PRIVACY POLICY

PREFACE

Within the scope of Law No. 6698, Komtera Teknoloji A.Ş. We attach importance to the protection of your personal data and/or private data. We are sensitive about keeping all your personal data and/or special quality personal data transmitted to our company through various means. Especially the Law on Protection of Personal Data No. 6698, T.C. In order to comply with the Constitution and other legislation provisions, Komtera Teknoloji A.Ş. We have taken all technical and administrative measures. We would like to emphasize that we will protect your rights guaranteed by laws. In this context, you can safely share your personal data with our company and convey your suggestions, complaints and hesitations to us.
We share with you our Privacy Policy, which has been put into effect in our company, which is especially important for the protection of your personal data.

KOMTERA TEKNOLOJİ A.Ş.

1. PURPOSE OF THE PRIVACY POLICY

Protecting personal data and complying with the law is our basic principle. Our company has always shown the necessary sensitivity regarding the protection of personal data and/or sensitive personal data. Komtera Technology Inc. (Hereinafter, it will be referred to as “Komtera Teknoloji” for short). Again, in accordance with the Law on the Protection of Personal Data No. 6698, our in-house arrangements have been made; All technical and administrative measures have been taken. In the ongoing process, as Komtera Technology, we accept, declare and undertake to comply with all responsibilities brought by the law.

2. GİZLİLİK POLİTİKASININ KAPSAMI

This Privacy Policy has been prepared in accordance with the Law on the Protection of Personal Data No. 6698.

Your personal data and/or sensitive personal data are obtained with your consent or within the scope of compliance with the law. Your said data;

– Ensuring company security,

-To provide you with a complete service,

-To carry out our commercial activities,

-Quick resolution of your problems,

-Increasing our quality, used for the purpose.

Some personal data and/or sensitive personal data from you are depersonalized and anonymized in accordance with the procedures stipulated by the law. Data used for statistical purposes are currently not covered by the regulation of the law and our policy. As Komtera Technology, we have the right to change personal data in order to protect personal data within the scope of compliance with the law in accordance with our data policy, regulation and directive.
The privacy policy aims to protect the data obtained by any means of customers, employees and all other persons of real and legal persons with whom Komtera Teknoloji is a solution partner. In this context, it includes various regulations in order to achieve the intended target.

3. BASIC PRINCIPLES OF PROCESSING PERSONAL DATA AND/OR SPECIAL QUALITY PERSONAL DATA

Our basic principles regarding the processing of personal data and/or special categories of personal data are as follows. In this context, these principles will also apply to the data that Komtera Teknoloji collects or processes based on consent or in accordance with the law.

-Compliance with the Law: Komtera Teknoloji questions the source and legality of personal data and/or personal data of special nature that it receives from natural and legal persons and collected through various means. In this context, it is important for Komtera Teknoloji to obtain the data in accordance with the law.

Compliance with the Rules of Integrity: Komtera Teknoloji questions the source of personal data and/or personal data of special nature that it receives from natural and legal persons and that it collects through various means. In this context, it is important for Komtera Teknoloji to obtain data within the framework of honesty rules.

-Being Limited, Measured and Related to the Purpose for which they are Processed: Komtera Teknoloji uses personal data and/or special quality personal data obtained from various ways in accordance with the purpose for which they are processed and to the extent required by the performance of the limited and measured service for this purpose.

-Accuracy of Personal Data and/or Private Personal Data: Komtera Teknoloji attaches importance to the fact that the personal data received from natural and legal persons and collected through various means and/or sensitive personal data do not contain false information and are correct.

-Being Up-to-Date When Necessary: Komtera Teknoloji attaches importance to communicating the change to the company and updating the data if there is a change in the personal data obtained in various ways and/or in the personal data of special nature.

-Processing for Legitimate, Specific and Legitimate Purposes: Komtera Teknoloji processes the data it receives from individuals within the framework of approval for the execution of commercial activities and the performance of the work. It does not process and use personal data other than for the purpose of ensuring the commercial activity and the performance of the work. It does not allow third parties to use and process it.

-Retention for as long as required by law and/or for the purpose for which they are processed.: Komtera Teknoloji stores the personal data it obtains for the periods stipulated in the relevant laws. In this context, contractual personal data is kept under its responsibility as much as the statute of limitations and the duration of disputes stipulated by the laws, as well as the requirements of trade, debts and tax law. When the said purposes are over, it anonymizes, destroys or deletes the data. This data is deleted and destroyed in accordance with the “Directive on the Deletion of Personal Data“.

