Dr. Wonder Clinic Privacy Policy

Last Updated: April 30, 2026

This Privacy Policy explains how Dr. Wonder Clinic collects, uses, stores, transfers, and protects personal data when you visit our website, submit a contact form, communicate with us through WhatsApp, email, phone, social media, advertisements, or use any of our services.

By using our website, submitting your information, or contacting us through any communication channel, you acknowledge that you have read and understood this Privacy Policy.

1. Data Controller

For the purposes of applicable personal data protection laws, the data controller is:

Dr. Wonder Clinic

Legal Company Name: DR Wonder Sağlık Turizm ve Seyahat Acentası Tic. Ltd. Şti.

Address: Kartaltepe mah. Süvari cad. D1 Blok İç Kapı No:66 Küçükçekmece İSTANBUL 34295

Email: [email protected]

Phone: +90 541 744 64 92

Dr. Wonder Clinic may process your personal data in accordance with applicable data protection laws, including the Turkish Personal Data Protection Law No. 6698, where applicable, and other relevant privacy regulations.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

Identity and Contact Information

This may include your name, surname, phone number, email address, country of residence, nationality, age, preferred language, and communication preferences.

Medical and Health-Related Information

This may include your treatment request, dental or medical history, photographs, X-rays, panoramic images, tomography scans, previous treatment details, medication use, allergies, chronic conditions, and other health-related information you choose to share with us.

Communication Records

This may include WhatsApp messages, email correspondence, phone call notes, contact form submissions, social media messages, advertisement form responses, and customer support records.

Travel and Organization Information

Where relevant, we may process passport-related information, travel dates, flight details, accommodation preferences, transfer details, companion information, and appointment schedules.

Payment and Transaction Information

This may include payment status, deposit information, invoice details, billing information, transaction references, and related financial records. We do not intentionally store full card details unless processed through secure authorized payment providers.

Technical and Website Usage Data

When you visit our website, we may collect IP address, browser type, device information, operating system, visited pages, referral source, session duration, cookies, pixels, analytics data, and similar technical information.

3. How We Collect Personal Data

We may collect personal data through the following channels:

Website contact forms
Landing pages
Social media lead forms
WhatsApp communication
Email correspondence
Phone calls
Online advertisements
CRM systems
Patient consultation forms
Uploaded medical documents
Partner healthcare institutions
Transfer, hotel, and travel organization partners
Website cookies and analytics tools

Personal data may be collected directly from you or, where necessary, from authorized third parties involved in your healthcare tourism process.

4. Purposes of Processing Personal Data

We may process your personal data for the following purposes:

Responding to your inquiries
Providing preliminary treatment information
Preparing preliminary treatment plans and quotations
Organizing appointments with partner healthcare institutions
Coordinating health tourism services
Communicating with you before, during, and after your visit
Managing WhatsApp, email, phone, and CRM communication
Coordinating accommodation, transfer, translation, and support services
Sharing necessary information with authorized healthcare professionals
Managing payment, deposit, invoice, and booking processes
Improving our website, advertising, and customer experience
Measuring marketing campaign performance
Managing complaints, requests, and aftercare communication
Fulfilling legal, regulatory, accounting, and administrative obligations
Protecting the legal rights and interests of Dr. Wonder Clinic

5. Processing of Health Data

Health-related data is considered sensitive or special category personal data under applicable privacy laws.

We process health-related information only where necessary for preliminary assessment, treatment planning support, appointment coordination, communication with authorized healthcare professionals, and organization of healthcare tourism services.

Health data may include photos, X-rays, scans, dental condition details, medical history, treatment expectations, and other information you voluntarily provide.

By sharing health-related information with us through our website, WhatsApp, email, phone, social media, or other communication channels, you acknowledge that such information may be processed for the purposes described in this Privacy Policy.

6. Legal Basis for Processing

Depending on the applicable law and the nature of the data, we may process your personal data based on one or more of the following legal grounds:

Your explicit consent
Performance of a contract or pre-contractual steps
Compliance with legal obligations
Protection of public health and healthcare-related service planning, where applicable
Establishment, exercise, or defense of legal claims
Legitimate interests of Dr. Wonder Clinic, provided that your fundamental rights and freedoms are not overridden

For health-related data and other sensitive personal data, we rely on explicit consent or another applicable legal basis permitted by relevant data protection laws.

7. Sharing Personal Data with Third Parties

We may share your personal data with third parties only where necessary for the purposes described in this Privacy Policy.

