0850 200 68 85

Quality Policy & Accreditations

Unable to display PDF file. Download instead.


This Privacy Notice is drafted by Mlp Sağlık Hizmetleri A.Ş. and all other affiliates, companies, and hospitals (“MLPCARE" or “we") acting as data controller.

Please click here​ to see a list of all companies and hospitals under MLPCARE. 

Please find below legal basis for MLPCARE to process your data:

  1. To provide medical service you requested or need

When you visit one of our hospitals, we need to register you to our system to deliver the medical services you need. For this purpose we need personal data to identify you. (e.g. identity data, communication data etc.) The medical service agreement constitutes the legal basis for processing your basic personal data.

We will process your health data (such as diagnosis or treatment data) based on the legal basis of medical diagnosis.   

We are subject to legal obligation to process (specifically retain and share) your health data. (Please look Part 4 for more information)

If you are in an extreme or life-threatening condition while present at one of our hospitals, we will use your health data in order to preserve your health and well-being, and on the legal basis of protecting your vital interests.

  1. To inform you about what's new

We would like to keep you informed of our latest offering in medical services and would like to be able to contact you for that purpose (e-marketing). If you wish to receive such communications, we will process your personal data based on your consent.

  1. To improve our services

You can participate in our satisfaction survey for patients, should you wish to do so. We would like to remind you that participation is based on your free consent. Your choice will not affect our service to you. If you prefer, we will abstain from contacting you.  

We may process (specifically share with educational institutions that we collaborate) your personal data for scientific research.

  1. To ensure safety

We are using CCTV cameras in all of our hospitals to ensure the safety of our patients. The legal basis to monitor our hospitals is our legitimate interest in ensuring the safety of our patients and hospitals.

Moreover, we are also using VR Camera systems in operating rooms as a legal obligation arising from the Circular no 2012/23 drafted by the Ministry of Health on protecting medical employees.

  1. To provide Call Center service

When you call a MLPCARE Call Center for making an appointment, being informed about one of our services or submitting a complaint; your personal data is processed based on execution of contract and legitimate interest legal basis. 

  1. To provide further service

Some of our hospitals offer car parking services. If you wish to use our parkings we will process your data (car data) based on our legitimate interest.

We may obtain your personal data from three resources: a. from you; b. from others; 3. from our medical activity.

  1. In order to provide you with our medical service, we ask you to provide us with your: 

Identity and communication data

  • Name and surname
  • Passport number
  • Address
  • Mobile phone number
  • E-mail address
  • Birthplace and date
  • Marital status
  • Gender
  • Passport identity page photocopy
  • Emergency contact information
    This information is registered on our Hospital Information Management System (HIMS) and transferred to the Ministry of Health. (For more information, please see Part 4)

Payment and insurance data

  • Insurance (if you have any in your home country)
  • Credit card information
  • Bank account details
  • Invoice data 

Health data​

  • Your current health conditions
  • Your diagnosis and treatment
  • If you opt to share, your previous health records

    In order to provide you further services (car parking or commercial communication) we process:
    Communication data
  • Mobile phone number
  • E-mail address

           Car data

  • License plate
  • Car brand and model

In order to provide call center services: 

​            Phone call data

  • Name and surname
  • Mobile number
  • Passport number
  • E-mail address
  • Appointment information
  • Phone record
  • Complaints
  1. We collect personal data from others in following circumstances:
  • If you are referred to our hospital by a medical provider (referring doctor or hospital), consulate or any other intermediary organization, we consult this person about your health condition and/or treatment, if necessary, to identify the most appropriate medical service for you.
  • If the medical service, we provide you with is paid for by a medical insurer we need to gather information about coverage from this insurer in order to provide the medical service to you.
  1. When providing medical services to you, we create health data about you. As a medical services provider, MLPCARE is required by law to carefully document these services.

MLPCARE retains your personal data as long as necessary to provide our medical services and to comply with applicable medical, tax, accounting or other legislative requirements. If our legal obligation to retain your data expires, we will delete your data or de-identify it.

During your relationship with MLPCARE we share your personal data with five different types of recipients:

  1. We use service providers (so-called data processors) to assist us in processing the personal information we receive and create (for example medical and financial software vendors and Call Center service provider). The data processors act on behalf of MLPCARE based on our written instructions. We only share your data to the extent it is absolutely necessary. 
  1.  We share your personal data with suppliers in the following instances:
  • If we are required by law.
  • If required by a contract (our subcontractors, consultants, lawyers, legal representants, collaborators)
  • If the protection of your vital interest (e.g. an emergency) so requires, we will share your health data with other medical professionals.
  • Medical professionals who provide service to MLPCARE based on a service contract.
    We only share your personal data when it is strictly necessary. We take all technical and organizational measures to protect your personal data.           
  1. You may request that we send your health data to your referrer or your family doctor.  The processing activities of third-party recipients are outside our control and responsibility. We therefore recommend that you first ask this third party how they will process your personal data. If you want us to share your health data with other medical professionals or other individuals, we will ask you to fill a dedicated consent form available from our receptionist. 
  1. By registering your information on HIMS as a patient, your personal data will automatically be transferred to the Turkish Ministry of Health through MEDULA software.
  1. We may share your personal data with private health insurance firms, intermediary institutions authorized by the private insurance company, contracted institutions you are affiliated with; for the purpose of carrying out the provision and invoicing processes for the services you have received, in the course of financing of healthcare services
  1. We may transfer your personal data to educational institutions that we cooperate with for scientific research purposes.

Please click here to find a list of all educational institutions that we are in cooperation with.

Upon the existence of your explicit consent, we may transfer your personal data abroad to private health insurance firms, intermediary institutions authorized by the private insurance company, contracted institutions you are affiliated with;for the purpose of carrying out the provision and invoicing processes for the services you have received, in the course of financing of healthcare services., your personal data may be transferred to third parties, including insurance firms abroad, that you have specified upon your request and limited to this.

1) Right to request access to your personal data. It means that you are entitled to obtain a confirmation that your data is being processed. You have access to your personal data processed by us and other supplementary information (especially the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or will be disclosed and the retention period). 
2) Right to request rectification of your data. It means that you are entitled to have your personal data corrected, completed if it is inaccurate or incomplete. 
3) Right to request erasure of your data. It means that you are entitled to have your personal data deleted in specific circumstances, if there is no lawful reason for continuing our processing.
4) Right to request us to restrict the processing. It means that you may request to 'block' or suppress processing of your personal data in specific circumstances. Your valid request is leading to that we will be permitted to store your personal data, but not further process it.
5) Right to object to us processing your data. If you use a „no photo" badge (available at the reception) we are not taking photos of you during the event.
6) Right to data portability. It means that you may request from us to provide all your data in our control in a machine-readable format, so that you can transfer your data to another data controller.
7) Right to not be subject to decisions based solely on automated processing. It means that you may request from us to not use your personal data for decisions made solely by automated processing.
If you wish to exercise your rights above, we kindly request you to transmit your legal requests related to your personal data by filling in the “MLPCARE Data Subject Access Request Form" given herein​ and sending it to us by the communications means set forth in the form.​