Internative Yazılım Anonim Şirketi attaches importance to the privacy and security of the personal data you share with us; We show maximum sensitivity to the principle of protecting fundamental rights and freedoms guaranteed by the Constitution, in particular, the privacy of private life. Accordingly, by the disclosure obligation we have within the scope of the Personal Data Protection Law No. 6698, which entered into force with the Official Gazette dated 21.02.2022, we kindly submit the following matters for your information.
1. What are the Definitions of Technical Terms in the Clarification Text?
Explicit Consent: It means consent based on the information and declared with free will on a specific subject.
Anonymous Rendering: It means making personal data unrelated to a specific or identifiable natural person under any circumstances, even by matching it with other data.
Related Person: This means the real person whose personal data is processed.
Law: Personal Data Protection Law No. 6698, which entered into force with the Official Gazette dated 07.04.2016
Personal Data: This means all kinds of information regarding an identified or identifiable natural person.
Processing of Personal Data: Obtaining, recording, storing, preserving, changing, reorganizing, disclosing, transferring, taking over, making available through fully or partially automatic means of personal data or non-automatic means provided that it is a part of any data recording system, means any process performed on data such as classification or prevention of use.
Boardmeans the Personal Data Protection Board.
Institution means Personal Data Protection Authority.
Data Processor: It means the natural or legal person who processes personal data on behalf of the data controller based on the authority given by him.
Data Recording System: It means the recording system in which personal data are structured and processed according to specific criteria.
Data Supervisor: It means the natural or legal person who determines the purposes and means of processing personal data and is responsible for establishing and managing the data recording system.
2. Who is the Data Controller?
Data Supervisor for all kinds of personal data you share during the registration phase of the website via www.holacon.com and Holacon application; its head office address is Merdivenköy Mahallesi, Yumurtacı Abdibey Cd. Dikyol Sk. Business İstanbul, No:2 B Blok Kat:14 D:141-142 Kadıköy / İstanbul, 34732, TR, registered in the Istanbul Trade Registry with the number 107998-5 Internative Yazılım Anonim Şirketi
3. For What Purposes Do We Process Your Personal Data?
Identity information, contact information, customer information, customer transaction information, transaction security information, and legal transaction from parties such as website and/or application users, customers, employees, potential customers, potential employees, potential users, business partners and suppliers by our Company. Personal data can be collected in categories such as compliance information and marketing sales information.
Personal data processed through www.holacon.com and the Holacon application are name, surname, e-mail address, password and transaction security in online payment transactions. If the relevant Person chooses, it is also possible to subscribe to the person's social media accounts. In this case, the user name of the relevant person's social account is also processed.
We would like to state that we do not have access to the password and other confidential information of the relevant social media account.
Collected Personal Data is processed for the following purposes.
Performing membership procedures to the site and/or application and ensuring that members have access to all kinds of information, documents, participation, transportation, accommodation and other features shared by the organization that carried out the organization,
To provide you with special advertisements, campaigns, advantages and other benefits for sales, promotion and marketing activities to increase the quality of services and products, information processing requirements, and the necessity of support services, providing you with the necessary information regarding these services and products, measuring customer satisfaction, complaint management, to get your opinions and suggestions about new services and products, and to contact and inform members when other necessary,
Increasing the service quality and making the best use of the services provided by the relevant Person via the website and the application, detecting system errors and monitoring performance, improving the system operation, providing maintenance and support services and backup services,
If the online payment option is used, the payment transaction
Carrying out their activities by the relevant legislation,
Carrying out company activities by the Law and relevant legislation,
Carrying out the financial and accounting affairs of the Company,
Following and carrying out the legal affairs of the Company,
Conducting and auditing the business activities of the Company,
Carrying out storage and archive activities of the Company,
Carrying out the Company's strategic planning and R&D activities,
Conducting the Company's investment processes,
Carrying out the Company's management activities
4. What Legal Reasons Do We Rely On While Processing Your Personal Data?
While processing your personal data, the provisions of the Constitution regarding fundamental rights and freedoms, Personal Data Protection Law No.6698 and related regulations and communiqués, Board decisions, Regulation on Procedures and Principles Regarding the Regulation of Publications Made on the Internet No.26716 and other relevant legislation and case law we take.
However, the Company obeys the following principles adopted in the Law with great importance and meticulousness:
- Personal data processing activities comply with the Law and good faith,
- Ensuring that personal data are accurate and, when necessary, up-to-date,
- Processing personal data for specific, clear and legitimate purposes,
- Being connected, limited and measured for processing,
- Keeping for the period stipulated in the relevant legislation or required for the purpose they are processed.
5. How Long Do We Keep Your Personal Data?
BMK Software and Digital Solutions Consultancy Ltd. Şti. Care is taken to keep the Personal Data subject to this Clarification Text for the period stipulated in the relevant legislation or for the period required for the purpose for which they are processed. In this context, it first determines whether a period is stipulated for the storage of personal data in the relevant legislation, if a period is specified, it acts by this period, if a period is not specified, it stores the personal data for the period required for processing.
Personal data are deleted, destroyed or anonymized in the event of the expiration of the period of the disappearance of the reasons for processing.
6. By Which Ways Do We Collect Your Personal Data?
Your Personal Data can be collected verbally, in writing or electronically through our website, social media channels, parties with whom we have a business relationship and/or receive services that complement our activities, contracted organizations and other similar channels, either automatically or non-automatically. Your personal data is stored in electronic and/or physical environments. To prevent your personal data provided and stored by our Company from being exposed to unauthorized access, manipulation, loss and damage, all technical measures are foreseen and required in the relevant legislation are taken and security improvements are implemented.
7. To Whom Can We Transfer Your Personal Data?
Your Personal Data, within the framework of the purposes stated in Article 3,
- Company shareholders, employees, business partners,
- Persons or third parties from whom the Company receives services related to its commercial activities, legal, financial and tax consultants, auditors, consultants, organizations or persons
- It can be transferred to regulatory and supervisory institutions and to public institutions or organizations that are expressly authorized to request personal data.
If the transfer abroad of your Personal Data, Law 9 is required to have adequate protection in foreign countries will be transferred to the personal data under Article, in case of the absence of adequate protection of the person concerned without the explicit consent is received, undertake adequate protection of those responsible for the data and in the relevant foreign country, Turkey as written and the permission of the Personal Data Protection Authority will be respected.
8. Under Which Conditions Can Your Personal Data Be Processed Without Requiring Explicit Consent?
Your Personal Data may be processed without your explicit consent, in the following cases:
- It is clearly stipulated in the laws.
- It is obligatory for the protection of the life or physical integrity of the person who is unable to disclose his consent due to the actual impossibility or whose consent is not legally valid.
- It is necessary to process personal data of the parties to the contract, provided that it is directly related to the performance of the contract.
- It is mandatory to fulfil our legal obligations as a data controller;
- It is made public by the person concerned.
- When data processing is mandatory for the establishment, use or protection of a right.
- Data processing is mandatory for the legitimate interests of the data controller, provided that the fundamental rights and freedoms of the data subject are not harmed.