KVK LAW CLARIFICATION TEXT

Personal Data Protection Law

The Law on Protection of Personal Data No. 6698 aims to protect the privacy of private life and fundamental rights and freedoms, especially considering the security of your personal data. As Ulus Dangerous Goods Safety Consultancy Ltd. Co., we have the personal data of our parties regarding the limits and authorities allowed by the laws and regulations in order to deliver the service we provide to you in the most accurate and appropriate way.


As Ulus Dangerous Goods Safety Consultancy Ltd. Co, we show the necessary effort and sensitivity regarding the security of the personal data of all parties with whom we have business relations. In accordance with the legislation, under the name of data controller, all kinds of private and general personal data obtained within the scope of our service relationship will be recorded, stored, updated, disclosed to third parties, andtransferred to third parties, in accordance with the Personal Data Protection Law, as detailed below. Morever, these are classified and processed according to other procedures and principles specified within the limits allowed by the legislation.


As Ulus Dangerous Goods Safety Consultancy Ltd. Co, our principles regarding the processing of personal data;

a) To act in accordance with the law and the rules of honesty,

b) To ensure accuracy and timeliness,

c) To process data for specific, explicit and legitimate purposes,

d) Being connected, limited and restrained with the purpose for which they are processed,

e) To be kept for the period required by the relevant legislation or for the purpose for which they are processed.


What Data Do We Collect? What is the Purpose of Collecting Data?

Personal data is any information that identifies you personally or can be used to identify you directly or indirectly. We collect your personal data through your use of environmental engineering and consultancy services of Ulus Dangerous Goods Safety Consultancy Ltd. Co


The categories of personal data we receive from you depend on the nature of your interaction with us or the type of service provided, this data may include one or more of the following:


Your Personal Data Collected;

  • Identity (Represents data types such as name, surname, mother, father and sibling information, identity and driver's license serial number.)
  • Contact (Represents data types such as e-mail address and e-mail signature information, contact address, phone number.)
  • Customer Transaction (Represents data types such as customer requests and requests, invoice, promissory note, check information, information on receipts, order information.)
  • Physical Space Security (Represents data types such as entry and exit registration information of guests and visitors, camera recordings.)
  • Transaction Security (In case you use our guest network in our location, it refers to data types such as IP address information, website entry and exit information.)
  • Finance (Represents data types such as payment information, bank account information, financial performance information, credit and risk information.)
  • Health (Represents data types such as establishment request, health status and periodic inspection information in project construction monitoring activities.)
  • Professional Experience (Represents data types such as diploma information, courses attended, in-service training information, certificates, transcript information.)
  • Marketing (Represents data types such as past service purchase information, survey, cookie records.)
  • Audio-Visual Records (Represents data types such as audio-visual recordings.)



Within the scope of Articles 5 and 6 of the Personal Data Protection Law, Ulus Dangerous Goods Safety Consultancy collects the special and general personal data within the scope of our business relations in order to realize our company purposes in parallel with engineering, consultancy, and social research activities. Personal data are used for the purposes of protecting, executing operational processes to ensure that all our relevant parties receive an accurate, sufficient and quality service, to ensure security, to ensure legal compliance, to fulfill our commercial requirements and obligations, and to fulfill our obligations in contracts, if any, to fulfill our legal obligations as data controller, our legitimate interests, the establishment, use and use of the right, and other purposes stated below. These are done in accordance with legal requirements.


