top of page

GDPR POLICY

GDPR Policy
CONTENTS
PART 1
1.1.       ENTRANCE
1.2.       SCOPE
1.3.       IMPLEMENTATION OF THE POLICY AND RELEVANT LEGISLATION
1.4.       ENFORCEMENT OF THE POLICY
2.           CHAPTER 2 - ISSUES RELATED TO THE PROTECTION OF PERSONAL DATA
2.1.       ENSURING THE SECURITY OF PERSONAL DATA
2.2.       PROTECTION OF SPECIAL PERSONAL DATA
2.3.       INCREASING THE AWARENESS AND AUDIT OF BUSINESS UNITS ON THE PROTECTION AND PROCESSING OF PERSONAL DATA
3.           CHAPTER 3 - ISSUES RELATED TO THE PROCESSING OF PERSONAL DATA
3.1.       PROCESSING OF PERSONAL DATA IN ACCORDANCE WITH THE PRINCIPLES PROVIDED IN THE LEGISLATION
3.2.       TERMS OF PROCESSING OF PERSONAL DATA
3.3.       PROCESSING OF SPECIAL PERSONAL DATA
3.4.       CLARIFICATION OF THE PERSONAL DATA OWNER
3.5.       TRANSFER OF PERSONAL DATA
4.           SECTION 4 - CATEGORIZATION OF PERSONAL DATA PROCESSED BY OUR COMPANY AND PURPOSES OF PROCESSING
5.           SECTION 5 - STORAGE AND DESTRUCTION OF PERSONAL DATA
6.           CHAPTER 6 - RIGHTS OF PERSONAL DATA OWNERS AND THE USE OF THESE RIGHTS
6.1. RIGHTS OF PERSONAL DATA OWNER
6.2. PERSONAL DATA OWNER'S USE OF HIS RIGHTS
6.3. OUR COMPANY'S RESPOND TO APPLICATIONS
ANNEX 1 – PURPOSES OF PERSONAL DATA PROCESSING
A.          PURPOSES OF PROCESSING GUEST/CUSTOMER DATA OWNERS' PERSONAL DATA
B.           PURPOSES OF PROCESSING THE PERSONAL DATA OF EMPLOYEE CANDIDATE DATA SUBJECTS
C.           PURPOSES OF PROCESSING THE PERSONAL DATA OF VISITOR DATA SUBJECTS
D.          PURPOSES OF PROCESSING THE PERSONAL DATA OF DATA SUBJECTS USING THE VISITOR INTERNET ACCESS NETWORK
ANNEX 2 – PERSONAL DATA OWNERS
ANNEX 3 – PERSONAL DATA CATEGORIES
ANNEX 4 – THIRD PARTIES TO WHICH PERSONAL DATA IS TRANSFERRED BY OUR COMPANY AND THE PURPOSES OF TRANSFER
 
1.            LOGIN
1.1.         ENTRANCE
Protection of personal data is among the top priorities of Wtouristic (“Company”). The principles adopted in the execution of personal data processing activities carried out by our Company within the framework of this WTouristic Personal Data Protection and Processing Policy ("Policy") and the basic principles adopted in terms of compliance of our Company's data processing activities with the regulations in the Personal Data Protection Law No. 6698 ("Law"). Thus, our Company provides the necessary transparency by informing personal data owners. With full awareness of our responsibility in this context, your personal data is processed and protected within the scope of this Policy.  
 
The activities carried out by our Company regarding the protection of the personal data of our employees are managed under the Wtouristic Employees Personal Data Protection and Processing Policy, which has been written in parallel with the principles in this Policy.
 
1.2.         SCOPE
This Policy; It relates to all personal data of persons other than our company's employees processed automatically or non-automatically as part of any data recording system. Detailed information about the personal data owners in question can be accessed in ANNEX 2 of this Policy (“ANNEX 2 - Personal Data Owners”).
 
1.3.         IMPLEMENTATION OF THE POLICY AND RELEVANT LEGISLATION
The relevant legal regulations in force regarding the processing and protection of personal data will primarily be applied. In case of incompatibility between the current legislation and the Policy, our Company accepts that the current legislation will apply. The Policy concretizes and regulates the rules set forth by the relevant legislation within the scope of Company practices.
 
1.4.         ENFORCEMENT OF THE POLICY
This policy issued by our company is kept in its most current form in the company documentation portal accessible by relevant persons. In case of any revisions, relevant people are informed via e-mail.
 
