Dear Employees,

As Pineapple Health Tourism Agency, we continue our compliance efforts with the Personal Data Protection Law No. 6698 (KVKK), which regulates the obligations of natural and legal persons processing personal data and the procedures and principles they must follow to protect the fundamental rights and freedoms of individuals, especially their privacy. Your personal data may be processed by the Data Controller, Pineapple Health Tourism Agency, under the scope explained below. First, we would like to provide some information about certain definitions.

Key Terms and Definitions Related to the Law

Personal data: Within the scope of this law, personal data is defined as “any information relating to an identified or identifiable natural person”; and processing is defined as “any operation performed on data, such as obtaining, recording, storing, preserving, modifying, reorganizing, disclosing, transferring, acquiring, making available, classifying or preventing the use of personal data, whether wholly or partly automated or non-automated, provided that it is part of any data recording system.”

Special categories of personal data: This includes information such as a person’s race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and clothing, membership in associations, foundations or trade unions, health, sexual life, criminal convictions and security measures, as well as biometric and genetic data.

Processing of Personal Data: This is defined as “any operation performed on data, such as obtaining, recording, storing, preserving, modifying, reorganizing, disclosing, transferring, acquiring, making available, classifying, or preventing the use of personal data, whether wholly or partly automated or non-automated, provided that it is part of any data recording system.”

Explicit Consent: This is defined as “consent given freely and based on informed knowledge regarding a specific matter” in relation to personal data. As the Data Controller, we wish to inform you and obtain your explicit consent in order to fulfill our obligations under the law.

KVKK: Law on the Protection of Personal Data

Data Subject: Only the data of natural persons are protected under the law. Therefore, the term “data subject” is used in the law to refer to the natural person whose personal data is processed. The person to be protected is the “natural person,” as clearly stated in the definitions section of the regulation.

For What Purposes Are Your Personal Data Processed?

Your personal data specified above are processed for the following purposes due to the necessity of establishing an employment contract between the Institution and the Employee Candidate:

  • Recruitment of new personnel, evaluation of candidates and determination of the candidate to be employed
  • Verification of your data and information through the references stated in your CV
  • Verification of your suitability for the position applied for and recording of CV information for future confirmation
  • Ensuring occupational health and safety
  • Controlling entry and exit to the Institution premises
  • Conducting reception processes and informing human resources and training departments

Your personal data will be stored for the maximum period specified in the relevant legislation or required for the purpose.

According to Article 6 of the Personal Data Protection Law, the processing of special categories of personal data is prohibited without the explicit consent of the data subject. Special categories of personal data include: data relating to a person’s race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and clothing, membership in associations, foundations or trade unions, health, sexual life, criminal convictions and security measures, as well as biometric and genetic data.

However, special categories of personal data other than those related to health and sexual life mentioned above may be processed without the explicit consent of the data subject in cases stipulated by law. Personal data relating to health and sexual life may only be processed without the explicit consent of the data subject by persons or authorized institutions and organizations under an obligation of confidentiality, for the purposes of protecting public health, preventive medicine, medical diagnosis, treatment and care services, and planning and managing health services and their financing.

Furthermore, adequate measures determined by the Board must be taken when processing special categories of personal data.

Your personal data may be processed by Pineapple Health Tourism Agency for the following purposes, in accordance with the personal data processing conditions stated above:

Your Personal Data Will Be Processed by Pineapple Health Tourism Agency for the Following Purposes:

