• info@proftr.com.tr
  • +90 850 441 62 67
Proftr
Proftr
  1. Home
  2. GDPR

GDPR

PDPL Clarification Text

The Clarification Text on the Processing of Personal Data of FANSA GROUP KAĞIT VE TEKSTİL SAN.TİC.LİMİTED ŞİRKETİ

This Clarification Text has been prepared by FANSA GROUP KAĞIT VE TEKSTİL SAN. TİC.LİMİTED ŞİRKETİ (“the Company“) for the purpose of clarifying the Company’s customers regarding the processing of their personal data by the Company within the scope of the Personal Data Protection Law No. 6698 (“the PDPL“).

Detailed information regarding the processing of your personal data within the scope of this Clarification Text can be found at [www.proftr.com.tr] Personal Data Protection and Processing Policy of FANSA GROUP KAĞIT VE TEKSTİL SAN. TİC.LİMİTED ŞİRKETİ.

  1. a) The Method and Legal Reason for Collecting Personal Data

Your personal data is collected electronically or physically. Your personal data collected for the legal reasons specified in this Clarification Text can be processed in line with the following purposes and within the scope of the personal data processing conditions and purposes specified in Articles 5 and 6 of PDPL.

  1. b) Purposes for Processing Personal Data

Within the parameters of the personal data processing conditions specified in Articles 5 and 6 of the Law, your personal data is processed in order to plan and carry out the activities necessary for the recommendation and promotion of the products and services offered by the Company to the relevant persons by customizing them to their likes, usage habits, and needs; to perform the tasks required by the business units in order for the relevant persons to profit from the products and services provided by the Company and to carry out the necessary business procedures; to conduct the necessary research by the relevant business units in order to fulfill the Company’s commercial activities and carry out related business processes; to plan and carry out the business and/or marketing strategies of the Company and to ensure the Company’s legal, technical, and commercial-occupational safety as well as the safety of the relevant persons in its business relationships.

  1. c) To Whom and for What Purposes the Processed Personal Data can be Transferred

Within the parameters of the personal data processing conditions specified in Articles 8 and 9 of the Law, your personal data may be shared with the Company’s business partners and suppliers, legally authorized institutions and organizations and legally authorized private law legal entities in order to plan and carry out the activities necessary for the recommendation and promotion of the products and services offered by the Company to the relevant persons by customizing them to their likes, usage habits, and needs; to perform the tasks required by the business units in order for the relevant persons to profit from the products and services provided by the Company and to carry out the necessary business procedures; to conduct the necessary research by the relevant business units in order to fulfill the Company’s commercial activities and carry out related business processes; to plan and carry out the business and/or marketing strategies of the Company and to ensure the Company’s legal, technical, and commercial-occupational safety as well as the safety of the relevant persons in its business relationships.

  1. d) The Rights of Data Owners and Exercise of These Rights

As personal data owners, if you submit your requests regarding your rights specified below to the Company through the methods specified under the heading of Exercise of The Rights by Data Owners, your requests will be evaluated and concluded by our Company as soon as possible and in any case within 30 (thirty) days.

In accordance with Article 11 of the Law, you have the following rights as a personal data owner:

  • To learn whether your personal data is processed or not,
  • If your personal data has been processed, to request information about it,
  • To learn the purpose of processing your personal data and whether they are used in accordance with their purpose,
  • To know the third parties to whom your personal data is transferred at home or abroad,
  • In case your personal data is processed incompletely or incorrectly, to request their correction and to request that the transaction carried out within this scope be notified to the third parties to whom the personal data are transferred,
  • To request the deletion or destruction of your personal data if the circumstances no longer warrant its processing even though it is done in accordance with the Law and other applicable laws, and to request that the third parties to whom the personal data are transferred be informed of the transaction,
  • To object to the occurrence of a result against the person themselves by analyzing the processed data exclusively by means of automated systems,
  • To request the compensation of the damage if your personal data is damaged due to unlawful processing.

Article 28, paragraph 2 of the Law lists the situations in which data owners do not have the right to request and in this context, if;

  • The processing of personal data is necessary for the prevention of crime or for the investigation of crime,
  • Processing of personal data made public by the person concerned,
  • The processing of personal data is required for the performance of supervisory or regulatory duties, for disciplinary investigations, or for criminal prosecution by authorized public institutions and organizations, as well as professional organizations that are public institutions based on the authority granted by the law,
  • The processing of personal data is necessary for the protection of the economic and financial interests of the Government in relation to budget, tax and financial matters,

In such cases, the rights specified above for the data shall not be exercised.

According to Article 28, paragraph 1 of the Law, the requests of the data owners will not be processed in relation to these data since they fall outside the purview of the Law in the following circumstances:

  • Processing of personal data by real persons within the scope of activities related to themselves or other members of their family living in the same residence, provided that they are not given to third parties and that the obligations regarding data security are complied with.
  • Processing of personal data for purposes such as research, planning and statistics by anonymizing them with official statistics.
  • Processing of personal data for artistic, historical, literary or scientific purposes or within the scope of freedom of expression, provided that it does not violate national defense, national security, public security, public order, economic security, privacy of private life or personal rights or does not constitute a crime.
  • Processing of personal data within the scope of preventive, protective and intelligence activities carried out by public institutions and organizations mandated and authorized by law in order to ensure national defense, national security, public security, public order or economic security.
  • Processing of personal data by judicial or enforcement authorities in connection with investigation, prosecution, trial or execution proceedings.

Exercise of Rights by Data Owners

To exercise the aforementioned rights, data owners can use the “Form for Applications to be Made by the Personal Data Owner to the Data Controller” found at the [www.proftr.com.tr] link.

Applications will be made by one of the following methods, together with documents that will determine the identity of the data owner concerned:

  • Filling out the form and sending the wet signed copy to [İnönü Mah. 156 Sokak No:10 Torbalı İzmir.-Turkiye] by hand, notary or registered letter with return receipt,
  • Signing the form with a secure electronic signature issued within the scope of the Electronic Signature Law No. 5070 and sending it by electronic mail to [fansagroup@hs06].kep.tr,
  • Following a method prescribed by the Personal Data Protection Board.

Within a maximum of thirty (30) days as specified in the Law, the Company responds to data owners who wish to exercise these rights within the restrictions set forth in the Law. Third parties cannot submit applications on behalf of personal data owners without a special power of attorney that has been signed by the data owner on behalf of the applicant and notarized.

Applications from data owners are typically processed without charge, though fees in accordance with the Personal Data Protection Board’s rate[1] may be assessed.

The Company may request information from the applicant in order to confirm whether or not they are the owner of the personal data. It may ask the owner of the personal data about the application in order to clarify the issues mentioned in the application.

[1]  In accordance with the “Notification on the Procedures and Principles of Application to the Data Controller” published in the Official Gazette dated 10.03.2018 and numbered 30356, there is no fee for the first ten pages of an answer to the data owners’ application if it is submitted in writing. For every additional page over ten, a transaction fee of 1 Turkish Lira may be applied. The fee that may be demanded by the Authority cannot be greater than the cost of the recording medium if the response to the application is provided on a recording medium, such as a CD or flash memory.