NOTIFICATION PURSUANT TO THE LAW ON THE PROTECTION OF PERSONAL DATA NO. 6698
This “Information Text” has been prepared by OSKİM OTOMOTİV SANAYİ VE TİCARET ANONİM ŞİRKETİ (“Company”) within the scope of the Personal Data Protection Law No. 6698 (“KVKK”) and in the capacity of “Data Controller”, to inform you about the purposes of processing your personal data, to whom and for what purposes it may be transferred, the methods of collecting your personal data and its legal grounds, and your rights under Article 11 of KVKK.
This Information Text has been prepared within the framework of the “Obligation to Enlighten Data Controller” regulated in Article 10 of KVKK. This Information Text, prepared in accordance with KVKK, is made available for access by natural persons whose personal data is processed.
Scope and Purpose of the Information Text:
The following matters are specified in detail in the Information Text:
- Methods and legal grounds for collecting personal data,
- Data categories and sample data types,
- Purposes for which relevant personal data is processed,
- To whom and for what purposes personal data may be transferred,
- Sharing of personal data with public institutions, organizations, and official authorities,
- What rights individuals have over their own personal data and how they can exercise these rights,
- Method of application to the data controller.
- Methods and Legal Grounds for Collecting Personal Data
The Company collects personal data audibly, electronically, or in writing through the data subject themselves, call centers, social media applications, CCTV, websites, cookies, and other communication channels, in accordance with the personal data processing conditions specified in KVKK and in line with the legal grounds stated in the Information Text.
- Data categories and data types
No | Data Subject | Data Category | Sample Data Types |
|
| Identity Information | Name-Surname, Gender, National ID Information (Card serial no, family sequence no, etc.), Passport Number, Nationality |
1. | Customer | Contact Information | Address (home/work), E-mail, Phone / Mobile Phone |
|
| Financial Information | Payment Information, Invoice Information |
|
| Other | Call Center Records, CCTV |
|
| Identity Information | Name-Surname |
2. | Visitor | Contact Information | E-mail, Phone / Mobile Phone |
|
| Other | Vehicle License Plate, CCTV |
|
| Transaction Security Information | 5651 Logs, Traffic Information |
3. | Online Visitor | Transaction Information | IP Address, Member Information |
|
| Identity Information | Name-Surname, Driver’s License Information |
|
| Contact Information | Address, E-mail, Phone / Mobile Phone |
4. | Supplier | Financial Information | Invoice information |
|
| Legal Transaction and Compliance Information | Signature Circular, Activity Information, |
|
| Other | Vehicle Inspection information, CCTV, Certificate |
- Purposes for which relevant personal data is processed
- Management of Emergency Processes,
- Management of Information Security Processes,
- Management of Application Processes for Employee Candidates / Interns,
- Fulfillment of Obligations Arising from Employment Contracts and Legislation for Employees,
- Management of Fringe Benefits and Interests Processes for Employees,
- Conducting Audit / Ethics Activities,
- Conducting Training Activities,
- Management of Access Authorizations,
- Conducting Activities in Compliance with Legislation,
- Conducting Finance and Accounting Operations,
- Management of Company / Product / Service Loyalty Processes,
- Conducting Assignment Processes,
- Monitoring and Conducting Legal Affairs,
- Conducting Internal Audit / Investigation / Intelligence Activities,
- Conducting Communication Activities,
- Planning Human Resources Processes,
- Conducting / Supervising Business Activities, Occupational Health / Safety Activities,
- Receiving and Evaluating Proposals for Improving Business Processes,
- Conducting Business Continuity Assurance Activities,
- Conducting Logistics Activities,
- Conducting Goods / Service Procurement Processes,
- Conducting Goods / Service After-Sales Support Services,
- Conducting Goods / Service Sales Processes,
- Management of Customer Relationship Management Processes,
- Conducting Activities for Customer Satisfaction,
- Conducting Performance Evaluation Processes,
- Conducting Contract Processes,
- Management of Supply Chain Management Processes,
- Conducting Wage Policy,
- Conducting Marketing Processes for Products / Services,
- Conducting Talent / Career Development Activities,
- Informing Authorized Persons, Institutions and Organizations, processing pursuant to Law No. 5651,
- Resolving customer problems and complaints,
- Ensuring Corporate Communication,
- Planning and Execution of Documentation Activities,
- Conducting Import / Export Processes,
- Conducting Information and Communication Technologies Processes,
- Operational Activities Required for Compliance with Company Procedures and/or Relevant Legislation,
- Conducting Legal Incentive Processes,
- Use as evidence in possible disputes,
- Fulfillment of Obligations Arising from Law No. 5615,
- Ensuring that Employees Benefit from Social Security and General Health Insurance Rights
- To whom and for what purposes personal data may be transferred
Personal data may be transferred domestically and internationally to Financial Advisors, Lawyers, Banks, Public Procurement Authority, Natural persons or private law legal entities, Business Partners, Affiliates and Subsidiaries, Authorized Public institutions and organizations, Suppliers, Customers, and Dealers for the purposes of Conducting Activities in Compliance with Legislation, Fulfillment of legal responsibilities, enabling employee salary payments to be made to companies operating in the banking sector, and within the scope of Conducting / Supervising Business Activities.
- Personal Data Sharing with Public Institutions, Organizations, and Official Authorities
No | Data Subject | With Whom and for What Purpose is Personal Data Shared? |
1. | Customer | Traffic information arising from internet use provided at Company premises; shared with public institutions and organizations legally authorized to request such information within the scope of legal obligations (in cases where the Company has a legal or administrative obligation to notify or provide information, including but not limited to combating crime, threats to state and public security); sharing of log records with official institutions |
2. | Visitor / Online Visitor | Traffic information such as personal data related to membership and browsing information; shared with public institutions and organizations legally authorized to request such information within the scope of legal obligations (in cases where the Company has a legal or administrative obligation to notify or provide information, including but not limited to combating crime, threats to state and public security); sharing of log records with official institutions |
3. | Supplier | Sharing personal data with relevant public institutions for the purpose of fulfilling legal notifications required by accounting; sharing invoice information with the Ministry of Finance during tax audits, sharing financial data with the bank for the purpose of fulfilling payment obligations arising from commercial relations |
- Rights of Data Subjects Over Their Personal Data and How They Can Exercise These Rights
The rights you have under Article 11 of the Law titled “Rights of the Data Subject” are listed below:
- Learning whether personal data is processed,
- Requesting information if personal data has been processed,
- Learning the purpose of processing personal data and whether it is used in accordance with its purpose,
- Knowing the third parties to whom personal data is transferred domestically or internationally,
- Requesting correction of personal data in case of incomplete or incorrect processing,
- Requesting deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the KVKK Law,
- Requesting that the transactions made pursuant to the rights of correction, deletion and destruction mentioned above be notified to third parties to whom personal data has been transferred,
- Objecting to the emergence of a result against the person themselves by analyzing the processed personal data exclusively through automated systems,
- Requesting compensation for damages in case of suffering a loss due to unlawful processing of personal data.
The Company may make changes to this Information Text at any time. These changes become immediately effective upon the publication of the revised new Information Text.
- Method of Application to the Data Controller
You may submit your application,
- In Writing;
- Kayapa OSB, Yesil, 530) Cd No: 9/1, 16315 Nilufer/BURSA address;
- Using your registered electronic mail address;
by sending via your e-mail address registered in our system or confirmed to belong to you, to ik@oskimautomotive.com e-mail address.
For more detailed information about the procedures and principles to be followed when applying, you can access the Personal Data Protection Authority’s “Communique on Procedures and Principles of Application to Data Controller”.
