Gerede Jelatin A.Ş,   Protection of Personal Data Clarification Text,

This clarification text has been prepared by Gerede Jelatin A.Ş,  as the data controller within the scope of the Communiqué on the Procedures and Principles to be Complied with in Fulfilling the Obligation of Illumination with Article 10 of the Law No. 6698 on the Protection of Personal Data (“Law”).

1.Data Controller

Personal data is processed in the categories of Employees, Candidates for Employees, Owners, Trainees, Supplier Employees, Supplier Officials, Persons Receiving Products or Services, and Visitors in the categories notified to the verbis system, taking into account the privacy issues. Pursuant to the law, the extent to which it can be processed by Gerede Jelatin A.Ş,   in the capacity of data controller is explained in this lighting text (“Lighting Text”).

2.What is the Collection Method and Legal Reason of Personal Data?

Personal data, including health information, are obtained from the person concerned, from the systems that can detect location, and from the authority of the company where the supplier employees work, fully or partially automatically or non-automatically, provided that they are part of any data recording system. . Personal data can be processed in accordance with the basic principles stipulated by the Law, within the scope of the personal data processing conditions and purposes specified in Articles 5 and 6 of the Law, with the real and legal persons specified in this Clarification Text, in the country and abroad for the following purposes; and can be transferred.

3.What are the Circumstances in which the Data Controller can Process Personal Data without Explicit Consent in accordance with the Law?

Pursuant to Article 5 of the Law, Gerede Jelatin A.Ş,  may process the personal data it has received in accordance with the law without seeking explicit consent in the following cases:

  • Where expressly provided for by law
  • The personal data must be processed in order to protect the life or physical integrity of the Personal Data Owner or someone else in cases where the Personal Data Owner is unable to express his or her consent due to actual impossibility, or in cases where the consent is not legally valid,
  • It is necessary to process the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract concluded between Gerede Jelatin A.Ş, and the Personal Data Owner,
  • It is mandatory for Gerede Jelatin A.Ş,  to fulfill a legal obligation,
  • The personal data has been made public by the Personal Data Owner,
  • Data processing is mandatory for the establishment, exercise or protection of a right,
  • Data processing is mandatory for the legitimate interests of Gerede Jelatin A.Ş,   provided that it does not harm fundamental rights and freedoms.

In addition, pursuant to Article 6 of the Law, Gerede Jelatin A.Ş,  may process sensitive personal data it has received in accordance with the law, without seeking explicit consent, in the following cases:

  • Data on race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, disguise and clothing, membership in associations, foundations or unions, health, sexual life, criminal convictions and security measures, and biometric and genetic data are of special nature. is personal data.
  • Special categories of personal data other than the health and sexual life of the personal data owner, if prescribed by law,,
  • Persons or authorized institutions and organizations that are under the obligation of keeping confidential, for the purpose of protecting public health, providing preventive medicine, medical diagnosis, treatment and care services, planning and managing health services and financing, be by.

4.What are the Purposes of Processing Personal Data?

Personal data;

  • Execution of Employee Candidates and Internship Application Processes
  • Fulfillment of Employment and Legislation Obligations for Employees
  • Execution of Benefits and Benefits Processes for Employees
  • Conducting Educational Activities
  • Execution of Access Authorizations
  • Execution of Activities in Compliance with the Legislation
  • Execution of Finance and Accounting Affairs
  • Providing Physical Space Security
  • Execution of Assignment Processes
  • Follow-up and Execution of Legal Affairs
  • Execution of Communication Activities
  • Planning of Human Resources Processes
  • Execution / Supervision of Business Activities
  • Execution of Occupational Health / Safety Activities
  • Execution of Service Procurement Processes
  • Hizmet Satış Sonrası Destek Hizmetlerinin Yürütülmesi
  • Execution of Service Sales Processes
  • Execution of Performance Evaluation Processes
  • Execution of Contract Processes
  • Execution of Wage Policy
  • Providing Information to Authorized Persons, Institutions and Organizations
  • Creating and Tracking Visitor Records

It can be processed by Gerede Jelatin A.Ş,  and other real and/or legal persons specified in article V.

5.To Whom Personal Data Is Transferred For What Purpose?

Collected personal data, in accordance with the basic principles stipulated by the Law and the personal data transfer conditions specified in Articles 8 and 9 of the Law, and for the purposes listed below, to legally authorized public institutions and organizations, Real persons or private law legal entities,  persons. It can be  Gerede Jelatin A.Ş,  transferred to companies/organizations that will establish a business contract with Gerede Jelatin A.Ş,  and their business partners, suppliers and service providers.

  • Follow-up and Execution of Legal Affairs
  • Obtaining permissions and Execution of Assignment Processes for the personnel to work in the field
  • Notification of Subscription Initiation and Payment of Bills
  • Providing Physical Space Security,
  • Providing Information to Authorized Persons, Institutions and Organizations
  • Telephone Line Supply
  • Obtaining Access Authorizations to the Software of Business Partners
  • Meeting Tender Entry Requests
  • Fulfillment of Legal Obligation
  • Realization of SSI Notifications
  • Performing Card Printing
  • Opening Corporate User Accounts
  • Making Personnel Salary Payments
  • Execution of Contract Processes
  • Keeping the trainee attendance record
  • E-Prescription creation after diagnosis

By Gerede Jelatin A.Ş,  To foreign countries declared to have sufficient protection by the KVK Board (“Foreign Country with Sufficient Protection”) or, in the absence of sufficient protection, to foreign countries where the data controllers in Turkey and the relevant foreign country undertake an adequate protection in writing and for which the permission of the KVK Board is available. Personal data can be transferred to countries (“Foreign Country With A Data Controller Undertaking Adequate Protection”).

6.What are the Rights of the Personal Data Owner?

Within the framework of Article 11 of the Law, the Personal Data Owner always applies to the data controller and;

  • Learning whether personal data is processed or not,
  • If personal data has been processed, requesting information about it,
  • Learning the purpose of processing personal data and whether they are used in accordance with the purpose,
  • Knowing the third parties to whom personal data is transferred at home or abroad,
  • Requesting correction of personal data in case of incomplete or incorrect processing,
  • Requesting the deletion or destruction of personal data in case the reasons requiring the processing of personal data disappear, in order to be evaluated within the principles of purpose, duration and legitimacy, Requesting the deletion or destruction of personal data,
  • Requesting the deletion, destruction or anonymization of personal data in case the reasons requiring processing disappear, although it has been processed in accordance with the Law on the Protection of Personal Data No. 6698 and other relevant laws.
  • Requesting notification of the transactions regarding the correction, deletion or destruction of personal data to the third parties to whom the personal data has been transferred,
  • Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,
  • Requesting the compensation of the damage in case of loss due to unlawful processing of personal data has rights.

7.How Does Personal Data Owner Use Their Rights?

Pursuant to Article 11 of the Law, the Personal Data Owner must fill in the application form completely and submit it to Gerede Jelatin A.Ş,  through the channels specified in the form in order to use the above-mentioned rights.

8.How Long Will Personal Data Be Processed?

In accordance with the Law, when the personal data processed for the purposes specified in this Clarification Text ceases to be processed in accordance with Article 7 of the Law and/or when the statute of limitations for the processing of data as Gerede Jelatin A.Ş,  expires in accordance with the legislation, Gerede Jelatin A.Ş,   will be deleted, destroyed or anonymized and will continue to be used.