2.             ISSUES RELATED TO THE PROTECTION OF PERSONAL DATA
 
2.1.         ENSURING THE SECURITY OF PERSONAL DATA
In accordance with Article 12 of the Law, our company takes the necessary measures, depending on the nature of the data to be protected, to prevent unlawful disclosure, access, transfer of personal data or security deficiencies that may occur in other ways. In this context, our Company takes administrative measures and carries out inspections or has them carried out to ensure the necessary security level in accordance with the guides published by the Personal Data Protection Board ("Board").
 
2.2.     PROTECTION OF SPECIAL PERSONAL DATA
Sensitive personal data is given special importance within the scope of the Law due to the risk of causing victimization or discrimination when processed unlawfully. This “special category” personal data; Data regarding race, ethnic origin, political thought, philosophical belief, religion, sect or other beliefs, appearance and clothing, association, foundation or union membership, health, sexual life, criminal conviction and security measures, as well as biometric and genetic data.
 
In this context, the technical and administrative measures taken by our Company to protect personal data are carefully implemented in terms of special personal data and the necessary inspections are provided within our Company.
 
Detailed information regarding the processing of special categories of personal data can be found in Section 3.3 of this Policy. are included in the section.
 
2.3.     INCREASING THE AWARENESS AND AUDIT OF BUSINESS UNITS ON THE PROTECTION AND PROCESSING OF PERSONAL DATA
Our company organizes the necessary training for business units to raise awareness on preventing unlawful processing of personal data, unlawful access to data, and ensuring the preservation of data.
 
Our company establishes the necessary systems to raise awareness of its current employees and newly recruited employees about the protection of personal data, and works with consultants if necessary. In this regard, our Company evaluates the participation in relevant trainings, seminars and information sessions and organizes new trainings in parallel with the updating of the relevant legislation.
 
3.        ISSUES RELATED TO THE PROCESSING OF PERSONAL DATA
 
3.1.         PROCESSING OF PERSONAL DATA IN ACCORDANCE WITH THE PRINCIPLES PROVIDED IN THE LEGISLATION
 
3.1.1.    Processing in Compliance with Law and Honesty
Personal data is processed in accordance with the general rule of trust and honesty, without harming the fundamental rights and freedoms of individuals. Within this framework, personal data is processed to the extent and limited to the extent required by our Company's business activities.
 
3.1.2.    Ensuring Personal Data is Accurate and Up-to-Date When Necessary
Our company takes the necessary precautions to ensure that personal data is accurate and up-to-date throughout the period it is processed, and establishes the necessary mechanisms to ensure the accuracy and up-to-dateness of personal data for certain periods.
 
3.1.3.    Processing for Specific, Clear and Legitimate Purposes
Our company clearly states the purposes of processing personal data and processes it within the scope of purposes related to these activities in line with its business activities.
 
3.1.4.    Being Related to the Purpose for Processing, Limited and Proportionate
Our company collects personal data only to the extent and nature required by its business activities and processes it limited to specified purposes.
 
3.1.5.    Preservation for the Period Envisaged in the Relevant Legislation or Necessary for the Purpose for which they are Processed
Our company retains personal data for the period necessary for the purpose for which they are processed and the minimum period stipulated in the relevant legal legislation. In this context, our Company first determines whether a period of time is stipulated in the relevant legislation for the storage of personal data, and if a period is determined, it acts in accordance with this period. If there is no legal period, personal data is stored for the period necessary for the purpose for which they are processed. At the end of the specified storage periods, personal data is destroyed in accordance with the periodic destruction periods or the data owner's application and with the specified destruction methods (deletion and/or destruction and/or anonymization).
 
3.2.         TERMS OF PROCESSING OF PERSONAL DATA
Except for the express consent of the personal data owner, the basis for personal data processing may be only one of the conditions specified below, or more than one condition may be the basis for the same personal data processing activity. If the data processed is personal data of special nature, the conditions set out in title 3.3 of this Policy (“Processing of Personal Data of a Special Category”) will apply.
 
(i)      Explicit Consent of the Personal Data Owner
One of the conditions for processing personal data is the explicit consent of the data owner. Explicit consent of the personal data owner must be expressed on a specific subject, based on informed consent and free will.
 
If the following personal data processing conditions are met, personal data may be processed without the need for the data owner's explicit consent.
 
