In accordance with the Personal Data Protection Law No. 6698 (“GDPR”), your personal data will be processed by Genoks Genetic Diseases Assessment Center (GHDM), as the Data Controller, depending on the reason for your application to our center, to be used, recorded, stored, updated, transferred and/or classified within the framework described below. In this context, our Center takes all technical and administrative measures to ensure the appropriate level of security in order to prevent unlawful processing of your personal data, prevent unlawful access and ensure its preservation, in accordance with the Law and Regulations issued to protect the fundamental rights and freedoms of individuals, especially the privacy of private life, and for the protection of personal data. The target audience of this text is our patients who apply to our Center for genetic testing and all real persons whose personal data are processed, other than our Center employees or employee candidates who have applied for a job at our Center. Personal data processed as the data controller are listed below, including but not limited to those specified here; Name, surname, Turkish Identity Number, address, telephone number, e-mail address, signature, physical space/security image recording, call center/service quality voice recording, bank account number, cookie records and genetic test results Purposes and legal grounds for processing personal data;

Name, surname, Turkish Identity Number, address, telephone number, e-mail address, signature, physical space/security image recording, call center/service quality voice recording, bank account number, cookie records and genetic test results Purposes and legal grounds for processing personal data;

Your personal data shared by you;

To carry out the necessary work to enable you and/or the institutions and organizations you represent to benefit from the products and services offered by our Center, to determine and implement the commercial and business strategies of our Center, to carry out marketing activities, to carry out business development and planning activities, including but not limited to these,

• • • To carry out operations for the work and services carried out by our Center,
    • Ensuring the physical security and control of the locations used by our Center,
    • Establishing business partner/customer/supplier (authorized or employee) relations,
    • Ensuring the contractual requirements and financial reconciliation regarding the products and services offered together with our business partners, suppliers or other third parties,
    • To carry out the human resources policies of our Center,
    • Calling our Center's call center or using the website
    and/or will be processed for the purpose of participating in training, seminars or organizations organized by our Center.

Method of collecting and storing personal data;

Your personal data that you share with our Center may be collected verbally, in writing or electronically, by automatic or non-automatic methods, through offices, branches, call center, website, social media channels, mobile applications and similar means. Your personal data will be stored in electronic and/or physical media. Business process design and technical security infrastructure developments are implemented by our Center to ensure that your personal data, which are obtained and stored by our Center, are not exposed to unauthorized access, manipulation, loss or damage in the environments where they are stored.

Your personal data will be processed by taking all necessary information security measures, provided that it is not used outside of the purposes and scope notified to you, and will be stored and processed for the legal storage period or for the period required by the purpose of processing if no such period is foreseen. At the end of this period, your personal data will be removed from our Center's data flows by means of deletion, destruction or anonymization methods.

Transfer of Personal Data;

Your personal data, within the scope of Laws and other legislation and for the purposes explained;

• To our authorized companies, representatives and/or technology and solution partners established for the disclosure of genetic tests, operating in our Center's name and account
• To regulatory and supervisory institutions, public institutions or organizations authorized to explicitly request your personal data in their laws,
• It may be transferred to mandatory persons, institutions and organizations and third parties we consult, including auditors, regarding legal follow-up processes, and without limitation, to business partners, third parties from whom services are received, authorized persons and organizations, at home and abroad, for the purposes specified above.Your rights under Article 11 of the GDPR;
  
  By applying to our Center, your personal data;
  • Learning whether it has been processed,
  • Requesting information if it has been processed,
  • Learning the purpose of processing and whether it is used in accordance with its purpose,
  • Knowing the 3rd parties to whom it has been transferred at home / abroad,
  • Requesting correction if it is incomplete / incorrectly processed,
  • Requesting its deletion / destruction within the framework of the conditions stipulated in Article 7 of the GDPR,
  • Requesting notification of the above-mentioned transactions to the 3rd parties to whom it has been transferred,
  • Objecting to the emergence of a result against you due to analysis exclusively with automatic systems,
  • You have the right to demand compensation for the damage in case you suffer damage due to unlawful processing.

  In accordance with the 1st paragraph of Article 13 of the GDPR Law, you may submit your request regarding the use of your above-mentioned rights to our Center in writing or by other methods determined by the Personal Data Protection Board.

  In order to exercise your above-mentioned rights, you can deliver your petition containing the necessary information identifying your identity in person, send it through a notary public or by other methods determined by the Personal Data Protection Board, or send it to our genoks@hs01.kep.tr kep address with a secure electronic signature.