Privacy Notice

Özel Mersin Ortadoğu Hastanesi

Website: www.ortadoguhospital.com

Last updated: 10.03.2026

Özel Mersin Ortadoğu Hastanesi (“Hospital”, “we”, “us”, “our”) respects your privacy and is committed to protecting your personal data. This Privacy Notice explains how we collect, use, store, disclose, and protect personal data when you visit www.ortadoguhospital.com, use our online forms, contact us, or request information about our healthcare services.

This Privacy Notice applies to www.ortadoguhospital.com and to microsites or digital services that clearly display the Özel Mersin Ortadoğu Hastanesi name or logo and link to this notice.

1. Data Controller

The data controller for the purposes of this website is:

Özel Mersin Ortadoğu Hastanesi
Atatürk Mah. 31035 Sk. No:11 33330 Mezitli/Mersin
Mersin / Türkiye
Email: [privacy@ortadoguhospital.com]
Phone: 444 12 53

Data Protection Contact / DPO (if applicable):
[Name / Department]
Email: [dpo@ortadoguhospital.com]

2. Scope of This Notice

This Privacy Notice applies to personal data collected through:

  • our website;
  • contact forms;
  • online service or appointment request forms;
  • international patient inquiry forms;
  • email, phone, or other digital communication channels linked from the website;
  • cookies and similar technologies, where applicable.

This website is intended to provide general information about our hospital, departments, physicians, services, and international patient support. Information on this website is provided for informational purposes only and does not replace medical examination, diagnosis, treatment, or professional medical advice.

3. Personal Data We May Collect

Depending on how you interact with us, we may collect the following categories of personal data:

a. Identification and contact data

  • name and surname;
  • email address;
  • phone number;
  • country/city;
  • preferred language;
  • passport or identification details, where strictly necessary for patient coordination.

b. Inquiry and communication data

  • message content;
  • department or treatment of interest;
  • appointment or callback requests;
  • communication preferences.

c. Health-related data

Where you voluntarily submit it through forms or communications, we may process limited health-related information such as:

  • symptoms or medical concerns;
  • treatment requests;
  • uploaded reports, test results, or medical documents.

d. Technical and usage data

  • IP address;
  • browser type and version;
  • device information;
  • operating system;
  • referral source;
  • pages visited;
  • date/time of access;
  • cookie identifiers and similar online identifiers.

e. Marketing and consent data

  • newsletter preferences;
  • consent records;
  • cookie choices;
  • communication permissions.

4. How We Collect Your Data

We collect personal data:

  • directly from you when you fill in forms or contact us;
  • when you communicate with us by email, phone, or messaging tools linked on the website;
  • automatically through cookies, server logs, and analytics tools, subject to applicable consent rules;
  • from authorized family members, interpreters, agencies, or referrers where relevant and legally permitted.

5. Purposes of Processing

We process personal data for the following purposes:

  • to respond to your inquiries;
  • to provide information about our hospital, departments, doctors, and services;
  • to arrange appointments, callbacks, or patient communication;
  • to assess international patient requests and coordinate pre-arrival communication;
  • to manage submitted documents and healthcare-related inquiries;
  • to operate, maintain, secure, and improve the website;
  • to comply with legal, regulatory, and patient safety obligations;
  • to establish, exercise, or defend legal claims;
  • to send service-related communications;
  • to send marketing communications only where permitted by law or based on your consent.

6. Legal Bases for Processing

Where GDPR applies, we rely on one or more of the following legal bases:

  • Consent – where you voluntarily submit information through contact or medical inquiry forms, subscribe to newsletters, or accept non-essential cookies;
  • Steps prior to entering into a contract / performance of a contract – where processing is necessary to respond to appointment, treatment, or service requests;
  • Legal obligation – where we must process data to comply with healthcare, tax, accounting, or regulatory requirements;
  • Legitimate interests – for website security, fraud prevention, service improvement, internal administration, and non-intrusive communication management, provided such interests are not overridden by your rights;
  • Explicit consent and/or healthcare-related legal basis – where special category data, including health data, is processed, as required by applicable law.

7. Processing of Health Data

Health-related information is treated with a higher level of protection. We only process health data where this is necessary and legally permitted, including where:

  • you have given explicit consent;
  • processing is necessary for the provision, coordination, or administration of healthcare services, where permitted under applicable law;
  • processing is necessary to comply with legal obligations in the field of healthcare.

Please do not send unnecessary medical information through general contact forms. Where possible, we recommend using the designated secure patient or medical inquiry channels.

