1. General Definition
Under the law, personal data encompasses all types of data relating to an identified or identifiable natural person. A special type of personal data, Special Personal Data, refers to data related to race, ethnicity, political opinion, philosophical belief, religion, sect, other beliefs, appearance and dress, membership in associations, foundations, or unions, health, sexual life, criminal convictions and security measures, and biometric and genetic data.
Processing of personal data refers to any operation performed on data, such as obtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, making available, classifying or preventing the use of personal data, either fully or partially by automatic means or non-automatic means provided that it is part of any data recording system.
2. Purpose and Identity of the Data Controller
This “General Information Text on the Protection and Processing of Personal Data” has been prepared in accordance with Article 10 of the “Law on the Protection of Personal Data No. 6698” (“Law”) and the “Communiqué on the Procedures and Principles to be Complied with in Fulfilling the Information Obligation”, by the data controller identified below, DESTEK PATENT ANONYMOUS COMPANY (“DESTEK PATENT” or “Company”), in order to fulfill the information obligation regarding the processing of your personal data.
Your personal data is registered at the address “Maslak Mah.Saat Sokak Spine Tower No:5 Floor:13 D:128 34485 Sarıyer / İSTANBUL”, BOĞAZİÇİ INSTITUTIONS TAX OFFICE & taxpayer number 293 017 2251 DESTEK PATENT ANONYMOUS COMPANY (“DESTEK PATENT” or “Company”) As the data controller, in accordance with the Personal Data Protection Law No. 6698 (“Law”), personal data may be processed within the scope described below, within the framework of the purposes listed below and in a limited and proportionate manner in connection with these purposes, while preserving the accuracy and up-to-dateness of personal data as received by us.
3. Purposes of Processing Your Personal Data
Your collected personal data may be processed by DESTEK PATENT in accordance with the basic principles stipulated in the Law and within the personal data processing conditions specified in Articles 5 and 6 of the Law, for the purpose of ensuring the legal, technical, commercial and occupational security of the Company and the relevant persons who have a business relationship with the Company and for the performance of activities in the management processes of the personal data of data owners.
4. Collection and Processing of Personal Data
The Company may obtain personal data directly from data owners, or indirectly from third parties and from data made public by the data owner. In this context, data is collected verbally, physically, or electronically, and this personal data is processed. You can review the table below to see what your personal data is, how it is collected, and what personal data we may process.
| Employee and Intern Candidates | |
Data Category | Where the Data Was Obtained |
Identity Information Name, surname, date of birth, marital status | 1.It is given by the person himself. 2.It is obtained from employment platforms such as Kariyer.net. |
Contact Information Telephone number, residence address, e-mail address, | 1.It is given by the person himself. 2.It is obtained from employment platforms such as Kariyer.net. |
Special Personal Data Health information, *(On the grounds that there is no illness/disability that prevents employment), criminal convictions/security measures that may prevent the position applied for | 1.It is given by the person himself. 2.It is created or acquired by the company. |
Professional Experience Diploma information, courses attended, in-service training information, certificates | 1.It is given by the person himself. 2.It is obtained from employment platforms such as Kariyer.net. |
Legal Action Current case information* (whether or not there is a reinstatement case) | It is given by the person himself. |
Visual and Audio Data Closed circuit security camera footage, photograph of the person | 1.Security camera images are obtained through closed circuit security cameras. 2.The photograph is obtained from employment platforms such as Kariyer.net. |
| Candidate Employee Information Educational background, schools graduated from and graduation year, education and skills, seminars and courses, computer knowledge, foreign language knowledge, reference information, memberships to clubs and areas of interest, work experience, employment status and title, job description, company/institution names, periods worked | 1.It is given by the person himself 2. It is obtained from employment platforms such as Kariyer.net. |
| Other Military service status, vehicle driving proficiency and driver's license information, salary expectations | 1.It is given by the person himself. 2.It is obtained from employment platforms such as Kariyer.net. |
| Employees and Interns | |
| Data Category | Where the Data Was Obtained |
| Identity Information Name, surname, Turkish ID Number, marital status, date of birth, signature | 1.It is given by the person himself. 2.It is obtained from employment platforms such as Kariyer.net. |
| Contact Information Telephone number, residence address, email address | 1.It is given by the person himself. 2.It is obtained from employment platforms such as Kariyer.net. |
| Location Location information and GPS data obtained while using company vehicles | GPS data is obtained automatically. |
| Financial Information Financial and salary details, bonus list, bank information | 1.Bank information is provided by the employee. 2.Financial and salary details and bonus lists are created or obtained by the company. |
| Legal Action File and debt information regarding enforcement proceedings, current case information | 1.Information regarding enforcement proceedings is obtained through notification. 2.Current case information is provided by the Company on the grounds of whether there is a reinstatement case. |
| Special Personal Data Pre-employment examination form, blood type information, chest X-ray, eye disease examination, criminal record (criminal convictions that may prevent the position applied for / information on security measures subject to) | 1.Health report, health tests, blood type and criminal record data are provided by the employee. 2.The pre-employment examination form is provided by the workplace physician. |
