Personal Data Protection Law Business Partner Clarification Text

Data Supervisor and Representative

 

In accordance with the Personal Data Protection Law No. 6698 (“Law No. 6698”), the Data Responsible is Çınar Engineering Consulting Inc.

 

Our Principles Regarding Processing Personal Data of Our Business Partners

Çınar Engineering Consulting Inc. as;

 

a) To operate in accordance with the law and good faith,

b) To strive to provide correct and up-to-date,

c) To be processed for specific, explicit and legitimate purposes,

ç) Being connected, limited and measured for the purpose for which they are processed,

d) We have adopted the principle of keeping them for the period stipulated by the legislation or required for the purpose for which they are processed.

 

Lighting and Scope

 

As the data supervisor, Çınar Engineering Consulting Inc. All kinds of private and general personal data acquired within the scope of our business relations, provided that they are measured and limited in accordance with the data processing conditions specified in Articles 5 and 6 of the Law on the Protection of Personal Data No.6698, in accordance with our company principles, the establishment, protection, use of the right, Due to the fulfillment, our legal responsibility as the data controller can be processed in accordance with the data responsibility obligations such as the execution of the contract and due to legal requirements.

 

With this awareness, the parties are aware of the private and general quality personal data of which business relations are obtained, the Law No. 6698 on the Protection of Personal Data, the secondary regulations (regulation, communiqué, circular) and the decisions taken and to be taken by the binding Personal Data Protection Board. It attaches great importance to its proper processing (storage, deletion, destruction, backup, etc.).

 

Personal Data Processed

 

Your personal data that can be processed by us within the scope of the business relationship and their explanations are as follows;

Identity Information; Data such as all identity information, nationality, marital status, place and date of birth, TR identity number, gender, signature information, SGK number,

Communication information; Data such as telephone number, contact phone information, address information, e-mail address to reach when necessary,

Education Information; Data such as education status, course and seminar information for which he / she received a certificate, trainings received within the scope of the relevant job and reference information, diploma information, background information,

Financial Information; Data such as financial information, execution tracking and debt information, bank information

Visual Data; Photographs, camera recording images processed at our location due to the security of business processes,

Auditory Data; Voice recordings processed for the purpose of service quality and fulfillment of demand / complaint processes,

Special Quality Personal Data; Data such as background information, health reports, health declaration, health reports, religion and blood type in the copy of identity card / driver's license,

Working Data; Registration number, position name, department and unit, title, SGK entry declaration and assignment documents, starting date, title, signatory circular, projects worked, internet and in-house access logs,

Other; Data such as vehicle information, military status

The processed data may be one or more of them within the scope of our business relationship.

 

Purpose of Processing Personal Data

 

As a data controller, your private and general personal data obtained by us within the scope of our business relations can be processed for the following purposes and legal reasons.

Carrying out and continuity of the business relationship, conducting emergency management processes, carrying out information security processes, conducting audit / ethical activities, conducting training activities, carrying out access authorizations, conducting activities in accordance with the legislation, carrying out financial and accounting affairs, carrying out loyalty processes to companies / products / services providing physical space security, execution of assignment processes, follow-up and execution of legal affairs, conducting audit / investigation / intelligence activities, conducting communication activities, conducting / auditing business activities, carrying out occupational health / safety activities, carrying out business continuity activities, carrying out logistics activities Conducting goods / service procurement processes, carrying out goods / service operation processes, carrying out business relations management processes, carrying out activities aimed at satisfaction, organizing On and activity management, analysis and evaluation studies, performance evaluation processes, risk management processes, storage and archive activities, execution of contract processes, follow-up of requests / complaints, security of movable goods and resources, execution of supply chain management processes, data in accordance with the obligations in SGK Legislation, Turkish Commercial Code, Labor Law, Turkish Code of Obligations, Occupational Health and Safety and Tax Legislation, for purposes such as ensuring the safety of operations of the responsible person, providing information to authorized persons, institutions and organizations, conducting management activities, creating and tracking visitor records It will be processed within the scope of the personal data processing conditions and purposes specified in Articles 5 and 6 of Law No. 6698.

