CLARIFICATION TEXT IN THE FRAMEWORK OF THE PERSONAL DATA PROTECTION LAW OF DT TECHNOLOGY GROUP
This clarification text has been prepared by DT Technology Group as the data controller within the scope of the Article 10. of the Law on the Personel Data Protection No.6698 and the Communiqué on the Procedures and Principles for Fulfilling the Disclosure Obligation.
1. Identity of the Data Supervisor:
Your personal data, as the data controller, is DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. in accordance with the Personal Data Protection Law No.6698, within the scope described below.
2.Purpose of Processing Personal Data:
- Communicating with you,
- Informing about products by means such as e-mail and online advertising,
- Presenting special campaigns for you, promotional activities related to our products and services,
- Confirmation of the search, information about our company’s services and campaigns, and conducting consultation processes,
- Activity of marketing,
- Communication in pre-contract negotiations
will be processed for its purposes.
3.To Whom and For What Purpose Your Personal Data Can Be Transferred:
In order to carry out marketing operations in order to present your personal data, products and services in a better way and to communicate with you within the framework of all kinds of information, promotion, advertisement and other purposes; It will be shared with our business partners providing call center services, sms and mailing companies, limited to Google and Facebook abroad within the framework of advertising activities, and with our other branches located in Turkey due to the use of common servers and our company’s common global server located abroad.
4. Method and Legal Reason for Collecting Personal Data:
Your personal data you provide in the internet application form will be sent to KVKK Art. Based on the legal reasons that data processing is mandatory for the legitimate interests of the data controller, provided that the concept of explicit consent in 5/1 and the fundamental rights and freedoms of the data subject is not harmed, it will be transferred to the electronic archive and information systems of DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. and kept under automatic means in digital environment.
5.Your Rights Under KVKK:
Without prejudice to the conditions stipulated in Article 28 of the KVKK titled “Exceptions”, your rights within the framework of Article 11 of the Law;
By applying to our institution,
- Learning whether your personal data is being processed,
- If your personal data has been processed, to request information regarding this,
- Learning the purpose of processing your personal data and whether it is used in accordance with its purpose,
- To know the third parties to whom your personal data has been transferred domestically or abroad,
- Requesting correction of your personal data if it is incomplete or incorrectly processed,
- To request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the Law,
- To request the third parties to whom your personal data is transferred to be notified of the transactions made pursuant to subparagraphs (d) and (e) above,
- Object to the occurrence of a result against you due to the analysis of your personal data exclusively with automated systems,
- In case you suffer damage due to unlawful processing of your personal data, you have the right to demand the compensation of the damage.
As personal data owners, you can send your requests regarding your rights (www.dtbilisimgrubu.com) with the “Data Owner Application Form” shared on the internet address in written or registered e-mail address (firstname.lastname@example.org), secure electronic signature, mobile signature or If you submit your identity in a verifiable form using the e-mail address previously notified by the relevant person and registered in his system, our company will finalize the request as soon as possible and free of charge within thirty days at the latest, depending on the nature of the request. However, if the transaction requires an additional cost, the fee in the tariff determined by the Personal Data Protection Board will be charged.
COOKIES USED ON OUR WEBSITE
What is a Cookie and Why is it Used?
Cookies are small text files stored by websites you visit on your device or network server through browsers.
The main purposes of using Cookies on our website are listed below:
- To improve the services offered to you by increasing the functionality and performance of the website,
- To improve the website and to offer new features on the website and to personalize the offered features according to your preferences;
- To ensure the legal and commercial security of the website, you and our company.
Types of Cookies Used on Our Website
Session Cookies are temporary Cookies used during the visits of our visitors to the Website and deleted after the browser is closed.
The main purpose of using such Cookies is to ensure the proper functioning of the Website during your visit.
For example; It is provided for you to fill in online forms consisting of more than one page.
Permanent Cookies are the types of Cookies used to increase the functionality of the Website and to provide a faster and better service to our visitors.
These Cookies are used to remember your preferences and are stored on your device via browsers.
Some types of Permanent Cookies; It can be used to offer you special suggestions, taking into account matters such as your purpose of using the Website.
Thanks to Permanent Cookies, if you visit our Website again with the same device, it will be checked whether there is a Cookie created by our Website on your device, and if there is, it will be understood that you have visited the site before and the content to be transmitted to you is determined accordingly and thus a better service is provided to you.
Technical Cookies ensure the operation of the website, and the pages and areas of the website that are not working are determined.