| Personnel Payroll information, resume information, employment document records | 1.It is given by the person himself. 2.It is provided by the company. |
| Professional Experience Diploma information, courses attended, in-service training information, certificates Educational status, certificate and diploma photocopies, education and skills | 1.It is given by the person himself. 2.It is obtained from employment platforms such as Kariyer.net. |
| Visual and Audio Data Photo, closed circuit security camera footage | 1.The photo is provided by the employee. 2.Audio recordings and security camera images are obtained from relevant devices. |
| Physical Space Security Entry and exit registration information, camera recordings | It is captured by closed circuit security cameras. |
| Transaction Security IP addresses and web browsing activity of work computers used by employees | IP addresses and web browsing activities are obtained through computers and software. |
| Risk Management Information processed to manage commercial, technical and administrative risks | It is provided by the company. |
| Employee Information Military service status, discharge certificate, employee department, position information, employee driver's license information, overtime hours, number of days of leave earned, employment start date information, leave request information, Social Security Institution Information, salary information, title information, exit interview information | 1.It is given by the person himself. 2.It is provided by the company. |
| Employee Performance and Career Development Information Training participation forms, training hours and durations, exam results (if any), internal promotion evaluation processes (English, general aptitude tests, personality inventory), ethical non-compliance reports, personnel promotion transfer transactions file, HR outbound search team timesheets and performance reports, meeting records, scorecard information, employment date, weekly working hours (login-logout records) | 1.It is given by the person himself. 2.Data related to training is obtained from training providers. Other information relates to performance management and is generated by the Company. |
| Family and Relatives Information Family notification forms, certified civil registration sample | It is given by the person himself |
| Vehicle Information Working license plate | It is provided by the company. |
| Customers | |
| Data Category | Where the Data Was Obtained |
| Identity Information Name, surname, Turkish ID number | It is provided by the customer himself. |
| Contact Information Phone, email addresses, address information | It is provided by the customer himself. |
| Customer Transaction Invoice, Order information, Request information, etc. | 1.It is provided by the customer himself. 2.It can be prepared and processed by the company. |
| Financial Information Bank account information, IBAN etc. | It is provided by the customer himself. |
| Marketing Shopping history information, cookie records, etc. | It is provided by the company. |
| Transaction Security IP address information, website login and logout information, password and passcode information | 1.It can be provided by the customer himself. 2.It is collected and processed by the Company. |
| Intellectual Property Information | 1.It is provided by the customer himself. 2.It can be prepared and processed by the company. |
| Customer Prospects | |
Data Category | Where the Data Was Obtained |
| Identity Information Name, surname | It is given by the person himself. |
| Contact Information Phone, email addresses, address information | It is given by the person himself. |
| Customer Transaction Request information etc. | 1.It is given by the person himself. 2.It can be prepared and processed by the company. |
| Transaction Security IP address information, website login and logout information, password and passcode information | 1.It can be given by the person himself. 2.It is collected and processed by the Company. |
| Marketing Cookie records etc. | It is collected and processed by the Company. |
| Business Partner and Supplier Candidates | |
Data Category | Where the Data Was Obtained |
| Identity Information Name, surname, Turkish ID Number, signature | 1.It is given by him or his representatives. 2.N/A |
| Contact Information Address information, email addresses, telephone | 1.It is given by him or his representatives. 2.N/A |
| Visual Data Closed circuit security camera footage | 1.N/A 2.It is obtained through closed circuit security cameras. |
| Business Partners and Suppliers | |
Data Category | Where the Data Was Obtained |
| Identity Information Name, surname, Turkish ID Number, signature | It is given by him or his representatives. |
| Contact Information Address information, telephone, e-mail | It is given by him or his representatives. |
| Financial Information Bank account information, IBAN etc. | It is given by him or his representatives. |
| Visual Data Closed circuit security camera footage | It is obtained through closed circuit security cameras. |
Closed Circuit Security Cameras to Record the Relevant Persons | |
Data Category | Where the Data Was Obtained |
| Physical Space Security Employee and visitor entry and exit records, camera recordings, building/office entry and exit records | It is obtained through closed circuit security cameras. |
| Audio and Visual Recordings Closed circuit security camera footage | It is obtained through closed circuit security cameras. |
5. Parties to Which Your Personal Data Is Transferred and the Purposes of Transfer
Your collected personal data may be transferred by our Company to our shareholders, business partners, suppliers and legally authorized public and private institutions and organizations within the scope of the above-mentioned “Purposes”, in accordance with the provisions of all relevant legislation and the basic principles stipulated in Law No. 6698, and within the personal data transfer conditions specified in Articles 8 and 9 of the Law.
