FAYDALI YAZILIM İŞLERİ A.Ş.

INFORMATION ON PERSONAL DATA OF BUSINESS PARTNERS

NOTICE OF DISCLOSURE

 

Faydalı Yazılım İşleri A.Ş. (“Faydalı Yazılım“) places great importance on the security of personal data collected by our company. As Faydalı Yazılım, we want to explain to our business partners how their data is collected and processed as defined in the “Data Controller” in the Law on Protection of Personal Data No. 6698 (“Law“) and the Communiqué on the Procedures and Principles to be Followed in Fulfillment of the Obligation to Inform (“Communiqué“).

The following processes comply with legal requirements regarding your data or the personal data of your employees collected under Faydalı Yazılım.

  1. INFORMATION SECURITY PROCESSES

Personal data processed within the scope of information security processes are as follows:

  • Name, surname,
  • E-mail address information,
  • IP address, MAC address, and phone ID information.

Personal data used within the scope of information security processes are collected by the following methods:

  • Personal data provided by you physically or digitally are collected by automatic and non-automatic methods.
  • The collected personal data is stored in the physical environment, e-mail environment, company computers, servers, and backups.

Personal data collected within the scope of information security processes are processed for the following purposes:

  • Execution of Information Security Processes,
  • Execution of Access Authorities,
  • Execution and control of business activities,
  • Compliance with the employment agreement and information security policies,
  • Monitoring your internet usage by connecting to the company’s internet network,
  • Outsourcing for the solution of technical problems,
  • Ensuring the security of data controller operations,
  • Providing information to authorized persons, institutions, and organizations.

The personal data collected within the scope of information security processes are processed based on the following legal reasons:

  • Fulfillment of obligations arising from the law,
  • Legitimate interests of the data controller.
  1. USE OF AN E-MAIL SERVER

The personal data collected within the scope of e-mail server usage activities are as follows:

  • Name, surname,
  • E-mail address information.

The personal data used in e-mail server usage activities are collected by the following methods:

  • Personal data provided by you physically or digitally are collected automatically.
  • The collected personal data is kept in a physical environment, e-mail environment, company computers, servers, and backups.

The personal data collected within the scope of e-mail server usage activities are processed for the following purposes:

  • Conducting communication activities,
  • Conducting and monitoring business activities.

The personal data collected within the scope of e-mail server usage activities are processed based on the data controller’s legitimate interests.

  • The legitimate interest of the data controller.

The personal data collected within the scope of e-mail server usage activities may be shared with the following individuals or entities for the above-mentioned purposes:

  • Natural or legal persons.
  • Authorized public institutions and organizations.
  1. CONTACTING VIA E-MAIL, PHONE, ETC.

The personal data processed within the scope of communication activities are as follows:

  • Name, surname, title information,
  • Company-specific e-mail address information and telephone number information.

The personal data used in communication activities are collected by the following methods:

  • Data provided by you in physical or digital media are collected by automatic methods.
  • The collected personal data is kept in a physical environment, e-mail environment, company computers, servers, and backups.

The personal data processed within the scope of communication activities are collected based on the following legal reasons:

  • Performance of a contract,
  • Fulfillment of legal obligations,
  • Exercise of a right.

The personal data collected within the scope of communication activities are processed for the following purposes:

  • Conducting communication activities,
  • Conducting and monitoring business activities,
  • Conducting activities to ensure business continuity,
  • Conducting procurement processes of goods and services,
  • Providing information to authorized individuals, institutions, and organizations.

The personal data collected within the scope of communication activities may be shared with the following individuals for the purposes described above:

  • Real persons or private legal entities,
  • Authorized public institutions and organizations.
  1. COMPANY’S INVOICING ACTIVITIES INCLUDING RECEIVING AND ISSUING INVOICES

The personal data processed within the scope of the company’s invoicing activities for commercial operations are as follows:

  • Name, surname, ID number, or tax identification number records on invoices,
  • Address information, phone number, and e-mail address information.

