Last Updated in January 2021

This Privacy Policy describes how MEDU Saglik ve Ogretim Hizmitler Ticaret Limited Sirket , B Blok Daire 91 , Uphill Towers , Barbaros , Istanbul Turkey (“MEDU ,” “we,” “us,” “our”) collects, uses, and shares information about you when you visit and interact on our website (mobile and desktop) and mobile app (collectively, “Site”) or other means connected to the Sites (such as contacting our customer service team via chat or email) or Service provider ( Clinics , hospitals , accommodation , translator escort or Air tickets agents ) . Below is details of this Privacy policy.

  1. Information We Collect

We collect information about you that you provide to us when using the Site, such as your name, address, phone number, credit card details, e-mail address, service name, In addition, for University registration, we may also collect personal details of father, mother names and other information like, date of birth, nationality and passport details including passport number, country of issue and expiry date.

By visiting our Site, we may also automatically collect certain usage information, such as your IP address, geographic data, country, search preferences related to specific searches, browser, and information about your device’s operating system, application version, language settings, and pages that have been shown to you. If you are using a mobile device to access our mobile app or mobile optimized Site, we might also collect information that identifies your mobile device, such as the device ID, location of the device (with your consent), and device-specific settings and characteristics.

If you participate in a MEDU package programs, there may be limited additional information that we may collect from the service provider about your stay; for example, see the information below collected as part of the MEDU Saglik Tourism packages. When you make a reservation, our system registers through which means and from which websites you have made your reservation. We may also collect certain information through cookies, tags, and similar technologies as detailed below.

If you need to get in touch with our Operations or sale team, or reach out to us through other means (such as through social media, or communicating with your service provider n through us), we will collect information from you there too.

Where you submit reviews regarding our services available on our website through us, we will collect information from you included in your reviews, including your first name and country of residence.

You can decide to participate in our promotional programs, and doing this will also mean providing us with personal data. In addition to that, you can provide us with feedback or ask for help with using the Sites or our various communications platforms.

Where you are escorting one of our students or customers whose details you provide to us as part of your booking the service, or if you make a booking on behalf of someone else, it is your responsibility to ensure that the person or people you have provided personal information about are aware that you have done so, and have understood and accepted how MEDU uses their information (as described in this Privacy Policy).

Partners who benefit from the provided services may share information about you with us too – this may happen if you have questions about your pending services or if disputes arise regarding your services.

Your personal information will be retained by MEDU for the duration outlined in this Privacy Policy.

Where required by law, we rely on the following legal bases to process personal information:

  • Necessity to Perform Contract with You – we need to process your information in order to provide our partners, answer questions and requests from you, and provide customer support;
  • Our Legitimate Interests – we process your information for security and safety; to detect and prevent fraud; to protect and defend the rights or property of others, or our own rights and interests; to customize and provide our Health or educational services to you; and to respond to lawful requests, court orders, and legal process;
  • Compliance with Legal Obligations – we need to process your information to comply with relevant laws and regulatory requirements;
  • Consent for Direct Marketing Communications and Non-Essential Cookies – we rely on your consent to send direct marketing and to use/allow non-essential cookies. You can unsubscribe from direct marketing at any time by following the instructions set out in this Privacy Policy; and
  • Protect Vital Interest – we may need to process your information in case of emergency involving an individual’s life or health.
  1. How We Use the Information We Collect

We may use information collected through the Site to:

  • Provide you with the requested services, such as creating a user account, processing and confirming your reservation or registration, and communicating with you about services requested (e.g., pre-reservation or post booking chat support (excluding credit card number), special request, cancellations, rewards
  • Send you emails marketing communications about products and services that may be relevant to you
  • Send you e mails for review the service after you receive the service fully.
  • Conduct surveys or provide you with information about our services on our Site or on other websites you may visit
  • Maintain and improve the Site, tailor the user experience, and for internal training
  • Protect the security of you and the Site
  • Exercising a right or obligation conferred or imposed by law, including responding to request and legal demands

When you make a reservation or application on one of our business partners’ websites or apps, we may also receive certain information such as your name and reservation information, including the accommodation reserved, in order to process your reservation and identify which channel your reservation has originated from.

