Privacy Policy
MEDIO Technology A.Ş. a company incorporated under the Companies Act, 2022, with its registered office at Hasanpaşa, Mandıra Cd. No:4, 34730 Kadıköy/Istanbul, Türkiye (hereinafter referred to as the ‘Company’) is engaged in providing medical assistance to patients (the “Services”). We value the privacy of our Users (defined under Clause 1.8). We are committed to ensuring your personal data and information safety and protection. This Privacy Policy (the ‘Policy’) applies to our Website ‘www.medioapp.com’, its mobile-friendly website interface, and iOS/Android Mobile Application under the name of ‘Cured by Medioapp’ (the Website and the Application shall individually and collectively be referred to as the ‘Platform’). We may collect, store, use and process the personal data and information provided by you while accessing or using the Platform. In pursuance of the foregoing, this Policy among other things governs the manner of collection, storage, usage, processing, and protection of your information including the type of data collected, the manner of collection, the purpose of collection, and intended use, disclosure of information, your data protection rights, etc. By accessing, visiting, and using the Platform, you consent to the provisions stipulated in this Policy. You are advised to carefully read this Policy before visiting, using, and accessing the Platform, and in the event, you disagree with its provisions, discontinue such use and access.
For the purpose of this Policy, the terms ‘We’, ‘Us’, and ‘Our’ refer to the Company, and ‘You’, and ‘Your’ refer to the Users (including the visitors) of the Platform.
1. DEFINITIONS
1. ‘Consent’ of the User means any freely given, specific, informed and unambiguous indication of the User’s wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2. ‘Data Concerning Health’ means personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status.
3. ‘Data Controller ’ means the person, entity, authority or agency that determines, whether, alone or jointly with others the purpose and means of processing Personal Data. The Company is the Data Controller for the purpose of this Policy.
4. ‘Personal Data’ means information relating to living persons that can be used and referenced to identify such person, directly or indirectly, such as name, contact information (telephone number, email address), identification number, location data, etc. When the User desires to receive Services from the Company, we may ask you to provide us with certain personal data about yourself including name, age, contact number, residential information, Identification Cards (as per the governing laws) along with a copy of the same, photo, credit or debit card information, its expiry dates and authentication codes, UPI Ids, amongst other matters. It is optional for you to engage in the Services provided by the Company; however, if you choose to not provide your information, you might not be able to avail of the Services. The Personal Data shall also include your user id/log –in id and passwords for accessing the Platform for Registered Users.
5. ‘Processing’ of the personal information or data includes activities such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of Personal Data.
6. ‘Service Providers’ include doctors, hospitals, clinics, care centers, and other medical practitioners providing medical services through the Platform.
7. ‘Special Categories of Personal Data’ includes medical history, genetic data, and data concerning health, religion, data concerning sex life, and sexual orientation.
8. ‘User’ means an individual or legal entity looking to avail various kinds of medical services through the Platform, and shall also include a visitor of the Platform.
2. WHAT DATA DO WE COLLECT AND HOW DO WE COLLECT IT?
1. PERSONAL DATA PROVIDED BY YOU
a. We collect the Personal Data that you provide on the Platform such as your name, telephone number, email address, and location. In addition to the foregoing, we collect the Special Category Personal Data that you provide on the Platform including data concerning your health, medical condition, sex life, or sexual orientation.
b. It is pertinent to note that the mere browsing of the Platform by you shall not require you to provide or submit to us the foregoing Data and information, and the said Data shall be collected and stored by us only if you voluntarily submit your Personal Data on the Platform for purposes including i) When You provide such name, address, email, contact details, and data concerning your health during registration of your account or for any inquiries, opinions, and quotes on the Platform, (ii) When you subscribe to our newsletter and communications by providing your email address, (iii) When You participate in surveys, sweepstakes, contests, and promotions, (iv) When You communicate with our customer service. You may at your discretion choose not to provide such information, however, in such cases, we shall be unable to provide our Services to you and your access to our Platform may become restricted.
