Turkish Personal Data Protection Law no. 6698 Disclaimer

As ONUR (OYT A.Ş.), in adherence to the provisions outlined in the Turkish Personal Data Protection Law no. 6698, we bear the responsibility for safeguarding the personal data of entities beyond our shareholders, employees, interns, and job/internship applicants. Through this communication, we hereby apprise you, with due regard to your privacy and the paramountcy of data security, that we engage in the processing of personal data through methods such as utilization, recording, storage, updating, transfer, and/or classification. Such activities are conducted within the delineated scope of our operations. It is imperative to emphasize that, as OYT A.Ş., we uphold a commitment to implementing comprehensive technical and administrative protocols aimed at ensuring an appropriate level of security. These measures are meticulously orchestrated to safeguard your fundamental rights and freedoms, with particular emphasis on the right to privacy. Our efforts are directed towards preventing any unauthorized processing or access to your personal data, and ensuring its preservation in accordance with pertinent laws and regulations.

            In accordance with the law, by bearing the Data Supervisor title, we are processing the types of personal data listed below:

  • Identification Data Name, Last Name, Turkish Identity Number, place of birth, sex, marital status, ethnicity, Turkish Identity Card information, copy of Turkish Identity Card,
  • Communication Data: Address, phone number, e-mail address, cookies,
  • Lokasyon Verisi: information of the current location,
  • Risk Management Data: Data required for the management of legal, administrative and technical affairs
  • Building and Information Security Data: Security Camera Recordings, videos, building entry records, photos
  • Financial Data: Bank account number, bank information and account information
  • Customer Transaction and Marketing Data: Billing, check and bond, order and request information.

 

 

 

            As representatives of OYT A.Ş., we are committed to responsibly collecting, storing, and processing the personal data you provide to us, whether through verbal, written, or electronic channels, including but not limited to offices, websites, social media platforms, media outlets, broadcasting organs, mobile applications, and similar mediums, employing both automatic and non-automatic methods. Additionally, in accordance with legal stipulations, we may process your personal data without explicit consent under certain circumstances outlined by law.

To safeguard your personal data against unauthorized access, manipulation, loss, or damage, we meticulously design business processes and continuously enhance our technical security infrastructure. These measures are implemented to ensure that your personal data remain secure within the environments where they are stored.

Your personal data is retained and processed throughout the legally mandated storage period. In instances where no specific duration is prescribed, we adhere to the timeframe necessary to fulfill the purposes of processing. Throughout this duration, we uphold stringent information security protocols, ensuring that your personal data is utilized solely within the notified purposes and scope. Upon the expiration of this period, we undertake the necessary steps to remove your personal data from OYT A.Ş.'s data flows, employing deletion, destruction, or anonymization methods.

We process the following types of data in accordance with the Turkish Personal Data laws:

  • Determining and implementing OYT A.Ş.'s commercial and business strategies, carrying out marketing activities, carrying out business development and planning activities in order to benefit you and/or the institutions and organizations you represent from the products and services offered by OYT A.Ş.,
  • Carrying out emergency processes,
  • Execution of information security processes,
  • OYT A.Ş. Carrying out activities in accordance with the legislation,
  • Carrying out financial and accounting affairs,
  • Carrying out commitment processes to company products/services,
  • OYT A.Ş. Ensuring the security of the places we use,
  • Following up and carrying out legal affairs and transactions,
  • Establishing business partner/customer/supplier (officials or employees) relationships and ensuring communication,
  • Fulfilling the pre-contractual, contractual and post-contractual requirements and ensuring financial reconciliation regarding the products and services offered with our business partners, suppliers or other third parties,
  • Providing after-sales support,
  • Carrying out the purchasing processes of goods and services,
  • Management of goods and services production and operation processes,
  • OYT A.Ş. Participating in training, seminars and organizations organized by us,
  • Carrying out storage and archive activities,
  • Calling OYT A.Ş. and using its website,
  • Conducting marketing analysis,
  • Carrying out strategic planning activities,
  • Carrying out social responsibility and civil society activities,
  • Execution of human resources policy,
  • Following up on requests and complaints,
  • Ensuring the security of movable goods and resources,
  • Marketing of products and services,
  • Ensuring the security of data controller operations,
  • Providing information to authorized persons, institutions and organizations,
  • Carrying out talent and career activities,
  • Providing information to authorized public institutions and organizations,
  • Carrying out management activities,
  • Creating and tracking visitor records.

 

            We can share your data in accordance with Turkish Personal Data laws with the following third parties:

  • With our representatives and employees who are authorized to operate on behalf of OYT A.Ş.
  • Regulatory and supervisory authorities, public institutions or organizations that are expressly authorized to request your personal data under the laws to which they are subject.
  • Within the scope of the stated purposes, with business partnerships, supplier and contractor companies, banks, credit risk and financial institutions and other real or legal persons.
  • With third parties and security companies from whom we receive consultancy, including legal consultants, mandatory persons, institutions and organizations and auditors regarding legal follow-up processes.
  • With business partners, third parties from whom services are received, authorized persons and organizations for the above-mentioned purposes at home and abroad,
  • Publicly through social media and media tools

kişisel verilerinizi paylaşabilmekteyiz.

 

            We wish to notify you that, in accordance with Turkish Personal Data laws, we are authorized to undertake the following actions for the purpose of identity verification:

  • Determine whether OYT A.Ş. processes any personal data pertaining to you and, if so, request pertinent information concerning such data.
  • Acquire understanding regarding the purpose behind the processing of your personal data and ascertain whether they are being utilized for their intended objectives.
  • Discern whether personal data is being transferred domestically or internationally, along with the recipients to whom such data is being transferred.
  • Petition OYT A.Ş. for the rectification of any inaccurate or incomplete personal data and ensure that the recipients to whom this data has been or may be transferred are duly informed.
  • Solicit from OYT A.Ş. the deletion (or anonymization) of your personal data, in accordance with the conditions stipulated in Article 7 of the KVKK (Turkish Personal Data Protection Law), and furthermore, ensure that third parties to whom the data has been or may be transferred are informed of your request for deletion. Additionally, you have the right to request information regarding the chosen method of deletion, which is determined by us based on the specific circumstances of the case.
  • Lodge an objection against the analysis of your personal data, particularly when such analysis is exclusively conducted through an automated system and yields results that are adverse to your interests.
  • Seek compensation in the event that you incur damages due to the unlawful processing of your personal data.

 

Your requests submitted to us will be processed at no cost to you and will be concluded within a maximum period of thirty days, depending on the complexity and nature of the request. However, should there be any additional expenses incurred, you may be charged according to the tariff established by the Personal Data Protection Board, as outlined in the Communiqué on the Procedures and Principles of Application to the Data Controller.

For matters pertaining to the processing of your personal data, it is imperative that you submit your application in writing or through your registered email (KEP) address, or via the email address previously provided by you and stored in our records at OYT A.Ş. We would like to inform you that, depending on the nature of your request and the method of application, additional verification steps may be necessary. These may include actions such as sending a verification message to your registered phone number or placing a phone call to confirm your identity. These measures are implemented to ascertain the authenticity of the application and to safeguard your rights. Moreover, it is possible that additional verification may be conducted through a different communication method than the one initially chosen for the application process.