POLICY ON THE PROTECTION AND PROCESSING OF PERSONAL DATA
The purpose of this policy is to regulate the methods and principles to be followed in processing and protection in accordance with the Personal Data Protection Law to ensure that the personal data processed by Dema Röle Sanayi ve Ticaret A.Ş. (“Dema Röle”) are processed in a transparent, widespread and sustainable manner with the highest level of data security measures in line with the needs arising from the activities we carry out, and to guarantee the protection of the rights of the persons whose data is processed.
POLICY ON THE PROTECTION AND PROCESSING OF PERSONAL DATA / DEMA RÖLE SAN. VE TİC. A.Ş.
1. PURPOSE
The purpose of this policy is to regulate the methods and principles to be followed in processing and protection in accordance with the Personal Data Protection Law to ensure that the personal data processed by Dema Röle Sanayi ve Ticaret A.Ş. (“Dema Röle”) are processed in a transparent, widespread and sustainable manner with the highest level of data security measures in line with the needs arising from the activities we carry out, and to guarantee the protection of the rights of the persons whose data is processed.
2. SCOPE
The scope of this policy is the processes regarding the automatic processing of the personal data of the following data owners, or non-automatic processing provided that they are part of any recording system.
This policy does not apply to data that does not belong to real persons, in this context, personal data owners are as follows:
Emergency contact, Employee, Employee candidate, Third person referencing the employee candidate, Child dependent of the employee, Spouse of the Employee, Customer, Prospective Customer, Potential Product and Service Buyer, Intern, Supplier Employee, Attorney, Parent - Guardian - Representative, Visitor
3. DEFINITIONS
In the implementation of this policy;
Explicit consent: Consent on a specific subject, based on information and expressed with free will,
Anonymization: Making personal data incapable of being associated with an identified or identifiable natural person in any way, even by matching with other data,
Employees: Employees of Dema Röle Sanayi ve Ticaret A.Ş.,
Relevant person: The real person whose personal data is processed,
Law: Law on Protection of Personal Data No. 6698,
REM: Registered Electronic Mail,
Personal data: Any information relating to an identified or identifiable real person,
Processing of personal data: All kinds of operations carried out on the data, such as obtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, making available, classification of personal data or prevention of its use by fully or partially automatic means or non-automatic means provided that it is a part of any data recording system,
Personal Data Protection Unit: The unit created within Dema Röle Sanayi ve Ticaret A.Ş. for the protection and processing of personal data and execution of processes in accordance with legislation.
KVKIP: Policy on Protection and Processing of Personal Data of Dema Röle Sanayi ve Ticaret A.Ş
Board: Personal Data Protection Board,
Institution: Personal Data Protection Authority,
Sensitive Personal Data: Data on race, ethnicity, political opinion, philosophical belief, religion, sect or other beliefs, dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures, and biometric and genetic data,
Company/Our Company: Dema Röle Sanayi ve Ticaret A.Ş
Data processor: The natural or legal person who processes personal data on behalf of the data controller, based on the authority given by the data controller,
Data registration system: The registration system in which personal data is processed and structured according to certain criteria,
Data controller: The natural or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system,
means.
4. ROLES AND RESPONSIBILITIES
The Human Resource Manager is responsible for the execution of our Company's Personal Data Protection and Processing Policy. In addition, the Human Resource Manager is responsible for the preparation of the procedures, training documents and manuals issued in accordance with the relevant policy and for the execution of training activities. All company employees, units and departments are responsible for complying with the Personal Data Protection and Processing Policy of Dema Röle Sanayi ve Ticaret A.Ş.
5. PRINCIPLES
Dema Röle Sanayi ve Ticaret A.Ş. is based on the following principles when processing your personal data:
1) Personal data is processed in accordance with the law and in good faith:
Personal data are processed in accordance with the Constitution of the Republic of Turkey, the Law on the Protection of Personal Data No. 6698 and the relevant legislation in good faith.
2) Personal data is kept accurate and up-to-date when necessary:
Administrative and technical measures are taken and implemented to the extent technical possibilities allow, in order to ensure the up-to-dateness and accuracy of personal data during the processing.
