Personal Data Protection Law
As Çınar Engineering Colsulting Inc., we have the personal data of our parties regarding the limits and authorities permitted by laws and regulations in order to deliver the service we provide to you in the most accurate and appropriate way.
We would like to enlighten you in accordance with the Personal Data Protection Law No.6698, in order to protect the privacy, fundamental rights and freedoms, especially considering the security of your personal data. Due to our business relations, we want all parties with whom we have relationships to know that, as Çınar Engineering Colsulting Inc., we show maximum effort and sensitivity to the security of your personal data. In accordance with the legislation, as a data controller, all kinds of private and general personal data acquired within the scope of our service relationship will be recorded, stored, updated, disclosed to third parties, transferred, classified in accordance with the Law on the Protection of Personal Data and within the limits prescribed by the legislation, and It will be processed according to other procedures and principles specified in the legislation.
Our principles regarding the processing of personal data
As Cinar Engineering Consulting Inc.;
a) To operate in accordance with the law and good faith,
b) To strive to provide correct and up-to-date,
c) To be processed for specific, explicit and legitimate purposes,
ç) Being connected, limited and measured for the purpose for which they are processed,
d) We have adopted the principle of keeping them for the period stipulated in the relevant legislation or required for the purpose for which they are processed.
Which Data Do We Collect? What Is Our Purpose To Collect Data?
Personal data is any information that personally identifies you or can be used directly or indirectly to identify you. We collect your personal data through your use of the engineering and consultancy services of Çınar Engineering Colsulting Inc.
The categories of personal data we collect from you depend on the nature of your interaction with us or the service, they may include one or more of the following:
Your Personal Data collected;
Identity (It refers to data types such as name, surname, mother, father and sibling information, identity and driver's license serial number.)
Communication (It refers to data types such as e-mail address and mail signature information, contact address, telephone number.)
Customer Transaction (It refers to data types such as customer requests and requests, invoice, promissory note, check information, information on receipts, order information.)
Physical Space Security (It refers to data types such as entrance and exit registration information of guests and visitors, camera records.)
Transaction Security (If you use our guest network at our location, it refers to data types such as IP address information, website login and exit information.)
Finance (Refers to data types such as payment information, bank account information, financial performance information, credit and risk information.)
Health (Refers to data types such as establishment request, health status and periodic inspection information in project construction monitoring activities.)
Professional Experience (It refers to data types such as diploma information, courses attended, in-service training information, certificates, transcript information.)
Marketing (Refers to data types such as past service purchase information, surveys, cookie records.)
Visual and Audio Records (It refers to data types such as Visual and Audio recordings.)
Within the scope of the Law on the Protection of Personal Data, Articles 5 and 6, as Çınar Engineering Colsulting Inc., we, as Çınar Engineering Colsulting Inc., provide all our relevant parties to fulfill our company objectives in line with engineering, consultancy, consultancy and social research activities. To ensure that they receive the right, adequate and quality service, to ensure security, to ensure legal compliance, to fulfill our commercial requirements and obligations and, if any, contractual obligations, to fulfill our legal obligation as a data controller, to our legitimate interests, to establish, use and protect the right, to carry out operational processes and We collect it for the following other purposes;
Both the private sector and public institutions and organizations; EIA Environmental Impact Assessment (EIA), Environmental and Social Impact Assessment (ESIA), Environmental Management Plan, EIA Monitoring, Environmental Management, Social Impact Analysis and Management Planning, GIS (Geographical Information Systems) Applications, Biodiversity Detection and Monitoring, Management Plan (Wetland Management Plan, Development Plan etc.) Master Plan and Basin Planning, Water Resources Management Planning, Basin Based Water Quality and Biological Monitoring, Preparation of Water Rights Planning Report, Preparation of Ecosystem Evaluation Reports, Ecological Landscape Evaluation Reports and Landscape Repair Plans, Risk Assessment and Emergency Response Plan, Preparation of Coastal Facilities Feasibility and Modeling Report, Preparation of Soil Conservation Project, Air, Noise, Water Pollution, Waste Heat etc. Modeling, Water quality (Water and wastewater, seawater, lake, surface and groundwater analysis), Air Quality (Emission and Imission Measurements) and Modeling, Noise and Vibration Measurements, Acoustic Report Preparation and Noise Mapping, Soil Analysis, Waste, Solid Performing Waste and Treatment Sludge Analysis, Waste Oil and Isolation Fluids Analysis, Sampling and Bio-Restoration Planning services and delivering these services to the customer, performing activities and services such as marketing, sales, shipping, control, accounting, finance and collection transactions To follow legal processes when necessary, to carry out processes before official institutions and organizations, to respond to requests from official institutions and organizations, to carry out emergency management processes, to carry out information security processes, to carry out audit / ethical activities, to carry out access authorizations, to carry out activities in accordance with the legislation, f Ensuring physical space security, conducting assignment processes, conducting communication activities, conducting / auditing business activities, conducting occupational health / safety activities, receiving and evaluating suggestions for improvement of business processes, conducting business continuity activities, carrying out post-service support services, customer relations management the execution of the processes, the execution of the activities for customer satisfaction, the execution of the contract processes, the follow-up of the requests / complaints, the execution of the wage policy, the security of the data controller operations, the execution of the management activities, the creation and follow-up of the visitor records and the sub-goals provided that they are related and measured with these purposes. Your personal data are processed.
Method and Legal Reason for Collecting Personal Data
Your personal data is automatically or non-automatic for the purposes stated above, in accordance with the basic principles stipulated in the Law and in accordance with the processing conditions specified in Article 5 of the Law, from all kinds of service points of our company, directly verbally or in writing, by telephone, fax, e-mail -mail etc. channels, social media, on the website, from official institutions and from business partners within the scope of support services, from closed-circuit recording systems.
