ATMACA ELECTRONICS IND. AND TRADE INC.

PERSONAL DATA PRIVACY POLICY

Dear Customers, Business Partners, Visitors, Applicants, and Staff; ATMACA ELECTRONICS INDUSTRY AND TRADE INC.. (“ATMACA” or “Company”), we values the security of your personal information. In this context, as “data controllers” under the Law on the Protection of Personal Data No. 6698 (“PDPA”), we would like to inform you about your personal data and processing activities.

With this Policy, it is aimed to ensure the sustainability of the company’s principle of conducting company activities in a transparent manner. In this context, the basic principles adopted in terms of compliance of the Company’s data processing activities with the regulations in the Law on the Protection of Personal Data No. 6698 (“PDPA Law”) are determined and the practices carried out by the Company are explained.

The policy applies to real persons whose personal data is handled by the Company either automatically or non-automatically, as long as they are part of a data collection system.

The policy was published by the Company on its website and presented to the public. In case of conflict with the legislation in force, especially the Law, and the regulations included in this Policy, the provisions of the legislation shall apply.

The company reserves the right to make changes in the Policy in accordance with the legal regulations.

WHAT IS YOUR PERSONAL DATA ?

Personal data is any information that can be used to identify or locate a person. The categories of your personal data that may be processed by Atmaca are listed below.

  • Identity Data: It refers to the real persons who benefit from the products and services offered by ATMACA.
  • Communication Data : It is the data group that can be used to reach the person (Phone, postal address, e-mail, fax number, IP address, )
  • Sensitive Personal Data:  This data category includes data types such as I health data collected from personnel for personal and occupational safety, (ii) biometric data collected from individuals such as fingerprints and facial scans, and (iii) criminal records pertaining to individual criminal convictions.
  • Visual Data : It refers to the photo taken at the entrance of the personnel to work or the image of the people in the camera recordings made for security purposes in Atmaca physical environments. )
  • Auditory Data: It is the data regarding the voices of people recorded by security cameras in their call center calls or physical environments of Atmaca.
  • Personnel Data:  It is the type of data that contains the personnel’s identity, contact information, as well as occupation, education, and financial data information within the scope of the personnel file that must be legally formed within the context of the employment contract made with the personnel.
  • Purchased Product Information: Data processed into Atmaca databases within the scope of manufacturer and warranty responsibility, as well as providing technical service or assembly service regarding the products and services purchased by individuals.
  • Contract Data: It refers to all data that Atmaca has entered into the database as a result of its contractual relationships with its business partners, suppliers, and external sources with which it has legal or commercial relations, such as signatures, signature circulars, and natural person company information.
  • Location Data: It refers to all the location data of Atmaca’s employees that it collects for internal auditing reasons.
  • Performance Data: It refers to any data processed for the purposes of internal auditing and increasing operability for corporate employees, as well as for the performance audit of external business partners.
DATA OWNER CATEGORIESEXPLANATION
1CustomerIt refers to the real persons who benefit from the products and services offered by the Company.
2Potential CustomerIt refers to real persons who show interest in using the products and services offered by the Company and have the potential to become customers.
3EmployeeIt refers to the real persons performing services in the company with an employment contract.
4VisitorIt refers to real persons who visit the company, store, campus, and website.
5ApplicantIt refers to real persons who apply for jobs by sending a CV to the company or applying through other means.
6Third PersonsIt refers to real persons excluding the Related Person categories mentioned above and Company employees.
7Business partners/Suppliers and their employeesParties with which the Company has established business partnerships for objectives such as conducting commercial operations or, in this case, providing goods or services to the Company on a contractual basis and in line with the Company’s instructions, and their employees.
PURPOSE OF PROCESSING YOUR PERSONAL DATA

Your personal data may be processed for the following purposes in accordance with the legislation on the protection of personal data;

For Customer;

  1. Executing of Goods / Services Procurement Processes
  2. Executing of Information Security Processes
  3. Executing of Occupational Health / Safety Activities
  4. Creating and Tracking Visitor Records
  5. Providing Safety in Physical Space
  6. Providing Information to Authorized Persons, Institutions and Organizations
  7. Ensuring the Security of Data Controller Operations
  8. Providing internet access and ensuring security of access

