Privacy Policy

Last updated: 03 December 2025

This Privacy Policy explains how MyLumineyes® – Laser Eye Color Change by Dr. Mustafa Mete
(“MyLumineyes”, “we”, “us”, or “our”) collects, uses, discloses, and protects your personal data when you visit
www.mylumineyes.com or contact us through our digital channels.

By using this website or contacting us through it, you acknowledge that you have read and understood this Privacy Policy.
If you do not agree, you should not use this website.

1. Data Controller

The data controller responsible for this website is:

MyLumineyes® – Laser Eye Color Change by Dr. Mustafa Mete
Istanbul / Türkiye (clinical activities may also be performed in other countries where disclosed to you)
E-mail: mylumineyes@gmail.com
Website: https://mylumineyes.com

For any question regarding this Privacy Policy or your personal data, you can contact us by e-mail.

2. Scope of This Policy

This Privacy Policy applies to personal data collected through:

• our website (mylumineyes.com);
• contact and appointment forms on the website;
• e-mail communication initiated from the website;
• links to messaging or social media channels (e.g., WhatsApp, Instagram) where you voluntarily contact us.

If you use our mobile application or third-party platforms, their own privacy policies may apply
in addition, and we recommend that you read them carefully.

3. Types of Data We Collect

3.1 Information You Provide Directly

When you contact us or request an appointment, we may collect:

• Identification data: name, surname, country of residence;
• Contact data: e-mail address, phone number, preferred contact channel;
• Medical / health-related information you choose to share:
  existing eye conditions, previous surgeries, medications, eye color, expectations, photographs,
  and other details you voluntarily provide for evaluation;
• Administrative data: dates of communication, notes related to your inquiry or booking;
• Any other information you send us via forms, e-mail, messaging apps or attachments (including images).

Please do not send more sensitive data than necessary for preliminary assessment or appointment planning.
We may ask you to provide detailed medical information only during or after an official clinical evaluation.

3.2 Data Collected Automatically

When you visit our website, certain technical data may be collected automatically, such as:

• IP address and approximate location (city/country level);
• device information (browser type, operating system, screen resolution);
• date and time of access, visited pages, referral URLs;
• anonymous statistics through analytics tools (e.g., page views, session duration).

This data is typically collected using cookies, log files, and similar technologies for security,
performance, and analytics purposes (see “Cookies and Tracking Technologies” below).

4. Purposes and Legal Bases for Processing

We process your personal data for the following purposes:

• Responding to inquiries: answering your questions about eye color change, procedures, costs, and risks.
• Appointment and consultation management: evaluating suitability, scheduling clinical examinations, and communicating with you about your booking.
• Preliminary clinical evaluation: reviewing the information and photographs you voluntarily provide in order to decide whether an in-person exam is appropriate.
• Medical documentation: where applicable, creating or updating your clinical record in accordance with medical and legal requirements.
• Website operation and security: maintaining and protecting our site, preventing abuse, detecting technical issues and security threats.
• Analytics and service improvement: analysing anonymous or pseudonymized usage data to improve content, user experience, and communication.
• Legal compliance: fulfilling our obligations under applicable laws and regulations, and responding to lawful requests from authorities.

Depending on your jurisdiction, these processing activities may be based on your
consent, on the need to perform a pre-contractual or contractual relationship
(for example, when you request a medical service), on our legitimate interests
(website security, fraud prevention, service improvement) or on legal obligations.

5. Special Category Data (Health and Medical Information)

Information relating to your eye health, previous surgeries, medical history, and photos of your eyes
may be considered special category data (health data).
We process this type of information only:

• when you voluntarily provide it to us for evaluation or appointment purposes; and
• to the extent necessary for preliminary assessment, medical advice, or treatment planning.

Such data is handled with strict confidentiality and is not used for marketing without your explicit and separate consent.

6. Data Sharing and Third Parties

We do not sell or rent your personal data. However, we may share data with the following categories of recipients when necessary:

• Hosting and IT service providers that store our website and related databases;
• E-mail and communication providers that process our e-mail or messaging traffic;
• Analytics and security tools (e.g., website analytics, firewall, anti-spam, caching services);
• Medical staff and clinical partners involved in your care, solely for medical purposes;
• Professional advisors (such as legal or accounting advisors), when necessary to protect our rights;
• Authorities and regulators where we are legally required to disclose information.

These third parties are required to protect your data appropriately and to use it only for the services they provide to us.

7. International Data Transfers

Our patients and online visitors may come from different countries, and our technical infrastructure
or service providers may be located in various jurisdictions. This means that your personal data may be
transferred and stored outside your country of residence.

