|Title||:||EKSAGATE ELEKTRONİKMÜH.VE BİLGİSAYAR SAN.TİC.A.Ş.|
|Adress||:||YEŞİLCE MAH. DOĞA SK. NO: 6 İÇ KAPI NO: 2 KAĞITHANE / İSTANBUL|
|Phone||:||+90 212 275 7322|
|Registered Electronic Mail (KEP)||:||email@example.com|
We, Exagate, have the data of the related parties subject to and in accordance with the restrictions and rules of the Personal Data Protection Law No.6698 for the purposes of providing services.
We would like to give you information for clarification on protection of privacy, fundamental rights and freedoms, especially considering the security of your personal data in accordance with the Personal Data Protection Law No.6698.
As Exagate, we use utmost care and consideration to the security of your personal data. As per the legislation, all kinds of private and general personal data acquired/ collected within the scope of our service relationship by us as a data controller will be recorded, stored, updated, disclosed or transferred to third parties, as detailed below and always in accordance with the Law on the Protection of Personal Data and within and subject to the limits and restrictions prescribed by the legislation, can be classified and processed according to other procedures and principles specified in the legislation.
Our principles regarding the processing of personal data
Our Principles regarding the processing of personal data as Exagate are as follows;
a) Operate in accordance with the law and the rules of honesty,
b) Strive to provide correct and up to date,
c) Process for specific, explicit and legitimate purposes,
ç) Process in a limited and measured manner in connection with the purpose for which they are processed,
d) Keep for the period stipulated in the relevant legislation or required for the purpose for which they are processed.
Which of your Data are collected by us? What Is Our Purpose to Collect Data?
Identity and Contact Data: We may collect your personal and / or business contact information, including the data on your identity and passport, such as your name, surname, your postal address, telephone number, fax number, e-mail address and other similar data and identifiers.
Customer Transaction Data: We can collect your data such as call centre records, invoice, bill, check information, order information, request information.
Financial Data: We collect information needed to process payments and prevent fraud, including bank account numbers and other relevant billing information.
Physical Location Security Data: We may collect your data such as entrance and exit recording information, camera records.
Transaction Security Data: If you connect to the Exagate network, we may collect your data such as IP address information, Internet site login and exit information.
Audio-Visual Records: We may collect your data such as audio-visual records.
Social Media Data: Data collected due to social media features that allow you to share information with your social networks and interact with us on various social media sites.
Other Unique Identification Data: Examples of other unique identification data we collect from you include information you provide when you interact in person with our service centres, helpdesk or other customer support channels online, by phone or mail, your responses to customer surveys or to respond to your questions, and additional information you provide to us to enhance our ability to facilitate the delivery of Exagate services provided to you.
We collect your personal data in line with the data processing conditions specified in Articles 5 and 6 of the Law on the Protection of Personal Data, within the scope of our relationships, the legal regulations and the continuity of our business processes, establishment of the right, protection, use, fulfilment of our contractual obligations, carrying out operations and other purposes stated below we collect your data within it.
We process your data to provide comprehensive customer support and a seamless customer experience to you and to personalize Exagate services and communications for Customer Support and Satisfaction purposes.
We communicate to provide communication and information about Administrative Purposes and Exagate services with you; However, your data are processed for reasons such as responding to your questions or requests, communications related to service completion or after-service support transactions and legally required communications.
Your data are processed for the following purposes: Transaction Support; completing purchases related to our products or services; processing payments, arranging shipments and deliveries; facilitating repair and return procedures.
Your data are processed for Security Purposes, to ensure the integrity and security of our websites, products, services and to prevent security threats, fraudulent activities or other criminal or malicious activities that may endanger your information. In addition, we can take additional security measures such as CCTV (Closed Circuit Camera System) to protect our locations.
Your data are processed for the purposes of business Activities; Providing services, conducting business research and analytics, corporate reporting and management, quality assurance practices (it may include tracking or recording calls to our customer support services)
Your data are processed for the purposes of Research and Innovation; To develop new products, features and services by using research and development tools and combining data analysis activities.
Marketing Purposes: Your data are processed with the aim of developing Exagate services and delivering them to you by making research and developments.
Compliance with Legislations: Your data are processed to respond to applicable laws, regulations, court orders, government and law enforcement requests to properly operate our services and products, to protect ourselves, our users and our customers, and to resolve any customer disputes.
In addition to the above mentioned purposes; your personal data are processed within the scope of similar sub-purposes, provided that it is related to the purposes such as the execution of information security processes, the execution of financial and accounting affairs, ensuring the security of data controller operations, collection and following legal processes when necessary.
Method of and Legal Basis for Collecting Personal Data
In addition, your personal data are processed by automatic or non-automatic methods for execution of the service, availability and continuity of services related to our activities, quality and correct provision of the services covered by the contract and measuring and increasing the service quality, providing information about services, transmission of announcements and warnings, information research, determining and implementing our company's strategies, customer service, planning, statistics, customer satisfaction studies, retention of information requested by our company's public institutions, reporting, carrying out the works and transactions to be carried out in accordance with the information obligations pursuant to Turkish Commercial Code No. 6102, Turkish Code of Obligations No. 6098, Law No. 6563 on the Regulation of Electronic Commerce, Regulation on Commercial Communication and Commercial Electronic Messages, Obligations in Occupational Health and Safety and Tax Legislation and other related legislation, as long as the data processing purpose will continue to be valid.