The personal data used for the company’s invoicing activities for commercial operations are collected through the following methods:

  • The data provided physically or digitally by you is collected using non-automatic methods.
  • The collected personal data is kept in physical media, e-mail environment, company computers, servers, and backups.

The personal data processed within the scope of the company’s invoicing activities for commercial operations is collected for the following purposes:

  • As explicitly envisaged in the laws,
  • To exercise a right,
  • Performance of the contract.

 

The personal data collected for the company’s invoicing activities for commercial operations is processed for the following purposes:

  • To carry out activities in compliance with the legislation,
  • To carry out finance and accounting work,
  • To carry out communication activities,
  • To carry out inspections of business activities,
  • To carry out activities for ensuring business continuity,
  • To carry out sales processes of goods/services,
  • To carry out customer relationship processes,
  • To carry out contract processes,
  • To provide information to authorized individuals, institutions, and organizations.

The personal data collected within the scope of the company’s invoicing activities for commercial operations may be shared with the following persons for the purposes mentioned above:

  • Authorized public institutions and organizations such as judicial/administrative authorities,
  • Financial institutions,
  • Individuals or private legal entities,
  • Financial advisors,
  1. SUBMISSION OF PAYMENT ORDERS RELATED TO TRANSACTIONS THE COMPANY IS PARTY TO

The personal data processed within the scope of the submission of payment orders related to transactions the company is a party to are as follows;

  • Name, surname, identification number or tax identification number, and other records on payment orders,
  • Bank account and IBAN information.

The personal data used in the submission of payment orders related to transactions the company is party to are collected by the following methods;

  • Data provided by you in physical or digital format is collected through non-automatic methods.
  • The collected personal data is kept in physical environments, email environments, company computers, servers, and backups.

The personal data processed within the scope of the submission of payment orders related to transactions the company is a party to are collected based on the following legal grounds;

  • Explicitly provided for in the laws,
  • Use of a right,
  • Performance of the contract.

The personal data processed within the scope of the submission of payment orders related to transactions the company is a party to are processed for the following purposes;

  • Conducting information security processes,
  • Conducting activities in compliance with the legislation,
  • Conducting and controlling business activities,
  • Ensuring business continuity,
  • Conducting product/service sales processes,
  • Conducting contract processes,
  • Providing information to authorized persons, institutions, and organizations.

The personal data collected within the scope of the activities of giving payment orders regarding the transactions the company is a party to may be shared with the following individuals for the purposes stated above;

  • Authorized public institutions and organizations such as judicial/administrative authorities,
  • Lawyers,
  • Financial institutions,
  • Real persons or private legal entities,
  • Financial advisors,
  1. CONCLUSION OF CONTRACTS

The personal data processed within the scope of the activities of concluding contracts are as follows;

  • Name, surname, ID number,
  • Tax office and tax number information,
  • Address information, telephone number, e-mail address, fax information.

The personal data used in the activities of concluding contracts are collected by the following methods:

  • The data provided by you in physical or digital format is collected by non-automatic methods.
  • The collected personal data is stored in the physical environment, e-mail environment, company computers, servers, and backups.

The personal data processed within the scope of the activities of concluding contracts are collected based on the following legal reasons:

  • Explicitly provided in the laws,
  • Use of a right,
  • Performance of the contract.

The personal data collected within the scope of the activities of concluding contracts are processed for the following purposes;

  • Conducting financial and accounting affairs,
  • Conducting communication activities,
  • Conducting business activities/auditing,
  • Conducting business continuity activities.
  • The execution of sales processes for goods/services,
  • The execution of procurement processes for goods and services,
  • The execution of contract processes,
  • Ensuring the security of data controller operations,
  • Providing information to authorized persons, institutions, and organizations.

Personal data collected within the scope of contract execution activities may be shared with the following parties for the purposes stated above:

  • Courts,
  • Lawyers,
  • Financial institutions,
  • Individuals or private legal entities,
  • Financial advisors,
  • Shareholders,
  • Authorized public institutions and organizations.
  1. PRESERVATION OF GUARANTEE DOCUMENTS SUCH AS “CHEQUE, PROMISSORY NOTE, LETTER OF GUARANTEE”

The personal data processed within the scope of guarantee document preservation activities, such as “cheque, promissory note, letter of guarantee,” are as follows:

  • Name, surname, ID number or tax ID number, tax office information.

