DISCLOSURE TEXT FOR CUSTOMER

The principles concerning the processing of your personal data by Testinium Teknoloji Yazılım A.Ş. (“Company”) as the data controller based in Soğanlık Mh. Pamukkale Sk. No:11 Kartal İstanbul in accordance with the Turkish Law on Protection of Personal Data no. 6698 (“PDPL”), the Regulation 2016/679 of the European Parliament and Council of 27 April 2016 (European Data Protection Regulation or “GDPR”) and other applicable legislation and other applicable legislation are provided in detail in this Disclosure Text.
 

1. Purpose of Processing Personal Data

Your personal data such as your name, surname, e-mail address, phone number are processed in order to perform the service and plan, to benefit from our service within the scope of your demo request we provide and to contact you.

2. Method and Legal Basis of Collection of Personal Data

The personal data of the customers are collected by automatic or non-automatic methods by means of the forms that are filled in by them and/or by contacting them electronically.
Your personal data is collected in accordance with data processing principles pursuant to the PDPL and GDPR, provided that it is directly related to the establishment or execution of the contract and that it is necessary to process the personal data of the parties. Your personal data is processed for necessary for the legitimate interests pursued by our Company, provided that this processing shall not violate the fundamental rights and freedoms of the data subject and relating the legal reason of obtaining explicit consent.

3. Transfer of Personal Data and Purpose of Transfer

The personal data processed can be transferred to our business partners, affiliates, suppliers, to our legal consultants in order to follow up and execute legal, affairs authorized public institutions, authorised by the law, or a valid legislative provision, court order or regulation and individuals in accordance with data processing conditions and purposes stated under the Law and GDPR. (in particular Article 6(1) and recital 48 of GDPR; and in Article 8 and 9 of PDPL)

4. Application to the Data Controller and Your Rights

According to the Article 11 of PDPL and Article 12 of GDPR, you also have the following rights:

  • learn whether your personal data are being processed,
  • if they are, request information,
  • obtain information on the purpose of processing and find out whether personal data has been used as fit for the purpose,
  • obtain information about the third persons in Turkey and abroad, to whom personal data are transferred,
  • request rectification of personal data that may have been
  • incompletely or inaccurately processed,
  • request the deletion or destruction of personal data,
  • request notification of the operations made as per indents (e) and (f) to third parties to whom personal data have been transferred,
  • object to occurrence of any detrimental result by means of analysis of personal data exclusively through automated systems and
  • request compensation for the damages due to unlawful processing of personal data.

You can send your requests to the Company according to Comminuque on the Principles and Procedures for the Request to Data Controller. You can also direct your applications to us by submit it to the address Soğanlık Mh. Pamukkale Sk. No:11 Kartal İstanbul via registered letter or to the kvkk@testinium.com e-mail address.

Our Company fulfills your requests as soon as possible and within thirty days at the latest and once for free of charge. However, requester may be charged for following requests or for the initial request if the action taken on the request requires additional cost. Our Company can accept and process the request or reject the request in writing by explaining its reason.

You are entitled to file a complaint to the Turkish Board of Personal Data Protection (“Board”) within thirty days as of the notification of the reply and in all cases within sixty days if the application is rejected after carrying out the procedure mentioned above, the reply is deemed to be insufficient or the requests are not responded in a timely manner. However, the complaint cannot be filed without exhausting this application process.

The Board may conduct the necessary inspections within its field of duty upon receiving a complaint or ex officio upon detecting a breach. The complaint shall be examined by the Board and answers shall be provided to those concerned. If no replies are given within sixty days as of the date of the complaint, the request shall be deemed to be rejected. If, as a result of inspections upon receiving a complaint or ex officio investigation, a breach is detected, the Board shall rule the identified contraventions of law to be eliminated by the data controller, and shall notify those concerned accordingly. This decision shall be fulfilled without delay but no later than within thirty days as of the notification of the decision.The Board is authorized to halt data processing or international transfer of data if damages that are hard or impossible to compensate occur and if there is an explicit infringement of the law.

We would like to emphasize that your data is meticulously protected by the Company and thank you for the trust that you place in us.