4. THE RIGHTS OF THE RELATED PERSON REQUESTING INFORMATION ACCORDING TO ARTICLE 11 OF THE PERSONAL DATA PROTECTION LAW

In Article 11 of the Law on the Protection of Personal Data No. 6698, the rights of the data owner are stipulated. In the law, the data owner is deemed to be the relevant person; The right to make certain requests regarding the processing of the data is foreseen. Pursuant to this article, the claim rights of the person concerned are as follows:

a) Learning whether personal data is processed or not,

b) If personal data has been processed, requesting information about it,

c) Learning the purpose of processing personal data and whether they are used in accordance with the purpose,

ç) Knowing the third parties to whom personal data is transferred at home or abroad,

d) Requesting correction of personal data in case of incomplete or incorrect processing,

e) “To request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the law titled “Deletion, destruction or anonymization of personal data,”

f) Requesting notification to third parties to whom personal data has been transferred, that the incomplete or incorrectly processed data has been corrected or that the data has been deleted or destroyed upon the request of the person concerned,

g) Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,

h) To request the compensation of the damage in case of loss due to unlawful processing of personal data.

Regarding the application process that enables you to exercise your rights “Information Request Form” It was prepared by Komtera Teknoloji and uploaded to our company’s website. You, whose personal data are processed, can exercise your above-mentioned rights by following the application procedures and principles on our website.

5. DELETING, DESTROYING AND ANNOUNCEMENT OF PERSONAL DATA

Your personal data and/or sensitive personal data will be deleted, destroyed or anonymized when the statute of limitations and storage periods stipulated in the law expires, the judicial processes are completed or other relevant requirements are terminated. These data “Directive on the Deletion of Personal Data” are deleted and destroyed accordingly. Deletion, destruction and anonymization processes are carried out at the request of the relevant data owner or ex officio (spontaneously) by Komtera Teknoloji.

6. MISSING PRINCIPLE

The principle of stinginess, also known as the principle of maximum savings. In accordance with the said principle, the data is processed into the system as much as necessary. Personal data that reaches our company in various ways are transferred to our company’s system.

The data to be collected by Komtera Technology is determined in accordance with the purpose and varies. Data are collected in accordance with the purpose and data that are not parallel to the purpose are not collected. Redundant data other than its purpose is not recorded in the company system, deleted or anonymized. However, these data can be used for statistical purposes.

7. PRIVACY AND SECURITY OF DATA

As Komtera Technology, we attach importance to the privacy of your personal data and/or private data. In this context, your personal data and/or sensitive personal data that reach our company by any means are confidential. Komtera Teknoloji respects the confidentiality of the said data at every stage of its commercial activity. In this context, this company’s privacy policy is fully complied with. Necessary technical and administrative measures are taken to ensure that personal data and/or sensitive personal data collected through various means do not fall into the hands of unauthorized persons, that the rights of the data owner are not harmed, that they are not victims, and that the data is protected. In addition, data protection is requested from companies with whom we share personal data and/or sensitive personal data within the framework of legal compliance. Again, our software programs are updated and constantly renewed. In order to provide a high level of protection, all technological requirements are fulfilled and compliance with standards is ensured.

8. CURRENTITY OF DATA

The up-to-dateness principle is essential by Komtera Teknoloji. Because personal data obtained in various ways and/or special quality personal data are processed and updated upon request. Necessary precautions regarding this are taken by Komtera Technology.

9. ACCURACY OF DATA

The principle of accuracy of declared personal data and/or sensitive personal data has been adopted by Komtera Teknoloji. Komtera Teknoloji is not obliged to investigate the accuracy of personal data and/or sensitive personal data declared by its customers or real and legal persons with whom it is in contact. Because this is not possible legally and in line with our working principles. In this context, all transactions are carried out with the belief that the declared data is correct.

10. PURPOSE OF PROCESSING PERSONAL DATA AND/OR SPECIAL QUALITY PERSONAL DATA

The processing of personal data and/or special quality personal data will be carried out in line with the purposes in the Clarification Text of Komtera Teknoloji. You can access the Illumination Text on the website of Komtera Teknoloji.

11. PROCESSING PERSONAL DATA AND/OR SPECIAL QUALITY PERSONAL DATA

Komtera Teknoloji may process your personal data in order to carry out its commercial activities, to ensure the performance of the service and to fulfill its legitimate purposes. The said data is never used for illegal services and illegitimate reasons.

Also, sensitivity is shown for the processing of special categories of personal data. Regarding the processing of special categories of personal data within our company
To the Policy on the Protection and Processing of Private Personal Data” is complied with. In addition, all necessary and sufficient precautions determined by the Board are taken while processing sensitive personal data.

12. PROCESSING PERSONAL DATA AND/OR SPECIAL QUALITY PERSONAL DATA FOR ADVERTISING PURPOSES

Electronic messages sent for advertising purposes must be approved by the recipient. In this context, e-mails for advertising purposes can only be sent to people with prior consent. It is essential that the consent of the person to whom the advertisement will be sent is clearly obtained. This issue is also clearly regulated in the Law on the Regulation of Electronic Commerce and the Regulation on Commercial Communications and Commercial Electronic Messages.

