When you transfer your personal data to our website and click on the “approval” button, it shall be accepted that you give express consent for these to be processed and transferred to third parties by the Data Controller in a relevant, limited and restrained way in terms of purpose of processing. Relevant matters to be complied with within the scope of clarification obligations required to be fulfilled by the Data Controller are set forth below:
To whom it may concern;
I. As Kromel Makine Sanayi Ticaret Anonim Şirketi (shortly referred as "Data controller"), we hereby inform you to obtain your express consent in following subjects within the scope of processing your personal data and clarification obligation required to be fulfilled for responsibilities of Data Controller, pursuant to article 10 of Law no. 6698 on Personal Data Protection (shortly referred as "PDP").
Data Controller: Kromel Makine Sanayi Ticaret Anonim Şirketi
Address: Sakarya 1. Organize Sanayi Bölgesi 1. Yol No:11 54580 Arifiye/SAKARYA/TURKEY
Phone: 0 264 276 84 66 Fax: 0 264 276 87 20 – 21
E-Mail: kromel@kromel.com.tr Web: www.kromel.com.tr
Your personal data shall be processes provided that they shall be preserved and stored for required duration in order to allow you to benefit from advertisement, promotion, marketing, trade, employment services and product sales related to application subject, fulfill the legislative obligation for keeping union membership status of employees in personal file, conduct the relations in terms of the requirement for the physician to process health details of their patients, update your contact details, perform our responsibilities in relation to product sales and afterwards, process them to data recording systems in an automatic and/or non-automatic way, perform repair services and all relevant recognition procedures (financial procedures), and determine and implement our commercial, financial, legal and social businesses and targets.
3. Categories of natural and legal persons to whom your personal data will be transferred and potential purposes of this transfer
A. Categories of natural and legal persons to whom the personal data will be transferred
-Parent and affiliated companies within the group of companies
-Board Members of the Company
-Employees of the Company who has management and/or representation authorities at human resources, quality, financial affairs (accounting), general directorate, marketing, internal purchase, foreign trade, research and development, businesses, branches and data processing departments
-Company participations
-Institutions and organizations in cooperation with as well as their employees (sub-employers and parties – business owners performing relevant works), third persons (such as former employees, family members, auditors), sellers and buyers, public institutions and organizations, audit and supervision institutions and organizations, natural persons and private legal persons
-Company shareholders
B. Potential purposes of transferring personal data
You hereby accept that you give your express consent for your personal data to be transferred domestically or (when required) abroad for following purposes:
-Provision of Law: Preservation of personnel data of employees pursuant to laws.
-Contract Performance: Recording address details of the company for delivery purposes.
-Actual impossibility: Personal health information of the unconscious person, or location details of abducted or lost person.
-Legal responsibility of data controller: Information sharing for special audits for areas such as banking, energy, capital markets.
-Ensuring publicity: Including contact details of a person who wishes to sell his/her house in sales postings.
-Establishment, protection and exercising of rights: Preservation of required details of an employee who left work throughout lawsuit prescription term.
-Self-defense: Data processing for award and premium practices to increase employee loyalty.
Other examples can include appointment and transfer procedures, contract transfer procedures, retirement procedures, participation to seminars and courses within and outside the country, establishing contracts, goods and service purchase, product sales, advertisement, promotion, marketing, etc.
4. Method and legal reason of collecting personal data
A. Personal data collection method
Personal data collection method must be specified as one of the following options:
i. Fully automatic method,
i i. Partially automatic method,
iii. Non-automatic method.
For instance; by automatic or non-automatic methods via websites or other similar channels of data controller, call center, contracted institutions or organizations, in written, verbal and electronic environments.
B. Legal grounds of collecting personal data
Legal grounds of collecting personal data must be specified in terms of which processing conditions set forth in articles 5 and 6 of PDP are based on.
For instance; “Required for the data controller to fulfill its legal obligation” as stated in clause (2) (ç) of article 5 of PDP.
5. Scope of clarification obligation
You can have the following rights about yourself by making application to Data Controller:
a) The identity of the data controller and if any, its representative,
b) The purposes for which personal data will be processed,
c) The persons to whom processed personal data might be transferred and the purposes for the same,
ç) The method and legal cause of collection of personal data,
d) Other rights listed below;
i) Learn whether or not her/his personal data have been processed,
ii) Request information as to processing if her/his data have been processed,
iii) Learn whether data are used in accordance with processing purpose,
iv) Learn the purpose of processing of the personal data and whether data are used in accordance with their purpose,
v) Request rectification in case personal data are processed incompletely or inaccurately,
e) Request deletion or destruction of personal data despite they were processed in accordance with PVP and other legal provisions if the causes requiring processing are not valid anymore (PDP art. 7, 11),
f) Request notification of the operations made as per indents (v) and (e) to third parties to whom personal data have been transferred;
g) Object to occurrence of any result that is to her/his detriment by means of analysis of personal data exclusively through automated systems,
ğ) Request compensation for the damages in case the person incurs damages due to unlawful processing of personal data.
II. Application to data controller
You can forward your requests within the scope of the rights set forth in the section no. (I) above to the Data Controller in writing or by using registered electronic mail address, secure electronic signature, mobile signature or electronic mail address previously notified by your party to the Data Controller or registered in Data Controller System or via a software or application developed for application purposes.
Your application must include the following information and documents;
a) Name, surname, and signature if the application is in writing,
b) Republic of Turkey ID number for Turkish citizens, nationality, passport or ID number (if any) for foreign nationals,
c) Residency or workplace address for notification,
ç) Electronic mail address, telephone and fax number for notification if any,
d) Subject of request.
Information and documents related to subject of application must be included in the application.
For written applications, application date is the date of submitting the document to Data Controller or representative. For applications made by other methods, the date when the application is received by the Data Controller is accepted as application date.
Respectfully submitted for your information and relevant action.