GDPR

Privacy Notice (GDPR-Compliant)

Effective Date: 31.07.2025

1. Controller Information

This privacy notice is issued by Plekson Sağlık ve Turizm Sanayi Tic. Ltd. Şti., registered in Turkey and operating under the brand Menfis Health Travel.

  • Address: Merkez Mah. Kültür Cad. No: 4/11, Gaziosmanpaşa, Istanbul, Turkey
  • Phone: +393935760655
  • Email: info@menfishealth.com
  • Website: https://menfishealth.com

We are the controller responsible for processing your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

2. What Personal Data We Collect

When you contact us via our website, phone, or email, we may collect the following categories of data:

  • Full name
  • Phone number
  • Email address
  • Country of residence
  • Your message or inquiry details
  • Any medical-related data or preferences you voluntarily provide

Your data will be processed for the following purposes:

  • To respond to your inquiries or requests
  • To schedule consultations or treatment plans
  • To provide health tourism services
  • To send updates, offers, and communications related to our services (if you consent)

Legal bases for processing your data under GDPR include:

  • Consent (Art. 6(1)(a)): for sending marketing communications or processing sensitive medical data
  • Contract performance (Art. 6(1)(b)): for providing requested services
  • Legal obligation (Art. 6(1)(c)): where required by applicable laws
  • Legitimate interest (Art. 6(1)(f)): for improving our services and website security

4. Special Categories of Data

If you provide any health-related information (such as hair loss photos or medical history), we will only process it with your explicit consent (Article 9(2)(a) GDPR), and solely for the purpose of evaluating your treatment eligibility.

5. Data Recipients and Transfers

We may share your data:

  • Internally with our medical consultants and operations team
  • With accredited medical professionals and clinics involved in your treatment plan
  • With cloud-based service providers for secure data storage
  • With local or international authorities where legally required

We do not sell or rent your data to third parties.
If data is transferred outside the EEA, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses).

6. Data Retention

We retain your data only for as long as necessary:

  • To fulfill the purposes for which it was collected
  • To comply with legal and regulatory obligations
  • Or until you withdraw your consent (where applicable)

Standard retention periods vary between 12–36 months, depending on the nature of the data and service.

7. Your Rights Under GDPR

You have the following rights:

  • Right to access your data
  • Right to rectify inaccurate data
  • Right to erasure (“right to be forgotten”)
  • Right to restrict or object to processing
  • Right to data portability
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority in the EU

To exercise your rights, please contact us at:
📧 info@menfishealth.com

8. Contact for Data Protection Matters

If you have questions about how we process your personal data, or wish to exercise your rights, contact us:

Data Protection Officer (if appointed)
📝 Or via post: Merkez Mah. Kültür Cad. No: 4/11, Gaziosmanpaşa, Istanbul, Turkey

9. Policy Updates

We may update this notice from time to time to reflect legal or operational changes. The latest version will always be available at https://menfishealth.com.