Dear Employees,
We would like to make a small statement about our Personal Data Security Management System work.
We attach great importance to data security. We have shared our Information Security Policy with our customers, employees, business partners, suppliers, visitors and society here.
Information on the Law on Protection of Personal Data No. 6698
AssemCorp Electronics Inc. We would like to inform you about the Protection of Personal Data Law (KVKK) No. 6698, which regulates the obligations of natural and legal persons processing personal data and the procedures and principles they will comply with, in the processing of personal data. Data Supervisor AssemCorp Elektronik A.Ş. (Company) within the scope described below.
In Which Situations and For What Purposes Can Your Personal Data Be Processed?
According to the conditions in Article 5 of the Law on the Protection of Personal Data No. 6698, as a rule, personal data cannot be processed without the explicit consent of the person concerned. However, in the presence of one of the following conditions, it is possible to process personal data without seeking the explicit consent of the data subject:
- Explicitly stipulated in laws.
- The person who is unable to express his consent due to actual impossibility or whose consent is not given legal validity is compulsory for the protection of himself or someone else's life or physical integrity.
- It is necessary to process the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract.
- It is mandatory for the data controller to fulfill its legal obligation.
- The person concerned has been made public by himself.
- Data processing is mandatory for the establishment, exercise or protection of a right.
- Data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.
According to Article 6 of the Personal Data Protection Law, the processing of sensitive personal data without the explicit consent of the person concerned is prohibited. Personal data of special nature: Data about the race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, disguise and dress, membership to associations, foundations or trade unions, health, sexual life, criminal convictions and security measures, and biometric data. and genetic data are special categories of personal data.
However, special categories of personal data other than the above-mentioned health and sexual life may also be processed without seeking the explicit consent of the person concerned, in cases stipulated by the laws. Personal data related to health and sexual life are only for the purpose of protecting public health, performing preventive medicine, medical diagnosis, treatment and care services, planning and managing health services and financing, by persons or authorized institutions and organizations under the obligation of secrecy without seeking the explicit consent of the person concerned. can be processed.
Disclosure Text for Employees
In the processing of special categories of personal data, it is also obligatory to take adequate measures determined by the Board.
Your personal data may be processed by our company for the following purposes according to the personal data processing conditions stated above:
Your Personal Data will be Processed by Our Company for the Following Purposes;
- Ensuring the legal and commercial security of people who have a business relationship with our company; determining and implementing our company and business strategies,
- Execution of our company's occupational health and safety studies and fulfillment of our legal obligations: Establishing emergency lists and conducting emergency operations, Creating emergency analysis reports, performing occupational accident examinations, Conducting employment examination, Execution of processes related to obtaining a health report from the workplace doctor If you give your consent, to make position changes according to your determined health status and to provide you with job positions that are suitable for your health,
- Execution of our company's human resources policies,
- Developing performance management systems in line with the purposes stated in the employment contracts with our company,
- After the termination of your business relationship with our company, improving our human resources processes through exit interview forms that you will fill in depending on your preference,
- Making domestic and international assignments when necessary,
- Creating your personal rights files,
- Collection of causes of sickness reports,
- Managing the power of attorney and signature circular processes to be carried out within the scope of assignment with representation inside and outside our company,
- If you give your consent, to carry out the processes related to the processing of your photos and images for the purpose of event management, in-house training, promotion and corporate communication activities, to make social media sharing,
- Carrying out life insurance and health insurance operations, if you give your consent,
- Managing personal advance and loan processes,
To Whom Your Processed Personal Data Can Be Transferred And For What Purpose?
According to Article 8 of KVK Law No. 6698 with the title of transferring personal data, personal data cannot be transferred without the explicit consent of the person concerned.
Personal data; In cases where personal data can be processed without the explicit consent of the owner, it may also be transferred to third parties without seeking explicit consent. Likewise, provided that adequate precautions are taken, sensitive personal data other than health and sexual life may be transferred without seeking the explicit consent of the person concerned, in cases stipulated by the laws. Personal data related to health and sexual life are only for the purpose of protecting public health, performing preventive medicine, medical diagnosis, treatment and care services, planning and managing health services and financing, by persons or authorized institutions and organizations under the obligation of secrecy without seeking the explicit consent of the person concerned. transferable.
Provisions in other laws regarding the transfer of personal data are reserved.
According to Article 9 of the KVKK, which is entitled to transfer personal data abroad, as a rule, personal data cannot be transferred abroad without the explicit consent of the person concerned. However, personal data may also be transferred to third parties in cases where personal data can be processed without seeking their explicit consent. Likewise, provided that adequate precautions are taken, sensitive personal data other than health and sexual life may be transferred abroad without seeking the explicit consent of the person concerned, in cases stipulated by the laws. Personal data related to health and sexual life are only for the purpose of protecting public health, performing preventive medicine, medical diagnosis, treatment and care services, planning and managing health services and financing, by persons or authorized institutions and organizations under the obligation of secrecy without seeking the explicit consent of the person concerned. can be transferred abroad. In order to transfer sensitive personal data abroad, it can also be transferred abroad without the explicit consent of the person concerned, provided that there is sufficient protection, that the data controllers in Turkey and in the relevant foreign country undertake an adequate protection in writing in the absence of sufficient protection, and that the permission of the Board is available.