3) Personal data are processed for specific, clear and legitimate purposes:
Personal data are processed for clear and legitimate purposes, which are clearly stipulated in the legislation, with the framework determined before starting the processing activity.
4) Personal data are processed in connection with the purpose for which they are processed, in a limited and measured manner:
The personal data is processed in accordance with the purpose for which they are processed, in the minimum amount necessary for the fulfillment of the relevant service, and the data outside this scope are not processed.
5) Personal data are stored for the period required by the relevant legislation or for the purpose for which they are processed:
Personal data is kept for the period stipulated in the legislation or required by the purpose of data processing. In the event that the period stipulated in the legislation expires or the purpose of processing disappears, personal data is deleted, destroyed or anonymized. Policies and procedures regarding data storage and disposal procedures have been established and implemented.
6) Personal data owners are informed:
Persons whose personal data are processed are informed about the purposes stipulated in the legislation, such as purpose of the data processing, with whom and why it will be shared, the collection method and legal basis of the data, and the storage period. Process-based clarification texts have been created for this. The rights of the personal data owners are also included in the clarification texts.
7) Explicit consent of data owners is obtained:
Explicit consent is obtained from the persons whose data will be processed, that they have given their consent without any hesitation, having sufficient knowledge of the subject regarding the processing of data, and data processing activities are carried out within the scope of the consent. In this regard, explicit consent texts have been created.
8) Necessary systems have been established for personal data owners to exercise their rights:
Necessary application forms have been created on the website (www.demarole.com.tr) for the persons whose personal data are processed to make the necessary applications and complaints, and guidelines regarding the application processes have been published.
9) Necessary measures are taken to protect personal data:
Necessary measures have been taken to ensure that there is no unauthorized access to personal data and that the data is only processed proportionately for legitimate purposes, and policies and procedures have been established for the operation of these measures.
10) In cases where personal data needs to be transferred to third parties, measures are taken and implemented in accordance with the relevant legislation and the regulations of the Board.
11) Necessary measures are taken and implemented for the processing and protection of sensitive personal data:
Dema Röle Sanayi ve Ticaret A.Ş. ensures a more comprehensive protection for the processing and preservation of sensitive personal data that may cause discrimination if they are not processed in accordance with the law, and data processing processes are carried out after it is determined that the processing conditions for these data are present. Policies and procedures have been established for the protection and processing of this data.
6. PERSONAL GROUPS WITH PERSONAL DATA PROCESSED
Within the scope of this policy, Dema Röle Sanayi ve Ticaret A.Ş processes the personal data of the following groups:
Emergency contact, Employee, Employee candidate, Third person referencing the employee candidate, Child dependent of the employee, Spouse of the Employee, Customer, Prospective Customer, Potential Product and Service Buyer, Intern, Supplier Employee, Attorney, Parent - Guardian - Representative, Visitor
7. PROCESSED PERSONAL DATA
Dema Röle Sanayi ve Ticaret A.Ş are processed the following types of data:
Criminal Conviction and Security Measures: Criminal Record
Other: Hobbies
Finance: Vehicle information, Debt information, Income information, IBAN number, Salary information, Motorcycle ownership information, Vehicle chassis number, Insurance branch, Insurance premium payment information
Physical Venue Security: Camera recordings
Audio and Visual Recordings: Audio recording
Contact: Address, Mobile phone, Working city-district information, e-mail address (Personal), e-mail address (Corporate), Home phone, Residence address, Work phone, Address living on leave, Telephone number, City of residence
Transaction Security: IP address information, website login and log out registration information, MAC address
Identity: Name, Mother's name, Date of discharge, Father's name, Gender, Date of birth, Place of birth, Photograph, First surname, Signature, Identity document number, Marital status, Identity card serial number, Registered province-district-neighborhood-village, Maiden surname, natural-in law-adoption information, SSI workplace number, SSI registration number, Surname, TR identity number, Nationality, Tax identification number, Degree of affinity
Professional Experience: Applied department, Computer knowledge, Working or not, Position name, Diploma information, Driver's license information, Section, Department, Date of employment, School information currently attended, Work experience, Job title, Occupation, In-service training information, Graduated high school, Graduated university, Graduation information, Graduation degree, Seminar/Educational information, Certificates, Foreign language knowledge
Customer Transaction: Order information
Personnel: Military status information, Date of employment, Reason for employment end, Date of employment end, Workplace registration number, Leave information, Leave reason, Leave type (Paid/Unpaid), Staff type, Working hours, Professional qualification level, Previous workplace, Company information
Marketing: Shopping history information
Health Information: Personal health information
8. PURPOSE OF PROCESSING PERSONAL DATA
Personal data relating to real persons are processed by Dema Röle Sanayi ve Ticaret A.Ş. for the following purposes.
