PREFACE
Within the scope of the Law on the Protection of Personal Data, as KTO KARATAY UNIVERSITY DEVELOPMENT-FOCUSED STRATEGIC RESEARCH CENTER (KOSAM), we attach importance to the protection of your personal data and / or sensitive personal data. We are sensitive about the storage of all personal data and / or sensitive personal data belonging to you, which are transmitted to our company in various ways. In this context, we have taken the necessary technical and administrative measures as KOSAM in order to comply with the provisions of the Turkish Constitution and other legislation, especially the Personal Data Protection Law No. 6698. We would also like to emphasize that we will protect your rights guaranteed by the laws. In this context, you can safely share your personal data with KOSAM and send us your suggestions, complaints and hesitations.
We share with you our Privacy Policy, which has been put into effect within KOSAM, which is particularly important for the protection of your personal data.
1.DEFINITIONS
Data Controller:
It refers to KOSAM, which determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system.
Data Owner-Related Person
It refers to the real person whose personal data is processed.
Company
KOSAM is referred to in this policy.
Law
"Law No. 6698 on the Protection of Personal Data".
Personal Data
Any information relating to a natural person whose identity is specific or identifiable.
Sensitive Personal Data
Data relating to race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and dress, membership to associations, foundations or trade unions, health, sexual life, criminal convictions and security measures, and biometric and genetic data refer to personal data of special nature.
Board
It refers to the Personal Data Protection Board.
Policy
This is referred to as the "Privacy Policy".
Processing of Personal Data
It refers to all kinds of operations performed on personal data such as obtaining, recording, storing, retaining, changing, rearranging, disclosing, transferring, taking over, making available, classifying or preventing the use of personal data by fully or partially automatic means or by non-automatic means provided that it is part of any data recording system.
Explicit Consent
Consent refers to consent on a specific subject, based on information and expressed with free will.
Destruction
It refers to making personal data inaccessible, irretrievable and non-reusable by anyone in any way.
Deletion
It refers to making personal data inaccessible and non-reusable in any way for the relevant users.
Anonymization
It refers to making personal data impossible to be associated with an identified or identifiable natural person under any circumstances, even if it is matched with other data.
Destruction
It refers to the deletion, destruction or anonymization of personal data.
Data
Personal data and sensitive personal data are referred to together.
2. PURPOSE OF THE PRIVACY POLICY
Protection of personal data and compliance with the law is our basic principle. As KOSAM, the personal data and / or sensitive personal data we have received from you in all our works are kept confidential and not shared with third parties. In this context, our company has always shown the necessary sensitivity regarding the protection of personal data and / or sensitive personal data. Again, in accordance with the Law No. 6698 on the Protection of Personal Data (hereinafter referred to as "Law" or "KVKK"), our internal regulations have been reorganized and technical and administrative measures have been taken. In the ongoing process, as KOSAM, we accept, declare and undertake to comply with all obligations imposed by the law.
3.SCOPE OF THE PRIVACY POLICY
This Privacy Policy has been prepared in accordance with the Personal Data Protection Law No. 6698.
Your personal data and/or sensitive personal data are processed with your consent or within the scope of compliance with the law. Your data in question;
- Ensuring company security,
- Providing you with a complete service,
- Conducting our commercial activities,
- Quick resolution of your problems,
- It is used for the purpose of improving our quality.
Some personal data and/or special categories of personal data received from you are de-personalized and anonymized in the procedures stipulated by the Law. Data used for statistical purposes are currently not included in the regulation of the Law and the scope of our policy. As KOSAM, we have the right to change this policy in order to protect personal data within the scope of compliance with the Law.
The privacy policy aims to protect the data obtained in any way from real and legal persons, customers, employees and all other persons with whom KOSAM is a solution partner. In this context, it contains various regulations in order to realize the intended goal.
4. BASIC PRINCIPLES REGARDING THE PROCESSING OF PERSONAL DATA AND/OR PERSONAL DATA OF SPECIAL NATURE
Our basic principles regarding the processing of personal data and/or sensitive personal data are as follows. In this context, these principles shall apply to the data processed by KOSAM based on explicit consent or within the scope of compliance with the Law.
- Compliance with the Law: KOSAM questions the source and lawfulness of personal data and/or special categories of personal data received from real and legal persons and collected by various means. In this context, it is important for KOSAM to obtain the data in accordance with the law.
- Compliance with the Rules of Honesty: KOSAM inquires the source of personal data and/or sensitive personal data received from real and legal persons and collected through various means. In this context, it is important for KOSAM to obtain the data within the framework of honesty rules.
- Being Limited, Measured and Connected to the Purpose for which they are Processed: KOSAM uses personal data and/or sensitive personal data obtained through various means in accordance with the purpose for which they are processed, limited to the purpose of processing, measured and to the extent required by the performance of the service.
