DENTAFORUM TİCARET HİZMETLERİ TURİZM ÖZEL SAĞLIK HİZMETLERİ

SANAYİ ve TİCARET ANONYMOUS COMPANY

PATIENT AND PATIENT PARENTS/GUARDIANS/REPRESENTATIVES INFORMATION TEXT

This information text has been prepared by the data controller to inform you about which of your personal data; for what purpose, how and for what reason it is processed, with whom it is shared and for how long it is stored. The information is provided within the scope of Article 10 of the Law on the Protection of Personal Data No. 6698.

As Dentaforum Tedavi Hizmetleri Turizm Özel Sağlık Hizmetleri Sanayi ve Ticaret Anonim Şirketi (Dentaforum) (“Workplace”), we present the information text that we have prepared in accordance with Article 10 of the Law on the Protection of Personal Data No. 6698 (“Law”) and that contains information about personal data processing activities, especially for the creation of patient records and the implementation of treatment, to the public and relevant persons;

ARTICLE 1: DATA CONTROLLER

Your personal data may be processed by Dentaforum as the data controller within the scope explained below. The concept of data controller should be understood as the real or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system.

You can use the following channels to contact the data controller:

Address: Gültepe Mahallesi, Mustafa Kemal Paşa Bulvarı, Betoncular Apartmanı, No:58/A Melikgazi/Kayseri

Phone: 0352 233 60 70

ARTICLE 2: PROCESSED PERSONAL DATA AND PURPOSE OF PROCESSING PERSONAL DATA

The person referred to as the patient in this disclosure text is technically the “person receiving the product or service” and “person receiving the product or service” should be understood wherever the term “patient” is used.

The categories of personal data belonging to patients and their guardians/representatives and processed by us are listed below, and each data category is processed for the purposes specified opposite:

Communication: Monitoring and Conducting Legal Affairs, Conducting Activities in Accordance with Legislation, Conducting Marketing Processes of Products/Services, Performing the Service, Conducting Information Security Processes, Conducting Finance and Accounting Affairs, Ensuring Physical Space Security, Conducting Communication Activities, Conducting After-Sales Support Services of Goods/Services, Conducting Customer Relationship Management Processes, Conducting Activities for Customer Satisfaction, Conducting Advertising/Campaign/Promotion Processes, Monitoring Requests/Complaints, Providing Information to Authorized Persons, Institutions and Organizations, Creating and Monitoring Visitor Records

Identity: Monitoring and Conducting Legal Affairs, Conducting Activities in Accordance with Legislation, Execution of Marketing Processes of Products/Services, Performance of Service, Execution of Information Security Processes, Execution of Finance and Accounting Affairs, Ensuring Physical Space Security, Execution of Communication Activities, Execution of After-Sales Support Services of Goods/Services, Execution of Customer Relationship Management Processes, Execution of Activities Aimed at Customer Satisfaction, Execution of Advertisement/Campaign/Promotion Processes, Monitoring of Requests/Complaints, Informing Authorized Persons, Institutions and Organizations, Creation and Monitoring of Visitor Records

Legal Transaction: Execution of Information Security Processes, Execution of Activities in Accordance with Legislation, Execution of Finance and Accounting Affairs, Monitoring and Execution of Legal Affairs, Execution of Customer Relationship Management Processes, Informing Authorized Persons, Institutions and Organizations

Customer Transaction: Execution of Activities in Accordance with Legislation, Execution of Goods and Services Sales Processes Execution, Execution of Customer Relationship Management Processes, Execution of Activities Aimed at Customer Satisfaction, Execution of Information Security Processes, Execution of Finance and Accounting Affairs, Ensuring Physical Space Security, Monitoring and Execution of Legal Affairs, Execution of After-Sales Support Services of Goods/Services, Execution of Production and Operation Processes of Goods/Services, Execution of Marketing Analysis Studies, Execution of Advertising/Campaign/Promotion Processes, Execution of Contract Processes, Monitoring of Requests/Complaints, Execution of Marketing Processes of Products/Services, Informing Authorized Persons, Institutions and Organizations

Physical Space Security: Ensuring Physical Space Security, Receiving and Evaluating Suggestions for Improving Business Processes, Execution of Customer Relationship Management Processes, Execution of Activities Aimed at Customer Satisfaction, Informing Authorized Persons, Institutions and Organizations

