This clarification text has been prepared by Eliz Yazılım as a data controller within the scope of the Communiqué on the Procedures and Principles to be Complied with in Fulfilling the Obligation to Lighting with Article 10 of the Law on the Protection of Personal Data No. 6698 (“Law”). 1.Data Controller
Personal data is processed in the categories of Employees, Candidates for Employees, Owners, Trainees, Supplier Employees, Supplier Officials, Persons Receiving Products or Services, and Visitors in the categories notified to the verbis system, taking into account the privacy issues. Pursuant to the law, the scope of processing by Eliz Yazılım as data controller is explained with this disclosure text (“Clarification Text”). 2.What is the Collection Method and Legal Reason of Personal Data?
Personal data, including health information, are obtained from the person concerned, from the systems that can detect location, and from the authority of the company where the supplier employees work, fully or partially automatically or non-automatically, provided that they are part of any data recording system. . Personal data can be processed in accordance with the basic principles stipulated by the Law, within the scope of the personal data processing conditions and purposes specified in Articles 5 and 6 of the Law, with natural and legal persons specified in this Clarification Text, in the country and abroad for the following purposes; and can be transferred.
3.What are the Circumstances in which the Data Controller can Process Personal Data without Explicit Consent in accordance with the Law?
Pursuant to Article 5 of the Law, Eliz Yazılım may process the personal data it has received in accordance with the law without seeking explicit consent in the following cases:
- In cases where it is expressly stipulated in the laws,
- If the Personal Data Owner is unable to express his consent due to actual impossibility, or in cases where the consent is not legally valid, it is necessary to process personal data in order to protect the life or physical integrity of the Personal Data Owner or someone else,
- It is necessary to process the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract concluded between Eliz Yazılım and the Personal Data Owner,
- It is mandatory for Eliz Yazılım to fulfill a legal obligation,
- The personal data has been made public by the Personal Data Owner,
- Data processing is mandatory for the establishment, exercise or protection of a right,
- Data processing is mandatory for the legitimate interests of Eliz Yazılım, provided that it does not harm fundamental rights and freedoms. In addition, in accordance with Article 6 of the Law, Eliz Yazılım may process the sensitive personal data it has received in accordance with the law without seeking explicit consent in the following cases:
- Data on people's race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, clothing, membership to associations, foundations or unions, health, sexual life, criminal convictions and security measures, and biometric and genetic data are privately owned. qualified personal data.
- Special categories of personal data other than the health and sexual life of the personal data owner, if prescribed by law,
- The personal data of the personal data owner regarding his health and sexual life are only for the purposes of protection of public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing, or persons or authorized institutions under the obligation of confidentiality. be by organizations.
4.What are the Purposes of Processing Personal Data?
Personal data;
- Execution of Employee Candidates and Internship Application Processes
- Fulfillment of Employment and Legislation Obligations for Employees
- Execution of Benefits and Benefits Processes for Employees
- Execution of Training Activities
- Execution of Access Authorizations
- Execution of Activities in Compliance with the Legislation
- Execution of Finance and Accounting Affairs
- Ensuring Physical Space Security
- Execution of Assignment Processes
- Follow-up and Execution of Legal Affairs
- Execution of Communication Activities
- Planning of Human Resources Processes
- Execution / Supervision of Business Activities
- Execution of Occupational Health / Safety Activities
- Execution of Occupational Health / Safety Activities
- Execution of Service Procurement Processes
- Execution of After-Sales Support Services
- Execution of Service Sales Processes
- Execution of Performance Evaluation Processes
- Execution of Contract Processes
- Execution of Wage Policy
- Providing Information to Authorized Persons, Institutions and Organizations
- Creating and Tracking Visitor Records
5.To Whom Personal Data Is Transferred For What Purpose?
Collected personal data, in accordance with the basic principles stipulated by the Law and the personal data transfer conditions specified in Articles 8 and 9 of the Law, and for the purposes listed below, to legally authorized public institutions and organizations, Real persons or private law legal entities, Eliz Yazılım It can be transferred to companies/organizations that will establish a business contract with Eliz Yazılım and their business partners, suppliers and service providers.
- Follow-up and Execution of Legal Affairs
- Obtaining permissions and Execution of Assignment Processes for the personnel to work in the field
- Notification of Subscription Initiation and Payment of Bills
- Ensuring Physical Space Security,
- Providing Information to Authorized Persons, Institutions and Organizations
- Telephone Line Supply
- Providing Access Authorizations to Business Partners' Software
- Meeting Tender Entry Requests
- Fulfillment of Legal Obligation
- Realization of SSI Notifications
- Performing Card Printing
- Opening Corporate User Accounts
- Making Personnel Salary Payments
- Execution of Contract Processes
- Keeping the trainee attendance record
- E-Prescription creation after diagnosis
by Eliz Yazılım; To foreign countries declared to have sufficient protection by the KVK Board (“Foreign Country with Sufficient Protection”) or, in the absence of sufficient protection, to foreign countries where the data controllers in Turkey and the relevant foreign country undertake an adequate protection in writing and for which the permission of the KVK Board is available. Personal data can be transferred to countries (“Foreign Country With A Data Controller Undertaking Adequate Protection”).
6.What are the Rights of the Personal Data Owner?
Within the framework of Article 11 of the Law, the Personal Data Owner always applies to the data controller and;
- Learning whether personal data is processed or not,
- If personal data has been processed, requesting information about it,
- To learn the purpose of processing personal data and whether they are used in accordance with their purpose,
- Knowing the third parties to whom personal data is transferred in the country or abroad,
- Requesting correction of personal data in case of incomplete or incorrect processing,
- Requesting the deletion or destruction of personal data in case the reasons requiring the processing of personal data disappear, in order to be evaluated within the principles of purpose, duration and legitimacy, Requesting the deletion or destruction of personal data,
- Requesting the deletion, destruction or anonymization of personal data in case the reasons requiring processing disappear, although it has been processed in accordance with the Law on the Protection of Personal Data No. 6698 and other relevant law provisions.
- Requesting notification of the transactions regarding the correction, deletion or destruction of personal data to the third parties to whom the personal data has been transferred,
- Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,
- Requesting the compensation of the damage in case of loss due to unlawful processing of personal data has rights.
7.How Does the Personal Data Owner Use Their Rights?
Pursuant to Article 11 of the Law, the Personal Data Owner must fill in the application form completely and submit it to Eliz Yazılım through the channels specified in the form in order to use the above-mentioned rights.
8.How Long Will Personal Data Be Processed?
In accordance with the Law, when the personal data processed for the purposes specified in this Clarification Text ceases to be processed in accordance with Article7 of the Law and/or when the statute of limitations for the processing of data as Eliz Yazılım expires in accordance with the legislation, Eliz Yazılım will be deleted, destroyed or anonymized and will continue to be used. According to the nature of the request, it will conclude the request free of charge as soon as possible and within thirty (30) days at the latest. However, if the transaction requires an additional cost, Eliz Yazılım reserves the right to charge the fee in the tariff determined by the Personal Data Protection Board.