Introduction                         

Any natural person over the age of 18 can become a user of our Yesil Health  Products and Services at their own consent.

As Yesil Health, we can analyze the user’s symptoms and health data as a result of the processing of the data you provide to us using our Product and Service and direct them to receive relevant medical assistance and provide wellness advice. It should be mentioned that Yesil Health, under no circumstances, is a place of medical examination. You must follow your doctor’s advice. The information contained herein is not intended to replace the advice of a doctor or other healthcare professional.

In addition, we are taking serious of your personal data and privacy and we carefully carry out all the processes regarding the protection and processing of your personal data. When it comes to health and privacy, we we attentively follow the legislations in particular the Law on Protection of Personal Data and current developments in domestic and abroad as well.

What is this document?

At Yesil Health, we are taking care of the protection of our users data and privacy as much as taking care of our users health. In this confidentiality agreement, we explain all kinds of policies regarding your personal data you have given us electronically. We invite you to take a few moments to read and understand the policy. You can always access the text of this contract through our website or application. Any changes to be made in the text of the contract will definitely be notified to you and your consent will be obtained. The protection and processing of your personal data will be subject to the updated contract provisions. You can send us any questions regarding the text of the contract through our communication channels.

Why should I read this contract?

By registering for the Yesil Health app, you are deemed to have read and accepted this Privacy Policy.

How does Yesil Health handle the privacy of your personal data?

Yesil Health takes serious of your privacy seriously and mean it. For this reason, our policies are written in an easy, plain and understandable language that everyone can understand.

Yesil Health uses SSL certificate and end-to-end encryption method while storing your personal data.

In our privacy policy; We have explained how our services work and any potential privacy issues that may aries by addressing frequently asked questions to Yesil Health

This Privacy policy explains what kind of information, how these information is stored and how do we use that information. 

This policy covers:

  • What is the Personal Data
  • What Personal Dimensions Do We Collect and How We Achieve Them
  • Why Yesil Health Collects your data
  • Yesil Health and Third Parties
  • Data Privacy, Security, Transfer, Storage and Storage
  • Your Rights as a Data Owner
 
  1. What is Personal Data?

Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data. Examples of personal data ; a name and surname; a home address; an email address such as name.surname@company.com ; an identification card number,etc.

Individuals race, ethnic origin, political opinion, philosophical belief, religion or other beliefs, costume and dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures, and biometric and genetic data are private qualified personal data.

Your personal data can only be processed if permitted by the law and the following legislation, or if the User gives explicit consent to the processing of his/her/they personal data.

  1. What/Which Personal Data Do We Collect And How Do We Obtain Them?

2.1.Your Personal Data Collected Through Yesil Health 

We need to process certain data to help you to monitor your health and provide you with better service.You can sign up for our Product and Service using your email address or social integration system.

Yesil Health gives the user a choice of use of the Product and Service, including paid and free services.If you would like to use our paid services, you must/need to enter your bank details through the payment system we use.It should be noted that the payment system is not operated by Yesil Health and there is no data collection process by us.

2.2 Personal Data Submitted by You

Your profile, which you will fill out in line with the account you have created Yesil Health, including your name, e-mail address and date of birth; It includes all kinds of health data and the aforementioned data, including your biological gender, place of residence, application language, photo, health, especially your disease history and current health status. You have the right to change your personal data in the section of your profile as you wish. However, keep in mind that Yesil Health requires your email address and date of birth to work.

As Yesil Health, the purpose of our Product and Service is to process the symptoms that the user has conveyed to us through his info , thanks to/with our technology  within Yesil Health and to give the user some wellness recommendations.These suggestions can be customized according to the profile parts that the user fills in at their request.It should be noted that all recommendations, recommendations given within the application do not in any way take place of the medical advice.Always remember to consult your doctor. In our application, which includes a symptoms which you given to us and answers to the questions that you ask, we only process the data that is collected automatically and you provide it. Your symptoms , which you pass on to us via Yesil Health, is stored on secure servers for processing through our technology to make the prescribed wellness recommendations to you.As Yesil Health, we are very careful about the health of our users..Our Products and Services are only secondary resources that can be applied in addition to medical advice in order to lead a healthy life.

