Protection of Personal Data
I. GENERALLY
Each of the Safi Group Companies (“Group Companies”) has adopted the principle of acting with care and principle in the processing and securing of all your personal data in accordance with the Constitution of the Republic of Turkey, international conventions on human rights to which our country is a party, and the Law on Protection of Personal Data No. 6698 (“Law on the Protection of Personal Data”) and relevant regulation.
The Group Companies processes the personal data of business partners, shareholders, customers, potential customers, visitors of the company, employees, prospective employees and employees, shareholders and officials of the institutions in cooperation and persons who applied for a job or visited the official website or natural persons who have relationship with the Group Companies and takes necessary precautions for the storage of data and prepared this Confidentiality and Protection of Personal Data to inform you about company rules and policies on the processing of personal data within the framework of the law on the protection of personal data.
The Group Companies processes the personal data of business partners, shareholders, customers, potential customers, visitors of the company, employees, prospective employees and employees, shareholders and officials of the institutions in cooperation and persons who applied for a job or visited the official website or natural persons who have relationship with the Group Companies and takes necessary precautions for the storage of data and prepared this Confidentiality and Protection of Personal Data to inform you about company rules and policies on the processing of personal data within the framework of the law on the protection of personal data.
All the explanations made for personal data covers your special qualified personal data in this confidentiality and personal data protection policy prepared by the Group Companies.
In accordance with these principles, your personal data can be processed and kept by the following companies in the capacity of data controller for the following purposes:
SAFİ GROUP COMPANY:
- Safi Katı Yakıt Sanayi ve Ticaret Anonim Şirketi
- Safi Gemi İşletmeciliği Anonim Şirketi
- Safi Gayrimenkul Ve Yatırımları Sanayi Ticaret Anonim Şirketi
- Espadon Turizm Ve Yapı Endüstrisi Anonim Şirketi
- Çorum Şeker Fabrikası Anonim Şirketi
- Safi Derince Uluslararası Liman İşletmeciliği Anonim Şirketi
tarafından aşağıda açıklanan kapsamda işlenebilecek ve muhafaza edilebilecektir.
|
|
In accordance with paragraph 2 of article 5 of the law on the protection of personal data, Group Companies has right to process your personal data (personal data other than health and sexual life) without taking explicit consent, if it is clearly stipulated in the laws, if it is compulsory for the protection of the life or physical integrity of the person or someone else who is unable to express his consent due to actual impossibility or whose consent is not legally valid, provided that it is directly related to the conclusion or performance of a contract, if it is compulsory to process the personal data of the parties to the contract, if it is necessary for the data controller to fulfill its legal obligation, if it is made public by the related person, if data processing is mandatory for the establishment, exercise or protection of a right, if data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data controller.
III. THE PURPOSE OF PROCESSING YOUR DATA
The Group Company processes your data:
» To ensure the safety of all persons and institutions that our company is in contact with,
» To ensure the safety of our company,
» To issue and perform a contract, to fulfill of our legal obligations, to establish, exercise or protect a right,
» To be able to meet the requirements of the services we provide in accordance with the requirements of technology, and to develop our products and services,
» To carry out and organize all our activities,
» To carry out activities of human resources,
» To ensure transparency along with commercial and legal safety,
» To ensure and audit compliance with legal regulations,
» To carry financial processes,
» To provide legitimate interests in a way not to contradict the laws, fundamental rights and freedoms of individuals and personal interests,
» To ensure commercial and administrative management,
» For the various legal compliance reasons,
by considering the law on protection of personal data and other laws and regulations and the standards regarding the information security and protection of personal data and in accordance with the principles in the regulations and collects your personal and private data in automatic or non-automatic ways as verbally, in writing or electronically, and processes it within the scope of the law on protection of personal data according to the processing purpose. In addition, while the Group Company processes the personal data, it stores the personal data:
» In accordance with the law and honesty rules
» Accurately and up to date when necessary
» For certain, clear and legal purposes
» in a limited and measured manner in connection with the purposes for which they process.
» For the period stipulated in the relevant legislation or required for the purpose for which they are processed.
IV. METHODS OF PERSONAL DATA COLLECTION AND LEGAL CAUSES
Your personal data can be collected by the Group Companies by automatic or non-automatic methods as verbal, written, technical and various methods through channels such as business partners, shareholders, customers, potential customers, visitors of the Group Companies, employees, prospective employees and employees, shareholders and officials of the institutions in cooperation for the above-mentioned purposes.
