Steel Construction

Machine Construction

Silo Bunker Storage Systems

Roof Facade Systems

Personal Data Protection Law

PDPL Text

1- Related persons

Customers

DATA CATEGORIES

1.1.1- Identity Information

Processed Personal Data:

Name - Surname, Date of Birth, Gender, Turkish Identity Number

Personal Data Processing Purposes:

Carrying out financial and accounting affairs, communication activities, company / product / services loyalty processes and activities in accordance with the legislation; follow-up of legal affairs and business continuity activities; carrying out goods / services sales and after-sales support services and processes; carrying out customer relationship management processes and activities for customer satisfaction; execution of advertising, campaign and promotion processes; execution of storage and archive activities; execution of contract and membership processes; follow-up of requests and complaints; planning and execution of commercial and / or business strategies; carrying out the necessary work to benefit from the products and services offered and carrying out the relevant business processes; providing information to authorised persons, institutions and organisations.

Legal Reasons for Personal Data Processing

Your personal data within this scope are processed by the Company in order to fulfil the above-mentioned purposes as specified in the relevant legislation and Article 5 of the PDPL: Provided that it is clearly stipulated in the laws, provided that it is directly related to the establishment or performance of a contract, it is necessary to process personal data belonging to the parties to the contract, it is mandatory for the data controller to fulfil its legal obligation and it is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the person concerned. For cases that do not fall within the scope of the above purposes, your personal data are processed based on your explicit consent specified in the Consent Text.

Methods of Collection of Personal Data:

The above-mentioned personal data are collected through the membership forms on our website, the fields on the My Account page that can be filled in depending on your preference, your requests and applications, contracts, campaigns and third party authentication systems (e.g. Google Login, Facebook Login, etc.).

1.1.2- Contact Information

Processed Personal Data:

E-Mail Address, Billing & Delivery Addresses, Mobile Phone Number

Personal Data Processing Purposes:

Carrying out financial and accounting affairs, communication activities, company / product / services loyalty processes and activities in accordance with the legislation; follow-up of legal affairs and business continuity activities; carrying out goods / services sales and after-sales support services and processes; carrying out customer relationship management processes and activities for customer satisfaction; execution of advertising, campaign and promotion processes; execution of storage and archive activities; execution of contract and membership processes; follow-up of requests and complaints; planning and execution of commercial and / or business strategies; carrying out the necessary work to benefit from the products and services offered and carrying out the relevant business processes; providing information to authorised persons, institutions and organisations.

Legal Reasons for Personal Data Processing

Your personal data within this scope are processed by the Company in order to fulfil the above-mentioned purposes as specified in the relevant legislation and Article 5 of the PDPL: Provided that it is clearly stipulated in the laws, provided that it is directly related to the establishment or performance of a contract, it is necessary to process personal data belonging to the parties to the contract, it is mandatory for the data controller to fulfil its legal obligation and it is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the person concerned. For cases that do not fall within the scope of the above purposes, your personal data are processed based on your explicit consent specified in the Consent Text.

Methods of Collection of Personal Data:

The above-mentioned personal data are collected through the membership forms on our website, the fields on the My Account page that can be filled in depending on your preference, your requests and applications, contracts, campaigns and third party authentication systems (e.g. Google Login, Facebook Login, etc.).

1.1.3- Legal Transaction Information

Processed Personal Data:

In case of dispute, information in the case file, dunning notices, information in correspondence with judicial and administrative authorities

Personal Data Processing Purposes:

Follow-up and execution of legal affairs; execution and supervision of business activities; providing information to authorised persons, institutions and organisations; execution of activities in accordance with the legislation; execution of storage and archive activities; execution of risk management processes; execution of contract processes; follow-up of requests/complaints; ensuring the security of data controller operations

Legal Reasons for Personal Data Processing:

 

Your personal data within this scope may be processed by the Company in order to fulfil the above-mentioned purposes as specified in the relevant legislation and Article 5 of the PDPL: It is mandatory for the data controller to fulfil its legal obligation, data processing is mandatory for the establishment, exercise or protection of a right, and data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.

 

Methods of Collection of Personal Data:

 

The personal data mentioned above are collected through official letters from judicial and administrative authorities and other printed / electronic documents.

