CRMFUAR.COM.TR
PERSONAL DATA PROTECTION INFORMATION TEXT
In accordance with the "Obligation to Inform" article 10 of the Law No. 6698 on the Protection of Personal Data ("Law") and the Communiqué on the Procedures and Principles to be Followed in the Fulfillment of the Obligation to Inform, published in the Official Gazette dated March 10, 2018, and numbered 30356, we aim to inform you about your personal data processed by us through this Information Text.
Article 1. IDENTITY OF THE DATA CONTROLLER
Our company, CRMFUAR.COM.TR, is considered a Data Controller in accordance with the law regarding the personal data obtained from our employees, employee candidates, customers, potential customers, visitors, suppliers, consultants, support service providers, authorized persons, and shareholders, as well as the employees and authorized persons of our subsidiaries.
You can reach us through the following contact information:
Address: SAKARYA
Phone: 0 850 840 47 54
Fax: 0 850 840 47 54
Email: bilgi@crmfuar.com.tr
Website: www.crmfuar.com.tr
Article 2. FOR WHAT PURPOSES ARE YOUR PERSONAL DATA PROCESSED?
Within the scope of your relationship with our company:
(i) Your identity information such as name, surname, place of birth, date of birth, age, photo, ID card, ID number,
(ii) Your contact information such as workplace address, home address, email, phone, mobile phone, residence, address registration system records,
(iii) Your family status information such as marital status, number of children, information about spouse and relatives, identity, financial status, education,
(iv) Your education, work, and professional life information such as work history, employer name, graduated school, student number, professional competencies, CV information,
(v) Your bank account information such as bank account number, IBAN number,
(vi) Employee data including all information required for the creation of a personal file, any surveys, reports, studies, training or rewards related to the employee's performance and career development, information about any benefits or interests to be provided to the employees, and similar information,
(vii) Security information of our company premises such as camera records, visitor records, entry and exit records,
(viii) Cybersecurity information including user names, passwords, audit trails, IP address, WEB page access logs, reports, and other data and logs that may relate to the security of the corporate cyber domain,
(ix) Audit and inspection records, audit and inspection reports, information about investigations conducted for audit and inspection purposes, and other data that may relate to audits and inspections are processed for the following purposes:
To manage our human resources processes and activities,
To plan, audit, and execute information security processes,
To establish and manage the information technology infrastructure,
To follow up on finance and/or accounting transactions,
To manage contracts, establish legal transactions, and follow up on legal processes,
To ensure the security of facilities and personnel,
To fully and properly fulfill our company's contractual and legal obligations,
To evaluate and respond to your suggestions, requests, complaints, and fault reports, and to carry out improvement activities accordingly,
To organize and manage domestic and international purchasing, supply, transportation, logistics, import, and customs clearance transactions,
To communicate with our group companies, subsidiaries, shareholders, and their employees,
To back up data for security purposes.
Personal data considered as "special categories of personal data" under the Law:
(i) Health-related data such as blood type, medical history, test and examination results, disability status,
(ii) Data related to membership in associations, foundations, or unions,
(iii) Data related to criminal convictions and security measures,
are processed for the following purposes:
To fulfill our legal obligations,
To provide information to authorized institutions as required by legislation,
To take occupational health and safety measures,
To create and store personal files,
To ensure security,
To evaluate job applications.
Article 3. TO WHOM AND FOR WHAT PURPOSE CAN YOUR PROCESSED PERSONAL DATA BE TRANSFERRED?
Your personal data may be shared with our group companies and subsidiaries, relevant tax offices and banks, public institutions, courts, enforcement offices, law enforcement agencies, third-party real and legal persons we are associated with, service provider companies and their officials, our business partners and their officials, banks, our company's shareholders and employees, suppliers and their employees, in accordance with the provisions of the Law regarding the transfer of personal data and transfer abroad, for the purposes specified in Article 2 of this Information Text.
Article 4. BY WHAT METHODS AND ON WHAT LEGAL GROUNDS DO WE COLLECT YOUR PERSONAL DATA?
