Privacy Policy and Personal Data Text

This Privacy Policy and Personal Data Text ( Policy ) are related to the use of data obtained and/or to be obtained from people ( User ) who visit the website named https://worldhealth.ist/ ( Site ) managed and operated by World Health ( Company ) . It has been prepared in order to enlighten and inform the Users about the terms and conditions and the ways in which the data is processed. The Company obtains personal data through cookies on the Site. You can find detailed information on the use of cookies in the Website Cookie Policy

General Descriptions

The Company adopts this Policy regarding the confidentiality, use and other related issues of the information processed regarding the Users.

Personal data refers to any information relating to an identified or identifiable natural person. For this reason, the regulations regarding personal data in this text will be applied if the relevant information belongs to a natural person. If the relevant information belongs to legal entities, regulations other than the regulations regarding personal data in this text are applied.

The company attaches importance to the privacy of personal data and takes care to be transparent about the storage of information. This Policy includes clarification on what kind of data is collected, how this data is used, with whom this information is shared if necessary, what the rights regarding personal data are and how these rights can be exercised, and the principles adopted by the Company regarding confidentiality.

Personal data is processed in accordance with the following basic principles:

Compliance with the law and the rules of honesty,
Being accurate and up-to-date when necessary,
Processing for specific, explicit and legitimate purposes,
Being connected, limited and restrained with the purpose for which they are processed,
To be kept for the period required by the relevant legislation or for the purpose for which they are processed.

Data Controller

In accordance with the Personal Data Protection Law No. 6698 ( KVKK ), your personal data; It is processed within the scope described below by World Health ( Company ) as the data controller.

DATA CATEGORIES	DATA TYPES
Identity	Name surname
Communication	Phone number, e-mail address, city information
Customer Transaction	Which product is interested, the message of the contact person
Transaction Security	IP address information, website login and exit information
Marketing	Data obtained through cookies

Data Categories and Data Types Processed
Methods of Collecting Personal Data

The Company obtains personal data from electronic or written data, especially from contact forms, in accordance with the personal data processing conditions specified in the KVKK and processes it in accordance with the purposes stated below.

Purposes and Legal Reasons for Processing Personal Data

DATA CATEGORIES	PROCESSING OBJECTIVES	LEGAL REASONS
Identity Communication Customer Transaction	· Execution of Communication Activities · Execution / Supervision of Business Activities · Receiving and Evaluating Suggestions for Improvement of Business Processes · Conducting Business Continuity Ensuring Activities · Execution of Goods/Services After Sales Support Services · Execution of Goods/Service Sales Processes · Execution of Good/Service Production and Operation Processes · Execution of Customer Relationship Management Processes · Execution of Activities for Customer Satisfaction	· Provided that it is directly related to the establishment or performance of a contract, it is necessary to process the personal data of the parties to the contract, · Data processing is mandatory for the Company's legitimate interests, provided that it does not harm the fundamental rights and freedoms of the person concerned.
Transaction Security	· Execution of Information Security Processes · Conducting Audit/Ethics Activities · Execution of Activities in Compliance with the Legislation · Carrying out Internal Audit / Investigation / Intelligence Activities · Execution/Audit of Business Activities · Providing Information to Authorized Persons, Institutions and Organizations	· It is mandatory for the Company to fulfill its legal obligations, · Data processing is mandatory for the Company's legitimate interests, provided that it does not harm the fundamental rights and freedoms of the person concerned.
Marketing	· Conducting Marketing Analysis Studies · Execution of Advertising / Campaign / Promotion Processes · Execution of Marketing Processes of Products/Services	· Your express consent from you, · Data processing is mandatory for the Company's legitimate interests, provided that it does not harm the fundamental rights and freedoms of the person concerned.

DATA CATEGORIES

PROCESSING OBJECTIVES

LEGAL REASONS

Identity

Communication

Customer Transaction

· Execution of Communication Activities

· Execution / Supervision of Business Activities

· Receiving and Evaluating Suggestions for Improvement of Business Processes

· Conducting Business Continuity Ensuring Activities

· Execution of Goods/Services After Sales Support Services

· Execution of Goods/Service Sales Processes

· Execution of Good/Service Production and Operation Processes

· Execution of Customer Relationship Management Processes

· Execution of Activities for Customer Satisfaction

· Provided that it is directly related to the establishment or performance of a contract, it is necessary to process the personal data of the parties to the contract,

· Data processing is mandatory for the Company's legitimate interests, provided that it does not harm the fundamental rights and freedoms of the person concerned.