(ii)     Clearly Provided in Laws
If the personal data of the data owner is clearly foreseen by the law, in other words, if there is a clear provision in the relevant law regarding the processing of personal data, it can be said that this data processing condition exists.
 
(iii)   Failure to Obtain Explicit Consent of the Person Relevant Due to Actual Impossibility
If it is necessary to process the personal data of a person who is unable to express his/her consent due to actual impossibility or whose consent cannot be recognized as valid, in order to protect the life or physical integrity of himself or another person, the personal data of the data owner may be processed.
 
(iv)   Directly Related to the Establishment or Performance of the Contract
This condition may be deemed to be fulfilled if the processing of personal data is necessary, provided that it is directly related to the establishment or performance of a contract to which the data owner is a party.
 
(v)     Fulfillment of the Company's Legal Obligations
If processing is mandatory for our company to fulfill its legal obligations, the personal data of the data owner may be processed.
 
(vi)   Personal Data Owner's Publicization of Personal Data
If the data owner has made his/her personal data public, the relevant personal data may be processed on a limited basis for the purpose of publicization.
 
(vii) Data Processing is Necessary for the Establishment or Protection of a Right
If data processing is mandatory for the establishment, exercise or protection of a right, the personal data of the data owner may be processed.
 
(viii)        Data Processing is Necessary for Our Company's Legitimate Interests
Personal data of the data owner may be processed if data processing is necessary for the legitimate interests of our Company, provided that the fundamental rights and freedoms of the personal data owner are not harmed.
 
3.3.         PROCESSING OF SPECIAL PERSONAL DATA
Special categories of personal data are processed by our Company in accordance with the principles specified in this Policy and by taking all necessary administrative and technical measures, including the methods determined by the Board, and if the following conditions are met:
 
(i)         Special categories of personal data, other than health and sexual life, can be processed without seeking the explicit consent of the data owner, if it is clearly provided for in the law, in other words, if there is a clear provision in the relevant law regarding the processing of personal data. Otherwise, explicit consent of the data owner will be obtained.
 
(ii)        Special personal data regarding health and sexual life are disclosed by persons under the obligation of confidentiality or authorized institutions and organizations for the purpose of protecting public health, preventive medicine, medical diagnosis, execution of treatment and care services, planning and management of health services and their financing. It can be processed without seeking consent. Otherwise, explicit consent of the data owner will be obtained.
 
3.4.         CLARIFICATION OF THE PERSONAL DATA OWNER
In accordance with Article 10 of the Law and secondary legislation, our company informs personal data owners about who their personal data is processed as the data controller, for what purposes, with whom it is shared for what purposes, by what methods it is collected and the legal reason and the rights of data owners within the scope of processing their personal data. informs.
 
3.5.         TRANSFER OF PERSONAL DATA
Our company can transfer the personal data and sensitive personal data of the personal data owner to third parties (public institutions, suppliers, etc.) by taking the necessary security measures in line with the legal personal data processing purposes. In this regard, our company acts in accordance with the regulations stipulated in Article 8 of the Law. Detailed information on this subject can be found in ANNEX 4 of this Policy (“ANNEX 4- Third Parties to whom Personal Data is Transferred by Our Company and Purposes of Transfer”).
 
3.5.1.    Transfer of Personal Data
Even if there is no explicit consent of the personal data owner, if one or more of the conditions stated below are present, personal data may be transferred to third parties by our Company by showing due care and taking all necessary security measures, including the methods prescribed by the Board.
 
·       Relevant activities regarding the transfer of personal data are clearly foreseen by law,
·       The transfer of personal data by the Company is directly related to and necessary for the establishment or performance of a contract,
·       Transfer of personal data is mandatory for our Company to fulfill its legal obligations,
·       Transfer of personal data by our Company in a limited way for the purpose of publicization, provided that it has been made public by the data owner,
·       Transfer of personal data by the Company is mandatory for the establishment, exercise or protection of the rights of the Company or the data owner or third parties,
·       It is mandatory to transfer personal data for the legitimate interests of the Company, provided that it does not harm the fundamental rights and freedoms of the data owner,
·       It is necessary for the person who is unable to express his consent due to actual impossibility or whose consent is not given legal validity, to protect his own life or physical integrity, or someone else's.
 
