Signature, Tax Identity Number, Identity Card Serial Number
Financial Information: Billing Information, Amount Information, Collection Information, Contribution Information, Patient Debt Information, Provision Information, Discount Information, Fee Information, Bank Account Information, Bank Card Information, Credit Card Information
Contact Information: Work Phone Number, Mobile Phone Number, Home Phone Number, Other Phone, Residence- Postal Address, Treated Institution, E-Mail Address, Fax Number
Information About Family Members: Health Information and Medical Information About Family Members, Number of Children, Degree of Family Members, Marital Status Information, Names and Surnames of Family Members, Contact Information of Family Members, Bank Account Information of Family Members, T.R. ID Numbers

 

Personnel Information: Contracted Institutions Information, Reference Information, Social Security Institution Information, Curriculum Vitae Information Protocol Information, Employed Institution Information, Position-Title Information, Private Health Insurance Information, SGK Information, SGK Employment Notice, SGK Dismissal Notice, Payroll Information

 

Professional Experience Information: Diploma Information

 

Special Qualified Personal Data / Health Information: Diagnostic Information, Treatment Information, Report Information, Surgery Information, Appointment Information, Anesthesia Information, Vaccination Information, Discharge Information, Prescription Information, E-Prescription Information, Laboratory Information, Referral Information, Blood Group Information, Test and Sample Information, Laboratory Information, Examination Information, Examination Information, Pregnancy Status Information, Health Status Information, Device Used and Protocol Information, Health Report, Session Information, Clinical Information, Radiological Imaging Information, Death Information, Special Status Information

 

Purposes of Processing Your Personal Data:

 

Your personal data will be processed with the purpose of Execution of Information Security Processes, Execution of Finance and Accounting Affairs, Execution of Communication Activities, Execution of Customer Relationship Management Processes Execution of Emergency Management Processes, Execution of Contract Processes, Execution of Activities in Compliance with the Legislation, Execution of Business Continuity Activities, Execution of Audit / Ethics Activities, Authorized Person, Providing Information to Institutions and Organizations, Carrying out Storage and Archive Activities, Carrying out Communication Activities, Carrying out Internal Audit / Investigation / Intelligence Activities, Execution / Audit of Business Activities, Execution of Customer Relationship Management Processes, Execution of Occupational Health / Safety Activities, Goods / Service Production and Operation Execution of Processes, Execution of Finance and Accounting Affairs, Organization and Event Management, Execution of Management Activities, Execution of Training Activities, Security of Data Controller Operations Provision of Equipment, Ensuring Physical Space Security, Ensuring the Security of Movable Goods and Resources, Execution of Goods / Service Sales Processes, Receiving and Evaluation of Suggestions for the Improvement of Business Processes

 

Method of Obtaining Your Personal Data:

Your identity information is collected through information systems/electronic devices, third-party managed platform, face-to-face, call center call, documents declared by the relevant party, contract and other documents submitted by you.

Your financial information is collected through information systems/electronic devices, documents declared by the relevant party, contracts, face-to-face and other documents submitted by you.

Your contact information is collected through information systems/electronic devices, documents declared by the relevant party, contract, platform managed by the third party, call center call, face-to-face and other documents submitted by you.

Information belonging to family members is collected through the platform managed by the third party, call center call, documents declared by the relevant party, contract and other documents submitted by you.

Your personal information is collected through information systems/electronic devices, documents declared by the person concerned, contracts and other documents submitted by you.

Your professional experience information is collected through the contract, documents declared by the relevant party and other documents submitted by you.

Your health information is collected through information systems/electronic forms, third-party managed platform, call center call, documents declared by the relevant party, contract, face-to-face and other documents submitted by you.

Legal Reasons for Processing Your Personal Data:

 

Your Personal Data is processed by Beyhekim Hospital in line with the realization of the above-mentioned purposes, based on the legal reasons specified in the Article 5 of the Personal Data Protection Law and the relevant legislation;

  • expressly stipulated in the law,
  • It is processed on the basis of legal reasons that the data controller is mandatory in order to fulfill its legal obligation.
  • The necessity of processing the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract,
  • Provided that it does not harm the fundamental rights and freedoms of the data subject, data processing is mandatory for the legitimate interests of the data controller.