 

To Whom and For What Purpose the Processed Personal Data Can Be Transferred

 

Your personal data obtained by us within the scope of the business relationship, from time to time and to the extent required by the activity, with the relevant legal parties, professional consultants, banks and insurance companies, with the institutions with which our institution has commercial, administrative or contractual relations, business partners and affiliates in order to carry out our business relations. with third parties such as offices, provided that it is limited to the personal data processing conditions and purposes specified in Articles 5 and 6 of Law No. 6698. In these shares, the terms and purposes of data processing are taken in accordance with the data security rules.

 

Method and Legal Reason for Collecting Personal Data

 

To fulfill our legal obligations as an institution, the execution of the contract between you and / or you, the establishment and protection of the right, for the reasons stipulated in the laws and for the legitimate interest of the Company, the Turkish Commercial Code No. 6102, Labor Law No. 4857, Turkish Code of Obligations No. 6098, 6563 The provision of the services specified in the provisions of the Law on the Regulation of Electronic Commerce and other legislations within the legal framework is obtained in order for the Company to fulfill its contractual and legal obligations fully and properly.

 

We collect your personal data, which we request from you and / or other representatives / employees representing your company, verbally, physically or electronically by you and / or other representatives / employees of your company, and physically or electronically through the cameras we place in the Company buildings.

 

Rights of Personal Data Owner enumerated in Article 11 of Law No. 6698

As personal data owners, you can send your requests regarding your rights to Çınar Engineering Consulting Inc. If you send it to our company using the methods specified in the Clarification Text, our company will finalize the request free of charge within thirty days at the latest, depending on the nature of the request. However, if a fee is stipulated by the Personal Data Protection Board, our company will charge the fee in the tariff determined by the Personal Data Protection Board. In this context, personal data owners;

 

  • Learning whether personal data is processed,

  • If personal data has been processed, to request information regarding this,

  • Learning the purpose of processing personal data and whether they are used appropriately for their purpose,

  • To know the third parties to whom personal data are transferred domestically or abroad,

  • If personal data are processed incompletely or inaccurately, to request their correction and to notify the third parties to whom the personal data has been transferred,

  • Although it has been processed in accordance with the provisions of Law No. 6698 and other relevant laws, in the event that the reasons requiring its processing disappear, to request the deletion or destruction of personal data and to notify the third parties to whom the personal data has been transferred,

  • Object to the occurrence of a result against the person himself by analyzing the processed data exclusively through automated systems,

  • In case of damage due to unlawful processing of personal data, it has the right to demand the compensation of the damage.

 

How Do We Protect?

 

All necessary technical and administrative measures are taken for the security of all personal data collected by our institution. In this context, unauthorized access and abuse in accordance with the requirements of the Personal Data Security Guide published by the KVKK board, ISO / IEC 27001 Information Security, ISO / IEC 27017 Cloud Services Information Security, ISO / IEC 27701 Privacy Information Management standards, the European Union General Data Protection Regulation GDPR We take physical, technical, organizational and administrative measures against use, disclosure or modification.

 

Application Methods;

 

1. The applicant, personally, Çınar Engineering Consulting Inc. by filling in the "Application Form" to our address and delivering the note "Request for Information Requirement of the Law on Protection of Personal Data" on the sealed envelope and envelope with a hand-written report.

2. The applicant is informed by Çınar Engineering Consulting Inc. but on the notification envelope, the note "Request for Information as per the Law on Protection of Personal Data" must be added.

3. With the "Secure Electronic Signature" defined in the Electronic Signature Law No. 5070, the applicant can personally apply to our company's Registered Electronic Mail address cinarmuhendislik@hs01.kep.tr, with the note "Information Request Required by the Law on Protection of Personal Data" in the subject section.

You can find our application form regarding your rights mentioned above here.

 

Changes to Our Privacy Statement

 

If we change our Privacy Statement, we will post the revised notice here, together with the updated revision date. If we make significant changes to our Privacy Statement that will significantly change our privacy practices, we may notify you by sending an email or posting a notice on our corporate website and / or social media accounts before the changes take effect.

 

Publish Date: 07.04.2018