1. Our company Altın Şehir Gıda Danışmanlık İnş. San. ve Dıi Tic. A.Ş. (Mr. Kumpir), deems as ‘Data Controller’ within the scope of Law No. 6698 on Protection of Personal Data. (“Law”) According to mentioned law, our company aims to inform Employee Candidates, Customers, Company Shareholders, Company Officials, Visitors, Employees, Shareholders and Authorities of the Institutions We Cooperate with and Third Parties, about activities subject to personal data processing and to obtain their explict consent about situations undermentioned.
  2. According to Law No. 6698 on Protection of Personal Data, personal data defined as “any information about an identified or identifiable natural person”, processing defined as “any action taken on it data, like obtaining personal data fully or partly in a automatic way or – on condition that being part of any data recording system- non-automatic way, saving, storing, retaining, changing, reorganizing, disclosing, transferring, taking over, making acquirable, classifying or preveting usage.

Personal Data Protection and Privacy Policy Text and Ackowledgement and Approval Text were submitted to you to be informed about company’s data processing policy. The Privacy Policy is published on our company’s website (www.mrkumpir.com) and submitted to relevant person on demand of owner of personel datas.

  1. Hereby with this document, data owners (employee candidates, customers, company shareholders, company officials, visitors, employees, and employees and shareholders of the third parties which our company is cooperated with, third parties etc.) acknowledge that they are informed and consent to the use of their personal data as specified herein.
  2. Data owners whose personal data are processed within the scope of the Privacy Policy and Acknowledgement Consent Text are categorized as follows:
Candidate EmployeesReal persons who make their CV and related information accessible by applying for a job to Mr. Kumpir or by any means.
Employees, shareholders and officials of the institutions we cooperate with
Employees,shareholders and officials of institutions that have a business relationship with Mr. Kumpir 
  
  
CustomersRegardless of whether there is any contractual relationship, real persons whose personal data are obtained due to the business relationship within the scope of the activities carried out by Mr. Kumpir
GuestsNatural persons who have entered Mr. Kumpir facilities for various purposes
Third personsOther natural persons whose personal data are processed within the framework of this policy, even if they are not specified in the policy
Company shareholdersShareholders of Mr. Kumpir who are real persons
Company officials Mr. Kumpir board members and other authorized natural persons

 

  1. In the implementation of the Disclosure and Consent Text and Privacy Policy; the meanings of some concepts are written below:

Explicit consent                                It is an open consent on a specific subject, based on information and explained to free will.

Anonymization                                 It is the rendering of personal data in no way associated with an identified or identifiable natural person.

Personal data                                   It is all kind of data which belongs to identified or identifiable real persons.

Sensitive Personal Data                   Race, ethnicity, political thought, philosophical belief, religion, sect or other beliefs, disguise, association foundation or union membership,

with health, sexual life, criminal conviction and security measures related datas and biometric and genetics datas are special personal datas.

Processing of

Data                                        It is any action taken on personal data, like obtaining personel data fully or partly in a automatic way or – on condition that being part of any data recording system- non-automatic way, saving, storing, retaining, changing, reorganizing, disclosing, transferring, taking over, making acquirable, classifying or preveting usage.

Authority                                          Authority of Protecting Personal Data

Policy                                                It is Mr. Kumpir Policy of Protecting and Processing Personal Data.

Data Processor                                 Based on the authority given by the data responsible, is a real and legal person who processes data.

Data Controller                     The real person or legal entity who determines the purposes and tools of processing personal data and  manages the place where the data is kept systematically (data recording system) is the data controller.