  • Execution of information security periods, management of employee benefits and rights processes;
  • Execution of auditing/ethical activities;
  • Execution of access rights;
  • Management of corporate communication
  • Conducting occupational health and safety activities and fulfilling our legal obligations:
    • Management of emergency processes and operations, creating emergency analysis reports, conducting work accident examinations, performing initial medical examinations, obtaining health reports from workplace physicians, making position changes based on identified health conditions (with your consent), and providing suitable job positions for your health.
  • Implementation of human resources policies and payment of salaries to employees;
  • Development of performance management systems in accordance with the purposes specified in the employment contract;
  • Improving human resources processes through exit interview forms after the termination of your employment relationship, if you wish;
  • Domestic and international assignments when necessary;
  • Creation of personal files for your personnel rights;
  • Collection of reasons for medical reports;
  • Managing power of attorney and signature circular processes related to representation within and outside Pineapple Health Tourism Agency;
  • With your consent, processing your photographs and videos for event management, internal training, promotion, and corporate communication purposes;
  • Conducting educational and career activities;
  • Fulfillment of legal obligations such as asset declaration;
  • Fulfillment of administrative and legal obligations;
  • Execution of procedures related to green passports, duty passports, etc.;
  • Controlled entry-exit and overtime calculations via PDKS;
  • Collection of legal data for combating epidemic diseases related to public health.

What Personal Data of Yours Will Be Processed?

Your personal data that may be processed by Pineapple Health Tourism Agency includes:

  • Name, surname, place/date of birth, Turkish ID number, population registration information, identity card photocopy, SGK service record, if applicable, İŞKUR record, driver’s license photocopy, health reports (lung report and X-ray, hearing test, respiratory function test, blood group card photocopy, tetanus vaccination information), diploma, course, professional qualifications, apprenticeship/mastership certificates, asset declaration, passport application documents, military status, criminal record, residence, bank account information, children’s ID details, marital status information, photographs (visual and audio), clothing size information, HES code, etc.

The above personal data, including identification, contact, visual-audio, and health data, will be processed for business purposes in a limited and restricted manner and may be transferred to relevant institutions in accordance with the law when necessary.

To Whom and for What Purpose Can Your Processed Personal Data Be Transferred?

According to Article 8 of the Law No. 6698 on the Protection of Personal Data (KVKK), personal data cannot be transferred without the explicit consent of the data subject.

Personal data may be transferred to third parties without explicit consent in cases where processing is possible without the explicit consent of the data subject. Similarly, provided adequate precautions are taken, special categories of personal data other than health and sexual life data may be transferred without the explicit consent of the data subject in cases stipulated by law. However, personal data relating to health and sexual life may only be transferred without the explicit consent of the data subject by persons or authorized institutions and organizations under an obligation of confidentiality for the purposes of protecting public health, preventive medicine, medical diagnosis, treatment and care services, and planning and managing health services and their financing.

Provisions in other laws regarding the transfer of personal data are reserved.

According to Article 9 of the KVKK, personal data cannot, as a rule, be transferred abroad without the explicit consent of the data subject. However, personal data may also be transferred to third parties in cases where personal data can be processed without the explicit consent of the data subject. Similarly, provided that adequate measures are taken, special categories of personal data other than health and sexual life data may be transferred abroad without the explicit consent of the data subject in cases stipulated by law. Personal data relating to health and sexual life may only be transferred abroad without the explicit consent of the data subject by persons or authorized institutions and organizations under an obligation of confidentiality, for the purposes of protecting public health, preventive medicine, medical diagnosis, treatment and care services, and planning and managing health services and their financing. In cases where adequate protection is not available, personal data may be transferred abroad without the explicit consent of the data subject, provided that the data controllers in Turkey and the relevant foreign country provide a written guarantee of adequate protection and obtain the permission of the Board.

Countries with adequate protection are determined and announced by the Board.

Provisions in other laws regarding the transfer of personal data abroad are reserved.

Your personal data processed in accordance with the regulations mentioned above may be processed for the following purposes:

Maintaining and improving effective employee management, fulfilling contractual obligations, evaluating employee performance, and ensuring occupational safety, in line with the purposes stated in your employment contract.

