+90 539 864 02 65
TR| EN| AR| RU
Mehmet Bedii Oğurel logo
Op. Dr. Mehmet Bedii Oğurel EYE DISEASES SPECIALIST
Protection of Personal Data

GDPR Privacy Notice

This Privacy Notice explains how your personal data is processed in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) during healthcare and related services provided by MBO HEALT TURIZM SANAYI VE TICARET LIMITED SIRKETI.

Last updated: February 8, 2026

1. Data Controller

The data controller within the scope of this Privacy Notice is MBO HEALT TURIZM SANAYI VE TICARET LIMITED SIRKETI.

  • Email: info@opdrmehmetbediiogurel.com
  • Phone: +90 539 864 02 65

2. Categories of Personal Data Processed

  • Identity and contact data: Name, surname, phone number, email address.
  • Appointment data: Appointment requests, scheduling information, communication records.
  • Health data (special category): Medical history, diagnosis, examination findings, test results, imaging, prescriptions, treatment and follow-up records.
  • Technical data: IP address, device and browser information, website interaction data.

3. Purposes of Processing

  • Provision of healthcare services including examination, diagnosis, treatment, and follow-up,
  • Appointment management and patient communication,
  • Compliance with legal and regulatory obligations,
  • Ensuring service quality, safety, and continuity,
  • Handling requests, complaints, and legal claims.

4. Legal Bases for Processing

Personal data is processed in accordance with:

  • Article 6(1)(b) – Performance of a contract or pre-contractual steps,
  • Article 6(1)(c) – Compliance with legal obligations,
  • Article 6(1)(f) – Legitimate interests,
  • Article 9(2)(h) – Processing of health data for medical diagnosis, provision of healthcare or treatment.

5. Data Collection Methods

Data is collected through online forms, telephone, email, WhatsApp communication, in-person visits, medical examinations, and technical systems used for service delivery.

6. Data Transfers

Your personal data may be shared, where necessary and lawful, with:

  • Authorized public authorities and regulatory bodies,
  • Healthcare service providers (laboratories, imaging centers),
  • IT and technical service providers supporting our systems.

7. International Data Transfers

If personal data is transferred outside the European Economic Area (EEA), appropriate safeguards such as adequacy decisions, standard contractual clauses, or explicit consent are applied in accordance with GDPR Chapter V.

8. Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes outlined above or as required by applicable healthcare and legal regulations. After this period, data is securely deleted, anonymized, or destroyed.

9. Patient & Appointment Privacy Notice

Personal data shared during appointment requests and healthcare services is processed solely for medical service delivery, patient communication, legal compliance, and record keeping.

10. Your Rights Under GDPR

  • Right to access your personal data,
  • Right to rectification,
  • Right to erasure (“right to be forgotten”),
  • Right to restriction of processing,
  • Right to data portability,
  • Right to object,
  • Right to lodge a complaint with a supervisory authority.

11. Contact and Requests

Requests regarding your data protection rights may be submitted using the contact details above. We may request identity verification before processing such requests.

12. Language and Validity

This English version is provided for informational purposes. In the event of discrepancies, the Turkish version shall prevail.

13. Updates

This Privacy Notice may be updated in line with legal or operational changes. Updates become effective upon publication on this website.