Personal Data Protection Policy
Your personal data will be processed by our Company, in its capacity as Data Controller, pursuant to the Law on Protection of Personal Data numbered 6698 (“PDPL”), in connection with business purposes, by being used, recorded, stored, updated, transmitted and/or classified within the framework explained below. Within this scope, our Company takes all technical and administrative measures for establishing an appropriate level of security with an aim to prevent your personal data from being processed unlawfully, from being accessed unlawfully and to ensure they are safeguarded, pursuant to the Law and Regulations issued with an aim to protect the fundamental rights and freedoms of persons, in particular, the right to privacy, and with an aim to safeguard personal data.
The target audience of this text is all real persons whose personal data are processed by our Company, other than the employees of our Company or the employee candidates who have filed job applications with our Company.
Personal data that are processed in the capacity of data controller are cited below in the form of a non-exhaustive list;
Name, surname, Turkish identification number, address, telephone number, e-mail address, signature, physical location / security image recordings, call centre / service quality voice records, bank account number, cookie records
The purposes of and legal grounds for processing of personal data;
The personal data that have been shared by yourself will be processed; for the purpose that the necessary works are conducted, including, without limitation,
- for the purpose that the necessary works are conducted, including, without limitation, determining and implementation of commercial and business strategies of our Company, performance of marketing activities, execution of business development and planning activities, in order to allow you and / or institutions and corporations you represent to benefit from the products and services offered by our Company,
- in order that the administrative operations aimed at communication conducted by our Company are executed,
- in order to ensure physical security and control of the locations under the use of our Company,
- in order to establish business partner / customer / supplier (authorised person or employees) relationships,
- in order that contract requirements are met and financial agreement is reached with respect to products and services offered jointly with our business partners, suppliers or other third persons,
- in order that human resources policies of our Company are executed,
- for the purpose that the our Company’s call centre is called or website is used and/or
- for the purpose of ensuring participation into trainings, seminars or events organised by our Company.
Method of collection and storing of personal data;
The personal data you have shared with our Company may be collected through automatic or non-automatic means, by means of offices, branches, call centre, web site, social media platforms, mobile applications and similar means either verbally, in writing or electronically. Your personal data will be stored electronically and/or in physical environments. Our company implements design of business processes and technical security infrastructure improvements in order to ensure that the personal data provided and stored by our Company are not exposed to unauthorised access in the environments where they are stored, are not manipulated, lost and damaged.
Your personal data will be processed by taking all information security measures on the condition that they will not be used outside the purposes and scope notified to you and shall be stored for the time designated by legislation or if no such time period has been prescribed, for the time period as required by the purpose for which the data are being processed. After expiry of such time period, the personal data you provided may be removed from the data flows of our Company through the methods of deletion, destruction or anonymisation.
Transmission of Personal Data;
Your personal data may be transmitted, within the scope of Laws and other legislation and for the purposes explained, to;
- companies, our representatives which we have authorised, which operate in the name and for the account of our Company,
- regulatory and supervisory authorities, public institutions and or organisations which have been explicitly authorised in their governing laws to explicitly request your personal data,
- business partnerships, suppliers, and contractor companies, banks, credit risk and finance institutions and other real persons or legal entities within the scope of the purposes indicated,
- tax and similar advisors, required persons related with legal enforcement proceedings, third persons from whom we receive consultancy services, including auditors, and without limitation, business partners, service provider third persons, authorised persons and institutions for the purposes explained above, within or outside the country.
Your rights pursuant to Article 11 of PDPL;
You have the right to apply to our Company and
- learn whether or not your personal data have been processed;
- request information as to processing if your data have been processed;
- learn the purpose of processing of the personal data and whether data are used in accordance with their purpose;
- know the third parties in the country or abroad to whom personal data have been transferred;
- request rectification in case personal data are processed incompletely or inaccurately;
- request deletion or destruction of personal data within the framework of the conditions set forth under article 7 of PDPL;
- request notification of the operations made as per indents (e) and (f) to third parties to whom personal data have been transferred;
- object to occurrence of any result that is to your detriment by means of analysis of personal data exclusively through automated systems;
- request compensation of the damages in case you incur damages due to unlawful processing of personal data.
Pursuant to the 1st paragraph of Article 13 of the PDPL, you may convey your request to exercise your above-mentioned rights to our Company either in writing or through other means designated by the Personal Data Protection Committee.
In order to exercise your above-mentioned rights, you may deliver, in person, the necessary information evidencing your identity and your petition containing your request, or send the same through notary public or through other means designated by the Personal Data Protection Committee or transmit the same with secure electronic signature to the address email@example.com.