  1. Although Mr. Kumpir has processed personal data in accordance with the provisions of the relevant law specified in Article 138 of the Turkish Penal Code and Article 7 of the Protecting of Personal Data Law, in the event that the reasons requiring processing disappear, Mr. Kumpir erases, destroys or anonymizes upon the request of owner of personal data or on its own motion.
  2. The personal data processed by the Data Controller are categorized in accordance with the Law on Protection of Personal Data (Law) as follows. Unless otherwise indicated,the concept of “Personal Data”, the Privacy Policy and the terms and conditions provided in this Acknowledgement and Consent Text will include the information below.
Identfying InformationName-surname,Republic of Turkey Citizenship number, nationality   information, parent name, but not limited to place of birth, date of birth, gender and Institution of Social Secuity Number; all information in documents such as driver’s license, identity card, certificate of residence etc.                          
Contact Information Informations such as  Phone number, address, e-mail address, fax number, IP address,data processed that partially or fully automated or non-automated  as part of a data logging system whom explicitly belong to real person who identified or identifiable.
Customer Information Data about relevant people obtained or produced by in the scope of commercial activities and company unit actions.
Customer Transaction Information Data about records of the use of our products and services, and records and requests of instructions required by the customer to use the products and services
Transaction Security Information Data processed during the conducted commercial activities due to provide technical,legal,administrative and commercial security.
Risk Management Information Personal data that processed by appropriate methods and properly with good faith and accord with generally accepted legal/commercial practice due to
Financial Information Pocessed  personal data that created by the type of legal relationship established with the personal data owner according to information,document and record about all kind of financial results.
Candidate Employee Information Processed personal data relevant that who apply for a job to Mr. Kumpir or deemed as candidate employee by human resources unit according to our company’s needs and accord with commercial practice and good faith. And also personal data about currently working persons.
Legal Transaction Information Personal data processed in scope of detecting legal rights, claims ,follow-up of debts and performance of obligations.
Supervision InformationProcessed personal data in scope of compliance with Mr. Kumpir legal obligations and policies.
Sensitive Personal DataAccording to Article 6 of Code of Protecting Personal Data , person’s race, ethnicity, political thought, philosophical belief, religion, sect or other beliefs, disguise and outfit, association, foundation or union membership, health, sexual life, criminal conviction and security measures and biometric and genetic data,
Marketing Information Use of personal data owner of our products and services

customized according to their habits, tastes and needs personal data processed for marketing and this reports and evaluations created as a result of processing results.

 

Information of Physical Place Security

Entering the physical place, during the stay in the physical place

personal data regarding the records received and documents; camera recordings,

fingerprint records and records taken at the security point, etc. (Data processed that partially or fully automated or non-automated  as part of a data logging system whom explicitly belong to real person who identified or identifiable.)

Visual/Auditory Information Photos and camera records whom explicitly belong to real person who identified or identifiable,(except of in scope of data relevant with information of physical place) voice records and data contained in documents that are duplicates of documents containing personal data.
Requistion/Complaint Management Information Personal data relevant with any kind of requisition or compliant and  about  considering those applications by company.

 

  1. According to Article 3 and 7 of Law of Protecting Personal Data, anonymized data will not be considered as personal data. Processing activities related to anonymized data will be carried out notwithstanding with terms and conditions of this Acknowledgement and Consent Text.
  2. In principle, personal data will not be transferred to abroad without explicit consent of data owner. However, in the limits of Article 9 and in scope of Article 5 and 6, sensitive personal data and personal data can be transferred to abroad.
  3. According to law, personal data can not be processed unless explicit consent of data owner. However, in the Law numbered 6698 on the Protection of Personal Data it is determined that personal data and sensitive personal data may process even if explicit consent of owner of personal data not exist, in some

Personal data in accordance with Article 5 of Law No. 6698; Personal data may be processed without seeking the explicit consent of the data subject only in cases where one of the following conditions is met:

  1. If it is prescribed by the laws
  2. If it is necessary for the protection of life or physical integrity of the person himself/herself or of any other person, who is unable to explain his/her consent due to the physical disability or whose consent is not deemed legally valid.
  3. If it is directly related to the establishment or performance of the contract between data owner and data controller.
  4. If it is necessary for compliance with a legal obligation to which the data controller is subject.
  5. If it is already been made public by the data owner
  6. If it is necessary for the establishment, exercise or protection of any right.
  7. If it is necessary for the legitimate interests pursued by the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data owner.