During calls with our Operations team or sales team, live listening may be done or calls may be recorded for quality and reference purposes which includes the usage of the recordings for the handling of claims, training and fraud detection purposes. If you would prefer that your call was not recorded, you can opt out by stating this, or by hanging up. Call recordings are kept for a limited amount of time and automatically deleted thereafter, unless MEDU has a legitimate interest to keep such recording for a longer period, including for fraud investigation and legal purposes.

Please note that the confirmation emails and text messages sent after your Service booking, as well as the customer review emails sent after your departure, are not marketing messages. These messages are part of your Services process. Respectively, they contain information for you to check in at your booked Services, and tools to optionally rate that accommodation after your stay. You will continue to receive them, even if you have opted out of our marketing messages. Similarly, opting into receiving Price Alerts will not affect any other choices you have made regarding receiving communications from us 

Communications on the Site

We offer you various means to communicate about services and existing services, directing the communications through the Site. You can contact us with questions about your requested service or about your university via the Site, and via other channels that we may make available.

We may access communications and may use automated systems to review, scan, and analyze communications for security purposes; fraud prevention; compliance with legal and regulatory requirements; investigations of potential misconduct; product development and improvement; research; customer engagement, including to provide you with information and offers that we believe may be of interest to you; and customer or technical support. We reserve the right to block the delivery of or review communications that we, in our sole discretion, believe may contain malicious content, spam, or may pose a risk to you or, accommodation partners, us, or others. Note, all communications sent or received using the Site’s communication tools will be received and stored by us. Business partners through whose platform you made the reservation and accommodation partners may choose to communicate with you directly via email or other channels that we do not control.

  1. Mobile Devices

With your consent, we may send you push notifications with information about your reservation, potential future stays. You may grant us access to your location information or contact details in order to provide services requested by you. When you upload a picture from your mobile device, your picture may also be tagged with your location information. Please read the instructions of your mobile device to understand how to change the settings and enable the sharing of such information or the receipt of (or opt out of receiving) push notifications (including Software Development Kit (“SDK”) and push token data). Different device operating systems may have different default settings, so please familiarize yourself with such settings governing push notifications.

  1. Sharing Your Information

In connection with your visit to our Site and use of our services, we may share your information as follows:

  •       Travel Supplierssuch as accommodation properties (e.g., the specific accommodation that you have requested us to reserve) and/or third-party accommodation suppliers, airline, car rental, insurance, and, where available, Service providers, who fulfil your travel reservations. These suppliers may contact you as necessary to obtain additional information about you, facilitate your travel reservation including communicating, hospital appointments, clinic appointments, shuttle from the airport or translator escort with you prior to arrival about your upcoming stay, or respond to a review you may submit in accordance with their own independent privacy policies.
  •       Third Party Service Providers who provide data processing services to us (for example web hosting), or who otherwise process personal information for purposes such as credit card and payment processing, business analytics, customer service, marketing, or distribution of surveys, to facilitate the delivery of online services and advertising tailored to your interests, and/or fraud prevention. Our third-party service providers will only process information as needed to perform their functions. They are not permitted to share or use the information for any other purpose.
  •       Business Partnerswith whom we may jointly offer products or services, or whose products or services may be offered on our Sites. You can tell when a third-party business partner is involved in a product or service you have requested because their name will appear, either alone or with ours. If you choose to access these optional services, we will on occasion share your personal information with those partners.  
  •       Where Required or Permitted by Law– such as to protect ourselves against liability, to respond to subpoenas, judicial processes, legitimate requests, warrants or equivalent by law enforcement officials or authorities, to investigate fraud or other wrongdoing or as otherwise required or necessary in order to comply with applicable law, protect our legitimate interests or to the purchasers in connection with any sale, assignment, or other transfer of all or a part of our business or company. We may also, in compliance with applicable law, disclose your information to enforce or apply the terms and conditions applicable to our services or to protect the rights, property, or safety of MEDU, our users, or others.

We provide appropriate protections for such sharing as required by applicable law to prohibit third parties from using your information for their own purposes, and to address the security and confidentiality of your information. Except as disclosed in this Privacy Policy or as required or permitted by applicable law, we will not disclose your information to third parties without your consent.

