PDPL
Policy on Protection and Processing of Personal Data
1. PURPOSE
In accordance with Law No. 6698 on the Protection of Personal Data (“Law”), which aims to protect fundamental rights and freedoms and privacy of private life, EPS Teknoloji Elektronik Makine Tekstil San. ve Tic. Ltd. Åžti (“EPS Teknology” or “company”) ensures the processing of your personal data in accordance with the principles set out in the legislation.
2. SCOPE
As EPS Teknoloji, we protect and process your personal data in accordance with the general principles regarding the processing of personal data specified in Article 4 of the Law. Your personal data are processed under the conditions specified in Article 5 of the relevant law.
PROCESSED PERSONAL DATA
-
Contact Information : Name, surname, email address, phone number
-
Identity Information : Turkish ID number, passport number, tax number, signature information
-
Commercial Information : Data collected from users, customers, and suppliers, such as invoice information and contract details. These processed data are used for customer support services and fulfillment of legal obligations.
PURPOSE OF PROCESSING PERSONAL DATA
Processed Data and Purposes of Processing
-
Contact Information : Ensuring effective communication with users, support services, feedback, and updates
-
Identity Information : Identity verification, legal responsibilities
-
Commercial Information : Invoice, payment, contract details, accounting processes
CONDITIONS UNDER WHICH WE PROCESS PERSONAL DATA
The processing of personal data is based on specific legal reasons set forth in Article 5 of the Law on Protection of Personal Data No. 6698. These legal bases regulate the processing and conditions of personal data. Your personal data may be processed if at least one of the conditions in Article 5 of the Law is met.
LEGAL METHODS AND REASONS FOR COLLECTING PERSONAL DATA
Your personal data are collected and processed when you establish a relationship with our company and during the continuation of this relationship, based on reasons such as the establishment or performance of a contract, legal obligations, the establishment of rights, and legitimate interests. These data are collected through websites, contracts, emails, phones, or application forms and processed in accordance with the Law. The data processing process takes place in physical, written, or electronic environments.
RIGHTS OF THE DATA SUBJECT
Pursuant to Article 11 of the Law No. 6698, the data subject has the following rights;
ARTICLE 11- (1) Everyone, by applying to the data controller, has the right to:
a) Learn whether personal data is processed or not,
b) Request information if personal data has been processed,
c) Learn the purpose of the processing of personal data and whether they are used in accordance with its purpose,
d) Know the third parties to whom personal data are transferred domestically or abroad,
e) Request the rectification of incomplete or inaccurate data, if any,
f) Request the deletion or destruction of personal data under the conditions stipulated in Article 7,
g) Request notification of the operations carried out pursuant to sub-paragraphs (e) and (f) to third parties to whom personal data have been transferred,
h) Object to the processing, exclusively by automated means, of personal data, which leads to an unfavorable consequence for the data subject,
i) Request compensation for the damage arising from the unlawful processing of personal data.
TRANSFER AND STORAGE PERIODS OF DATA
The company may transfer personal data to third parties under limited purposes and specific conditions in accordance with the law. The transferred persons include natural persons, business partners, shareholders, suppliers, service providers, and public institutions as per the content of the contract. This transfer will be carried out in accordance with Articles 8 and 9 of the Law. As EPS Teknoloji, we store your personal data in accordance with the law for the periods specified below.
Personal Data Regarding Customers : 3 years pursuant to Law No. 6563 and relevant legislation, 10 years after the termination of the legal relationship.
Personal Data Regarding Suppliers : 10 years after the termination of the legal relationship.
Traffic Information Processed During Use of Company Internet Network, Internet Access, and Remote Connection : 2 years.
Hardware and Software Access Processes : 2 years.
Contracts : 10 years after the termination of the contract.
Personal Data Regarding Tax Records : 5 years.
Communication Activities of the Institution : 10 years after the end of the activity.
Camera Recordings : 2 years.
Personal Data Stored Under Labor Law : 5 years after the termination of the employment relationship.
Personal Data in the Personnel File Stored Under Labor Law : 10 years after the termination of the employment relationship.
Personal Data That May Be Subject to Union Compensation Stored Under Labor Law : 10 years after the termination of the employment relationship.
Personal Data Collected Under Occupational Health and Safety Legislation : 15 years after the termination of the employment relationship.
Personal Data Under Social Security Law : 10 years after the termination of the employment relationship.
Responses to Court/Execution Information Requests Related to the Employee Under Labor Law : 10 years after the termination of the employment relationship.
Job/Internship Application Data : 1 year if the application is not accepted.
Commercial Books and Personal Data Processed Under Company Activities : 10 years.
Personal Data Processed in Contractual Relationships : 10 years after the termination of the contract.
All Records Related to Accounting and Financial Transactions : 10 years.
Personal Data Processed for Security Purposes by CCTV Cameras : 90 days.
DELETION, DESTRUCTION, AND ANONYMIZATION OF DATA
Your personal data may be stored for specific periods due to legal obligations. For detailed information about the relevant regulations, you can visit the official KVKK page. ​
​
-
Deletion : In this process, the data is usually deleted irretrievably and made inaccessible. The aim is to ensure that the data is no longer used and to protect personal information.
-
Destruction : Destruction means the complete physical or digital elimination of the data.
-
Anonymization : Through this process, your data is made non-personally identifiable, and the identity of the person cannot be determined from these data.
MEASURES REGARDING YOUR DATA
To ensure data security, EPS Teknoloji takes physical and systemic security measures. These measures are enhanced by personnel awareness to increase effectiveness. Personal data are processed under the conditions specified by law.
CONTACT US
In accordance with Articles 11 and 13 of the Law, to exercise your rights regarding the processing of your personal data, you need to prepare a petition in accordance with the conditions specified in the ‘Communiqué on the Procedures and Principles of Application to the Data Controller’. You can send your request prepared in accordance with the specified conditions to the email address info@epsteknoloji.com with the subject “KVKK EPS REQUEST” or to our Kep address epsteknolojielektronik@hs01.kep.tr. Your requests will be evaluated within the legally determined period. In case of a need for additional information during the request evaluation process, you may be contacted to finalize your request/application.
ENFORCEMENT
This data policy enters into force on the date it is published and remains valid until it is removed from the website. Publication date: 23.07.2024