If visitors login to the website using their passwords, such Cookies are used to determine that the visitor is a site user on each page they visit on the website, and the user is prevented from re-entering his/her password on each page.
Cookie types used to enable image or audio content on the website.
Cookies used to remember users’ preferences when visiting different pages of different websites. For example, remembering your chosen language preference.
Cookies that enable the production of analytical results such as the number of visitors to the website, the detection of the pages displayed on the website, the website visiting hours, and the scrolling movements of the website pages.
How do we use third party cookies?
We work with some third party suppliers who set cookies for you on your device when you visit DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti.‘s site so that they can offer you the services they provide. For detailed information about these cookies and how you can opt out of receiving these cookies, see the relevant sections below.
When you visit DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti.‘s site, you can receive cookies from third party websites or domains. We are working to define these cookies before they are put into use so that you can decide whether to accept cookies or not. Detailed information about these cookies may be available on the relevant third party website.
By changing the settings of your browser, you have the opportunity to customize your preferences for Cookies.
During the work to be carried out by DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti., the name, surname etc. of employees, visitors, customers, collected or acquired in any way, in verbal, written or digital media All personal information and content such as Confidential Information (briefly Information) falls under the definition.
The information is protected by high security and confidentiality standards; All necessary security measures are taken to prevent unauthorized access to user information.
Name, surname, etc. received from the participant through the application. The information is received by DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. and will not be disclosed to third parties except for the following cases;
1. Law, Decree Law, Regulation etc. Complying with the obligations imposed by the legal rules issued and in force by the competent legal authority,
2. Requesting information about users for the purpose of a research or investigation carried out by the competent administrative and judicial authority,
3. If requested by legally authorized institutions and organizations, this information will be forwarded to the authorities.
- Purpose of the Policy
The purpose of our personal data storage and destruction policy is to reveal the philosophy, purpose and action plan we will follow in our processes of determining, deleting, destroying and anonymizing the maximum time required for the purpose of processing personal data as a data controller. In this context, our aim is to provide our employees, whose personal data we process, our administrative staff, our visitors and the companies we cooperate with, and DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. to enlighten all third parties in relation to the processing of their data and their rights, and to act respectfully to personal data and therefore to private life by ensuring transparency in this regard.
- Basis of the Policy
Our policy is based on the Law on the Protection of Personal Data dated 7.4.2016 and numbered 6698 (KVK K. numbered 6698) and the “Regulation on the Deletion, Elimination or Anonymization of Personal Data, which was published in the Official Gazette dated 28.10.2017 and numbered 30224. (Regulation) has been created as a requirement of Articles 5 and 6.
- Scope of the Policy
Our policy is to inform our employees, administrative staff, visitors and the institutions we cooperate with and DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. All natural and legal persons in legal relationship with and their KVKK numbered 6698. It includes all personal data with and without special nature defined by. As stated in KVKK numbered 6698, the policy also covers personal data in systems where data is processed completely or partially automatically or non-automatic, provided that it is a part of any data recording system. Unless otherwise stated in the policy, personal data and special quality personal data will be referred to as “Personal Data” together.
Related person: The real person whose personal data is processed,
Personal data: All kinds of information regarding an identified or identifiable natural person,
Personal data of special nature: Data on race, ethnicity, political opinion, philosophical belief, religion, sect or other beliefs, dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures and biometric and their genetic data,
Explicit consent: Consent regarding a specific subject, based on information and disclosed with free will. Data controller: Real or legal person who determines the purposes and means of processing personal data, and who is responsible for the establishment and management of the data recording system.
Processing of personal data: Obtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, making available, by means of non-automatic means, provided that personal data are fully or partially automated or are part of any data recording system, All kinds of operations performed on data such as classification or prevention of use,
Destruction: Deletion, destruction or anonymization of personal data,
Personal data storage and disposal table: Table showing the periods during which personal data will be kept at DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti.,
Personal data processing inventory: Personal data processing activities carried out by data controllers depending on the business processes; the inventory they have created by associating with the personal data processing purposes, the data category, the recipient group transferred and the data subject group, and elaborated by explaining the maximum period required for the purposes for which the personal data is processed, the personal data foreseen to be transferred to foreign countries and the measures taken regarding data security,
Deletion of personal data: The process of making personal data inaccessible and unavailable in any way for the relevant users,
Destruction of personal data: The process of making personal data inaccessible, retrieved and reusable by anyone,
Anonymization: Making personal data unrelated to an identified or identifiable natural person under any circumstances, even if they are matched with other data,
Periodic destruction: The process of deletion, destruction or anonymization specified in the personal data storage and destruction policy and to be carried out ex officio at repetitive intervals, in case all of the personal data processing conditions in the Law are eliminated,
Data recording system: The recording system in which personal data are structured and processed according to certain criteria,
Board: Personal Data Protection Board expresses.