- Accuracy of Personal Data and/or Sensitive Personal Data: KOSAM attaches importance to the fact that personal data and/or sensitive personal data received from real and legal persons and collected by various means do not contain false information and are accurate. However, KOSAM is not obliged to investigate the accuracy of the personal data and/or sensitive personal data declared by its customers or real and legal persons with whom it is in contact. Because this is not possible legally and in line with our working principles.
- Being Up-to-Date When Necessary: If there has been a change in the personal data and/or sensitive personal data obtained in various ways, KOSAM attaches importance to communicating such change to the company and updating the data if communicated.
- Processing for Specific and Legitimate Purposes: KOSAM processes personal data and/or sensitive personal data without the explicit consent of the data owner or without obtaining explicit consent within the framework of the exceptions stipulated by law. The purpose of processing each data is specific and no personal data processing activity is carried out for any illegitimate purpose.
- Preservation for the period stipulated in the Law and/or for the period required for the purpose for which they are processed: KOSAM retains the personal data and/or special categories of personal data it obtains for the periods stipulated in the relevant laws and/or required for the purpose for which they are processed. When the purposes in question come to an end, it anonymizes, destroys or deletes the data.
5. DELETION, DESTRUCTION AND ANONYMIZATION OF PERSONAL DATA
Your personal data and/or special categories of personal data shall be deleted, destroyed or anonymized upon expiration of the statute of limitations and retention periods stipulated in the Law, completion of judicial processes or other requirements appropriate for the purpose. Deletion, destruction and anonymization operations are carried out upon the request of the relevant data owner or ex officio (spontaneously) by KOSAM.
6. PRINCIPLE OF PARSIMONY
The principle of stinginess is also known as the principle of maximum savings. Personal data and/or sensitive personal data received through various means are transferred to our company's system. In accordance with the said principle, the data are processed into the system as much as necessary.
The data to be collected by KOSAM is determined in accordance with the purpose and varies. In this context, data are collected in accordance with the purpose and data that are not parallel to the purpose are not collected. Excess data other than its purpose is not saved in the company system, deleted, destroyed or anonymized. However, such data may be used for statistical purposes.
7. CONFIDENTIALITY AND SECURITY OF DATA
As KOSAM, we attach importance to the confidentiality of your personal data and/or sensitive personal data. In this context, your personal data and/or sensitive personal data that reach our Company in any way are confidential. KOSAM complies with the confidentiality of such data at every stage of its commercial activities. In this context, full compliance with this company privacy policy is ensured.
Necessary technical and administrative measures are taken to prevent unauthorized access to personal data and/or sensitive personal data collected in various ways, to prevent damage to the rights of the data owner and to protect the data. In addition, data protection is requested from third parties with whom we share personal data and/or sensitive personal data in accordance with the law when necessary. Again, our software programs are updated and continuously renewed. In order to ensure a high level of protection, technological requirements are fulfilled and compliance with standards is ensured.
8. UPDATING OF DATA
The principle of timeliness is essential within KOSAM. Because personal data and/or sensitive personal data obtained in various ways can be updated when necessary or upon request. Necessary measures regarding the update are also taken by KOSAM.
9. ACCURACY OF DATA
The principle of accuracy of the declared personal data and/or sensitive personal data has been adopted by KOSAM. KOSAM is not obliged to investigate the accuracy of personal data and/or sensitive personal data declared by its customers or real and legal persons with whom it is in contact. Because this is not possible legally and in line with our working principles. In this context, transactions are carried out with the assumption that the declared data is correct.
10. PURPOSES OF PROCESSING PERSONAL DATA AND/OR SENSITIVE PERSONAL DATA
Processing of personal data and/or sensitive personal data is carried out in parallel with the purposes in the Clarification Texts of KOSAM. These Clarification Texts may vary according to the processed personal data and/or sensitive personal data. In parallel with the difference in the Clarification Texts, the purposes of processing personal data and/or sensitive personal data may also vary.
11. PROCESSING OF PERSONAL DATA AND/OR PERSONAL DATA OF SPECIAL NATURE FOR ADVERTISING PURPOSES
Electronic messages sent for advertising purposes require the consent of the recipient. In this context, electronic messages for advertising purposes may only be sent to persons for whom prior consent has been obtained. This issue is clearly regulated in the "Law on the Regulation of Electronic Commerce" and the "Regulation on Commercial Communication and Commercial Electronic Messages".
KOSAM acts in accordance with the aforementioned legislation regulations when sending electronic commercial messages for advertising purposes. Again, approval is obtained in accordance with the legislation and the details of the approval are complied with. The said consent can be obtained through all kinds of electronic communication tools or in writing in a physical environment. The basis of the consent is the existence of a positive declaration of will of the recipient of the commercial electronic message that he/she accepts the sending of commercial electronic messages, the electronic communication address and the presence of his/her name and surname.
