• Alpaslan Mahallesi, Bahar Cd. Bezciler Apt No:3/C, (File Market Karşisi)
  • Monday - Saturday 8.30 - 21.30. Sunday : CLOSED
Appointment

Institutional

  • Home
  • Institutional
implacity OralDiş grup

KVKK

As IMPLACITY&ORALDİŞ GROUP, the protection of personal data means that the processing, storage and transfer of personal data is bound to certain rules within the scope of the law, and thus the Constitutional rights of individuals are protected by our polyclinic. This protection; data processing conditions, transfer conditions, clarification text, penal sanction in case of violation, etc. provided with elements such as What is meant here is not the data, but the people who own the data.

What is Personal Data in terms of KVKK?

   The concept of personal data in KVKK; It is defined as “ all kinds of information regarding real persons whose identity is known or can be determined”  .

  •       Name – Surname, TR identity number, SGK number, vehicle plate
  •        Diploma, student certificate, graduation certificate, transcript etc.
  •        Credit card, discount card, personalized public transport transportation card
  •        Payroll, personal tax declaration, bank IBAN number, invoice, bill of lading etc.
  •        resume text
  •        IP address or serial number information of electronic devices, cookies and location information
  •        Personal phone, etc. code or number
  •        Fingerprint, genetics, blood type, retina etc. informations
  •        Any foundation, association, party membership information, religious or philosophical thought
  •        Information on other racial or ethnic distinctions

What Is Not Personal Data?

  •        Data belonging to legal entities (organizations such as associations, foundations, companies, etc.) cannot be personal data. They are protected under other provisions. Within the scope of KVKK, only natural persons are protected.
  •        Likewise, public legal entities are not protected within the scope of KVKK in terms of any data.
  •        In this context, banking secrets or companies' tax identification numbers, trade secrets, etc. data is not protected under KVKK.

   Apart from these, exceptions not included in the scope of this law are included in article 28 of the Law on the Protection of Personal Data. Accordingly, protection under KVKK is not provided in the following cases:

  •        Processing of personal data about himself or his family members living in the same residence by real persons  (However, there is a condition that the data is not given to third parties and that the obligations regarding the data obligation are complied with.)
  •        Processing of personal data for purposes such as research, planning and statistics by anonymizing with official statistics
  •        Personal data; national defense, national security, public security, public order, economic security etc. to be processed as preventive, protective and intelligence by public institutions and organizations based on legal authority
  •        Processing of personal data by the competent authorities in relation to transactions such as investigation, prosecution, trial or execution of punishment  (The part up to this point is within the scope of full exemption. The following are within the scope of partial exception. That is, in some cases, depending on the characteristics of the concrete case, they do not provide protection.)
  •        The personal data is necessary for the prevention of crime or for the realization of the investigation.
  •        The personal data owner has made the said data public
  •        Personal data processing; It is necessary for the execution of supervisory or regulatory duties by public institutions and organizations based on legal authority and for disciplinary investigation-prosecution.

Terms of Transfer of Personal Data

   By our polyclinic, personal data cannot be processed without the express consent of the personal data owner and cannot be transferred to third parties without a separate consent. This provision is included in Article 8 of the KVKK. This article prohibits the sharing of personal data. However, as can be understood from the article, this data can be transferred if the person has express consent.

   There are some cases in which personal data can be transferred by our polyclinic even without the explicit consent of the person. These are the situations in article 5 of the KVKK and some situations in article 6. These are very important because the situations in these articles directly affect the verdict in most cases.

Article 5 of the KVKK regulates the processing conditions of personal data, and article 6 regulates the processing conditions of special categories of personal data. In other words, personal data can be transferred by fulfilling these conditions.

1. Conditions for Processing Personal Data (Article 5 of the KVKK)

   Our polyclinic is obliged to act according to a number of principles in the processing of personal data. In other words, no matter how much you act in accordance with the law, if it is concluded that you do not comply with these principles, you will be doing something illegal. These principles are:

  •        Complying with the law and honesty rules
  •        Being accurate and up-to-date when needed
  •        Processing for specific, explicit and legitimate purposes
  •        Not exceeding the purpose for which it was processed
  •        Preservation during the storage period in the legislation and during the storage period suitable for the purpose of processing

In Article 5, there are conditions for the processing of personal data. The main condition here is the consent of the person concerned. However, in some cases, dreams are not needed. These;

  •        Circumstances expressly stipulated in the law
  •        Cases in which it is not possible to express consent due to actual impossibility
  •        Cases where the person's own or someone else's life or physical integrity should be protected, but the person's consent is not legally valid
  •        Processing of personal data of the parties to the contract (must be data directly related to the establishment or performance of the contract)
  •        Obligatory conditions for the person responsible for the data to fulfill his legal responsibility
  •        Cases where the data is made public by the person concerned
  •        Cases where the processing of the said data is necessary for the establishment, exercise or protection of a right
  •        Cases where data processing is mandatory for the legitimate interests of the data controller (there is a condition not to violate the fundamental rights and freedoms of the data subject)

 2. Processing Conditions of Special Quality Personal Data (KVKK article 6)

   Special categories of personal data, on the other hand, are sensitive personal data that people can be victims of if they are learned in public. For example, such data; Data such as race, ethnic origin, political and philosophical thought, religious belief, sect, dress code, membership in associations, foundations or unions, health, sexual life, criminal convictions and security measures, biometric and genetic information.