For Employees;

  1. Executing of Employee Satisfaction and Loyalty Processes
  2. Fulfillment of Employment Contract and Legislative Obligations for Employees
  3. Executing of Benefits and Side Benefits Processes for Employees
  4. Executing Audit / Ethical Activities
  5. Executing Educational Activities
  6. Executing of Access Authorizations
  7. Executing of Activities in Compliance with the Legislation
  8. Executing of Finance and Accounting Operations
  9. Planning of Human Resources Processes
  10. Executing / Auditing of Business Activities
  11. Executing of Occupational Health / Safety Activities
  12. Providing Information to Business Authorized Persons, Institutions and Organizations
  13. Executing of Management Activities
  14. Providing Physical Space Security and ensuring Business Continuity
  15. Executing of Information Security Processes
  16. Making necessary legal notifications to official institutions, taking advantage of incentives before official institutions, and notifying relevant authorities during official institution inspections
  17. Executing of human resources operations and especially personnel activities
  18. Ensuring employee supervision and executing necessary data processing operations within the scope of the employer’s right to management
  19.  

For Applicants;

  1. Executing of Applicant / Intern / Student Selection and Placement Processes
  2. Executing of Application Processes of Applicants
  3. Executing of human resources operations and especially recruitment processes
  4. Executing of Employee Satisfaction and Loyalty Processes
  5. Providing Physical Space Security and ensuring Business Continuity

For Supplier/Business Partners;

Within the scope of the commercial relationship between you and our company, the personal data of your company officials and employees, the establishment and performance of our Contracts specified in Article 5 of the Law, the fulfillment of legal obligations and the legitimate interests of our company, in accordance with the basic principles stipulated in the Law and within the personal data processing conditions can be processed within the scope of the stated purposes are as follows:

  1. Executing of Activities in Compliance with the Legislation
  2. Executing of Finance and Accounting Operations
  3. Executing and follow-up of legal processes
  4. Executing Company Internal Operations
  5. Ensuring physical space security
  6. preservation of your personal data, which must be preserved in line with applicable laws; copying and backing up data to avoid data loss; ensuring that your data is consistent; Taking the appropriate technical and administrative precautions to ensure the security of our databases and data

For Visitors;

Your identity and visual data are processed in physical environments with security cameras and visitor logs during your visits to our company, our website, and other workplaces in order to ensure the security of our company and you, as well as to fulfill our legal obligations and to comply with our legitimate interests.

  1. Executing Audit / Ethical Activities
  2. Executing of Information Security Processes
  3. Executing of Occupational Health / Safety Activities
  4. Creating and Tracking Visitor Records
  5. Providing Safety in Physical Space
  6. Providing Information to Authorized Persons, Institutions and Organizations
  7. Ensuring the Security of Data Controller Operations
  8. Providing internet access and ensuring security of access
  9.  

For Potential Customers;

Your identity and contact information obtained directly from you through your visits to our website, your posts on our Social Media Accounts, your requests and complaints sent to our call center, and the forms on our stands at the fairgrounds are processed in accordance with Article 5/2 of the law for the management of your requests and complaints, and to ensure that you are aware of our company’s products and services and It is processed in accordance with the marketing purpose and based on your express consent, within the framework of the goal of presenting a number of special products to you.

METHOD OF COLLECTING YOUR PERSONAL DATA AND ITS LEGAL REASON

Your personal data is collected through all kinds of physical and electronic media such as the purchases you make from our websites, technical services that are our business partners, dealers and other face-to-face channels, call centers, website visits, recruitment processes, and your visits to our workplaces. Depending on the Law, Article 5, Paragraph 2 and the following legal compliance reasons (explained below), if there is no such reason, it will be collected based on your express consent. Your personal data may be collected, processed, and transmitted by completely automatic, partially automatic, or non-automatic methods for the purposes outlined in this Policy, depending on the legal reasons indicated below.