Keeping Internet Access Logs According to the Law No. 5651, Execution of Emergency Management Processes, Execution of Employee Candidate / Intern / Student Selection and Placement Processes, Execution of Employee Candidates Application Processes, Employee Satisfaction and Loyalty Processes, Keeping Entry-Exit Records for Employees, Contract of Employment For Employees Execution of Obligations Originated from Legislation, Execution of Leave Processes for Employees, Execution of Benefits Processes for Employees, Realization of Employee's Recruitment Procedures, Execution of Employee Resignation Processes, Execution of Employee Salary Processes, Execution of Training Activities, Execution of Access Authorizations, Execution of Finance and Accounting Affairs, Ensuring Physical Venue Security, Performing Damage Repair Operations, Follow-up and Execution of Legal Affairs, Execution of Communication Activities, Execution / Supervision of Business Activities, Execution of Occupational Health / Safety Activities, Receiving and Evaluation of Suggestions for Improvement of Business Processes, Execution of Goods/Services After Sales Support Services, Execution of Goods/Services Sales Processes, Execution of Customer Relationship Management Processes, Execution of Activities for Customer Satisfaction, Performance Evaluation Processes, Execution of Advertising / Campaign / Promotion Processes, Informing the Customer about Sales and Service Processes, Follow-up of Requests / Complaints, Execution of Marketing Processes of Products / Services, Providing Information to Authorized Persons / Institutions and Organizations, Execution of Management Activities, Preparation and Follow-up of Visitor Records
9. PROCESSING PRINCIPLE OF PERSONAL DATA
During the collection of personal data, personal data owners are informed by Dema Röle Sanayi ve Ticaret A.Ş. about the purposes stipulated in the legislation, such as purpose of the data processing, with whom and why it will be shared, the collection method and legal basis of the data, and the storage period.
In cases where express consent is required in accordance with the Law during the collection or processing of personal data, explicit consent is obtained after informing the data owner.
Those who can access personal data physically or electronically within Dema Röle Sanayi ve Ticaret A.Ş. are determined by the authorization matrix and are kept in the personal information inventory. Authorized Dema Röle Sanayi ve Ticaret A.Ş. personnel can only access personal information within the scope of their authorization.
10. PROTECTION OF PERSONAL DATA
Necessary administrative and technical measures are taken to prevent the processing, access and disclosure of personal data processed by Dema Röle Sanayi ve Ticaret A.Ş. in violation of the relevant legislation.
In this context, a unit has been established within our Company in order to take and implement the necessary administrative and technical measures and ensure that the processes are carried out in accordance with the Law, and the following administrative and technical measures have been taken to protect personal data:
Administrative Measures Taken for the Protection of Personal Data:
1) There are disciplinary arrangements that include data security provisions for employees.
2) An authorization matrix was created for the employees.
3) Corporation policies on access, information security, use, storage and disposal were prepared and started to be implemented.
4) The authorizations of employees who have a change in duty or quit their job in this field are removed.
5) Extra security measures are taken for personal data transferred via paper and the relevant document is sent in confidential document format.
6) Personal data security policies and procedures have been determined.
7) Personal data security is monitored.
8) Necessary security measures are taken regarding entry and exit to physical environments containing personal data.
9) The security of physical environments containing personal data against external risks (fire, flood, etc.) is ensured.
10) The security of environments containing personal data is ensured.
11) Protocols and procedures for sensitive personal data security have been determined and implemented.
Technical Measures Taken for the Protection of Personal Data:
1) Network security and application security are provided.
2) A closed system network is used for personal data transfers via the network.
3) Key management is implemented.
4) Up-to-date anti-virus systems are used.
5) Firewalls are used.
