PERSONAL DATA PROTECTION LAW GENERAL INFORMATION STATEMENT
In this lighting text;
Personal Data: All kinds of information related to an identified or identifiable natural person, Personal Data Protection Law (“KVKK”): The Law on the Protection of Personal Data No. 6698, which was published in the Official Gazette on 7 April 2016,
Data Processor: The natural or legal person who processes Personal Data on behalf of the data controller, based on the authority given by the data controller,
Data Controller: It refers to the natural or legal person who determines the purposes and means of processing Personal Data and is responsible for the establishment and management of the data recording system.
Relevant Person: Refers to the natural person whose personal data is processed.
Delta Proje İnş.Turizm San. and Tic. Inc. As our (“Company”), our priority principles include the protection of fundamental rights and freedoms, the protection of privacy regarding private lives, the provision and protection of information security, and respect for ethical values. Accordingly, the explanations we have given below are presented for your information within the scope of fulfilling our disclosure obligation arising from Article 10 of the Personal Data Protection Law (“KVKK”);
“Data Controller” in terms of your personal data; Registered with the Istanbul Trade Registry with the registration number 509376-0, Mersis number 0274-0462-1200-0019, the head office of the company is located in “Selahaddin Eyyübi Mah. Erzurum Congress Cad. No:2 Esenyurt/Istanbul” Delta Proje İnş. Tourism Industry. and Tic. A.Ş.
Data Collected Parties
Within the scope of the Personal Data Protection Law, we collect the data of the parties mentioned below who have a business relationship with our company. These;
- Our Employees and Employee Candidates
- Family members and relatives of our employees and employee candidates,
- our customers,
- of our suppliers,
- of our consultants,
- our business partners,
- of our shareholders,
- Our company officials,
- Our company representatives
- Person(s) with whom we have a contractual relationship and their employees,
- Person(s) who are the addressee of legal proceedings,
- survey participants,
- of our visitors.
Data Collected and Processed by Our Company from the Parties
Within the scope of Articles 5 and 6 of the Personal Data Protection Law, we collect and process the following data from our company. These;
- Family and social life information,
- Education and training information,
- employment information,
- Information on request/complaint management,
- Information on ethical values and compliance with the law,
- financial information,
- audit information,
- Electronic media usage information,
- Information on goods and services provided and provided,
- business activities information,
- Information on trade and other licenses and permits,
- Physical location security information,
- Visual and audio information (photograph, camera, sound recordings),
- Telecommunications records,
- E-mail and information systems services usage records,
- login records,
- union membership information,
- Health reports and health information,
- biometric data,
- Criminal record information.
Our Company's Data Collection Purposes
Within the scope of Articles 5 and 6 of the Personal Data Protection Law, we collect and process data in order to realize our company purposes, which we have stated below, provided that they are limited to the relevant purposes. These;
- Carrying out the commercial activities of our company,
- To be able to carry out business processes related to commercial activities,
- Management and execution of relations with business partners and/or suppliers,
- Technical management of our company's websites,
- Customer management and follow-up of complaints,
- Product surveys and follow-up of the questions you send to our company,
- Carrying out the necessary work by our business units in order to benefit you from the products and services offered by our company,
- Planning and execution of sales, marketing and after-sales processes of products and/or services,
- Providing information about the contents of products and services,
- To be able to send commercial electronic messages by obtaining separate approval in accordance with the legal legislation,
- Conducting competitions, events and other organizations,
- Execution of legal and commercial relations with our Company and persons who have business relations with our Company and ensuring the security of these relations,
- Administrative operations for communication carried out by our company,
- Employee administration and management,
- Ensuring the physical security and control of the company's locations,
- Planning of logistics activities,
- Conducting reputation research processes,
- Compliance with ethical values and law, and execution of legal business and procedures,
- Follow-up of contract processes and/or legal requests,
- Planning and executing Human Resources and personnel recruitment processes, and monitoring and realizing education and training activities,
- Planning and/or execution of occupational health and/or safety processes,
- Planning and execution of corporate communication and corporate governance activities,
- Execution of information security management services,
- Carrying out activities for the follow-up and auditing of finance and/or accounting works,
- Determining and implementing our company's commercial and business strategies,
- Creating and tracking visitor records,
- For other purposes or purposes to be notified to the person concerned during obtaining the information, To ensure the fulfillment of legal obligations as required or mandated by the relevant legislation.
