Return to Checkout

Privacy Policy

SECURE NODE REPORT | UPDATED: June 09, 2026

1. Overview & Data Controller

As Celyxmed Health Group ("Company", "We", "Our"), we act as the Data Controller in accordance with the Global Data Protection Regulation (GDPR) and the Law on the Protection of Personal Data (KVKK). This Privacy Policy explains how we collect, process, store, and shield your personal, financial, and medical data transmitted via our secure gateway node (sales.celyxmed.com).

By interacting with this gateway and completing a financial transaction, you explicitly acknowledge and consent to the data practices described in this policy.

2. Data We Collect & Process

To provide high-end healthcare coordination and secure booking processes, we collect the following categories of information:

  • Identity Metrics: Full name, passport number, date of birth, and nationality.
  • Contact Credentials: E-mail address, international phone number, and residential address.
  • Financial Data: Billing details, currency preferences, and transaction tokens. (Note: Your full credit card numbers or sensitive security codes are handled directly by our certified smart gateway partner, iyzico, under strict PCI-DSS Level 1 compliance; they are never stored on our local database servers).
  • Medical & Clinical Data: Preliminary treatment requests, designated medical categories, and clinical package choices.
  • Technical Telemetry: Masked IP addresses filtered through Cloudflare network nodes, browser configurations, timestamps, and secure session logs.

3. Legal Basis & Purposes of Data Processing

Your personal data is managed strictly under the following legal foundations:

  1. To execute and finalize your medical travel arrangements, treatment reservations, and VIP clinical packages.
  2. To comply with regulatory healthcare frameworks, international accounting laws, and anti-fraud protocols.
  3. To ensure maximum node stability, defend against brute-force vector cyber attacks, and maintain network integrity via Cloudflare siber-intelligence layers.

4. Data Retention & Secure Encryption Standards

We implement corporate, military-grade administrative and technical measures to shield your data:

  • Transit Security: All connections are encrypted via 256-Bit SSL TLS 1.3 cryptographic protocols managed by Cloudflare.
  • Database Hardening: Data storage matrices utilize safe parameters, preventing unauthorized extraction or data-scraping anomalies.
  • Retention Timeline: Medical and billing records are securely stored for the duration required by global healthcare legislation and tax frameworks, after which they are thoroughly anonymized or permanently purged.

5. International Third-Party Data Disclosures

Celyxmed Health Group does not sell, trade, or rent patient credentials to third-party brokers. Data sharing is strictly restricted to:

  • Authorized partner hospitals, certified surgeons, and clinical medical teams assigned to your specific aesthetic or medical package.
  • Legal authorities or judicial bodies where disclosure is mandate by binding statutory frameworks.
  • iyzico Secure Gateway: To process your payment transaction securely.

6. Your Global Privacy Rights

Depending on your jurisdiction (e.g., EU GDPR or TR KVKK), you have the absolute legal right to:

  • Request access to your stored personal dataset.
  • Request correction of faulty, incomplete, or outdated information.
  • Request the permanent erasure ("Right to be Forgotten") of your personal data, subject to local statutory medical archiving rules.
  • Object to automated profiling filters or restrict data processing models.

To invoke any of your international privacy rights, please contact our compliance node directly via [email protected].

Celyxmed Compliance Registry Service Node. All Encryption Active.