In addition to the above, personal data may be transferred to foreign countries declared by the Board to have adequate protection (“Foreign Country with Adequate Protection”), if any of the above conditions are met. In case there is not sufficient protection, it may be transferred to foreign countries where the data controllers in Turkey and the relevant foreign country have committed in writing to adequate protection and have the permission of the Board, in line with the data transfer conditions stipulated in the legislation ("Foreign Country Where the Data Controller Committed to Adequate Protection is Located").
 
3.5.2.    Transfer of Special Personal Data
Special categories of personal data may be transferred by our Company in accordance with the principles specified in this Policy and by taking all necessary administrative and technical measures, including the methods determined by the Board, and if the following conditions are met:
 
(i)    Special personal data other than health and sexual life may be processed without the explicit consent of the data owner, if it is clearly provided for in the law, in other words, if there is a clear provision in the relevant law regarding the processing of personal data. Otherwise, explicit consent of the data owner will be obtained.
 
(ii)   Special personal data regarding health and sexual life can be collected without explicit consent by persons under the obligation of confidentiality or authorized institutions and organizations for the purpose of protecting public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and their financing. can be processed. Otherwise, explicit consent of the data owner will be obtained.
 
In addition to the above, personal data may be transferred to Foreign Countries with Adequate Protection if any of the above conditions are met. In case there is not sufficient protection, it may be transferred to Foreign Countries Where the Data Controller Committed to Adequate Protection is located, in line with the data transfer conditions stipulated in the legislation.
 
4.      CATEGORIZATION AND PROCESSING PURPOSES OF PERSONAL DATA PROCESSED BY OUR COMPANY
 
Before our Company, the relevant persons are informed in accordance with Article 10 of the Law and secondary legislation, and in line with our Company's personal data processing purposes, personal data can be processed based on and limited to at least one of the personal data processing conditions specified in Articles 5 and 6 of the Law. Personal data is processed in accordance with the general principles specified in the Law, including the principles specified in Article 4 of the relevant Law. Within the framework of the purposes and conditions specified in this Policy, the categories of personal data processed and detailed information about the categories can be accessed in the document ANNEX 3 of the Policy (“ANNEX 3 - Personal Data Categories”).
 
Detailed information regarding the personal data processing purposes in question is included in ANNEX 1 of the Policy (“ANNEX 1- Personal Data Processing Purposes”).
 
5.      STORAGE AND DESTRUCTION OF PERSONAL DATA
 
Our company retains personal data for the period necessary for the purpose for which they are processed and the minimum period stipulated in the relevant legal legislation. In this context, our Company first determines whether a period of time is stipulated in the relevant legislation for the storage of personal data, and if a period is determined, it acts in accordance with this period. If there is no legal period, personal data is stored for the period necessary for the purpose for which they are processed. At the end of the specified storage periods, personal data is destroyed in accordance with the periodic destruction periods or the data owner's application and with the specified destruction methods (deletion and/or destruction and/or anonymization).
 
6.             RIGHTS OF PERSONAL DATA OWNERS AND THE USE OF THESE RIGHTS
 
6.1. RIGHTS OF PERSONAL DATA OWNER
Personal data owners have the following rights:
(1)     Learning whether personal data is processed or not,
(2)     Requesting information if personal data has been processed,
(3)     Learning the purpose of processing personal data and whether they are used for their intended purpose,
(4)     Knowing the third parties to whom personal data is transferred at home or abroad,
(5)     Requesting correction of personal data in case personal data has been processed incompletely or incorrectly and requesting that the action taken in this context be notified to third parties to whom personal data has been transferred,
(6)     Requesting the deletion or destruction of personal data in case the reasons requiring processing no longer exist, even though it has been processed in accordance with the law and other relevant legal provisions, and requesting that the action taken in this context be notified to third parties to whom the personal data has been transferred,
(7)     Objecting to the emergence of a result that is unfavorable to the individual by analyzing the processed data exclusively through automatic systems,
(8)     Request compensation for damages in case of damage due to unlawful processing of personal data.
 
6.2. PERSONAL DATA OWNER'S USE OF HIS RIGHTS
Personal data owners will be able to submit their requests regarding their rights listed in section 6.1. (“Rights of the Personal Data Owner”) to our company through the methods determined by the Board. In this regard, they will be able to benefit from the WTouristic Data Owner Application Form.
 
6.3. OUR COMPANY'S RESPOND TO APPLICATIONS
Our company takes the necessary administrative and technical measures to finalize the applications made by the personal data owner in accordance with the Law and secondary legislation.
 
