Privacy Notice

This Privacy Notice applies to all the products, services, websites and apps offered by Topuz & Partners LTD, except where otherwise noted. The services include Global Doctor Review subscriptions. We refer to these products, services, websites, and apps collectively as the "services" in this Privacy Notice. Unless otherwise noted in our contract, our services are provided by Topuz & Partners LTD inside the United Kingdom.

This Privacy Notice does not apply to personal information we collect from our employees or job applicants in their capacity as employees or candidates. Employees and candidates should refer to our Employee Privacy Notice or Candidate Privacy Notice, respectively.

References in this Privacy Notice to data, personal information, or information, are all references to Personal Data. Personal Data means information relating to a natural person (a "Data Subject") who is, or can be, reasonably identified from the information, either alone or in conjunction with other information.

Participating Organisations: Organisations that hold an account with a Topuz & Partners service (e.g., Global Doctor Review). Such organisations participate in our research by uploading submissions containing recent work highlights and a list of patients, peers, or clients (collectively "Referees") we can contact to gather feedback on the quality of their services.

Referees: Referees are individuals who receive surveys from Topuz & Partners or invitations to participate in an interview to provide feedback on the Participating Organisation(s) that referred them.

Visitors: You are just visiting one of our websites.

(a) Contact Information — You might provide us with your contact information (for example: name or email address), whether through use of our services, a form on our website, an interaction with our sales or customer support team, or a response to one of Topuz & Partners' own surveys or forms.

(b) Cookie Information — We use first party and third party cookies and tracking services that employ cookies and page tags to collect data about visitors to our websites. This data includes usage and user statistics.

(c) Customer Support Information — We collect information submitted through our Customer Support portal, such as name, email, and message text. We also record the content of Customer Support, Customer Success, and Sales calls.

(d) Usage Information — We collect usage information about you whenever you interact with our websites and services. This includes which webpages you visit, what you click on, when you perform those actions, what language preference you have, what you buy and so on.

(e) Device and Browser Data — We collect information from the device and application you use to access our services. Device data mainly means your IP address, operating system version, device type, device ID/MAC address, system and performance information, browser type, and other device, network and browser signals.

(f) Event Data — Like most websites today, our web servers keep log files that record data each time a device accesses those servers. The log files contain data about the nature of each access, including originating IP addresses, internet service providers, the files viewed on our site, operating system versions, device type and timestamps.

(g) Referral Information — If you arrive at a Topuz & Partners website from an external source (such as a link on another website or in an email) or have been invited to review a survey as a guest, we record information about the source that referred you to us.

(h) Integration Data — We collect information from third parties with whom Topuz & Partners enables integrations in order to allow you to use both services.

(i) Account Information — When you register for an account, we collect your first and last name, username, password and email address. If you make a payment, we require your billing details and financial information corresponding to your selected method of payment.

(j) Address Book Information — We may allow you to import email addresses and other contact information into an Address Book so you can easily invite people to take your surveys. We do not use this data for our own purposes or to contact anyone, except at your direction.

(k) Survey/Form/Application/Interview Data — We store survey/form/application data (questions and responses) to provide and develop our services and products.

(l) First & Third Party Profile Information — We may combine information about you from third party sources (such as LinkedIn, ZoomInfo, and other data brokers) with information we hold about you to create a user profile.

We rely on one or more of the following processing conditions: performing our contractual obligations; satisfying legal and regulatory obligations; satisfying our legitimate interests in the effective delivery of information and services; and when we have your consent.

3.1.1 Consent — We rely on your consent to process advertising and preference cookies, and contact information for marketing communications. You can withdraw consent at any time.

3.1.2 Contract — We collect and use account information, customer support information, usage information, device data, integration data, and survey/interview data to fulfil our contract with you.

3.1.3 Legitimate Interests — We process contact information, customer support information, usage information, event data, first party information, third party information, and de-identified device data for legitimate business interests, with clear limitations to respect your privacy.

3.1.4 Legal Obligation — To respond to legal requests, we may need to disclose information we hold about you. We may also use data to enforce our agreements, investigate security issues, prevent potentially unlawful activities, and screen for undesirable or abusive activity.

We process personal data about you as a Respondent/Referee where we have your consent, need to fulfil our contractual responsibility to the Participating Organisation that referred you, have legitimate interests, or have a legal obligation.

Special Category Personal Data: As part of our research activities, we collect personal data relating to health, ethnicity, and nationality. We ask for your valid, specific and informed consent before we let you proceed with filling out a survey or conducting an interview.

We rely on consent (for cookies and marketing communications), contract (for device and event data to fix bugs and make improvements), and legitimate interests (for third party profile information, usage information, event data, customer support information, and referral information).

Our website may automatically set functional and performance-related cookies. You may manage your cookie preferences through our Cookie Policy and cookie banner, or through your browser settings.

Many of our services let you share information with others. Remember that when you share information publicly, it can be indexable by search engines. We cannot delete content from search engines so you need to be careful about information you make public.

We do not share your information or data with third parties outside Topuz & Partners except in the following limited circumstances:

(a) If you are a Participating Organisation with several user accounts, your account information and data will be shared with the primary administrator(s).

(b) To help us provide certain aspects of our services we use trusted key partners — in particular, we engage third parties to facilitate survey collection (Zoho), communication (Microsoft Teams), payment processing, fraud detection, marketing delivery, and website analytics.

We enter into confidentiality and data processing agreements (DPAs) with partners where possible to ensure they comply with high levels of confidentiality and best practices in privacy and security standards.

We have appointed a Data Protection Officer (DPO). If you wish to contact our DPO you can do so via: info@globaldoctorreview.com

We work to high standards when it comes to processing your personal information. If you have queries or concerns, please contact us and we will respond.

If you remain dissatisfied, you can make a complaint about the way we process your personal information to the Information Commissioner's Office (ICO), the UK supervisory authority. Please follow this link to see how to do that.

We have appointed a Data Controller Representative in Turkey to comply with our obligations under the KVKK. You can reach out to the Data Controller Representative via:

privacy@globaldoctorreview.com or mahmutbatuhan.topuz@hs01.kep.tr

If you remain dissatisfied, you can make a complaint to the Kişisel Verileri Koruma Kurumu (KVKK Board), the Turkish supervisory authority. You can access our VERBIS record at verbis.kvkk.gov.tr.

To exercise your rights under UK GDPR or applicable data protection legislation (access, rectification, erasure, restriction, portability, or objection), please contact us at privacy@globaldoctorreview.com. We may contact you for identity verification and aim to respond within one month as required by law.