Your Personal Data is processed by Beyhekim Hospital in line with the realization of the above-mentioned purposes, based on the legal reasons specified in the Article 6 of the Personal Data Protection Law and the relevant legislation;

  • express consent of the person concerned,
  • Personal data related to health and sexual life are only for the purpose of protecting public health, performing preventive medicine, medical diagnosis, treatment, and care services, planning and managing health services and financing, by persons or authorized institutions and organizations under the obligation of secrecy without seeking the explicit consent of the person concerned. It is processed on the basis of legal reasons.
Personal Data of the Relatives of the Patient
Processed Personal Data
Identification Information: Name-Surname, Date of Birth, Place of Birth, T.R. Identity Number, Foreigner Identity Number, Marital Status, Patient Number, Nationality, Parent Name, Gender, SSI Registration Number, Identity Card-Identity Photocopy, Photograph, Signature, Tax Identity Number, Identity Card Serial Number
Financial Information: Bank Account Information
Contact Information: Residence – Postal Address, Business Phone Number, Mobile Phone Number, Other Phone
Personal Information: CV Information, Payroll Information
Information on Family Members: Degree of Closeness of Family Members

 

Method of Obtaining Your Personal Data:

 

Your identity information is collected through information systems and electronic devices, documents declared by the person concerned, contracts and other documents submitted by you.

 

Your financial information is collected through the documents declared by the relevant party, the contract and other documents submitted by you.

Your contact information is collected through information systems and electronic devices, contracts, documents declared by the relevant party and other documents submitted by you.

Your personal information is collected through the documents declared by the person concerned, the contract and other documents submitted by you.

Information of Family Members is collected through printed forms submitted by you.

 

Personal Data Processing Purposes

 

Your personal data is being processed with the purpose of Execution of Information Security Processes, Execution of Storage and Archive Activities, Execution of Audit / Ethical Activities, Execution of Activities in Compliance with the Legislation, Execution of Contract Processes, Execution of Communication Activities, Providing Information to Authorized Persons, Institutions and Organizations, Conducting Social Responsibility and Civil Society Activities, Conducting Business Activities / Audit, Carrying out Business Continuity Activities, Carrying out Management Activities, Carrying out Finance and Accounting Affairs, Carrying out Internal Audit / Investigation / Intelligence Activities, Carrying out Goods / Services After-Sales Support Services, Carrying out Goods / Service Production and Operation Processes, Ensuring Physical Space Security Conducting Internal Audit / Investigation / Intelligence Activities.

Legal Reasons for Processing Your Personal Data:

 

Your Personal Data is processed by Beyhekim Hospital in line with the realization of the above-mentioned purposes, based on the legal reasons specified in the Article 5 of the Personal Data Protection Law and the relevant legislation;

·       The necessity of processing the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract,

·       It is processed on the basis of legal reasons if it is mandatory for the data controller to fulfill its legal obligation.

 

 

                         Personal Data of Parent/Guardian/Representative
Processed Personal Data

Identity Information: Name Surname, TR Identity Number, Foreigner Identity Number, Signature

Financial Information: Bank Account Information

 

Contact Information: Mobile Number

 

Personal Data Processing Purposes:

 

Your personal data is being processed with the purpose of Execution of Emergency Management Processes, Execution of Information Security Processes, Execution of Employee Candidate / Intern / Student Selection and Placement Processes, Execution of Training Activities, Execution of Activities in Compliance with the Legislation, Execution of Communication Activities, Execution / Audit of Business Activities, Execution of Occupational Health / Safety Activities, Storage and Archiving Activities, Conducting Social Responsibility and Civil Society Activities, Executing Contract Processes, Ensuring Business Continuity, Organization and Event Management, Advertising/ Campaign/ Promotion Processes, Providing Information to Authorized Persons, Institutions and Organizations, Execution of Management Activities

 

 

 

Methods of Obtaining Your Personal Data: Your Personal Data is collected through printed forms.

 

Legal Reasons for Processing Your Personal Data:

 

Your Personal Data is processed by Beyhekim Hospital in line with the realization of the above-mentioned purposes, based on the legal reasons specified in the Article 5 of the Personal Data Protection Law and the relevant legislation;

●             Provided that it does not harm the fundamental rights and freedoms of the data subject, data processing is mandatory for the legitimate interests of the data controller,

●              It is mandatory for the data controller to fulfill its legal obligation,

●             It is clearly stipulated in the laws,

Provided that it does not harm the fundamental rights and freedoms of the data subject, data processing is mandatory for the legitimate interests of the data controller.

 

Notifying Third Parties
Processed Personal Data

Identity Information: Name-Surname

Contact Information: Mobile Number, E-Mail Address

Personal Data Processing Purposes:

Your personal data is being processed with the purpose of Execution of Company/Product/Services Loyalty Processes, Execution of Communication Activities, Execution of Customer Relationship Management Processes, Execution of Activities for Customer Satisfaction, Follow-up of Requests/Complaints.

Method of Obtaining Your Personal Data:

 

Your identity and contact information is collected through call center calls, social media accounts and printed forms.

 

Legal Reasons for Processing Your Personal Data:

 

Your Personal Data is processed by Beyhekim Hospital in line with the realization of the above-mentioned purposes, based on the legal reasons specified in the Article 5 of the Personal Data Protection Law and the relevant legislation;

Provided that it does not harm the fundamental rights and freedoms of the data subject, data processing is mandatory for the legitimate interests of the data controller.

