Privacy Policy

Privacy and Personal Data Protection Policy

1-Purpose of the Privacy and Personal Data Protection Policy

this Privacy and Personal Data Protection Policy (“Policy”) is to provide information on the personal data processing activities and methods adopted for the protection of personal data by YENER ÖVÜNÇ ASANSÖR SAN. VE TİC. A.Ş. (“Company”) as the data controller, in accordance with the Law No. 6698 on the Protection of Personal Data (“Law”) and related legislation. In this context, it aims to inform individuals whose personal data is processed, primarily our customers, employees, job applicants, employees, shareholders and officials of suppliers and collaborating institutions, and other third parties (“Data Subjects”).

2. Principles to be Applied Regarding the Processing of Personal Data

All personal data processed by the company is processed in accordance with the regulations stipulated in the Law. In this context, personal data includes:

a. It is processed in accordance with the law and the principle of honesty.

b. Personal data is kept accurate and up-to-date when necessary.

c. It is processed for specific, explicit and legitimate purposes.

d. They are used and disclosed in a limited and proportionate manner, and in connection with the lawful purpose for which they are processed.

e. They are retained for the period stipulated in the relevant legislation or for the period necessary for the purpose for which they were processed.

3. Purpose of Processing Personal Data

The company undertakes to process personal data in accordance with the principles set forth in Article 4 of the Law, the conditions for processing personal data specified in Articles 5 and 6 of the Law, and for the following purposes:

  • For the natural and legal persons we serve, as well as our suppliers and business partners:
    • Fulfillment of all intended service delivery and execution.
    • Exchange and sharing of information necessary for potential service activities.
    • Providing additional services (consulting, communication, etc.) to facilitate the execution of these activities.
    • Improving and developing the services offered, determining and implementing commercial activities and business strategies.
    • Management and follow-up of customer requests and complaints.
    • Planning information security processes, establishing and managing information technology infrastructure.
    • Monitoring and executing legal processes and communication processes with official institutions.

 

  • For employees:
    • Exercising rights and fulfilling obligations arising from legislation such as labor, occupational health and safety, social security, and taxes.
    • Resolution of disputes arising from labor law.
    • To enable the development of corporate plans.
    • Ensuring order, control, safety, management, and compliance in the workplace.
    • Conducting recruitment processes
    • Cases where data processing is necessary for the legitimate interests of the Company, provided that it does not harm the fundamental rights and freedoms of the data subject.



4. Methods of Collecting Personal Data

Personal data may be collected by the Company through automated or non-automated methods, or through similar means, verbally, in writing, or electronically. These processes are carried out in accordance with the conditions and purposes of personal data processing specified in Articles 5 and 6 of the Law and the legal grounds stated in this Policy . Where the explicit consent of the data subjects is required, their explicit consent is obtained by having the data subjects read and approve the necessary information text and explicit consent form. In this context, the Company processes personal data as follows:

 

  • Obtaining personal data of natural persons and shareholders, board members, representatives, authorized signatories, and employees of legal entities during the execution of commercial transactions, negotiations, and contracts carried out for the purpose of conducting its commercial activities,
  • By collecting general and specific personal data obtained during interviews with job candidates in order to meet employment needs,
  • Obtaining general and special categories of personal data during the signing of the employment contract with the employee and during the performance of the employment contract,
  • In addition, by obtaining personal data through notifications from administrative and judicial authorities and other communication channels,
  • Through information sharing, communication, and correspondence conducted via the internet or our email address,
  • Information and records are collected through various verbal, written, physical, or electronic means, either personally or through a third party, including forms, job applications and notifications, and petitions.

5. Permission for Processing and Transferring Personal Data

The processing of personal data within Turkey and its transfer to third parties (natural and legal persons) by the company is possible only with the explicit consent of the data subject. In accordance with Article 5 of the KVKK (Law on Protection of Personal Data), if explicit consent is not given, personal data;

 

  • Where explicitly provided for in the laws,
  • When it is necessary for the protection of the life or physical integrity of the person who is unable to express their consent due to factual impossibility or whose consent is not legally valid, or for the protection of the life or physical integrity of another person,
  • When it is necessary to process the personal data of the parties to a contract, provided that it is directly related to the establishment or performance of the contract,
  • If necessary for the Company to fulfill its legal obligations,
  • When personal data is made public by the data subject,
  • When necessary for the establishment, exercise or protection of a right,
  • Data may be processed if necessary for the legitimate interests of the Company, provided that it does not harm the fundamental rights and freedoms of the data subject.