Countries with adequate protection are determined and announced by the Board.
Provisions in other laws regarding the transfer of personal data abroad are reserved. Your personal data processed in accordance with the regulations mentioned above;
Your personal data may be processed for the purposes of maintaining and developing effective employee management, fulfilling contractual obligations, evaluating employee performance, and ensuring job security, in line with the purposes set out in your employment contract.
Personal Data Collection Method and Legal Reason
Your personal data is collected partially or completely automatically or as a part of any recording system through printed media, electronic media, software, CD, DVD, USB, photocopy, printer, video, camera, phone, tablet, web page. These personal data are in accordance with the Labor Law, Occupational Health and Safety legislation, Regulation of Publications on the Internet and Fighting Against Crimes Committed Through These Publications, in accordance with the Law No. 6563 on the Regulation of Electronic Commerce, in accordance with the Turkish Commercial Code, Tax Procedure Law, Turkish Obligations It is collected pursuant to other relevant legislation such as the Turkish Penal Code, the Social Insurance and General Health Insurance Law, and the Law on the Protection of Personal Data No. 6698. Your personal data, for the performance of a contract, if required by law; It is collected and processed for the purpose of fulfilling a legal obligation, for the legitimate interest of the data controller or for different legal legal reasons.
Transfer of Personal Data
If requested, your personal data may be sent to law enforcement, courts, public legal entities such as the Personal Data Protection Authority, Ministry of Finance, Ministry of Customs and Trade, Ministry of Labor and Social Security, Information Technologies and Communication Authority, Ministry of Finance, It can be transferred to public legal entities such as the Ministry of Customs and Trade, the Ministry of Labor and Social Security, Information Technologies and Communications Authority.
AssemCorp Electronics Inc. Our Obligations Regarding Personal Data Security;
It has to take all necessary technical and administrative measures to prevent the unlawful processing of personal data, to prevent unlawful access to personal data, to ensure the preservation of personal data, and to ensure the appropriate level of security. In the event that personal data is processed by another real or legal person on his behalf, the data controller is jointly responsible with these persons for taking the measures specified in the first paragraph. The data controller is obliged to carry out or have the necessary audits carried out in his own institution or organization in order to ensure the implementation of the provisions of this law. Data controllers and data processors cannot disclose the personal data they have learned to others in violation of the provisions of this Law and cannot use them for purposes other than processing. This obligation continues even after they leave office. In case the processed personal data is obtained by others illegally, the data controller shall notify the relevant person and the Board as soon as possible. If necessary, the Board may announce this situation on its own website or by any other method it deems appropriate.
What are the Rights of Personal Data Owners (Relevant Person) Pursuant to Article 11 of the Law No. 6698?
- Learning whether personal data about them is processed or not,
- Requesting information on personal data if it has been processed,
- To learn the purpose of processing personal data and whether they are used in accordance with the purpose,
- Knowing the third parties to whom personal data is transferred in the country or abroad,
- Requesting correction of personal data in case of incomplete or incorrect processing and requesting notification of the transaction made within this scope to the third parties to whom the personal data has been transferred,
- Requesting the deletion or destruction of personal data in the event that the reasons requiring its processing cease to exist despite the fact that it has been processed in accordance with the provisions of the law and other relevant laws, and requesting the notification of the transaction made within this scope to the third parties to whom the personal data has been transferred,
- He has the right to object to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems and to demand the compensation of the damage in case the personal data is damaged due to unlawful processing.
Communication with the Person Related to the Scope of the Law on Protection of Personal Data No. 6698
Requests regarding the exercise of the aforementioned rights can be submitted by the personal data owners, the relevant persons, through the methods specified in the legislation on the Processing and Protection of Personal Data under the Law No. 6698 at the address www.assemcorp.com/kvkk. AssemCorp Electronics Inc. will evaluate the requests of the relevant persons and conclude them within 30 days.
Exercising the Right to Apply
You can contact us via the contact information on our KVKK page for all your questions and comments regarding the use of personal data within the scope of the law. With the explanations we made above, we have informed you and fulfilled our Lighting Obligation. As a Data Controller, you will be responded to as soon as possible or within legal time limits, pursuant to the Law on Protection of Personal Data No. 6698.
Identity and Full Address of the Data Controller you will apply to
Data Controller: AssemCorp Elektronik A.Ş.
Our address: ŞERİFALİ MAHALLESİ MIRAS SOKAK NO:25/ UMRANİYE İSTANBUL
E-Mail:
KEP:
Contact link: www.assemcorp.com