As Özdilek Holding AŞ (hereinafter
referred to as "Özdilek"), we place great importance on the
protection of personal data and the privacy of our customers/guests/visitors.
In this context, we process the personal data in the capacity of "Data
Controller" under Law No. 6698 on the Protection of Personal Data (KVKK)
within the framework of objectives and boundaries and we pay attention to
taking the necessary administrative and technical measures. For this reason, we
aim to provide the necessary information on our personal data protection
processes and the rights of a data owner under KVKK through this "Clarification
Text on the Processing of Personal Data (Clarification Text)".
Necessary information on how personal data may be processed by Özdilek and with
whom it can be shared is included herein.
2- Legal Basis for the Collection of Personal Data
This notification is made in line
with Article 10 of Law No. 6698 on the Protection of Personal Data (KVKK).
Özdilek and its affiliates undertake to apply necessary measures to keep
customer/guest/visitor information confidential and not to share this
information with third parties. Özdilek and its employees undertake to protect
the confidentiality of the information they obtain while performing their
duties and to use such information only within the scope of the legislation.
Özdilek processes personal data
based on the explicit consent of the data owner and in cases where allowed in
the applicable legal regulations. The following information is requested
regarding the data owners who are Özdilek customers/guests/visitors:
- Identity Information, such as
first name, last name, identity number, account and membership information,
etc.
- Contact Details, such as
address, phone number, e-mail address, IP address, etc.
- Physical Venue Security
Information
- Financial Information in
certain cases
- Professional Experience
Information
(All the information mentioned
above will hereinafter be referred to as "Personal Data".)
4- Time and Manner of Receiving the Personal Data
The data and express consent
given by the data owners who make a transaction over Özdilek web site are processed by Özdilek under
the provisions of the legislation. Özdilek undertakes to keep the
customer/guest/visitor information confidential and to take the necessary
measures in order for preventing the disclosure of this information to the
third parties under Law No. 6698 on the Protection of Personal Data. In
addition, your personal data will be processed when you utilize our hotline or
website and visit our company or website in order to benefit from the services
offered by our company or group companies.
As Özdilek, we process the data
of our customers/guests/visitors in the capacity of Data Controller under KVKK.
The following personal data may
be collected in case of the following situations:
· Identity and contact information
when giving feedback about the service and complaints
· Identity and contact information
for security purposes from the people who come for job application or company
visit
· Physical venue security
information for ensuring the security of the people who visit the enterprise
under the legal conditions
·
Registering
for or using a service
·
Contacting
us for a query or request
5- Processing of Sensitive Personal Data
Certain personal data that pose
the risk of leading to aggrievement or discrimination of the persons in the
event of unlawful processing are defined as "sensitive" under
Article 6 of Law No. 6698 on the Protection of Personal Data. This data
consists of the data regarding race, ethnic background, political view,
philosophical belief, religion, religious sect or other beliefs, appearance,
association or union membership, health, sexual life, conviction or safety
measures and biometric and genetic data. Özdilek acts in line with the
regulations set forth under Article 6 of the Law on the Protection of Personal Data
during the processing of sensitive personal data and shows sensitivity towards
the protection of this data.
6- Purposes of Processing Personal Data
Data of our
customers/guests/visitors such as first name, last name, e-mail address, phone
number, Turkish identity number, etc. may be kept in written/magnetic archives,
used, shared, transferred, and processed in other ways for the purpose of
receiving your verbal, written, or electronic requests, complaints and
suggestions, offering our services, improving our service, solving systemic
problems, updating your information about products and services for marketing
purposes in case of your prior consent, offering services that may catch your
interest, meeting your scholarship and similar requests and managing these
activities, providing data analysis, audit, fraud monitoring and prevention,
internal quality assurance, developing new services and improving or modifying
them, controlling the use and functionality of our services, helping to ensure
compliance with our terms of use, helping to protect our services, executing
and expanding our commercial activities and enabling third parties to perform
their technical, logistics, and other similar functions on behalf of Özdilek.
However, our company does not share some of the information collected from the
membership forms with third parties without the knowledge of the member user in
question or otherwise, and does not use it for commercial purposes for any
reason other than activity, and does not sell it in no case.
Özdilek is entitled to record,
store, update your personal information, disclose and transfer them to third
parties, and classify and process them in cases and to the extent permitted by
the legislation.
Your personal data is used for
the following purposes:
Execution of emergency processes,
executing access authorizations, executing activities in line with the
legislation, executing financial and accounting works, executing logistics
activities, executing commodity/service purchase contracts, executing commodity
and service sales processes, executing contract processes, following up
requests/complaints, executing supply chain management processes, informing
authorized persons-institutions and organizations, and conducting other
internal and external security.
7- Share/Transfer of Personal Data
The share of personal data of our
customers/guests/visitors with third parties takes place within the framework
of the consent of the customers/guests/visitors, and as a rule, personal data
is not transferred to third parties without the consent of our
customers/guests/visitors.