   Private data is also normally not processed without the explicit consent of the person. However, from the private data types we have mentioned above, except for the data related to health and sexual life, the data related to health and sexual life can only be processed without the consent of the person concerned in cases stipulated by the law. Despite all this, it is essential to comply with some precautions determined by the Personal Data Protection Board when processing private data.

Transfer of Personal Data Abroad

   The transfer of personal data abroad also depends on the explicit consent of the person. However, in some cases, it is possible to transfer data without express consent. These are the cases that we have listed as the 5th and 6th items above. However, even in these cases, there must be sufficient protection in the foreign country in question in order for personal data to be transferred abroad. If it is determined that there is not enough protection in the relevant country (this is published as a list), the written commitment of the data controllers that there will be sufficient protection is sufficient for the transfer of this data without the consent of the data subject.

KVKK Clarification Text and Confidentiality Agreement (KVKK article 10)

   Persons or companies (data controllers) processing personal data in some way, simple confidentiality agreement etc. cannot avoid responsibility by having the texts read and approved. According to Article 10 of the KVKK, the data controller has an obligation to inform. This is usually achieved with a KVKK lighting text. Here to the person concerned;

  •        Information on the identity of the data controller and its representative, if any
  •        For what purpose personal data will be processed
  •        To whom, for what purpose and how the processed personal data can be transferred
  •        Method and legal basis of processing personal data
  •        The rights of the person concerned (listed in Article 11) that we will mention below

   KVKK should be notified with the lighting text.

   Due to the nature of the work done, every person or organization that records the data of its customers, members or persons with whom it is in contact must comply with this KVKK clarification text procedure. We should also point out that the text we are talking about is not a draft (copy and paste) text. It should be a text prepared in accordance with the KVKK rules in accordance with the specific concrete event.

Rights Granted to Related Persons within the Scope of KVKK (KVKK article 11)

  •        Anyone can get information about whether their personal data is processed by applying to the data controller.
  •        If personal data is processed, it can learn which data is processed.
  •        You can learn for what purpose your personal data is processed and whether it is used.
  •        You can learn with whom your personal data is shared, regardless of whether it is domestic or abroad.
  •        It may request the correction of incomplete or incorrect information in the processed personal data.
  •        It may request the deletion of the personal data that has been processed. (This can be requested under the terms of Article 7 of the KVKK. We will mention it below.)
  •        It may request that the changes and deletion be notified to the relevant third parties.
  •        It can be objected that a situation against the person himself occurs in the form of analyzing the processed personal data through specially automated systems.
  •        If a damage has occurred due to the unlawful processing of the said personal data, it may request the elimination of this damage.

Other Obligations Given to Data Controllers within the Scope of KVKK

  •        To prevent the unlawful processing of personal data
  •        To prevent unlawful access to personal data
  •        Maintaining personal data in accordance with the law

What is Data Controllers Registry?

   The registry of data controllers is kept by the Personal Data Protection Presidency under the supervision of the board. This registry is called VERBIS in practice. Real or legal persons who process any personal data are under the obligation to register with the Data Controllers Registry before doing so. However, this is not always mandatory. The Board may make an exception to this registration obligation by taking into account some issues. We can list these issues as follows:

  •        Nature and number of personal data
  •        Data processing is done by law
  •        How it is transferred to third parties, etc.

Deletion or Anonymization of Personal Data

   There may be situations that require the processing of personal data, as well as situations that require deletion. Even if the personal data is processed in accordance with the law, if this purpose or reason has disappeared, it is deleted, destroyed or anonymized by the data controller ex officio or upon the request of the data subject. There is a separate regulation regarding this deletion, destruction or anonymization process.

   Anonymization of data means that personal data cannot be associated with an identified or identifiable person, even if it is matched with other data. In other words, it means making it impossible to detect the owner of that data, but keeping the data. Since the anonymized data will no longer be personal data within the scope of KVKK, KVKK protection ends.

Penalty to be Applied in Case of Violation of Personal Data

   Essentially, the Law on the Protection of Personal Data is subject to articles 135-140 of the Turkish Penal Code. refers to the items. These crimes are:

  •        Recording of personal data (TCK 135)
  •        Giving or seizing data unlawfully (Article 136)
  •        Destroying data (TCK 138)

   The range of articles we have specified includes the material elements of these crimes and the prescribed penalties. Although not going into details here, we can say that prison sentences ranging from 1 year to 6 years are foreseen. Also, some acts that violate the KVKK are regulated as misdemeanors, not crimes.

implacity oral dental group

Online Appointment Request
Working Hours

You can contact us:: 444 57 06

Working Hours

  • Monday 08:30 - 21:30
  • Tuesday 08:30 - 21:30
  • Wednesday08:30 - 21:30
  • Thursday 08:30 - 21:30
  • Friday 08:30 - 21:30
  • Saturday 08:30 - 21:30
  • Sunday Closed
Within the scope of the Personal Data Protection Policy I agree to be informed by phone, sms or e-mail in order to be informed about the campaigns, promotions and announcements of Implacity Oraldiş Group.
implacity oral dental group

Our Physicians

Tamer Senel
Dentist
Adnan Rafet Erdem
Dentist
Salih Balkaya
Dentist
Halit Şengel
Oral and Maxillofacial Surgeon Specialist
Aylin Güner Şengel
Dentist
Burak Gülnar
Dentist
Sinan Alp Çukurluoğlu
Dentist
Ertuğrul Armagan
Dentist
Ozge Kütahneci
Dentist
Kadir Ekinci
Dentist
Gökçe Metin
Dentist