General Data Protection Regulation (GDPR)
GENERAL CLARIFICATION TEXT
In accordance with Article 10 of the Law No. 6698 on the Protection of Personal Data (“Law”), titled “Informing Obligation of the Data Controller”, which aims to protect the fundamental rights and freedoms of individuals, especially the privacy of private life in the processing of personal data and the Communiqué on the Procedures and Principles to be Followed in Fulfilling the Obligation to Light, published in the Official Gazette dated March 10, 2018 and numbered 30356, we aim to inform you about your personal data processed with this Clarification Text.
1. IDENTITY OF DATA CONTROLLER
Bilgi Birikim Sistemleri has the title of Data Controller in accordance with the Law in terms of personal data obtained from our employees, employee candidates, customers, potential customers, visitors, suppliers / consultants / support service providers, shareholders and employees and officials of our subsidiaries.
You can contact us via the following information:
Address : Yeni Sahra Mah. Fatih Cad. No:8 Ataşehir/ Istanbul
Phone : +90 216 3739800
Fax : +90 216 3739993
E-mail : firstname.lastname@example.org
Website : www.bilgibirikim.com
2. WHAT IS THE PURPOSE OF PROCESSING PERSONAL DATA?
Within the scope of your relationship with our company.
- Your identity information such as name, surname, place of birth, date of birth, age, photo, identity card, identity number,
- Your contact information such as work address, home address, e-mail, telephone, mobile phone, residence address, address registration system records,
- Your data on family status such as marital status, number of children, data on spouse and relatives, identity, financial status, education,
- Your education, business, and professional life data such as employment history, employer name, graduated school, student number, professional competencies, CV information, and bank account data such as bank account number, IBAN number,
- Employee data including all the information required for the creation of the personnel file, any survey, report, information on work, training or interview related to the performance and career development of the employee, information on any fringe rights or benefits to be offered to the employees, and other similar information,
- Data related to the security of our Company premises, such as camera recordings, visitor recordings, entrance and exit records to the facilities,
- Cyber security data including usernames, passwords, audit trails, IP address, WEB page access logs, notifications and other data and logs that may be related to the security of the corporate cyberspace,
- Audit and inspection records, audit and inspection reports, information on inspections performed for audit and inspection purposes, and data that may be related to other audit and inspections are processed for the following purposes.
- Execution of Human Resources processes and activities, planning of information security processes, their supervision and execution, creation, and management of information technology infrastructure,
- Follow-up of finance and/or accounting works,
- Contract management, establishment of legal proceedings and follow-up of legal processes, ensuring facility and personnel security,
- Our company's ability to fulfill its contractual and legal obligations completely and duly,
- Evaluating and responding to the suggestions, requests, complaints, and malfunction notifications you send to us and making improvement studies in accordance with the notifications,
- Organizing and executing domestic and international purchasing, procurement, transportation, logistics, import and customs transactions,
- Contacting our affiliates and their employees, backing up data to ensure security.
- Within the scope of "sensitive personal data" under the law.
- Health-related data such as blood type, disease history, test and examination results, disability status, association, foundation, or union membership data,
- Data on criminal convictions and security measures can be processed for the following purposes:
- Fulfilling our legal obligations,
- Giving information to authorized organizations based on legislation, taking work health and safety measures, creating, and keeping personal files, ensuring safety,
- Evaluation of applications of applicants.
3. TO WHOM AND FOR WHAT PURPOSES YOUR PROCESSED PERSONAL DATA MAY BE TRANSFERRED?
Within the scope of the provisions of the Law on the transfer of personal data and its transfer abroad, your personal data may be shared with the relevant tax offices and banks, public institutions, courts, enforcement offices, law enforcement agencies, third-party real and legal persons with whom we are associated, service providers and their officials, our business partners and officials, our Company employees, suppliers and employees for the purposes set forth in article 2 of this Clarification Text.
