Website Privacy Policy  

During your visit to this website and while benefiting from the services we provide through this site, the use and protection of the information we obtain about you and the services you request are subject to the terms set forth in this "Privacy Policy." By visiting this website and requesting to benefit from the services provided through this site, you agree to the terms set forth in this "Privacy Policy."

I. Purpose of Personal Data Protection and Processing Policy

Due to the sensitivity of the work we have been doing as tolkim.com.tr until today, the data obtained from our customers or prospective customers has been kept confidential and has never been shared with third parties. Protection of personal data is the fundamental policy of our company. Even before any legal regulations, our company and its subsidiaries have attached great importance to the confidentiality of personal data, adopted it as a working principle, and instructed its employees to work accordingly. We also undertake to comply with all the responsibilities brought by the Law on Protection of Personal Data as tolkim.com.tr. Our company's principles regarding the protection of personal data also include our subsidiaries.

II. Scope and Amendment of Personal Data Protection and Processing Policy

This Policy prepared by our company is prepared in accordance with the Personal Data Protection Law No. 6698 ("KVKK"). The Law has entered into force with all its provisions as of today. The data obtained with your consent or other legality requirement as specified in the Law will be used to improve the services provided and to improve our service quality and policy. Some of the data we have is also de-personalized and anonymized. These data are used for statistical purposes and are not subject to the Law and our Policy. tolkim.com.tr Personal Data Protection and Processing Policy aims to protect the automatically obtained data of our customers, prospective customers, our employees, the customers and employees of companies working with us in partnership, or other individuals and includes regulations regarding them.

Our company has the right to amend our policy and Regulations - provided that it complies with the Law and ensures better protection of personal data.

III. Fundamental Rules Regarding the Processing of Personal Data

a) Compliance with the law and honesty: tolkim.com.tr queries the source of the data collected or obtained from other companies and attaches importance to ensuring that they are obtained in accordance with the law and honesty. Within this framework, tolkim.com.tr provides necessary warnings and notifications for the protection of personal data to third parties (including agents and other intermediaries) selling the services it offers.

b) Accuracy and being up-to-date when necessary: tolkim.com.tr attaches importance to ensuring that all data within the institution are accurate, do not contain incorrect information, and, ultimately, updates them when changes occur in personal data if they are communicated.

c) Processing for specific, clear, and legitimate purposes: tolkim.com.tr processes data only for the purposes it obtained consent for from individuals during the provision of services, and it does not process, use, or allow the use of data for purposes other than the intended purpose.

d) Being connected, limited, and measured to the purpose for which they are processed: tolkim.com.tr only uses data to the extent necessary for the purpose for which they are processed and as required by the service.

e) Preservation for the period prescribed by the relevant legislation or the purpose for which they are processed: tolkim.com.tr preserves contract-related data for as long as required by the periods for disputes set by the Law, and the requirements of commercial and tax law. However, when these purposes cease to exist, the data is deleted or anonymized.

It is important to note that these principles listed above apply, whether the data has been collected or processed with consent or in accordance with the law.

According to Article 11 of the Personal Data Protection Law, you have the following rights. In order to facilitate these rights, a separate application form has also been prepared by tolkim.com.tr.

Individuals whose personal data is processed can apply to our company's address on our web page to;

a) Learn whether personal data is processed,

b) Request information if personal data has been processed,

c) Learn the purpose of processing personal data and whether they are used in accordance with their purpose,

d) Know the third parties to whom personal data is transferred domestically or abroad,

e) Request correction of personal data if it is incomplete or incorrectly processed,

f) Request the deletion or destruction of personal data within the framework of the conditions stipulated in the law,

g) Request notification of the operations carried out pursuant to subparagraphs (d) and (e) to third parties to whom personal data has been transferred,

h) Object to the occurrence of a result against the person by analyzing the processed data exclusively through automated systems,

i) Request the compensation of damages in case of damage due to the unlawful processing of personal data.

We respect these rights as tolkim.com.tr.

Principle of Maximum Economy/Thriftiness

According to our principle called the Principle of Maximum Economy or Thriftiness, the data reaching tolkim.com.tr is only processed into the system as much as necessary. Therefore, which data we will collect is determined according to the purpose. Unnecessary data is not collected. Other data received by our company is similarly transferred to the company's IT systems. Redundant information is not recorded in the system, it is deleted, or anonymized. These data can be used for statistical purposes. Health data, as a special category of data, are obtained only to provide better service to customers and to protect their health; similarly, depending on the type of service preferred by the customer, they are transferred to hotels, airlines, and transfer service provider companies located domestically or abroad, and carefully kept in the system.

Deletion of Personal Data

When the periods required to be kept by law expire, legal processes are completed, or other requirements cease to exist, personal data are deleted, destroyed, or anonymized by our company either automatically or upon the request of the data subject.

