KVKK Information

  1. Identity of the Data Controller

 

Within the scope of the Personal Data Protection Law No. 6698 (“Law”) and in the capacity of data controller, İYS Teknik İnşaat Anonim Şirket (“İYS Teknik”) presents the following clarification text regarding the personal data we obtain.

  1. Processing of Personal Data and Purposes of Processing

Depending on the service provided by İYS Teknik or its commercial activity, personal data of data subjects may be processed to ensure optimal service delivery. In this context:

  • If you are an individual trader, a real person employee/contact/partner/authorized representative of suppliers/subcontractors/business partners/third parties benefiting from the services of İYS Teknik and its affiliated group companies, your identity, contact, personnel (resume), and professional experience information, as well as special categories of personal data such as health information and religion/blood type on identity documents (which can be obtained indirectly through ID/license copies) may be processed for contract execution, procurement processes, business operations and auditing, ensuring business continuity, finance and accounting operations, assignment processes, auditing activities, access management, legal affairs, performance evaluations, sponsorship/aid activities, occupational health and safety, work and residence permits for foreign personnel, communication activities, corporate communication including press releases, event management including hotel/flight reservations, logistics and cargo operations, risk management, internal audit/investigation/intelligence activities, providing information to authorized persons/institutions upon request, ensuring information system continuity, and storage/archiving processes.
  • If you are an employee/contact/partner/authorized representative of the group companies affiliated with İYS Teknik or of the real person or legal entity clients of the group companies, your identity, contact, and customer transaction information may be processed for contract execution, finance and accounting operations, customer relationship management, access management, legal affairs, business operations and auditing, audit/ethics activities, internal audit/investigation/intelligence activities, participation in domestic/international tenders, providing information to authorized persons/institutions upon request, ensuring information system continuity, and storage/archiving processes.
  • If you visit our workplace, your identity information may be processed for creating and tracking visitor records, ensuring physical security, occupational health and safety processes in case of work accidents, and providing information to authorized persons/institutions upon request.
  • If you visit our website, your transaction security data, and if you use İYS Teknik’s wireless network, your identity and contact information may be processed to comply with obligations under Law No. 5651, maintain electronic log records, and manage information security processes.

Personal data will be processed only for purposes compliant with legislation and the Company’s policies and procedures. Your personal data may also be transferred to physical archives and information systems, and maintained in both digital and physical environments.

  1. Recipients of Personal Data and the Purposes of Transfer

Your collected personal data may be transferred within the scope of the purposes described in Article 2 of this Clarification Text, in accordance with the Law and related regulations, and limited to the reasons requiring transfer. These include: official institutions and organizations, banks, press agencies, consultancy and audit firms, travel agencies, business partners and suppliers, companies whose services are utilized, affiliated group companies of İYS Teknik, shared databases with affiliated companies, and technology service providers both domestic and abroad. Transfers are for ensuring compliance with group company policies and procedures, operational process execution, support, and participation in domestic/international tenders.

  1. Methods and Legal Basis of Personal Data Collection

Your personal data may be collected directly or indirectly by you or via your employer, in written or verbal form, through applications and software used within the Company, or through camera recordings. Collection is limited to the purposes described in Article 2 of this Clarification Text and based on the legal grounds specified in Article 5 of the Law, including legal obligation of the data controller, establishment, exercise, or protection of a right, contract performance or establishment, and the legitimate interest of the data controller.

  1. Your Rights Regarding Personal Data Protection

Under personal data protection legislation, you have the rights to: learn whether your personal data is being processed; request information if processed; learn the purpose of processing and whether it is used in accordance with that purpose; learn the third parties to whom data is transferred domestically or abroad; request correction if processed incorrectly; request deletion or destruction if processing conditions no longer exist; object to automated decision-making if it produces negative consequences; and request compensation for damages caused by unlawful processing.

Requests under Article 11 of the Law can be submitted using the form to the address Yayla Mah. Özgür Sok. No:24 B Tuzla/Istanbul, either in person with identity verification or via other methods specified in the Communiqué on Application Procedures to the Data Controller.

In accordance with Article 13 of the Law, our Company will conclude application requests within thirty (30) days depending on their nature. If the process incurs a cost, the fee determined by the Personal Data Protection Board will apply. If the request is rejected, the reason(s) for rejection will be provided in writing or electronically.