General Data Protection Regulation – Assoc. Prof. Dr. Yalçın Bayram

1. Identity of the Data Controller

This website is operated by Assoc. Prof. Dr. Yalçın Bayram, who is the data controller under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. Any personal data you provide via contact forms, appointment requests, or comments is processed by Dr. Yalçın Bayram in accordance with applicable data protection laws.

2. Purpose of Processing Personal Data

Your personal data may be collected and processed for the following lawful purposes:

  • To assess and manage your appointment requests

  • To communicate with you regarding medical services or inquiries

  • To comply with legal obligations (e.g. invoicing, official documentation)

  • To improve service quality and ensure patient satisfaction

The legal basis for processing your data may include your explicit consent, performance of a contract, compliance with legal obligations, or legitimate interests, as appropriate.

3. Categories of Personal Data Collected

We may collect and process the following types of data:

  • Contact information: name, surname, phone number, email address

  • Health information: any details you choose to include in the message field (special category data)

  • Technical data: IP address, browser type, form submission details (for security and diagnostic purposes)

We will only process special category data, such as health information, based on your explicit consent or when necessary for the provision of healthcare.

4. Sharing and Transfer of Personal Data

Your personal data may be shared with third parties only when necessary and in accordance with GDPR:

  • With the Department of Health or other relevant regulatory authorities, where legally required

  • With service providers (e.g. IT support, legal consultants, laboratories, diagnostic centers) under appropriate data processing agreements

  • When automated analysis or technical processing is required for system functionality

We will not transfer your data outside the unless adequate safeguards are in place (e.g. to a country with an adequacy decision or via standard contractual clauses).

5. How Your Data Is Collected and Legal Bases

Your data may be collected:

  • Directly from you through contact or appointment forms, email, or telephone

  • Based on your explicit consent, contractual necessity, legal obligations, or legitimate interests where applicable

  • In compliance with GDPR Article 6 (for general personal data) and Article 9 (for special category data)

6. Your Rights as a Data Subject

Under the GDPR, you have the following rights regarding your personal data:

  • To be informed about the collection and use of your data

  • To access your personal data

  • To request rectification of inaccurate or incomplete data

  • To request erasure of your data (‘right to be forgotten’)

  • To restrict or object to data processing

  • To data portability (where applicable)

  • Not to be subject to decisions based solely on automated processing

  • To lodge a complaint with the Information Commissioner’s Office (ICO)

You may exercise your rights by submitting a written request or by using the contact form provided on this website.

7. Effective Date and Updates

Effective date: 6 August 2025

This privacy notice may be updated periodically in response to legal or regulatory changes. Please review it regularly for any modifications.