Clineca Sağlık Turizmi A.Ş. (“Our company” or “we” or “CLINECA”) values you as
our guest and recognizes the importance of your privacy. We carry out our activities in line
with the applicable data protection regulation including the EU General Data Protection
Regulation (“GDPR”) and other related laws.
We collect and process your personal data including:
Unless specifically requested, we ask you to not send us, and not disclose, on or through the Services or otherwise to us, any Sensitive Personal Data (e.g. racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric, data concerning health or data concerning a natural person's sex life or sexual orientation).
We collect your personal data in a number of ways, including:
We may use your personal data to:
We collect and process your personal data on the following bases which are stated in Article 6(1) of the GDPR:
We collect and process your special categories of personal data on the following bases which are stated in Article 9(2) of the GDPR:
We will only provide you with marketing related information after you have, where legally required to do so, opted in to receive those communications and having provided the opportunity for you to opt out at any time.
We disclose your personal data with:
For the compliance with GDPR, we ensure that our suppliers and business or solution partners whether they are located outside the EEA or not, takes appropriate technical and organizational security measures in accordance with applicable data protection laws and use it solely for the purposes specified by us.
If you are from the European Economic Area or in certain countries, you are also entitled (with some exceptions and restrictions) to:
You may, at any time, exercise any of the above rights, by contacting us via [contact form] below together with a proof of your identity, i.e. a copy of your ID card, or passport, or any other valid identifying document.
In some cases we may not able to give you access to personal data we hold regarding you, if making such a disclosure would breach our legal obligations to our other customers or if prevented by any applicable law or regulation.
If you have provided your consent to the collection, processing and transfer of your personal data, you have the right to fully or partly withdraw your consent. To withdraw your consent please follow the opt-out links on any marketing message sent to you or contact us via [contact form].
Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there are compelling legitimate grounds for further processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
We attach great importance of protecting children’s privacy. Therefore, we make an effort to not collect personal data of any children under the age of 16. If you have any concerns about your child’s privacy with respect to our services, or if you believe that your child may have provided his/her personal data to us, please contact us using the details provided below. We ensure to delete such personal data from our records immediately.
We implement appropriate and reasonable technical and organizational measures to protect your personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the personal data. Such technical and organizational measures include:
Protecting our data servers with state-of-the-art anti-virus programs and similar software.
Limiting and recording physical access to our premises and facilities.
Limiting and recording access to our data servers.
Ensuring regulars test and reviews to our system performed internally or by a third-party agency.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for our company to provide service, until the end of the relevant retention period.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Upon expiry of the applicable retention period we will securely delete or destroy your personal data in accordance with applicable laws and regulations.
We reserve the right to update and change this Policy from time to time in order to reflect any changes to the way in which we process your personal data or changing legal requirements. Any changes we may make to our Policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Policy.