2. DATA AUTOMATICALLY COLLECTED BY US
In addition to the Personal Data provided by you, our Platform uses technologies such as cookies, web beacons, log data, and third-party analytics for data collection and analysis.

3. CHAT, AUDIO, AND VIDEO RECORDING
To improve the patient experience and improve the overall quality of conversation between the User, Service Provider, and us, our platform keeps a record of all the chats, voice calls, and video calls. The purpose of storing this data is only to improve the quality of conversation and is used only for internal purposes.
4. LOG DATA
Log Data and files are collected by us when you use and interact with the Platform. The information collected includes Your IP (Internet Protocol) address, browser type, and version, geographical location, operating system, date and time stamps, URLs of referring/exit pages, pages visited, and device ID. This information does not identify any User and is used to analyze trends, track User movements across the Platform, administer the Platform, and collect demographic information to develop an understanding of your needs and preferences to customize our Platform, features, and Services accordingly. Except where it is expressly mentioned in this Policy, this information is not mixed or commingled with your Personal Data.
5. COOKIES
a. WHAT ARE COOKIES?
When you browse on a Platform using a browser, certain data generated by the Platform is stored on your device to remember information about you. This is done to recognize your device and set your preferences as per your usage of the Platform. Cookies are used to enable functions of the service, provide analytics, store your preferences, deliver advertisements, etc. Cookies help us understand how the Platform is being used and eventually help us to improve your experience.
Cookies can generally be categorized as (i) First-Party, (ii) Third-Party, (iii) Session, and (iv) Persistent Cookies, as explained below:
i. First-party Cookies are cookies that are placed on your device by us.
ii. Third-party Cookies are operated by third parties that can recognize your device both when it visits our Platform and when it visits other websites or mobile apps. We do not control how third-party cookies are used, and we encourage you to check the websites of any third-party cookie providers for more information about how they use Cookie information.
iii. Session Cookies enable you to stay logged in on the Platform and Persistent Cookies recognize you every time you return. Session Cookies are deleted at the end of a session when you exit the browsers; and
iv. Persistent Cookies are stored and remain valid till their date of expiry unless deleted by you before the said date. The types of Cookies listed below fall in either of the aforesaid general categories.
b. TYPES OF COOKIES AND THEIR PURPOSE
i. Necessary Cookies
These Cookies are necessary to provide our Services to you. For example, these Cookies help you see the right information when you log in to our Services, navigate from page to page without having to sign in on every page, detect, prevent, and mitigate malicious and fraudulent activities on our Platform, and support and enable other security features. They are necessary cookies without which the Platform will not function properly or be able to provide certain features and functionalities. You may disable these cookies in your browser but as a result, certain functions and features of the Platform will not be available to you.
ii. Performance Cookies
Performance Cookies help us ascertain how often you visit our Platform and how you use, interact and move around on the Platform and include information such as the pages frequently visited by you. They lead us to know what features on the Platform are functioning best and help us to improve and optimize our Platform and make it easier for you to navigate. The information collected by these cookies is anonymous and aggregated and cannot be used to personally identify you.
iii. Google Analytics
These are categories of Performance Cookies provided by Google Inc. and are used to collect information about your use of our Platform including such as the number of visitors, where the visitors come from, and the pages visited by them. This information is used by us to compile reports and help us improve the Platform. The aforesaid information generated by the Cookies is transmitted to and stored by Google on servers in the United States and used to evaluate your use of the Platform, compile reports on Platform activity, and provide such other services in connection with Platform activity and internet usage. We do not attempt to reconcile information collected via Google Analytics to identify an individual User. By using our Platform, you consent to the processing of your data by Google in the manner and for the purposes set out above.
iv. Functionality Cookies
These cookies help us to recognize you when you visit and return to the Platform and remember your chosen preferences and settings when you visit the Platform to provide you with a customized and personal experience. This includes information such as your text size, font, location, and other customizable elements. Such information cannot personally identify you.
