SAPPHIRE HEALTH GLOBAL MANAGEMENT
INFORMATION TEXT REGARDING THE PROCESSING OF PERSONAL DATA

 

This Information Text has been prepared by Sapphire Health Global Company (“Company”) to inform the Company’s customers about the processing of their personal data by the Company in accordance with the Law on the Protection of Personal Data No. 6698 (“Law”).

You can find detailed information regarding the processing of your personal data within the scope of this Clarification Text in the Personal Data Protection and Processing Policy of Sapphire Health Global Company located at [https://sapphirehealthglobal.com/].

  1. a) Methods of Obtaining Personal Data and Legal Reasons

Your personal data is collected in electronic or physical environments. The personal data collected for the legal reasons specified in this Clarification Text are in accordance with Articles 5 and 6 of the Law.

can be processed and shared within the framework of the personal data processing conditions specified in the articles.

  1. b) Purposes of Processing Personal Data

Your personal data can be processed in accordance with Articles 5 and 6 of the Law.

within the framework of the personal data processing conditions specified in the articles, the planning and execution of activities necessary for the customization and promotion of the products and services offered by the Company according to the preferences, usage habits, and needs of the relevant individuals, the necessary work to benefit the relevant individuals from the products and services offered by the Company to be carried out by the business units, and the execution of the relevant business processes, the commercial activities carried out by the Company to be conducted by the relevant business units.

The processing of clinical studies and the execution of related business processes are carried out for the purposes of planning and executing the commercial and/or business strategies of the Company, as well as ensuring the legal, technical, and commercial-business security of the Company and relevant individuals in business relations with the Company.

  1. c) Parties with Whom Personal Data May Be Shared and Purposes of Sharing

Your personal data is processed in accordance with Article 8 of the Law.

. and 9.

within the framework of the personal data processing conditions and purposes specified in the articles, the planning and execution of activities necessary for the customization and promotion of the products and services offered by the Company according to the preferences, usage habits, and needs of the relevant individuals, the necessary work to benefit the relevant individuals from the products and services offered by the Company to be carried out by the business units, and the execution of the relevant business processes, the relevant business units to carry out the commercial activities conducted by the Company.

after the necessary work is carried out and the related business processes are conducted, for the purposes of planning and executing the commercial and/or business strategies of the Company and ensuring the legal, technical, and commercial-business security of the Company and the relevant individuals in business relations with the Company, it may be shared with the Company‘s business partners and suppliers, as well as legally authorized institutions and organizations and legally authorized private legal entities.

  1. d) Rights of Data Owners and the Use of These Rights

As personal data owners, below

If you submit your requests regarding your rights specified in the above under the title of Exercising Rights by Data Owners using the methods indicated, your requests will be evaluated and concluded by our Company as soon as possible and in any case within 30 (thirty) days.

Law No. 11.

As a personal data owner, you have the following rights under the relevant article:

  • To learn whether your personal data is being processed,
  • If your personal data has been processed, to request information regarding it,
  • To learn the purpose of processing your personal data and whether it is being used in accordance with that purpose,
  • To know the third parties to whom your personal data has been transferred, either domestically or internationally,
  • In case your personal data has been processed incompletely or inaccurately, to request its correction and to request that the operation carried out in this context be notified to the third parties to whom the personal data has been transferred,
  • To request the deletion or destruction of your personal data when the reasons for processing it have ceased to exist, even though it has been processed in accordance with the law and other relevant legal provisions, and to request notification of this process to third parties to whom the personal data has been transferred,
  • To object to the emergence of a result against the person themselves by means of the exclusive analysis of the processed data through automated systems,
  • To request compensation for damages incurred due to the unlawful processing of your personal data.
  • Law No. 28

    • . item 2.

    the cases in which data subjects do not have the right to request have been listed, and in this context;

  • Processing of personal data is necessary for the prevention of a crime or for the investigation of a crime,
  • Processing of personal data that has been made public by the data subject themselves,
  • Processing of personal data is necessary for the execution of the duties of authorized public institutions and organizations, as well as professional organizations that have the nature of public institutions, based on the authority granted by law, for the purposes of conducting audits or regulations, or for disciplinary investigations or prosecutions,
  • Processing of personal data is necessary for budget, tax, and financial matters related to the State.

    necessary for the protection of economic and financial interests,

  • in cases where the rights specified above regarding the data cannot be exercised.
  • Law No. 28

    . item 1.

    according to its article, the following situations will be outside the scope of the Law, and therefore, the requests of data subjects will not be processed regarding these data:

  • The processing of personal data by natural persons concerning themselves or their family members living in the same household, provided that the data is not shared with third parties and obligations regarding data security are complied with.
  • The processing of personal data for purposes such as research, planning, and statistics by anonymizing it with official statistics.
  • The processing of personal data for national defense, national security, public safety, public order,

    the processing of personal data for artistic, historical, literary, or scientific purposes, or within the scope of freedom of expression, provided that it does not violate economic security, the privacy of private life, or personal rights, or constitute a crime.

  • The processing of personal data by public institutions and organizations authorized by law to carry out preventive, protective, and intelligence activities aimed at ensuring national defense, national security, public safety, public order, or economic security.
  • The processing of personal data by judicial authorities or enforcement agencies in relation to investigation, prosecution, trial, or execution processes.

    processing.

    • Exercising Rights by Data Owners

    • Data owners can use the form titled “ Application Form for Data Controllers by Personal Data Owners” available at [https://sapphirehealthglobal.com/] to exercise the rights mentioned above.
    • Applications will be made using one of the following methods, along with documents that will identify the relevant data owner’s identity:
    • Submitting a filled-out copy of the form with a wet signature in person, via notary, or by registered mail to [………….],
    • Personal Data K
    • Following a method proposed by the Evaluation Board.
    • The Company responds to data subjects wishing to exercise their rights within the limits set forth in the Law, in accordance with the provisions of the Law, within a maximum of thirty (30) days.

      • .

      In order for third parties to submit an application on behalf of personal data owners, there must be a special power of attorney arranged through a notary in the name of the person who will be applying on behalf of the data owner.

    • As a rule, applications from data owners will be processed free of charge; however, fees may be charged based on the fee schedule determined by the Personal Data Protection Board.
    • The Company may request information from the relevant person to determine whether the applicant is a personal data owner, and to clarify the matters specified in the application, the personal data owner may be asked questions related to their application.

      u can be directed.

    [1] According to the “Communiqué on the Principles and Procedures for Application to the Data Controller” published in the Official Gazette dated March 10, 2018, and numbered 30356, if a written response is to be given to the application of data subjects, no fee will be charged for up to ten pages.

    A processing fee of 1 Turkish Lira may be charged for each page on this page. If the response to the application is provided on a storage medium such as a CD or flash drive, the fee that may be requested by the Institution cannot exceed the cost of the storage medium.