Transaction Security: Information Security Processes Execution, Execution of Finance and Accounting Affairs, Follow-up and Execution of Legal Affairs, Execution of Goods/Service Purchasing Processes, Execution of Goods/Service After-Sales Support Services, Follow-up of Requests/Complaints, Providing Information to Authorized Persons, Institutions and Organizations

Finance: Activities in Accordance with Legislation

ta Proper Execution, Execution of Finance and Accounting Affairs, Monitoring and Execution of Legal Affairs, Execution of Goods/Service Purchasing Processes, Execution of Goods/Service After-Sales Support Services, Execution of Goods/Service Sales Processes, Execution of Customer Satisfaction-Oriented Activities, Execution of Advertisement/Campaign/Promotion Processes, Execution of Customer Satisfaction-Oriented Activities, Execution of Advertisement/Campaign/Promotion Processes, Execution of Customer Satisfaction-Oriented Activities, Execution of Advertisement/Campaign/Promotion Processes

Visual and Audio Recordings: Conducting Activities for Customer Satisfaction, Providing Information to Authorized Persons, Institutions and Organizations, Monitoring and Execution of Legal Affairs

Health Information: Conducting Activities in Accordance with Legislation, Providing Information to Authorized Persons, Institutions and Organizations, Performance of Service, Finance and Accounting Carrying out the work, carrying out the assignment processes, carrying out the production and operation processes of goods/services, following up on requests/complaints, carrying out the wage policy, providing information to authorized persons, institutions and organizations

ARTICLE 3: PARTIES TO WHICH PERSONAL DATA MAY BE TRANSFERRED AND THE PURPOSE OF TRANSFER

The personal data subject to this disclosure text, those transferred for the purpose of fulfilling legal obligations and fulfilling obligations arising from the employment contract and legislation and completing medical treatment and the places to which they are transferred are listed below:

Identity: Social Security Institution, Suppliers, Private Insurance Company, Authorized private and public institutions and organizations

Legal Transaction: Authorized public institutions and organizations

Communication: Social Security Institution, Private Insurance Company, Authorized private and public institutions and organizations

Customer Transaction: Authorized private and public institutions and organizations

Physical Space Security: Authorized private and public institutions and organizations

Transaction Security: Authorized private and public institutions and organizations institutions

Finance: Authorized private and public institutions and organizations

Visual and Audio Records: Social Security Institution, Private Insurance Company, Suppliers, Authorized private and public institutions and organizations

Health Information: Social Security Institution, Suppliers, Private Insurance Company, Authorized private and public institutions and organizations

In addition, if necessary, this data is transferred to lawyers authorized by our company, limited to the transaction to be performed.

ARTICLE 4: PERSONAL DATA COLLECTION METHODS AND LEGAL REASONS

Personal data of patients is processed by the relevant person filling out a form in a physical environment and verbally declaring their personal data. Legal reasons for the collection and processing of personal data;

Article 5 of the Law on the Protection of Personal Data No. 6698:

(1) Personal data cannot be processed without the explicit consent of the relevant person.

(2) If one of the following conditions is met, it is possible to process personal data without the explicit consent of the relevant person:

a) It is explicitly provided for in the laws.

b) It is mandatory for the protection of the life or physical integrity of the person who is unable to give his consent due to a de facto impossibility or whose consent is not legally valid, or of another person.

c) It is necessary to process personal data belonging to the parties to the contract, provided that it is directly related to the establishment or performance of a contract.

ç) It is mandatory for the data controller to fulfill its legal obligation.

d) It is made public by the relevant person.

e) Data processing is mandatory for the establishment, exercise or protection of a right.

f) Data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the relevant person.

B- Article 6698 of the Law on the Protection of Personal Data. 6:

(1) Data related to the race, ethnic origin, political opinion, philosophical belief, religion, sect or other belief, appearance and dress, membership in associations, foundations or unions, health, sexual life, criminal convictions and security measures of individuals, as well as biometric and genetic data are special personal data.

(2) Processing of special personal data without the explicit consent of the person concerned is prohibited.

(3) Personal data other than health and sexual life listed in the first paragraph may be processed without the explicit consent of the person concerned in the cases provided for by law. Personal data related to health and sexual life can only be processed by persons or authorized institutions and organizations under a confidentiality obligation, without the explicit consent of the person concerned, for the purposes of protecting public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing

ARTICLE 5: STORAGE PERIOD OF PERSONAL DATA

The storage periods of personal data written in this disclosure text according to data categories are listed below and personal data is destroyed at the end of the period.

Communication / 10 years from the date of acquisition

Identity / 10 years from the date of acquisition

Law