PERSONAL DATA PROTECTION EXPLICIT CONSENT TEXT
Data Controller
Data controller information: Name: ENG Zemin İnşaat Sanayi A.Ş. (ENG Zemin) (Internet address: https://www.engzemin.com/ ) ; Phone: 0312 466 55 51 Address: Çayyolu Mahallesi 2661/1 Sokak No: 4/4 Ümitköy – Çankaya ANKARA | TURKEY E-Mail: info@engzemin.com The personal data of persons related to ENG Zemin, including our customers and employees, within the framework of the Constitution and international agreements to which Turkey is a party and the relevant legislation, primarily the Personal Data Protection Law No. 6698 (KVKK); we attach importance to the protection of your personal data and we inform you on this issue.
Purposes of Processing Your Personal Data
Your personal data; To be able to carry out the necessary studies for you to benefit from our services and activities, To process the services and activities offered by ENG Zemin in order to provide you with better service within the scope of user satisfaction, To inform you about our new services and activities, to provide you with the most suitable product and service in this direction, To be able to carry out ENG Zemin human resources policies, To be able to respond to all your questions and complaints regarding our services and activities, To be able to measure customer satisfaction, To be able to develop, improve and disseminate our services and activities, To ensure that you can share quickly and without obstacles by ensuring that the site infrastructure is associated with the site, It is necessary to process personal data belonging to the parties to the contract due to being directly related to the performance of the contract, It may be processed for its purposes.
Scope
Your personal data is kept on our ENG Zemin domestic server, and our server panel is kept domestically in the necessary panel service as required.
Transfer of Your Personal Data
Personal data cannot be transferred without the explicit consent of the relevant person, except for the exceptions specified in the KVKK. ENG Zemin does not transfer your personal data to 3rd Parties in any way, except for legal obligations. ENG Zemin carries out procedures in accordance with the Constitution of the Republic of Turkey and the Law No. 6698 on the Protection of Personal Data, especially Articles 8 and 9, in its personal data transfer policy.
Processed Personal Data, Purposes, Legal Reasons and Processing Periods
Personal Data Type of Service Provided Scope of Processing Purpose of Processing Legal Reason
Name – Surname Offer Form – Contact Offer Form – Contact: Obtaining – Preserving – Displaying – Transferring Offer Form – Contact – Providing Offer – Better Service – Carrying out our activities – Billing It is necessary to process personal data belonging to the parties to a contract, provided that it is directly related to the establishment or execution of a contract.” / “Data processing is mandatory for the establishment, exercise or protection of a right.”
Email Offer Form – Contact Offer Form – Contact: Obtained – Stored – Appeared – Transferred Offer Form – Contact – Proposed – Better Service – Conducting our activities – Billing
Telephone Offer Form Offer Form: Obtained – Stored – Appeared – Transferred Offer Form – Proposed – Better Service – Conducting our activities – Billing
Company Name Offer Form Offer Form -: Obtained – Stored – Appeared – Transferred Offer Form – Establishment of Contract – Better Service – Conducting our activities – Billing
Method and Legal Reason for Collection of Your Personal Data
Your personal data is seen electronically in the “Offer form” menu and “communication” menu within the scope of “e-mail correspondence” for the purpose and scope specified above, and this situation is applied within the scope of obligation for the contract and customer communication. In this context; Article 5-c of the KVKK: “Processing of personal data belonging to the parties to a contract is necessary, provided that it is directly related to the establishment or execution of a contract.” And Article 5-e of the KVKK: “Data processing is mandatory for the establishment, exercise or protection of a right. And the Law of Obligations is necessary for the provisions of the contract.” It may be processed for legal reasons.
Your Rights Regarding the Protection of Your Personal Data
Regarding your personal data;
You have the right to learn whether your personal data has been processed,
To request information about your personal data if it has been processed,
To learn the purpose of processing your personal data and whether it is used in accordance with its purpose,
To know the third parties to whom your personal data has been transferred in Turkey or abroad,
To request correction of your personal data if it is processed incompletely or incorrectly,
To object to the emergence of a result against you by analyzing your processed data exclusively through automated systems,
To request compensation for the damages if you suffer damages due to the unlawful processing of your personal data.