Personal data used in the preservation of guarantee documents, such as “cheque, promissory note, letter of guarantee,” are collected through the following methods:

  • Data provided by you in physical or digital form is collected through non-automated methods.
  • The collected personal data is kept in physical form, e-mail environment, company computers, servers, and backups.

The personal data processed within the scope of guarantee document preservation activities, such as “cheque, promissory note, letter of guarantee,” are collected based on the following legal grounds:

  • Explicitly provided for in laws,
  • Use of a right,
  • Performance of a contract.

Personal data collected within the scope of activities related to the preservation of security documents such as “checks, promissory notes, and guarantee letters” are processed for the following purposes:

  • Execution of financial and accounting affairs,
  • Execution/control of business activities,
  • Execution of business continuity activities,
  • Execution of sales processes for goods/services,
  • Execution of contract processes,
  • Ensuring the security of data controller operations.

Data collected within the scope of activities related to the preservation of security documents such as “checks, promissory notes, and guarantee letters” may be shared with the following individuals/entities for the purposes described above:

  • Authorized public institutions and organizations such as judicial/administrative authorities,
  • Lawyers,
  • Financial institutions,
  • Natural persons or private legal entities,
  • Financial advisors,
  1. CONDUCTING OFFICIAL AND PRIVATE CORRESPONDENCE.

The personal data processed within the scope of activities related to the conduct of official and private correspondences are:

  • Name, surname, title information,
  • Contact information.

Personal data used within the scope of activities related to the conduct of official and private correspondences are collected by the following methods:

  • Data provided by you is collected by non-automated methods.
  • Collected personal data are kept in physical environments, e-mail environments, company computers, servers, and backups.

Personal data processed within the scope of activities related to the conduct of official and private correspondences are collected based on the following legal reasons:

  • Exercise of a right,
  • Fulfillment of legal obligations.
  • Being explicitly stipulated in the laws,
  • Performance of the contract.

The personal data collected within the scope of official and private correspondence activities are processed for the following purposes:

  • Conducting/auditing business activities,
  • Following up on requests and complaints,
  • Providing information to authorized individuals, institutions, and organizations.

The personal data collected within the scope of official and private correspondence activities may be shared with the following individuals/entities for the purposes described above:

  • Real persons or private legal entities,
  • Business partners,
  • Authorized public institutions and organizations.

In accordance with Article 11 of the Law, as the data subject, you have the right to apply to our company as the Data Controller regarding your rights listed below:

  • To learn whether your data is being processed or not,
  • To request information if your data has been processed,
  • To learn the purpose of the processing of your data and whether they are being used for this purpose,
  • To know the third parties to whom your data have been transferred domestically or abroad,
  • To request the correction of your data in case they are incomplete or incorrect and to request that the third parties to whom your data have been transferred be notified of such correction,
  • To request the erasure or destruction of your data if the reasons requiring their processing have ceased to exist, even though they have been processed in accordance with the Law and other relevant laws, and to request that the third parties to whom your data have been transferred be notified of such erasure or destruction,
  • To object to any negative outcome resulting from the analysis of your processed data solely through automatic systems,
  • To demand compensation in case you suffer damage due to the unlawful processing of your data.

You can submit your applications regarding the aforementioned rights to the Human Resources Department of Faydalı Yazılım in person at our company address, which is “KVK Plaza Bayar Cad. Gülbahar Sk. No:14 Kozyatağı İSTANBUL,” in accordance with the “Communiqué on the Procedures and Principles of Application to the Data Controller,” in written and signed form, by sending them through a notary or by sending them to the email address ……………………..

 

Respectfully,

FAYDALI YAZILIM İŞLERİ A.Ş.

 

 

DATE                       :

RECIPIENT            :

SIGNATURE          :