Protection of Personal Data

PATIENT INFORMATION NOTICE

This information notice has been prepared by Levent Hospital Joint Stock Company (“Private Levent Hospital”) in its capacity as data controller, in accordance with Article 10 of the Law on the Protection of Personal Data No. 6698 (“Law”) and the Communiqué on the Procedures and Principles for Fulfilling the Obligation to Inform.

MERSIS Number: 0608 0708 1400 0001

Address: Ortabayır Mah. Oto Cad. No: 3 Kağıthane/Istanbul

Phone: 444 46 54 Email: info@leventhastanesi.com.tr Fax: 0 212 279 38 94

In order to provide healthcare services to our patients, Private Levent Hospital collects the following personal data from patients, other healthcare institutions, or patient relatives for the purposes of conducting medical diagnosis, examination, treatment, and care services. The purposes and legal reasons for processing patients’ personal data are outlined below:

Personal Data

Purpose of Processing

Legal Reason

Identity Information (Name, surname, date of birth, signature, ID card details, temporary ID number, passport number for non-Turkish citizens)

Patient identity verification, patient registration, conducting internal guidance, ensuring compliance with regulations

Necessary for the data controller to fulfill their legal obligations

Invoice Information (IBAN, bank details related to payments and invoicing)

To fulfill legal obligations related to invoice issuance

Necessary for the establishment and performance of a contract

Contact Information (Email Address, Mobile/Phone Number)

Carrying out communication with patients, creating appointment requests, providing appointment-related information, conducting health-promoting notifications and promotions, fulfilling obligations related to personal data

Necessary for the establishment and performance of a contract

Contact Information (Email Address, Mobile/Phone Number)

Sending congratulatory or promotional messages on special occasions in accordance with your communication preferences and explicit consent under the Law on the Regulation of Electronic Commerce No. 6563 and related legislation

Based on Explicit Consent

Patient protocol number, requested department and doctor for examination

Managing hospital operations and assignments, planning internal operations

Necessary for the legitimate interests of the data controller, provided that the fundamental rights and freedoms of the data subject are not harmed

Information in the consent form

To provide proof of consent in the event of a medical procedure

Necessary for the data controller to fulfill their legal obligations

Insurance Information (Private health insurance or Social Security Institution data)

Financing and planning healthcare services

Necessary for the establishment, exercise, or protection of a right

Health Information – All health data obtained during medical diagnosis, examination, treatment, and care services (Patient age-weight, biometric and genetic data, past operation details, every necessary piece of information about past surgeries, lab results, test results, examination data, check-up details, prescription information, and other data considered health information)

To protect public health, provide preventive medicine, conduct medical diagnosis, treatment, and care services, and manage healthcare services and their financing

Necessary for the establishment and performance of a contract

Visual and Audio Records (Photos and video recordings taken for diagnosis, treatment, and examination purposes)

Patient relations and handling patient requests and complaints

Necessary for the legitimate interests of the data controller, provided that the fundamental rights and freedoms of the data subject are not harmed

Appointment Information

Creating, following, and managing patient appointments

Necessary for the establishment and performance of a contract

Security Camera Footage

Ensuring the safety of patients and staff, maintaining physical space security

Necessary for the data controller to fulfill their legal obligations

All personal data collected will be shared, where necessary, with authorized public institutions and organizations as part of public security issues, legal disputes, and in compliance with legal obligations. If a dispute arises regarding patient procedures, the data will be shared with lawyers to provide the necessary information and documentation for legal processes and to use our rights of litigation and defense.

Additionally:

  • Invoice Data will be shared with accountants and service providers (using software systems) to manage accounting processes and fulfill legal obligations.
  • Health Data will be shared with the Health.NET system, SGK Medula System, and e-Nabız Systems of authorized public institutions for the purposes of preventive medicine, medical diagnosis, treatment, and care services, and healthcare financing and planning.
  • Health and Insurance Data will be shared with the patient’s insurance company for the financing and planning of healthcare services, private health insurance use, and completing insurance procedures.
  • Name, surname, and contact information will be shared with service providers and the Communication Management System for sending informational, promotional, and congratulatory messages related to special occasions, provided you have given explicit consent.

Your personal data will be processed by automatic or non-automatic means through your declarations, emails, forms you complete, or via integration systems. Security camera footage will be processed automatically.

In accordance with Article 11 of the Law on the Protection of Personal Data No. 6698, you have the right to:

  • Learn whether your personal data is being processed, request information if your data has been processed,
  • Learn the purpose of processing your personal data and whether they are being used appropriately,
  • Learn which third parties within the country or abroad your personal data has been transferred to,
  • Request correction if your personal data has been processed incompletely or incorrectly,
  • Request the deletion or destruction of your personal data under the conditions set forth in Article 7 of the Law on the Protection of Personal Data,
  • Request that third parties be notified of your data’s correction, deletion, or destruction,
  • Object to the occurrence of a result that is to your detriment, through the exclusive processing of your data by automated systems,
  • Request compensation for damages if your data has been processed unlawfully.

While exercising these rights, you may be charged a fee in accordance with relevant legislation if additional costs are incurred.

Under Article 11 of the Law on the Protection of Personal Data, you can submit your requests by filling out the Application Form available in the Personal Data Protection section on the website www.leventhastanesi.com.tr, or by sending your request via post to our address.

Levent Hospital Joint Stock Company

LEVENT HOSPITAL JOINT STOCK COMPANY

PATIENT COMMUNICATION CONSENT FORM

This consent form has been prepared by Levent Hospital Joint Stock Company (“Private Levent Hospital”) as a data controller under the Law on the Protection of Personal Data No. 6698 (KVKK) and as a service provider under the Law No. 6563 on the Regulation of Electronic Commerce, the Regulation on Commercial Communication and Commercial Electronic Messages dated July 15, 2015, and the Regulation on the Amendment of the Regulation on Commercial Communication and Commercial Electronic Messages dated January 4, 2020, for the purpose of sending you commercial electronic messages.

Address: Ortabayır Mah. Oto Cad. No: 3 Kağıthane/Istanbul

Phone: 444 46 54 Fax: 0 212 279 38 94 Email: info@leventhastanesi.com.tr

Following the presentation of the Patient Information Notice, we request your explicit consent to process your contact information (email address, mobile/phone number) for the purpose of sending commercial electronic messages such as greetings/congratulations on special occasions, information, and promotions.

Corporate
Online Services
Social Media