TR EN

Law on The Orotection of Personal Data

  • Home

  • Law on The Orotection of Personal Data

At Canlar Mekatronik - Engineering Solutions, we attach great importance to the privacy and security of your personal data.

In this context, processing and storing all kinds of personal data belonging to all individuals associated with Canlar Mekatronik - Engineering Solutions, including our customers and business partners who benefit from our products and services, in accordance with the Law on the Protection of Personal Data No. 6698 (“KVKK”) is one of our priorities. In compliance with the KVKK, we would like to inform you about the purposes of processing your personal data, the methods and reasons for collecting your data, your rights regarding the processing of your personal data, and the application procedures and principles for exercising these rights, with full awareness of our status as "Data Controller" under the KVKK.

a. What is Personal Data? Which Personal Data Do We Collect?

Personal data refers to any information that can be associated with you, including personal details (name, surname, Turkish Republic identity number, etc.), as well as address and telephone information, vehicle and license plate details, family status information, IP address, bank account information, and so on (“Personal Data”). A special type of personal data, called Sensitive Personal Data, refers to data related to race, ethnic origin, political opinion, philosophical beliefs, religion, sect or other beliefs, appearance and clothing, membership of associations, foundations or trade unions, health, sex life, criminal conviction and security measures, as well as biometric and genetic data. The explanations provided on this page for your Personal Data also cover your Sensitive Personal Data.

In this context, Canlar Mekatronik - Engineering Solutions collects Personal Data in accordance with the KVKK from our customers, business partners, employees, job applicants, users of our platforms (web/mobile sites and applications), visitors, and authorized persons and employees of institutions with which we have subcontracting or similar business relationships, as detailed below:

  • Identity Data: Data related to a person’s identity such as name, surname, Turkish Republic identity number, copies of identification documents, etc., collected from our customers, business partners, employees, job applicants, platform (web/mobile sites and applications) users, visitors, and authorized persons and employees of institutions with which we have subcontracting or similar business relationships.
  • Contact Data: Data that enables communication, such as telephone numbers, addresses, email addresses, IP addresses, etc., collected from our customers, business partners, employees, job applicants, platform (web/mobile sites and applications) users, visitors, and authorized persons and employees of institutions with which we have subcontracting or similar business relationships.
  • Family Members’ Data: Data about family members and relatives collected from our employees, job applicants, and authorized persons and employees of institutions with which we have subcontracting or similar business relationships, in order to comply with applicable legislation and/or to protect the legal and other interests of our Company or the concerned person.
  • Financial Data: Data such as salary, wage information, and bank account details collected from our employees, job applicants, customers, business partners, and authorized persons and employees of institutions with which we have subcontracting or similar business relationships, in accordance with the legal relationship established with the data subject.
  • Employment Data: Any personal data that forms the basis for the establishment of the employment rights of real persons working with our Company, collected from our employees, job applicants, and employees of institutions with which we have subcontracting or similar business relationships.
  • Physical Premises Security Data: Personal data such as security and camera recordings taken during entrance to and while staying within a physical location, collected from our customers, business partners, employees, job applicants, visitors, and authorized persons and employees of institutions with which we have subcontracting or similar business relationships.
  • Communication and Complaint Management Data: Personal data obtained from our customers, business partners, platform (web/mobile sites and applications) users, visitors, and authorized persons and employees of institutions with which we have subcontracting or similar business relationships during the process of receiving and evaluating any requests or complaints directed to our Company.
  • Sensitive Personal Data: Data such as health information specified in Article 6 of the KVKK, biometric data (voice and image recordings), religion and membership information of associations or unions, etc., collected from our customers, business partners, employees, job applicants, visitors, and authorized persons and employees of institutions with which we have subcontracting or similar business relationships.
  • Other Data: Data processed for technical operation security, purchase information, cookies, and other data collected by automatic methods or as part of any data recording system, gathered from our customers, business partners, employees, job applicants, platform (web/mobile sites and applications) users, and authorized persons and employees of institutions with which we have subcontracting or similar business relationships.

b. By Which Methods and Legal Grounds Do We Collect/Process Your Personal Data?

We collect your Personal Data through the following main purposes and methods, either fully or partially automatically, or through non-automatic means, and in auditory, verbal, written, or electronic form, through the channels specified below and others that may be added in the future.

We collect your Personal Data through our internet and mobile platforms (web/mobile sites and applications), on various social media channels via the social media accounts managed in the name of Canlar Mekatronik - Engineering Solutions, through our call center operated by Canlar Mekatronik - Engineering Solutions, via email, short messages (“SMS”) or multimedia messages (“MMS”), through agreements signed with you or your authorized company in the context of sales and marketing activities carried out by Canlar Mekatronik - Engineering Solutions, using business cards and other documents provided by you during customer visits, through third parties such as our group companies, business partners, dealers and sales channels, manufacturing companies, or firms from which products/services are procured, and through various methods, either fully or partially automatic or not part of any data recording system, including data obtained from sources such as the trade registry.