2.3 Personal Data You Provide To Us About The Health Of Others

Our service is designed only for the personal use of the user. If you want to help others, please do so by encouraging them to create their own custom Yesil Health accounts.

In this way, all the suggestions, notifications etc. we have given to the user over Yesil Health. It is transmitted to people who have informed us correctly. We would like to point out that health data are personal data of special nature and should not be shared with third parties as much as possible. We are very careful about the health of our users. 

2.4. Personal Data Collected Automatically by Yesil Health

During your visit to our Products and Services through our Website and / or application, we automatically collect certain information about your service visit and the device you use. This data includes data about hardware, software, operating system, internet browser, IP address, language and application settings and version. We also collect data about which pages you visit in the Application and / or the Website, as well as when and how you use the service.

In Summary, We Use The Following Categories Of Personal Data:

Personal Data

Basic data such as your name, date of birth and e-mail address when you register for our Product and Service. Apart from that, all data that defines you is your personal data.

Health and Medical Information

Any medical history of your health, disease status, medications you regularly use, treatments you have undergone and all your health data that you have provided to us, including but not limited to.

Financial Information

If you choose to use our product and service for a fee, your bank information will not be stored or processed by us.

Technical And Analytical Information

When you use our app, we may automatically collect the following information where permitted by your device settings:

(a) the address used to connect your mobile phone or other device to the Internet, your login information, system and operating system type and version, browser or application version, time zone setting, camera access, access to photos, operating system and platform and location (by IP address))

(b) we may collect information about your visit, including the products and services you view or use, application response times, interaction information (such as button presses), and any phone number used to call our customer service number.

We work with partners that provide us with analytics and advertising services (not only for third-party advertising, but for our services).

This includes helping us understand how users interact with our services, serving our ads online, and measuring the performance of our services and ads. Cookies and similar technologies can be used to collect this information, such as your interactions with our services.

2.5.Children’s Personal Data 

Our Service is only suitable for the use of natural persons aged eighteen (18) and over. Yesil Health reserves the right to request any information/documents to verify the user’s age.

3.Why Yesil Health Collects Your Data?

We receive and use your medical information for medical purposes, including health care or recommendations.The purposes we use your personal data and the legal reasons we do this are:

We use your data to provide you with the best possible service. To provide you with full service and we need certain data to assist you in our healthcare.We can also use your data for research purposes to improve our service. Also, your information is services that can be used for marketing, communication and legal purposes. Please for more information keep reading.

We always use your medical information (by anonymizing personal identifiers such as your name, address and contact information) to improve our healthcare and system where you have expressly consented to provide better healthcare to you and other Yesil Health users. This may include your medical record (records obtained and created by us), transcripts and records of consultations, and your interactions with our artificial intelligence services, such as our symptom control. and we provide a better experience for other Yesil Health users and help achieve our goal of making healthcare affordable and accessible to all.

We use your email address and / or phone number to contact you with updates and marketing messages from time to time, based on our legitimate interest in offering our services to you and your right to opt out at any time.

Based on our legitimate interest in managing and planning our business, for example, users find the most helpful and the features users want from us, to fix bugs within the app, anticipate the demand for services, and to understand other trends in usage, including what features we use in our products and services. We may analyze data about your usage. This does not include making any decision about you, it is only about improving our App so that we can provide you a better service. Yesil Health will always enforce strict privacy and data security provisions.

3.1 Your Data Is Collected And Processed For The Following Reasons;

Health advice: The main reason we collect your personal data is to provide you with our basic health advice.

Management and improvement of our services: We use your information on our website, app and business

We use it to manage our space and to continuously improve our services.

Customer Service: Our customer service is there to help you and provides you with your symptom information.

Marketing: To inform you about communications about our business, by e-mail or other we can send with contact information.

Communication: We will send you information regarding your evaluations through the Product and Service. If you choose to join our mailing list, we will send you non-commercial writings, including our newsletter. When using our services, we may send you a survey or invite you to review your experience with our service. We may also contact you about your feedback, questions and complaints about our website and app.