6) Personal data is backed up and the security of the backed up personal data is also ensured.
7) User account management and authorization control system is implemented and also followed-up.
8) If sensitive personal data will be sent via e-mail, it must be sent in encrypted form and using REM or corporate mail account.
9) Secure encryption / cryptographic keys are used for sensitive personal data and are managed by different units.
10) Intrusion detection and prevention systems are used.
11) Penetration test is applied.
12) Cyber security measures have been taken and their implementation is constantly monitored.
13) Encryption is done.
In the process of processing personal data, in cases such as illegal processing of this data and unauthorized access, Dema Röle Sanayi ve Ticaret A.Ş. will promptly notify the Board and the relevant data owners in this regard.
11. MANAGEMENT STRUCTURE ESTABLISHED WITHIN OUR COMPANY TO PROTECT PERSONAL DATA
Personnel related to the Protection of Personal Data have been appointed by Dema Röle Sanayi ve Ticaret A.Ş. to fulfill the issues specified in this policy and to ensure that personal data processing processes are carried out in accordance with the legislation.
Protection of personal data, taking and implementing the necessary administrative and technical measures by Dema Röle Sanayi ve Ticaret A.Ş. are carried out by this unit on behalf of the data controller. If our company needs it, it can also have audits performed by audit firms other than itself. However, it is the responsibility of the relevant unit to monitor the results of the inspection and to take the necessary precautions.
12. TRANSFER OF PERSONAL DATA
General Terms of Transfer:
In accordance with the principles set forth in the Law and Articles 8 and 9 of the Law, the personal data of data owners within the scope of KVKİP can be transferred to the following groups of persons for the purposes specified. Dema Röle Sanayi ve Ticaret A.Ş.
In personal data transfers made by Dema Röle Sanayi ve Ticaret A.Ş, the conditions regarding the transfer of personal data set out in Articles 8 and 9 of the law are complied with, and personal data are transferred to third parties, provided that the explicit consent of the data owner is obtained. However, in exceptional cases specified in Articles 5.2 and 6.3 of the law, transfer may be made without express consent.
Data Transferred Parties and Purposes of Transfer:
In accordance with the law, it can be transferred to the following groups of people for the following purposes.
Realization of Private Pension (BES) transactions: Garanti Private Pension
Printing business cards for employees: Printing house
Salary transactions for employees: Garanti bank
Definition of authorization for employees: Business partner from whom IT service is obtained
Notification of employees starting work: SSI
Sending gifts for employees' special days: ciceksepeti.com
Sending Damage Repair information to the main supplier: Dema Röle San. ve Tic. A. Ş.
Taking legal support: Lawyer
Sending an informative message regarding business processes: The business partner sending the SMS
Transmitting customer and sales information to the main supplier: Dema Röle San. ve Tic. A. Ş.
Obligation to inform the Official Institution: Independent accountant, Ministry of Finance, SGK, TSE
Sending the sold products to the customer: Courier company
Providing information to the competent authorities upon request: Authorized public institutions and organizations
Sending E-mail for Promotion/Marketing: Email sending partner
Sending SMS for Promotion/Marketing: The business partner sending the SMS
Providing information about sponsorship activities to suppliers: Foreign suppliers
Transfer Abroad
Personal data to be transferred by Dema Röle Sanayi ve Ticaret A.Ş. can be transferred abroad in accordance with Article 9 of the law, with sufficient protection declared by the Board of the country to be transferred or if there is not enough protection in the relevant country, provided that the data controllers in Turkey and the relevant country undertake an adequate protection in writing and that the Board has permission.