Your request regarding exercising these rights
i in writing or, if a separate method is determined by the Personal Data Protection Board, you can send it to us in accordance with this method. You can make your notifications and requests to the Data Controller as the Relevant Person by calling “Mücahit Çalışkan” at “(0543) 367 57 95 “0312 466 55 51”, address “Çayyolu Mahallesi 2661/1 Sokak No: 4/4 Ümitköy – Çankaya ANKARA | TÜRKİYE” or by e-mail at info@engzemin.com.
Legal Obligations
Legal obligations within the scope of the protection and processing of personal data as a data controller in accordance with the KVKK are listed below:
Our obligation to inform
While collecting personal data as a data controller;
For what purpose your personal data will be processed,
Our identity, information regarding the identity of our representative, if any,
To whom and for what purpose your processed personal data can be transferred,
Our method of collecting data and its legal basis,
Rights arising from the law, we have the obligation to inform the Relevant Person about these issues.
As ENG Zemin, we take care to ensure that this policy, which is open to the public, is clear, understandable and easily accessible.
Our obligation to ensure data security:
As the data controller, we take the administrative and technical measures stipulated in the legislation to ensure the security of personal data in our organization. Obligations and measures taken regarding data security are detailed in this Policy.
PROCESSING OF PERSONAL DATA
Our Principles for Processing Personal Data
We process personal data in accordance with the principles set out below. Processing in accordance with the law and the rules of integrity: We process personal data in accordance with the rules of integrity, transparently and within the framework of our obligation to inform. Ensuring that personal data is accurate and up-to-date when necessary: In order to ensure that the processed data is accurate and up-to-date, we take the necessary measures in our data processing procedures, and we offer the Personal Data Owner the opportunity to apply to us to update their data and correct any errors in the processed data. Processing for specific, clear and legitimate purposes: As ENG Zemin, we process personal data within the scope and content of which are clearly defined, within the scope of our legitimate purposes determined to continue our activities within the framework of legislation and the ordinary course of commercial life. Personal data being connected, limited and proportionate to the purpose for which they are processed: We process personal data in a way that is clearly and precisely connected, limited and proportionate for the purpose we have determined. We avoid processing personal data that is not relevant or does not need to be processed. Therefore, unless there is a legal requirement, we do not process special personal data or obtain explicit consent when we need to process it. Storage of personal data for the duration prescribed by legal regulations and for our legitimate commercial interests Many regulations in the legislation require personal data to be stored for a certain period. Therefore, we store the personal data we process for the duration prescribed by the relevant legislation or necessary for the purposes of processing personal data. If the retention period stipulated in the legislation expires or the purpose of processing is eliminated, we delete, destroy or anonymize personal data. Our principles and procedures regarding retention periods are detailed in this policy in the article.
Purposes of Processing Personal Data
ENG Zemin processes personal data for purposes similar to the ones listed below, but not limited to those listed:
Conducting our activities,
Providing support services to customers within the scope of the contract and service standards,
Determining the preferences and needs of our customers and shaping and updating the services we provide within this scope,
Ensuring that our legal obligations are fulfilled as required or made mandatory by legal regulations,
Evaluating job applications,
Contacting persons who have a business relationship with ENG Zemin,
Advertisement,
Legal reporting,
Invoicing.
Processing of Sensitive Personal Data
Sensitive personal data is not processed within the scope of this business. Processing of personal data for human resources and employment purposes: The resume, diploma, etc. that you share with us during the application process as a Personnel Candidate. We process, store and transfer your personal data in other documents for the purpose of evaluating job applications. The processing, transfer and storage of personal data you share as a Personnel Candidate are within the scope of this Policy. Exceptional cases where explicit consent is not required for processing personal data We may process personal data without obtaining explicit consent in the exceptional cases listed below and arising from the law:
Explicitly provided for in the laws;
Processing of personal data belonging to the parties to a contract is necessary provided that it is directly related to the establishment or performance of a contract;
Data processing is mandatory for the establishment, exercise or protection of a right;
Fundamental rights and freedoms
It is mandatory for us to process your data for our legitimate interests as the data controller, provided that it does not harm the data.