Your personal data can be collected by the Group Companies from the person directly and with various agreements signed and printed documents, business partners, contractual institutions and institutions in cooperation, complaint/demand management systems, video and audio recording, corporate web sites, cookies, electronic mail, telephone, SMS, market research companies and reference.
V.TO WHOM AND FOR WHAT PURPOSES YOUR PERSONAL DATA CAN BE TRANSFERRED
Your personal data, which is informed that it is processed above, can be transferred to business partners, institutions in cooperation, relevant institutions, banks and financial institutions, relevant units from which legal support is received, public institutions and organizations in line with the legitimate interest of the Group Companies in line with the purpose of the products and services offered, regulatory, supervisory institutions and official authorities, in cases stipulated by the relevant legislation, within the personal data processing conditions and purposes specified in Articles 8 and 9 of the law on the protection of personal data within the purposes above, in accordance with the law on the protection of personal data and regulations in force, as it can be shared between companies, including but not limited to those listed.
Besides, your personal data may be transferred abroad by the Group Companies for the above-mentioned purposes;
• In case there is data holder’s explicit consent or
• In case there is no data holder’s explicit consent but one or more terms above is met
• In case there is sufficient protection in countries where data is transferred
• In case that there is not sufficient protection in the country where the data is transferred, it can be transferred provided that our company undertakes in writing with the data controller in the relevant foreign country and that the permission of the Personal Data Protection Board is obtained.
VI. PROVIDING SAFETY AND CONFIDENTIALITY OF YOUR PERSONAL DATA
The Group Companies takes various technical and administrative precautions to:
» To raise awareness of employees by conducting various training activities on the subject of personal data protection,
» To act in accordance with requirements of personal data policy,
» In cases where personal data transfer is in question, to ensure adding a record to the contracts concluded with the persons to whom the personal data is transferred, indicating that the party to which the personal data is transferred will fulfill the data security,
» For the preparation of personal data inventory by the Group Companies except for the exemptions,
» To protect physical environments containing personal data against external risks with appropriate methods and to control the entrances and exits to these areas,
» To have personnel who have specialty in technical issues for the data processed in electronic media and to use various software and programs to protect these,
» To conduct data backup works,
» To audit for the implementation of precautions taken,
to prevent illegal processing and accessing the personal data processed and to ensure data protection, in accordance with article 12 the law on protection of personal data.
VII. ACCESS TO PERSONAL DATA AND YOUR RIGHTS UNDER THE LAW ON PROTECTION OF PERSONAL DATA
In accordance with Article 11 the law on protection of personal data, the data owner has the following rights:
• To learn whether personal data has been processed,
• To request personal information if personal data is processed,
• To learn the purpose of processing personal data and whether they are used appropriately,
• To know the third parties to whom personal data is transferred at home or abroad,
• To request the correction of personal data in case of incomplete or incorrect processing, and request that the transaction made in this scope be notified to third parties where personal data is transferred,
• Although it has been processed in accordance with the Law No. 6698 and other relevant provisions of the law, to request the deletion or destruction of the personal data in case the reasons requiring the processing of the data to be eliminated and request that the transaction made in this scope be notified to the third parties where the personal data is transferred,
• To demand the loss, if there is loss due to the unlawful processing of personal data
VIII. YOUR REQUEST ON YOUR PERSONAL DATA
You are required to send documents identifying your identity and with a wet signature to the address "D-100 Karayolu No:26/1 Safi Espadon Kule Kartal/Istanbul" by registered letter with return receipt or notary public in accordance with the article 13 of the law on the protection of personal data, your requests regarding your rights specified in this policy, except for the exceptions listed in the article 28 of the law on the protection of personal data.
The relevant person must clearly and comprehensibly state the matters requested in the application, which includes explanations regarding the right to be exercised and requested to use the above-mentioned rights.
The Group Companies will conclude your request free of charge within the shortest time following the receipt of relevant documents and 30 (thirty) days of at the latest. The Group Companies will not charge up to ten pages if the requests will be responded in written and reserves the right to charge a fee based on the fee schedule stipulated by the legislation for responses over ten pages. If the response to the application is given in a recording medium such as a CD or flash memory, the Group Companies may charge a fee equal to the cost of the recording medium from the requesting data owner.
Pursuant to Article 14 of the Law on the Protection of Personal Data, in cases where the application is rejected, the response is found insufficient, or the application is not answered in due time, the personal data owner can complain to Board within 30 (thirty) days from the date of learning of The Group Company's response and within 60 (sixty) days from the application date in any case. It is not possible to apply to the complaint procedure without exhausting the application method.
However, the Group Company states that it reserves the right of updating in cases when legal regulations and legitimate interests in this policy require.