However, the laws and secondary legislation of the Ministry of Environment and Urbanization of the Republic of Turkey, the Turkish Commercial Code No. 6102, the Turkish Code of Obligations No. 6098, the Law on the Regulation of Electronic Commerce No. 6563, the Regulation on Commercial Communication and Commercial Electronic Messages, Occupational Health and Safety and Tax Legislations. In accordance with obligations and other related legislation, your personal data can be processed with automatic or non-automated methods for the purpose of performing the works and transactions to be carried out in accordance with the quality, sufficient and correct presentation of the contractual services, storage, storage, reporting and information obligations, as long as the data processing purpose is valid. .
To whom and for what purposes the processed personal data can be transferred
Your collected personal data are limited to the purposes specified in the Disclosure Text and limited to the reasons that need to be transferred within the scope of the Law and the relevant legislation, and limited to these reasons; to official institutions and organizations, information technologies and security companies, logistics companies, related business partners, including consulting companies, audit companies, lawyers, suppliers, and our collaborating group companies.
Situations Where We May Process Your Personal Data Without Your Explicit Consent
Pursuant to Article 5 of the Law, although explicit consent is one of the personal data processing requirements in the Law, it is not the only factor that gives legality to data processing. The law stipulates conditions for data processing activities other than explicit consent. Accordingly, it is possible to process personal data without seeking the explicit consent of the person concerned, if one of the following conditions is met:
a) It is clearly prescribed in the laws,
b) It is necessary for the protection of the life or physical integrity of the person who is unable to disclose his consent due to the actual impossibility or whose consent is not legally valid,
c) It is necessary to process personal data belonging to the parties of the contract, provided that it is directly related to the establishment or performance of a contract,
ç) It is mandatory for the data controller to fulfill his legal obligation,
d) It is made public by the person concerned,
e) Data processing is mandatory for the establishment, use or protection of a right,
f) It is mandatory to process data for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the person concerned.
How Long Is Your Personal Data Retained?
Storage periods for your personal data are determined in accordance with the following criteria:
If a period is specified in the law for the storage of data in parallel with the relevant legislation and the contract signed between us, the data in question must be kept for at least this period.
If a period is not stipulated in the law, in the relevant legislation and in the contract signed between us for the storage period of the data we process, your data will be stored until the reasons and purposes that require processing are terminated.
Your data will be deleted without your request after these relations expire or after the periods specified in the contract are completed.
How Do We Protect?
All necessary technical and administrative measures are taken for the security of all personal data collected by Çınar Engineering Colsulting Inc. In this context, unauthorized access and abuse in accordance with the requirements of the Personal Data Security Guide published by the KVKK board, ISO / IEC 27001 Information Security, ISO / IEC 27017 Cloud Services Information Security, ISO / IEC 27701 Privacy Information Management standards, the European Union General Data Protection Regulation GDPR We take physical, technical, organizational and administrative measures against use, disclosure or modification.
What Are Your Rights Regarding Personal Data?
Regarding your personal data;
Learning whether your personal data is processed,
If your personal data has been processed, to request information regarding this,
Learning the purpose of processing personal data and whether they are used appropriately for their purpose,
To know the third parties in the country or abroad to whom your personal data has been transferred,
To request correction of your personal data in case of incomplete or incorrect processing,
Requesting the deletion or destruction of your personal data within the framework of the conditions stipulated in the KVK legislation,
When you request the correction of incomplete or incorrect data and the deletion or destruction of your personal data, to request that this situation be notified to third parties to whom we have transferred your personal data,
To object to the result in the event that a result occurs against you by analyzing the processed data exclusively through automated systems, and
If you suffer damage due to unlawful processing of your personal data, you have the right to demand that this damage be compensated.
How Can You Exercise Your Rights Regarding Personal Data?
Pursuant to the paragraph 1 of Article 13 of the Law on the Protection of Personal Data, you can make your request to exercise your above-mentioned rights using the following methods and information in accordance with the "Communiqué on the Procedures and Principles of Application to the Data Controller" published on March 10, 2018, numbered 30356.
Necessary information in the application content;
1. Name and Surname of the applicant.
2. The applicant is a citizen of the Republic of Turkey Identity Number, if not the nation with a passport number or ID number is there.
3. The applicant's residence or workplace address for notification.
4. Notification e-mail address, telephone or fax of the applicant.
5. Subject of the request of the applicant.
6. Information and documents based on the subject of the applicant's request.
1. The applicant can personally fill in the "Application Form" to Çınar Mühendislik Müşavirlik A.Ş address, and deliver the note "Information Request Required by the Law on Protection of Personal Data" to our head office with a hand-held report on the sealed envelope.
2. The applicant can get a notification from Çınar Engineering Colsulting Inc. through a notary, but the note "Request for Information as per the Law on Protection of Personal Data" must be attached to the notification envelope.
3. With the "Secure Electronic Signature" defined in the Electronic Signature Law No. 5070, the applicant can personally apply to our company's Registered Electronic Mail address email@example.com, with the note "Information Request Required by the Law on Protection of Personal Data".
You can find our application form regarding your rights mentioned above here .
How Long Will Your Requests Regarding The Processing Of Your Personal Data Be Replied?
Your claims regarding your personal data are evaluated and answered within 30 (thirty) days at the latest from the date they reach us. If your application is negatively evaluated, the reasons for the rejection are sent to the address you specified in the application via e-mail or mail.