13. METHOD OF COLLECTION OF PERSONAL DATA
For the purpose of checking the compliance with Article 1, which regulates the purpose of the Law, and Article 2, which regulates the scope of the Law, Personal Data are collected and processed via followa in accordance with the Law:
Purchase-Sales-Accounting documents (Invoice/e-Invoice), Documents showing military status (Military Service document), Documents showing bank account information, Printed forms (Training Participation Form, Work Order Form, Leave form, KVKK Policy Notification Form, MEB Internship Agreement, Orientation and On-the-Job Training Form, Personnel Recruitment Approval Form, Premium Motorcycle Code of Ethics, Meeting Minutes, Annual Paid Leave Registration Form, Debit Record, Visitor form), Computer program (Otosoft program, PERKOTEK Program), Criminal conviction Documents (Criminal Record Inquiry Document), Documents showing the employment history (SSI 4A service document), Petitions (Notice of acquittance, Resignation Petition), E-mail (E-mail), Documents required for additional payment (Family Status Notification Form, BES form) , Overtime Approval Certificate), Electronic forms, Contact persons (himself/herself), Website (https://premiummotorcycle.com/kariyer), Camera recordings, Card entry system records, Documents showing contact information (Photocopy of Identity Card (Old), Photocopy of Identity Card (New), CV Form), Log records (Internet access logs), Documents showing graduation (Copy of Diploma), Documents showing CV (Eleman.net, Kariyer.net), Documents showing the personnel information (Personnel file), Declarations given to official institutions (SSI employment notice, SSI dismissal notice), Documents issued by official institutions (Vehicle license, Professional qualification certificate, Driver's license), Documents issued by health institutions (Blood group card photocopy, Health report), Insurance and Automobile documents (Insurance Policy), Social media, Contract (Indefinite Term Service Agreement), Telephone call records (Company mobile phone), Uyumsoft (Otosoft) Program, Documents showing the place of residence (Residence Certificate, NVI (Population Administration System) Address Document, Place of Residence and Other Address Document).
14. PERSONAL DATA STORAGE PERIOD
Dema Röle Sanayi ve Ticaret A.Ş. determines the storage period of personal data in accordance with the relevant legislation, taking into account the purposes of processing the data and the statute of limitations.
If the purpose of data processing disappears or there is no legal reason to keep the data, they are deleted, destroyed or anonymized according to the types of data. It is ensured that third parties to whom personal data transferred are deleted this data.
Dema Röle Sanayi ve Ticaret A.Ş. does not store personal data considering the possibility of future use.
15. DELETING, DESTROYING OR ANONYMIZING PERSONAL DATA
Without prejudice to the provisions of other laws regarding the deletion, destruction or anonymization of Personal Data, in case the reasons requiring the processing of personal data disappear, the relevant data is deleted, destroyed or anonymized by our Company ex officio or upon the request of the data owner.
With the deletion of personal data, these data are deleted from the tools such as documents, files, CDs, floppy disks, hard disks, in which the data is recorded, in such a way that they cannot be recycled and reused.
With the destruction of personal data, materials suitable for data storage such as documents, files, CDs, floppy disks, hard disks, in which the data is recorded, are destroyed so that the information cannot be retrieved and used again.
By anonymizing the data, it becomes impossible to associate personal data with an identified or identifiable real person, even if it is matched with other data.
These processes are carried out in the periods detailed in our Company's Data Storage and Disposal Procedure, depending on the type of data.
16. RIGHTS OF PERSONAL DATA OWNERS AND PROCEDURE FOR THE USE OF THEIR RIGHTS
Rights of persons whose personal data are processed:
• To get information whether personal data about himself/herself is processed,
• If personal data about him/her has been processed, requesting information about it,
• To get information about the purpose of processing personal data and whether they are used in accordance with the purpose,
• To get information about the third parties to whom personal data is transferred in the country or abroad,
• Requesting correction of personal data in case of incomplete or incorrect processing,
• Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in the relevant legislation,
• Requesting notification of the transactions made as a result of correction, deletion and destruction requests to third parties to whom personal data has been transferred,
• Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,
• Requesting the compensation of the damage in case of loss due to unlawful processing of personal data.
Use of rights:
Data owners can exercise their above-mentioned rights through the “Form Regarding Applications to be Made by Personal Data Owners to the Data Controller” available at https://www.demarole.com.tr.
• After filling the relevant form, it can be sent to our address of Zümrütevler Mah. Ataturk Cad. İnanç Sok. No:4 Maltepe/Istanbul by hand with wet signature, via a notary public or by registered letter with return receipt.
• The completed form can be signed with a secure electronic signature and sent to our REM address demarole@hs01.kep.tr.
In order to verify that the applicant is the relevant data owner, information may be requested from the applicant and questions may be asked about his/her application.
Third parties can apply on behalf of the data owner if there is a power of attorney issued through a notary public and contains a clear authorization that the third party can apply.
No fee is charged from the data owner for the application. However, if the transaction requires additional costs, the fee determined by the Board may be collected.
Procedures upon application:
Dema Röle Sanayi ve Ticaret A.Ş. responds to data owners who apply in accordance with the Communiqué on Application Procedures and Principles to the Data Controller as soon as possible and within thirty (30) days at the latest, in accordance with the Law. In applications that are not made in accordance with the relevant communiqué, this issue is notified to the applicant.
In cases where the application of the data owner is likely to interfere with the rights and freedoms of other persons, the information requested is public, and the request requires disproportionate effort, the application may be rejected by explaining the reason.
Cases outside the scope of application:
As the following situations are not covered according to Article 28 of the Law, personal data owners cannot claim their rights in these following matters:
• Processing of personal data by real persons within the scope of activities related to themselves or family members living in the same residence, provided that they are not given to third parties and that the obligations regarding data security are complied with.
• Processing personal data for purposes such as research, planning and statistics by making them anonymous with official statistics.
• Processing of personal data for art, history, literature or scientific purposes or within the scope of freedom of expression, provided that it does not violate national defense, national security, public security, public order, economic security, privacy of private life or personal rights or constitute a crime.
• Processing of personal data within the scope of preventive, protective and intelligence activities carried out by public institutions and organizations authorized by law to ensure national defense, national security, public safety, public order or economic security.
• Processing of personal data by judicial authorities or execution authorities in relation to investigation, prosecution, trial or execution proceedings.
Except for the right to demand the compensation of the damage pursuant to Article 28/2 of the Law, personal data owners cannot claim their rights in the following cases:
• The processing of personal data is necessary for the prevention of crime or for criminal investigation.
• Processing of personal data made public by the relevant person.
• If personal data processing is necessary for the execution of supervisory or regulatory duties and for disciplinary investigation or prosecution by authorized and competent public institutions and organizations and professional organizations in the nature of public institution, based on the authority granted by the law.
• The processing of personal data is necessary for the protection of the economic and financial interests of the State with regard to budgetary, tax and financial matters.
17. UPDATING AND PUBLISHING THE POLICY
This policy may be updated in order to adapt to changing conditions and legislation. The most up-to-date version of the policy is published on the https://www.demarole.com.tr website, accessible to personal data owners. Changes made to the policy are shown in the version information section at the end of the document.
18. CONTACT INFORMATION
Address: Zümrütevler Mah. Ataturk Cad. İnanç Sok. No:4 Maltepe/Istanbul
Phone: 0216 352 77 34
E-Mail: info@demarole.com.tr
REM (Registered Electronic Mail): demarole@hs01.kep.tr
DEMA RÖLE SANAYİ VE TİCARET A.Ş. CLARIFICATION TEXT
As Dema Röle Sanayi ve Ticaret A.Ş. (“Dema Röle”), we present the clarification text that we have prepared in accordance with Article 10 of the Law on the Protection of Personal Data No. 6698 (“Law”) and which contains information about the company's personal data processing activities, to the public and relevant persons;
ARTICLE 1: DATA CONTROLLER
Your personal data may be processed within the scope described below, by Dema Röle Sanayi ve Ticaret A.Ş. (“Dema Röle”) in the capacity of data controller. Data controller; is the natural or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system.
You can use the following channels to contact the data controller:
Address: Zümrütevler Mah. Atatürk Cad. İnanç Sok. No:4 Maltepe/Istanbul
Phone: 0216 352 77 34
E-mail: info@demarole.com.tr
Website: www.demarole.com.tr
ARTICLE 2: PURPOSE OF PROCESSING PERSONAL DATA
Personal data is processed by us for the following purposes:
a- Carrying out human resources processes
b- Ensuring corporate communication
c- Ensuring company security
d- Able to perform statistical studies
e- Able to perform work and transactions as a result of signed contracts and protocols
f- Ensuring the fulfillment of legal obligations as required or mandated by legal regulations
g- Liaising with real / legal persons having a business relationship with the company
h- Making legal reports
i- Managing call center processes
j- Fulfilling the burden of proof as evidence in legal disputes that may arise in the future
k- Execution/follow-up of company legal affairs
ARTICLE 3: RECEIVING PARTIES OF PERSONAL DATA AND THE PURPOSE OF TRANSFER
Personal data regarding customers can be shared with business partners and suppliers of the company, legally authorized institutions and organizations and legally authorized private law legal entities for the purposes of planning and executing the activities required to recommend and promote the products and services offered by the company to the relevant persons by customizing them according to the tastes, usage habits and needs of the relevant persons, carrying out the necessary work and the relevant business processes by the business units in order to benefit the relevant persons from the products and services offered by the company, carrying out the necessary work by the relevant business units for the realization of the commercial activities carried out by the company, planning and execution of the Company's commercial and/or business strategies and ensuring the legal, technical and commercial-occupational safety of the persons who have a business relationship with the Company, within the framework of the personal data processing conditions and purposes specified in Articles 8 and 9 of the Law.