- General Principles Based on the Policy
Data controller DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. acts within the framework of the following principles in the processing of data.
- Personal data can only be processed in accordance with the procedures and principles stipulated in KVKK no.
It is mandatory to comply with the following principles in the processing of personal data:
a) To comply with the law and good faith.
b) Being accurate and up-to-date when necessary.
c) Processing for specific, explicit and legitimate purposes.
d) Being connected, limited and restrained for the purpose for which they are processed.
e) Being kept for the period stipulated in the relevant legislation or required for the purpose for which they are processed.
- Recording Media Regulated by the Policy
All kinds of media containing personal data that are fully or partially automated or processed in non-automatic ways, provided that it is a part of any data recording system, is within the scope of the recording medium.
- Duties and Powers of the Personal Data Protection Committee
- The Personal Data Protection Committee is responsible for announcing this Policy to the relevant business units and monitoring the fulfillment of the requirements by DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. units.
- The Personal Data Protection Committee makes the necessary announcements and notifications for the relevant business units to follow up the legislative changes regarding the protection of personal data, the regulatory actions and decisions of the Personal Data Protection Board (Board), court decisions or changes in processes, applications and systems, and to update their business processes if necessary. .
- Personal Data Protection Committee KVKK numbered 6698. and secondary regulations as well as the decisions and regulations of the Board, court decisions and other competent authorities’ decisions and / or requests.
- What To Do When The Conditions For The Processing Of Personal Data Come Out
- The disappearance of the purpose element for the processing of personal data, the revocation of express consent, or the disappearance of all 3 of the personal data processing conditions specified in Articles 5 and 6 of KVK Law No.6698 or a situation where none of the exceptions in the mentioned articles can be applied. In the event that the processing conditions are lifted, the personal data are deleted, destroyed or anonymized by the relevant business unit by explaining the reason for the applied method within the scope of Articles 7 to 10 of the Regulation, taking into account the business needs. However, in case of a final court decision, it is obligatory to apply the method of destruction ordered by the court decision.
- All users who process or store personal data and data owner DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. units will review whether the conditions related to processing have disappeared or not, in the data recording media they use, within six months at the latest. Upon the application of the personal data owner or the notification of the Board or a court, the relevant users and units will make this review of the data recording media they use, regardless of the periodic inspection period.
- As a result of periodic reviews or when it is determined that the data processing conditions have disappeared at any time, the relevant user or data owner will decide to delete, destroy or anonymize the relevant personal data from the recording media under his responsibility, in accordance with this policy. In case of doubt, action will be taken in consultation with the relevant data owner business unit. When it is necessary to take a decision regarding the destruction of personal data with multi-stakeholder data in the Central Information Systems, the opinion of the Personal Data Protection Committee will be taken and the data owner business regarding the storage or deletion, destruction or anonymization of the personal data in accordance with this policy. It will be decided by the unit.
- All transactions regarding the deletion, destruction or anonymization of personal data are recorded and the said records are kept for at least one year, excluding other legal obligations.
- In accordance with Articles 4 and 7 of the Regulation, the methods applied for the deletion, destruction and anonymization of personal data will be explained in the Data Destruction Procedure to be published after the entry into force of this Policy.
- In the deletion, destruction or anonymization of personal data, comply with the general principles in Article 4 of KVKK No.6698 and technical and administrative measures to be taken within the scope of Article 12, relevant legislation provisions, Board decisions and personal data storage and destruction policy is required.
- When the natural person who owns a personal data applies to DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. pursuant to Article 13 of KVKK No.6698, requests the deletion, destruction or anonymization of his personal data, the relevant data owner business unit, examines that it is not up. If all the processing conditions have disappeared; deletes, destroys or anonymizes the personal data subject to the request. In this case, as the details are determined in the Data Destruction Procedure; The request is concluded within thirty days at the latest from the date of application and the applicant is informed through the relevant board. If all the conditions for processing personal data have disappeared and the personal data subject to the request has been transferred to third parties, the relevant data owner business unit immediately notifies the third party to whom the transfer is made and ensures that the necessary actions are carried out in the context of the Regulation.
- In cases where all the conditions for processing personal data are not eliminated, the requests of personal data owners for deletion or destruction of their data may be rejected by DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. by explaining the justification in accordance with Article 13, paragraph 3 of KVK Law No. 6698. The rejection response is notified to the relevant person in writing or electronically within 30 days at the latest.
- Requests for deletion or destruction of personal data will only be considered on the condition that the identity of the person concerned is identified. In requests to be made outside of the aforementioned channels, the relevant persons will be directed to channels where identification or verification can be made.
- Enforcement of the Policy, Violations and Sanctions
- This Policy will come into effect by being announced to all employees and will be binding for all business units, consultants, external service providers and anyone who processes personal data before DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti..
- It will be the responsibility of the supervisors of the relevant employees to monitor whether DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. employees comply with the requirements of the Policy. When violations of the policy are detected, the issue will be reported immediately by the relevant employee’s supervisor to a higher supervisor. If the violation is of a significant extent, the Personal Data Protection Committee will be informed without delay by the supervisor.
- The necessary administrative action will be taken about the employee who acts in violation of the policy, after the evaluation by the Human Resources unit.
- By DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. in order to fulfill the policy requirements; All necessary security measures are taken, including the measures prescribed by the ISO standard and all relevant ministries.
- Persons to Take Part in Personal Data Storage and Destruction Processes and Their Responsibilities
All employees, consultants, external service providers and others who store and process personal data before DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. are responsible for fulfilling the requirements of the Regulation of KVKK numbered 6698 and this Policy within DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti.. Each business unit is obliged to store and protect the data produced in its own business processes; However, if the data produced is only in information systems beyond the control and authority of the business unit, the said data will be stored by the units responsible for the information systems. Periodic destructions that will affect business processes and cause data integrity to deteriorate, data loss and results contrary to legal regulations will be made by the relevant information systems departments, taking into account the type of personal data, the systems in which it is located and the data owner business unit.
- Personal Data Storage and Destruction Periods
Storage and Destruction Periods of Personal Data are listed below. The storage and disposal periods in question will be taken into account in periodic destruction or destruction operations to be carried out upon request. It will be updated by the business units that own the processes to be included in the Table Showing the Personal Data Storage and Destruction Times, in case of hesitation, taking into account the evaluation of the Personal Data Protection Committee.
6098 numbered TPC article 146 : 10 Years
Relevant Legislation : For the prescribed period
- Periodic Destruction Periods
Periodic Disposal of Personal Data is determined by the relevant business units that have the data. This period cannot exceed 6 (six) months in any case.
The policy will enter into force as of the date of publication.
It is the responsibility of the Personal Data Protection Committee to announce the policy throughout DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. and to make the necessary updates.
- General Information Regarding Your Application Right:
In accordance with Article 11 of the Personal Data Protection Law No. 6698, you can make the following requests by applying to DT Telekomünikasyon Bilişim ve Dayanıklı Tüketim Malları Servis Hizm. Turizm ve İnşaat Tic.Ltd.Şti. (“Company”) as a data owner:
- To learn whether your Personal Data is processed or not
- If your personal data has been processed, to request information regarding this,
- To learn the purpose of processing your personal data and whether they are used in accordance with their purpose,
- To learn the third parties to whom your personal data has been transferred domestically or abroad,
- To request correction of your personal data in case of incomplete or incorrect processing and to request notification of the transaction made within this scope to third parties to whom personal data have been transferred,
- To request deletion, destruction or anonymization of your personal data in the event that the reasons requiring its processing disappear, despite the fact that it has been processed in accordance with the provisions of Law No. 6698 and other relevant laws, and to request notification of the transaction made within this scope to third parties to whom personal data has been transferred,
- To object to the emergence of a result against you by analyzing your processed data exclusively through automated systems,
- To request the compensation of the damage in case you suffer damage due to unlawful processing of your personal data.
- Application Method:
In accordance with Article 13 of the Law and Article 5 of the Communiqué on Application Procedures and Principles to the Data Officer, you can send your requests under Article 11 of the Law on the Protection of Personal Data no. You can contact us using your signature or your e-mail address that you have previously notified.
Your applications submitted to us will be answered within 30 days at the latest from the date of your request, according to the nature of the request, in accordance with paragraph 2 of Article 13 of the law. Our responses will be delivered to you in written or electronic form in accordance with the provision of Article 13 of the relevant law.
Written Application : Çavuşbaşı Cumhuriyet Caddesi no: 391 Beykoz / İstanbul
Application via KEP : email@example.com
Application by e-mail : firstname.lastname@example.org