Due to the sensitivity of the works we have dealt with as the Company, the personal data collected has been kept confidential and has never been shared with third parties out of purpose. The basic policy of our company is the protection of personal data by complying with the relevant laws. Before any legal regulation, our Company attached great importance to the confidentiality of personal data and adopted this as a working principle. Again, in accordance with the Personal Data Protection Law No. 6698, all technical and administrative measures have been taken within the company, and in the ongoing process, we, as the Company, are obliged to comply with all responsibilities brought by the Law on Protection of Personal Data. Scope
Basic Principles Regarding Processing Personal Data
Compliance with the law and honesty rules: The company questions the source of the data it collects or comes from other companies and attaches importance to obtaining these in accordance with the law and good faith.
Accurate and up-to-date when necessary: The company attaches importance to the fact that all data within the organization are correct, do not contain false information, and finally, if there are changes in personal data, they are updated if they are communicated to them.
Processing for specific, explicit and legitimate purposes: The company processes data only for the purposes it provides and obtains consent from individuals during the service. It does not process, use and make available data other than business purposes.
Being connected, limited and proportionate to the purpose for which they are processed: The company only uses the data for the purposes for which it is processed and to the extent required by the service.
Preservation for the period stipulated in the relevant legislation or required for the purpose for which they are processed: The Company preserves the data arising from the contracts for the duration of the dispute, the requirements of the commercial and tax law. On the other hand, when these purposes disappear, it deletes, destroys or anonymizes the data at the request of the relevant person or ex officio.
Rights of Personal Data Owner as Stipulated in Article 11 of KVKK
According to article 11 of KVKK, you have the following rights. Personal data owners; Learning whether personal data is processed; If personal data has been processed, requesting information regarding this; Learning the purpose of processing personal data and whether they are used appropriately for their purpose; To know the third parties in the country or abroad to whom personal data have been transferred; To request correction of personal data in case of incomplete or incorrect processing and to notify third parties to whom personal data are transferred; Within the framework of the conditions stipulated in Article 7 of the KVKK, although it has been processed in accordance with the provisions of the KVKK and other relevant laws, in the event that the reasons for its processing disappear, to request the deletion or destruction of personal data and to notify the third parties to whom the personal data has been transferred; To object to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems; In case of damage due to unlawful processing of personal data, it has the right to demand the compensation of the damage.
For the stated reasons, our Company has prepared the Application Form specified in the Clarification Text for the Processing and Protection of Personal Data for the rights of the subject personal data owner; It must be sent to us in written form or as specified by the Board by filling out the aforementioned form.
Maximum Saving Policy / Stinginess Policy
In accordance with this principle, the data received by the Company are only processed into the system as necessary. Therefore, what data we collect is determined by the purpose. Unnecessary data are not collected. Other data transferred to our company are also transferred to company information systems. Extra information is not saved in the system, deleted or anonymized. These data can be used for statistical purposes.
Deletion of Personal Data
Personal data are deleted, destroyed or anonymized by the Company automatically or at the request of the person concerned, when the periods required by law to be stored, the completion of the judicial processes or other requirements are eliminated. These data are deleted and destroyed in accordance with the "Personal Data Storage, Transfer, Deletion and Anonymization Policy".
Accuracy and Data Freshness
As a rule, the data within the company is processed on the statement of the relevant persons, as declared. The company is not obliged to investigate the accuracy of the data declared by customers, employees or any relevant persons contacting the Company, nor is this done legally and due to our working principles. The data declared by the concerned parties are accepted as correct. The personal data processed by our company upon the request of the person concerned or the official documents received by our company are updated and the registration continues for the specified period. Necessary measures are taken by the Company for the purpose of data security.
Privacy and Data Security
Processing Private Personal Data of Employees
Special quality personal data; According to the law, individuals' race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, dress and dress, association, foundation or trade union membership, health, sexual life, criminal conviction and data on security measures and biometric and includes genetic data. The Company takes adequate measures determined by the Board in addition to the approval of the relevant person in the processing of special quality data. Special quality personal data can only be processed in relation to the cases permitted by the Law and to a limited extent without the consent of the person. In our company, special quality personal data are processed in accordance with the "Protection and Processing Policy of Special Quality Personal Data".
Personal Data Processed by Automatic Systems Some personal data of employees can be processed in automatic systems. The aforementioned data are used in performance evaluation of employees, keeping statistical data, promotions and scoring for the Company. Employees have the right to appeal against unfavorable consequences. The objection must be made in accordance with the internal rules and procedure. The said objection is evaluated within the Company. Processing of Personal Data for the Benefit of Employees
Personal data of the employees can be processed by the Company for transactions related to the benefit of the employee without obtaining approval. Again, in disputes regarding the Company's business relationship, the Company may process personal data of employees.
In-House Telecommunications, Internet And Communication
Computers, phones, cars, applications, software and e-mails can be allocated to internal employees by the Company in order to facilitate the performance of the work. The company can control and control the personal data on the vehicles it has allocated, while the employee cannot use the vehicles allocated to him for private purposes. It is mandatory to use it only to ensure the performance of the work. Again, the employee accepts, declares and undertakes that the vehicles allocated from the moment the working relationship with the Company starts will not contain any data or information other than the necessity of the job and the job.
If a contractual relationship has been established with customers, prospective customers, employees and all other interested parties, the personal data collected can be used without their consent. However, this use takes place for the purpose of the contract. Data are used in line with the requirements of the service and better execution of the contract and updated by contacting the customers when necessary.
Personal data can only be processed without further consent, for the purpose of explicitly stipulating the data processing in the relevant Law and / or to fulfill a legal obligation specified in the Law. The type and scope of the processed data must be necessary for the data processing activity permitted by law and compliance with the relevant legal provisions is essential.
The company carries out the necessary internal and external audits for the protection of personal data.
Personal data belonging to employees may be processed by the Company without a separate approval in order to fulfill the obligation stipulated by the Law or to fulfill the obligation stipulated by the Law. The processing of the data in question is limited to the fulfillment of the obligations arising from the Law. Personal data of the employees can be processed without the consent of the employees within the framework of proportionality as necessary to ensure the business relationship between the company and the employees. The company undertakes to protect the data belonging to employees under all circumstances, to confidentiality and to take all kinds of measures in this regard.
The Company has the authority to transfer personal data domestically and internationally within the conditions determined by the Board and in accordance with the other conditions in the Law and subject to the consent of the person.
In accordance with the "Law on the Regulation of E-Commerce" and the "Regulation on Commercial Communication and Commercial Electronic Messages" and sent for advertising purposes, electronic messages for advertising purposes can only be sent to those who have received prior approval. The said confirmation from the person to whom the advertisement will be sent can be obtained clearly, in writing, in physical environment or by any electronic communication means. The approval to be obtained should cover all commercial electronic messages sent to the electronic contact addresses of the buyers in order to promote your company's goods and services, to market it, to promote its business, or to increase its recognition with content such as celebrations and wishes.
In the event of any breach of personal data, the Company takes immediate action to remedy the violations reported to it. It takes all necessary measures to minimize the damage of the person concerned. In this context, it compensates by minimizing the damage. In the event that personal data and / or special personal data are obtained by unauthorized third parties, the Company immediately notifies the Personal Data Protection Board. For the notification of violations, you must apply according to the procedures specified on our Company's website.