Research activities: To support research on symptom and detection methods, we can use your data for research purposes by anonymizing them in accordance with the legislation. This may include sharing your data with carefully selected third-party research institutions. By uploading your images to the application, you expressly consent to the anonymous use of photos processed for the purpose of providing services and for research and testing of our services. Therefore, your photos may be reviewed by our employees or by third-party consultants who work for us and are bound by strict confidentiality.

Legal purposes: In some cases, we may need to use your information to handle and resolve legal disputes, for legal research and compliance, or to apply the terms of use of the service as reasonably expected. We must comply with some laws and (country specific) regulations.

To comply with these, we need information such as your location and date of birth.

  1. Yesil Health And Third Parties / Organizations And Persons

Yesil Health has third-party service providers that help us provide or improve our service, this includes service providers, payment providers and financial institutions, partners or research institutions.

For certain reasons, Yesil Health may share your personal data with carefully selected third parties. You can find an up-to-date list of third party categories here:

Crashlytics © is used to record crash data and provide it back to our development team so that we can continue to constantly improve our service.

We uses Firebase © to send you push messages.

We use Mailchimp © as a marketing automation and customer support tool.

Segment © is a business intelligence tool for data analysis that we use to automate messaging to our users.

AWS SES © deals with sending service mails that we need to send as part of the Yesil Health Service. Therefore, we share our users’ email addresses.

We use Google©  and Apple© Login as social integration.

When necessary, we may need to share your personal and financial data for the purpose of fraud prevention and detection.

When necessary for security, regulatory and / or compliance purposes, we may audit consulting and your interactions with our other services. Strict privacy and data security provisions will always apply to such control and access.

We may use non-personal data (data where no individual can be identified) to improve our products and services.

You can choose to link your existing accounts with other providers (such as a social media provider) with us. This can make it easier, for example, to create an account with us. If you choose to do so, we will receive limited information from that provider, such as your email address, name and other details regarding registration.

All rights of the above mentioned Products and Services are reserved.

4.1. Yesil Health And Social Media

In our application, we combine and share social media such as buttons (Facebook, Twitter, Instagram) that allow you to share your results with your network. Social media plug-ins can process your personal data when you choose to share or like any content in our application with your network. Yesil Health does not control and is not responsible for the processing of personal data by these networks.

5.Data Privacy, Security, Transfers and Data Retention

5.1. Privacy and Anonymous

All data that you provide to us and that we collect from you is secured in a reliable cloud server in the  reliable cloud server that is held to high standards by trusted third-party service providers.

As a result, your personal data may be transferred and stored to a destination outside of your country. 

By submitting your data, you agree to transfer the data to the servers.

Personal data may be used by staff or by other employees working outside of your country and working for us.

It may also be processed by third party service providers. We take the necessary steps to ensure that any third-party service provider has access to your data securely and in accordance with applicable laws.

5.1.1. Is Yesil Health Anonymous?

Your use of Yesil Health is anonymous. Your personally identifiable information (such as your name, age, e-mail address) cannot be viewed by others.

5.2. Transfer Of Your Personal Data To Third Parties

We may share with our business partners aggregated data that do not personally identify you but show general trends such as the number of users we serve.

As Yesil Health, our Products and Services are hosted on Amazon Web Services © servers. AWS complies with ISO 27018, a code of practice that focuses on protecting personal data in the cloud. It is based on the ISO information security standard 27002 and provides implementation guidelines on ISO 27002 controls that apply to personally identifiable information (PII) processed by public cloud service providers. To learn more or view the AWS ISO 27018 Certification, view the AWS ISO 27018 Compliance web page.

To comply with a law/code regulation, legal process or government request, and to assert or defend against legal claims or to prevent illegal activity, fraud, abuse, violation of our terms or threats to the security of our services or the physical safety of any person we may store or disclose it for detection or investigation.

Except as explained above, we will not share your personal information with any party without your consent.

Yesil Health’s infrastructure is protected using firewalls and monitoring features. Suitable to prevent unauthorized access and / or misuse of your personal data

We work with authorized persons with procedures Yesil Health uses appropriate procedures and systems to protect your personal data. In addition, we use technical and physical restrictions to access and use personal data on our servers. Only authorized personnel can access your personal data for tracking purposes.

