info@okamedic.com
Advanced

Terms and Conditions

INFORMATION ON OBTAINING, PROCESSING, AND PROTECTING PERSONAL DATA

At Okamedic, we place great importance on the security of your personal data. With this awareness, Okamedic shows the utmost sensitivity to protecting patient privacy and, to the best of our ability, processing and preserving any personal data belonging to our patients with the highest level of care. In line with this responsibility, as the Data Controller under the Personal Data Protection Law No. 6698 (“PDPL”), your personal data will be processed solely for the purposes and scope outlined below and in accordance with the Fundamental Law on Health Services No. 3359, the Decree Law on the Organization and Duties of the Ministry of Health and its Affiliates No. 663, the Regulation on Private Hospitals, the Regulation on Processing and Ensuring the Confidentiality of Personal Health Data (“Regulation”), Ministry of Health regulations, and other relevant legislation.

1. Collection and Processing of Personal Data

Your personal data processed by Okamedic, depending on the health services provided, may be collected verbally, in writing, or electronically via call centers, websites, online services, and similar channels. Additionally, personal data may be collected when you attend any training, seminars, or events organized by Okamedic. Special categories of personal data, especially health data, and general personal data may be processed by Okamedic under the conditions and purposes specified in Articles 5 and 6 of the PDPL in connection with, limited to, and proportional to the purposes stated in this clause, including but not limited to the following:

  • Identity Information: Name, surname, TR ID number, passport number, or temporary TR ID number, place and date of birth, marital status, gender, insurance and/or patient protocol number, and other identity data.
  • Contact Information: Address, phone number, email address, other communication data, recorded conversations per call center standards, and personal data obtained through contact with us via email, mail, or other means.
  • Health Information: Medical reports, diagnostic data, biometric data, lab results, test results, examination data, appointment details, prescription information, and any health data obtained during or as a result of medical diagnosis, treatment, and care services.
  • Data submitted or entered on our website, www.okamedic.com.
  • Patient Relationship Management: Data from surveys, thank-you or complaint letters, satisfaction scores, and other feedback regarding Okamedic.
  • If applying for a job: Your resume and other personal data related to employment suitability. If you are an Okamedic employee or related staff, any personal data related to your service contract and job suitability.
  • If visiting our hospital: Visual records from security cameras maintained for security and audit purposes.
  • License Plate Data: If using our open or closed parking facilities.
  • Financial Data: Bank account number, IBAN, credit card information, billing information, and similar financial data.
  • Insurance and Social Security Data: Data for private health insurance and Social Security Institution data used in the financing and planning of health services.

2. Purposes of Personal Data Processing

Any personal data obtained by Okamedic (including but not limited to special categories of personal data) may be processed for the following purposes:

  • Identity verification by Patient Services, Health Professionals, and Call Center departments.
  • Protecting public health, preventive medicine, medical diagnosis, treatment, and care services.
  • Sharing information with the Ministry of Health and other public institutions and organizations upon request per the relevant legislation.
  • Monitoring and preventing misuse and unauthorized transactions by the Audit and Information Systems departments.
  • Fulfilling legal obligations outlined in the Fundamental Law on Health Services, the Decree Law on the Organization and Duties of the Ministry of Health and its Affiliates, the Regulation on Private Hospitals, the Regulation on Processing and Ensuring the Confidentiality of Personal Health Data, and other relevant regulations.
  • Financing your health services, covering examination, diagnosis, and treatment costs, and sharing requested information with private insurance companies for eligibility checks.
  • Notifying you about your appointment through Call Center and Digital Channels.
  • Planning and managing the internal operations of the institution by Hospital Management.
  • Conducting analyses to improve health services by Quality, Patient Experience, and Information Systems departments.
  • Providing training to our employees by Human Resources and Quality departments.
  • Performing risk management and quality improvement activities by Quality, Patient Experience, and Information Systems departments.
  • Invoicing for services rendered by Patient Services, Finance, and Marketing departments.
  • Verifying your relationship with contracted institutions by Patient Services, Finance, and Marketing departments.
  • Carrying out educational activities by educational institutions in collaboration with our institution.
  • Responding to your questions and complaints related to health services by Hospital Management, Patient Rights, and Call Center departments.
  • Ensuring data security for hospital systems and applications by Hospital Management and Information Systems departments.
  • Participation in campaigns and providing information about campaigns by Marketing, Media and Communications, and Call Center departments, as well as designing and delivering exclusive content and tangible and intangible benefits via web and mobile channels.
  • Measuring, increasing, and researching patient satisfaction by Hospital Management, Patient Rights, and Patient Experience departments.
  • Preserving health data per the required retention periods mandated by the relevant legislation.