4. WHAT METHODS AND LEGAL REASONS ARE WE BASED ON WHEN WE COLLECT YOUR PERSONAL DATA?
Article 4.1. METHOD OF COLLECTING PERSONAL DATA
Our company collects your personal data during the establishment of your legal relationship with our company and during your visit to our company if it is in physical, verbal, written or electronic media considering requests and applications sent over the internet, telephone, e-mail, and takes the necessary measures within the framework of the legislation to ensure the confidentiality and security of the personal data in question.
Article 4.2. LEGAL REASON FOR COLLECTING PERSONAL DATA
Your personal data is collected, stored, and processed based on one or more of the following legal compliance reasons, and transferred provided that adequate precautions are taken in accordance with Article 5 and Article 8 of the Law:
- Having your explicit consent,
- It is clearly stipulated in the legislation to which our company is subject,
- To comply with the principles and rules in the national and international arena, to comply with the information storage, reporting and information obligations stipulated by the legislation and official authorities,
- Provided that it is directly related to the establishment or performance of a contract, it is necessary to process the personal data of the parties to the contract, to be able to offer the requested products and services and to fulfill the requirements of the contracts you have concluded,
- It is compulsory for the fulfillment of the legal obligation, it has been performed public by the person concerned,
- Data processing is mandatory for the establishment, exercise, or protection of a right,
- Data processing is mandatory for the legitimate interests of the data controller if it does not harm the fundamental rights and freedoms of the data subject.
Special categories of personal data, which includes the data of individuals regarding membership of associations, foundations or unions, health, criminal convictions, and security measures, are collected, stored and processed based on the following legal compliance reasons:
- Having your explicit consent,
- Personal data except than health, without seeking explicit consent in cases stipulated by law,
- Personal data related to health, on the other hand, are not required for the explicit consent of the person concerned, or authorized institutions and organizations, who are under the obligation to keep secrets, only for the purpose of protecting public health, performing preventive medicine, medical diagnosis, treatment, and care services, planning and management of health services and financing.
Article 4.3. EXPLICIT CONSENT
If the processing of your personal data is subject to the condition of obtaining your consent in accordance with the Law No. 6698, you will also be presented with an "Explicit Consent Text", and you can always withdraw your explicit consent by applying to us.
If you wish to withdraw your explicit consent, you must contact our Company at the address of email@example.com .
Withdrawal of your consent will only be applied for the future and will not affect the legality of data processing carried out in the past.
Article 5. WHAT ARE YOUR RIGHTS AS A “RELATED PERSON” UNDER THE LAW?
You have the following rights under the law:
- Learning whether your personal data has been processed, requesting information if your personal data has been processed,
- Learning the purpose of processing your personal data and whether it is used in accordance with its purpose, knowing the third parties in the country or abroad to whom your personal data is transferred,
- Requesting correction of your personal data if it is incomplete or incorrectly processed,
- Requesting the deletion or destruction of your personal data within the framework of the conditions stipulated in Article 7 of the Law,
- Requesting that your personal data be corrected in case of incomplete or incorrect processing and in case your personal data is deleted or destroyed within the framework of the conditions stipulated in Article 7 of the Law, notifying the third parties to whom the personal data has been transferred,
- Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,
- Requesting the removal of the damage in case you suffer damage due to the unlawful processing of personal data.
You can submit your requests with your petition to the “Yeni Sahra Mah. Fatih Cad. No: 8 Ataşehir / Istanbul" address by hand or you can send it via a notary public within the scope of the above-mentioned rights.
Required at application.
- Name, Surname, and signature if the application is written,
- Identification number for citizens of the Republic of Turkey, nationality, passport number or identification number, if any, for foreigners,
- Domicile or work address based on notification,
- E-mail address, telephone, and fax number for notification, if any,
- Finding the subject of the request
Your requests in the application will be finalized as soon as possible and within 30 days at the latest depending on the nature of the request.
A processing fee may be charged for each page over 10 pages in case of a written response to the application.
If the response to the application is given in a recording medium such as a CD or flash memory, a fee may be charged in the amount of the cost of the recording medium.
It is important that the personal data we keep about you is accurate and up to date.
Therefore, if there is a change in your personal data, please inform us.
Bilgi Birikim Sistemleri Electronic and Computer Industry Engineering Services San. Tic. Ltd. Şti.
Personal Data Application Form (TR)