Komtera Teknoloji acts in accordance with the provisions of the above-mentioned law when sending electronic commercial messages for advertising purposes. It also complies with the approval and the details of the approval in accordance with the law. said consent; It can be received in physical environment by all kinds of electronic communication tools or in written form. The basis for the approval is the existence of a positive declaration of will of the recipient of the commercial electronic message that they accept the sending of the commercial electronic message, the presence of the electronic communication address and name and surname.

Approval from the buyer, marketing, promoting the company’s goods and services, promoting its business, ensuring its recognition, celebration, wish and congratulation, etc. It should cover all commercial electronic messages sent to electronic communication addresses in order to increase its recognition with the content.

13. DATA TRANSACTIONS DUE TO THE COMPANY’S LEGAL OBLIGATION AND EXPRESSLY PROVIDED IN THE LAW

Personal data may be processed without further approval, only for the purpose of expressly stating the data processing in the relevant law and/or fulfilling a legal obligation determined by the law. The type and scope of the processed data must be necessary for the data processing activity permitted by law. And in all circumstances, compliance with the provisions of the relevant law is essential.

14. COLLECTION AND PROCESSING OF PERSONAL DATA WITHIN THE CONTRACT RELATIONSHIP

If a contractual relationship is established with customers or prospective customers, the data collected pursuant to the contract can be used by Komtera Teknoloji without obtaining approval. The personal data in question are used within the framework of the performance of the service, the execution of the contract, the execution of the commercial activity and the requirements. This data can be updated by contacting customers.

15. İŞ – SOLUTION PARTNERS, TRADE PARTNERS SHAREDPERSONAL DATA

Komtera Technology has made it a principle to act in accordance with the law regarding the sharing of personal data. In this context, it acts in accordance with the provisions of the relevant law while sharing data with its business – solution partners and commercial partners. Komtera Teknoloji shares only as much personal data as is necessary for the performance of the service, the execution of the business and the continuation of the commercial activity with its business – solution partners and commercial partners, with its data confidentiality commitment. With the shared data, business – solution partners and commercial partners are requested to take the necessary administrative and technical measures to ensure data security.

16. PERSONAL DATA PROCESSED THROUGH AUTOMATIC SYSTEMS

Information obtained from data obtained through automated systems without the explicit consent of individuals cannot be used against individuals. Komtera Technology can only make decisions about the people it will process by using the data in its own system. With all this in mind, Komtera Teknoloji acts in accordance with all relevant legislation provisions for personal data processed through automatic systems.

17.PERSONAL DATA AND/OR SPECIAL QUALITY PERSONAL DATA OF KOMTERA TECHNOLOGY’S EMPLOYEES

PROCESSING WITHIN THE FRAMEWORK OF LEGAL OBLIGATIONS: Employee personal

Data may be processed by Komtera Teknoloji without obtaining separate approval, in order that there is an express provision in the relevant law regarding the processing of data or in order to fulfill the obligation stipulated by the law. The processing of the said data is limited to the fulfillment of the obligations arising from the law.

PROCESSING OF PERSONAL DATA IN ACCORDANCE WITH THE EMPLOYMENT CONTRACT AND WORK RELATIONSHIP: The personal data of the employees can be processed without the consent of the employees, within the framework of proportionality, as much as necessary in order to establish a business relationship between the company and the employees. Komtera Teknoloji is committed to the protection and confidentiality of employee data under all circumstances and to take every precaution in this regard.

 PROCESSING OF PERSONAL DATA OF EMPLOYEES: Pursuant to the KVKK No. 6698, the approval of the person whose data will be processed and additionally the necessary measures foreseen by the Board are required for the processing of sensitive personal data. Komtera Technology both obtains the approval of the person concerned and takes the necessary measures determined by the Board, while processing personal data with special characteristics within the framework of compliance with the law and the principles of the Board. However, special categories of personal data may be processed in exceptional cases stipulated in the law, without the consent of the person concerned, provided that it is limited and measured.

 PERSONAL DATA PROCESSED THROUGH AUTOMATIC SYSTEMS: Some personal data of employees can be processed in automated systems. The said data is used in the performance evaluation of the employees, keeping the statistical data, promotions and scoring for the company. Employees have the right to object to unfavorable results. The appeal must be made in accordance with internal company rules and procedures. The objection in question is evaluated within the company.

 PROCESSING PERSONAL DATA FOR EMPLOYEES’ BENEFIT: Personal data belonging to the employees can be processed by Komtera Teknoloji without obtaining approval for the transactions related to the benefit of the employee. Again, in disputes regarding the Komtera Teknoloji business relationship, the company may process the personal data of the employees.