3. Transfer of Personal Data

In line with KVKK and relevant health legislation, your personal data may be shared with the following entities to the extent necessary to ensure an adequate level of security and within the scope of the purposes stated above:

  • Law enforcement agencies,
  • Social Security Institution,
  • Regulatory and supervisory institutions, official authorities,
  • Civil Registry,
  • Ministry of Health and affiliated entities,
  • Private insurance companies,
  • Courts,
  • Turkish Pharmacists’ Association,
  • Laboratories, centers, and similar third parties in cooperation for medical diagnostics,
  • Direct/indirect shareholders,
  • Affiliates and/or subsidiaries,
  • Third-party advisors, including attorneys, tax consultants, and auditors,
  • Our business partners and other third parties in collaboration to improve and manage health services as outlined above.

4. Situations Where Personal Data May Be Processed Without Explicit Consent

In accordance with Article 5 of the PDPL, your personal data may be processed without your explicit consent in the following circumstances:

  • When expressly required by law,
  • When it is necessary for the protection of life or bodily integrity in situations where obtaining consent is impossible,
  • When processing is directly related to the establishment or execution of a contract to which the data subject is a party,
  • When processing is required to fulfill a legal obligation,
  • When the data is made public by the data subject,
  • When processing is necessary to establish, exercise, or protect a legal right,
  • When processing is necessary for Okamedic’s legitimate interests, provided it does not infringe on your fundamental rights and freedoms.
  • Health-related personal data may be processed by persons or organizations with a duty of confidentiality, or by authorized bodies, without the explicit consent of the subject, for public health protection, preventive medicine, medical diagnosis, treatment, and care services, as well as the planning and management of healthcare services and financing.

5. Method and Legal Basis for Personal Data Collection

Your personal data is collected verbally, in writing, or electronically to fulfill Okamedic’s contractual and legal obligations and for the purposes mentioned above. The legal basis for collecting personal data includes:

  • Personal Data Protection Law No. 6698,
  • Fundamental Law on Health Services No. 3359,
  • Decree Law on the Organization and Duties of the Ministry of Health and Its Affiliates No. 663,
  • Regulation on Private Hospitals,
  • Regulation on Processing and Ensuring the Confidentiality of Personal Health Data, and
  • Ministry of Health regulations and other relevant legal provisions.

In addition, per Article 6(3) of the PDPL, personal data related to health and sexual life may be processed by persons or organizations under a duty of confidentiality, or by authorized bodies, without explicit consent for the purposes of protecting public health, preventive medicine, medical diagnosis, treatment, and care services, as well as the planning and management of healthcare services and financing.

6. Data Security

Okamedic takes great care to ensure the security and confidentiality of your personal data through all available technical and administrative means. We apply all necessary security measures with strict adherence to information security standards and procedures in all our products and services, taking into account technological capabilities and minimizing risks.

7. Your Rights Regarding Your Personal Data

To the extent that your personal data is processed by Okamedic as the data controller, under Article 11 of the PDPL, you may exercise your rights by completing the “PDPL Access/Information Request Form” and delivering it by hand to the hospital where you received services, via notary, by sending an email signed with your secure electronic signature, or by sending a secure electronic signature-signed Word or PDF file to info@okamedic.com. You have the right to:

  • Know if any personal data is being processed,
  • Request information on the processing activities,
  • Learn the purposes of personal data processing,
  • Learn the identity of third parties in Turkey or abroad to whom your personal data is transferred,
  • Request the correction of any incomplete or inaccurate personal data,
  • Request the deletion or destruction of personal data if the reasons for processing no longer exist,
  • Object to any adverse results arising from automated data processing, and
  • Request compensation if you suffer damages due to unlawful data processing.

Okamedic will respond to your request as soon as possible, but no later than thirty days, at no cost. However, if the request incurs an additional cost, Okamedic may charge a fee according to the tariff determined by the Personal Data Protection Board.

Respectfully,
Okamedic

Compare listings

Compare