If the personal data owner submits his request regarding the rights set out in section 6.1. (“Rights of the Personal Data Owner”) to our Company in accordance with the procedure, our Company will finalize the relevant request free of charge as soon as possible and within 30 (thirty) days at the latest, depending on the nature of the request. . However, if the transaction requires an additional cost, a fee may be charged in accordance with the tariff determined by the Board.

 
APPENDIX 1 – Personal Data Processing Purposes
 
A.    Purposes of processing personal data of Guest/Customer Data Owners:
1.     To provide you with the products and services you have requested in the best possible way. As WTouristic, we offer you many products and services, especially tour reservations. We process your personal data such as your identity, contact, request or financial information so that we can offer you the products and services you request. For example, we make hotel reservations for a package tour of your choice, buy your flight tickets on your behalf, inform the people who will meet you, and provide you with informative communications about your trip. To do all this and more, we collect, store and share your personal data with authorized persons.
2.     To improve our product and service quality. As WTouristic, we are always looking for ways to provide better service to our guests. We carry out business development activities and analyzes for purposes such as improving the quality of our products and services, measuring the satisfaction of our guests, getting to know our customers and their preferences more closely, and creating more efficient business strategies. We process your personal data in order to carry out these business processes.
3.     Engaging in commercial communication activities. As WTouristic, we offer many products and services. We can send notification content to introduce you to the products and services we offer and to inform you about innovations and opportunities that will excite you. It is entirely your choice to receive these notifications; You can give us permission to send you these messages whenever you want, or you can withdraw your permission.
4.     To finalize your requests and complaints. Your requests and feedback are very important to us. We may process your personal data to evaluate your requests on how we can provide you with the services we offer better and to resolve the problems you have experienced or to take the necessary measures to prevent them from occurring again.
5.     Creating financial records. We may process your personal data while carrying out the financial processes of our company. For example, your personal data may be processed when issuing invoices for the services we provide, creating financial records or conducting financial audits.
6.     Carrying out internal company activities. As in almost every company, we carry out certain processes and create records within the company while carrying out our business activities. For example, we manage our information technology infrastructure, reward the performance of our employees or carry out internal audit operations. We may process your personal data while carrying out our internal processes such as these.
7.     To fulfill the legal obligations to which we are subject. As a company, we are subject to many legal obligations. For example, we may process your personal data and share your information with authorized public institutions or private organizations in order to fulfill certain obligations arising from regulations such as tourism, tax and insurance legislation. In particular, we may process your personal data to respond to lawful information requests made by authorities such as judicial authorities, police forces, regulatory supervisory bodies.
 
B.    Purposes of processing personal data of Employee Candidate Data Owners:
1.     Evaluating the suitability of your educational and career history, competencies and skills for suitable positions in our Company,
 
 
2.     Checking the accuracy of the information you have provided in your application and contacting the people you have referenced regarding the positions you have worked in the past,
3.     Contacting you about your application and, if you have permission, informing you about other positions in our Company or group companies that we think you are suitable for,
4.     Improving our recruitment processes,
5.     Ensuring compliance with the legislative provisions to which we are subject and fulfilling our legal obligations, including responding to information requests made by authorized public institutions,
6.     Protection of the rights and interests of our company; Defense of these rights within the scope of possible disputes in which we are a party,
 
C.    Purposes of processing personal data of Visitor Data Owners:
1.     Ensuring the security of company buildings and campuses,
2.     Creating and tracking visitor records,
3.     Ensuring the legal, technical and commercial-occupational security of our Company and the relevant persons who have a business relationship with our Company
 
 
D.    Purposes of processing personal data of Data Owners Using the Visitor Internet Access Network:
1.     provide internet access
2.      To fulfill our legal obligations within the scope of the Law No. 5651 on the Regulation of Publications Made on the Internet and Combating Crimes Committed through These Publications and other relevant legislation.
3.     Ensuring the legal, technical and commercial occupational safety of our Company and the relevant persons who have a business relationship with our Company
4.     Carrying out the necessary work by our relevant business units in order to realize the commercial activities carried out by our company and carrying out the related business processes
 
ANNEX 2 – Personal Data Owners
 
PERSONAL DATA SUBJECT CATEGORIES    DESCRIPTION
Customer/Guest    Real persons who use or have used the products and services offered by our Company, regardless of whether they have any contractual relationship with our Company
Employee Candidate    Real persons (including intern candidates) who have applied for a job at our company by any means or have made their CV and related information available for review by our company.
Visitor    Real persons who have entered the physical premises owned by our company for various purposes or visited our websites
Person Using the Visitor Internet Access Network    Persons who connect to visitor internet networks offered on physical campuses owned by our company and register internet connections through this network
ANNEX 3 – Personal Data Categories
 
