personel data protection

  • 1.    PURPOSE

    SADAT International Defense Consulting Construction Industry and Joint Stock Trading Company (hereinafter referred to as SADAT Defense) is to explain the measures and provisions we take to ensure the privacy of your personal data that we collect during your use of the information and services that we provide to our valued users.

    2.    COVERAGE

    Any user enters the SADAT Defense Web Site and Social Media accounts, fills the Internet and/or printed forms in; is deemed to have read and accepted the terms contained in the "Copyright Information", "Terms of use and Privacy Policy" and "Cookie Policy". This procedure is effective upon its publication in case it is updated to comply with the law and to better protect personal data.

    3.    DEFINITIONS

    1. Explicit consent: Consenting to a particular subject based on the information and declared with free will,
    2. Anonymization: Any way personal data may be matched to other data, in no way be associated with a specific or identifiable real person,
    3. Chairperson: The Head of the Personal Data Protection Agency,
    4. Related person: The real person whose personal data is processed,
    5. Personal data: Any information relating to the real person who is identified or identifiable,
    6. Processing of personal data: Acquisition of personal data by fully or partially automatic or non-automatic means provided that it is part of any data recording system, recording, storing, preserving, replacing, rearrangement, description, transfer, takeover, make available, classification or preventing the use all kinds of operations performed on data,
    7. Committee: The Personal Data Protection Council,
    8. Institution: Personal Data Protection Institution,
    9. Data processing: The natural or legal person who processes personal data on behalf of the data owner, based on the authority given by the data officer,
    10. Data recording system:The registration system in which personal data is structured and processed according to specific standards,
    11. Data supervisor: Refers to the natural or legal entity that determines the purposes and qualifications of the processing of personal data and is responsible for the establishment and management of the data recording system.

    4.    RESPONSIBLES

    The Data Representative appointed by SADAT Defense under the Directorate of Information and Communication is responsible for the execution of these provisions.

    5.    APPLICATION

    SADAT Defense will not share, sell or use personal data that users transmit electronically or otherwise via the ("website") www.sadat.com.tr, mobile applications, social media accounts, personal data for different purposes, except for the cases described in “Turkish Republic Personal Data Protection Law (Kişisel Verilerin Korunması Kanunu - KVKK) No. 6698” and “European Union General Data Protection Regulation (GDPR)”.

    5.1. General information about the Personal Data Protection Law

    The Personal Data Protection Law No. 6698 was adopted on March 24, 2016 and published in the Official Newspaper 29677 dated April 7, 2016. The European Union Data Protection Directive (EU General Data Protection Regulation) went into effect on May 25, 2018. As a data controller within the scope of the Personal Data Protection Law No.6698 and the European Union Data Protection Regulation / EU General Data Protection Regulation - GDPR, you will record, classify, process, store, and update the personal data of our valuable users and will be able to explain it to third sides with the rules of legislation and your permission, we inform you of our mutual rights and obligations within the scope of this legal regulation.

    5.1.1.    Definition of Personal Data under the Law

    Your identity (first name, last name, date of birth, TR ID, etc.), communication, information about the methods used to access the products (IP, mobile phone brand - model, browser type, version, social media information, gestures performed on screens, etc.) refer to all kinds of information that will enable you to be determinative or identifiable.

    5.1.2.    Information as Data Supervisor

    SADAT Defense which has issued detailed corporate information below, as Data Supervisor, under the laws mentioned above, your data is as explained below; will be recorded, stored, updated, explicable/transferred to third sides, classified, and processed when permitted by the legislation.

    5.2. Personal Data and Our General Privacy Policy

    IP Numbers: SADAT Defense determines the users' IP address and uses it when necessary, in order to identify system-related problems, solve problems that may arise in the website / mobile applications, immediately and notify the legal authorities according to the legal procedures and principles. IP addresses can also be used to identify general users (anonymously) and gather comprehensive demographic information.

    Anonymous Data: Information requested by SADAT Defense or information provided by the user or information relating to transactions made through the Website/Mobile Application, various statistical assessments anonymously by SADAT Defense and its collaborators (without personally disclosing the user), database creation, can be used in personalized package/offers and market research.

    Giving link to other sites: SADAT Defense can give a link to other sites within the website/Mobile Application. SADAT Defense bears no responsibility for the privacy applications and contents of sites accessed through the link.

    Bank/Credit Card Information: SADAT Defense uses an SSL certificate to secure information with a 256-bit encryption algorithm in the transmission of data. If required, users' bank/credit card information is only used by the bank or payment organization during the purchase process and is not held in the database under any circumstances. SADAT Defense can provide an infrastructure in which card information can be stored through PCI DSS certified organizations to help users streamline their next purchase. Information on bank/credit cards as a result of Card Storage Services that have the PCI DSS standard and are licensed by the BRSA facilitates Authentication and Authority (Authorization) steps, enabling bank/credit cardholders to use a secure and easy payment tool.

