Law On Protection Of Personal Data

As ERGIL GRUP INSAAT MAKINE IML. ITH. IHR. SAN. VE TIC. LTD. STI., we have prepared this information text to inform our Visitors, Online Visitors, Customers, Potential Customers, Employees of Our Suppliers, and Executives of Our Suppliers regarding the processing, storage, and transfer of personal data within the framework of our activities in relation to the Law on The Protection of Personal Data No. 6698 (“LPPD”) and relevant legislation and regulations.

1) What Are Your Personal Data Categories and For What Purposes Do You Process Personal Data?

ERGIL GRUP INSAAT MAKINE IML. ITH. IHR. SAN. VE TIC. LTD. STI. processes the personal data of its business partners within the scope of its established and ongoing business relationships (a business partner may be classified in multiple categories) in accordance with the principles set forth in Article 4.2 of the LPPD:

(i) Lawfulness and conformity with rules of bona fides,
(ii) Accuracy and being up to date, where necessary,
(iii) Processing for specific, explicit, and legitimate purposes,
(iv) Being relevant with, limited to and proportionate to the purposes for which they are processed,
(v) Retaining the data for the period of time stipulated by relevant legislation or the purpose for which they are processed.

Data processing is performed for the purposes specified below.

A. Visitors

Physical space security information (e.g. camera recordings) of our visitors are processed for the following purpose:

a) To ensure the security of the physical space.

B. Online Visitors

Process security information (e.g. your IP address) and (if provided) identity information and contact information (e.g. your e-mail address) of online visitors of our website will be processed for the following purposes:

a) to carry out activities in accordance with the legislation,
b) to carry out information security processes,
c) to follow-up requests/complaints,
d) to carry out communication activities,
e) to provide information to authorized persons, institutions, and organizations,
f) to enable you to access our website via the internet.

C. Customers

Identity informationaddress informationcontact informationcustomer transaction information (e.g. order information), physical space security informationfinancial information (e.g. balance sheet information), legal information, and marketing information (e.g. shopping history information) of our real person customers or authorized persons of our legal person customers and/or their customers are processed for the following purposes:

a) to carry out activities in accordance with the legislation,
b) to carry out financial and accounting operations,
c) to conduct/inspect business activities,
d) to carry out logistics activities,
e) to provide after-sales services for goods/services sold,
f) to carry out good/service sales processes,
g) to perform marketing analysis,
h) to carry out contract processes,
i) to provide information to authorized persons, institutions, and organizations,
j) to ensure the security of the physical space.
k) to settle legal disputes,
l) to carry out storage and archiving processes,
m) to carry out risk management processes,
n) to carry out advertising/special offer/promotion processes,
o) to carry out company/product/service commitment processes,
p) to carry out communication activities.

D. Potential Customers

Identity informationcontact informationcustomer transaction information, and marketing information of our potential real person customers or authorized persons of our potential legal person customers and/or their customers are processed for the following purposes:

a) to manage good/service sales processes,
b) to carry out contract processes,
c) to carry out advertising/special offer/promotion processes,
d) to perform marketing analysis.

E. Employees of Suppliers

Identity informationcontact informationphysical space security information, and professional experience information (e.g. vocational training information) of employees of our suppliers are processed for the following purposes:

a) to carry out communication activities,
b) to conduct/inspect business activities,
c) to ensure the security of the physical space,
d) to carry out risk management processes,
e) to carry out logistics activities,
f) to carry out activities in accordance with the legislation,
g) to carry out occupational health and safety activities.

F. Authorized Persons of Suppliers

Identity informationcontact informationphysical space security informationcustomer transaction informationfinancial informationlegal information, and marketing information of our real person suppliers or authorized persons of our legal person suppliers are processed for the following purposes:

a) to conduct/inspect business activities,
b) to carry out good/service procurement processes,
c) to carry out financial and accounting operations,
d) to carry out contract processes,
e) to carry out investment processes,
f) to ensure the security of the physical space,
g) to conduct and follow-up legal affairs.