  1. Being foreseen in the local or foreign legislation to which Atmaca is subject
  2. Provided that it is directly related to the establishment or performance of a contract, being necessary to process the personal data of the parties to the contract, to be able to provide the requested products and services or to fulfill the requirements of the contracts you have concluded,
  3. Being obliged to data processing for Atmaca to fulfill its legal obligations,
  4. Being made public by you,
  5. Being obliged to process data for the for the establishment, use or protection of a right as required by Atmaca’s legislation or internal practice.
  6. Being obliged to process data for Atmaca’s legitimate interests, provided that it does not harm your fundamental rights and freedoms.
TRANSFERRING YOUR PERSONAL DATA

Within the framework of the Law and other regulations, Atmaca will be able to transmit your personal data to the following domestic buyer groups for the reason stated in this Policy:

  1. To the suppliers and business partners with whom you want to make a purchase, seek technical help, or assemble a product, and with whom we collaborate to provide or provide the services to you,
  2. Our business partners, supplier companies, banks, financial institutions, with whom we cooperate and/or receive services for the presentation, promotion and similar purposes of products and services,
  3. Lawyers, auditors, consultants and service providers,
  4. To your attorneys, guardians and representatives authorized by you,
  5. Institutions or organizations authorized to request your personal data, such as regulatory and supervisory institutions, courts and enforcement offices, and persons designated by them
  6. To our business partners with whom we have a product and service sales connection, in order to communicate on the basis of employees
YOUR RIGHTS

In accordance with Article 11 of the Law, by applying to Atamca Elektronik through the methods in the “Communication” section of this Policy, you have right

  1. To learn whether your Personal Data is processed or not,
  2. To request information regarding the personal data if they are processed,
  3. To learn the purpose of processing personal data and whether they are used in line with their purpose,
  4. To know the third parties to whom your Personal Data is transferred at home or abroad,
  5. To request the correction of incomplete or incorrect processing of personal data;
  6. To Request the deletion or destruction of your Personal Data within the framework of the conditions stipulated in the PDPA legislation
  7. Request notification of your Personal Data to third parties,
  8. To object to the processing, exclusively by automatic means, of your personal data, which leads to an unfavourable consequence for you,
  9. To claim damages if you incur losses due to unlawful processing of your personal data.
ENSURING THE SECURITY AND CONFIDENTIALITY OF PERSONAL DATA
  1. To prevent unauthorized disclosure, access, or transfer of personal data, as well as any other security deficiencies, the Company takes all necessary steps, within the scope of its capabilities, and in accordance with the nature of the data to be secured.
  2. In this context, the Company takes all required (i) administrative and (ii) technological precautions, (iii) implements an internal audit system, and (iv) acts in accordance with the PDPA Law in the case of unauthorized disclosure of personal data.
DISPOSAL OF PERSONAL DATA
  1. Although it has been processed in accordance with the law pursuant to Article 7 of the Law, the Company shall delete, destroy or anonymize the personal data in accordance with the guidelines published by the Authority in the event that the reasons requiring the processing of data have disappeared or upon the request of the data subject.
  2. ATMACA has prepared and published a DISPOSAL POLICY in which personal data disposal procedures are determined. All disposal processes are carried out in accordance with this policy.
CONTACT US
  • In order to exercise your rights under the PDPA mentioned above, you can make your request by filling out the application form on the website www.sunny.com.tr or you can send it with another written document fullfills the application conditions sought by the relevant legislation to our address with documents to confirm your identity, with wet signature directly to our company address or via electronic mail or to kvkk@sunny.com.tr
  • ATMACA ELECTRONICS INDUSTRY AND TRADE INC. ( DATA CONTROLLER )
  • ADDRESS: ZAFER MAH. 177.SOK. NO:2 /1 ESENYURT / İSTANBUL
  • PHONE: +90 212 412 12 12
  • CENTRAL REGISTRATION SYSTEM NO: 0 – 1030 – 5499 – 2000014
  • WEB: www.atmacaelektronik.com.tr