    Cases where user data can be described: The user's personal data consists of name-surname, address, phone number, email address, and any information to identify the user. SADAT Defense will not disclose any of the personal data to other third sides except those in which SADAT Defense is cooperating and associated companies unless otherwise stated in this privacy policy. In the following situations, SADAT Defense may disclose user information to third sides outside of these privacy policy provisions. These situations are:

    • Law, Decree having the force of law, Regulation, etc. compliance with the obligations of the law rules issued and in force by the competent legal authority;
    • Performance and implementation of the requirements of contracts that SADAT Defense has concluded with users;

    It is necessary to request information about users and to provide information to protect the rights or security of users to conduct any investigation or investigation conducted by the competent administrative and judicial authority.

    SADAT Defense is committed to keeping confidential information private and hidden, discontinuing it as an obligation to retain secrets as well ensuring and maintaining confidentiality, undertakes all necessary measures and due diligence to prevent any or all of the confidential information from the intake, entering the public domain, from unauthorized use or disclosure to a third party.

    Cookies state: SADAT Defense can obtain information about users and their use of the website using a technical contact file (Cookie) prepared by itself or by third parties. The technical contact files mentioned are small text files that a website sends to the user's browser to be stored in the main memory. The technical contact file keeps the user's login, passwords, and preferences open, makes it easier use by recognizing the user on their next visit.

     The technical contact file helps to obtain statistical information about how many people use the Website, for what purpose, how many times a person visited the Website, how long they stay and it helps to dynamically generate advertisements and content from user pages specially designed for users.

     The technical contact file is not designed to receive data from the main memory or email or any other personal information.

     Most browsers were initially designed to accept the Technical Contact file, but users can change the settings so that the Technical Contact file does not arrive, or a warning is issued when the Technical Contact file is sent. We recommend you read our Cookie Policy for more detailed information.

    Data collected in surveys, contests, and similar situations: The information requested by SADAT Defense from users who respond to periodic surveys and contests conducted by the Website is used by SADAT Defense and cooperating individuals to directly market, conduct statistical analysis and build a database for these users.

    E-newsletter, marketing message posts, and announcements: SADAT Defense sends e-newsletters and marketing messages to inform its followers of our activities, services, and services. May send promotional and Informational Campaign / Proposal / Package announcements where required or in agreement with third side partners. When you create an account on our system for the first time, you agree to e-mail and SMS messages as standard. Users can block these emails from reaching them by clicking on the link provided, as described at the bottom of the email. In addition, your user panel has the possibility to prevent them. If you would like to opt-out of our daily email mailing list at any time, you can easily unsubscribe from your newsletter by clicking on the "Please click to opt-out of our e-newsletter list" link at the bottom of the emails we send.

    Data Record System and Data Processing Usage: SADAT Defense uses artificial intelligence software and e-marketing, e-newsletter, bulk email, and SMS services to provide relevant individuals with technology and the highest quality service. He buys the Data Record System he uses for all of this purpose from third sides that provide Data Processing services. Our users are considered to consent our sharing of their personal data with Data operation who provide Data Record Service. Subject to KVKK and GDPR provisions for these third parties providing Data Processing Service.

    5.2.1.    How your personal data can be processed

    According to KVKK numbered 6698 and the EU General Data Protection Regulation – GDPR, your personal data shared with our company is acquired, saved, stored, modified, and reorganized, in whole or in part, automatically or by non-automated means, as part of any data recording system; providing safety and privacy under the legislation: by disclosing it, transferring it, taking over, making it available, classifying it, or preventing its use, we will, in short, process any processing performed on the data as a topic. Any action performed on the data under the laws set forth above is considered to be “processing of personal data.”

    5.2.2.    The purposes and legal reasons for processing your personal data

    Personal data you share;

    • To be able to provide our users with the services we provide, to comply with the requirements of the contract and technology, to be able to improve our products and services offered,
    • To be able to issue an official invoice for all products and services we offer after purchase,
    • Comply with the information retention, reporting, information obligations as required by legislation and by other authorities,
    • In issues related to public safety and in legal disputes, on-demand and by legislation, to be able to provide information to prosecutors, courts, and relevant public officials,

    KVKK numbered 6698 and EU General Data Protection Regulation – GDPR coverage will be processed in accordance with the principle and essentials.

    Recording your identity, address, tax' number and other information to determine the transaction owner and addressee in all kinds of business and transactions related to all kinds of products and services we will offer to you, the arrangement of the information and documents that will be the basis of the business and transactions to be carried out in the electronic environment, under the relevant legislation, to comply with the information storage, reporting and information obligations stipulated by all administrative authorities (courts such as, TBB, BRSA, CMB, MASAK, and BTK), to provide other products and services offered and requested as SADAT Defenseand to fulfill the requirements of the contracts between us...

    5.2.3.    Information about a third side or organization to which your personal data may be transferred

    For the purposes set forth above, people/organizations that share your personal data with our company can transfer to them; our major shareholders, and our direct or indirect local/foreign affiliates, including, but not limited to, individuals and organizations related to the service provided, to carry out our activities and/or as data processors, we collaborate with program partner organizations, local/foreign organizations, and other third sides.