Persons to whom the Personal Data may be transferred and the reasons for such transfers
We keep your Personal Data confidential. We do not sell, rent or exchange your Personal Data. We do not use or share your Personal Data in ways that are unrelated to the persons we describe at the points where you provide data or described in a valid contract, unless you have your consent.
Your collected personal data are collected as limited for the purposes specified in the Disclosure Text and limited to the reasons that need to be transferred within the scope of the Law and the relevant legislation and limited to these reasons;
We hire service providers or Business partners to manage or support certain aspects of the service.
Your data may be shared with parties such as organizations, security companies, logistics companies, banks, insurance companies, consulting companies, lawyers, customer support, installation, technology services, e-mail service providers, data hosting, debt collection service providers that provide services such as management or support for Exagate companies and Exagate website in order to fulfil our contractual responsibilities, against such organizations.
Our service providers and business partners are required to protect the personal data they receive from us in accordance with the contract, and they are prohibited from using the personal data for any purpose other than those specified by Exagate.
We may also share your personal data, in good faith, when we believe we have an obligation, such as: respond to fully authorized information requests from law enforcement agencies, regulators, courts and other public authorities, including meeting national security or other law enforcement requirements, all to comply with laws, regulations, subpoenas or orders, investigate and help prevent security threats, fraud or other criminal or malicious activities, enforce / protect the rights and property of Exagate and its affiliates, or to protect the rights or personal safety of third parties using its property to the extent permitted by applicable law and in accordance with the requirements of applicable law.
However, due to the transfer and storage technologies used, the data may be transferred abroad. We ensure that your personal data will not be processed by our company for purposes other than those specified in this disclosure document.
Situations Where We May Process Your Personal Data Without Getting Your Explicit Consent
Pursuant to Article 5 of the Law, although explicit consent is one of the personal data processing requirements in the law, it is not the only factor that gives legality to data processing. The law stipulates conditions for data processing activities other than explicit consent. Accordingly, it is possible to process personal data without seeking the explicit consent of the person concerned if one of the following conditions is met:
a) the disclosure is clearly allowed/ required in the applicable laws,
b) It is mandatory for the protection of the life or physical integrity of the person who is unable to disclose his consent due to actual impossibility or whose consent is not legally valid,
c) It is necessary to process personal data belonging to the parties of the contract, provided that it is directly related to the establishment or performance of a contract,
d) It is mandatory for the data controller to fulfil his legal obligation,
e) It is made public by the person concerned,
f) Data processing is mandatory for the establishment, use or protection of a right,
g) If data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the person concerned.
How Do We Protect Your Data?
All necessary technical and administrative measures are taken for the security of all personal data collected by Exagate. We take physical, technical, organizational and administrative measures against unauthorized access, abuse, disclosure or modification in accordance with Personal Data Security Guideline requirements published by the KVKK board, ISO / IEC 27001 Information Security, ISO / IEC 27017 Cloud Services Information Security, ISO / IEC 27701 Privacy Information Management standards, European Union General Data Protection Regulation GDPR.
Your Rights as to Your Personal Data?
Related to your personal data you are entitled to;
• learn whether your personal data are being processed,
• request information about personal data if it has been processed,
• learn the purpose of processing personal data and whether they are used in accordance with their purpose,
• know the third parties to whom personal data are transferred domestically or abroad,
• request correction of personal data in case of incomplete or incorrect processing,
• request the deletion or destruction of personal data within the framework of the conditions stipulated in the law,
• request notification of the transactions made pursuant to above subparagraphs to third parties to whom personal data have been transferred,
• challenge to the occurrence of a result against the person himself by analyzing the processed data exclusively through automated systems, and • request the compensation of the damage in case of damage due to unlawful processing of personal data.
How Can You Exercise Your Rights Regarding Personal Data?
In accordance with the 1st paragraph of Article 13 of the Law on the Protection of Personal Data, you may submit your request to exercise any of your rights stated above using the methods and information given below in accordance with the "Communiqué numbered 30356 on Application Procedures and Principles for Data Supervisor" published on March 10, 2018.
Information Required for Application;
1. Name and Surname of the applicant.
2. The applicant is a citizen of the Republic of Turkey Identity Number, if not the nation with a passport number or ID number is there.
3. The residence or workplace address of the applicant for notification.
4. Notification e-mail address, telephone or fax of the applicant.
5. Subject of the request of the applicant.
6. Information and documents based on the subject of the applicant's request.
1. The Applicant may file the application by hand personally to our related central location of EKSAGATE ELEKTRONİKMÜH.VE BİLGİSAYAR SAN.TİC.A.Ş. by filling in the "Application Form" and writing an "Information Request Requirement of the Law on Protection of Personal Data" in a sealed envelope.
2. For applications made through a notary public to the address of EKSAGATE ELEKTRONİKMÜH.VE BİLGİSAYAR SAN.TİC.A.Ş., the applicant must include "Request for Information as per the Law on Protection of Personal Data" note on the notification envelope.
3. The applicant can personally apply to our company's Registered Electronic Mail address firstname.lastname@example.org with the note "Information Request in accordance with the Law on Protection of Personal Data" by using the "Secure Electronic Signature" defined in the Electronic Signature Law No. 5070.
Responding Period to Your Requests Regarding the Processing of Your Personal Data?
Your applications submitted to us will be answered upon evaluation of your right requests related to the personal data within thirty (30) days from the date we receive your request. If your application is denied, the reasons for the rejection are sent to the address you specified in the application via e-mail or mail.
Date of Issuance: 07.04.2018