Personal Data Protection Law
Çınar Environment Laboratory Inc. In order to deliver the service we provide to you in the most accurate and appropriate way, we have the personal data of our parties regarding the limits and authorities allowed by the laws and regulations.
We would like to inform you in accordance with the Law on Protection of Personal Data No. 6698 in order to protect the privacy of private life and fundamental rights and freedoms, especially considering the security of your personal data. We want all parties with whom we have relations due to our business relations to know that as Çınar Çevre Laboratory, we show maximum effort and sensitivity to the security of your personal data. All kinds of private and general personal data obtained within the scope of our service relationship and accreditation processes as a data controller pursuant to the legislation, will be recorded in accordance with the Personal Data Protection Law, as detailed below and within the limits ordered by the legislation, will be stored, updated, disclosed to third parties, transferred, classified and processed in accordance with other procedures and principles specified in the legislation.
Our principles for processing personal data
As Çınar Environment Laboratory A.Ş;
a) To process in accordance with the law and honesty rules,
b) To strive to ensure correctness and up-to-dateness,
c) To be processed for specific, explicit and legitimate purposes,
ç) To be connected, limited and restrained with the purpose for which they are processed,
d) We have adopted the principle of being stored for the period required by the relevant legislation or for the purpose for which they are processed.
What Data Do We Collect? What is the Purpose of Collecting Data?
Personal data is any information that identifies you personally or can be used to identify you directly or indirectly. We collect your personal data through your use of Çınar Environment Laboratory Services.
The categories of personal data we collect from you depend on the nature of your interaction with us or the service, and may include one or more of the following :
Your Personal Data Collected;
Identity (Represents data types such as name and surname.)
Contact (Represents data types such as e-mail address and e-mail signature information, contact address, phone number.)
Customer Transaction (Customer demands and requests, invoice, promissory note, check information, information on receipts, order information refers to data types.)
Physical Venue Security (Represents data types such as entry-exit registration information of guests and visitors, camera recordings.)
Transaction Security (If you use our guest network in our location, it refers to data types such as IP address information, website entry and exit information.)
Finance (Represents data types such as payment information, bank account information, financial performance information, Credit and risk information.)
Marketing (Represents data types such as historical service purchase information, survey, cookie records .)
Audio-Visual Records (Represents data types such as audio-visual recordings.)
Within the scope of Articles 5 and 6 of the Law on the Protection of Personal Data, Çınar Environment Laboratory A.Ş. As part of our business relations, in accordance with legal requirements, all of our interested parties provide accurate and quality service in order to realize our company purposes in line with the authorities of TÜRKAK ISO/IEC 17025 Experiment and Calibration Laboratory Accreditation, Ministry of Labor and Social Security, and İSGÜM to which we are subject. We collect in order to ensure security, to ensure legal compliance, to fulfill our commercial requirements and obligations and our obligations in contracts, if any, to fulfill our legal obligations as data controller, to establish, use and protect the right, to carry out operational processes and for other purposes stated below. ;
Performing Environmental Measurement and Analysis and Occupational Safety Measurements services and delivering them to the customer, performing activities and services such as marketing, sales, shipment, control, performing accounting, finance and collection transactions, following legal processes when necessary, processes before official institutions and organizations , responding to requests from official institutions and organizations, executing emergency management processes, executing information security processes, executing audit / ethical activities, executing access authorizations, executing activities in accordance with the legislation, ensuring physical space security, executing assignment processes, executing communication activities, executing / auditing business activities, executing occupational health / safety activities, receiving and evaluating suggestions for improvement of business processes, executing business continuity activities, executing after-service support services, executing customer relationship management processes, customer satisfaction Your personal data is processed within the scope of sub-purposes, for the purposes of carrying out activities for the purpose, executing contract processes, monitoring requests / complaints, executing the wage policy, ensuring the security of data controller operations, conducting management activities, creating and tracking visitor records, and in connection with these purposes and in a measured manner.
Method and Legal Reason for Personal Data Collection
Your personal data for the above-mentioned purposes, in accordance with the basic principles stipulated in the Law and in accordance with the processing conditions specified in Article 5 of the Law, through automatic or non-automatic means, from all kinds of service points of our company, directly orally or in writing, from the information transmitted by you, telephone, fax, e-mail. -mail etc. through channels, social media, website, official institutions and business partners within the scope of support services, closed-circuit registration systems.
In addition, Environmental Measurement and Analysis Laboratories Competence Regulation No. 28862, Regulation No. 29958 on Occupational Hygiene Measurement, Test and Analysis Laboratories, obligations of the Turkish Ministry of Foreign Affairs Turkish Accreditation Agency, Turkish Commercial Code No. 6102, Turkish Code of Obligations No. 6098, Electronic Commerce No. 6563 In accordance with the Law on the Regulation of the Regulation, 30998 Regulation on Commercial Communications and Commercial Electronic Messages, the obligations in the Occupational Health and Safety and Tax Legislation, and other relevant legislation, your personal data, the quality and correct presentation of the services under the contract, storage, reporting and information obligations. It can be processed by automatic or non-automatic methods for the purpose of performing the transactions, as long as the data processing purpose is valid.