The consent received from the recipient covers all commercial electronic messages sent to electronic communication addresses in order to market and promote the goods and services of the company, to promote its business, to ensure its recognition, to increase its recognition with content such as celebration, wishes and congratulations.
Apart from all these, before sending electronic commercial messages, persons are informed that their data may be processed and their explicit consent is obtained when necessary. While sending this commercial message, the provisions of the Law No. 6698 on the Protection of Personal Data are complied with.
12. COLLECTION AND PROCESSING OF PERSONAL DATA AND/OR SPECIAL CATEGORIES OF PERSONAL DATA WITHIN THE CONTRACTUAL RELATIONSHIP
If a contractual relationship has been established with customers or prospective customers, personal data collected pursuant to the contract may be processed by KOSAM without obtaining explicit consent. In case of processing of personal data of special nature, data can be processed based on explicit consent or legal reasons within the scope of Article 6 of the Law. The data in question are used for the performance of goods and/or services, execution of the contract, and execution of commercial activities. These data can be updated at any time by contacting customers.
13.PERSONAL DATA AND/OR SPECIAL CATEGORIES OF PERSONAL DATA PROCESSED THROUGH AUTOMATED SYSTEMS
The data obtained from the information obtained through automated systems without the explicit consent of the persons cannot be used against the persons. KOSAM acts in accordance with the provisions of the relevant legislation in personal data and/or sensitive personal data processed through automated systems.
14. TRANSFER OF PERSONAL DATA AND/OR SPECIAL CATEGORIES OF PERSONAL DATA DOMESTICALLY AND ABROAD
KOSAM may transfer data domestically and abroad in accordance with the conditions stipulated in the Law on the Protection of Personal Data and within the framework of the principles determined by the Board, within the scope of compliance with the law or with the explicit consent of the person concerned.
KOSAM acts in accordance with Articles 8 and 9 of Law No. 6698 when transferring personal data and/or sensitive personal data.
15.AUDIT AND TRANSACTION SECURITY
Necessary technical and administrative measures are taken to prevent unauthorized access to personal data and/or sensitive personal data collected through various means, to prevent damage to the rights of the data owner, to prevent victimization and to protect the data. In addition, data protection is requested from the companies with which we share personal data and/or sensitive personal data within the framework of compliance with the law when necessary. Again, our software programs are updated, continuously renewed and developed. In order to ensure a high level of protection, all technological requirements are fulfilled and compliance with standards is ensured. In parallel with all these, KOSAM conducts all internal and external audits required for the protection of personal data and/or sensitive personal data.
16. NOTIFICATION OF DATA BREACHES
In case of any breach of data, KOSAM immediately takes action to do its part to remedy the breaches notified to it. It takes the necessary measures to minimize the damage to the data subject. You can apply for notification of violations according to the procedures specified on our company's website. In addition, in the event that personal data and / or sensitive personal data are obtained by unauthorized third parties from outside, the company notifies the Personal Data Protection Board directly.
17. RIGHTS OF THE DATA SUBJECT REQUESTING INFORMATION
Article 11 of the Law No. 6698 on the Protection of Personal Data stipulates the rights of the data subject. In accordance with the law, KOSAM accepts that the data subject should be informed before data processing and, if necessary, his/her explicit consent should be obtained, and that the data subject has the right to request information about the data, update, delete, destroy and anonymize the data after the data is processed.
Relevant persons may request information about their data through the "Contact Form" in accordance with the Law No. 6698 on the Protection of Personal Data;
a) Learn whether personal data is being processed,
b) Request information if personal data has been processed,
c) To learn the purpose of processing personal data and whether they are used in accordance with their purpose,
ç) To know the third parties to whom personal data are transferred domestically or abroad,
d) To request correction of personal data in case of incomplete or incorrect processing,
e) To request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the law titled "Deletion, destruction or anonymization of personal data",
f) Request notification to third parties to whom personal data is transferred that incomplete or incorrectly processed data has been corrected or that the data has been deleted or destroyed upon the request of the data subject,
g) To object to the emergence of a result to the detriment of the person himself/herself by analyzing the processed data exclusively through automated systems,
h) In case of damage due to unlawful processing of personal data, it has the right to demand the compensation of the damage.
The information request made on behalf of someone else will not be answered by the company. If it is determined by KOSAM that the application made on behalf of someone else in the information request, KOSAM reserves all kinds of lawsuit and claim rights. The requests of the relevant person will be answered as soon as possible and within thirty days from the date of receipt by KOSAM. If KOSAM deems necessary, it may request other information and documents from the applicant.
KOSAM
TR
EN