In addition, personal
data is disclosed to courts and other public institutions under our legal
obligations. Besides, the personal data is transferred to contracted third
parties in order for providing services we undertake, controlling the quality
of the services provided, protecting rights, confidentiality, security, or
property of our company, our affiliates, you or other third parties.
Necessary technical and legal
measures are taken to prevent violations of rights during data transfer to
third parties. However, Özdilek shall not be responsible for any violations
that occur in the risk area under the responsibility of the third party, due to
the data protection policies of the third party.
Provided that you give your
express consent, your personal data can be shared with Özdilek's group
companies, with program partner institutions and organizations that we
cooperate with in order for carrying out our activities for our direct/indirect
domestic affiliates, with domestic institutions with which we have contracted
to send commercial electronic messages to our customers/guests/visitors, with
Interbank Card Centres, with contracted banks. Your Personal Data may be
transferred to state institutions, judicial bodies, foreign missions (embassies,
consulates, etc.) established under international agreements, within the
framework of legal obligations and in cases necessary.
8- Processing Period
of Personal Data
Personal data will be stored until
the end of this period, if there is a period foreseen under the relevant
legislation for the storage of this data, and if such a period is not
determined, until the end of the period required for the purpose for which they
are processed (at least 10 years).
Following the expiration of these
periods, your personal data will be erased, destroyed, or anonymized
immediately in line with the rules under the legislation, ex officio or upon
your request. In the event that there is a change in your personal data within
this period, you have an obligation to inform Özdilek so that your records can
be kept up-to-date and accurate.
9- Methods for Protecting Personal Data
Personal data shared with Özdilek
are under Özdilek's supervision and control. Özdilek, as a data controller, has
undertaken the responsibility of establishing the necessary organization and
taking and adapting technical measures in order for protecting the
confidentiality and integrity of the information in line with the provisions of
the relevant legislation in force. Being aware of our obligation in this
regard, penetration tests are carried out periodically in line with
international and national technical standards on data privacy, and we hereby
inform you that we always update our data processing policies.
Relevant groups of persons whose
personal data we process have accepted and declared that they know that the
accuracy and up-to-dateness of the personal data they shared over the website
and/or gave themselves and received due to the contractual relationship is
important in terms of exercising their rights over their personal data within
the framework of KVKK and in terms of other relevant legislation and that they
will be entirely liable in case they give false information.
It respects your concerns
regarding personal data protection and values our relationship with you. This
Privacy, Cookies and Data Protection Policy (Policy) only applies to the
personal data collected through Özdilek Holding AŞ websites, web pages, interactive
features, applications, widgets, blogs, and related content, as well as our
Twitter, Facebook, or other social networking sites and their related content
(collectively referred to as "Sites"), which are accessed via
computers, mobile devices, technology, or other devices (collectively referred
to as "Device").
This Policy defines the types of
personal data we collect through the sites and how personal data may be used
and/or with whom it may be shared. This Policy also describes how you can reach
us to update your contact information, to access and control the use of
personal data we collect in connection with marketing communications and
activities, or to get an answer to your queries about our privacy practices at
these Sites. Please read the Policy carefully as you confirm that you
understand and accept the terms of this Policy by using these sites. Also,
please review our Terms of Use, which govern your use of the Sites and the
content you submit to the Sites.
I. Cookies
Like many companies, Özdilek
Holding AŞ uses "cookies" and similar tools on the Sites to increase
performance and improve user experience.
What is a cookie?
A cookie is a small text file
placed on your device. Cookies help analyze internet traffic and enable
internet applications to respond to you as an individual. The Internet
application can tailor its operations to your needs, likes, and dislikes, by
collecting and remembering information about your preferences. Some cookies may
involve personal data. For example, if you click on the "remember me"
option while logging in, the cookie may record your username. Most cookies do
not collect personally identifiable data, but rather collect more general
information such as how users arrive at our Sites, how they use our Sites or the
user's general location.
What do we use cookies for?
Özdilek Holding AŞ may upload
cookies or similar files to your Device for security reasons and to tell
whether you have visited the Sites before, to remember your language
preferences if you are a new visitor, or to facilitate navigation on the site
in other ways and to personalize your visit to our Sites. Cookies allow us to
collect technical and navigational information such as browser type, time spent
on our Sites and pages visited. It also allows us to choose which of our ads or
offers may be more attractive to you and display them when visiting our Sites.
Cookies can improve your online experience by saving your preferences when
visiting a particular Site. Generally speaking, cookies help us provide you
with a better Site by allowing us to keep track of which pages you may find
useful and which you may not. Cookies do not allow us to access your Device and
any information other than the data you wish to share with us.
What kind of cookies do we use?
Generally, the cookies used on
the Sites can be divided into the following categories:
Session Cookies
These cookies are used during
each 'session' you visit the Site and expire after you leave the Site or after
a little time passes. They are not permanently saved on your device, involve no
personal data and help reduce the need for personal data to be transferred over
the internet. These cookies can be deleted or you can prevent their use, but
this will reduce the performance of the Sites and limit your user experience.
