Güç Sizde Şarj ETC'de!
SECTION 1 - INTRODUCTION
1.1. INTRODUCTION
As ETC Charge (Armasav Technology and Engineering Industry Trade Ltd. Co.) (“Company”), one of our most important priorities in the scope of our business activities is the protection of personal data. Within the framework of this ETC Charge (Armasav Technology and Engineering Industry Trade Ltd. Co. Personal Data Protection and Processing Policy (“Policy”), the principles adopted by our Company in carrying out personal data processing activities and the basic principles adopted in terms of compliance with the regulations in the Personal Data Protection Law (“Law”) numbered 6698 regarding the conduct of personal data processing activities by our Company are explained, and detailed information regarding all personal data processing activities carried out by our Company is presented, thus ensuring necessary transparency by informing the relevant individuals. With full awareness of our responsibility in this context, your personal data are processed and protected within the scope of this Policy.
The activities of our Company regarding the protection of employees' personal data are managed in parallel with the principles in this Policy under the title of ETC Charge (Armasav Technology and Engineering Industry Trade Ltd. Co. Protection and Processing of Employees' Personal Data Policy.
1.2. SCOPE
This Policy is related to all personal data processed by the Company through automatic or non-automatic means, provided that they are part of any data recording system, except for Company employees. Detailed information regarding the individuals concerned with these personal data can be found in Appendix 2 (“Appendix 2- Data Subjects”) of this Policy.
1.3. APPLICATION OF THE POLICY AND RELEVANT LEGISLATION
Relevant legislative regulations regarding the processing and protection of personal data will primarily apply. In case of any inconsistency between the current legislation and the Policy, our Company acknowledges that the current legislation will prevail. The Policy specifies the rules established by the relevant legislation within the scope of Company practices.
1.4. EFFECTIVENESS OF THE POLICY
This Policy prepared by our Company is dated 28.12.2023.
In case of renewal of the entire Policy or certain articles, the effective date of the Policy will be updated accordingly. The Policy is published on our Company's website (https://www.etcsarj.com/) and made accessible to relevant individuals upon request.
SECTION
2 - ISSUES RELATED TO THE PROTECTION OF PERSONAL DATA
2.1. ENSURING THE SECURITY OF PERSONAL DATA
In accordance with Article 12 of the Law, our Company takes necessary measures to prevent the unlawful processing, access, transfer, or any other security vulnerabilities of personal data and ensures their preservation, depending on the nature of personal data. In this context, our Company takes administrative measures to ensure the necessary security level in line with the guides published by the Personal Data Protection Board (“Board”) and conducts or ensures audits.
2.2. PROTECTION OF SPECIAL CATEGORY PERSONAL DATA
Special importance is attached to sensitive personal data due to the risk of causing harm or discrimination to individuals when processed unlawfully. According to Article 6 of the Law, "special category" personal data; race, ethnicity, political opinion, philosophical belief, religion, sect or other beliefs, clothing and attire, association, foundation or union membership, criminal conviction and security measures, biometric and genetic data ("Special category personal data excluding health and sexual life") and health, data related to sexual life ("Special category personal data related to health and sexual life") are determined. Technical and administrative measures taken by our Company for the protection of personal data are carried out within the scope defined in the Special Category Personal Data Processing and Security Policy and the works carried out in this regard are followed and audited within our Company through audits conducted.
Detailed information on the processing of special category personal data is provided in section 3.3 of this Policy.
2.3. INCREASING AWARENESS AND AUDITING OF BUSINESS UNITS ON THE PROTECTION AND PROCESSING OF PERSONAL DATA
Our Company ensures the organization of necessary trainings for business units to increase awareness of preventing the unlawful processing of personal data, unauthorized access to data, and ensuring data preservation. The training and awareness activities organized by the Company are based on the "Personal Data Security Guide" published by the Board on its official website. The aim of the trainings and awareness activities conducted is to ensure that personal data processing activities during the performance of employees' duties are carried out in compliance with the Law and secondary legislation. Our Company establishes necessary systems for raising awareness about the protection of personal data for its existing employees and newly recruited employees, and collaborates with consultants when necessary. Accordingly, our Company evaluates participation in relevant training sessions, seminars, and informative sessions, and organizes new trainings parallel to the updating of relevant legislation.
SECTION
3 - ISSUES RELATED TO THE PROCESSING OF PERSONAL DATA
3.1. PROCESSING OF PERSONAL DATA IN COMPLIANCE WITH THE PRINCIPLES STIPULATED IN THE LEGISLATION
3.1.1. Processing in Compliance with the Law and Good Faith
Our Company carries out personal data processing activities in accordance with the law and in good faith. Within this scope, our Company complies with the principles stipulated in Article 4 of the Law regarding personal data processing activities. In this context, our Company ensures that personal data processing activities are carried out transparently by providing detailed information to data subjects.
