ÜÇGE DRS WAREHOUSE SHELF SYSTEMS PAZ. SINGING. AND TRADE Inc.

Personal Data Protection and Processing Policy

Entrance

In accordance with Article 20 of the Constitution of the Republic of Turkey, everyone has the right to request the protection of personal data regarding themselves. This right also includes the right to be informed about personal data about oneself, to access this data, to request its correction or deletion, and to learn whether it is used for its purposes.

Personal Data Protection Law No. 6698 (“KVKK”) regulates the protection of fundamental rights and freedoms of individuals in the processing of personal data, and the obligations and procedures and principles to be followed by natural and legal persons who process personal data. The purpose of this Policy, prepared in this direction, is to ensure compliance with the obligations regarding the KVK Law regulations.

Governed by politics; Visitor, Product or Service Recipient, Supplier Official, Supplier Employee, Intern, Potential Product or Service Buyer, Shareholder/Partner, Employee, Employee Candidate, Customer Employee, Customer Representative, Consultant, Subcontractor Employee, Trainee Candidate, Endorser, Consultant Personal data of groups of people.

If there is a conflict between KVKK and other relevant legislation and the Company's Personal Data Protection and Processing Policy, the current legislation will apply.

  • Aim

In order to protect the fundamental rights and freedoms of individuals, especially the privacy of private life, in the processing of personal data and to regulate the obligations of real and legal persons processing personal data and the procedures and principles to be followed by ÜÇGE DRS DEPO RAF SYSTEMLERİ PAZ. SINGING. AND TRADE Inc. ("Company") Personal Data Protection and Processing Policy ("Policy") has been prepared.

The policy aims to maintain and develop the activities carried out by the Company in accordance with the principles in the KVKK and to inform personal data owners.

  • Scope

Data owners whose personal data are processed within the scope of this Policy are categorized as follows:

Employee CandidateNatural persons who make their CV and relevant information accessible to the Company by applying for a job at the Company or by any means
WorkerPeople who continue to have a business relationship with the company
Former EmployeeFormer employees whose employment relationship with the company has ended
visitorsReal persons who have entered the Company's physical facilities for various purposes or visited its websites
Intern CandidateNatural persons who make their CV and relevant information accessible to the Company by applying for an internship to the Company or by any other means
InternPeople who continue their internship relationship with the company
Person Receiving Product or ServiceThe person who purchases products / services from the Company and whose personal data is obtained for this purpose
Supplier RepresentativePersons who are authorized signatories of real persons, sole proprietorships or legal entities to which the Company supplies products/services
Supplier EmployeePersons working at suppliers from whom the Company supplies products/services
Potential Product or Service BuyerPeople who are potential customers of the Company, prospective customers
Shareholder/PartnerCompany shareholders
Customer RepresentativePersons who are authorized signatories of real persons, sole proprietorships or legal entities to which the Company sells products/services
Customer EmployeePersons working for customers to whom the Company sells products/services
AdvisorPersons receiving service from the Company's R&D department (academics, etc.)
Subcontracted WorkerPersons working in companies that are subcontractors of the Company
Keşideci-CirantaReal persons whose check information is processed in the Company's financial-accounting processes
Third PartiesAlthough not defined in the Policy, guarantors, family members, etc. whose personal data are processed within the framework of this Policy. other natural persons, including but not limited to
  • Definitions

The definitions used in this Policy are listed below:

Explicit consentConsent regarding a specific issue, based on information and expressed with free will
anonymiseMaking personal data impossible to associate with an identified or identifiable natural person in any way, even by matching it with other data
Personal health dataAll kinds of health information regarding an identified or identifiable natural person
personal dataAny information regarding an identified or identifiable natural person
Processing of personal dataObtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, making available, classifying or using personal data by fully or partially automatic or non-automatic means provided that it is part of any data recording system. Any action performed on data, such as blocking
KVKKPersonal Data Protection Law No. 6698
BoardPersonal Data Protection Board
OrganisationPersonal Data Protection Authority
Special personal dataData regarding people's race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and clothing, association, foundation or union membership, health, sexual life, criminal conviction and security measures, as well as biometric and genetic data
TCKTurkish Penal Code No. 5237
data processorNatural or legal person who processes personal data on behalf of the data controller, based on the authority given by the data controller
Personal data ownerThe real person whose personal data is processed and who is considered as the "relevant person" in the KVK Law
Data Owner Application FormApplication form that personal data owners, whose personal data are processed within the company, will use when applying for their rights described in Article 11 of the KVK Law.
Data controllerNatural or legal person who determines the purposes and means of processing personal data and is responsible for establishing and managing the data recording system
Data Controllers Registry (VERBIS)Data controllers' registry maintained by the Personal Data Protection Board
Data InventoryThe personal data processing activities carried out by the Company depending on its business processes, personal data, personal data processing purposes, recipient group to which personal data is transferred, storage periods, transfers to foreign countries and security measures taken regarding the security of personal data are created by associating them with the relevant personal data owner group. and the personal data processing inventory it details