Dişyeri Grup

GDPR Information Notice

Information on how Dişyeri Grup processes your personal data

Last updated:

Data Controller

For the purposes of the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the data controller is Dişyeri Grup.

Contact: info@disyeri.com.tr | Phone: 0530 122 26 60 | Address: Mecidiyeköy ve Esenyurt, İstanbul, Turkey

This notice covers personal data processed via our website (appointment, contact, newsletter and blog comment forms) and in connection with clinical dental services.

Categories of Data Processed

We process the following categories of personal data through website forms and clinical processes.

  • Identity and contact: name, surname, phone, email
  • Appointment/contact: preferred clinic, message content, subject of request
  • Newsletter: email address, subscription consent
  • Blog comments: name, email (optional), comment text
  • Technical: IP address, browser data, cookie information (see Cookie Policy)
  • Clinical (not via website forms): health data, treatment history, imaging, billing data

Purposes of Processing

  • Receiving, scheduling and managing appointment requests
  • Responding to enquiries and managing patient relations
  • Sending newsletters and informational communications (with consent)
  • Website security, performance analysis and user experience improvement
  • Compliance with legal obligations and protection of rights
  • Provision of dental services, treatment planning and billing (clinic)

Legal Bases (GDPR Art. 6 and Art. 9)

Under Article 6(1) GDPR, we process personal data based on contract performance, legal obligation, legitimate interests, and, where required, consent.

Marketing/newsletter and optional analytics cookies rely on Article 6(1)(a) consent.

Health data constitutes special category data under Article 9 GDPR and is processed on the basis of healthcare provision, public health, legal obligations, or explicit consent, as applicable.

Data Transfers

Your data may be shared with service providers (hosting, email, appointment/CRM infrastructure), competent authorities and, where necessary, business partners, subject to appropriate safeguards under Articles 44–49 GDPR.

Where transfers occur outside the EEA, we implement adequacy decisions, Standard Contractual Clauses or other lawful mechanisms.

Retention

Personal data is retained for as long as necessary for the processing purpose and as required by applicable law, then deleted, destroyed or anonymised.

Health records are retained in accordance with applicable Turkish healthcare legislation and professional requirements.

Your Rights (GDPR Chapter III)

  • Right of access
  • Right to rectification
  • Right to erasure ('right to be forgotten')
  • Right to restriction of processing
  • Right to data portability
  • Right to object
  • Rights related to automated decision-making
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

How to Exercise Your Rights

You may submit requests to info@disyeri.com.tr or in writing to Mecidiyeköy ve Esenyurt, İstanbul, Turkey.

We respond without undue delay and within one month, extendable by two further months where necessary.

Health Data

Health data is not collected through website forms; it is processed during clinical examination, treatment and record-keeping.

Such data is handled confidentially by authorised healthcare staff and disclosed only where legally permitted.