On the other hand, according to law, person’s race, ethnicity, political thought, philosophical belief, religion, sect or other beliefs, disguise and clothing, association, foundation or union membership, health, sexual biometric and genetics with data on life, criminal conviction and security measures datas defined as sensitive personal data which are subjected to more severe conditions. Accordingly, sensitive personal data can only be processed under the following conditions, except in cases where the consent of the data owner is explicitly agreed:

  • People’s race, ethnicity, political thought, philosophical belief, religion, sect or other beliefs, disguise and dress, membership of an association, foundation or union, criminal conviction and data on security measures and biometric and genetic data can only be processed if prescribed by the laws.
  • Personal data about sexual life and health may process by persons or authorized institutions that under confidentiality obligation with purpose of only protecting of public health, preventive medicine, medicial diagnosis, carrying out treatment and care services and planning and management of health services and its finance .
  1. If the above conditions are not met, Mr. Kumpir asks explicit consent of owner of personal data with purpose of processing personal data. In this context, personal data may processing with purposes written below-but not limited with these:
  • Following up of contract processes, customer relationships, following up sales processes, following up demands and compliants of customers, following up about legal actions with purpose of in an effort to make customer have used of products and services which supplied by Mr. Kumpir.
  • Required for the realization of commercial activities carried out by Mr. Kumpir carrying out studies, planning of corporate communication activities, business continuity, provision of information technologies infrastructure, follow-up of financial affairs, execution of corporate management activities, analysis of business activities performing, planning the access rights of business partners and suppliers to informationand execution, planning and execution of business activities, research and development activities planning and execution,
  • In accordance with that purpose of planning and executing Mr. Kumpir human resources policies and processes; providing products and services which are essential to carrying out bussiness, controling and follow-up of bussiness, planning of side benefits, running of employment procedure, planning of performance evaluation processes,planning and execution of in-house tranining traning activities, planning the human resources needs required for production and execution,
  • In accordance with that purpose of providing legal and commercial security to people that in a bussiness relations with Mr. Kumpir, planning and execution company operations which are required to carrying out bussiness in accordance with company rules and regulations, planing and execution of work safety, informing authorized institutions due to regulations, following up legal issues, following up guest records, providing safety of company’s facilities, providing safety of company operations, planning and execution of company supervision activities, providing verify and actuate data, planning and execution of risk process of finance .

Mr. Kumpir aims to obtaning person’s explicit consent purpose with mentioned similar aims. In the case of exceptions shown in the law, personal data is processed limited for this purpose. In cases where the person does not have explicit consent, the processing of personal data is carried out within the exceptions specified in the Law. If the exceptions written in the law does not allow to process personal data meantime if there is no explicit consent, personal data will not be processed.

  1. Personal data that mentioned, may also be used to communicate with the data owner, to make statistical analysis, conducting market research without disclosing the identity of the data owner.
  2. Kumpir may process personal data of its employers without their consent for the purpose of fulfillment of the employment contract and for other legal obligations. Mr. Kumpir ensures the confidentiality and protection of the data of its employees.

Mr. Kumpir may process the personal data including CVs which submitted by candidate employee without consent. After the finalization of the application, processing these personal datas will be subject to explicit consent of candidate employee. Personal data may transfer to third persons in case of consent of data owner. Otherwise, personal data will be deleted, destroyed or anonymized after the conclusion of the process. If job applicant accepted fully or partly by company, personal data may process under the circumstances according to new legal relationship of the parties’.

  1. The monitoring activity with the camera carried out by Mr. Kumpir is carried out in accordance with the personal data processing conditions listed in the Law on Private Security Services and Protecting Personal Data Law. Personal data owner is informed by Mr. Kumpir in accordance with Article 10 of Law of Protecting Personal Data. Mr. Kumpir reports with more than one method regarding camera monitoring. Mr. Kumpir hangs a notification sign on entrance of areas about camera surveillance. In this way, it is aimed to prevent damage to the fundamental rights and freedoms of the personal data owner, to ensure transparency and to inform the personal data owner.

 

In accordance with Article 4 of the Law, Mr. Kumpir processes personal data in a connected, limited and measured manner for the purpose for which they are processed.

 

The purpose of camera surveillance by Mr. Kumpir is limited in aims that mentioned  policy. Accordingly, the monitoring areas of the security cameras, their number and when to be monitored, are implemented to be sufficient and limited to this purpose. It is not monitored in areas that may cause privacy of the person as a result of intervention, exceeding security objectives.

 

  1. Personal data that we had collected, must be accurate and actual. Therefore, in case of any change in your personal data, you can report this to the relevant unit of our Company.

 

  1. This Information and Consent Text may be updated from time to time in order to adapt to changing conditions and legislation.

 

I hereby declare that,

………………………….

(please write with handwriting as ‘I have read, understand and accept.’ )

 

Name/Surname:

 

Signature: