Caglayan Technic Personal Data Protection Policy

1. Data Controller and Scope

Data Controller: Caglayan Technic (responsible for processing the data).

Legal Framework: The KVKK (Law No. 6698).

Target Audience: All individuals whose personal data is processed by the company, excluding employees and job candidates.

Commitment: The company takes all necessary technical and administrative security measures to prevent unlawful processing, access, and loss of personal data

2. Types of Personal Data Processed

The company processes various types of data, including but not limited to:

Identity/Contact: Name, surname, T.C. ID number, address, phone number, email, signature.

Financial: Bank account number.

Digital/Operational: Cookie records, physical location/security camera (CCTV) footage, and call center/service quality voice recordings.

3. Purposes and Legal Reasons for Processing

The data is processed for legitimate business reasons, such as:

Business Operations: Determining and implementing business strategies, marketing, and planning.

Customer/Partner Relations: Establishing and maintaining relationships with customers, suppliers, and business partners; ensuring contractual compliance and financial reconciliation.

Security & Administration: Ensuring physical security of company locations and executing administrative communications.

HR and Events: Executing HR policies (for internal processes not covered by the main target group), and managing participation in company-organized events (trainings, seminars, etc.) or use of the call center/website.

4. Collection, Storage, and Security

Collection Methods: Data can be collected verbally, in writing, or electronically via automatic or non-automatic methods (e.g., offices, call center, website, social media, mobile apps).

Storage: Data is stored in electronic and/or physical media.

Security: The company has designed business processes and technical security infrastructure to prevent unauthorized access, manipulation, loss, or damage.

Retention: Data is kept for the period required by law or the purpose of processing. Once that time expires, it will be deleted, destroyed, or anonymized.

5. Transfer of Personal Data

Personal data may be transferred, both domestically and abroad, to third parties for the specified purposes, including:

Internal: Caglayan Technic Limited Company and its authorized representatives.

Business Partners: Suppliers, contractors, banks, credit risk/financial institutions, and other real or legal persons.

Regulatory/Legal: Regulatory and supervisory authorities, public institutions authorized by law, tax and legal consultants, auditors, etc.

6. Your Rights (Pursuant to KVKK Article 11)

Individuals have the right to apply to Caglayan Technic to:

Learn whether their data is being processed.

Request information regarding the processing.

Learn the purpose of processing and whether it's used appropriately.

Know the third parties to whom the data was transferred (domestically/abroad).

Request correction if the data is incomplete or incorrect.

Request deletion/destruction under the conditions stipulated in Article 7 of the KVKK.