 

1.1.4- Customer Transaction Information

 

Processed Personal Data:

 

Invoice Information, Request Information, Order Information, Customer Comments

 

Personal Data Processing Purposes:

 

Carrying out supply chain management processes; carrying out and auditing business activities; providing information to authorised persons, institutions and organisations; carrying out activities in accordance with the legislation; carrying out financial and accounting affairs; carrying out storage and archive activities; carrying out contract processes; carrying out goods / service sales processes; carrying out goods / service after-sales support services; carrying out customer relationship management processes; carrying out activities for customer satisfaction; carrying out marketing analysis studies; carrying out advertising, campaign and promotion processes; following up requests / complaints, carrying out marketing processes of products / services

 

Legal Grounds for Processing Personal Data

 

Your personal data within this scope are processed by the Company in order to fulfil the above-mentioned purposes as specified in the relevant legislation and Article 5 of the PDPL: Provided that it is clearly stipulated in the laws, provided that it is directly related to the establishment or performance of a contract, it is necessary to process personal data belonging to the parties to the contract, it is mandatory for the data controller to fulfil its legal obligation and it is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the person concerned. For cases that do not fall within the scope of the above purposes, your personal data are processed based on your explicit consent specified in the Consent Text.

 

Methods of Collection of Personal Data:

 

The personal data mentioned above are collected through printed/electronic forms, call centre records, e-mails and SAP programs.

 

1.1.5- Transaction Security Information

 

Processed Personal Data:

 

IP Address Information, Website Login Exit Information, User Name Information, Traffic Data (Connection Time / Duration etc.)

 

Personal Data Processing Purposes:

 

Conducting information security processes; conducting audit / ethical activities; conducting and auditing business activities; conducting storage and archive activities; ensuring the security of data controller operations; providing information to authorised persons, institutions and organisations; conducting activities in accordance with the legislation; follow-up and execution of legal affairs; conducting goods / service sales processes; follow-up of requests / complaints

 

Legal Reasons for Personal Data Processing:

 

Your personal data within this scope may be processed by the Company in order to fulfil the above-mentioned purposes as specified in the relevant legislation and Article 5 of the PDPL: It is processed on the basis of the legal reasons that data processing is mandatory for the legitimate interests of the data controller, provided that it is clearly stipulated in the laws, it is mandatory for the data controller to fulfil its legal obligation and it does not harm the fundamental rights and freedoms of the person concerned. For cases that do not fall within the scope of the above purposes, your personal data are processed based on your explicit consent specified in the Consent Text.

 

Methods of Collection of Personal Data:

 

The personal data mentioned above are collected through information security systems and electronic devices.

 

1.1.6- Finance Information

 

Processed Personal Data:

 

Encrypted Credit Card Information, Bank Account / IBAN Number Information

 

Personal Data Processing Purposes:

 

Execution of activities in accordance with the legislation; follow-up and execution of legal affairs; execution of financial and accounting affairs; execution of return processes; execution and supervision of business activities; execution of goods / service sales processes; execution of storage and archive activities; execution of risk management processes; execution of contract processes; providing information to authorised persons, institutions and organisations

 

Legal Grounds for Processing Personal Data

 

Your personal data within this scope are processed by the Company on the basis of the legal reasons specified in the relevant legislation and Article 5 of the PDPL for the realisation of the above-mentioned purposes; provided that it is directly related to the establishment or performance of a contract, it is necessary to process personal data belonging to the parties to the contract and it is mandatory for the data controller to fulfil its legal obligation.

 

Methods of Collection of Personal Data:

 

The above-mentioned personal data are collected through printed and electronic forms, e-mails and requests and messages on the website.

 

1.1.7- Location Information

 

Processed Personal Data: Location Information

 

Personal Data Processing Purposes:

 

Carrying out customer relationship management processes; carrying out marketing analysis studies; carrying out advertising / campaign / promotion processes; carrying out activities for customer satisfaction; carrying out marketing processes of products / services; carrying out sales processes of goods / services; carrying out production and operation processes of goods / services

 

Legal Reasons for Personal Data Processing:

 

Your personal data within this scope is processed by the Company on the basis of the relevant legislation for the realisation of the above-mentioned purposes and on the basis of the Explicit Consent legal reason specified in Article 5 of the PDPL, the details of which can be found in the Consent Text.

 

Methods of Collection of Personal Data:

 

The above-mentioned personal data are collected according to your preference in the internet browser you use and our Company's mobile application.