Where such transfers occur, we aim to take appropriate safeguards (for example, contractual clauses or
equivalent measures) to protect your data in accordance with applicable data protection standards.

8. Data Retention

We retain personal data only for as long as necessary for the purposes explained in this policy or as required by law.
Retention periods may vary according to the type of data:

• General inquiries (non-patient): typically kept for a limited period to respond and document our communication.
• Clinical and medical records: may be retained for longer periods in line with medical and legal retention requirements in the relevant jurisdiction.
• Technical logs and security data: usually kept for a short, defined period (e.g., several months) unless required for incident investigation.

When data is no longer needed, it is securely deleted or anonymized.

9. Cookies and Tracking Technologies

Our website may use cookies and similar technologies to:

• ensure core site functionalities (necessary cookies);
• remember your preferences (functional cookies);
• perform anonymous statistics and analytics (analytics cookies);
• improve performance and security (for example, caching and firewall technologies).

You can control cookies through your browser settings and, where applicable, via a cookie banner or preference tool.
Please note that blocking certain cookies may affect the proper functioning of some parts of the website.

10. Links to Third-Party Sites and Platforms

Our website may contain links to external websites, social media platforms (such as Instagram, YouTube, X/Twitter),
messaging services (such as WhatsApp), or app stores.
We are not responsible for the privacy practices or content of such third-party sites or services.

When you leave our website and access these external platforms, their own privacy policies apply.
We recommend that you review them carefully.

11. Security Measures

We implement reasonable technical and organisational measures to protect your personal data against
unauthorized access, loss, alteration, or disclosure. These may include:

• secure hosting and encryption in transit (HTTPS);
• access controls and authentication for administrative accounts;
• security and firewall tools to detect suspicious activity;
• regular updates and maintenance of our systems.

However, no online transmission or storage system can be guaranteed to be 100% secure.
You acknowledge that you share information at your own risk and should avoid sending extremely sensitive data
through insecure channels.

12.Use of Patient Photographs and Media

As part of preliminary assessment, medical documentation, or follow-up, patients may voluntarily
send photographs or videos of their eyes. These materials are considered special category
personal data and are treated with strict confidentiality.

We may request your explicit, written consent to use anonymized or partially anonymized
before–after photographs or videos for scientific, educational, clinical demonstration, or
informational purposes on our website or social media platforms. Such use will occur only if you
provide separate explicit consent at the time of approval.

You understand that once anonymized images are publicly shared, complete control over further online
distribution may not be fully guaranteed. For this reason, we only publish photos after obtaining
clear written consent and after taking reasonable steps to remove identifiable information.

If you have previously provided consent and later wish to revoke it, you may contact us at any time at
mylumineyes@gmail.com. We will remove your content from our official platforms within a reasonable
timeframe. However, you acknowledge that external, third-party websites, aggregators or social media
reposts beyond our control cannot always be deleted.

If you do not wish your images to be used for any purpose, you may simply refuse consent, and this
will not affect your evaluation or treatment in any way.

13. Your Rights

Depending on your jurisdiction, you may have some or all of the following rights regarding your personal data:

• Right of access: to request information about the personal data we hold about you.
• Right to rectification: to request correction of inaccurate or incomplete data.
• Right to erasure (“right to be forgotten”): to request deletion of your data, where legally possible.
• Right to restriction of processing: to request that we limit how we use your data under certain conditions.
• Right to object: to object to certain types of processing, especially where based on legitimate interests.
• Right to withdraw consent: where processing is based on your consent, you may withdraw that consent at any time
  (without affecting the lawfulness of processing before withdrawal).
• Right to data portability: in some cases, to receive your data in a structured, commonly used,
  machine-readable format.

To exercise your rights, please contact us via e-mail at
mylumineyes@gmail.com.
We may need to verify your identity before responding to your request.

14. Children’s Privacy

Our website and services are primarily aimed at adults.
We do not knowingly collect personal data from children without appropriate consent in accordance with applicable law.
If you believe that a child has provided personal data to us without proper authorisation,
please contact us so that we can take appropriate action.

15. Medical Disclaimer

The content of this website is provided for general educational purposes only and does not constitute
personal medical advice or a diagnosis.
You should not rely solely on online information when making decisions about your health or treatment.
A proper evaluation requires a physical examination and direct consultation with a qualified ophthalmologist.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements.
The “Last updated” date at the top of this page indicates the most recent revision.

We encourage you to review this page periodically.
Your continued use of the website after any update constitutes your acceptance of the revised Privacy Policy.

17. Contact

If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us at:

E-mail: mylumineyes@gmail.com
Website: https://mylumineyes.com