PROTECTION OF PERSONAL DATA and CLARIFICATION TEXT

PROTECTION OF PERSONAL DATA and CLARIFICATION TEXT

According to the General Data Protection Regulation (GDPR) and Personal Data Protection Law No.6698 (hereinafter referred to as the "Law No.6698"), SAAT VE SAAT MAGAZACILIK A.S. “www.welderwatch.com” is the Data Controller because we process your personal data. According to Article 10 of the Law and Article 13 of the GDPR regulates the Obligation to Inform, data controllers are obliged to inform the real persons whose personal data they process on certain issues.

As you are the person concerned with this awareness, we process your personal data as explained below and within the limits prescribed by the legislation. As a Data Controller, we would like to inform you in accordance with Article 10 of the Law No.6698 and Article 13 of the GDPR titled "Data Controller's Obligation to Inform".

  1. About The Data Controller

As SAAT VE SAAT MAGAZACILIK A.S. “www.welderwatch.com” (hereinafter referred to as "Data Controller") in accordance with Law No.6698 and GDPR; We may process your personal data as Data Controller, record it, store it, classify it, update it, and disclose it to third parties at home or abroad, where permitted by legislation and / or limited to the purpose for which they are processed, in accordance with the law and the rules of integrity and as long as necessary for the purposes we foresee, which we have stated below, within the scope of our purposes explained below.

 

  1.  Your Processed Personal Data, Legal Reasons and Processing Purposes

Your personal data subject to processing;

 

  1. Name, surname, date of birth, your gender information,
  2. Your contact and location data such as address, location, phone number, e-mail address,
  3. Your request and complaint data,
  4. Your browsing information obtained during the use of our website, mobile application and social media platforms and our applications, your IP address, your browser information and your account information and password.

 

Your collected personal data are stipulated by Law No. 6698 a) Compliance with the law and the rules of honesty, b) Being accurate and up-to-date when necessary c) Being processed for specific, clear and legitimate purposes, d) Being linked, limited and proportionate to the purpose for which they are processed, e) In accordance with the basic principles of preservation for the period required by the relevant legislation or for the purpose for which they are processed; Law No. 6698;

 

Article 5/2 (a) “It is expressly permitted by any law”

Article 5/2 (c) “It is necessary to process the personal data of parties of a contract, provided that the processing is directly related to the execution or performance of the contract”

Article 5/2 (ç) “It is necessary for compliance with a legal obligation which the controller is subject to”

Article 5/2 (f) “It is necessary for the legitimate interests of the data controller, provided that the fundamental rights and freedoms of the data subject are not harmed” it will be processed for the following purposes:

 

Your collected personal data are stipulated by GDPR a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’); b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’); c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’); d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’); e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’); f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’) in accordance with the basic principles of preservation for the period required by the relevant legislation or for the purpose for which they are processed; GDPR;

 

Article 6/1 (b) “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;”

Article 6/1 (c) “processing is necessary for compliance with a legal obligation to which the controller is subject;”

Article 6/1 (d) “processing is necessary in order to protect the vital interests of the data subject or of another natural person;”

Article 6/1 (e) “processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;”

Article 6/1 (f) “rocessing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.” and it will be processed for the following purposes:

 

 

  1. Fulfilling our obligations under the contract with our customer,
  2. Carrying out the necessary work by our business departments  to benefit the data subject from the products and services offered and carrying out the relevant business processes,
  3. Planning and execution of the activities required for the promotion and recommending of the products and services offered to the data subject by customizing them according to the likes, usage habits and needs of the data subject, sending commercial messages,
  4. Carrying out the necessary work by our relevant business units for the realization of the commercial activities that are being carried out and carrying out the related business processes,
  5. Establishing contractual processes such as service and after-service support, execution and follow-up of all necessary transactions, execution of contract processes, planning and execution of operational processes,
  6. The operation and follow-up of all kinds of processes in order to fulfill the obligations regarding after-service support and to carry out an effective service process,
  7. Conducting accounting and financial transactions, including service-related invoicing activities, performing risk management,
  8. To be able to perform evaluation, analysis and risk management studies regarding customers within legal limits,
  9. Fulfilling the guaranty obligation, monitoring the processes of the products covered by the guaranty,
  10. Conducting customer relations and monitoring corporate governance activities,
  11. Improving and developing the services offered, determining and implementing commercial and business strategies,
  12. Maintaining business and operations, carrying out activities and procedures,
  13. Managing risk, ensuring business continuity, following up contract processes or legal requests,
  14. Planning information security processes, ensuring the security of our website, establishing and managing information technology infrastructure,
  15. Responding to the demands of customers, visitors and other people who convey their complaints and requests through different channels, including our website, identifying and resolving their problems and communicating with the data subject in these processes,
  16. Ensuring the legal and commercial security of people who are in business relations with the products and services offered,
  17. Planning and monitoring the work carried out with authorized dealers / service / manufacturers, business partners, dealers or suppliers,
  18. Follow-up and execution of legal processes and communication processes with official institutions,
  19. Resolving legal disputes that may arise in the future.

