FERMED Özel Sağlık Hizmetleri Ticaret A.Ş. (“Our company” or “we” or “FERMED”) values you as our guest and recognizes the importance of your privacy. We carry out our activities in line with the applicable data protection regulation including the EU General Data Protection Regulation (“GDPR”) and other related laws.
Personal Data We Collect
We collect and process your personal data including:
- Identity information, including your name, surname, signature, nationality, photograph, date and of birth, passport or other identity documents details etc.;
- Contact information including your phone number, residental address, work address and e-mail address;
- Financial and payment information, including your IBAN number, amount, bank account details, and other data necessary for payments;
- Professional information including organization where you work, educational background, affiliations, job title and your profession/speciality.
Unless specifically requested, we ask you to not send us, and not disclose, on or through the Services or otherwise to us, any Sensitive Personal Data (e.g. racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric, data concerning health or data concerning a natural person’s sex life or sexual orientation).
Collection Method of Your Personal Data
We collect your personal data in a number of ways, including:
- Directly from you via e-mail, telephone, SMS, fax, post, cargo or printed or electronic form;
- From our partners such as Kamil Güray Yeşiladalı.
Use of Your Personal Data
We may use your personal data to:
- Purchase product and / or service,
- Plan, audit and manage our business continuity,
- Fulfil contractual obligations to our suppliers, business/solution partners and other third parties;
- Execution of our finance and accounting works;
- Administer general record keeping;
- Comply with our legal obligations under the applicable law, respond to requests from public and government authorities, including authorities outside your country of residence and to meet national security or law enforcement requirements.
We collect and process your personal data on the following bases which are stated in Article 6(1) of the GDPR:
- Processing is necessary for the performance of our contract.
- Processing is necessary for compliance with a legal obligation to which we are subject.
- Processing is necessary for the purposes of our legitimate interests pursued by the controller or by a third party, provided always that such interests are not overridden by your interests or fundamental rights and freedoms which require protection of personal data.
We collect and process your special categories of personal data on the following bases which are stated in Article 9(2) of the GDPR:
- You have explicitly given us your consent to process your personal data.
- Processing relates to personal data which are manifestly made public by
- Processing is necessary for the establishment, exercise or defense gal claims or whenever courts are acting in their judicial capacity.
We will only provide you with marketing related information after you have, where legally required to do so, opted in to receive those communications and having provided the opportunity for you to opt out at any time.
Disclosure of Your Personal Data
We disclose your personal data with:
- Our employees, company executives and representatives, business/solution partners and suppliers for the purposes specified in Section 3;
- Our partners such as Kamil Güray Yeşiladalı for the purposes specified in Section 3;
- Government and regulatory authorities and other organizations, to meet legal and regulatory requirements or to protect or defend our rights or property in accordance with applicable laws;
For the compliance with GDPR, we ensure that our suppliers and business or solution partners whether they are located outside the EEA or not, takes appropriate technical and organizational security measures in accordance with applicable data protection laws and use it solely for the purposes specified by us.
If you are from the European Economic Area or in certain countries, you are also entitled (with some exceptions and restrictions) to:
- Access: You have the right to request information about how we process your personal data and to obtain a copy of that personal data.
- Rectification: You have the right to request the rectification of inaccurate personal data about you and for any incomplete personal information about you to be completed.
- Objection: You have the right to object to the processing of your personal information, which is based on our legitimate interests (as described above).
- Deletion: You can delete your account by using the corresponding functionality directly on the service.
- Automated decision-making: You have the right to object a decision made about you that is based solely on automated processing if that decision produces legal or similarly significant effects concerning you.
- Restriction: You have the right to ask us to restrict our processing of your personal data, so that we no longer process that personal data until the restriction is lifted.
- Portability: You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and to have that personal data transmitted to another organization in certain circumstances.
- Complaint: You have a right to lodge a complaint with the authorized data protection authority if you have concerns about how we process your personal data. The data protection authority you can lodge a complaint with notably may be that of your habitual residence, where you work or where we are established.
You may, at any time, exercise any of the above rights, by contacting us via [contact form] below together with a proof of your identity, i.e. a copy of your ID card, or passport, or any other valid identifying document.
In some cases we may not able to give you access to personal data we hold regarding you, if making such a disclosure would breach our legal obligations to our other customers or if prevented by any applicable law or regulation.
Right to withdraw consent
If you have provided your consent to the collection, processing and transfer of your personal data, you have the right to fully or partly withdraw your consent. To withdraw your consent please follow the opt-out links on any marketing message sent to you or contact us via [contact form].
Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there are compelling legitimate grounds for further processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
Collection of Children’s Personal Data
We attach great importance of protecting children’s privacy. Therefore, we make an effort to not collect personal data of any children under the age of 16. If you have any concerns about your child’s privacy with respect to our services, or if you believe that your child may have provided his/her personal data to us, please contact us using the details provided below. We ensure to delete such personal data from our records immediately.
Security of Your Personal Data
We implement appropriate and reasonable technical and organizational measures to protect your personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the personal data. Such technical and organizational measures include:
- Protecting our data servers with state-of-the-art anti-virus programs and similar software.
- Limiting and recording physical access to our premises and facilities.
- Limiting and recording access to our data servers.
- Ensuring regulars test and reviews to our system performed internally or by a third-party agency.
Retention of Your Personal Data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for our company to provide service, until the end of the relevant retention period.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Upon expiry of the applicable retention period we will securely delete or destroy your personal data in accordance with applicable laws and regulations.
Links to Third Party Sites
We reserve the right to update and change this Policy from time to time in order to reflect any changes to the way in which we process your personal data or changing legal requirements. Any changes we may make to our Policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Policy.