 

TRANSFER OF PERSONAL DATA

 

Personal data belonging to the customers are transferred to our subsidiaries and affiliates limited to the above-mentioned purposes and to the extent necessary to fulfil the relevant purpose only by complying with the rules in Article 8 titled ‘Transfer of Personal Data’ and/or Article 9 titled ‘Transfer of Personal Data Abroad’ of the PDPL. By complying with the rules in Article 8 titled ‘Transfer of Personal Data’ and/or Article 9 titled ‘Transfer of Personal Data Abroad’ of the PDPL and taking the necessary technical and administrative measures, only to the extent necessary for the realisation of the relevant purpose; to our subsidiaries and affiliates limited to the above-mentioned purposes, in accordance with the legislation within the scope of the contracts between us for the above-mentioned purposes (for the shipment of the product), the seller of the purchased product, (for the delivery of the product) cargo companies, (for the delivery of the product) banks (to receive the payment for the product) and (for delivery, etc.). to our business partners and our suppliers and product authorised services (for after-sales services when necessary), to the persons and official institutions authorised by legal regulations and legislation in order to fulfil our legal obligations, and can be recorded in our programs and / or systems provided / made available to our use by our infrastructure suppliers in the field of technology. 

 

2- Storage of Personal Data, Your Rights and Application 

 

2.1- Storage and Destruction

 

Our Company has established a Storage and Destruction Policy for the storage and deletion of personal data. Storage and destruction procedures regarding your personal data are carried out within the scope of this policy. Accordingly, if a period of time is specified for the storage of data in the PDPL or in the relevant laws and other relevant legislation, the data in question must be kept for at least this period.

 

Considering the possibilities such as the late receipt of a possible court request or the request of an administrative authority authorised by law regarding the relevant data or the occurrence of a dispute to which we may be a party, the retention period of the data is determined by adding a period of 6 months to 1 year to the periods stipulated in the legislation for the storage of your data, and at the end of the specified period, the data in question are deleted, destroyed or anonymised.

 

If the legislation does not stipulate a period of time for the storage period of the data we process, your data is deleted, destroyed or anonymised without any need for your request after the expiration of the 10-year statute of limitations from the termination of our legal relationship, taking into account possible disputes as required by the relationship between us.

 

If all the conditions for processing personal data have disappeared or the retention period declared by us or determined within the scope of the legislation has expired, your data will be deleted, destroyed or anonymised ex officio on the first periodic destruction date or within 6 months at the latest. If you request the deletion of your data for a valid reason, your data will be deleted within 30 days at the latest to the extent legally possible. If you request the deletion or destruction of your data, the retention period of which is determined in the legislation, before the prescribed periods, your request in question will not be fulfilled.

 

2.2- Your Rights

 

Regarding your personal data within the scope of PDPL and related legislation;

 

- To learn whether your personal data is being processed,

 

- To request information if your personal data has been processed,

 

- To learn the purpose of processing personal data and whether they are used in accordance with their purpose,

 

- To know the third parties to whom your personal data are transferred,

 

- To request correction of your personal data in case of incomplete or incorrect processing,

 

- To request the deletion or destruction of your personal data within the framework of the conditions stipulated in the PDPL legislation,

 

- When you request the correction of incomplete or incorrect data and the deletion or destruction of your personal data, to request that this situation be notified to third parties to whom we transfer your personal data,

 

- Object to the occurrence of a result to the detriment of the person himself/herself by analysing the processed data exclusively through automated systems and

 

- If you suffer damage due to unlawful processing of personal data, you have the right to demand compensation for this damage.

 

2.3- Application

 

Your applications and requests regarding your personal data:

 

- By sending a petition with a wet signed petition and a copy of your ID to our company head office address,

 

- By applying to our Company in person with a valid identity document,

 

- You can send it to our registered e-mail address by using a registered e-mail address (KEP) address and secure electronic signature or mobile signature, or by sending it to our e-mail address previously notified to our Company and registered in our system.

 

Pursuant to the Communiqué on the Procedures and Principles of Application to the Data Controller, it is obligatory to include the name - surname, signature if the application is in writing, T.R. identification number (passport number if the applicant is a foreigner), residential or workplace address for notification, e-mail address for notification, telephone number and fax number, and information on the subject of the request.

 

The data subject must clearly and comprehensibly state the matter requested in the application to be made to exercise the rights mentioned above and containing explanations regarding the right he/she requests to exercise. Information and documents related to the application must be attached to the application.

 

Although the subject of the request must be related to the applicant's person, if acting on behalf of someone else, the applicant must be specially authorised in this regard and this authorisation must be documented (special power of attorney). In addition, the application must contain identity and address information and documents confirming the identity must be attached to the application.

 

Requests made by unauthorised third parties on behalf of someone else will not be evaluated.

 

Your requests for your rights regarding your personal data are evaluated and answered within 30 days at the latest from the date of receipt by our Company. In the event that your application is evaluated negatively, the reasons for the reasoned rejection will be sent to the address you specified in the application by e-mail or postal mail.