Method and Legal Basis for the Collection of Personal Data

Your personal data is collected partially or completely automatically or as part of any recording system through various media such as printed materials, electronic media, software, CDs, DVDs, USBs, photocopiers, printers, videos, cameras, telephones, tablets, and web pages. This personal data is collected in accordance with the Labor Law, Occupational Health and Safety legislation, the Law on the Regulation of Publications on the Internet and Combating Crimes Committed Through Such Publications, the Law No. 6563 on the Regulation of Electronic Commerce, the Turkish Commercial Code, the Tax Procedure Law, the Turkish Code of Obligations, the Turkish Penal Code, the Social Security and General Health Insurance Law, and the Law No. 6698 on the Protection of Personal Data, among other relevant legislation. Your personal data is collected and processed for the performance of a contract, if provided for in the laws; for the fulfillment of a legal obligation; for the legitimate interest of the data controller; or for various other legal grounds.

Transfer of Personal Data

Your personal data may be transferred, upon request and in accordance with the law, to law enforcement agencies, courts, and, if necessary, to public institutions such as the Turkish Ministry of Justice, the Turkish Ministry of Labor and Social Security, the Turkish Ministry of Interior, the Turkish Ministry of Health, the Personal Data Protection Authority, the Turkish Employment Agency, and the Information and Communication Technologies Authority (BTK). Some of your personal data may also be transferred, if necessary for business purposes, to companies, consultants, lawyers, and data processing companies with whom we collaborate, in a manner that is proportionate and limited to the scope of the business.

Our Obligations Regarding Personal Data Security at Pineapple Health Tourism Agency:

The data controller is obligated to take all necessary technical and administrative measures to ensure an appropriate level of security to prevent the unlawful processing of personal data, to prevent unlawful access to personal data, and to ensure the preservation of personal data. If personal data is processed on behalf of the data controller by another natural or legal person, the data controller is jointly responsible with that person for taking the measures specified in the first paragraph. The data controller is obligated to conduct or have conducted the necessary audits within their institution or organization to ensure the implementation of the provisions of this Law. Data controllers and data processors cannot disclose personal data they have learned to others in violation of the provisions of this Law and cannot use it for purposes other than the processing purpose. This obligation continues even after they leave their positions. If personal data processed is obtained by others through unlawful means, the data controller shall notify the relevant party and the Board as soon as possible. If necessary, the Board may announce this situation on its website or by another method it deems appropriate.

What are the rights of personal data owners (data subjects) according to Article 11 of Law No. 6698?

  • The right to learn whether their personal data is being processed,
  • The right to request information regarding the processing of their personal data if it has been processed,
  • The right to learn the purpose of the processing of their personal data and whether it is being used in accordance with its purpose,
  • The right to know the third parties to whom their personal data has been transferred, domestically or abroad,
  • The right to request the correction of their personal data if it has been processed incompletely or incorrectly, and to request that this action be notified to the third parties to whom their personal data has been transferred,
  • The right to request the deletion or destruction of their personal data if the reasons requiring its processing have ceased to exist, even if it has been processed in accordance with the law and other relevant laws, and to request that this action be notified to the third parties to whom their personal data has been transferred,
  • The right to object to a result that is detrimental to them arising from the analysis of processed data exclusively through automated systems, and to demand compensation for damages if they have suffered damage due to the unlawful processing of their personal data.

Personal Data Storage and Destruction Periods and Methods

Personal data processed within our institution is stored for the period stipulated in the relevant legislation. Data, information, and documents that no longer require storage are securely destroyed in accordance with our relevant internal regulations and legal legislation. Personal data is stored for the retention periods stipulated in accordance with other laws and secondary regulations in force, primarily the Law No. 6698 on the Protection of Personal Data, the Turkish Code of Obligations No. 6098, the Social Security and General Health Insurance Law No. 5510, the Law on the Regulation of Publications Made on the Internet and Combating Crimes Committed Through Such Publications No. 5651, the Occupational Health and Safety Law No. 6331, the Law on the Right to Information No. 4982, the Turkish Penal Code, the Law on the Use of the Right to Petition No. 3071, the Labor Law No. 4857, and the Regulation on Health and Safety Measures to be Taken in Workplace Buildings and Annexes. Destruction processes include paper recycling, shredding, destruction of electronic devices, and secure erasure of digital data.

