Personal Data Policy

[KAYA ELECTRONICS AND COMMUNICATION INDUSTRY AND FOREIGN TRADE LTD. CO. / TORİMA] Personal Data Policy

General information about the Personal Data Protection Law

The Law No. 6698 on the Protection of Personal Data (hereinafter referred to as KVKK) was adopted on March 24, 2016, and published in the Official Gazette No. 29677 dated April 7, 2016. Some parts of the KVKK entered into force on the date of publication, while others came into force on October 7, 2016.

Information in our capacity as data controller

In accordance with Law No. 6698 on the Protection of Personal Data (KVKK) and as the Data Controller, your personal data will be recorded, stored, updated, disclosed/transferred to third parties where permitted by legislation, classified, and processed in the ways listed in the KVKK, within the framework explained on this page.

How your personal data may be processed

In accordance with Law No. 6698 on the Protection of Personal Data (KVKK), the personal data you share with our company may be processed by us, wholly or partially, automatically or non-automatically, by obtaining, recording, storing, modifying, reorganizing, and in short, by subjecting the data to any kind of processing, whether as part of an automated data recording system or not. Within the scope of KVKK, any operation performed on the data is considered "processing of personal data".

The purposes and legal grounds for processing your personal data.

The personal data you share,

  • In order to provide our customers with services that meet the requirements of the contract and technology, and to improve our products and services;
  • In accordance with Law No. 6563 on the Regulation of Electronic Commerce, Law No. 6502 on Consumer Protection, and the Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce published in the Official Gazette No. 29457 dated 26.08.2015, the Regulation on Distance Contracts published in the Official Gazette No. 29188 dated 27.11.2014, and other relevant legislation, the identity, address, and other necessary information of the transaction owner must be recorded.
  • In the field of banking and electronic payments, to regulate all records and documents that will serve as the basis for transactions in electronic contracts or paper form; and to comply with information storage, reporting, and notification obligations required by legislation and other authorities;
  • In matters relating to public security and legal disputes, in order to provide information to prosecutors, courts and relevant public officials upon request and as required by law;

Data will be processed in accordance with Law No. 6698 on the Protection of Personal Data and related secondary regulations.

Information about third parties or organizations to whom your personal data may be transferred: For the purposes stated above, the individuals/organizations to whom your personal data shared with our Company may be transferred include, primarily, IdeaSoft Yazılım San. ve Tic. A.Ş., which provides our Company's e-commerce infrastructure, as well as suppliers, shipping companies, and other individuals and organizations related to the services provided, program partner organizations with whom we cooperate and/or from whom we receive services in order to carry out our activities and/or as Data Processors, domestic/foreign organizations, and other third parties.

How your personal data is collected

Your personal data,

  • Our company collects information such as name, surname, Turkish Republic identity number, address, telephone number, business or personal email address through forms on our website and mobile applications; preferences on pages accessed using username and password, IP records of transactions performed, cookie data collected by the browser, browsing time and details, and location data;
  • Our sales and marketing department employees communicate verbally, in writing, or electronically through our branches, suppliers, other sales channels, paper forms, business cards, digital marketing, and call center channels.
  • Personal data is collected from individuals who share their personal information with our company for purposes such as establishing a business relationship, applying for a job, or submitting a proposal, through business cards, resumes (CVs), proposals, and other means, whether in a physical or virtual environment, face-to-face or remotely, verbally or in writing, or electronically;
  • In addition, data obtained indirectly from various channels, such as websites, blogs, competitions, surveys, games, campaigns and similar (micro) websites, social media, e-newsletter read or click activities, data provided by publicly available databases, and publicly available profile and data from social media platforms;

It can be processed and collected.

Your personal data obtained before the KVKK (Law on Protection of Personal Data) came into effect

Personal data obtained lawfully prior to April 7, 2016, the effective date of the KVKK (Law on Protection of Personal Data), through membership, electronic communication consent, product/service purchase, and other means, are also processed and stored in accordance with the terms and conditions set forth in this document.

Transfer of your personal data abroad

Your personal data, collected using any of the methods listed above, whether processed in Türkiye or processed and stored outside of Turkey, may be transferred to service providers located abroad (in countries accredited by the Personal Data Protection Board and where adequate protection of personal data exists) in accordance with the KVKK (Personal Data Protection Law) and the purposes of the contract.

Storage and protection of personal data.

Your personal data will be stored confidentially in our company's databases and systems in accordance with Article 12 of the KVKK (Law on Protection of Personal Data); it will not be shared with third parties under any circumstances except for legal obligations and the regulations specified in this document. Our company is obligated, in accordance with Article 12 of the KVKK, to prevent the unlawful processing of personal data, to prevent unauthorized access, and to take software-based measures such as access management and physical security measures for the systems and databases containing your personal data. If it is learned that personal data has been obtained illegally by others, the situation will be immediately reported to the Personal Data Protection Board in writing and in accordance with legal regulations.

Keeping personal data up-to-date and accurate.

In accordance with Article 4 of the KVKK (Turkish Personal Data Protection Law), our company has the obligation to keep your personal data accurate and up-to-date. In this context, in order for our company to fulfill its obligations arising from the current legislation, our customers must share their accurate and up-to-date data or update it via the website/mobile application.

Rights of the personal data owner according to Law No. 6698 on the Protection of Personal Data

Article 11 of Law No. 6698 on the Protection of Personal Data (KVKK) entered into force on October 7, 2016, and according to this article, the rights of the Personal Data Subject after this date are as follows:

The Data Subject may apply to our Company (data controller) regarding the following:

  1. To find out whether your personal data is being processed,
  2. The right to request information regarding the processing of personal data.
  3. To learn the purpose for which personal data is processed and whether it is used appropriately for that purpose,
  4. Knowing the third parties to whom personal data is transferred, whether domestically or internationally.
  5. Requesting the correction of personal data if it has been processed incompletely or inaccurately.
  6. Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the KVKK (Law on Protection of Personal Data).
  7. The right to request that third parties to whom personal data has been transferred be notified of any corrections, deletions, or destructions of personal data.
  8. The right to object to an outcome that is detrimental to oneself, resulting solely from the analysis of processed data by automated systems.
  9. The right to claim compensation for damages incurred as a result of the unlawful processing of personal data.

They have rights.

KAYA ELEKTRONİK ve İLETİŞİM SAN. ve DIŞ TİC. LTD. ŞTİ, registered with the Istanbul Chamber of Commerce under registration number 542746 and MERSİS number 0535045978800015, located at Hobyar Mah. Ankara Cad. Atabey İş Merkezi No: 55/B Fatih, Istanbul, is the Data Controller under the KVKK (Personal Data Protection Law).

The Data Controller Representative to be appointed by our company will be announced in the Data Controllers Registry and on the website where this document is located, once the legal framework is in place. Personal Data Owners may direct their questions, opinions, or requests to any of the following communication channels:

Email: info@torima.com.tr

Phone: 212 659 66 37

Switchboard: 212 522 51 25

Fax: 212 659 32 52

PLT-01. INFORMATION SECURITY POLICY

PLT-02 QUALITY POLICY



_AllPages_
IdeaSoft® | E-Ticaret paketleri ile hazırlanmıştır.