8. Cookies and Similar Technologies

Our website may use cookies and similar technologies to:

  • ensure the website functions properly;
  • remember user preferences;
  • analyze traffic and performance;
  • improve usability and security;
  • support embedded content or third-party services.

Strictly necessary cookies may be used without prior consent where legally permitted.
Analytics, advertising, personalization, and other non-essential cookies will only be used where required consent has been obtained.

For more details, please see our Cookie Policy.

9. Sharing of Personal Data

We may share personal data, where necessary and lawfully permitted, with:

  • hospital departments and authorized staff;
  • IT, hosting, website, CRM, form, analytics, and support service providers acting on our behalf;
  • laboratories, physicians, consultants, or healthcare partners where relevant to your request;
  • legal, accounting, audit, or compliance advisors;
  • public authorities, regulators, courts, or law enforcement bodies where required by law;
  • authorized business partners or patient coordination partners strictly for handling your request, where appropriate.

We require processors and service providers to implement appropriate confidentiality and security measures.

We do not sell your personal data.

10. International Data Transfers

Your personal data may be stored or processed in countries outside your country of residence, including outside the European Economic Area, where our service providers, hosting providers, or support partners operate.

Where GDPR applies and personal data is transferred outside the EEA, we will use appropriate safeguards where required, such as:

  • adequacy decisions;
  • Standard Contractual Clauses;
  • other lawful transfer mechanisms recognized under applicable data protection law.

You may request further information about the safeguards used for international transfers.

11. Data Retention

We keep personal data only for as long as necessary for the purposes described in this notice, including for legal, regulatory, medical, accounting, dispute resolution, and security purposes.

Retention periods vary depending on the type of data and the purpose of processing. For example:

  • contact form inquiries: [e.g. 12–24 months];
  • appointment and patient communication records: as required by healthcare and legal obligations;
  • consent records: for the duration needed to demonstrate compliance;
  • technical logs: for a limited security and operational period;
  • marketing preferences: until consent is withdrawn or data is no longer needed.

Where data is no longer required, it will be securely deleted, anonymized, or archived in accordance with applicable law.

12. Your Rights

Where GDPR applies, you may have the right to:

  • request access to your personal data;
  • request correction of inaccurate or incomplete data;
  • request deletion of your data in certain circumstances;
  • request restriction of processing;
  • object to certain processing activities;
  • receive your personal data in a portable format where applicable;
  • withdraw consent at any time, where processing is based on consent;
  • lodge a complaint with a competent supervisory authority.

To exercise your rights, please contact us at:
[privacy@ortadoguhospital.com]

We may need to verify your identity before responding to your request.

13. Marketing Communications

If you opt in to receive updates, promotions, newsletters, or service announcements, we may send you such communications in accordance with applicable law.

You may unsubscribe or withdraw your consent at any time by using the unsubscribe option in the communication or by contacting us directly.

14. Data Security

We implement appropriate technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, or unlawful disclosure. These measures may include access controls, secure hosting, encryption where appropriate, logging, backup procedures, and confidentiality obligations for staff and vendors.

However, no internet transmission or storage system can be guaranteed to be 100% secure.

15. Third-Party Links and Platforms

Our website may contain links to third-party websites, applications, or platforms, including social media accounts. We are not responsible for the privacy practices, content, or security of third-party websites or services. We encourage you to review their privacy notices before providing personal data.

16. Intellectual Property and Website Content

Unless otherwise stated, the content, design elements, logos, graphics, texts, visual materials, and other materials on this website are owned by or licensed to Özel Mersin Ortadoğu Hastanesi and are protected by applicable intellectual property laws.

No content from this website may be copied, reproduced, distributed, modified, stored, published, or used for commercial purposes without prior written permission, except where permitted by law.

17. Children’s Data

This website is not intended for unsupervised use by children. If personal data relating to a child is submitted, this should be done by a parent, legal guardian, or authorized representative, where legally required.

18. Changes to This Privacy Notice

We may update this Privacy Notice from time to time to reflect legal, technical, or operational changes. The latest version will always be published on www.ortadoguhospital.com with the updated revision date.

19. Contact Us

If you have any questions about this Privacy Notice or about how we process your personal data, please contact:

Özel Mersin Ortadoğu Hastanesi
Email: [privacy@ortadoguhospital.com]
Address: Atatürk Mah. 31035 Sk. No:11 33330 Mezitli/Mersin
Phone: 444 12 53