INFORMATION ON THE PERSONAL DATA PROTECTION LAW
In order to protect fundamental rights and freedoms of individuals on the processing of personal data, primarily the protection of the privacy of private life and to regulate the procedures and principles to be complied with as well as the obligations of natural and legal persons who process personal data, KAREL KALIP SANAYI A.Ş. processes your personal data as the Data Controller under Personal Data Protection Law No. 6698 (“CDPR”) only for the following purpose and scope.
Our company has the necessary technical and administrative infrastructure to protect all kinds of personal data with administrative procedures, data processing security with the support of information technologies and the highest level of security measures.
Purpose of Processing Personal Data and Transferring The Data Processed
KAREL KALIP SANAYI A.Ş. having given priority to the value of respecting individuals, shows the necessary care and sensitivity in protecting the privacy of individuals and ensuring data security, and acts in accordance with legal requirements.
Our company carries out data processing activities for the purposes of regulating our commercial relations and ensuring commercial security, ensuring the legal and physical security of our customers, business partners, employees of our company and other third parties, ensuring the corporate functioning of our company, performing business and transactions as a result of signed contracts and protocols, conducting corporate communication activities, creating and following-up visitor records, determining the preferences and needs of employees, data supervisors, contact persons, data responsible representatives and data processors within the scope of VERBİS, arranging the services accordingly and updating them if necessary, fulfilling legal obligations as required or obligated by legal regulations, providing liaison with real / legal persons with whom we have business relations, making legal reporting and for constituting evidence for proving obligations in legal disputes that may arise in the future.
Your data processed by our responsible units in accordance with the Personal Data Protection Law No. 6698 and the relevant legislation in accordance with the stated purposes, may be transferred to SSI, authorized public institutions and organizations pursuant to the Labour Code No 4857, Social Insurance and General Health Insurance Law 5510, Occupational Health and Safety Law No 6331 and other legal regulations, to our consultants, to finance institutions for evaluating financial risks, to independent audit companies for carrying out auditing processes, to local/international organization supporting us in our business processes, provided that there is a legal basis and subject to your consent.
However, your personal data may be processed without seeking explicit consent under clause 2 of article 5 of the Law if (i) it is expressly stipulated in laws; (ii) such personal data made public by the person concerned, (iii) it is compulsory for protecting life or physical integrity of the person himself/herself or any other person who cannot give his/her consent due to actual impossibilities or whose consent is not legally recognized, (iv) processing of personal data of contract parties is necessary provided that it is directly related to the conclusion or performance of a contract, (v) it is compulsory for our Company to perform its legal obligations, (vi) data processing is compulsory for the establishment, usage or protection of a right, (vii) data processing is compulsory for legitimate interests of our Company provided that fundamental rights and freedoms of the person are not prejudiced.
Method For Collecting Personal Data
Your personal data is collected wholly or partially automated or non-automated means, orally or electronically through various channels such as job application forms, information forms, corporate communication accounts, mail and e-mails, various documents transmitted to our company by our customers, suppliers and other third parties, security camera records, company IT systems, our customers, companies that we supply services / products, business partners and other third parties provided that it is limited to the existence of legal reasons.
Measures Taken Within the Scope of Securing Personal Data
Our Company takes all necessary technical and administrative measures to ensure that the appropriate security level is maintained in order to prevent the unlawful processing of personal data, to prevent the unlawful access to the data and to maintain the personal data and performs necessary audits in this context and orders the same to be performed.
Rights of the Personal Data Object As Stipulated Under Article 11 of the Law
If you submit your rights and requests regarding your personal data to our company within the procedures stated below, your request will be evaluated by our Company and your application will be finalized as soon as possible and within no later than thirty days.
By applying to our company, you will have the right
- To learn whether your personal data has been processed or not,
- To request information on such processing if your personal data have been processed,
- to learn about the purpose of processing his/her personal data and if they have been used according to the purpose,
ç. To get information about the third parties at home and abroad to whom your personal data have been transferred,
- To request correction related to personal data if they have been processed deficiently or wrong,
- To request deletion or disposal of personal data within the frame of terms stipulated under Article 7 of the Law,
- To request notification of the transactions made in line with the requests for correction, deletion and disposal as specified in the clauses (d) and (e) to third parties to whom personal data are transferred,
- to object against any result against the person as the result of analyzing of processed data exclusively by means of automatic systems,
ğ. to request compensation of damage if you incur any damage due to illegal processing of personal data.
The applications to be made by the personal data subject can be sent in writing to İTOSB 8. Street NO:1 Tuzla/İstanbul or can also be transmitted electronically using a secure electronic signature or mobile signature to registered e-mail address, which is firstname.lastname@example.org
In the applications made, information about the identity of the person concerned and documents related to the subject should be attached to the application. If the information and documents are not sufficient for investigation, our company may request additional information and documents from the relevant person.
Personal data processed in our company is deleted, destroyed or anonymized both under the rights of the person concerned and pursuant to article 11 of the Law, in cases where the application made to the deletion and disposal of personal data is accepted, data processing is performed solely based on explicit consent, such person withdraws his/her explicit concern, there is a change or abolition of provisions of the legislation constituting a basis for such processing, elimination of the purpose constituting a basis for processing or storage, the maximum period required for storing personal data expires and there is not condition requiring retention of personal data for a longer period.
Further information in detail on the subject is available in our Company’s “Personal Data Protection and Processing Procedure”.