  1. Cookies

Our Site uses and allows third parties to place cookies (session and persistent), pixels/tags, SDKs, application program interfaces (“APIs“), and other technologies (collectively, “Cookies“) on our Site that collect and store certain information about you. Some of these Cookies are necessary to provide, secure, and maintain the Site to you, such as to keep you logged in while your visit our Site, while other Cookies are used to provide you with a better user experience, such as:

  • To personalize the Site by remembering information about your activities on the Site (e.g., the language you selected or your log-in details);
  • Perform website analytics, such as impression reporting, demographic reporting and interest reporting. This may include the recording of mouse clicks, movements, page scrolling and restricted text entered into our Site forms through selected third parties but we will take sufficient precautions to ensure that personal information will not be collected during such recordings e.g., through the adoption of irreversible masking. Website analytics is used to improve our Site and services; and
  • To provided you advertising tailored to your interest (see below for details)

Interest Based Advertising

We may also allow certain third parties to place Cookies on our Site in order to collect information about your online activities on our Site (e.g., pages visited on the Site and searches you performed) and over time and across different websites you may visit. This information is used to provide advertising tailored to your interests from us (via email, on our Site, and on other websites) and by third parties on other websites you may visit, also known as interest-based advertising, and to analyze the effectiveness of such interest-based advertising. We may also share one-way hashed information with third party partners (e.g., Facebook) who may combine hashed information with other identifiers in order to serve custom MEDU advertisements on other websites or mobile apps based on your prior visits to the Site. MEDU neither supports nor endorses the goals, causes, or statements of any websites or mobile apps that display our advertisements.

Cross-Device Tracking

We may also combine information collected through Cookies and certain usage information from a particular browser or mobile device with another computer or device that may be linked to you (cross-device tracking) in order to optimize our services and provide tailored MEDU communications and advertisements to you. If you do not want MEDU to combine such information for its optimization of communications to you please unsubscribe from the MEDU communications i.e. the newsletter.

Your Choices

Please review your Internet browser settings, typically under the sections “Help” or “Internet Options,” to exercise choices you have for certain Cookies. If you disable or delete certain Cookies in your Internet browser settings, you might not be able to access or use important functions or features of this Site, and you may be required to re-enter your log-in details.

To learn more about certain Cookies used for interest-based advertising (including through cross-device tracking) and to exercise certain opt-out choices you may have regarding Cookies, please visit the Digital Advertising Alliance, Network Advertising Initiative, Digital Advertising Alliance-Canada, European Interactive Digital Advertising Alliance or for our mobile app, by updating your device settings or downloading the App Choices app.

Please also visit the following third parties’ websites to exercise certain opt-out choices over Cookies:

  • Google Analytics – https://tools.google.com/dlpage/gaoptout?hl=en
  • Appsflyer (mobile app analytics) – By emailing appsflyer at: privacy@appsflyer.com
  • Baidu – http://www.baidu.com/duty/safe_control.html
  • Apple – https://support.apple.com/en-us/HT202074
  • Facebook – https://www.facebook.com/ads/settings
  • Google Ads – https://adssettings.google.com/
  • Criteo – https://www.criteo.com/privacy/
  • SessionCam recording – https://sessioncam.com/choose-not-to-be-recorded
  • Mouseflow recording – https://mouseflow.com/opt-out/

By exercising such choice regarding interest-based advertising, you may still receive advertisements, but the network from which you opted out will no longer deliver ads tailored to your interests. You should also know that logging out of your user account will not actually mean that you opt out of personalized advertisements.

You may need to make such choices on each browser and device you may use to exercise choice regarding certain Cookies. Lastly, at this time the Site is not configured to honor browsers’ “Do Not Track” signals.

  1. Opting Out of Marketing Communications from Us

You can opt out of receiving marketing communications from us at any time by using the “Unsubscribe” link in each newsletter or communication.

  1. International Transfers

In connection with the purposes described above, your information may be stored in locations outside of your home country, which may have different standards of data protection than your home country. We provide appropriate protections for cross-border transfers as required by law for international data transfers, including information transferred to third parties. With respect to such transfers from the European Economic Area (“EEA“) to the United States and other non-EEA jurisdictions, we may rely on the EU Model Clauses and/or the need to process your information in order to provide the requested services (performance of a contract) to transfer your information. As permitted by applicable law, you may request details about the suitable safeguards we have in place by contacting us as detailed below. For Chinese residents, please see the details provided above under “China Privacy Rights.”

