MELSADENT
1. PURPOSE AND SCOPE OF THIS NOTICE
As Melsadent Oral and Dental Health Polyclinic (“Polyclinic”), we place the utmost importance on the confidentiality, security, and lawful processing of personal data belonging to our patients and their relatives. In accordance with Article 10 of the Law No. 6698 on the Protection of Personal Data (“Law” or “KVKK”), this Notice has been prepared to inform you in a transparent manner regarding the processing of your personal data.
The Company, which qualifies as a healthcare institution under the Regulation on Private Healthcare Institutions Providing Outpatient Diagnosis and Treatment Services, acts as a “Data Controller” within the meaning of the Law. In this context, the Polyclinic has adopted internal policies and implemented appropriate administrative and technical safeguards to ensure compliance with the Law.
2. IDENTITY OF THE DATA CONTROLLER
As the Data Controller, we fulfill our statutory obligations by implementing proportionate administrative and technical measures consistent with the scale of our operations. Our corporate and contact information are provided below:
Title: MELSADENT ORAL AND DENTAL PRIVATE HEALTH SERVICES INDUSTRY AND TRADE LIMITED COMPANY
Address: Yayla Neighborhood, Cengiz Topel Avenue No:9/A, Tuzla, Istanbul, Türkiye
Telephone: +90 (850) 309 32 10 / +90 (546) 191 32 10
E-mail (KVKK correspondence): info@melsadent.com
3. CATEGORIES OF PERSONAL DATA PROCESSED
We process the personal data and special categories of personal data of our patients and their relatives as follows:
a. Personal Data Categories
Identification, Contact Information, Transaction Records, Employment Information, Financial Data, and Other Relevant Information
b. Special Categories of Personal Data
Health Data, including but not limited to dental measurements, orthodontic appliances, and prosthetic treatment records
4. PURPOSES OF PROCESSING PERSONAL DATA
Personal data are processed in compliance with Articles 4, 5, and 6 of the Law for the following purposes:
a. General Purposes
Conducting operational activities, ensuring regulatory compliance, managing communication processes, performing audit and inspection activities, maintaining financial and accounting records, archiving, and managing service provision processes
b. Specific Purposes
Scheduling appointments, creating and maintaining patient medical records, invoicing and payment collection, delivering medical diagnosis and treatment services, issuing prescriptions, managing patient–physician relationships, carrying out dental procedures such as extractions, fillings, orthodontic treatments, and conducting correspondence with relevant public and private institutions
5. METHODS OF PROCESSING AND DATA SECURITY MEASURES
Personal data are processed through automated and non-automated means in electronic systems such as email, clinic software, websites, and messaging platforms, as well as in physical records.
The Polyclinic implements robust administrative and technical measures to prevent unauthorized access, ensure data integrity, and protect personal data against unlawful processing, in line with data protection standards.
6. TRANSFER OF PERSONAL DATA
Personal data may be transferred to domestic and international third parties in accordance with Articles 8 and 9 of the Law for legitimate purposes related to healthcare service delivery, legal compliance, and operational efficiency.
Appropriate contractual safeguards are established to ensure the protection of transferred data.
6.1 Domestic Transfers
Data may be shared with consultants, occupational health institutions, contracted service providers, financial advisors, laboratories, software vendors, and authorized public authorities.
6.2 International Transfers
Data may be transferred to foreign-based service providers such as Google (Gmail), WhatsApp, and Invisalign for communication and treatment-related purposes.
7. LEGAL GROUNDS FOR PROCESSING
Personal data are processed based on explicit consent and other lawful grounds including contractual necessity, legal obligations, legitimate interests, and healthcare service provision pursuant to Articles 5 and 6 of the Law.
8. RIGHTS OF DATA SUBJECTS
Pursuant to Article 11 of the Law, data subjects are entitled to:
• Request information regarding data processing
• Access processed data
• Request rectification or erasure
• Object to automated decision-making
• Seek compensation for unlawful processing
9. EXERCISING YOUR RIGHTS
Applications regarding your rights may be submitted using the Personal Data Subject Application Form available at the Polyclinic.