Yesil Health uses advanced encryption and storage systems. We use various procedures and systems to protect your personal information from unauthorized use. Yesil Health also employs procedures that restrict employees from accessing user information (through confidentiality agreements that bind and restrict employees with Yesil Health). Your personal information is stored securely. Unrestricted access to the application is provided only with your e-mail address and password. The user is responsible for all uses made with your own username and password; Therefore, users should keep their information such as e-mail address and password confidential. Yesil Health reserves the right to freeze or suspend your user account for any reason or not.

5.4. Data Logging

Yesil Health has implemented various measures and procedures as specified in the data protection law of Turkey to protect your personal data.

If you terminate the services and delete your account, we will retain your personal data for a period of 12 months, then delete your data. Before finalizing, we will anonymously store your uploaded images for medical, clinical and commercial research and for testing services. We will ask for your consent to process your data anonymously for research purposes. (Electronic) documents containing personal data in accordance with the law; If we believe the documents may be related to ongoing or prospective legal proceedings, we will retain them for the establishment, exercise or defense of our legal rights (including providing information to others for fraud prevention and credit risk reduction). In addition, the personal data determined by us in accordance with the relevant laws are kept within the maximum periods specified below. After the deadline, your personal data will be deleted, destroyed or anonymized by us or upon your request.

5.6. Data Storage

We do not store your personal health data on your mobile device. We store all your personal health data on secure servers.

When you choose a password that allows you to access parts of our application, you are responsible for keeping this password secret. We request that you do not share the password with anyone.

We do not store any bank / payment information. Payments are handled by a third-party payment provider that is fully compliant with Level 1 Payment Card Industry (PCI) data security standards. Any payment transaction is encrypted using SSL technology. For purchases made within the application, the General Terms and Conditions of Apple App Store © and Google Play Store © will apply depending on the type of mobile device and usage of Apple App Store © or Google Play Store ©.

We encrypt the data sent to and from the application. Once we receive your information, we will use strict procedures and security features to prevent unauthorized access. We will take all necessary steps to ensure that your data is treated securely and in accordance with this privacy policy.

5.7 Data Transfer

As a community, we use Amazon Web Services © to present you with our Products and Services at the highest level. You can find detailed information about the service and other policies from this link. The service ensures the security of your data with high-level security protocols over cloud technology.

  1. Your Rights

Under GDPR you have various rights in relation to your personal data (as listed below).

All of these rights can be exercised by sending us an e-mail to privacy@yesilhealth.com

Verification: in order to verify your request, we will take reasonable steps such as asking you to send us a confirmation from the email address associated with your account, so that we can verify that you are the owner of this email account. If there is no email address associated with your account, we may ask you for proof of ID.