Accuracy and Data Currency

The data within tolkim.com.tr are processed as declared by the relevant individuals as a rule. tolkim.com.tr is not obliged to investigate the accuracy of the data declared by customers or individuals contacting tolkim.com.tr either legally or due to our working principles. The declared data is considered correct. The principle of accuracy and currency of personal data is also adopted by our company. Our company updates the personal data it processes from official documents received or upon the request of the data subject. Necessary measures are taken for this.

Confidentiality and Data Security

Personal data is confidential, and tolkim.com.tr complies with this confidentiality. Only authorized persons within the company can access personal data. All necessary technical and administrative measures are taken by tolkim.com.tr to prevent personal data from being accessed by unauthorized persons, to ensure that customers and prospective customers are not victims. Within this framework, compliance with data protection policy is ensured by selecting software that will process the data. In addition, customer information is stored in encrypted form on our servers, and access to this data is strictly controlled.

Measures Taken to Ensure Data Security:

a) Determining the relevant software to be used to protect personal data,

b) Protecting the system with firewalls,

c) Measures such as encryption are taken,

d) Taking measures to ensure data security, such as restricting unauthorized access to personal data,

e) Our staff is trained to comply with the company's data protection policy,

f) Ensuring that the necessary software and hardware are up-to-date,

g) Taking necessary measures to ensure the physical security of the server rooms,

h) Backing up data on a regular basis and ensuring that backup data is stored securely.

Violations and Results

In cases where individuals suffer damage due to the violation of the personal data protection and processing policy or the provisions of the relevant legislation by tolkim.com.tr, the company may be subject to administrative fines and may also be sued. Therefore, measures are taken by tolkim.com.tr to prevent violations of the Personal Data Protection Law and the related legislation.

Legal Arrangements to Be Made and Protection of Data

Legal arrangements regarding the protection of personal data are closely followed by tolkim.com.tr, and necessary measures are taken by the company to ensure compliance with the legislation. Legal arrangements are constantly monitored, and any deficiencies are eliminated by our company in accordance with the needs.

Compliance with International Standards

tolkim.com.tr ensures compliance with international standards regarding the protection of personal data. The company attaches great importance to ensuring that the personal data it processes is also protected internationally, considering the globalization of trade and information. Therefore, it pays attention to the necessary measures in terms of both technical and administrative aspects.

Your Rights Regarding Personal Data

As the data subject, by applying to tolkim.com.tr;

You have the right to;

Learn whether your personal data is being processed,

Request information if your personal data has been processed,

Learn the purpose of processing personal data and whether they are used in accordance with their purpose,

Know the third parties to whom personal data is transferred domestically or abroad,

Request correction of personal data if it is incomplete or incorrectly processed,

Request the deletion or destruction of personal data within the framework of the conditions stipulated in the law,

Request notification of the operations carried out pursuant to subparagraphs (d) and (e) to third parties to whom personal data has been transferred,

Object to the occurrence of a result against you by analyzing the processed data exclusively through automated systems,

Request compensation of damages in case of damage due to the unlawful processing of personal data.

Personal data subjects may submit their requests regarding the above-mentioned rights to our Company in accordance with the application procedures stipulated in the Communique on Principles and Procedures for Application to the Data Controller, tolkim.com.tr will process your request in accordance with its nature within the shortest time and at the latest within 30 (thirty) days as of the date of receipt of the application. However, if the transaction requires an additional cost, tolkim.com.tr may charge a fee in accordance with the tariff determined by the Personal Data Protection Board.

Functional and Analytical

Cookies include your preferences, the effective use of the website, optimizing the website to respond to user requests, and data about how visitors use the site. By nature, cookies of this type may contain personal information such as a username.

Third-Party Cookies

tolkim.com.tr websites/mobile applications/mobile websites work with trusted, well-known advertising providers. Third-party service providers place their own cookies to serve you personalized ads. Cookies placed by third parties collect, process, and analyze browsing information on websites.

Commercial Cookies

It aims to offer products/content similar to your interests and choices and to improve your user experience by offering a more advanced, personalized advertising portfolio. The background retention period for session, persistent, functional, analytical, and commercial cookies is approximately 2 (two) months, and adjustments can be made in the individual internet browser settings. The removal process from these settings may vary depending on the internet browser.

How can I delete cookies?

Many internet browsers are set to automatically accept and use cookies from the first installation to your computer. You can use the help or settings menus of your internet browser to block cookies or to receive warnings when cookies are sent to your device. You can learn different ways to manage cookies and how to adjust the settings of your browser from the instructions or help options screen of your browser.

VI. Data of our Employees

Processing of data for employment relationship

Personal data of our employees can be processed without obtaining consent to the extent necessary for employment relationships and health insurance. However, tolkim.com.tr ensures the confidentiality and protection of data related to its employees.

Processing by Legal Obligation

tolkim.com.tr may process personal data of its employees without obtaining consent for the purpose of fulfilling explicitly stipulated in the relevant legislation or fulfilling a legal obligation determined by the legislation. This is limited to obligations arising from the law.