    Also, your Personal Data will be transferred to program partner institutions, organizations, banks, financial institutions, service providers or companies in the context of our alliance concerning the sending of messages to our users to individuals and organizations where we have agreed to provide data to be stored in the cloud, and to other third parties where we service products/services comparison and application execution.

    5.2.4.    Collection shape of your personal data

    Your personal data can be processed and collected by,

    • Data on pages checked in the user name, last name, citizenship number, passport number, address, phone, business or private email address, age, gender, work, preferences on pages accessed using a username and password, IP records of transactions performed, cookie data collected by the browser, and details of navigation via forms on our company website and mobile applications, in the form of location data;
    • Sales and marketing department is responsible for the use of verbal, written or electronic media through our channels such as our employees, agents, dealers, paper forms, business cards, digital marketing and call center;
    • To establish a commercial relationship with our company, apply for a job, provide a proposal, business cards, resumes (cv), bids and other means are taken from people who share their personal data, in a physical or virtual environment, face to face or distant, verbal, writing, or from electronic media;
    • Also, data from (micro) websites and social media, such as websites, blogs, contests, surveys, games, campaigns, etc., indirectly obtained from different channels, E-newsletter read or click movements, data provided by public databases, social media platforms, profiles, and data that are available for sharing from social sharing sites such as, (Facebook, Twitter, Google, Instagram, Snapchat, etc.) can be processed and collected.

    5.2.5.    KVKK No.6698 and EU General Data Protection Regulation – Your personal data before GDPR comes into effect

    Your personal data, obtained by law before the effective date of the 2016 EU General Data Protection Regulation GDPR, may 25, 2018, which is the effective date of the KVKK, is also processed and maintained under the terms and conditions outlined in this document.

    5.2.6.    Personal Data Storage and Protection

    Your personal data will be stored confidentially in the database and systems provided by our company under KVKK No.6698 and EU General Data Protection Regulation – GDPR, and will not be shared with third parties in any manner other than legal requirements and regulations outlined in this document. Our company will be charged with systems and databases that house your personal data, by preventing the illegal processing of personal data under KVKK No.6698 and EU General Data Protection Regulation – GDPR, preventing access to unauthorized persons; by taking software measures such as hash, encryption, transaction registration, access management and physical security measures to ensure their protection. If it is learned that the personal data was obtained by others illegally, the case will be immediately notified to the Personal Data Protection Board in writing under the regulation of law.

    Personal data will be stored as long as the purpose of providing this information is valid. We will continue to process your data after the service you receive from us, in order to determine your needs, provide you more quickly, and meet your subsequent service requests. These limits will be observed if the data is to be retained for reporting, informational purposes, or longer periods as required by legislation, subject to legal terms, and to the public authorities concerned. We will take the necessary security measures to prevent the loss of stored and recorded data, unauthorized disclosure, and illegal use.

    5.2.7.    Keeping Personal Data up to date and accurate

    Under the clause of the 4th article of the KVKK, our Company has an obligation to keep your personal data accurate and up to date. In this respect, for our Company to fulfill its obligations arising from the current legislation, our users are required to share accurate and up-to-date data or update them through the website / mobile application.

    5.2.8.    KVKK No.6698 and EU General Data Protection Regulation – Personal data owner rights under GDPR

    Personal Data Owner is relevant to us, by applying to our company (data Supervisor).

    • Knowing if personal data is being processed,
    • Requesting information about personal data if it has been processed,
    • Understanding the purpose of processing personal data and whether they are used appropriately for their purpose,
    • Knowing the third parties to which personal data is transferred, whether domestic or abroad,
    • Asking for correction of personal data if it is incomplete or incorrectly processed,
    • Requesting the personal data be erased or destroyed under the requirements outlined in the 7th article of KVKK,
    • Requesting the personal data be reported to third parties where personal data is transferred, in the case of a correction, deletion, destruction,
    • Objecting to the outcome of the individual against himself by analyzing the processed data exclusively through automated systems,
    • It has the right to request compensation for the damage in the case the personal data is committed illegally.

    Registered in the Istanbul Chamber of Commerce with the registration number 34/809300, 736 057 7981 Beylikdüzü Tax Office, Head Office; Located at Marmara Mahallesi Hürriyet Bulvarı No: 110 / H Reşitpaşa Konakları Villa 2 Beylikdüzü / İstanbul, SADAT International Defense Consulting Construction Industry and Trade Inc., is Data Officer under KVKK numbered 6698 and the EU General Data Protection Regulation / EU General Data Protection Regulation – GDPR.

    The Data Supervisor Representative to be appointed by SADAT Defense will be announced in the Data officers Register and the internet address of this document when the legal infrastructure is provided.

    Personal Data Owners may submit questions, opinions, or requests to our company's central address by registered wet signed mail.

    Our company may give a positive/negative response to the requests submitted in writing or digitally, provided that they are justified and respond within 30 days.

    It is essential that the necessary actions for claims are free of charge. However, if the transactions require a cost, our Company reserves the right to claim a fee. These fees are determined by the Personal Data Protection Board over the tariff determined in accordance with Article 13 of the Personal Data Protection Law.