These cookies also use timestamps that record when you access and leave the
Site.
Tracking Cookies
These cookies allow us to
recognize regular visitors to our Sites. A tracking cookie matches an
anonymous, randomly generated identifier, keeping track of where a user of our
Sites came from, what search engine they might have used, which link they
clicked, what keyword they used, and their location in the world when they
accessed the Site. Tracking this data enables us to make improvements to our
Sites.
Persistent Cookies
This type of cookie is saved on
your Device for a fixed period (sometimes a few hours, sometimes a few years or
more) and is not deleted when the browser is closed. Persistent cookies are
used when we need to remember who you are over multiple sessions. For example,
this type of cookie can be used to save your preferences, so that they are
remembered when you visit the Site again.
Performance Cookies
and Analytics Cookies
Performance cookies are used for
analyzing how the Sites are used and monitoring their performance, which allows
us to improve your experience of using the Sites. These cookies help us tailor
the content of the Sites to reflect what Site users find most interesting and
help us detect when technical problems with the Sites occur. We may also use
this data to generate reports to help us analyze how the Sites are used, what
the most common issues are and how we can improve the Sites.
Can cookies be blocked?
You can accept or reject cookies.
Most web browsers automatically accept cookies, but you can change your
browser's setting to reject cookies if you wish. You can follow the directions
of your web browser for this.
11- Rights of the Data Owner and
Ways of Application to the Data Controller
As personal data owners, if you
submit your requests regarding your rights to our Company through the methods
set out below herein, our Company will conclude the request free of charge
within thirty days at the latest, depending on the nature of the request. However,
in case a fee is foreseen by the Personal Data Protection Board, the fee in the
tariff determined by our Company will be charged. In this context, the owners
of the personal data have the following rights:
a.
To learn whether his/her personal data has been processed,
b.
If his/her personal data has been processed, to request information about this,
c.
To learn the purpose of processing his/her personal data and whether it is used
in accordance with the purpose,
d.
To know the third parties inland or abroad, to whom his/her personal data
is transferred,
e.
In the event that your personal data has been processed incompletely or
incorrectly, to request it to be corrected and to request that the transaction
made within this scope is notified to third parties to whom your personal data
has been transferred,
f.
In the event that the reasons requiring processing disappear although it has
been processed in line with KVKK and other relevant law provisions, to request
the personal data to be erased or destroyed and the transaction made within
this scope to be notified to third parties to whom the personal data has been
transferred,
g.
To object the occurrence of a consequence against the person himself by
analyzing the processed data exclusively by means of automated systems,
h..
In case of suffering damage due to the processing of the personal data in
violation of the law, to request the damage to be indemnified.
-
Click here for the KVK application form
For any further queries regarding
personal data, you can contact Özdilek's authorized unit responsible for data
security (Company Data Security Responsible Unit: bt@ozdilek.com.tr). In order to
exercise your above-mentioned rights, you can notify us of your request that
includes your explanations regarding the right you wish to exercise by filling
out the form at ozdilekholding.com.tr and personally handing over a
signed copy of the form to Soğanlı Mah. İstanbul Cad. N: 343/1 Osmangazi/Bursa
along with the documents identifying your identity, by e-mailing your request
to the ozdilekholding@hs03.kep.tr, via notary public or by using
the e-mail address previously reported by the responsible person and registered
in our company's system, to kisiselveriler@ozdilek.com.tr. In order for the application of the personal data owner to be answered
more quickly, we request that "Personal Data Information Request" be
written on the application envelope.
Erasure, Destruction or Anonymization
of Personal Data
Your personal data, processed for
the purposes specified herein, will continue to be anonymized and used by us
when the purpose that requires processing in line with the first paragraph of
Article 7 of Law No. 6698 disappears and when the periods foreseen under
Article 17 of the same law and Article 138 of the Turkish Penal Code expire.
Özdilek anonymizes the personal
data it processes within the 6-month period stipulated for periodic destruction
when the storage periods foreseen under the relevant legislation or required by
the processing purpose expire, by using one or more methods that are most
appropriate for its business processes and activities, among the anonymizing
methods specified in the Guideline on the Erasure, Destruction or Anonymization
of Personal Data published by the Personal Data Protection Board and continues
to use the data in this way.
12- ÖZDİLEK HOLDİNG. A.Ş. Commercial Information
Title |
ÖZDİLEK HOLDİNG.
A.Ş. |
Central
Registration System Number |
683027115800012 |
Address |
Soğanlı Mahallesi
İstanbul Caddesi No: 343/3 Osmangazi / Bursa |
Phone |
0 224 219 60 00 |
Fax |
0 224 219 60 70 |
e-mail |
ozdilekholding@hs03.kep.tr |
Özdilek may make changes or
updates in this clarification text in line with legal regulations and Company
Policy. Necessary information is given to the relevant persons over the website
about the new clarification text reflecting all these changes and updates.