v. Advertisement Cookies
These are third-party cookies and are used by advertisers to help display advertisements that may be relevant or interesting to you. They gather information about your visit such as content viewed by you, ads viewed by you, and frequency of views. They do not collect personally identifiable information about you.
vi.  Security Cookies
Security Cookies are used to identify and prevent security risks such as protecting your account and data from unauthorized interception, use, and access, and secure the Platform and Services generally.
vii.  Flash Cookies
We may also use Flash Cookies (also known as Local Shared Objects or LSOs) to, inter alia, collect and store information about your use of the Platform, fraud prevention, and for other Platform operations. If you do not want Flash Cookies stored on your device you can adjust the settings of your Flash player to block Flash Cookies storage using the tools contained in the Website Storage Settings Panel. You can also control Flash Cookies by going to the Global Storage Settings Panel and following the instructions (which may include instructions that explain, for example, how to delete existing Flash Cookies (referred to as ‘information’ on the Macromedia site), how to prevent Flash LSOs from being placed on Your device without being asked, and (for Flash Player 8 and later) how to block Flash Cookies that are not being delivered by the operator of the page you are on at the time).
Please note that setting the Flash Player to restrict or limit acceptance of Flash Cookies may reduce or impede the functionality of some Flash applications, including, potentially, Flash applications used in connection with our Platform and Services.
c. HOW LONG DO COOKIES STAY ON MY DEVICE?
Session Cookies are deleted at the end of a session when you exit the browsers whereas Persistent Cookies stay for a longer period and are stored and remain valid till their date of expiry unless deleted by you before the said date.
d. OTHER TECHNOLOGIES
In addition to cookies, we may use web beacons, pixel tags, and other tracking technologies on the Platform to help customize the Platform and improve your experience. A ‘web beacon’ or ‘pixel tag’ is a tiny object or image embedded in a web page or email. They are used to track the number of users who have visited particular pages and viewed emails and acquire other statistical data. They collect only a limited set of data, such as a cookie number, the time and date of a page or email view, and a description of the page or email on which they reside. Web beacons and pixel tags cannot be declined. However, you can limit their use by controlling the cookies that interact with them.
e. YOUR CONTROL AND MANAGEMENT OF COOKIES.
i.  Browser Settings
You can enable, disable or remove Cookies through your browser’s settings. Please note that such actions could affect the functionality and certain areas and features of Our Platform and Services.
ii.  Third-Party Cookies
We do not control third-party Cookies on our Platform. Such cookies can be managed and controlled through browser settings or by visiting a third-party website.
iii.  Google Analytics
You can opt out of Google Analytics Cookies by visiting the Google ad settings or downloading and installing the Google Analytics opt-out browser add-on.
iv.  Social Media Plug-ins
Our Platform uses ‘Social Media Plug-ins’ to allow you to share content on social media including, Facebook, Instagram, Twitter, Youtube, and Linked-in buttons. According to Your social media account settings, we automatically receive information from the social media platform when you use the corresponding button on the Platform. Further, the buttons contain embedded Cookies through which the Social Media Platforms receive and collect your information. We are not responsible for the collection, use, and processing of information by such social media platforms. To learn more about Social Media Cookies, we suggest you refer to your social media Platform’s Cookie and Privacy Policy.
2. DATA WE COLLECT FROM THIRD-PARTY SOURCES
a. When you provide your name, address, and contact details for bookings and e-commerce transactions with our partners including, but not limited to, travel and logistics partners, insurance providers, and forex partners, we may receive your Personal Data and transaction data from them.
b. When you book appointments or enter into contracts with the Service Providers listed on the Platform to avail of the various medical services available therein, we may receive Your Personal Data including Special Personal Data, trip details, and invoices from the Service Providers.