Communication with the Data Subject Regarding the Law No. 6698 on the Protection of Personal Data

Requests regarding the exercise of these rights may be submitted by personal data owners, data subjects, through the methods specified in the legislation on the Processing and Protection of Personal Data under Law No. 6698, available at https://pineapplehealthtourism.com/. Dr. Pineapple Health Tourism Agency will evaluate and finalize these requests as soon as possible and within a maximum of 30 days.

Regarding the Exercise of the Right to Refuse and Cancel

For any questions and opinions regarding the use of personal data under the law, you can contact us through our KVKK (Personal Data Protection Law) page. With the explanations we have provided above, we have informed you and fulfilled our Obligation to Inform. As the Data Controller, we will respond to you as soon as possible or within the legal deadlines, in accordance with Law No. 6698 on the Protection of Personal Data.

Dear Employees,

Even after the termination of your employment relationship, your responsibility to not share personal data, to protect and not disclose personal data you previously acquired in the course of your duties, continues.

Protecting the personal data of our citizens, suppliers, visitors, guests, and colleagues in accordance with the law is also valid even after the termination of your employment contract. Even if you leave your job, you are legally and ethically obligated to protect the personal data you previously acquired in the course of your duties; otherwise, you will be held responsible for any resulting material and moral damages. Pineapple Health Tourism Agency reserves its legal rights in this regard.

Even if your employment contract ends, we reserve the right to exercise our legal rights in case of any problems arising from the confidentiality and security of personal data of those who were formerly employees of Pineapple Health Tourism Agency.

Communication with the Data Subject Regarding the Law No. 6698 on the Protection of Personal Data

Requests regarding the exercise of these rights may be submitted by personal data owners, data subjects, through the methods specified in the legislation on the Processing and Protection of Personal Data under Law No. 6698, available at https://pineapplehealthtourism.com/. Pineapple Health Tourism Agency will evaluate these requests and finalize them within 30 days. As a data subject, you can submit your requests regarding Law No. 6698 through our KVKK (Personal Data Protection Law) page. With the explanations above, we have informed you and fulfilled our Obligation to Inform. You can submit your requests for the deletion, updating, anonymization, destruction of your personal data, or other legal requests regarding your personal data, through the Data Subject Application Form. As a data subject, you will receive a response in accordance with Law No. 6698 on the Protection of Personal Data, as soon as possible or at the latest within thirty (30) days, or within the legal deadlines.

Your personal data, once its legal retention period has expired, will be securely destroyed in accordance with relevant laws.

Data Controller Contact Information

Data Controller: Pineapple Health Tourism Agency
Address: Levent Mahallesi, Karanfil Aralığı Street No:18/1 Beşiktaş / Istanbul
Email: info@pineapplehealthtourism.com
Contact link: https://pineapplehealthtourism.com/

5/5 - (785 votes)
Instagram @pineapplehealthtourism
Patient consultation for breast augmentation at a modern aesthetic clinic in Turkey, provided by expert surgeons.
Expert surgeon performing eyelid aesthetic procedure at a modern clinic in Turkey, ensuring safe and personalized care.
Face and neck lifting procedure performed by experienced aesthetic surgeons at a modern clinic in Turkey to restore a youthful appearance.
Liposuction body contouring procedure performed by experienced aesthetic surgeons at a modern clinic in Turkey.
Rhinoplasty consultation and aesthetic nose surgery performed by expert surgeons at a modern clinic in Turkey.
Tummy tuck (abdominoplasty) procedure performed by experienced aesthetic surgeons at a modern clinic in Turkey to achieve a firmer abdominal contour.

Address

Contact Us

Pineapple Health Tourism
Designed with ❤️ by Mayfair Digital Agency.
© 2026 All Rights Reserved.