Your personal data is processed within the scope of sub-purposes of both the private sector and public institutions and organizations, provided that it is connected with the "purposes" and is measured. The ‘’purposes’’ are EIA Environmental Impact Assessment (EIA), Environmental and Social Impact Assessment (ESIA), Environmental Management Plan, EIA Monitoring, Environmental Management, Social Impact Analysis and Management Planning, GIS (Geographic Information Systems) Applications, Biodiversity Detection and Monitoring, Management Plan (Wetland Management Plan, Development Plan etc.) Master Plan and Basin Planning, Water Resources Management Planning, Water Quality and Biological Monitoring on Basin Basis, Preparation of Water Rights Planning Report, Preparation of Ecosystem Evaluation Reports, Ecological Landscape Evaluation Reports and Landscape Repair Plans, Risk Assessment and Emergency Response Plan, Preparation of Coastal Facilities Feasibility and Modeling Report, Preparation of Soil Conservation Project, Air, Noise, Water Pollution, Waste Heat etc. Modeling, Water quality (Water and wastewater, sea water, lake, surface and groundwater analysis), Air Quality (Emission and Imission Measurements) and Modeling, Noise and Vibration Measurements, Acoustic Report Preparation and Noise Mapping, Soil Analysis, Waste, Solid Performing Waste and Sewage Sludge Analysis, Waste Oil and Insulation Fluid Analysis, Sampling and Bio-Restoration Planning services and delivering these services to the customer, performing activities and services such as marketing, sales, shipment, control, accounting, finance and collection transactions, following legal processes when necessary, executing processes before official institutions and organizations, responding to requests from official institutions and organizations, executing emergency management processes, executing information security processes, executing audit / ethical activities, executing access authorizations, executing activities in accordance with the legislation, physical Ensuring personal space security, conducting assignment processes, conducting communication activities, conducting / auditing business activities, conducting occupational health / safety activities, receiving and evaluating suggestions for improvement of business processes, conducting business continuity activities, conducting after-service support services, customer relations management execution of customer satisfaction activities, execution of contract processes, follow-up of requests / complaints, execution of wage policy, ensuring the security of data controller operations, execution of management activities, creation and follow-up of visitor records.


Method and Legal Reason for Personal Data Collection

Your personal data for the above-mentioned purposes, in accordance with the basic principles stipulated in the Law and in accordance with the processing conditions specified in Article 5 of the Law, are collected from closed-circuit recording systems through automatic or non-automatic means and channels, social media, website, official institutions and business partners within the scope of support services, from any service points of our company, directly orally or in writing, from the information transmitted by you, telephone, fax, e-mail. -mail etc.


Moreover, T.C. Laws and secondary legislations of the Ministry of Environment and Urbanization, Turkish Commercial Code No. 6102, Turkish Code of Obligations No. 6098, Law No. 6563 on the Regulation of Electronic Commerce, Regulation on Commercial Communications and Commercial Electronic Messages 30998, Occupational Health and Safety and Obligations in Tax Legislation and other related In accordance with other legislation, your personal data may be processed by automatic or non-automatic methods for the purpose of providing quality, adequate and accurate services within the scope of the contract, and performing the works and transactions to be carried out in accordance with the obligations of storage, storage and reporting, as long as the data processing purpose is valid.


To Whom The Processed Personal Data Can Be Transferred For What Purposes

Your collected personal data is limited to the purposes specified in the Clarification Text, and on the condition that it is measured, depending on the reasons that require it to be transferred within the scope of the Law and relevant legislation, and limited to these reasons; It can be transferred to official institutions and organizations, information technology and security companies, logistics companies, related business partners, audit companies, lawyers, suppliers, and our cooperating group companies, whose services we benefit from.


Situations We May Process Your Personal Data Without Your Express Consent By Law

In accordance with Article 5 of the Law, express consent is one of the personal data processing conditions in the Law, but it is not the only element that legalizes data processing. The law also stipulates conditions other than express consent for data processing activity. Accordingly, in the presence of one of the following conditions, it is possible to process personal data without seeking the explicit consent of the data subject:

a) It is clearly stipulated in the laws,

b) It is necessary for the protection of the life or physical integrity of the person or another person, who is unable to express his consent due to actual impossibility or whose consent is not legally valid,

c) It is necessary to process the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract,

d) It is mandatory for the data controller to fulfill its legal obligation,

e) The person concerned has been made public by himself,

f) Data processing is mandatory for the establishment, exercise or protection of a right,

g) Data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.


