Privacy Policy

As hospitals and medical facilities affiliated with the Eye Light Protection Foundation (Göz Vakfı) (Bayrampasa Göz Hastanesi, Idealtepe Beria Turaç Göz Merkezi, Bursa Yildirim Göz Merkezi), we understand the value of privacy to our patients, employees, candidates, associates, subcontractors, and business partners. As such, we work to be open and honest about how we gather, use, disclose, transfer, and store your information.

Our information practices are generally outlined in this Privacy Policy. Göz Vakfıwebsite, online transactions made there, and the services rendered at our affiliates (collectively referred to as our "Services") are all covered by the Privacy Policy.

For a variety of reasons, including to reflect changes in laws and regulations, business practices, and technological advancements, we may occasionally change this privacy policy. Please be aware that the Privacy Policy applies to all online transactions you conduct through our website and at medical facilities connected to Göz Vakfıthat fall under its purview. The Privacy Policy is applicable whether you physically access our Services or use a computer, smartphone, tablet, TV, or any other device to access them. It is crucial that you carefully read the Privacy Policy because every time you use our Services, you are agreeing to the practices described in the Privacy Policy. You agree to the procedures outlined in the Privacy Policy by using our services.

It is also crucial to regularly check to see if the Privacy Policy has been updated. When we make changes to the Privacy Policy, we'll make a note to the relevant Services to let you know about them. You agree to the new practices described in the update by using our Services after we add this notice. On our website, you can always find the most recent version of the Privacy Policy that is in effect. The Privacy Policy's current date is listed under the privacy policy.

What personal data do we gather about you?

Information you voluntarily divulge.

There are some Services that let you directly give us information. For instance:

• Our patients are required to give us all of their identifying information in order to receive the healthcare services we provide in our facilities, including their name, surname, T.C. Identity Number, address, phone number, and social security number. For instance, in order for us to provide services to you in accordance with the applicable laws of the Ministry of Health, you will need to provide us with your identity information if you apply for a health examination at one of our hospitals.

• If you want to book an appointment through the Online Transactions section of our website, we might need to know who you are.

• We may request information about your identity, work history, and educational background if you use the HR section of our website to apply for a job.

Details about how you use the services:

In addition to the data you give us, we might also obtain data from other organizations about how you use our services. For instance, we might gather the following data:

• Name, last name, T.R. Identity Number, etc. are all required pieces of identification.

• Information on your health, including details on all the procedures you underwent at our hospitals.

• Information to contact you, such as an email address or phone number.

Information obtained from outside sources:

To the extent permitted by law, we may gather details about you from commercially and publicly accessible sources, combine them with details we already have about you or learn about you. In order to provide our Services, we may also ask your relatives—who are third parties—to provide your information.

Additional Data We Gather

With your permission, we may also gather additional data about you, your health, or how you use the Services, either at the time of collection or by another method.

You can decide not to give us certain types of information (like current health status information), but doing so may prevent you from using or reaping the benefits of some Services as you would like.

Automatic Information Collection

When you use our website or products, we automatically collect some personal information. Some or all of the following types of information may be included in this information:

• Your Internet Protocol ("IP") address,

• User names and related account information,

• Contact information;

• Geolocation based on nearby GPS, Wi-Fi, and communication network data.

Except in cases where we need to retain the identifying characteristics of the data, we anonymize the data we collect and store it in a way that does not identify you. For instance, we anonymize your IP address when we collect it by omitting the final set of digits (eg, changing the number from 192.168.1.1 to 192.168.1.XXX).

How Do We Collect Your Information?

Through all available channels, including our job application service, call center service, and physical applications you have made to our hospitals, which you can complete from the Online Transactions and HR section of our website, we may collect your information verbally, in writing, or electronically.

What do we do with your data?

The following are some potential uses for the data we gather:

• In order for us to add you to a service.

• To fulfill your request for a Service.

• To offer you customized services based on your prior usage of our services.

• For marketing purposes, such as sending you promotional communications and delivering sponsored content with tailored advertisements.