We process the Personal Data we collect on the basis of one or several of the following legal grounds:

  • Your explicit consent,
  • The permission granted by the laws and regulations in force in the Republic of Turkey,
  • When it is necessary to protect the life or physical integrity of you or another person due to practical impossibility of obtaining your consent,
  • When it is necessary for the performance of the contract concluded with you or your company,
  • When it is necessary to comply with our legal obligations,
  • When your Personal Data has been made public by you,
  • When it is necessary for the protection or exercise of our legal or contractual rights,
  • When it is necessary for our legitimate interests, provided that it does not harm your fundamental rights and freedoms.

Canlar Mekatronik - Engineering Solutions retains all the Personal Data we process in accordance with the periods mandated by the KVKK and other legislation, and in any case, as long as the aforementioned legitimate purposes persist, we take all necessary administrative and technical measures to safeguard the data.

c. For What Purposes Do We Process Your Personal Data?

We process the Personal Data we collect according to its nature for the following general purposes:

  1. To execute the contracts entered into by Canlar Mekatronik - Engineering Solutions, to provide, produce, sell, deliver, and install the offered products and services, to develop the products and services, and to conduct necessary evaluations and studies to benefit you, including after-sales maintenance and repair operations.
  2. To follow up on and fulfill the obligations arising from consumer legislation and to respond to consumer inquiries.
  3. To monitor, evaluate, and provide support services for the requests and complaints of related persons such as customers and consumers, as well as to manage consumer satisfaction through planning, statistical analysis, and satisfaction surveys.
  4. To carry out quality evaluation and improvement studies to provide better and more reliable products and services and to ensure sustainability, as well as to audit suppliers, subcontractors, and other related business entities.
  5. To conduct advertising and marketing activities related to the products and services offered by Canlar Mekatronik - Engineering Solutions, including information on promotions, campaigns, offers, events, and similar matters, and to conduct corporate communication activities.
  6. To conduct marketing and CRM (Customer Relationship Management) activities.
  7. To organize corporate communications, including other related events and invitations, and to disseminate information, as well as to conduct market research activities.
  8. To improve the digital platforms we offer to our customers, consumers, and business partners and to provide efficient and personalized experiences to platform users by analyzing statistics such as the number, types, visit frequency, behaviors, geographical locations, and similar data of users; to provide personalized content, campaigns, and advertisements based on users' interests and needs, including the use of cookies for this purpose.
  9. To ensure the legal and commercial security of persons in business relationships with Canlar Mekatronik - Engineering Solutions (planning administrative operations related to communication conducted by our Company, ensuring and auditing the physical security of our Company’s locations, auditing and evaluating business partners/customers/suppliers (authorized persons or employees), and ensuring legal compliance processes, etc.).
  10. To exercise legal rights and to use information on processed Personal Data as evidence in case of disputes after the termination of the legal relationship.
  11. To determine and implement Canlar Mekatronik - Engineering Solutions’ commercial, legal, and business strategies.
  12. To implement Canlar Mekatronik - Engineering Solutions’ human resources, accounting/finance policies.
  13. To plan, audit, and execute information security processes.
  14. To comply with domestic and international legislation and to obtain and report information requested by public institutions.

d. Transfer of Personal Data and Processing of Personal Data by Third Parties

The Company may transfer personal data to a third party in accordance with KVKK regulations. In such cases, the Company ensures that the third parties to whom the data is transferred also comply with this Policy. In this context, the necessary protective clauses are included in the contracts entered into with the third party.

  • Transfer of personal data to third parties located in Turkey; Personal Data may be transferred by the Company to third parties in Turkey without obtaining explicit consent in cases specified in Article 5.2 and Article 6.3 of the KVKK, or with the explicit consent of the Data Subject in other cases (Articles 5.1 and 6.2 of the KVKK).
  • Transfer of personal data to third parties located abroad; Personal Data may be transferred by the Company to third parties abroad without obtaining explicit consent in cases specified in Article 5.2 and Article 6.3 of the KVKK, or with the explicit consent of the Data Subject in other cases (Articles 5.1 and 6.2 of the KVKK. However, in such cases, one of the following conditions must be met regarding the foreign country to which the data is transferred:
  • The foreign country to which the personal data is transferred is recognized by the Board as a country with adequate protection,
  • If the foreign country is not on the Board’s list of safe countries, the Company and the Data Controllers in the respective country must provide a written commitment that sufficient protection will be ensured, and obtain permission from the Board.