To Whom The Processed Personal Data Can Be Transferred For What Purposes
Your collected personal data is limited to the purposes specified in the Clarification Text, and on the condition that it is measured, depending on the reasons that require it to be transferred within the scope of the Law and relevant legislation, and limited to these reasons; It can be transferred to official institutions and organizations, information technology and security companies, logistics companies, related business partners, audit companies, lawyers, suppliers, and our cooperating group companies from which we receive support services, including consultancy companies.
In addition, due to the technological storage and transfer infrastructure used, it is considered within the scope of transfer abroad.
In addition, your personal data is shared with authorized persons or institutions upon the request of a court decision or an administrative authority expressly authorized by law.
Situations We May Process Your Personal Data Without Your Explicit Consent By Law
In accordance with Article 5 of the Law, express consent is one of the personal data processing conditions in the Law, but it is not the only element that legalizes data processing. The law also stipulates conditions other than express consent for data processing activity. Accordingly, in the presence of one of the following conditions, it is possible to process personal data without seeking the explicit consent of the data subject:
a) It is clearly stipulated in the laws,
b) It is compulsory for the protection of the life or physical integrity of the person or another person, who is unable to express his consent due to actual impossibility or whose consent is not given legal validity,
c) It is necessary to process the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract,
ç) It is mandatory for the data controller to fulfill its legal obligation,
d) The person concerned has been made public by himself,
e) Data processing is mandatory for the establishment, exercise or protection of a right,
f) Data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.
How Long Is Your Personal Data Retained?
The retention periods for your personal data are determined in accordance with the following criteria:
-
If a period has been determined for the storage of data in line with the law, the relevant legislation and the contract signed between us, the said data must be kept for at least this period.
-
If the law, the relevant legislation and the contract signed between us do not foresee a period for the storage period of the data we process, your data will be stored until the reasons and purposes requiring processing expire.
-
After these relationships are terminated or the periods specified in the contract are completed, your data will be deleted without any need for your request.
How Do We Protect?
Çınar Environment Laboratory Inc. All necessary technical and administrative measures are taken for the security of all personal data collected by the Company. In this context, unauthorized access, misuse in accordance with the Personal Data Security Guide requirements published by the KVKK Board, ISO/IEC 27001 Information Security, ISO/IEC 27017 Cloud Services Information Security, ISO/IEC 27701 Privacy Information Management standards, European Union General Data Protection Regulation GDPR. we take physical, technical, organizational and managerial safeguards against use, disclosure or alteration.
What Are Your Rights Regarding Personal Data?
Regarding your personal data;
-
Learning whether your personal data is processed,
-
If your personal data has been processed, requesting information about it,
-
Learning the purpose of processing personal data and whether they are used in accordance with its purpose,
-
Knowing the third parties to whom your personal data is transferred, in the country or abroad,
-
Requesting correction of your personal data if it is incomplete or incorrectly processed,
-
Requesting the deletion or destruction of your personal data within the framework of the conditions stipulated in the KVK legislation,
-
When you request the deletion or destruction of your personal data with the correction of incomplete or incorrect data, requesting that this situation be notified to the third parties to whom we have transferred your personal data,
-
Objecting to the result if a result arises against you by analyzing the processed data exclusively through automated systems, and
-
If you suffer damage due to unlawful processing of personal data, you have the right to demand the removal of this damage.
How Can You Exercise Your Rights Regarding Personal Data?
Pursuant to paragraph 1 of Article 13 of the Law on the Protection of Personal Data, you can make your request to exercise your above-mentioned rights with the following methods and information pursuant to the "Communiqué on the Procedures and Principles of Application to the Data Controller" published on March 10, 2018, No. 30356.
Necessary information in the application content;
1. Name, Surname information of the applicant.
2. If the applicant is a citizen of the Republic of Turkey, the Turkish Republic Identity Number, if not, the Nationality and the Passport number or, if any, the Identity number.
3. The applicant's domicile or workplace address for notification.
4. The applicant's e-mail address, telephone or fax.
5. Subject of the Applicant's Request.
6. Information and documents regarding the applicant's request.
Application Methods;
1. The applicant personally works with Çınar Çevre Laboratory A.Ş. address, by filling in the «Application Form», with a closed envelope and the note “Information Request Pursuant to the Law on the Protection of Personal Data” on the envelope, with a hand-delivery report to our central location.
2. The applicant, through the notary public, Çınar Environment Laboratory A.Ş. A notification may be made, but the phrase "Information Request Pursuant to the Law on Protection of Personal Data" should be added on the notification envelope.
3. With the "Secure Electronic Signature" defined in the Electronic Signature Law No. 5070, the applicant is personally registered by our company.cinarlab@hs01.kep.trYou can apply to the address with the note "Information Request Pursuant to the Law on the Protection of Personal Data" in the subject part.
Our application form regarding your rights mentioned above.from hereyou can reach.
How Long Will Your Requests Regarding the Processing of Your Personal Data Be Answered?
Your claims regarding your personal data are evaluated and answered within 30 (thirty) days at the latest from the date they reach us. In case your application is evaluated negatively, the reasons for rejection will be sent via e-mail or post to the address you specified in the application.