6. Method and Legal Reason for Collection of Your Personal Data
Your personal data may be collected by DESTEK PATENT electronically via email, mobile app, website, open internet resources, social media, phone, SMS, and call center, and physically via hand delivery or mail. Furthermore, your personal data will be collected based on the legal grounds of establishing and/or performing a contract, establishing, exercising, and/or protecting a right, fulfilling a legal obligation, and legitimate interest, as specified in Articles 5 and 6 of the Law, and, if provided, your explicit consent.
When the purpose for which your personal data is processed pursuant to Article 7/1 of the Personal Data Protection Law is eliminated and/or the limitation/storage periods required for us to process your data pursuant to the legislation expire, your personal data will be deleted, destroyed or anonymized.
7. Cases in which Personal Data Can Be Processed Without Explicit Consent in Accordance with the Personal Data Protection Law
In accordance with Article 5 of the Personal Data Protection Law No. 6698, your personal data may be processed without your explicit consent in the following cases. Namely;
•In cases clearly stipulated by law,
• If you are unable to give your consent as a data owner due to a de facto impossibility, or if your consent is not legally valid, the processing of your personal data is necessary to protect your life or the physical integrity of someone else,
• It is necessary to process your personal data belonging to the parties to the contract, provided that it is directly related to the establishment or execution of a contract,
• It is mandatory to fulfill a legal obligation,
•Your personal data has been made public by you,
• Data processing is necessary for the establishment, exercise or protection of a right,
• Data processing is necessary for the Company's legitimate interests, provided that it does not harm your fundamental rights and freedoms.
•Personal health data may be processed without the explicit consent of the data subject by persons or authorized institutions and organizations under a confidentiality obligation for the purposes of protecting public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and their financing.
7. Your Rights as a Personal Data Owner, Listed in Article 11 of the Law
In accordance with Article 11 of the Law, we hereby inform you that, as data owners, you have the following rights:
•Learning whether your personal data is being processed,
• Request information regarding your personal data if it has been processed,
• Learning the purpose of processing your personal data and whether they are used in accordance with their purpose,
•Knowing the third parties to whom your personal data is transferred, whether domestically or abroad,
• To request correction of your personal data if it is processed incompletely or incorrectly and to request that the action taken in this context be notified to third parties to whom your personal data has been transferred,
• To request the deletion or destruction of personal data in case the reasons requiring processing are eliminated, even though it has been processed in accordance with the Law and other relevant legal provisions, and to request that the action taken within this scope be notified to third parties to whom your personal data has been transferred,
• To object if a result against you arises as a result of the analysis of processed data exclusively through automated systems,
•To request compensation in case you suffer damages due to the unlawful processing of your personal data.
You can submit your requests regarding your rights listed above using the DESTEK PATENT PERSONAL DATA PROTECTION APPLICATION FORM below, or you can personally deliver your written, wet-signed petition containing the minimum requirements set forth in the Communiqué on Application Procedures and Principles to the Data Controller to the address "Maslak Mah.Saat Sokak Spine Tower No:5 Kat:13 D:128 34485 Sarıyer / ISTANBUL" where the Company's headquarters is located, send it through a notary public, send it electronically signed to our Company's KEP address destekpatent@hs02.kep.tr, or, if your e-mail address is registered in our Company's systems, forward it to our Company via the e-mail address kvk@destekpatent.com. Depending on the nature of your request, your applications will be finalized free of charge as soon as possible and within 30 (thirty) days at the latest. However, if the process requires additional costs, you may be charged a fee based on the tariff determined by the Personal Data Protection Board. If the response to the application exceeds 10 (ten) pages, a processing fee of 1.00 (one) TL will be charged for each page. If the response is requested on a recording medium such as a CD or flash drive, a fee will be charged based on the cost of the requested recording medium.
