General Principles

This is a clarification text related to the processing of your personal data by FETMED HEALTH SERVICES INC, which is mandatory under the Protection of Personal Data Law No. 6698.

FETMED HEALTH SERVICES INC. responsible for all personal data. The data controller will use the following address and contact information in fulfilling the obligations and rights specified in the Personal Data Protection Law.

Pazaryeri Mahallesi Şehit Hasan Küçükçoban Caddesi No: 22 48300 Fethiye/ MUĞLA
Contact number : +90 539 854 17 88
official registered electronic mail : fetmed@hs01.kep.tr

ARTICLE 1 – (1) Personal data shall only be processed in compliance with procedures and principles laid down in this Law or other laws.
(2) The following principles shall be complied within the processing of personal data:
a) Lawfulness and fairness
b) Being accurate and kept up to date where necessary.
c) Being processed for specified, explicit and legitimate purposes.
ç) Being relevant, limited and proportionate to the purposes for which they are processed.
d) Being stored for the period laid down by relevant legislation or the period required for the purpose for which the personal data are processed.

Conditions for processing personal data

ARTICLE 2 –
(1) Personal data shall not be processed without explicit consent of the data subject.
(2) Personal data may be processed without seeking the explicit consent of the data subject only in cases where one of the following conditions is met:
a) It is expressly provided for by the laws.
b) It is necessary for the protection of life or physical integrity of the person himself/herself or of any other person, who is unable to explain his/her consent due to the physical disability or whose consent is not deemed legally valid.
c) Processing of personal data of the parties of a contract is necessary, provided that it is directly related to the establishment or performance of the contract.
ç) It is necessary for compliance with a legal obligation to which the data controller is subject.
d) Personal data have been made public by the data subject himself/herself.
e) Data processing is necessary for the establishment, exercise or protection of any right.
f) Processing of data is necessary for the legitimate interests pursued by the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject.

Article 3 –
(1) Personal data relating to the race, ethnic origin, political opinion, philosophical belief, religion, religious sect or other belief, appearance, membership to associations, foundations or trade-unions, data concerning health, sexual life, criminal convictions and security measures, and the biometric and genetic data are deemed to be special categories of personal data.
(2) It is prohibited to process special categories of personal data without explicit consent of the data subject.
(3) Personal data, except for data concerning health and sexual life, listed in the first paragraph may be processed without seeking explicit consent of the data subject, in the cases provided for by laws. Personal data concerning health and sexual life may only be processed, without seeking explicit consent of the data subject, by the persons subject to secrecy obligation or competent public institutions and organizations, for the purposes of protection of public health, operation of preventive medicine, medical diagnosis, treatment and nursing services, planning and management of health-care services as well as their financing.
(4) Adequate measures determined by the Board shall be also taken while processing the special categories of personal data Erasure, destruction or anonymization of personal data Kişisel verilerin silinmesi, yok edilmesi veya anonim hâle getirilmesi

ARTICLE 4 – Despite being processed in compliance with the provisions of this Law and other relevant laws, personal data shall be erased, destructed or anonymized by the data controller, ex officio or on the request of the data subject, in the event that the reasons for the processing no longer exist. (2) The Provisions of other laws relating to the erasure, destruction or anonymization of personal data are reserved.
(3) Procedures and principles for the erasure, destruction or anonymization of personal data shall be laid down through by-law.

ARTICLE 5 –
(1) Personal data shall not be transferred without explicit consent of the data subject.
(2) Personal data may be transferred without seeking explicit consent of data subject upon the existence of one of the conditions provided for in:
a) the second paragraph of Article 5,
b) the third paragraph of Article 6, provided that sufficient measures are taken.
(3) The Provisions of other laws relating to transfer of personal data are reserved.
Transfer of personal data abroad Kişisel verilerin yurt dışına aktarılması

ARTICLE 6 –
(1) Personal data shall not be transferred abroad without explicit consent of the data subject.
(2) Personal data may be transferred abroad without explicit consent of data subject upon the existence of one of the conditions referred to in Article 5(2) and Article 6(3) of the Law and if in the country where personal data are to be transferred;
(a) Adequate protection is provided.
(b) Adequate protection is not provided, upon the existence of commitment for adequate protection in writing by the data controllers in Turkey and in the relevant foreign country and authorisation of the Board.
(3) The Board determines and announces the countries with adequate protection.
(4) The Board shall decide whether there is adequate protection in the foreign country and whether such transfer is permitted under the sub-paragraph (b) of second paragraph, by evaluating the followings and by receiving the opinions of relevant institutions and organizations, where necessary:
a) the international conventions to which Turkey is a party,
b) the state of reciprocity relating to data transfer between the requesting country and Turkey,
c) the nature of the data, the purpose and duration of processing regarding each concrete, individual case of data transfer,
ç) the relevant legislation and its implementation in the country to which the personal data are to be transferred,
d) the measures committed by the data controller in the country to which the personal data are to be transferred,
5) Without prejudice to the provisions of international agreements, in cases where interest of Turkey or the data subject will seriously get harmed, personal data, may only be transferred abroad upon the authorisation to be given by the Board after receiving the opinions of relevant public institutions and organizations.
6) The Provisions of other laws relating to the transfer of personal data abroad are reserved.