  1. Information from Other Partners

On occasion, affiliated entities, business partners, or other third-party providers may share information with us. One example is if you access or sign in to our Site through social media, such as Facebook Connect, we may collect information from you such as your username, and other information made available to us via such services. In general, your ability to provide such information is through the service provider themselves and you can change those settings in your account settings of the relevant service provider. In general, we may work with our partners to improve and personalize your use of our website in accordance with this policy.

We have partnered with Facebook to provide personalized content on MEDU for members of Facebook. If you are a Facebook and MEDU user and you have signed into MEDU via the Facebook single sign on feature, then our Site will be personalized for you to display information/stays of your Facebook friends at accommodation in the past and also future stays at accommodation bookable through the Site. The information that may be displayed include the name of the accommodation, the date of stay, the location of the accommodation, your review of past accommodation, the hotel room and price of the hotel room (“Stay Information“), and such information may be shown and personalized to you on the search pages of the accommodation on the Site, and the search calendar amongst other places. Further, your Stay Information will also be displayed to your Facebook friends who are also MEDU customers and who have signed in through the Facebook single sign on feature on the Site, as displayed on their search pages described above within the Site and updated each time you make a booking through MEDU.

How to opt out: MEDU has made it simple for you to opt out of this feature at any time by toggling “no” through (i) the thank you page after you make a booking, and (ii) your “Manage My Booking” page on the Site. Further, if you need help to opt out you may contact our customer experience team at any time.

  1. Protecting Your Information

We maintain reasonable physical, electronic, and organizational security measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, or unauthorized disclosure or access. We use Secure Socket Layer technology to encrypt credit card information during transit. Through your personal account, you also have the ability to save credit card details for faster future bookings and payments. Your card details are encrypted and you can always log in to your personal account to delete, edit, or add certain credit card details. For security reasons, the number cannot be edited (but the card details can be deleted). When viewing card details, only the last 4 digits of the number will be visible. Please note that we will store the last 4 digits of your credit card securely upon any booking made (this is required to manage any refund requests for that booking).

Data Retention

We will retain your information for the period necessary to fulfil the purposes outlined in this Privacy Policy and internal company policies. When MEDU no longer needs to use your information, we will – unless we need to keep your information to comply with applicable legal or regulatory obligations or the information is required to carry out corporate tasks and achieve our business objectives – remove it from our systems and records and/or take steps to properly anonymize it so that you can no longer be identified from it.

 

  1. Updates to Privacy Policy

On occasion, MEDU may revise this Privacy Policy to reflect changes in the law, our information collection and use practices, the features of our Site, or advances in technology. If we make revisions that change the way we collect or use your information, those changes will be posted in this Privacy Policy and the effective date will be noted at the beginning of this Privacy Policy. Therefore, you should review this Privacy Policy periodically so that you are up to date on our most current policies and practices. MEDU will also prominently post such material changes prior to implementing the change, and ask for your consent if required by law.

  1. Links to Third Party Websites

We may provide links to other websites that are not owned or operated by us (“Third Party Websites“). When you use a link online to visit a Third-Party Website, you will be subject to that website’s privacy and security practices, which may differ from ours. You should familiarize yourself with the privacy policy, terms of use and security practices of the linked Third-Party Website before providing any information on that website.

  1. Additional Considerations

A Special Note About Minors

Our Site is not directed to minors under the age of 18. However, minors can normally accompany their parent(s) or legal custodian(s) who have booked an accommodation, unless prohibited by an accommodation property’s policies.

Language

This Privacy Policy has originally been drawn up in the English language. Translations in other languages are available for your convenience. In case of conflict between the English language version and a translated version, the English language version shall prevail.

Terms of Use

Please review the MEDU Terms of Use for more details on using our Site. This Privacy Policy forms an integral part of our Terms of Use.

  1. Contacting Us

If you have any questions about this Privacy Policy or our privacy practices, please contact our MEDU Data Governance Officer by email at ceo@medutur.com, phone at +90 531 866466 (Turkey, charges apply) or by sending a registered letter to the address at:

MEDU, B Block Daire 91,

Uphill Towers, 

Barbaros, Istanbul Turkey