SECURITY AND STORAGE OF PERSONAL DATA
Storing personal data for the period stipulated in the relevant legislation or required for the purpose for which they are processed:
We store personal data for the period required for the purpose of processing personal data, provided that the storage periods stipulated in the legislation are reserved. In cases where we process personal data for more than one purpose, if the purposes of processing the data are eliminated or if there is no obstacle in the legislation to the deletion of the data upon the request of the Relevant Person, the data is deleted, destroyed or stored by being anonymized. Legislative provisions and KVKK decisions are applied in terms of destruction, deletion or anonymization.
Measures we take regarding the storage of personal data:
Technical measures
We create technical infrastructures and related control mechanisms for the deletion, destruction and anonymization of personal data,
We take the necessary measures for the safe storage of personal data,
We employ employees with technical expertise,
We create business continuity and emergency plans against possible risks and develop systems for their implementation,
We establish security systems in accordance with technological developments regarding the storage areas of personal data.
Administrative measures
We inform our employees about the technical and administrative risks related to the storage of personal data and raise awareness,
In case of cooperation with third parties for the storage of personal data, we include provisions regarding the necessary security measures to be taken in the contracts made with ENG Zemin to which personal data is transferred, for the protection of the persons to whom personal data is transferred and for the safe storage of the transferred personal data.
Our obligations regarding the security of personal data:
Personal data;
To prevent unlawful processing,
To prevent unlawful access,
To ensure that it is stored in accordance with the law,
we take administrative and technical measures according to technological possibilities and implementation costs.
In cases where cooperation is made with third parties for the processing of personal data, the contracts made with ENG Zemin, which processes personal data, include provisions regarding the persons processing personal data to take the necessary security measures,
In case of unlawful disclosure of personal data or data leakage, we notify the Personal Data Protection Board and carry out the examinations and take the measures prescribed by the legislation in this regard.
These requests will be made individually and requests made by unauthorized third parties regarding personal data will not be evaluated. If the Relevant Person has not reached the age of 18, the aforementioned rights can be exercised on behalf of the Relevant Person by the guardian or legal representative of the Relevant Person. In this case, the identity information of the guardian or legal representative must be added to the application along with documents proving the identity of the Relevant Person.
APPLICATION EVALUATION
Application response period:
Requests regarding personal data are finalized free of charge as soon as possible and within 30 (thirty) days at the latest, depending on the nature of the request. However, if the process requires an additional cost, a fee determined by the Personal Data Protection Board may be charged. Additional information and documents may be requested during the application or while the application is being evaluated.
Our right to reject the application:
Applications regarding personal data, including but not limited to the following;
Processing of personal data for purposes such as research, planning and statistics by making it anonymous with official statistics,
Processing of personal data for artistic, historical, literary or scientific purposes or within the scope of freedom of expression, provided that it does not violate the privacy of private life or personal rights or does not constitute a crime,
Processing of personal data made public by the Personal Data Owner,
The application is not based on a legitimate reason,
The application contains a request contrary to the relevant legislation,
The application procedure is not followed, in such cases, the reason for rejection is explained and rejected.
If the request is accepted, the relevant procedure is implemented and a notification is made in writing or electronically. In case of rejection of the request, the reason is explained and the applicant is notified in writing or electronically.
Right to complain to the Personal Data Protection Board:
In cases where the application is rejected, our response to the application is found insufficient or the response is not given in a timely manner; The applicant has the right to lodge a complaint with the Personal Data Protection Board within 30 (thirty) days from the date of learning the response and, in any case, within 60 (sixty) days from the date of application.