Article 4.1. METHOD OF COLLECTING PERSONAL DATA
Our company collects your personal data during the establishment of your legal relationship with our company and during the term of this legal relationship, during your visit to our company, from our shareholders, business partners, and group companies, through requests and applications sent via the internet, telephone, email, and in physical, verbal, written, or electronic form, and takes the necessary measures within the scope of the legislation to ensure the confidentiality and security of the personal data in question.
Article 4.2. LEGAL REASON FOR COLLECTING PERSONAL DATA
Your personal data is collected, stored, and processed, and transferred with adequate measures taken, based on one or more of the following legal grounds in accordance with Article 5 and Article 8 of the Law:
The presence of your explicit consent,
Being explicitly stipulated in the legislation to which our company is subject,
To comply with the principles and rules in the national and international arena, to comply with the information storage, reporting, and informing obligations stipulated by the legislation and official authorities,
Being directly related to the establishment or performance of a contract, the necessity of processing personal data belonging to the parties of the contract, to provide the requested goods and services and to fulfill the requirements of the contracts you have concluded,
Being mandatory to fulfill a legal obligation,
Being made public by the data subject themselves,
Being mandatory for the establishment, exercise, or protection of a right,
Being mandatory for the processing of data for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.
Personal data of special nature, including data on individuals' association, foundation, or union membership, health, criminal convictions, and security measures, are collected, stored, and processed based on the following legal grounds:
The presence of your explicit consent,
Personal data other than health data, in cases stipulated by laws, without seeking explicit consent,
Personal data related to health can be processed without seeking explicit consent by persons under the obligation of secrecy or authorized institutions and organizations, for the purposes of protecting public health, conducting preventive medicine, medical diagnosis, treatment and care services, planning and managing health services and their financing.
Article 4.3. EXPLICIT CONSENT
In accordance with Law No. 6698, if the processing of your personal data is subject to obtaining your consent, you will be presented with an "Explicit Consent Text," and you have the option to withdraw your explicit consent at any time by contacting us.
If you wish to withdraw your explicit consent, you must contact our company at the address provided.
The withdrawal of your consent will only apply to future processing and will not affect the lawfulness of the data processing carried out before the withdrawal.
Article 5. WHAT ARE YOUR RIGHTS AS A "DATA SUBJECT" UNDER THE LAW?
In accordance with the Law, you have the following rights:
To learn whether your personal data is being processed,
To request information if your personal data has been processed,
To learn the purpose of processing your personal data and whether they are used in accordance with their purpose,
To know the third parties to whom your personal data is transferred domestically or abroad,
To request the correction of your personal data if it is incomplete or incorrectly processed,
To request the deletion or destruction of your personal data under the conditions stipulated in Article 7 of the Law,
To request that the correction of your personal data, as well as the deletion or destruction of your personal data, be notified to third parties to whom your personal data has been transferred,
To object to the occurrence of a result against you by analyzing the processed data exclusively through automated systems,
To request compensation for damages in case you suffer damage due to the unlawful processing of your personal data.
You can submit your requests regarding the above-mentioned rights, along with your petition, to the address defined in Article 1, "Ankara Cad. No: 97 Kat: 6 Bayraklı / İZMİR," in person or through a notary.
In addition, in accordance with Article 5 of the "Communiqué on the Procedures and Principles of Application to the Data Controller," you can send your request to our registered electronic mail (KEP) address, using a "secure electronic signature" as defined in the Electronic Signature Law No. 5070, mobile signature, or in writing, or by using the electronic mail address you have previously provided to our company and registered in our systems, to our KEP address.
In the application:
(i) name, surname, and signature if the application is in writing,
(ii) Turkish Republic ID number for Turkish citizens, nationality, passport number, or ID number if available for foreigners,
(iii) address for notification or workplace address,
(iv) if available, electronic mail address for notification, telephone, and fax number,
(v) subject of the request
must be included.
Your requests in the application will be concluded as soon as possible and at the latest within thirty (30) days, depending on the nature of the request.
If the response to the application is to be given in writing, a transaction fee of 1 Turkish Lira may be charged for each page exceeding 10 pages.
If the response to the application is to be given on a recording medium such as a CD or flash drive, a fee may be requested equal to the cost of the recording medium.
It is important that the personal data we hold about you is accurate and up-to-date.
Therefore, please inform us if there is any change in your personal data.
DATA CONTROLLER
CRMFUAR.COM.TR