3.1.2. Processing for Specific, Explicit and Legitimate Purposes
Personal data processing activities are carried out for specific, explicit, and legitimate purposes. In accordance with Article 5 of the Law, our Company determines the purposes of personal data processing activities before starting the processing activities. In this context, our Company ensures that personal data processing activities are carried out within the framework of the principles of proportionality and necessity and does not process personal data in violation of the legislation.
3.1.3. Being Relevant, Limited and Proportionate to the Purposes for Which They are Processed
Our Company ensures that personal data processed are relevant, limited and proportionate to the purposes for which they are processed. Personal data processing activities are limited to what is necessary for the purposes for which they are processed and are not used for purposes other than those specified.
3.1.4. Keeping Accurate and Up-to-date When Necessary
Our Company takes necessary measures to keep personal data accurate and up-to-date when necessary. Our Company ensures that personal data that are no longer required for processing purposes are deleted, destroyed, or anonymized.
3.1.5. Retaining for the Period Stipulated in the Relevant Legislation or Necessary for the Purpose for Which They are Processed
Our Company ensures that personal data are retained for the period stipulated in the relevant legislation or necessary for the purpose for which they are processed. In this context, our Company determines the periods for retention of personal data in accordance with the requirements of the relevant legislation.
3.2. THE LEGAL BASIS OF PERSONAL DATA PROCESSING ACTIVITIES
Personal data processing activities carried out by our Company are based on one or more of the legal bases specified in Article 5 of the Law. Detailed information about the legal bases for personal data processing activities carried out by our Company can be found in the Personal Data Processing Inventory.
3.3. PROCESSING OF SPECIAL CATEGORY PERSONAL DATA
Our Company processes special category personal data in accordance with the Law and secondary legislation and takes necessary security measures. Within the scope of processing of special category personal data, our Company ensures that personal data are processed with the explicit consent of the data subject. In cases where processing is mandatory, our Company processes special category personal data in accordance with the conditions stipulated in Article 6 of the Law.
Our Company processes special category personal data within the scope of the purposes specified in the Special Category Personal Data Processing and Security Policy and ensures that such data are retained for the periods specified in this Policy.
SECTION
4 - RIGHTS OF THE DATA SUBJECT
4.1. RIGHTS OF THE DATA SUBJECT LISTED IN THE LAW
The Law grants certain rights to data subjects regarding their personal data. Our Company respects these rights of data subjects and ensures that data subjects can exercise these rights in a practical and efficient manner. Detailed information regarding the rights of data subjects and the procedures for exercising these rights is provided on the website of our Company.
4.2. THE DATA SUBJECT'S REQUESTS REGARDING THE EXERCISE OF RIGHTS
Data subjects can submit their requests regarding the exercise of their rights to our Company in writing or through other methods determined by the Personal Data Protection Board. Our Company finalizes the requests of data subjects regarding the exercise of their rights free of charge and within thirty days at the latest, depending on the nature of the request. In case the procedure requires an additional cost, our Company may charge the fee in the tariff determined by the Personal Data Protection Board.
SECTION
5 - TRANSFER OF PERSONAL DATA
5.1. TRANSFER OF PERSONAL DATA DOMESTICALLY AND ABROAD
Our Company ensures that personal data are transferred domestically and abroad in compliance with the Law and secondary legislation. Our Company takes necessary measures to ensure that personal data transferred domestically and abroad are protected at the same level.
5.2. THE BASIS FOR THE TRANSFER OF PERSONAL DATA DOMESTICALLY AND ABROAD
Personal data are transferred domestically and abroad based on one or more of the legal bases specified in Article 8 of the Law. Detailed information about the legal bases for the transfer of personal data domestically and abroad can be found in the Personal Data Processing Inventory.
SECTION
6 - DATA CONTROLLERS AND CONTACT INFORMATION
6.1. DATA CONTROLLER
Our Company is the data controller regarding the personal data processed by our Company. Our Company is responsible for ensuring that personal data are processed in compliance with the Law and secondary legislation.
6.2. CONTACT INFORMATION
Data subjects can send their requests regarding the protection and processing of personal data to our Company using the contact information specified below:
Company Name: ETC Charge (Armasav Technology and Engineering Industry Trade Ltd. Co.)
Address: Yıldızevler Mah. Turan Güneş Blv. No:52/6 Cankaya/Ankara-TURKEY
E-mail Address: info@etcsarj.com
Telephone: +90 (312) 806 68 72