ARTICLE 4: PERSONAL DATA COLLECTION METHODS AND LEGAL REASONS
Personal data are collected through electronic media such as information and request forms on the website, mobile applications and social media, and applications downloaded to smartphones or in physical environments. The legal reasons for the collection and processing of personal data are as follows:
a- Storing personal data as it is directly related to the establishment and performance of contracts,
b- Storing personal data for the purpose of establishing, exercising or protecting a right
c- If it is obligatory to keep personal data for the legitimate interests of the company, provided that it does not harm the fundamental rights and freedoms of individuals.
d- Storing personal data for the purpose of fulfilling any legal obligations of the company
e- The legislation clearly stipulates the storage of personal data
f- If there is explicit consent of data owners in terms of storage activities that require the explicit consent of data owners.
ARTICLE 5: RIGHTS OF THE RELEVANT PERSON
The real person whose personal data is processed is defined as the relevant person and has the following rights regarding himself/herself by applying to the company:
a- To get information whether personal data about himself/herself is processed
b- If personal data about him/her has been processed, requesting information about it
c- To get information about the purpose of processing personal data and whether they are used in accordance with the purpose
d- To get information about the third parties to whom personal data is transferred in the country or abroad
e- Requesting correction of personal data in case of incomplete or incorrect processing
f- Requesting the deletion or destruction of personal data
g- Requesting notification of the transactions made as a result of correction, deletion and destruction requests to third parties to whom personal data has been transferred
h- Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems
i- Requesting the compensation of the damage in case of loss due to unlawful processing of personal data
Best regards;
DEMA RÖLE SANAYİ ve TİCARET A.Ş.
APPLICATION FORM BY THE PERSONAL DATA OWNER TO THE DATA CONTROLLER (FOR DEMA RÖLE SANAYİ VE TİCARET A.Ş.) IN ACCORDANCE WITH PERSONAL DATA PROTECTION LAW NO. 6698
Thanks to the Article 11 of the Personal Data Protection Law No. 6698 (KVKK), personal data owners have been granted the right to apply to the data controller who processes their data, to make a request regarding themselves.
The applications to be made within this scope to our company, which is the data controller, must be done in writing in accordance with the Article 13 of the KVKK and by other methods to be determined by the Personal Data Protection Board. It was stated that applications shall be forwarded to the data controller in writing or by registered electronic mail (REM) address, secure electronic signature, mobile signature according to the Article 5 of the Communiqué on the Procedures and Principles of Application to the Data Controller, which regulates the application methods, or by using the e-mail address previously notified to the data controller by the related person and registered in the data controller's system, or by means of a software or application developed for application purposes.
In order to benefit from the right to apply, your application must include the following elements:
1- The application must be in Turkish.
2- Name, Surname, and if the application is in writing, signature.
3- For citizens of the Republic of Turkey, T.R. identity number, for foreigners, passport number or if any, identity number.
4- Specifying the place of residence or workplace address for notification.
5- E-mail address, telephone and fax number for notification, if any.
6- Subject of application.
Your applications will be answered free of charge as soon as possible and within thirty days at the latest. However, if the transaction requires additional costs, the fee determined by the Board may be collected.
Our answers will be sent to you in writing or electronically in accordance with Article 13 of the KVKK.
In case the applications are in writing, the application date is delivery date of the documents to our company, and in the applications made by other methods, the date on which the application reaches our company.