3. HOW WE USE YOUR DATA
1. We assure you that the information collected and stored by us shall not be used and processed for any unlawful, illegal, or illicit purposes and shall be used only to provide the services on the Platform. The legal basis for collecting and using the Personal Data described above will depend on the type of Personal Data collected, the specific context in which we collect it, and the purposes for which it is used. The purpose of collection of Your Data and the legal basis for the same has been delineated below:
PURPOSE OF DATA COLLECTION
LEGAL BASIS
To provide you with access to the features and Services of Our Platform including enabling You to create an account and use the Platform and Services
Performance of contract
Customizing and tailoring Our services to Your specific requirements including different medical services, assisting with and arranging trips and logistics, verify Your identity
Performance of contract
For research and analysis so as to improve and develop the Platform and Services
Legitimate Interests
To communicate with you to provide information relating to the Platform and services including responding to requests and resolving issues
Your consent
To create a safe environment including ensuring security, detection, prevention and investigation of fraud, unauthorized use, violation of Our terms and to comply with any legal obligation
Compliance with legal obligations, protection of vital interests, legitimate interests
For the operation of the Platform and Services and compliance with Our legal obligations
Legitimate interests, compliance with legal obligations
To facilitate and evaluate the use of Our Platform and Services
Legitimate interests, the performance of the contract
To send you marketing and advertising communications including promotional offers, sales, events, interest-based targeted advertising etc.
Your consent
To display and post comments and testimonials on the Platform, social channels, and other portals to share your experience with the hospitals, doctors, destinations, and the Company.
Your consent
To improve the accuracy of our records
Legitimate interests
To provide online communications and blogs including using your information on our message boards, chat features, and blogs
Your consent
Notify You of new services and features on the Platform
Performance of contract
Providing customer support services
Performance of contract
Others. We will obtain Your consent before We process Your Data for any purpose other than the ones stipulated in this Policy
Your consent
2. Please note that the legal basis for the collection and processing of the Special Category Data is solely for providing the requested Services to you.
3. The Personal Data may be used by us to send out the verification code or OTPs while registering on the Platform or availing of the Services. The Company also uses Personal Data for supporting expeditious transactions on the Platform.
4. DISCLOSURE AND SHARING OF DATA
1. Except where otherwise expressly provided the information collected by us shall not in any manner be disclosed to any unaffiliated third party. We may, however, disclose your information to our domestic or international affiliates, subsidiaries, joint venture partners, licensees, and representatives, solely for the purposes stipulated in this Privacy Policy.
2. We may share your information with parties directly authorized by you to receive the Personal Data, for instance, we may share your data with a medical service provider of your choice.
3. We may work with and outsource certain services to third-party vendors, consultants, agents, and service providers to enable us to provide our services more efficiently. The outsourced services may include without limitation a) marketing b) billing c) backup and storage d) payment processing e) analysis f) customer database management g) providing customer services and technical support h) and such other services to maximize our business. In pursuance of the aforementioned outsourcing, we may disclose your information to such third-party service providers. We do not sell, share, rent, or trade any of your Personal Data with any third party for their own promotional purposes.
4. We may disclose the google analytics, statistics, and demographic reports developed by us by analyzing your usage patterns and behavior to our internal team to improve the Platform and the Services. Such statistics and reports contain anonymous information such as preferences, pages frequently visited that do not constitute personally identifiable information. The information is used in a manner such that no single person can be identified using such compilations.
5. In the event of a transfer of our business, undertaking, or assets, whether in whole or in part as a result of a merger, acquisition, restructuring, reorganization, or otherwise your information may be disclosed to the transferee to the extent of such transfer, and we shall make reasonable efforts to protect Your information under our Privacy Policy. We will notify you of the change in control and use of Your Personal Data and any options you may have regarding the same.
6. We may disclose information where we believe disclosure is necessary or required (i) by law or regulation, to comply with legal process or government requests (including in response to public authorities to meet national security or law enforcement requirements), or (ii) to exercise, establish or defend our legal rights.
