GDPR
SHELLIX CLARIFICATION TEXT ON PROTECTION OF PERSONAL DATA | MEMBER | |||
This clarification text is valid for the relevant person marked below. | ||||
People Who Use Services or Products | MEMBER | X | ||
FACILITY/ WORKPLACE VISITOR | STAFF CANDIDATE | |||
PURPOSE AND SCOPE OF THE CLARIFICATION TEXT | Your personal data in MISTIKIST is processed and protected by Shellix Smart Solutions A.Ş (hereinafter also referred to as the “Company” or “Shellix”) as the data controller, within the protection of Global Data Protection Regulation (hereinafter also referred as “GDPR” or “Law”). Your personal data is processed in accordance with the reasons, purposes and methods explained below within the scope of GDPR and relevant legal legislation. This clarification text has been prepared for people who send messages to the Company from the ‘contact us’ tab in the MISTIKIST application. | |||
SUBJECT OF THE CLARIFICATION TEXT | Clarification Text on the Processing of Personal Data at Shellix is prepared to inform you in the most transparent way about your rights pursuant to the article titled “Informing Obligation of the Data Controller” in the GDPR: the identity of the data controller, the method and legal reason for the collection of your personal data, the purpose for which this data will be processed, to whom for what purpose it can be transferred, and in the GDPR. Please visit Shellix’s corporate headquarters to get more detailed information on related topics. | |||
PURPOSE OF PROCESSING YOUR DATA, AND WITH WHOM AND FOR WHAT PURPOSES IT IS SHARED TRANSFER TO ABROAD | By our company, due to its commercial activities; The legislation that our company is subject to (Technology Development Zones Law, Technology Development Zones Implementation Regulation, Turkish Code of Obligations, Turkish Commercial Code, Law on Consumer Protection, Labor Law, Global Data Protection Regulation, Revenue Administration and other relevant institutions’ regulations) and contracts we are part of; your verbal, written or electronic personal data is collected and processed. Your personal data will be used for the purposes listed below. Our company accepts, declares and undertakes that the company will not use your personal data other than the above activities and purposes, and will not share it with third parties other than legal obligations, situations required by official institutions and what is stated in this clarification text. Our company can share your personal data in the following cases; It can be shared with our company’s business partners (you can learn more about Shellix’s Businesses at www.shellix.com) and its affiliates, with the express consent of the MEMBERS or within the scope of the legislation that we are responsible for. Personal data regarding the transaction listed in this clarification text are not transferred to Foreign Countries. | |||
YOUR PROCESSED PERSONAL DATA PURPOSE OF PROCESSING METHOD OF DATA COLLECTION LEGAL REASON | • ID INFORMATION: Name – Surname Purpose of Processing: Execution of Company / Product / Services Loyalty Processes, Execution of Customer Relationship Management Processes, Execution of Marketing Analysis Studies, Data Collection Method: Your information is collected through electronic forms. Legal Reason for Processing Your Data: GDPR. art. 6/1 (f): Legitimate interest, • CONTACT INFORMATION: E-mail address Purpose of Processing: Execution of Company / Product / Services Loyalty Processes, Execution of Customer Relationship Management Processes, Execution of Marketing Analysis Studies, Data Collection Method: Your information is collected through electronic forms. Legal Reason for Processing Your Data: GDPR. art. 6/1 (f): Legitimate interest, • CUSTOMER TRANSACTION INFORMATION: Subject of Message Purpose of Processing: Execution of Company / Product / Services Loyalty Processes, Execution of Customer Relationship Management Processes, Execution of Marketing Analysis Studies, Data Collection Method: Your information is collected through electronic forms. Legal Reason for Processing Your Data: GDPR. art. 6/1 (f): Legitimate interest,
Purpose of Processing: Company / Product / Services Loyalty Processes Execution, Execution of Customer Relationship Management Processes, Marketing Conducting Analysis Studies, Data Collection Method: Your information via electronic forms is being collected. Legal Reason for Processing Your Data: As stated in Article 5 of KVKK Making the person public (art. 5 paragraph 2),
Purpose of Processing: Execution of Information Security Processes, Access Authorizations Execution, access to the application Data Collection Method: Your information via electronic forms is being collected. Legal Reason for Processing Your Data: As stated in Article 5 of GDPR 6698 SK. art. 5/2 (c): Establishment or performance of the Contract, Legal Reason for Processing Your Data: SK 6698. art. 5/2 (f): Legitimate interest, |
YOUR RIGHTS UNDER GDPR | Regarding your personal data, GDPR art. 11 and the relevant legislation below You have the following rights: a. Learning whether personal data is processed or not, b. If personal data has been processed, requesting information about it, c. The purpose of processing personal data and whether they are used in accordance with their purpose learning not to use D. Knowing the third parties to whom personal data is transferred at home or abroad, to. In case of incomplete or incorrect processing of personal data, their request rectification and the process carried out in this context, where personal data is transferred requesting notification to third parties, f. It has been processed in accordance with the provisions of the KVK Law and other relevant laws. Despite the fact that the reasons requiring its processing disappear, personal requesting the deletion or destruction of data and the action taken within this scope requesting the notification of third parties to whom personal data has been transferred, g. Analysis of processed data exclusively through automated systems In the event that a result against the person arises by means of do not object, h. Damage due to unlawful processing of personal data to demand compensation for the damage. I. Deletion / destruction within the framework of the conditions stipulated in Article 7 of the KVKK do not want to, You can always exercise your above-mentioned rights with us at our KEP address given below. or by using the physical mail to our address. These addresses Submissions made outside of it will not be considered. |
MEASURES TAKEN BY US TO PROTECT PERSONAL DATA | As Shellix, we protect your personal data by taking all possible precautions. As the company, the protection of your personal data is an important issue for our corporate identity. In this regard, our company takes the necessary technical and administrative measures to protect your personal data in a secure environment, against unauthorized access or loss, misuse, disclosure, modification or destruction of this information. Our company undertakes that it will take the necessary measures in case of any data breach or company thinks that it has occurred, and immediately notify you and the Personal Data Protection Board about this situation. |
ABOUT | Those who share their personal data with our company know, |
CURRENTNESS AND ACCURACY OF PERSONAL DATA | accept, and declare that the correctness and up-to-date preservation of this information is important both in terms of their rights over their personal data in the scope of the GDPR and other relevant legislation, and that they will be entirely responsible for their liabilities caused by providing false information. |
DELETION, DESTRUCTION OR ANONYMIZATION OF PERSONAL DATA | Your personal data, limited to the purposes specified in this Clarification Text; will be processed in accordance with the data processing and timeout periods in all relevant laws and other legal regulations to which our company and its headquarters and units are subject to. In case of changes in the laws regarding data processing periods, the new determined periods will be taken as basis. Your personal data, as a requirement of the purpose limitation principle, fulfilling the purposes described in this Clarification Text, GDPR and in any case, is processed for a limited period of time that requires it to be processed in accordance with the practices of the Company and the practices of its commercial life, and after the expiry of the deadlines, it is deleted, destroyed or anonymized. |
IDENTITY OF DATA CONTROLLER | Shellix Smart Solutions A.Ş. Address: Kötekli St. Denizli Yolu Blv. No:4B/28 Muğla Teknopark – Menteşe / MUĞLA / TURKEY Phone: +90 252 358 77 57 |
APPLICATION TO DATA CONTROLLER | In order to use your above-mentioned rights and to send your complaints and suggestions to us: • By sending documents to confirm your identity to the company headquarters, • As the relevant person, you can send it to the e-mail address previously mentioned and registered in our system [email protected] Pursuant to the Communiqué on the Procedures and Principles of Application to the Data Controller, the name, surname, if the application is written, the signature of the Relevant Person in the application, identification number, (passport number if the applicant is a foreigner), residence or workplace address for notification, e-mail address, telephone number and fax number for notification, if any, and information on the subject of the request are compulsory to be included. The subject requested must be clearly and comprehensibly stated in the application, which includes explanations regarding the right that the Relevant Person will use and request to use from the above-mentioned rights. Information and documents related to the application must be attached to the application. Although the subject of the request is required to be related to the person who applies, if there is an acting on behalf of someone else, the applicant must be specifically authorized in this regard and this authority must be documented (special power of attorney). In addition, the application must contain identity and address information, and documents confirming identity must be attached to the application. Requests made by unauthorized third parties on behalf of someone else will not be considered. |