How Long Is Your Personal Data Retained?

The retention periods for your personal data are determined in accordance with the following criteria:

  • If a period has been determined for the storage of data in line with the law, the relevant legislation and the contract signed between us, the said data must be kept for at least this period.
  • If the law, the relevant legislation and the contract signed between us do not specify a period for the storage period of the data we process, your data will be stored until the reasons and purposes that require processing are terminated.
  • After these relationships are terminated or the periods specified in the contract are completed, your data will be deleted without your request.


How Do We Protect?

All necessary technical and administrative measures are taken for the security of all personal data collected by UUlus Dangerous Goods Safety Consultancy Ltd. Co In this context, unauthorized access, misuse in accordance with the Personal Data Security Guide requirements published by the KVKK Board, ISO/IEC 27001 Information Security, ISO/IEC 27017 Cloud Services Information Security, ISO/IEC 27701 Privacy Information Management standards, European Union General Data Protection Regulation GDPR. We take physical, technical, organizational and managerial safeguards against use, disclosure or alteration.


What Are Your Rights Regarding Personal Data?

Regarding your personal data;

  • Learning whether your personal data is processed or not,
  • If your personal data has been processed, requesting information about it,
  • To learn the purpose of processing personal data and whether they are used in accordance with the purpose,
  • Knowing the third parties to whom your personal data is transferred, in the country or abroad,
  • Requesting correction of your personal data if it is incomplete or incorrectly processed,
  • Requesting the deletion or destruction of your personal data within the framework of the conditions stipulated in the KVK legislation,
  • When you request the deletion or destruction of your personal data by correcting incomplete or incorrect data, requesting that this situation be notified to the third parties to whom we have transferred your personal data,
  • Objecting to the result if a result arises against you by analyzing the processed data exclusively through automated systems, and
  • If you suffer any damage due to the illegal processing of personal data, you have the right to demand that this damage be remedied.


How Can You Exercise Your Rights Regarding Personal Data?

Pursuant to paragraph 1 of Article 13 of the Law on the Protection of Personal Data, you can make your request to exercise your above-mentioned rights with the following methods and information, pursuant to the "Communiqué on the Procedures and Principles of Application to the Data Controller" published on March 10, 2018, numbered 30356.


Necessary information in the application content;

  1. Name, Surname information of the applicant.
  2. If the applicant is a citizen of the Republic of Turkey, T.R. Identity Number, if not, Nationality and Passport number or Identity number if available.
  3. The applicant's place of residence or workplace address for notification.
  4. The applicant's e-mail address, telephone or fax.
  5. Subject of the Applicant's Request.
  6. Information and documents regarding the applicant's request.


Application Methods;

  1. The applicant is personally affiliated with Ulus Dangerous Goods Safety Consultancy Ltd. Co address, by filling in the «Application Form», with a closed envelope and the note “Information Request Pursuant to the Law on the Protection of Personal Data” on the envelope, with a hand-delivery report to our central location.
  2. The applicant, through a notary public, Ulus Dangerous Goods Safety Consultancy Ltd. Co may receive a notification, but the phrase "Information Request Pursuant to the Law on Protection of Personal Data" should be added on the notification envelope.
  3. With the "Secure Electronic Signature" defined in the Electronic Signature Law No. 5070, the applicant can personally apply to our company's Registered Electronic Mail address [email protected] with the note "Information Request Pursuant to the Law on Protection of Personal Data" in the subject section.

You can reach our application form regarding your above-mentioned rights here.


How Long Will Your Requests Regarding the Processing of Your Personal Data Be Answered?

Your claims regarding your personal data are evaluated and answered within 30 (thirty) days at the latest from the date they reach us. In case your application is evaluated negatively, the reasons for rejection will be sent via e-mail or post to the address you specified in the application.