Data relating to a person’s race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and clothing, membership in associations, foundations or trade unions, health, sexual life, criminal convictions and security measures, as well as biometric and genetic data, are considered special categories of personal data. The processing and transfer of special categories of personal data by the company is only possible with the explicit consent of the Data Subjects . If explicit consent is not given;

 

  • Special categories of personal data that are not related to health and sexual life may be processed without the explicit consent of the Data Subject in cases stipulated by law .
  • Personal data relating to health and sexual life may only be processed by persons or authorized institutions and organizations bound by an obligation of confidentiality, without seeking the explicit consent of the data subject, for the purposes of protecting public health, preventive medicine, medical diagnosis, treatment and care services, and the planning and management of health services.

The processing of personal data abroad and its transfer to third parties (natural and legal persons) is possible only with the explicit consent of the Data Subjects . In cases where explicit consent is not obtained, the transfer of personal data may be carried out if one of the conditions set forth in Articles 5/2 and 6/3 of the Law and the following conditions are met:

 

  • Where adequate protection exists, as determined and announced by the Personal Data Protection Board (“Board”).
  • In cases where adequate protection is not available, data controllers in Türkiye and the relevant foreign country must provide a written commitment to ensure adequate protection, and this must be done with the permission of the Board.

Personal data may also be transferred abroad, subject to the provisions of international agreements, only with the permission of the Board and after obtaining the opinion of the relevant public institution or organization, in cases where the interests of the country or the Data Subject would be seriously harmed.

6. Protecting the Rights of the Data Subject

Interested parties may exercise the following rights by applying to the Company:

 

  • To find out whether your personal data is being processed.
  • Requesting information regarding the processing of personal data.
  • To learn the purpose of processing personal data and whether it is being used appropriately for that purpose.
  • To find out the third parties to whom personal data is transferred, whether domestically or internationally.
  • Requesting the correction of personal data if it has been processed incompletely or inaccurately.
  • Requesting the deletion or destruction of personal data within the framework of Article 7 of the Law.
  • Requesting notification of correction, deletion, and destruction processes to third parties to whom personal data has been transferred.
  • The right to object to a decision that is detrimental to oneself, resulting solely from the analysis of personal data through automated systems.
  • The right to claim compensation for damages incurred as a result of the unlawful processing of personal data.

To exercise the rights mentioned above, Relevant Persons may submit their requests to the Company through the following communication channels:

Application Method

In person or through a notary public, with your handwritten signature and a valid identification document.

By submitting a petition with a secure electronic signature or mobile signature via your own email address or by using the email address you previously provided and which is registered in our system.

Application Address

Şeyhli Mah. Şüheda Cad. No: 33 İç Kapı No: 1 Pendik/İstanbul

info@mpyenerovunc.com

According to the Communiqué on the Procedures and Principles for Applications to the Data Controller, your application must include the following information:

  • Name, surname and signature if the application is in writing,
  • For Turkish citizens, the Turkish Republic identity number; for foreigners, their nationality, passport number, or identity number.
  • iii. The residential or business address used for notification purposes,
  • If available, the email address, telephone and fax number used for notification purposes.
  • Subject of the request

7. Measures Regarding the Accuracy, Up-to-Date Maintenance, Security, and Protection of Personal Data

The company takes the necessary administrative and technical measures in accordance with the Personal Data Security Guide published by the Personal Data Protection Authority (“the Authority”) to ensure that personal data is kept accurate and up-to-date, stored in secure environments, and that its loss, alteration, or unlawful use is prevented.

Employees shall not disclose personal data they have learned to others in violation of the law, nor shall they use it for purposes other than the processing purpose. This obligation shall continue even after they leave their positions.

If personal data processed is obtained by others through unlawful means, the Company will notify the relevant party and the Board as soon as possible so that necessary measures can be taken.

8. Deletion, Destruction or Anonymization of Personal Data

this Policy will be deleted when the purpose requiring processing ceases to exist, when the retention periods determined by the Company expire, or when the periods determined by legislation expire, in accordance with the principles and methods in the Guide to Deletion, Destruction or Anonymization of Personal Data published by the Authority. If deemed necessary, and provided it is reasonable and proportionate, the data may continue to be used after being anonymized.

9. Changes to the Personal Data Protection Policy

The company may make changes to the Policy as required by its operations or when a legal requirement arises. These changes will become effective upon publication of the revised Privacy and Personal Data Protection Policy text on the website at https://yenerovuncasansor.com/ Furthermore, employees will be notified of any changes via email or through appropriate notices and announcements at the workplace.

To learn more about our customized solutions, fill out the form. Our expert team will contact you.

Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.