The principles concerning the processing of your personal data by V Vakfı (“Foundation”) as the data controller based in “Mecidiyeköy Yolu Cad. No:12 Trump Tower Ofis Kule Kat:35 Şişli-İstanbul”, in accordance with the Turkish Law on Protection of Personal Data no. 6698 (“Law”), the Regulation 2016/679 of the European Parliament and Council of 27 April 2016 (European Data Protection Regulation or “GDPR”) and other applicable legislation and other applicable legislation are provided in detail in this Clarification Text.
- Purpose of Processing Personal Data
Your e-mail information, which is obtained as a result of you signing up to the e-bulletin / newsletter list, is processed for the purpose of transmitting informative and promotional content, monitoring and analysis of business development projects to be carried out in this field.
- Transferred of Personal Data
The purpose of transferring the data is in line with the purpose of processing personal data. Your collected personal data may be transferred to our business partners and suppliers, affiliates, authorized public institutions in accordance with data processing conditions and purposes stated under the Law and GDPR. (in particular Article 6(1) and recital 48 of GDPR; and in Article 8 and 9 of PDPL) Your personal data will be transferred to İleti Yönetim Sistemi A.Ş. due to sending commercial electronic messages to you.
- Method and Legal Basis for Collecting Your Personal Data
Personal data are collected partially automatically through the digital form created for the e-bulletin as part of the data recording system in the electronic environment. This type of personal data is processed in accordance with the Law, with the explicit consent given by the data subject as a result of the e-bulletin subscription request and legitimate interest of the data controller that it does not harm your fundamental rights and freedoms, it is mandatory to process your personal data.
- Application to the Data Controller and Your Rights
According to the Article 11 of PDPL and Article 12 of GDPR, you also have the following rights:
- learn whether your personal data are being processed,
- if they are, request information,
- obtain information on the purpose of processing and find out whether personal data has been used as fit for the purpose,
- obtain information about the third persons in Turkey and abroad, to whom personal data are transferred,
- request rectification of personal data that may have been incompletely or inaccurately processed,
- request the deletion or destruction of personal data,
- request notification of the operations made as per indents (e) and (f) to third parties to whom personal data have been transferred,
- object to occurrence of any detrimental result by means of analysis of personal data exclusively through automated systems and
- request compensation for the damages due to unlawful processing of personal data.
You can send your requests to the Foundation according to Comminuque on the Principles and Procedures for the Request to Data Controller. You can also direct your applications to us by submitting it to the address “Mecidiyeköy Yolu Cad. No:12 Trump Tower Ofis Kule Kat:35 Şişli-İstanbul” via registered letter or to the [email protected] email address.
Our Foundation fulfills your requests as soon as possible and within thirty days at the latest and once for free of charge. However, requesters may be charged for following requests or for the initial request if the action taken on the request requires additional cost. Our Foundation can accept and process the request or reject the request in writing by explaining its reason.
You are entitled to file a complaint to the Turkish Board of Personal Data Protection (“Board”) within thirty days as of the notification of the reply and in all cases within sixty days if the application is rejected after carrying out the procedure mentioned above, the reply is deemed to be insufficient or the requests are not responded in a timely manner. However, the complaint cannot be filed without exhausting this application process.
The Board may conduct the necessary inspections within its field of duty upon receiving a complaint or ex officio upon detecting a breach. The complaint shall be examined by the Board and answers shall be provided to those concerned. If no replies are given within sixty days as of the date of the complaint, the request shall be deemed to be rejected. If, as a result of inspections upon receiving a complaint or ex officio investigation, a breach is detected, the Board shall rule the identified contraventions of law to be eliminated by the data controller, and shall notify those concerned accordingly. This decision shall be fulfilled without delay but no later than within thirty days as of the notification of the decision. The Board is authorized to halt data processing or international transfer of data if damages that are hard or impossible to compensate occur and if there is an explicit infringement of the law.
We would like to emphasize that your data is meticulously protected by the Foundation and thank you for the trust that you place in us.