These third parties may include:

Partner hospitals, clinics, dental centers, and healthcare professionals
Laboratories and imaging centers
Translators and patient coordinators
Hotels and accommodation providers
Transfer and transportation providers
Travel support providers
Payment service providers
CRM, communication, hosting, analytics, and advertising technology providers
Legal, accounting, tax, and audit advisors
Authorized public institutions, courts, and regulatory authorities where legally required

We do not sell your personal data to third parties.

8. International Data Transfers

As Dr. Wonder Clinic provides healthcare tourism-related services, your personal data may be transferred, stored, or accessed outside your country of residence where necessary.

This may occur when:

You contact us from another country
Your information is processed through international communication platforms
Cloud-based CRM, email, hosting, analytics, or advertising tools are used
Partner service providers are located in different countries
Travel, accommodation, or transfer services require coordination

Where required by applicable law, we take appropriate measures to protect your personal data during international transfers.

9. Cookies, Pixels, and Tracking Technologies

Our website may use cookies, pixels, tags, analytics tools, and similar technologies to improve user experience, understand website performance, analyze visitor behavior, and measure advertising effectiveness.

These technologies may collect information such as your IP address, device type, browser type, visited pages, session duration, traffic source, and interaction with advertisements.

We may use tools such as Google Analytics, Google Ads, Meta Pixel, TikTok Pixel, CRM tracking tools, or similar technologies.

You can manage or disable cookies through your browser settings. However, disabling cookies may affect some website functions.

10. Marketing Communications

If you submit a form, contact us, or request information, we may contact you regarding your treatment inquiry, appointment, quotation, consultation, or related service process.

With your consent where required, we may also send promotional messages, campaign information, reminders, or service updates through email, SMS, WhatsApp, phone, or similar communication channels.

You may opt out of marketing communications at any time by contacting us or using the unsubscribe option where available.

11. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy.

Retention periods may vary depending on:

The nature of the service requested
Legal and regulatory obligations
Accounting and tax requirements
Medical coordination needs
Complaint and dispute resolution periods
Consent status
Legitimate business needs

When personal data is no longer required, we delete, anonymize, or securely destroy it in accordance with applicable laws and internal data retention procedures.

12. Data Security

We take reasonable technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, alteration, disclosure, or destruction.

These measures may include access controls, secure storage systems, confidentiality obligations, limited access permissions, CRM security settings, data minimization, and secure communication practices.

However, no method of transmission over the internet or electronic storage is completely secure. Therefore, while we take reasonable steps to protect your data, we cannot guarantee absolute security.

13. Your Rights

Depending on the applicable data protection laws, you may have the following rights regarding your personal data:

Right to learn whether your personal data is being processed
Right to request information about processing activities
Right to access your personal data
Right to request correction of incomplete or inaccurate data
Right to request deletion or destruction of your personal data
Right to object to certain processing activities
Right to withdraw consent where processing is based on consent
Right to request restriction of processing
Right to data portability, where applicable
Right to lodge a complaint with the relevant data protection authority

To exercise your rights, you may contact us using the contact details provided in this Privacy Policy.

14. Children’s Privacy

Our services are not intended for individuals under the age of 18 without the involvement and consent of a parent or legal guardian.

We do not knowingly collect personal data from children without appropriate consent. If we become aware that personal data of a child has been collected without proper authorization, we will take reasonable steps to delete such data.

15. Accuracy of Information Provided by Users

You are responsible for ensuring that the personal data and health-related information you provide to us is accurate, complete, and up to date.

Dr. Wonder Clinic shall not be responsible for issues arising from incomplete, incorrect, outdated, or misleading information provided by the user or patient candidate.

16. Third-Party Websites and Platforms

Our website, advertisements, or communication channels may contain links to third-party websites, social media platforms, payment providers, map services, or other external platforms.

We are not responsible for the privacy practices, content, security, or terms of service of third-party websites or platforms.

We recommend that you review the privacy policies of any third-party platforms you use.

17. Updates to This Privacy Policy

Dr. Wonder Clinic may update this Privacy Policy from time to time due to changes in legal requirements, service scope, technology, or operational needs.

The updated version will be published on our website with the revised “Last Updated” date.

Your continued use of our website or services after the publication of an updated Privacy Policy means that you acknowledge the updated terms.

18. Contact Us

For questions, requests, complaints, or to exercise your data protection rights, you may contact us through the following channels: