1. INTRODUCTION
According to Article 20 of the Constitution of the Republic of Turkey (https://www.anayasa.gov.tr/tr/mevzuat/anayasa/), everyone has the right to request the protection of personal data regarding themselves. This right also includes the right to be informed about personal data about oneself, to access this data, to request its correction or deletion, and to learn whether it is used for its purposes.
Within the scope of exercising the said constitutional right, the Personal Data Protection Law No. 6698 ("KVKK"), which regulates the protection of the fundamental rights and freedoms of individuals in the processing of personal data and the obligations of real and legal persons processing personal data and the procedures and principles they will comply with, has been published and entered into force. (“ TEKNOKROM MAKINE VE EKİPMANLARI&TEKNİKİŞ İBRAHİM İLHAN ÖZGÜNER ”) shows the necessary care regarding the compliance determined in accordance with KVKK and makes it a company policy with this Personal Data Protection and Processing Policy (“Policy”).
The subject of the Policy; Protection of personal data of Candidate Employees, Employees, Dealers, Suppliers, Contractors, Visitors, Employees of Institutions We Cooperate with, Customers and Third Parties (Guarantor, Victim/Rightholder) by the "COMPANY". Activities carried out to protect the personal data of our employees are managed within the framework of the disciplinary regulations, personnel explicit consent, personnel confidentiality procedures and supplier confidentiality agreements carried out within the scope of the COMPANY's Information Security Management System.
2. PURPOSE
The purpose of this Policy is to make statements about the personal data processing activities carried out by the COMPANY in accordance with KVKK and the principles adopted for the protection of personal data, and in this context to Employee Candidates, Dealers, Suppliers, Contractors, Visitors, Employees of the Institutions We Collaborate with, and Customers. is to ensure transparency by informing the persons whose personal data are processed by the COMPANY, especially the entitled Third Parties.
3. SCOPE
Data owners whose personal data are processed within the scope of this Policy are categorized as follows:
| Employee Candidates |
Real persons who make their CV and relevant information accessible to the COMPANY by applying for a job at the COMPANY or by any means. |
|
Employees of the Institutions We Collaborate |
Employees of institutions that have business relations with the COMPANY |
|
Dealer |
COMPANY To act as an intermediary in the sale of products on behalf and account of theCOMPANY in a certain place or region on a permanent basis and to provide these COMPANY real and legal persons who undertake to act on behalf of the contract, carry out the preparatory work before the conclusion of the contract and assist in the implementation of the contract |
|
Suppliers |
COMPANY legal and real persons from whose dealers the planned purchases will be made (within the scope of Supplier Confidentiality Agreements). |
|
Contractors |
COMPANY or its dealers COMPANY legal and real persons who undertake to carry out a work related to construction or trade on behalf of theCOMPANY |
|
Customers |
Regardless of whether there is any contractual relationship, COMPANY Natural persons whose personal data are obtained due to business relationships within the scope of activities carried out by |
|
Visitors |
Real persons who entered the COMPANY's physical facilities for various purposes or visited its websites |
|
Third Parties |
Although not defined in the Policy, suppliers, guarantors, victims/beneficiaries, family members, etc. whose personal data are processed within the framework of this Policy. Other natural persons, including but not limited to |
4. DEFINITIONS
Definitions used in this Policy are listed below:
|
Explicit consent |
Consent regarding a specific issue, based on information and expressed with free will |
|
Employee |
All real persons who work for a definite or indefinite period, dependent on the COMPANY |
|
Employee candidate |
Real persons who make their CV and relevant information accessible to theCOMPANY by applying for a job at the COMPANY or by any other means |
|
Employee Data Subject Application Form |
COMPANY application form that its employees will use when applying regarding their rights as personal data owners as described in Article 11 of the KVK Law |
|
Relevant User |
Excluding the person or unit responsible for the technical storage, protection and backup of data, persons who process personal data within the data controller organization or in line with the authority and instructions received from the data controller |
|
Personal health data |
Any health information regarding an identified or identifiable natural person |
|
Personal data |
Any information regarding an identified or identifiable natural person |
|
Processing of personal data |
Obtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, making available, classifying personal data by fully or partially automatic or non-automatic means provided that it is part of any data recording system. or any action performed on the data, such as preventing its use |
|
KVK Law |
Personal Data Protection Law No. 6698 |
|
KVK Board |
Personal Data Protection Board |
|
KVK Institution |
Personal Data Protection Authority |
|
Special personal data |
Data about people's race, ethnic origin, political thought, philosophical belief, religion, sect or other beliefs, appearance and dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures, as well as biometric and genetic information data |
|
TCK |
Turkish Penal Code No. 5237 |
|
Data processor |
Natural or legal person who processes personal data on behalf of the data controller based on the authority given by him/her |
|
Personal data owner |
The natural person whose personal data is processed and who is considered as the "relevant person" in the KVK Law |
|
Personal Data Owner Application Form |
COMPANY application form that personal data owners, whose personal data are processed, will use when applying for their rights explained in Article 11 of the KVK Law |
|
Deletion of Personal Data |
Deletion of personal data is the process of making personal data inaccessible and unusable for the relevant users in any way. |
|
Destruction of Personal Data |
Destruction of personal data is the process of making personal data inaccessible, irretrievable and unusable by anyone. |
|
Anonymization of Personal Data |
Anonymization of personal data means making personal data impossible to associate with an identified or identifiable natural person in any way, even if it is matched with other data |
|
Data controller |
The natural or legal person who determines the purposes and means of processing personal data and is responsible for establishing and managing the data recording system |
|
Visitor |
Natural persons who have entered the COMPANY's physical facilities for various purposes or visited its websites |
|
Data Controllers Registry |
Data controllers' registry maintained by the Personal Data Protection Board |
|
Data Inventory |
The personal data processing activities carried out by the COMPANY depending on its business processes; The inventory created and detailed by associating it with the personal data processing purposes, the recipient group to which the personal data is transferred, and the relevant personal data owner group |
5. GENERAL PRINCIPLES REGARDING THE PROCESSING OF PERSONAL DATA
In accordance with Article 3 of the KVKK, personal data is obtained, recorded, stored, preserved, changed, rearranged, disclosed, transferred, taken over, made available, classified, in whole or in part, by non-automatic and/or automatic means. Any action performed on data, such as preventing its use or use, falls within the scope of processing personal data.
It is mandatory to comply with the following principles in the processing of personal data:
Being in compliance with the law and the rules of honesty
COMPANY personal data processing activities; Compliance with Legal Requirements and Control Procedure, Turkish Republic Constitution, KVKK ;executes in accordance with the relevant legislation and rules of honesty.
Being accurate and up to date when necessary
While the processing of personal data is carried out, all kinds of administrative and technical measures are taken by theCOMPANY to ensure the accuracy and up-to-dateness of personal data.
Processing for specific, clear and legitimate purposes
COMPANY clearly and precisely determines the purpose of processing personal data before starting the processing of personal data.
Being related to the purpose for which they are processed, limited and proportionate
Personal data are processed by the COMPANY for specific, explicit and legitimate purposes as necessary in connection with the relevant purpose. Data processing is not carried out with the assumption that it can be used later.
Keeping for the period stipulated in the relevant legislation or necessary for the purpose for which they are processed
COMPANY keeps personal data limited to the period stipulated in the KVK Law and relevant legislation or required for the purposes of data processing activity.
6. PROCESSING OF PERSONAL DATA
COMPANY conducts its personal data and special personal data processing activities in accordance with the data processing conditions set out in Articles 5 and 6 of the KVKK.
6.1. TERMS OF PROCESSING OF PERSONAL DATA
COMPANY can process personal data with the express consent of the personal data owner or without explicit consent in the cases stipulated in Article 5 of the KVK Law and listed below:
- Clearly prescribed by law.
- It is necessary for the protection of the life or physical integrity of the person or someone else who is unable to express his/her consent due to actual impossibility or whose consent is not given legal validity.
- It is necessary to process personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract.
- It is mandatory for the COMPANY to fulfill its legal obligation.
- The personal data has been made public by the owner.
- Data processing is mandatory for the establishment, exercise or protection of a right.
- It is mandatory to process data for the legitimate interests of the COMPANY, provided that it does not harm the fundamental rights and freedoms of the personal data owner.
6.2. PROCESSING OF SPECIAL PERSONAL DATA
COMPANY processes special personal data that pose a risk of discrimination when processed against the law, in accordance with the data processing conditions set out in Article 6 of the KVK Law.
The processing of special personal data is prohibited without the express consent of the personal data owner. However, personal data other than health and sexual life, in cases stipulated by law; Personal data regarding health and sexual life are processed only for the purposes of protecting public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and their financing, by persons under the obligation of confidentiality or authorized institutions and organizations, with the express consent of the relevant person. It can be processed without any need.
The measures determined by the KVK Board for special personal data processing activities are effectively implemented by theCOMPANY
6.3. CATEGORIZATION OF PERSONAL DATA PROCESSED BY OUR COMPANY Categories of Personal Data Processed by the COMPANY
|
Personal Data Category |
Description |
Data to which Relevant Personal Data is Related Owner Category |
|
Identity Information |
Without limitation, name-surname, TR ID number, nationality information, parents' names, place of birth, date of birth, gender and SSI number; in documents such as driver's license, identity card, residence permit all information |
Customers, Third, Persons, Suppliers, Visitors, Employee Candidates, Employees of Institutions We Collaborate |
|
Contact Information |
Phone number, address, e-mail, fax Information such as number |
Customers, Employee Candidates, Visitors, Suppliers |
|
Customer Information |
Obtained about the relevant person as a result of our commercial activities and the operations carried out by our business units within this framework and the information produced |
Customers |
|
Customer Transaction Information |
Records regarding the use of our products and services and those required for the customer's use of products and services Information such as instructions and requests |
Customers |
|
Process Security Information |
Processed to ensure technical, administrative, legal and commercial security during the conduct of the COMPANY's commercial activities personal data |
Customers, Visitors, Suppliers |
|
Risk Management Information |
Used in accordance with generally accepted legal, commercial practices and honesty rules in these areas so that we can manage our commercial, technical and administrative risks personal data processed through methods |
Customers, Visitors, Suppliers, Employee Candidates, Employees |
|
Financial Information |
Information, documents and documents showing all kinds of financial results created according to the type of legal relationship established with the personal data owner personal data processed regarding records |
Customers, Suppliers, Dealers |
|
Employee Candidate Information |
COMPANY employee has applied to become a member or has applied for commercial practice and |
Employee Candidates |
|
|
Personal data processed regarding individuals who have been evaluated as employee candidates in line with the human resources needs of theCOMPANY in accordance with the rules of integrity or who are in a working relationship with theCOMPANY . |
|
|
Legal Procedure and Compliance Information |
Within the scope of determining and pursuing our legal receivables and rights and fulfilling our debts personal data processed |
Customers, Employee Candidates, Suppliers, Third Parties |
|
Audit, Inspection and Compliance Information |
LEGAL OBLIGATIONS OF THE COMPANY Personal data processed within the scope of compliance with company policies |
Customers, Employee Candidates, Visitors, Suppliers |
|
Special Personal Data |
KVK Law As stated in article 6; Data regarding people's race, ethnic origin, political thought, philosophical belief, religion, sect or other beliefs, appearance and clothing, association, foundation or union membership, health, sexual life, criminal conviction and security measures, and biometric and genetic data,< /p> |
Customers, Employee Candidates, Third Parties, and Employees of the Institutions We Collaborate |
|
Marketing Information |
The personal data owner's usage habits, tastes and needs privatized in line with personal data processed for marketing purposes and as a result of this processing created reports and evaluations |
Müşteriler |
|
Request / Complaint Management Information |
Anything directed to COMPANY Personal data regarding the receipt and evaluation of any request or complaint. |
Customers, Employee Candidates |
7. ENSURING THE SECURITY AND CONFIDENTIALITY OF PERSONAL DATA
COMPANY In accordance with Article 12 of the Personal Data Protection Law, it provides all necessary technical services to ensure the lawful processing and preservation of the personal data it processes and to prevent unlawful access to such personal data. and takes administrative measures.
The Company's KVKK unit, which undertakes the corporate compliance function, is responsible for the internal coordination within the Company regarding the adequate and effective execution of the activities within the framework of the KVK Law as a whole within the framework of this policy. In this context, the unit in question;
- Submitting this policy to the Board of Directors for approval within the scope of monitoring it and updating it when necessary,
- Establishing other policies and procedures other than this policy regarding the protection, processing and destruction of personal data in coordination with the relevant Company units,
- Delegating the necessary tasks for the implementation of policies and procedures and submitting them to senior management for approval,
- Following up and planning the inspection of the implementation of all kinds of technical and administrative measures taken in accordance with Article 12 of the Law,
- Following up the processes regarding applications and requests made by personal data owners and ensuring the necessary coordination to solve any problems that may arise,
- Determining the issues that need to be done to ensure compliance with the KVK Law and relevant legislation and supervising their implementation,
- Authorized to carry out relations with the Personal Data Protection Board, and
7.1. TECHNICAL MEASURES TAKEN TO ENSURE THE LEGAL PROCESSING OF PERSONAL DATA AND PREVENT ILLEGAL ACCESS
All kinds of technical security measures have been taken to protect personal data and an adequate level of protection has been provided against possible risks. The main technical measures taken are listed below.
- COMPANY authorization and access controls are periodically implemented on systems that provide access to personal data.
- Technical measures taken are also observed independently of executive activities within the scope of risk management, internal control and internal audit processes.
- Employment of personnel with sufficient expertise
7.2. ADMINISTRATIVE MEASURES TAKEN TO ENSURE THE LAWFUL PROCESSING OF PERSONAL DATA AND PREVENT ILLEGAL ACCESS
-
COMPANY employees are trained and made aware of compliance with the KVKK Law.
- In cases where personal data is transferred, general conditions are established with the parties to whom personal data is transferred and the obligations that must be fulfilled for the security of personal data in accordance with the KVKK Law, and these are signed on the basis of the counterparty.
- In order to meet the requirements determined for compliance with the KVKK Law, implementation rules are determined on the basis of business units, and the necessary administrative measures to ensure their continuity are provided through in-company procedures and training. Not to process, disclose and comply with the contracts and documents governing the legal relationship between
- COMPANY and the counterparties, except forCOMPANY's instructions and exceptions brought by the Law. Records are placed that impose an obligation not to use it, awareness of employees is created on this issue and inspections are carried out.
7.3. MEASURES TO BE TAKEN IN CASE OF ILLEGAL DISCLOSURE OF PERSONAL DATA
An internal procedure has been developed to ensure that if personal data processed within the framework of the requirements for compliance with the KVKK Law are obtained by others through illegal means, this situation is notified to the relevant data owner and the KVKK Board as soon as possible.
8. PURPOSES OF PROCESSING OF PERSONAL DATA AND STORAGE PERIOD
- PURPOSES OF PROCESSING PERSONAL DATA
Personal data is processed by the COMPANY for the following purposes:
- Managing goods/service after-sales support processes,
- Receiving and evaluating suggestions for improving business processes,
- Execution of customer relationship management processes,
- Carrying out activities aimed at customer satisfaction,
- Executing the marketing processes of products / services,
- Execution of advertising / campaign / promotion processes
- Planning and execution of our company's commercial and/or business strategies,
- Performance of Finance and Accounting Affairs
- Following and Execution of Legal Affairs
- Execution of Logistics Activities
- Execution of Goods / Service Purchasing Processes
- Execution of Goods / Service After-Sales Support Services
- Execution of Goods / Service Sales Processes
- Execution of Goods / Service Production and Operation Processes
- Execution of Customer Relationship Management Processes
- Execution of Contract Processes
- Execution of Strategic Planning Activities
- Conducting Marketing Analysis Studies
- Execution of Activities for Customer Satisfaction
- Execution of Customer Relationship Management Processes
- Execution of Wage Policy
8.2. STORAGE PERIOD OF PERSONAL DATA
COMPANY determines whether a certain period of time is foreseen in the relevant legislation for the storage of personal data, and complies with Article 138 of the Turkish Penal Code and Articles 4 and 7 of the KVKK Law. aspect; It ensures that the processed personal data is retained only for the period stipulated in the relevant legislation, or for the period required for the purpose of personal data processing, if no period is stipulated in the relevant legislation.
9. DELETION, DESTRUCTION AND ANONYMOSIS OF PERSONAL DATA
If the purpose of processing personal data has expired and the storage periods determined by the relevant legislation and/or theCOMPANY have come to an end, personal data may be processed at the request of the data owner or ex officio COMPANY is deleted, destroyed or anonymized by
The procedures and principles regarding this issue have been determined within the framework of the Personal Data Protection Law and the Regulation on Deletion, Destruction or Anonymization of Personal Data.
9.1. TECHNIQUES FOR DELETION AND DESTRUCTION OF PERSONAL DATA
It is essential that personal data be deleted and destroyed by methods appropriate to the recording environment. Regarding the deletion and destruction techniques of personal data, the deletion or destruction techniques that are likely to be used by the COMPANY are listed below:
- Physically destroy
Personal data can also be processed by non-automatic means, provided that it is part of any data recording system. When such data is deleted/destroyed, a system of physical destruction of personal data in such a way that it cannot be used later is implemented.
- Secure Deletion/Destruction from Software
When data processed wholly or partially automatically and stored in digital media is deleted/destroyed; Methods are used to delete the data from the relevant software so that it cannot be recovered by certain people or in any way.
- Secure Deletion/Destruction by Expert
COMPANY in some cases, it may contract with an expert to delete/destroy personal data on its behalf. In this case, personal data is securely deleted/destroyed by an expert in this field so that it cannot be recovered again.
9.2. TECHNIQUES FOR ANONYMIZING PERSONAL DATA
Anonymizing personal data means making Personal Data impossible to associate with an identified or identifiable natural person in any way, even by matching it with other data.
In accordance with Article 28 of the KVKK Law; Anonymized personal data may be processed for purposes such as research, planning and statistics. Such processing is outside the scope of the KVKK Law and the express consent of the personal data owner will not be required. Since personal data processed by anonymization will be outside the scope of the KVKK Law, the rights set out in Section 12 of this Policy will not be valid for this data. The anonymization techniques most likely to be used by the COMPANY are listed below.
- Masking
Data masking is a method of anonymizing personal data by removing the basic identifying information of personal data from the data set.
- Consolidation
With the data aggregation method, many data are aggregated and personal data is made unable to be associated with any individual.
- Data Derivation
With the data derivation method, a more general content is created from the content of personal data and it is ensured that personal data cannot be associated with any individual.
- Data Mixing
With the data mixing method, the connection between values and individuals is broken by mixing the values in the personal data set.
10. THIRD PARTIES TO WHICH PERSONAL DATA IS TRANSFERRED AND THE PURPOSES OF TRANSFER
The procedures and principles to be applied in personal data transfers are regulated in Articles 8 and 9 of the KVKK Law. In order to fulfill the services offered by the COMPANY, personal data is processed according to the Labor Law, Occupational Health and to real persons or private law legal entities, It can be transferred to our business partners, affiliates and subsidiaries, organizations from which we receive information technology support, and authorized public institutions and individuals.
It is not possible to transfer personal data without the express consent of the personal data owner, except for the exceptional cases specified in the KVKK Law.
10.1. TRANSFER OF PERSONAL DATA DOMESTIC
In accordance with Article 8 of the Personal Data Protection Law, the transfer of personal data within the country is subject to Article 6.1 of this Policy titled "Terms of Processing of Personal Data". It is possible, provided that one of the conditions specified in the section is met.
10.2. TRANSFER OF PERSONAL DATA ABROAD
In accordance with Article 9 of the KVKK Law, in case personal data is transferred abroad, in addition to the conditions for domestic transfers being met, one of the following conditions is required:
- The country to be transferred must be considered among the countries with adequate protection declared by the KVKK Board
- If there is no adequate protection in the country to be transferred, the data controllers in Turkey and the relevant foreign country must undertake in writing to provide adequate protection and have the permission of the KVKK Board for this.
10.3. PERSON GROUPS TO WHICH PERSONAL DATA IS TRANSFERRED BY OUR COMPANY
The COMPANY may transfer the personal data of personal data owners within the scope of this Policy, in accordance with Articles 8 and 9 of the KVKK Law, to the following person groups for the specified purposes:
|
PERSON GROUPS |
DEFINITION |
PURPOSE OF TRANSFER |
|
Public Institutions and Organizations |
Public institutions and organizations requesting the COMPANY's information and documents in accordance with the relevant legislation |
Limited to the purpose requested by the relevant public institutions and organizations |
|
Private Legal Persons |
Private legal persons with whom the COMPANY shares information and documents in accordance with the relevant legislation |
Within the framework of the relevant legislation provisions and limited to the purpose of continuing its service in the areas where the COMPANY operates |
11. OUR COMPANY'S DISCLOSURE OBLIGATION
The COMPANY informs personal data owners during the collection of personal data, in accordance with Article 10 of the KVKK Law. In this context, the COMPANY fulfills its obligation to inform by providing the following information to personal data owners:
- Title of the COMPANY as data controller
- Purposes for which personal data will be processed
- To whom and for what purpose the processed personal data may be transferred
- Method and legal reason for collecting personal data
- Rights of the personal data owner
12. RIGHTS OF PERSONAL DATA OWNERS AND THE USE OF THESE RIGHTS
Personal data owners, in accordance with Article 13 of the KVKK Law, 12.1 of this section. If they submit their requests regarding their rights listed under the title to the COMPANY by filling and signing the Application Form using the methods specified below or other methods determined by the KVKK Board, the request in question is concluded free of charge, depending on the nature of the request.
On the COMPANY corporate website (“http://www.teknokrom.com.”) “……………………. After filling out the form under the "page" section;
A signed copy must be submitted personally or through a notary TEKNOKROM MAKİNE ve EKİPMANLARI A.O.S.B. 1009 STREET. NO:8 ÇİĞLİ, İZMİR or
- After signing with the "secure electronic signature" within the scope of the Electronic Signature Law No. 5070, the secure electronic signature form should be sent toFİRMA@hs03.kep.tr Sending via registered e-mail
The COMPANY may request information from the relevant person in order to determine whether the applicant is the personal data owner and may ask questions to the personal data owner regarding his/her application in order to clarify the issues included in the personal data owner's application.
12.1. RIGHT TO APPLICATION
Personal data owners have the right to request the COMPANY regarding the following issues in accordance with Article 11 of the KVKK Law:
- Learning whether personal data is being processed or not,
- If personal data has been processed, requesting information about it,
- Learning the purpose of processing personal data and whether personal data is used for its intended purpose,
- Learning about third parties to whom personal data is transferred domestically or abroad,
- Requesting correction of personal data if they are incomplete or incorrectly processed, and requesting that the action taken in this context be notified to third parties to whom personal data has been transferred,
- Requesting the deletion, destruction or anonymization of personal data in case the reasons requiring the processing of personal data are eliminated and requesting that the action taken in this context be notified to third parties to whom personal data has been transferred,
- Objecting to the emergence of a result unfavorable to the data owner by analyzing the processed data exclusively through automatic systems,
- Request compensation for the damage in case of damage due to illegal processing of personal data
12.2. SITUATIONS OUTSIDE THE SCOPE OF APPLICATION RIGHT
In accordance with Article 28 of the KVKK Law, it is not possible for personal data owners to assert their application rights since the following situations are excluded from the scope of the KVKK Law:
- Processing personal data for purposes such as research, planning and statistics by anonymizing them with official statistics.
- Processing of personal data for artistic, historical, literary or scientific purposes or within the scope of freedom of expression, provided that it does not violate national defence, national security, public security, public order, economic security, privacy of private life or personal rights or constitute a crime.
In accordance with the second paragraph of Article 28 of the KVKK Law, except for the right to demand compensation for damage, it is not possible for personal data owners to assert their rights in the following cases:
- Processing personal data is necessary for the prevention of crime or criminal investigation.
- Processing of personal data made public by the data subject.
12.3. RESPONDING PROCEDURE
In accordance with Article 13 of the KVKK Law, the COMPANY finalizes the application requests made by the personal data owner, free of charge, as soon as possible and within 30 (thirty) days at the latest, depending on the nature of the request. However, if the transaction requires an additional cost, it is possible to charge the fee in the tariff determined by the KVKK Board.
The COMPANY may accept the application request of the personal data owner, or reject it by explaining the reason for the following reasons, and notify the relevant person in writing or electronically of its response.
- Obstructing the rights and freedoms of other people
- Requires disproportionate effort
- The information is publicly available
- Endangering the privacy of others
- Existence of one of the situations that are excluded from the scope in accordance with the KVK Law
The personal data owner has the right to file a complaint with the KVKK Board within thirty days from the date of learning the response of the data controller and, in any case, within sixty days from the date of application, in cases where his/her application is rejected, the answer given is insufficient, or the application is not responded to in time.
13. PERSONAL DATA PROCESSING ACTIVITIES CONDUCTED WITHIN THE COMPANY AND DATA PROCESSING ACTIVITIES CONDUCTED ON THE WEBSITE
-
MONITORING WITH CAMERA
Camera monitoring is carried out inside the building where the COMPANY Headquarters and Dealers are located.
In line with the regulations in the KVKK Law, the COMPANY camera monitoring activities A notification letter regarding the activities in question is hung at the entrances of the areas where camera monitoring is carried out and the necessary information is provided on our website with this Policy.
Monitoring is not possible in areas that may result in interference with a person's privacy. Only a limited number of Company employees and, if needed, security company employees who act as suppliers can access security camera recordings. Those persons who have access to the records declare that they will protect the confidentiality of the data they access, with the confidentiality commitment they sign.
13.2. CUSTOMER ENTRANCES - EXITS VISITING THE COMPANY
Personal data processing activities are carried out to track the entry and exit of our guests visiting the COMPANY. The identity information of people coming to the COMPANY is processed only for the purpose of tracking their entry and exit and the relevant personal data It is recorded electronically in the registration system.
13.3. WEBSITE VISITORS
The internet movements of people who visit the COMPANY's website are recorded (via technical means, such as cookies) in order to show them customized content and to carry out online advertising activities.