7. We may disclose your information if it is necessary to protect the vital interests of any person.
8. For any other purpose, we may disclose your Personal Data with Your consent.
5. YOUR DATA PROTECTION RIGHTS
1. RIGHT TO INFORMATION
You have the right to free information about your stored Personal Data, the origin of the data, its recipients, and the purpose of the data processing.
2. RIGHT TO ACCESS
You have the right to access the Your Personal Data held by us and request a copy of such Data.
3. RIGHT TO WITHDRAW CONSENT
Where you have given your consent to the processing of Data, You have the right to withdraw your consent to such processing. However, your withdrawal shall not affect the lawfulness of any processing based on the consent granted before your withdrawal. When you withdraw consent, you acknowledge that it may negatively affect the quality of our Services.
4. RIGHT TO RECTIFICATION
You have the right to request for the correction and rectification of Your Personal Data in case of any inaccuracies.
5. RIGHT TO ERASURE
You have the right to request for the deletion of Your Personal Data held by Us, provided, however, We shall not carry out this request in the event we need your such Data to comply with any legal obligation or for the exercise or defense of any legal claims.
6. RIGHT TO RESTRICT PROCESSING
You have the right to restrict Our Processing of Your Personal Data where You believe the Data to be inaccurate or the processing is unlawful or we no longer need to process it for a particular purpose unless such processing is required to fulfill any legal obligation or in the exercise or defense of any legal claims.
7. RIGHT TO DATA PORTABILITY
You have the right to obtain Your Personal Data and have us provide it to you in a structured, electronic and machine-readable format and to transmit it to another data controller. If you request a direct transfer of the data to another data controller, this will be done so far as it's technically feasible.
8. RIGHT TO OBJECT
You have the right to object to the processing of Your Personal Data at any time on grounds relating to Your particular situation and under the applicable law of We process such Data based on your consent, to perform a contract with You or in furtherance of Our legitimate business interests. We may continue to process the Data where required to fulfill any legal obligation, to exercise or defend any legal claim, or any other exception under applicable law.
9. RIGHT TO COMPLAINT
a. If you have any complaints about how we handle your Personal Data you should contact us at contactus@medioapp.com.
b. In order to exercise any of your rights you may contact us at contactus@medioapp.com or send us your request/complaint at Hasanpaşa, Mandıra Cd. No:4, 34730 Kadıköy/Istanbul, Türkiye. We will respond to and resolve your request without undue delay and no later than the timelines prescribed under applicable laws.
6. DATA RETENTION
1. We may retain and use your Personal Data as necessary for the purposes set out under this Policy or to comply with our legal, regulatory, accounting, or reporting obligations. Consistent with these requirements, we will try to delete your Personal Data within the time limits imposed by applicable law, if any upon request. When we have no justifiable business need to process your Personal Data, we will either delete or anonymize it, or, if this is not possible (for example, because Your Personal Data has been stored in backup archives), then we will securely store Your Personal Data and isolate it from any further processing until deletion is possible.
2. You may withdraw your consent to submit the Personal Information by sending an email to us at contactus@medioapp.com. In case, you choose to do so then your access to the Platform may be limited, and we might not be able to provide the Services to you.
7. INTERNATIONAL TRANSFERS
Your Personal Data and information may be transferred to and maintained on computers and servers located outside of your state or country or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction. We will take all steps reasonably necessary to ensure that your data is treated securely and under this Privacy Policy and no transfer of Your personal information will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information. Where applicable law requires us to ensure that an international data transfer is governed by a data transfer mechanism, We use one or more of the following mechanisms: European Commission’s Standard Contractual Clauses with a data recipient outside the EEA (European Economic Area), verification that the recipient has implemented Binding Corporate Rules, or verification that the recipient adheres to the EU-US and Swiss-US Privacy Shield Framework. We have implemented similar appropriate safeguards with our service providers, partners, and affiliates.