Transfer of Data Collected and Processed by Our Company for Purposes
Your personal data collected by our company within the framework of the personal data processing conditions and purposes specified in Articles 8 and 9 of the Personal Data Protection Law may be shared with our affiliates, shareholders, business partners (only anonymously), legally authorized public institutions and private individuals and other persons within the scope of the purposes detailed above.
Data Collection Method and Legal Reason by Our Company
Personal data can be collected by our company by giving verbal, written and/or electronic information to the personal data owners in a clear and understandable manner, and when necessary, by verbal, written and/or electronic means, in accordance with the law and honesty, in connection with the legitimate purposes clearly stated above and It is collected, used, recorded, stored and processed within the framework of the principle of proportionality, on a limited basis. We assure that your personal data will not be processed by our company for purposes other than those specified in this disclosure document, and will not be transferred or stored to third parties in the country or abroad.
Retention Period of Data Collected by Our Company
Your personal data is kept for the duration of the storage periods specified in the relevant legal legislation, in accordance with the practices of our Company and the practices of commercial life, if no period has been determined in the relevant legislation, or for the period required by the above-mentioned processing purposes, and then deleted or destroyed in accordance with Article 7 of the Personal Data Protection Law or anonymized.
Security of Your Data Collected and Processed by Our Company
Technical and administrative measures of the Information Security Management System (ISO 27001 Standard and good practice booklets 27018 and 27701) promoted by our management, Personal Data Protection Management System (Bureau Veritas) in order to ensure that your personal data is not exposed to unauthorized access, lost or damaged in the environments where they are processed and stored. - Data Protection Technical Standard, BS 10012 Data Protection Personal Information Management System Standard) requirements as well as the Personal Data Security Guide requirements published by the KVKK board are constantly operated and developed within the scope of continuous improvement.
Rights of Relevant Person whose Data is Collected and Processed
In accordance with Article 11 of the Personal Data Protection Law, everyone can apply to the data controller and;
- Learning whether personal data is processed or not,
- If personal data has been processed, requesting information about it,
- Learning the purpose of processing personal data and whether they are used in accordance with the purpose,
- Knowing the third parties to whom personal data is transferred at home or abroad,
- Requesting correction of personal data in case of incomplete or incorrect processing,
- Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7,
- Requesting notification of the transactions made pursuant to subparagraphs (d) and (e) to third parties to whom personal data has been transferred,
- Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,
- It has the right to demand the compensation of the damage in case of loss due to the unlawful processing of personal data.
Application Methods within the Framework of the Rights of the Relevant Person
Pursuant to paragraph 1 of Article 13 of the Law on the Protection of Personal Data, you can make your request regarding the exercise of your above-mentioned rights with the following methods and information, pursuant to the "Communiqué on the Procedures and Principles of Application to the Data Controller" published on March 10, 2018, numbered 30356.
Necessary information in the application content;
- Applicant's Name, Surname information.
- If the applicant is a citizen of the Republic of Turkey, the Turkish Republic Identity Number, if not, the Nationality and the Passport number or, if any, the Identity number.
- The applicant's place of residence or workplace address for notification.
- The applicant's e-mail address, telephone or fax.
- Subject of the applicant's request.
- Information and documents regarding the applicant's request.
- The applicant personally works with Delta Proje İnş. Tourism Industry. and Tic. A.Ş.*, by filling in the "Application Form", with a closed envelope and the note "Information Request Pursuant to the Law on the Protection of Personal Data" on the envelope and delivery to the advisory office with a report by hand.
- The applicant, Delta Proje İnş. Tourism Industry. and Tic. A.Ş.* address, but the phrase "Information Request Pursuant to the Law on Protection of Personal Data" should be added on the notification envelope.