INTERNAL TELECOMMUNICATION, INTERNET AND COMMUNICATION: In order to facilitate the performance of the work, Komtera Teknoloji can allocate computers, telephones, cars, applications, software and e-mail to the internal employees. Komtera Teknoloji can control and audit the personal data on the vehicles it has allocated.

The employee, on the other hand, cannot use the vehicles allocated to him for private purposes. It is obligatory to use it only for the purpose of ensuring the performance of the work. Again, the employee accepts, declares and undertakes that from the beginning of the working relationship with Komtera Teknoloji, the vehicles allocated will not contain any data or information other than the work and the necessity of the work.

18.DOMESTIC AND ABROAD TRANSFER OF PERSONAL DATA

Komtera Teknoloji may share personal data with business-solution partners, commercial partners and controlling shareholders in order to perform the service and carry out commercial activities. Again, Komtera Teknoloji will be able to transfer personal data to its suppliers in a limited and measured manner in order to provide the necessary service for the execution of the commercial activity, which is outsourced from the supplier.

Komtera Teknoloji has the authority to transfer personal data within the country and abroad in accordance with the conditions stipulated in the law and within the framework of the principles determined by the Board and with the approval of the relevant person.

19. RIGHTS OF THE RELATED PERSON REQUESTING INFORMATION

In Article 11 of the Law on the Protection of Personal Data No. 6698, the rights of the data owner are stipulated. Komtera Teknoloji accepts that, pursuant to the law, it has the right to obtain the consent of the data subject before the data is processed, and the right to request information about the data of the data subject, to be updated, deleted, destroyed and anonymized after the data is processed.

Relevant persons can access the “Information Request Form” from Komtera Teknoloji’s website, regarding their personal data;

a) Learning whether personal data is processed or not,

b) If personal data has been processed, requesting information about it,

c) Learning the purpose of processing personal data and whether they are used in accordance with the purpose,

ç) Knowing the third parties to whom personal data is transferred at home or abroad,

d) Requesting correction of personal data in case of incomplete or incorrect processing,

e) “To request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the law titled “Deletion, destruction or anonymization of personal data,”

f) Requesting notification to third parties to whom personal data has been transferred, that the incomplete or incorrectly processed data has been corrected or that the data has been deleted or destroyed upon the request of the person concerned,

g) Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,

h) In the event that personal data is damaged due to unlawful processing, it has the right to request that the damage be remedied.

Applications for the above-mentioned requests are made through the company’s website or by filling in the application form obtained from the company. The application form can be signed with a wet signature (together with a copy of the ID) and sent to the KEP address registered at our company address or to the address [email protected], through a notary public, by registered mail with return receipt requested. Applications must belong to the person concerned. An application cannot be made for a request for information regarding the personal data of another person. In addition, the information request made on behalf of someone else will not be answered by the company. If it is determined by Komtera Technology that the application made on behalf of another person in the information request is made; All kinds of lawsuits and claims of Komtera Teknoloji are reserved. The requests of the person concerned will be answered within thirty days at the latest from the date they reach Komtera Teknoloji. If Komtera Teknoloji deems necessary, it will be able to request other information and documents from the applicant. The person concerned has no right to anonymized personal data within the company.

20. PRIVACY POLICY

All personal data and/or sensitive personal data belonging to employees and persons who have reached Komtera Teknoloji through various means are confidential. No one can use, reproduce, transfer, use or copy personal data and/or sensitive personal data for purposes other than business purposes, pursuant to the contract or for reasons of compliance with the law.

21. AUDIT AND PROCEDURE SECURITY

Necessary technical and administrative measures are taken to ensure that personal data and/or sensitive personal data collected through various means do not fall into the hands of unauthorized persons, that the rights of the data owner are not harmed, that they are not victims, and that the data is protected. In addition, data protection is requested from companies with which we share personal data and/or sensitive personal data within the framework of legal compliance. Again, our software programs are updated, constantly renewed and developed. In order to provide a high level of protection, all technological requirements are fulfilled and compliance with standards is ensured. In parallel with all these, Komtera Teknoloji has all internal and external audits performed in order to protect personal data and/or sensitive personal data.

22. NOTIFICATION OF PERSONAL DATA VIOLATIONS

In case of any breach of personal data, Komtera Teknoloji immediately takes action to do its part to remedy the breaches reported to it. It takes all necessary measures to minimize the harm of the person concerned. In this context, it compensates by minimizing the damage.

In the event that personal data and/or sensitive personal data come into the hands of unauthorized third parties, it notifies the Personal Data Protection Board directly. You can apply for notification of violations according to the procedures specified on our company’s website. Click for “Information Request Form”.