PERSONAL DATA CATEGORIES    DESCRIPTION
Credentials    These are data containing information about the identity of the person; name-surname, T.R. identification number, nationality information, place of birth, date of birth, gender, workplace information, registration number, tax number, title, biography, etc. information and documents such as driver's license, professional ID, identity card and passport
Contact Information    Phone number, address, e-mail, fax number
Location Data    Information identifying the location of the employees of the institutions we cooperate with for emergency processes
Family Members and Relative Information    Information about the family members and relatives of the personal data owner within the framework of our Company's operations and regarding the products and services we offer or in order to protect the legal and other interests of the Company and the data owner.
Customer Information    Data obtained about the customer during the performance of our commercial activities
Customer Transaction Information    It means information such as records regarding the use of our products and services and our customers' instructions and requests regarding the use of our products and services.
Physical Space Security Information    Personal data regarding records and documents received upon entry to the physical location and during the stay in the physical location; camera records, vehicle information records and records taken at security points, etc.
Transaction Security Information    Your personal data processed to ensure our technical, administrative, legal and commercial security during the execution of our activities (e.g. log records, IP information, authentication information)
Financial Information    Personal data processed regarding information, documents and records showing all kinds of financial results created according to the type of legal relationship our company has established with the personal data owner, and data such as bank account number, IBAN number, income information, debt/receivable information.
Employee Candidate Information    Resume information of our employee and/or intern candidates who have applied for a job in our company by any means
Special Personal Data    Data regarding people's race, ethnic origin, political thought, philosophical belief, religion, sect or other beliefs, appearance and dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures, as well as biometric and genetic data
Request/Complaint Management Information    Personal data regarding the receipt and evaluation of any requests or complaints directed to our company
Audiovisual Data    Photographs and camera recordings (except for recordings falling within the scope of Physical Space Security Information) and audio recordings
Audit and Inspection Information    Personal data processed regarding the execution of our company's operational, financial, fraud and compliance audit activities
Legal Action and Compliance    Personal data processed within the scope of determining and pursuing our legal receivables and rights, fulfilling our debts, and complying with our legal obligations and our Company's policies.
Transaction Information    Data such as survey information, declaration information, shopping information, call center records, membership information, cookie records, processed within the framework of the activities carried out by our Company, regarding the products or services offered or in order to protect the legal and other interests of the Company and the personal data owner.
ANNEX 4 – Third Parties to whom Personal Data is Transferred by our Company and Purposes of Transfer
 
Our company may transfer customers' personal data to the following categories of persons in accordance with Articles 8 and 9 of the Law:
(i)             Work partners
(ii)            Suppliers
(iii)           Legally Authorized Private Legal Persons
(iv)           Legally Authorized Public Institutions and Organizations,
 
The scope of the above-mentioned persons to whom the transfer is made and the purposes of data transfer are stated below.
 
Persons to whom Data Can Be Transferred    Definition    Purpose of Data Transfer
Business Partner    Data controller parties with whom our company has established business partnerships
-        Business partner banks for the purpose of making payments,
-        Within package tour contracts, airline companies, travel companies, accommodation companies, etc.    Limited to ensure the fulfillment and execution of package tour contracts and the fulfillment of the purposes of establishing the business partnership.
Supplier    Parties that provide services to our Company in line with our Company's data processing purposes and instructions within the scope of carrying out our Company's commercial activities    On a limited basis to ensure the provision of services that our Company outsources from suppliers and that are necessary to carry out our Company's commercial activities.
Legally Authorized Public Institutions and Organizations    Public institutions and organizations authorized to receive information and documents from our Company in accordance with the relevant legislation provisions
For example; Such as CMB, Competition Board    Limited to the reasons for transfer or the purpose requested, within the legal authority of the relevant public institutions and organizations
Legally Authorized Private Legal Persons    It means institutions or organizations (for example, independent auditors) that have been established in accordance with certain conditions determined by law in accordance with the provisions of the relevant legislation and continue their activities within the framework determined by the law.    Limited personal data is shared regarding issues that fall within the scope of activities carried out by relevant private institutions and organizations. 

bottom of page