Processing for the Benefit of Employees

tolkim.com.tr may process personal data without obtaining consent for transactions that are beneficial to company employees, such as private health insurance. tolkim.com.tr may also process data related to employees for disputes arising from employment relationships.

Processing of Sensitive Data

According to the Law, the data concerning individuals' race, ethnic origin, political opinion, philosophical belief, religion, sect, or other beliefs, clothing and dress, association, foundation, or union membership, health, sexual life, criminal conviction and security measures, as well as biometric and genetic data, are considered sensitive personal data. tolkim.com.tr also takes additional measures determined by the Board for the processing of sensitive personal data with the consent of the relevant person. Sensitive personal data can be processed only in cases permitted by the Law and limited to those cases. The special data obtained from our employees for the purpose of benefiting from insurance and health services are used only for specific purposes.

Data Processed by Automated Systems

Data processed by automated systems regarding employees can be used in internal promotions and performance evaluations within the company. Employees have the right to object to the result against them and do so in accordance with internal procedures. Employee objections are also evaluated internally within the company.

Telecommunications and Internet

The computers, phones, email, and other applications allocated to employees within the company are strictly allocated for business purposes. An employee cannot use these means allocated by the company for personal purposes and communication without the company's permission. The company can control and monitor all data on these tools. From the moment the employee starts working, they undertake not to have any other data or information on the computer, phones, or other tools allocated to them for purposes other than work.

VII. Transfer of Personal Data Domestically and Internationally

Personal data may be shared with business and solution partners by tolkim.com.tr for the purpose of providing the service. tolkim.com.tr may transfer personal data to the following persons and institutions for specific purposes;

» tolkim.com.tr's business partners for the purpose of ensuring the establishment of business partnership,

» tolkim.com.tr's suppliers, limited to providing services necessary for the company's commercial activities,

» tolkim.com.tr's solution partners, limited to the conduct of commercial activities requiring the participation of the company's affiliates,

» tolkim.com.tr's affiliates.

tolkim.com.tr has the authority to transfer personal data abroad in accordance with the conditions specified by the Board in the Law, in compliance with other conditions in the Law and with the consent of the person.

VIII. Rights of the Data Subject

tolkim.com.tr acknowledges that the data subject has the right to give consent before processing the data within the scope of the Law and to determine the fate of the data after processing.

By applying to our Company regarding personal data, you have the right to;

a) Learn whether personal data is being processed,

b) Request information if personal data has been processed,

c) Learn the purpose of processing personal data and whether they are used in accordance with their purpose,

d) Know the third parties to whom personal data is transferred domestically or abroad,

e) Request correction of personal data if it is incomplete or incorrectly processed,

f) Request deletion or destruction of personal data within the framework of the conditions stipulated in the law,

g) Request notification of the operations carried out pursuant to subparagraphs (d) and (e) to third parties to whom personal data has been transferred,

h) Object to the occurrence of a result against you by analyzing the processed data exclusively through automated systems,

i) Request compensation of damages in case of damage due to the unlawful processing of personal data.

However, there is no right for individuals regarding anonymized data within the Company. tolkim.com.tr may share personal data with relevant institutions and organizations for the purpose of fulfilling a judicial duty or exercising the legal authority of the state.

Personal data owners can submit their requests regarding the above-mentioned rights by completing the application form on the Company's official website www.tolkim.com.tr and signing it with a wet signature and sending it to the address Merdivenköy Mh. Nur Sk. No:1/8 C Blok Kadıköy / İstanbul by registered mail with return receipt requested, along with photocopies of identity documents (only the front side photocopy for identity cards). Your applications will be answered within the shortest time after reaching our company or at the latest within 30 days. Your applications must be made by registered mail. In addition, only the part of your applications related to you will be answered, and applications made regarding your spouse, relative, or friend will not be accepted. tolkim.com.tr may request additional information and documents from the applicants.

IX. Privacy Principle

The data of both employees and other individuals at tolkim.com.tr is confidential. No one can use, copy, reproduce, transfer to others, or use for any other purpose without a contract or compliance with the law.

X. Transaction Security

All necessary technical and administrative measures are taken by tolkim.com.tr to ensure that personal data collected is protected and not accessed by unauthorized persons, and to prevent our customers and potential customers from being victimized. In this context, software is ensured to comply with standards, third parties are carefully selected, and data protection policy is followed within the company. Security measures are constantly renewed and improved.

XI. Auditing

tolkim.com.tr conducts necessary internal and external audits for the protection of personal data.

XII. Reporting of Violations

When tolkim.com.tr is informed of any violation related to personal data, it takes immediate action to remedy the violation. It minimizes the damage to the individual and compensates for the damage. When personal data is obtained by unauthorized persons from outside, it immediately informs the Personal Data Protection Board of the situation.

Applications regarding the reporting of violations can also be made in accordance with the procedures specified at www.tolkim.com.tr.

Contact

For questions and requests regarding the privacy agreement, you can fill out the form below, take a printout, and send it by registered mail to the address below.

tolkim.com.tr

Last Updated: September 26, 2022