KVKK Information Text

As Dr. Özgür NALBANT (“Denizli Hair Transplant/Company”), we attach great importance to ensuring the security of your personal data. In this context, in accordance with the Law on the Protection of Personal Data No. 6698 (“LPPD Law”), we take the necessary measures to ensure the appropriate level of security in order to prevent your personal data from being processed and accessed illegally and to ensure its preservation during the processing and transfer of your personal data to third parties. With the awareness of this responsibility, we process your personal data within the framework specified below as the Data Controller within the scope of the LPPD Law and relevant legislation.

1. Obtaining, Processing and Purposes of Processing Your Personal Data
Your personal data is obtained in order to perform the activities determined by our Company in accordance with the provisions of the PDP Law and relevant legislation, to fulfill the requirements of the relevant legislation within the scope of the activities, to manage our Company, to conduct business, to implement Company policies, to carry out marketing, advertising and promotional activities, to increase the quality of the services, to ensure security within the Company, to comply with the activities prescribed by public authorities and/or deemed as exceptions, and to comply with the obligations of information storage, reporting and information. In this context, the personal data we process are as follows:

Identity information
Data that clearly belongs to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of a data recording system; All information included in documents such as Driver's License, Identity Card, Residence, Passport, Attorney's ID, Marriage Certificate

Contact information
Information such as telephone number, address, e-mail, which is clearly related to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system

Customer information
Information obtained and produced about the relevant person, authorized or employee of the customer, as a result of our commercial activities and the operations carried out by our business units within this framework

Customer transaction information
Information that is clearly related to an identified or identifiable natural person and included in the data recording system; records regarding the use of our products and services and information such as the instructions and requests required for the use of the customer's products and services

Physical location security information
Personal data regarding records and documents taken during entry to and stay in the physical location, which are clearly identified or identifiable and included in the data recording system

Transaction security information
Your personal data processed for the purposes of ensuring the fulfillment of technical, administrative, legal and commercial obligations while conducting our commercial activities

Risk management information
Your personal data processed for the purposes of ensuring the fulfillment of technical, administrative, legal and commercial obligations while conducting our commercial activities, which are clearly identified or identifiable and included in the data recording system; Personal data processed in accordance with generally accepted legal, commercial practices and honesty rules in these areas in order to manage our commercial, technical and administrative risks

Financial information
Personal data of the authorized person or employee of the customer regarding information, documents and records showing all kinds of financial results of the relevant person, which are clearly related to an identified or identifiable natural person, partially or fully processed automatically or non-automatically as part of the data recording system

Special personal data
Data related to the race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures of individuals, as well as biometric and genetic data are special personal data.

Accordingly, your personal data, depending on the nature of the service provided to you; It is obtained and processed in all kinds of verbal, written, visual or electronic media, for the purposes set out below and for the execution of all kinds of work within the scope of Denizli Hair Transplant's field of activity within the legal framework and for Denizli Hair Transplant to fully and duly fulfill its contractual and legal obligations within this scope.

2. Sharing of Your Personal Data
We share your personal data, which we process for the purposes explained above, with our affiliates, business partners, suppliers, Company officials, shareholders, lawyers, tax consultants, accountants and auditors we work with, third parties from whom we receive consultancy, regulatory and supervisory institutions and official authorities, domestic or foreign systems and legally authorized public institutions and private individuals.

3. Destruction of Your Personal Data
Our Company stores the personal data it processes for the periods specified by the legislation, and if no separate period is specified in the legislation; personal data is stored for the period required to be processed in accordance with the practices and customs of our Company's commercial life, depending on the services provided by our Company while processing that data, and for the periods determined to be necessary in practice after this period only for the purpose of constituting evidence in possible legal disputes. After the expiration of the specified periods, the personal data in question is deleted, destroyed or anonymized on the first destruction date in accordance with Article 7 of the Personal Data Protection Law.

4. Your Rights Regarding the Processing of Personal Data
Within the framework of Article 11 of the PDP Law, you can contact our Company and submit the following requests to us:
a) To learn whether your personal data has been processed, and if so, to request information about it,
b) To learn the purpose of processing your personal data and whether they are used in accordance with their purpose,
c) To learn the third parties to whom your personal data has been transferred domestically or abroad,
d) To request correction of personal data if it is processed incompletely or incorrectly,
e) To request the deletion, destruction or anonymization of your personal data if the reasons requiring the processing of your personal data within the scope of Article 7 of the PDP Law are eliminated,
f) To request that the transactions carried out pursuant to clauses (d) and (e) be notified to third parties to whom your personal data has been transferred,
g) To object to the emergence of a result against you by analyzing the processed data exclusively through automated systems,
h) To request compensation for damages in case of damages due to unlawful processing of your personal data.

5. Right to Apply
You can exercise your rights listed above in accordance with the provisions of the Personal Data Protection Law and the Communiqué on the Procedures and Principles of Application to the Data Controller published on 10.03.2018 and the relevant current legislation, by using the “Application Form Pursuant to the Law on the Protection of Personal Data” located at http://www.ozelvizyongoz.com/; You can deliver it in person/by hand to Sırakapılar Mah. 495 Sok. No:7 Merkezefendi/DENIZLI, send it to Sırakapılar Mah. 495 Sok. No:7 Merkezefendi/DENIZLI via a notary public, or send it to ozelnumune@hs01.kep.tr with secure electronic or mobile signature, via your registered electronic mail address or your e-mail address registered in our system. In order for a person other than the relevant person to make a request, there must be a notarized special power of attorney issued by the relevant person on behalf of the person who will apply. In this context, your requests that you will submit to our Company in accordance with the procedure will be finalized within thirty days at the latest. If the finalization of your requests in question requires an additional cost, our Company will charge the applicant a fee in the tariff determined by the Personal Data Protection Board ("Board"). If our Company responds to your application via a recording medium such as CD or flash memory, a fee determined not to exceed the cost of the recording medium may be requested. Our Company may request information from the relevant person in order to determine whether the applicant is the personal data owner and may ask questions to the relevant person regarding his/her application in order to clarify the issues specified in the application. In accordance with Article 14 of the Personal Data Protection Law, in cases where the application is rejected, the response given is found insufficient or the application is not responded to in a timely manner; the personal data owner may complain to the Board within thirty days from the date of learning our Company's response and in any case within sixty days from the date of application.