  • Right to withdraw consent: You have the right to withdraw your consent at any time by notifying us by email to the following address: privacy@yesilhealth.com            
  • By withdrawing your consent, the lawfulness of the processing based on consent up until the point of withdrawal will not be affected. 
  • Right to object: You have a right to object under the conditions of Article 21 DSGVO. Below you will find more detailed information:
    Right to object where the processing is based on legitimate interests: As a data subject, you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on Article 6 (1) (e) or (f) GDPR, including profiling based on those provisions. In the event of an objection relating to your particular situation, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
    Right to object where we process your personal data for statistical purposes: If we process your personal data for statistical purposes pursuant to Article 9 (2) (j) DSGVO you have the right to object to such processing for reasons arising from your particular situation. In the event of such an objection, we will no longer process the personal data concerned for this purpose unless the processing is necessary to fulfil a task in the public interest, or the discontinuation of processing is likely to make it impossible or seriously impair the realization of statistical purposes and the continuation of processing is necessary for the fulfilment of statistical purposes.
    Right to object to direct marketing: Where your personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, we no longer process your personal data for these purposes.
    To exercise your rights of objection, you may contact us at any time by sending an e-mail to adresgirilecek 
  • Right to be informed: As a data subject, you have a right to obtain access and information under the conditions provided in Article 15 GDPR. This means in particular that you have the right to obtain confirmation from us as to whether we are processing your personal data. If so, you also have the right to obtain access to the personal data and the information listed in Article 15 (1) GDPR. This includes information regarding the purposes of the processing, the categories of personal data that are being processed and the recipients or categories of recipients to whom the personal data have been or will be disclosed.
  • Right to erasure / “Right to be forgotten”: As a data subject, you have a right to erasure (“right to be forgotten”) under the conditions provided in Article 17 GDPR. This means that you generally have the right to obtain from us the erasure of your personal data and we are obliged to erase your personal data without undue delay when one of the reasons listed in Article 17 (1) GDPR applies. You can do this by deleting your account at any time. If we have made the personal data public and are obliged to erase it, we are also obliged, taking account of available technology and the cost of implementation, to take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of those personal data (Article 17 (2) of the GDPR. The right to erasure (“right to be forgotten”) does not by exception apply if the processing is necessary for one of the reasons listed in Article 17 (3) GDPR. This can be the case, for example, if the processing is necessary for compliance with a legal obligation or for the establishment, exercise or defence of legal claims (Article 17 (3) (b) and (e) GDPR).
  • Right to restriction of processing: As a data subject, you have a right to restriction of processing under the conditions provided in Article 18 GDPR. This means that you have the right to obtain from us the restriction of processing if one of the conditions provided in Article 18 (1) GDPR applies. This can be the case, for example, if you contest the accuracy of the personal data. In such a case, the restriction of processing lasts for a period that enables us to verify the accuracy of the personal data (Article 18 (1) (a) GDPR). Restriction means that stored personal data are marked with the goal of restricting their future processing (Article 4 No. 3 GDPR).
  • Right to data portability: As a data subject, you have a right to data portability under the conditions provided in Article 20 GDPR. This means that you generally have the right to receive your personal data with which you have provided us in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us if the processing is based on consent pursuant to Article 6 (1) (a) or Article 9 (2) GDPR or on a contract pursuant to Article 6 (1) (a) GDPR and the processing is carried out by automated means (Article 20 (1) GDPR). In exercising your right to data portability, you also generally have the right to have your personal data transmitted directly from us to another controller if technically feasible (Article 20 (2) GDPR). 
  • Right to Rectification: As a data subject, you have the right to rectification under the conditions provided in Article 16 GDPR. This means in particular that you have the right to receive from us without undue delay the rectification of inaccuracies in your personal data and completion of incomplete personal data.
  • Right to complain: As a data subject, you have a right to lodge a complaint with a supervisory authority under the conditions provided in Article 77 GDPR. 

Asking us to stop processing your personal data or deleting your personal data will likely mean that you are no longer able to use our Services, or at least those aspects of the Services which require the processing of the types of personal data you have asked us to delete, which may result in you no longer being able to use the Services.

You can make a request to review, correct, delete, obtain your data at any time. As is stated above, you have the right to withdraw your consent at any time by accessing the privacy settings whenever you ask for your consent to process your personal data.

At your request, we will provide access to your personal information held by us. We will provide you with the data in a structured, understandable and machine readable form. We ask you to provide us with appropriate evidence of your identity (for this purpose we will accept a photocopy of your passport, a photocopy of your ID or driver’s license, an original copy of a bill of the bill showing your current address). We will ask you to make your personal identification number and picture invisible to us.   In your request for access, we also ask you to define as clearly as possible the types of information you want to be able to access. We will comply with your request to gain access to your personal information within 30 days, and if you agree, we may request your reasonable requests to access that information.   You can always object to the processing of personal data about you, even if they are relevant to the purpose of the application.

Our applications are only available on the Google Play Store © and Apple App Store © application markets. Yesil Health, as the controller, is not responsible for any disputes that may arise during the installation of these applications on their devices other than official application links and / or access through unofficial websites.

At any time, we may instruct us not to process your personal information for marketing purposes and give us the opportunity to opt out of using your personal information for marketing purposes. If you have any concerns about your rights, contact the Yesil Health team.

7.Party Responsible for the Processing of Your Data

The main operation of the Products and Services is under Yesil Science.

By using the Data Privacy Related Application Form on our website, you can request all kinds of information about your personal data processed for the reasons mentioned above. The application procedure is explained on the page of the relevant form.

You can send us all your requests and complaints at privacy@yesilhealth.com e-mail address.