 
  1. Legal Reason for Collecting Your Private Personal Data

Special categories of personal data require higher protection than other data categories. It is regulated in accordance with the Personal Data Protection Law  that additional information should be provided in order to process such data.

Personal data of special nature, data related to the person’s race, ethnicity, political opinion, philosophical belief, religion, sect or other beliefs, disguise and clothing, membership to associations, foundations or trade unions, health, sexual life, criminal convictions and security measures, and biometric and genetic data.

  1. Domestic Transfer of Your Personal Data
  • Your personal data is shared with people who are expressly authorized in the legislation, especially the Social Security Institution, in accordance with the legal regulations and the legislation we are subject to. In addition, your personal data will be shared with authorized persons or public institutions and organizations upon the request of a court decision or authorized administrative authorities.
  • Your personal data will be shared with third parties who process the data in order to fulfill the obligations under the employment contract between us (for example, sharing your health data with our workplace doctor under the Occupational Health and Safety Law No. 6331, etc.).
  • Your personal data may be shared with real persons or private law legal entities with whom we cooperate for the purposes of executing finance and accounting works, executing contract processes, and conducting investment processes within the scope of the service contract between us.
  • Your personal data may be shared with our suppliers for the purpose of carrying out supply chain management processes and fulfilling the contract regarding the products or services to be procured from suppliers within the scope of the service contract between us.
  • Your personal data may be shared with our business partners with whom we cooperate within the scope of the service contract between us for the purpose of conducting business activities and fulfilling the contract.
  1. Do We Transfer Your Personal Data Abroad?
  • Your personal data is not transferred abroad.
  1. How long your personal data is stored?

The storage period of your personal data is as follows:

  • If a period is determined for the storage of data in the law or the relevant legislation, the said data must be kept for at least this period. Unless otherwise stipulated in the legislation, as a rule, your personal data is stored for 10 years from the execution or end of the contract.
  • The storage period is determined by adding a period of 6 months to 1 year to the periods stipulated in the legislation for the storage of your data, taking into account the possibility that a possible court request or a request of an administrative authority authorized by law regarding the relevant data reaches us late, or that a conflict that we may be a party to occurs and at the end of the period the data in question is deleted, destroyed or anonymized.
  • If the legislation does not foresee a period for the storage period of the data we process, your data will be stored for the period determined in the contract made with you and as a requirement of the relationship between us. After the end of the aforementioned relationship or after the period specified in the contract, your data is deleted, destroyed or anonymized without any request.
  • If all the processing conditions for personal data have been eliminated or the storage period declared by us or determined within the scope of the legislation has expired, your data will be deleted, destroyed or anonymized ex officio on the first periodic destruction date or within 6 months at the latest. If you request the deletion of your data for a valid reason, your data will be deleted within 30 days at the latest. If you request the deletion or destruction of your data, the retention period of which is determined in the legislation, before the stipulated periods, your request will not be fulfilled.
  1. What are the Rights You Have Pursuant to Article 11 of the Personal Data Protection Law?

For all your requests, you can fill in the “Data Owner Application Form” on our website or send the application document you have prepared to our Company through the channels listed below. The applications you make to us pursuant to Article 11 of the Personal Data Protection Law will be evaluated promptly and comprehensively. Your application request will be answered and finalized within 30 days at the latest.

The rights you have pursuant to the above-mentioned article are as follows:

  • Learning whether your personal data is processed by the Company and requesting information about it,
  • Learning the purpose of processing your personal data and whether they are used in accordance with the purpose,
  • Requesting correction of personal data if it is incomplete or incorrectly processed,
  • Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the Personal Data Protection Law.
  • Requesting notification of the transactions made pursuant to clauses 11 (d) and (e) of Personal Data Protection Law to third parties to whom personal data has been transferred,
  • Objecting to a result against you by analyzing your personal data exclusively through automated systems,
  • If you suffer any damage due to the processing of your personal data in violation of the relevant legislation, requesting the recovery of the loss.

Your requests regarding your personal data; if you wish, via the Contact Form;

  • Sending to Tepekum Mah., Beyhekim Sk. No:10 Adapazarı/Sakarya address with a photocopy of the ID card and signature.
  • By personally applying to Beyhekim Hospital with a valid identity document,
  • By sending it to our registered e-mail address ozelbeyhekim@hs01.kep.tr by using a registered e-mail (KEP) address and a secure electronic signature or mobile signature.,
  • You can forward it to Beyhekim Hospital by sending an e-mail to info@beyhekimhastanesi.com.tr by filling out a petition signed by the Applicant with mobile signature or secure electronic signature, or by filling in the “Relevant Person Application Form” if desired.

Thank you for reading the clarification text.


Beyhekim Resmi Logo

RENEWING, RENOVATING, IMPROVING





Last update date: 13.05.2024, 21:07



Beyhekim Hospital – All Rights Reserved



Powered by: EVS Dijital

Last update date: 13.05.2024, 21:07