Welcome to Your MedCare (“we”, “us”, or “our”). Your privacy is of paramount importance to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website [www.yourmedcare.com], use our services, or communicate with us. We are committed to protecting your personal data with the highest standards of security and confidentiality.

Who We Are

Your MedCare is a health tourism intermediary platform operated by [Yourmedcare Medikal Turizm Danışmanlık Limited Şirketi], headquartered in:

Akdeniz Mah. Sehit Fethibey Cad. Limboz Business Center No: 27  D: 303 Konak / Izmir 35210 – Turkiye

You can contact us regarding this Privacy Policy at:

Email: [privacy@yourmedcare.com]
Phone: [+908503350740]
[Tax ID:9821094335]

What Personal Data We Collect and Why

We collect the following types of personal data:

Personal Identification Information

  • Name, surname
  • Email address, phone number
  • Country of origin
  • Passport or ID copy (when necessary for treatment organization)

Health-Related Data

  • Medical history, treatment preferences, photos for medical evaluation
  • This is collected only with explicit consent and is used to provide healthcare consultation and treatment planning.

Technical Data

  • IP address, browser type, device information
  • Cookies and usage data for website optimization and analytics

Transactional Data

  • Payment or invoicing details, when relevant

We collect and process this data for:

  • Providing customized treatment proposals
  • Contacting you regarding your inquiries
  • Organizing medical appointments and travel arrangements
  • Fulfilling legal obligations
  • Analytics and website performance improvement
  • CRM-based service continuity (Zoho CRM)

Legal Basis

We rely on your explicit consent, contractual necessity, or legal obligations in line with GDPR Article 6 and Article 9 for processing sensitive health data.

Comments

If comments are enabled, we collect the data shown in the comment form, along with the visitor’s IP address and browser user agent string to help spam detection.

Media

If you upload images (e.g., for treatment evaluation), avoid uploading with embedded location data (EXIF GPS) as visitors may extract this.

Contact Forms

We use secure contact forms. Data submitted is:

  • Retained for up to 12 months for customer service and audit purposes
  • Never used for unsolicited marketing without your consent
  • Stored securely in Zoho CRM and is encrypted

Cookies

Our website uses the following types of cookies:

  • Essential cookies for website functionality
  • Analytics cookies (e.g., Google Analytics) for performance insights
  • Third-party cookies for embedded content

You can manage or disable cookies via your browser settings.

Analytics

We use:

  • Google Analytics (anonymized IP tracking)
  • Zoho CRM analytics modules (GDPR-compliant)

You may opt out using browser add-ons or Google Analytics Opt-Out Tool.

Who We Share Your Data With

We only share your data with third parties necessary to fulfill your requests:

  • Healthcare providers/clinics/hospitals: With your consent and only for the purpose of treatment planning
  • Zoho Corporation: Our CRM provider. Zoho Privacy Policy
  • Cloud service providers for secure file storage and backups
  • Payment processors if payments are made online

We never sell or rent your data.

How Long We Retain Your Data

  • Contact forms and inquiries: 12 months
  • Medical data and records: Up to 10 years, in accordance with medical and legal retention requirements
  • Cookie data: 6–12 months, depending on type
  • Analytics records: 14 months (Google default)

What Rights You Have Over Your Data

Under GDPR, you have the right to:

  • Access your data
  • Request correction
  • Request deletion
  • Withdraw consent at any time
  • Object to processing
  • Data portability

To exercise your rights, contact privacy@yourmedcare.com

Where Your Data Is Sent

Data may be stored and processed:

  • On secure cloud servers located in the EU and USA
  • With Zoho, which adheres to GDPR and Standard Contractual Clauses (SCCs) for data transfers outside the EU

We ensure all transfers meet EU data protection standards.

How We Protect Your Data

We implement the following security measures:

  • Data encryption (SSL & at rest)
  • Secure access controls and passwords
  • 2FA (Two-Factor Authentication) for internal systems
  • GDPR training for staff handling sensitive data
  • Periodic risk assessments and compliance audits
  • Only authorized personnel can access patient information

Data Breach Procedures

In the event of a data breach:

  • We have an incident response protocol
  • Affected users will be notified within 72 hours, as required by law
  • The relevant Data Protection Authority will be informed
  • We maintain a breach log and perform impact assessments

Third Parties We Receive Data From

If you submit requests through platforms like WhatsApp, social media, or health marketplaces, we may receive your contact and inquiry data through those third-party platforms, all subject to their respective privacy policies.

Automated Decision Making & Profiling

We do not engage in automated decision-making that significantly affects users. Treatment proposals are reviewed by human consultants and medical experts.

Regulatory Compliance

Your MedCare complies with:

  • General Data Protection Regulation (GDPR)
  • Turkish Law on the Protection of Personal Data (KVKK)
  • Industry standards applicable to health tourism providers

Last Updated: [27.05.2025]