• To assess and analyze our market, consumers, goods, and services (including asking your opinion about our products and services and conducting customer surveys).

• To better our services and create new goods and services by learning how they are used.

We reserve the right to combine the data we have about you and use it in ways that are compliant with this Privacy Statement.

Who do we share your information with?

Without your permission, we will not divulge your information to third parties for their own independent marketing or business purposes. However, the following organizations may receive your information from us:

• Affiliates: Your information may be shared with Göz Vakfıand its Affiliates in accordance with the Privacy Policy.

• Service providers: We may also share your information with businesses that perform tasks for us or on our behalf, such as those that help us with billing or send emails. Your information may only be used by these companies to carry out services for us.

• Customer (Patient) Relatives: We may provide information about your health status to your first-degree relatives in accordance with the applicable health legislation.

• Others as needed for our protection of our services or as required by law.

For the following reasons, there may be times when we need to disclose your information to other parties:

• To abide by the law or respond to court-mandated notices (such as a search warrant or other court order).

• To confirm or uphold the rules that control our services.

• To safeguard the legal rights, valuables, or personal safety of the Eye Foundation, its affiliates, or other related affiliates, partners in trade, or clients.

In addition to the disclosures outlined in this privacy statement, we may also share information about you with third parties upon your request or consent.

How do we make sure your information is secure?

To maintain the integrity of all types of data required for the support and upkeep of the services we offer to our clients, to archive them in accordance with the law, and to stop their sharing with parties other than the medical staff performing the diagnosis and treatment;

• Hardware and software requirements have been established.

• Resources are allotted to ensure the ongoing availability of the required hardware and software.

• Our staff has received training on what needs to be done to protect customer information, and their responsibilities with regard to business contracts have been outlined.

• The required infrastructure has been identified, and the accountable parties have been identified, in order to back up all data.

• In our hospital information system, all access operations (reading, changing, deleting, and adding) are restricted.

• Only our patients, their families, the pertinent public institutions and organizations operating within the parameters of applicable health legislation, as well as the appropriate judicial authorities in judicial cases, are given access to patient files and information.

Confidentiality, integrity, and authority access are our hospital's three guiding principles for information security.

Who Has Access to Your Data?

It has been named the "Data Controller" for the Eye Nursing Foundation and its Affiliates in accordance with the Law on Protection of Personal Data No. 6698. We declare that, within the purview of this Privacy Policy, individuals holding the title "Data Controller" are in charge of gathering your information, and that these individuals, in their capacity as "Data Controllers," are subject to the rights and obligations outlined in Law No. 6698.

Storage of Data

We make an effort to ensure that the information we collect about you is used only for that purpose or as long as is necessary to comply with any applicable legal or contractual obligations.

What Rights Do You Have Regarding Your Data?

Regarding the Eye Foundation's processing of your data;

• On order to determine whether your data has been processed.

• In order to learn more about them, find out if your data is being processed.

• To find out why your data is being processed and whether it is being used in a way that is consistent with that purpose.

• To find out which data is transferred to third parties, if any, both domestically and internationally.

• If information is inaccurate or incomplete, to ask for correction.

• To request the removal or destruction of your processed data should the purposes for its processing cease or the data become out-of-date.

• You can always send us your requests to alert the parties to whom the data has been transferred if you need your data to be corrected or deleted.

What Guidelines Do We Follow When Handling Your Personal Data?

Göz Vakfıfollows the following guidelines when handling your personal information:

• Processing that abides by the law and is honest.

• Processing of data is accurate.

• The processing's scope is known.

• The processing is done with consent and for lawful purposes.
• The purpose for which the data is collected or reprocessed is connected, constrained, and proportionate to the processing.

• The information is up to date.

• Keeping the data for as long as necessary to fulfill the processing purpose

Links and Products from Third Parties on Our Services

Links to third-party websites and services may be present on our services without our knowledge or consent. The security or confidentiality of information gathered by websites or other services is not our responsibility. Be cautious and keep in mind to read the relevant privacy statements when using third-party websites and services. Our institution is only accountable for the information that is posted on www.gozvakfi.com on its behalf.