Transaction Security

· Execution of Information Security Processes

· Conducting Audit/Ethics Activities

· Execution of Activities in Compliance with the Legislation

· Carrying out Internal Audit / Investigation / Intelligence Activities

· Execution/Audit of Business Activities

· Providing Information to Authorized Persons, Institutions and Organizations

· It is mandatory for the Company to fulfill its legal obligations,

· Data processing is mandatory for the Company's legitimate interests, provided that it does not harm the fundamental rights and freedoms of the person concerned.

Marketing

· Conducting Marketing Analysis Studies

· Execution of Advertising / Campaign / Promotion Processes

· Execution of Marketing Processes of Products/Services

· Your express consent from you,

· Data processing is mandatory for the Company's legitimate interests, provided that it does not harm the fundamental rights and freedoms of the person concerned.

Transfer of Personal Data

Our company takes care to process your personal data in accordance with the principles of "need to know" and "need to use", by ensuring the necessary data minimization and by taking the necessary technical and administrative security measures. Since the execution or control of business activities, ensuring business continuity, operation of digital infrastructures necessitate continuous data flow with different stakeholders, we have to transfer the personal data we process to third parties for certain purposes. In addition, it is very important that your personal data is accurate and up-to-date so that we can fully and properly fulfill our contractual and legal obligations. For this, we have to work with various business partners and service providers.

Your personal data is transferred to the following groups of recipients for the specified purposes.

DATA CATEGORY	BUYER GROUP AND PURPOSE OF TRANSFER
Identity Communication Customer Transaction	· In order to carry out storage and archive activities, with our domestic and foreign suppliers who provide our information infrastructure, · In order to carry out communication activities and marketing processes, with the bulk delivery providers that we receive services from, · With our financial advisors and audit firms, from which we receive services in order to carry out our finance and accounting processes, · With authorized public institutions and organizations in order to fulfill our legal obligations.
Transaction Security	· With authorized public institutions and organizations in order to fulfill our legal obligations.
Marketing	· With our suppliers abroad, from which we receive services on cookies, in order to carry out marketing activities.

Changes and Updates

As the data controller, the company has the right to change the Policy on the condition that it complies with the relevant legislation and that personal data is better protected.

This Policy may be revised and updated as new features are added to the Site or new suggestions are received. However, in this case, we will notify you by posting the changes on the Site. In certain important cases, we may notify you of such changes by e-mail or by any other conspicuous method reasonably designed to notify you, with additional notices as appropriate. If you continue to access the Site upon notification of these changes, you will be deemed to have consented to the changes in the Policy. Therefore, we recommend that you review the Policy each time you access the Application. This document was last updated on 01.06.2021. If the policy provisions are changed, they become effective on the date of publication.

Rights of the Relevant Person

Within the scope of the legislation on the protection of personal data

Learning whether your personal data is processed or not,
Requesting information about the processing of your personal data,
To learn the purpose of processing your personal data and whether they are used in accordance with the purpose,
Knowing the third parties to whom personal data is transferred in the country or abroad,
Requesting correction of your personal data if it is incomplete or incorrectly processed or changed,
To request the deletion or destruction of your personal data in accordance with the conditions stipulated in the KVKK,
Requesting notification of third parties to whom personal data has been transferred, that your personal data that has been processed incompletely or incorrectly has been corrected and that your personal data has been deleted or destroyed,
Objecting to the emergence of a result against you by analyzing your processed data exclusively through automated systems,
If you suffer damage due to the unlawful processing of your personal data, you have the right to demand the compensation of the damage.

In the application containing your explanations regarding the right you have as the relevant persons and that you will make and request to use the above-mentioned rights; The matter you request must be clear and understandable, the subject you request is related to you or if you are acting on behalf of someone else, you must be specifically authorized in this regard and document your authority, and the application must meet the minimum application requirements in the Communiqué on the Procedures and Principles of Application to the Data Controller.

If you submit your requests to us through the methods specified, the Company will conclude the request free of charge as soon as possible and within thirty days at the latest, depending on the nature of your request. However, if the transaction requires a separate cost, the fee in the tariff determined by the Personal Data Protection Board will be charged by the Company.