Clarification Text
CLARIFICATION TEXT
ON THE PROTECTION AND PROCESSING OF PERSONEL DATA RELATING TO GURIS TEKNOLOJI A.Ş.
As Güriş Teknoloji A.Ş. (“Data Controller“); the confidentiality and security of your personal data is given importance and the principles of securing the fundamental rights and freedoms guaranteed by the Constitution, especially the right to privacy, are observed with utmost sensitivity.
In accordance with the provisions of the Protection of Personal Data Law No. 6698, Güriş Teknoloji A. Ş. may process the following categories of personal data: name, surname, ID number, address, place of birth, date of birth, and other similar information. Additionally, Güriş Teknoloji A. Ş. may process any information or documents containing special data, including health information, biometric and genetic information, disguise, association, foundation, trade union membership, criminal conviction, data on security measures, religious, ethnic, and other similar data. Güriş Teknoloji A. Ş. may process the data as a Data Controller in accordance with the relevant regulations. This may include processing, recording, storing, updating and maintaining the data in order to continue providing services, transferring the data to third parties, sharing the data and anonymising it.
Güriş Teknoloji A.Ş. implements all necessary administrative and technical measures to ensure the protection of personal data in accordance with relevant laws and regulations. In accordance with the Protection of Personal Data Law No. 6698 (“Law”), personal data is processed in accordance with the law and the principle of honesty. The accuracy of the data is ensured and updated when necessary. It is ensured that data are processed for specific, explicit and legitimate purposes, that they are relevant, limited and proportionate to the purpose for which they are processed, and that they are retained for the period stipulated in the relevant legislation or required for the purpose for which they are processed.
If the processed data is sensitive personal data as defined in the Law, personal data other than health and sexual life may be processed without the explicit consent of the data subject in cases stipulated by laws. Personal data relating to health and sexual life may only be processed without the explicit consent of the data subject by persons under the obligation of confidentiality or authorised institutions and organisations for the purposes of protecting public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing.
Purposes and Legal Reasons for Processing Personal Data
In order to use your personal data in the necessary processes, all information and documents are processed within the conditions and purposes specified in Articles 5 and 6 of the Law. These purposes include fulfilment, maintenance, execution, development, protection and supervision of commercial data, invitation, promotion, campaign and similar activities, contract performance, planning, statistics, satisfaction surveys, security, recruitment processes, legal and financial operations, compliance with legislation and obligations to public authorities.
Storage Period of Personal Data
Güriş Teknoloji A.Ş. retains personal data only for the period specified in the relevant legislation or for the period required for the purpose for which they are processed. If the period expires or the reasons requiring processing disappear, personal data are deleted, destroyed or anonymised.
Method of Collecting Personal Data
Your personal data may be collected verbally, in writing or electronically by automatic or non-automatic methods through our website, social media channels, parties with whom we have a business relationship and / or receive services that are complementary to our activities, contracted organisations and other similar channels.
Transfer of Personal Data
Your personal data may be transferred to company officers, shareholders, employees, business partners, service providers or third parties, legal, financial and tax consultants and other consultants, auditors, organisations or individuals, authorities such as SGK, ministries, judicial authorities, all public institutions and organisations authorised by law and/or abroad within the framework of the conditions and purposes listed in Articles 8 and 9 of the Law.
Rights of the Data Subject Pursuant to Article 11 of the Law
As a data subject, you have the right to request the following from Güriş Teknoloji A.Ş.
a) To learn whether personal data is processed or not,
b) Requesting information if personal data has been processed,
c) To learn the purpose of processing personal data and whether they are used in accordance with their purpose,
d) To know the third parties to whom personal data are transferred domestically or abroad,
e) To request correction of personal data in case of incomplete or incorrect processing,
f) To request correction of personal data in case of incomplete or incorrect processing and to request notification of the transaction made within this scope to third parties to whom personal data is transferred,
g) Although it has been processed in accordance with the provisions of the Law and other relevant laws, to request the deletion or destruction of personal data in the event that the reasons requiring its processing disappear and to request notification of the transaction made within this scope to third parties to whom personal data is transferred,
h) To object to the emergence of a result to the detriment of the person himself/herself by analysing the processed data exclusively through automated systems,
i) In case of damage due to unlawful processing of personal data, to demand the compensation of the damage.
Methods of Exercising the Rights of Data Subjects
You may submit your written requests to Ankara Cad. No. 222, Gaziosmanpaşa Mah. Gölbaşı/ANKARA with a wet signature or to info@guristeknoloji.com.tr with a secure electronic signature. Applications will be responded to within 30 days. If additional costs arise, the fees determined by the Personal Data Protection Authority may be requested.
