This Clarification Text has been prepared by the Zeta Risk A.S. (“Company”) in order to enlighten the customers of the Company regarding the processing of their personal data by the Company within the scope of the Law on Protection of Personal Data No.6698 (” Law “).
Detailed information regarding the processing of your personal data within the scope of this Clarification Text can be found in the Zeta Risk A.S. Personal Data Protection and Processing Policy at [www.zetarisk.com].
a) Methods of Obtaining Personal Data and Legal Reasons
Your personal data is collected in electronic or physical environment. Your personal data collected for legal reasons specified in this Clarification Text can be processed and shared within the framework of the personal data processing conditions specified in Articles 5 and 6 of the Law.
b) Purposes of Processing Personal Data
Planning and execution of the activities required for the promotion and promotion of your personal data, the products and services offered by the Company within the framework of the personal data processing conditions specified in Articles 5 and 6 of the Law, according to the likes, usage habits and needs of the relevant persons, Carrying out the necessary work by the business units to make use of the products and services by the business units and carrying out the relevant business processes, Carrying out the necessary work by the relevant business units for the realization of the commercial activities carried out by the Company and carrying out the related business processes, Planning the commercial and / or business strategies of the Company and execution, and for the purpose of ensuring the legal, technical and commercial-occupational safety of the Company and the relevant persons in business relations with the Company.
c) Parties where Personal Data can be shared and Sharing Purposes
Planning and execution of the activities required for the promotion and promotion of your personal data by customizing the products and services offered by the Company according to the likes, usage habits and needs of the relevant persons within the framework of the personal data processing conditions and purposes specified in Articles 8 and 9 of the Law, Carrying out the necessary work by business units to benefit the relevant persons from the products and services offered by the company and carrying out the relevant business processes, carrying out the necessary work by the relevant business units for the realization of the commercial activities carried out by the Company and carrying out the related business processes, The Company’s business partners and suppliers, legally authorized institutions and organizations, within the scope of planning and execution of business strategies and ensuring the legal, technical and commercial-business security of the Company and the relevant persons in business relations with the Company. can be shared with authorized private law legal entities.
d) Rights of Data Owners and Exercise of These Rights
As personal data owners, if you submit your requests regarding your rights stated below to the Company using the methods specified under the heading of Exercise of Rights by Data Owners, your requests will be evaluated and concluded by our Company as soon as possible and in any case within 30 (thirty) days.
As a personal data owner in accordance with Article 11 of the Law, you have the following rights:
Learning whether your personal data is being processed,
If your personal data has been processed, to request information regarding this,
Learning the purpose of processing your personal data and whether they are used appropriately for their purpose,
To know the third parties in the country or abroad to whom your personal data has been transferred,
To request correction of your personal data in case of incomplete or incorrect processing, and to request notification of the transaction made within this scope to third parties to whom personal data have been transferred,
To request the deletion or destruction of your personal data in the event that the reasons requiring its processing disappear, despite the fact that it has been processed in accordance with the provisions of the law and other relevant laws, and to notify the third parties to whom the personal data has been transferred,
Object to the occurrence of a result against the person himself by analyzing your processed data exclusively through automated systems,
To request the compensation of the damage in case your personal data is damaged due to unlawful processing.
Paragraph 2 of Article 28 of the Law lists the cases where data owners do not have the right to request, and within this scope;
Processing of personal data is necessary for the prevention of crime or for criminal investigation,
Processing personal data made public by the person concerned,
Processing of personal data is necessary for the execution of supervision or regulation duties and disciplinary investigation or prosecution by the authorized and authorized public institutions and organizations and professional organizations that have the quality of public institutions, based on the authority granted by the law,
Processing of personal data is necessary for the protection of the economic and financial interests of the State regarding budget, tax and financial issues,
In such cases, the rights specified above cannot be used for the data.
According to paragraph 1 of Article 28 of the Law, as the data will be out of the scope of the Law in the following cases, the requests of the data owners will not be processed in terms of these data:
Processing of personal data by real persons within the scope of activities related to him or his family members living in the same residence, provided that they are not given to third parties and obligations regarding data security are complied with.
Processing personal data for purposes such as research, planning and statistics by making them anonymous with official statistics.
Processing of personal data for artistic, historical, literary or scientific purposes or within the scope of freedom of expression, provided that it does not violate national defense, national security, public security, public order, economic security, privacy or personal rights or constitute a crime.
Processing of personal data within the scope of preventive, protective and intelligence activities carried out by public institutions and organizations authorized by law to ensure national defense, national security, public security, public order or economic security.
Processing of personal data by judicial authorities or execution authorities in relation to investigation, prosecution, trial or execution proceedings.
Exercise of Rights by Data Owners
Pursuant to paragraph 1 of Article 13 of the KVK Law, you can submit your request to use your above-mentioned rights to our Company in writing or by other methods determined by the Personal Data Protection Board.
In order to use your rights stated above, your request containing the necessary information identifying your identity and other information requested and your explanations about your right to use the rights specified in Article 11 of the KVK Law https://www.netrisk.com.tr/en/content/uploads/kvkk-basvuru-formu.pdf address by completing the form, a signed copy of the form A87 Business Istanbul Kadıkoy / Istanbul-Turkey and the address of fastener can transmit your identity documents to obtain personally, return You can send it by registered mail, send it via notary public or other methods specified in the KVK Law, or send the relevant form to email@example.com with secure electronic signature.
The company responds within thirty (30) days at the maximum, as stipulated in the Law, to data owners who want to exercise the said rights within the framework of the limits stipulated in the Law. In order for third parties to make an application request on behalf of personal data owners, a special power of attorney issued by the data owner through a notary public must be available on behalf of the applicant.
While data owner applications are processed free of charge as a rule, they may be charged over the fee schedule stipulated by the Personal Data Protection Board.
The company may request information from the relevant person in order to determine whether the applicant is the owner of personal data, and in order to clarify the matters specified in the application, it may ask a question to the personal data owner about his application.