e. Your Rights and the Application Procedure

e.1. Your Rights Regarding Your Personal Data

We would like to inform you that you have the following rights concerning the data processed within the scope of Canlar Mekatronik - Engineering Solutions and its affiliates:

  1. The right to learn whether your Personal Data is being processed,
  2. The right to obtain information about your Personal Data if it is being processed,
  3. The right to learn the purpose for which your Personal Data is processed and whether it is being used in accordance with that purpose,
  4. The right to know who the third parties are, either within Turkey or abroad, to whom the data has been transferred and which data has been transferred, if applicable,
  5. The right to request correction of your Personal Data in case it is incomplete or incorrect,
  6. The right to request that any corrections, deletions, or destruction of your Personal Data be communicated to the third parties to whom your Personal Data has been transferred,
  7. The right to request deletion or destruction of your processed Personal Data if the reasons for processing are no longer valid or your Personal Data is no longer current,
  8. The right to object to any decision made solely by automated systems that adversely affect you due to the analysis of your Personal Data,
  9. The right to request compensation for damages in case you suffer harm due to the unlawful processing of your Personal Data.

e.2. Application

You may submit your requests regarding your Personal Data by filling out the application form provided in the link below:

  1. Either by delivering it to our consultation office at the company address indicated in the Data Controller’s Identification Information section, or by sending it via a notarized notification to the same address,
  2. Or via the registered email address.

Canlar Mekatronik - Engineering Solutions will resolve your requests, free of charge, within the shortest possible time and no later than 30 (thirty) days, depending on the nature of your request. In case any cost arises due to the fulfillment of your request, we may only charge the fees specified by the Personal Data Protection Board’s tariff.

As a result of the requests submitted to Canlar Mekatronik - Engineering Solutions, we may accept your requests or reject them by providing a written explanation, and communicate the response to you either in writing or electronically. In case of acceptance of your request, Canlar Mekatronik - Engineering Solutions is obliged to promptly execute the necessary actions.

e.3. Complaints

If your requests are rejected by Canlar Mekatronik - Engineering Solutions, or if you are dissatisfied with the response provided by Canlar Mekatronik - Engineering Solutions or no response is given, you may file a complaint with the Personal Data Protection Board within 30 (thirty) days from the date the response was communicated to you, or within 30 (thirty) days after the end of the 30-day period if no response is provided.

f. Data Controller Identification Information

The term Canlar Mekatronik - Engineering Solutions used in this text has been prepared for the Canlar Mekatronik - Engineering Solutions affiliate established in Turkey, whose details are provided below, and this document is addressed to the individuals whose data is controlled by the specified company:

Canlar Mekatronik - Engineering Solutions

Address: Ulaş Mahallesi, 2. OSB, 203. Sokak, No: 7-11/2, 59930 Ergene/Tekirdağ

Telephone: +90 282 655 58 58

Email: info@canlarengineering.com

Application Form within the Scope of KVKK

Under the Law on the Protection of Personal Data No. 6698 (“KVK Law”), personal data subjects defined as “Data Subjects” have the right to make certain requests regarding the processing of their personal data as stipulated in Article 11 of the KVK Law. Pursuant to the first paragraph of Article 13 of the KVK Law, such requests must be submitted to our Company in person, in writing in Turkish, and using the methods specified by the Personal Data Protection Board (“Board”).

Below is information on how written applications can be delivered to us.

According to the Communiqué on the Procedures and Principles Regarding Applications to the Data Controller (dated 10/03/2018 and numbered 30356), the following information is required in the application:

Information to be Provided During the Application:

  • Name, surname, and signature if the application is in writing,
  • For Turkish citizens, the Turkish Republic identity number; for foreigners, nationality, passport number or, if available, identity number,
  • The address for notification or the business address,
  • If available, the email address, telephone, and fax numbers used for notification,
  • The subject of the request.

Additionally, information and documents related to the subject must be attached to the application.

If you wish to make an application regarding your personal data, the application form below must be filled in completely. This application form is prepared in order to determine your relationship with our Company, to fully identify any personal data processed by our Company, and to enable us to respond to your application accurately and within the legally mandated period. In order to eliminate legal risks that may arise from unauthorized or unlawful data sharing and to ensure the security of your personal data, our Company reserves the right to request additional documents or information (such as a copy of your identity card or driver’s license) for the purpose of verifying your identity and authority. In case the information provided in the application regarding your requests is incorrect, outdated, or if an unauthorized application is made, our Company does not accept any liability for requests arising from such incorrect information or unauthorized application.

Your application, once submitted to us, will be responded to in writing free of charge within a maximum of thirty days from the date it is received, in accordance with the second paragraph of Article 13 of the KVK Law.