8. SECURITY
1. We employ and maintain administrative, technical, and physical measures, policies, and procedures to ensure the security, integrity, and confidentiality of your Data against accidental, unauthorized, unlawful access, disclosure, alteration, loss, or destruction including a) guidelines on proper disposal of Data when no longer required b) access controls on an electronic system to maintain, access or transmit Data c) access restrictions to locations containing Data d) encryption of electronic Data e) dual control procedures f) testing and monitoring of electronic systems g) procedures to detect actual or attempted attacks or intrusions on systems containing Data. Your Data is provided only to authorized persons and we use Secure Sockets Layer (SSL) or Transport Layer Security technologies for the protection of your data in transit.
2. The Platform is scanned regularly for vulnerabilities to make your use of the Platform as safe as possible. Further, the Company shall adopt such other measures as provided under the prevailing laws from time to time to protect your data.
3. We strongly recommend you not share your login Id and password (“credentials”) or bank account details with anyone under any circumstances. Any personnel of the Company would never contact you asking for your credentials or bank account details; hence you are advised not to entertain such faux calls or messages and report regarding the same to the Company at the earliest to enable us to take appropriate steps.
4. Despite our best efforts, no website, mobile application, database, or system is completely secure. As a result, we do not guarantee or warrant the security of any information you transmit through the Platform and you do so at your own risk. If you have a reason to believe that your interaction with the Platform is no longer secure, you should forthwith notify us of the same at contactus@medioapp.com.
9. MINORS
Our Platform and Services are not directed for use by minors. We do not knowingly collect Personal Data from minors and minors must have consented to interact with us or use the Services of their parent or guardian. If a parent or guardian becomes aware that his or her child has provided us with Personal Data without their consent, he or she should contact us at contactus@medioapp.com. If we become aware that a minor has provided us with Personal Data, we will take steps to delete such information from our files.
10. AMENDMENTS
We may review and update this Privacy Policy periodically in response to changing legal, technical, and business developments. When we update this Privacy Policy we will note the date of its most recent revision above. If we make material changes to this Privacy Policy, We will take appropriate measures to inform you in a manner that is consistent with the significance of the changes we make and is under applicable law. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.
11. THIRD-PARTY LINKS AND PLATFORMS
1. The Platform may contain links to third-party websites and the same shall not constitute, in any manner whatsoever the Company’s endorsement, sponsorship, or recommendation of such third-party Platforms or their products, services, content, and offerings. The Company is not responsible for examining or evaluating any third-party Platforms and does not make any representation or warranty for their products, services, content, and offerings or their terms of use and privacy practices.
2. In the event a User accesses such third-party websites, he/she shall do so at his/her own risk and expense and apprise him/her of their terms and conditions and privacy practices before providing any personal data or sensitive information to them.
12. LIABILITY AND WARRANTY
1. Although we have implemented and employed the necessary internet security methods and technology to secure the information and data transmitted to us, the security of the Data transmitted over the internet cannot be absolutely guaranteed; thereby we cannot ensure or warrant the security of any information that you transmit to us. Accordingly, the Users share their Personal Data with us entirely at their own risk. In light of the above, the Company declares as follows:
a. We shall not be held liable for any loss or injury caused to you, as a result, of voluntary disclosure of the Personal Data by the User to a third party.
b. Further, notwithstanding anything contained in this Policy, we disclaim all the warranty for any loss, damage, or misuse of the Data.
c. We disclaim all the warranty and take no responsibility and liability for the privacy practices and security of Data collected by the third-party website linked to our channel and services that are outside our control
13. DISCLAIMER
We do not collect the Personal Data of any individual except when such an individual voluntarily shares information and data on our Platform. Upon such voluntary disclosure of information and data, we may further verify and collate the information and data from information available in the public domain (as permitted by law) to prevent cases of identity theft, fraud, etc. We may receive your information and data through third-party websites if you are connected to us through those websites and services.
14. GRIEVANCES AND CONTACT DETAILS
In the event of any queries or grievances you may contact us at contactus@medioapp.com. Address:  Hasanpaşa, Mandıra Cd. No:4, 34730 Kadıköy/Istanbul, Türkiye
Contact Details: (+90) 850 308 3990