2) What Methods Do You Use to Collect Personal Data?

Your personal data in categories given above may be collected automatically or non-automatically by physical means such as order forms and contracts or by means of information systems and electronic devices (e.g. telecommunications infrastructure, computers, and telephones) as well as out web site and other documents submitted by the person concerned.

3) What Is The Legal Reason to Collect Personal Data?

ERGIL GRUP INSAAT MAKINE IML. ITH. IHR. SAN. VE TIC. LTD. STI. processes your personal data for the above mentioned purposes based on the following legal reasons set forth in Article 5 of the LPPD:

(i) It is clearly provided for by the laws,
(ii) It is mandatory for the protection of life or physical integrity of the person or of any other person who is bodily incapable of giving his consent or whose consent is not deemed legally valid,
(iii) It is mandatory for the controller to be able to perform his/her legal obligations,
(iv) Data processing is mandatory for the establishment, exercise, or protection of any right,
(v) It is mandatory for the legitimate interests of the controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject.

In cases where data processing cannot be based on any of the above given legal reasons, your personal data is processed with your explicit consent.

4) Do You Transfer Personal Data to A Third Party?

a) Personal data of our visitors may be shared with law enforcement and judicial authorities in order to resolve legal disputes and if requested in accordance with the relevant legislation.

b) Personal data of our online visitors may be shared with judicial authorities and authorized public institutions and organizations in order to resolve legal disputes and if requested in accordance with the relevant legislation.

c) Personal data of our customers may be shared with authorized public institutions and organizations in order to carry out business activities in compliance with the legislation and to conduct and follow-up legal affairs, and with our group companies, suppliers, shipping companies, insurance companies, banks, and our public accountant to the extent necessary in order to carry out and inspect business activities, to carry out risk management processes, and to provide services as necessary. In addition, such personal data may be transferred to our legal representatives and judicial authorities in order to be used as evidence in possible legal disputes.

d) Personal data of our potential customers may be transferred to our legal representatives and judicial authorities in order to be used as evidence in possible legal disputes.

e) Personal data of employees of our suppliers may be shared with authorized public institutions and organizations in order to carry out business activities in compliance with the legislation, to conduct and follow-up legal affairs, to inform authorized persons, institutions, and organizations, and to carry out and inspect business activities and with our group companies, suppliers, shipping companies, insurance companies, banks, and our public accountant to the extent necessary in order to provide services as necessary. In addition, such personal data may be transferred to our legal representatives and judicial authorities in order to be used as evidence in possible legal disputes.

f) Personal data of authorized persons of our suppliers may be shared with authorized public institutions and organizations in order to carry out business activities in compliance with the legislation, to conduct and follow-up legal affairs, to inform authorized persons, institutions, and organizations, and to carry out and inspect business activities and with our group companies, suppliers, shipping companies, insurance companies, banks, and our public accountant to the extent necessary in order to provide services as necessary. In addition, such personal data may be transferred to our legal representatives and judicial authorities in order to be used as evidence in possible legal disputes.

5) Do You Transfer Personal Data Abroad?

We share your personal data with our group companies established abroad for purposes such as sales, marketing, analysis, proper conduct of services and contact of contract processes.

Additionally, since the cloud system is used for the storage of your personal data, we share it with companies that provide this service for this purpose.

6) How Can I Exercise My Rights Regarding My Personal Data?

Please submit your requests within the scope of Article 11 of the LPPD, which regulates the rights of persons concerned, using the “Data Controller Application Form” on “ergil.com”, which was prepared by ERGIL GRUP INSAAT MAKINE IML. ITH. IHR. SAN. VE TIC. LTD. STI. for your convenience in accordance with the “Communique on Procedures and Principles of Application to Data Controller”.

Data Controller: ERGIL GRUP INSAAT MAKINE IML. ITH. IHR. SAN. VE TIC. LTD. STI.

Address: Tarsus OSB, 13.CAD. NO:7 P.K. 33443 Akdeniz Mersin, Turkey

E-Mail: info@ergil.com