 

  1. Transfer of Your Personal Data

Your personal data can be transferred to public institutions (such as ministries and Presidency boards) within the scope of the purpose and limitations stipulated by the law, if requested in cases clearly stated in the laws.

Your personal data can be transferred to;

  1. In order to fulfill the legal obligation, authorized official institutions and organizations and persons authorized by law,
  2. To the relevant judicial authorities and authorized lawyers in order to carry out or follow up the judicial processes,
  3. To authorized service, professional consultants, accountants and auditors from which the Company provides services, for the development of business processes, execution of definition and marketing activities, risk management, planning of sales and after-sales support processes, fulfillment of contractual obligations
  4. To the private and public institutions, banks with which the Company has commercial, administrative or contractual relations within the scope of performance of contractual obligations, establishment of the right, fulfillment of legal obligations and legitimate interests.
  5. Shipping, motorcycle courier and logistics companies that provide transportation and distribution services in order to fulfill contractual obligations
  6. To Group companies in order to carry out our internal relations.

 

  1. Methods of Obtaining Personal Data

Although the methods of collecting personal data may vary depending on the service provided by DATA CONTROLLER and the commercial activities of DATA CONTROLLER, your personal data, with all contracts / information forms and other documents regarding transactions issued with your approval and / or signature; they can be collected with automatic or non-automatic methods, via website, social media channels, mobile applications and similar means. It can be verbal, written or electronic.

 

Your Rights as a Data Subject listed in Article 11 of Law No. 6698

The rights of real persons, whose personal data are processed in accordance with Article 11 of Law No. 6698 are as follows;

  1. Learning whether personal data is processed,
  2. If personal data has been processed, to request information regarding this,
  3. Learning the purpose of processing personal data and whether they are used appropriately for theirpurpose,
  4. To learn whether personal data are transferred domestically or abroad, and to know the third parties towhom it is transferred,
  5. To request correction of personal data in case of incomplete or incorrect processing and to requestnotification to be made about the correction to third parties to whom personal data have beentransferred,
  6. Although it has been processed in accordance with the provisions of Law No. 6698 and other relevantlaws, to request the deletion or destruction of personal data in the event that the reasons requiring itsprocessing disappear, and to request notification to be made within this scope to third parties to whompersonal data have been transferred,
  7. Object to the occurrence of a result that is disadvantageous of analyzing the processed data exclusively through automated systems,
  8. To request the compensation of the damage due to unlawful processing of personal data

 

Your Rights as a Data Subject listed in related Articles of GDPR

 

Under certain circumstances, you have the following rights under data protection laws in relation to your personal data:

 

  1. Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  2. Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  3. Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  4. Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  5. Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
  • If you want us to establish the data’s accuracy.
  • Where our use of the data is unlawful but you do not want us to erase it.
  • Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
  • You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  1. Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

 

If you wish to exercise any of the rights set out above, please contact the personal data supervisor.

You can transmit your application for your rights listed above, with your request which contains the necessary

information identifying your identity and your explanations about your right to use the rights specified in Article

11 of Law No.6698 and the related Articles of the GDPR with following methods: You can fill in the Data Subject Application Form at ; www.welderwatch.com and send a signed copy of the form to Maslak Mah. Buyukdere Cad. Noramin Is Merkezi No:237 D Kat:B2 Sariyer – Istanbul / TURKEY by hand with documents identifying you, you can send it via notary or other methods specified in the Law No. 6698 and GDPR.

 

We declare in the capacity of “Data Controller” within the scope of Law No. 6698 and GDPR.

Regards,

SAAT VE SAAT MAGAZACILIK A.S. “www.welderwatch.com”

Adress: Maslak Mah. Buyukdere Cad. Noramin Is Merkezi No:237 D Kat:B2 Sariyer – Istanbul / TURKEY

E-mail: info@welderwatch.com