RhinoMe Application — Dr. Mehmet Erdil ENT Clinic
This Privacy Policy explains how Dr. Mehmet Erdil ("we," "us," or "our") collects, uses, stores, and protects your personal information when you use the RhinoMe mobile application ("the App") and related services. We are committed to protecting your privacy and handling your data responsibly.
By using the App, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the App.
RhinoMe is a consultation booking and information tool. The video meeting with Dr. Erdil is a pre-surgery consultation; the actual surgery is performed in person at the clinic in Istanbul. The App is not a telemedicine, diagnostic, or remote-treatment service.
The App does not collect, store, or transmit your medical history, allergies, medications, prior-surgery details, facial photos, or any clinical records. Clinical information is gathered directly by the clinic team (separately from this App) during your consultation session.
When you book a consultation, the App collects a handwritten consent signature image only to document that you reviewed and accepted the video consultation information and consent form.
The data controller responsible for your personal data is:
| Data Type | Examples | Purpose |
|---|---|---|
| Account Information | First name, last name, email address, phone number, date of birth, gender, country, city, occupation | Account creation, identification on appointments, sending the Zoom invitation, KVKK-compliant phone verification |
| Appointment Booking Data | Selected consultation date and time, selected surgery date (if applicable), appointment status | Scheduling and managing your consultation and surgery |
| Consent Signature | Handwritten consent signature image | Documenting your acceptance of the video consultation information and consent form |
| Payment Records | Transaction reference (PayTR order ID), amount, currency, payment status. Card details are processed entirely by PayTR's secure iframe and are never seen, stored, or transmitted by the App or our servers. | Processing your consultation fee and reconciling your booking |
| Data Type | Examples | Purpose |
|---|---|---|
| Device Information | Device model, operating system, app version | App functionality and troubleshooting |
| Push Notification Token | An anonymous device push-notification token assigned by your device's operating system | Sending appointment reminders and status notifications |
| Internal Identifier | Supabase auth user ID (UUID) | Linking your account to your bookings on our backend |
Information about your medical history, allergies, current medications, prior nasal procedures, breathing, smoking, and so on — together with any pre-operative facial photographs — is collected by the clinic team outside this App (for example, via WhatsApp messages with the clinic secretary or in person at the clinic). That information is processed under a separate clinical record system that is not part of this App and is not connected to your in-app account beyond the same patient identity. If you wish to know more about how the clinic stores and protects clinical records, please contact info@drerdil.com.
We use your personal information solely for the following purposes:
For users in the European Economic Area (EEA) and similar jurisdictions, we process your data based on the following legal grounds:
| Legal Basis | Applies To |
|---|---|
| Contract Performance (Art. 6(1)(b) GDPR) | Coordinating your consultation, sending the Zoom invitation, processing payments |
| Consent (Art. 6(1)(a) GDPR) | Sending push notifications (you may revoke this at any time in iOS Settings) |
| Legal Obligation (Art. 6(1)(c) GDPR) | Tax / financial reporting requirements for payment records |
| Legitimate Interest (Art. 6(1)(f) GDPR) | App security, fraud prevention |
Your data is stored on infrastructure operated directly by us (see Section 6) and is not handed over to any cloud database provider. We share limited data with the following third-party service providers, and only to the extent necessary to deliver the service you requested:
| Recipient | Data Shared | Purpose |
|---|---|---|
| PayTR | Card details are entered directly into PayTR's iframe; we never see them. We share with PayTR only the merchant order ID and the amount. | Card payment processing |
| Zoom | Your name and email address (so the meeting invitation reaches you) | Hosting the video consultation meeting |
| Hospital / Surgical Facility | Your name and surgery date (only if you proceed with surgery) | Coordinating your surgery and hospital stay |
We do not share your data with any other third parties. We do not use third-party analytics, advertising networks, or data brokers.
Your data is stored on dedicated infrastructure operated directly by us in Türkiye. We do not store your personal data on Firebase, Google Cloud, Supabase Inc., AWS, Azure, or any other public cloud database provider.
For security reasons we do not publish further details about specific software, hosting providers, network configuration, or encryption parameters. If you are a data-protection authority or a legal representative requesting additional technical detail, please contact us at info@drerdil.com.
| Data Type | Retention Period |
|---|---|
| Account information (name, email, phone, etc.) | Until account deletion is requested; removed on deletion |
| Appointment records | Until account deletion is requested; historical records are anonymized on deletion |
| Consent signature image | Until account deletion is requested |
| Payment transaction records | 10 years (Turkish tax / financial regulation compliance) — retained even after account deletion, in pseudonymized form |
| Push notification tokens | Until you revoke push permission or delete your account |
Depending on your jurisdiction, you have the following rights regarding your personal data:
To exercise any of these rights, contact us at info@drerdil.com. We will respond within 30 days.
You can delete your account at any time through the App (Profile → Delete Account) or by contacting us at info@drerdil.com.
Upon account deletion:
The App may not be used by anyone under the age of 18 under any circumstances, including with the consent or supervision of a parent or guardian. We do not knowingly collect personal information from children. Parents and guardians may not create accounts on behalf of minors. If we discover that an account has been created for or is being used by a person under 18, we will close the account and permanently delete all associated personal data.
Your data is stored on our infrastructure in Türkiye. If you are located outside Türkiye, your data is transferred to and processed in Türkiye when you use the App. Limited categories of data are also processed by the third parties listed in Section 5 (PayTR in Türkiye; Zoom internationally). We rely on Standard Contractual Clauses (SCCs) and equivalent safeguards for transfers outside the EEA where applicable.
RhinoMe is a consultation booking and information tool. It does not provide medical advice, diagnosis, or treatment, and it is not a telemedicine or remote-care service. The educational content in the App (articles, gallery) is for informational purposes only and does not replace professional medical advice. All medical decisions are made by Dr. Mehmet Erdil during the consultation and during in-person evaluation at the clinic. Always consult with your doctor before making medical decisions.
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy in the App and updating the "Last Updated" date below. Continued use of the App after changes constitutes acceptance of the updated policy.
If you have any questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us:
Dr. Mehmet Erdil
Email: info@drerdil.com
Phone: +90 538 200 92 86
Address: Ataköy 7-8-9-10. Kısım Mahallesi, Çobançeşme E-5 Yan Yol Caddesi No:20-1/3, B-Blok 7. Kat No:153, Bakırköy, Istanbul, Turkey
Last Updated: May 3, 2026