Our contact information to submit your application are as follow according to the application method:
Application Method | Application Address |
Written application | Zümrütevler Mah. Atatürk Cad. İnanç Sok. No:4 Maltepe/İstanbul |
Via notary public | |
Via REM (Registered Electronic Mail) (It must be signed with a secure electronic signature) |
ANNEX-1 PERSONAL DATA OWNER APPLICATION FORM
A-Applicant Contact Details:
Name |
|
Surname |
|
T.R. Identity Number |
|
Nationality (For Foreigners) |
|
Passport number (For foreigners) |
|
Address |
|
| |
Phone number |
|
Fax number |
|
B. Please indicate your relationship with our company regarding the processing of your personal data
(such as Employee, Job Applicant, Customer, Visitor, Supplier)
................................................................................................................................................................................
C. Your request within the scope of your application (Please explain in detail)
................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
D. Information and documents related to your application (must be attached to the application)
1- ...............................................................................................................................................................
2- ........................................................................................................................................................
3- ...............................................................................................................................................................
4- ..............................................................................................................................................................
5- .............................................................................................................................................................
E. Choose the answering method for your application:
☐ I want it delivered to my address.
☐ I want it delivered to my e-mail address.
☐ I would like to receive it in person.
It is important that the information in the form is correct and complete so that your application can be answered correctly and within the legal period. Otherwise, your application may be rejected. Our company may request additional documents and information in order to prevent unauthorized data access and to process your application. In applications to be made with a proxy, a notarized power of attorney or a certificate of authorization must be submitted.
Applicant's
Name and surname :
Application date :
Signature :
To whom it May concern;
Dema Role San. . and Tic. Inc. presents this lighting text to you.
Purposes of Processing and Legal Reasons for Processing:
Your recorded camera data is used for the legal reasons and for the purposes stated below.
Your Processed Personal Data:
Physical Venue Security: Camera recordings
Methods of Obtaining and Storing Your Personal Data: Your personal data is collected through camera recordings in fully automatic ways and stored in HDD media.
Purposes of Processing Your Personal Data:
Your collected personal data can be processed for the purposes of Providing Physical Space Security, based on the legal conditions of being mandatory for the legitimate interests of the Data controller specified in the Personal Data Protection Law (KVKK 5/2.f. paragraph).
Transfer of Your Personal Data: Personal data of Employees, Employees, Customers, Customers, Trainees, Supplier Employees, Visitors obtained during the management of the camera recordings are not shared with third parties.
Your Rights Enumerated in Article 11 of KVKK as Data Owner:
Your rights in Article 11 of the KVKK regarding the processing of your personal data are as follows:
a) Learning whether personal data is processed or not,
b) If personal data has been processed, requesting information about it,
c) The purpose of processing personal data and whether they are used in accordance with the purpose
learning,
ç) To know the third parties to whom personal data is transferred in the country or abroad,
d) Requesting correction of personal data in case of incomplete or incorrect processing,
e) Deletion or destruction of personal data within the framework of the conditions stipulated in Article 7
do not want to,
f) Transactions carried out pursuant to subparagraphs (d) and (e) are to third parties to whom personal data is transferred.
request notification,
g) By analyzing the processed data exclusively through automated systems,
to object to the emergence of a result against him,
ğ) In case of loss due to unlawful processing of personal data,
requesting removal,
You can submit your applications for your rights listed above to the registered e-mail address (demarole@hs01.kep.tr) by using the Form Regarding the Applications to be Made to the Data Controller by Personal Data Owners at www.demarole.com.tr, or to Zümrütevler Mah. Ataturk Cad. Faith St. No:4 Maltepe/Istanbul in writing. Dema Relay San. and Tic. A.Ş will conclude your request free of charge as soon as possible and within thirty (30) days at the latest, depending on the nature of the request. However, if the transaction requires an additional cost, the fee determined by the Personal Data Protection Board will be charged by us.
Dema Relay Industry and Trade Inc. contact information:
Data controller: Dema Relay Industry and Trade Inc.
Phone number: 0216 352 77 34
KEP (Registered Electronic Mail) address: demarole@hs01.kep.tr
Website: www.demarole.com.tr
