(PROCESSING AND PROTECTION OF PERSONAL DATA)
SCOPE AND PURPOSE
This Policy aims to determine and declare the conditions TDT has to comply with when processing the personal data obtained by TDT Aviation Maintenance and Trade Inc. (TDT) and its staff and obtained directly or indirectly from legal, commercial or financial relations with natural or legal persons, under the GDPR Law Nr. 6698 and the GDPR Policy Book.
As part of the GDPR (Personal Data Protection Law) Nr. 6698, which entered into force on 07.04.2016, the personal data processed by natural and legal persons who communicate and interact with TDT, in addition to TDT employees, should be legally regulated due to the requirements imposed by the legislation. TDT has a high level of care and attention to the personal data security and confidentiality principles of its personnel and the persons communicated and interacted. Personal data security is prioritized during the fulfillment of the services.
Any personal data (including special personal data) that can be related to the natural person according to the provisions of the aforementioned law are considered as personal data within the scope of the GDPR Law. These personal data are processed by TDT as Data Specialist in the framework of the methods detailed below and within the limits prescribed by the legislation.
“Processing of Personal Data” refers to any kind of operation carried out on the data such as classification, or prevention of its use, the acquisition by means of non-automated means, registry, storage, retention, modification, reorganization, disclosure, transfer, takeover and retrieval of the data, whether fully or partially automated or as part of any data recording system.
PERSONAL DATA PROCESSING PURPOSE AND LEGAL BASIS
According to the legislation, personal data may be automatically or non-automatically obtained by TDT electronically or physically in text or speech format through registration to the platform, telephone, fax, e-mail, SMS and other social media channels, mobile applications, including voice and video recording. According to the 5th article of the GDPR Law Nr. 6698, when there is:
In the framework of Article 5 of Law No. 6698 on the Protection of Personal Data
- Open consent of the data owner,
- Clearly envisaged in the law,
- Compulsory situation where the person cannot explain his consent due to physical impossibility or whose consent is not legally valid shall be for the protection of himself or someone else's life or body integrity,
- Where it is necessary to process personal data of the parties to the contract, provided that it is directly related to the establishment or execution of the contract approved and/or signed with TDT,
- Where it is necessary for TDT to fulfill its legal obligations,
- Where it is already publicized by the concerning person,
- Where it is necessary to process the data to establish, use or protect a right,
- Provided that no damage is given to the fundamental rights and freedoms of the person concerned where data processing data is necessary for the legitimate interests of the TDT.
And according to the 6th article;
- Open consent of the data owner,
- Other provisions stipulated by law, mentioned personal data is processed according to the requirements and purposes of data processing.
SHARING AND TRANSFER OF THE PERSONAL DATA
Personal data belonging to the concerning person; is subject to be shared with the domestic/foreign partners, commercial partners, legal and economic partners, project partners, program and cooperation partners, procurement company, taking necessary electronic and physical security measures by institutions and organizations, independent auditor institutions, banks and financial institutions, consultancy firms such as lawyers, financial advisors, law, informatics, quality and finance consultants by TDT, where the data sharing is deemed necessary by the official institutions and organizations, as a requirement of the activities and responsibility of the TDT legislation, providing necessary electronic and physical security measures are taken. Is subject to be transferred. These sharing and transfer procedures are valid for abroad, too.
TDT, can transfer, process and store the personal data of the person concerned, in storages located in Turkey or abroad, mainly EU countries, the United States, Britain and other countries, in servers from where archiving, information technology support is received, at hosting companies, software, cloud computing, etc., by taking the necessary security measures
METHODS OF COLLECTING PERSONAL DATA
Personal data of the person concerned; is collected as part of any data recording system which is completely or partially automatic from all contracts/information forms and other documents signed by the approval and/or acceptance, approval, acceptance and notification by electronic approval and/or signature, the administrative center of the TDT, physical environments, call centers, internet sites, mobile applications, internet operations, social media and other public areas, user interviews, forensic records scanning, market research, identity sharing system, SMS, digital applications made to web sites, mobile applications, written/digital applications made to sales teams, call center methods, in form of verbal, written, video, audio recording or electronic media that can be contacted or communicated in the future is stored in accordance with the relevant legislation, taking into account the prescription periods.
Personal data collected by the TDT for the above-mentioned legal reasons may be processed or transferred for the purposes of this policy, according to the personal data processing requirements set out in Articles 5 and 6 of the Law Nr. 6698 on the Protection of Personal Data.
USER RIGHTS (ACCORDING TO THE 11TH ARTICLE OF THE GDPR LAW NO. 6698)
Concerning his/her personal data, related person has following rights via given e-mail of The TDT:
- To learn if the data is processed,
- To demand information if the data is processed,
- To learn the purpose of processing and whether it is usage fits the purpose
- To learn the 3rd persons the data is transferred domestically or abroad,
- To ask the data to be corrected if it is processed as missing/wrong,
- To request the deletion, destruction or anonymization of the personal data if the reasons for the processing of personal data are eliminated,
- To request to be notified of transactions made in accordance with the above mentioned articles (5) and (6) against the 3rd person data is transferred,
- To make objection to the emergence of a result because it is exclusively analyzed by automatic systems,
- To claim the loss in case of loss due to unlawful processing,
and the other rights given by legislation.
APPLICABLE DATA RESPONSIBLE UNDER THE LAW
TDT Data Responsible is the person registered at www.kvkk.gov.tr under the VERBIS system.
The related person can submit his requests, complaints and suggestions under the above mentioned rights to the below mentioned address of the TDT either personally or through the notary public or by e-mail pointing out the email address submitted by the user during the opening of the account and registered on the website.
Name, surname, Turkish identity number, place of residence or place of business, mobile phone number, e-mail address and the subject of the request must be presented in the application and information as well as documents related to the request must be added to the application.
The official language is Turkish when corresponding with the TDT. For this reason, it is essential that all kinds of applications, correspondences, complaints and suggestions to be written in Turkish.
If the application is submitted in writing and physically, the signature must be wet signed.
As a rule, answers to requests, problems, suggestions and complaints are not charged. However, if there is a cost, fee or other cost related to the answer to be given, TDT reserves the right to demand the fees in the tariffs determined by the GDPR Regulations or other authorities. For more detailed information or for any problems, requests, suggestions and complaints regarding the GDPR Policy, please contact us at firstname.lastname@example.org
It is also possible to obtain The GDPR Policy book from TDT.
FOR YOUR PHYSICAL AND WRITTEN APPLICATIONS:
TTDT Havacılık Bakım ve Tic. A.Ş.
Güzeloba Neighborhood, Rauf Denktaş Avenue, 2209 Street, No: 24/101