Personal Data Policy
General Information about the Personal Data Protection Law
The Personal Data Protection Law No. 6698 (hereinafter referred to as the "PDPL") was accepted on March 24, 2016, and published in the Official Gazette No. 29677 on April 7, 2016. A portion of the PDPL entered into force on the publication date, and the remainder came into force on October 7, 2016.
Information as the Data Controller
Under the PDPL, as the Data Controller, your personal data will be recorded, stored, updated, and processed in accordance with the provisions set forth in this document. It may be disclosed or transferred to third parties, classified, and processed in other ways as permitted by applicable laws.
How Your Personal Data May Be Processed
Under the PDPL, the personal data you share with us may be processed by us in whole or in part, automatically or manually, as part of any data recording system, by being recorded, stored, modified, reorganized, or otherwise processed in any manner. All such processes are considered "personal data processing" under the PDPL.
Purposes and Legal Grounds for Processing Your Personal Data
The personal data you share with us may be processed for the following purposes:
- To fulfill the requirements of the services we provide to our customers in accordance with the contract and technology, and to improve the products and services offered.
- To identify the customer's information as required by the Law No. 6563 on Regulation of Electronic Commerce, the Consumer Protection Law No. 6502, and other related regulations, and to store necessary information such as identity, address, and other required details.
- To organize records and documents for payment systems, electronic contracts, and paper-based processes in banking and electronic payment areas, and to comply with legal obligations regarding information storage, reporting, and notifications.
- To provide information to authorities such as prosecutors, courts, and public officials in cases related to public safety and legal disputes, upon request or as required by law.
- Your personal data will be processed in accordance with the PDPL and other applicable regulations.
Third Parties and Organizations to Whom Your Personal Data May Be Transferred
For the purposes stated above, your personal data may be transferred to third parties and organizations, including, but not limited to, IdeaSoft Software Inc. (the provider of our e-commerce infrastructure), suppliers, cargo companies, and other entities related to the services we offer. This may include service providers or program partners, domestic and international organizations, and other third parties acting as data processors.
Methods of Collecting Your Personal Data
Your personal data may be collected through various means such as:
- Forms on our website and mobile applications, including your name, surname, identity number, address, phone, business or personal email address, and other preferences.
- Data collected from your IP addresses, cookies, and browsing details via our website.
- Data shared through sales and marketing channels, such as employees, suppliers, branches, other sales channels, physical forms, business cards, digital marketing, or call center interactions.
- Information from resumes, business cards, or through other means by individuals who share their personal data for purposes such as establishing a commercial relationship or job applications.
- Personal data may also be obtained from public databases, surveys, contests, campaigns, and social media.
Personal Data Collected Before the PDPL Came Into Effect
Personal data obtained before the entry into force of the PDPL on April 7, 2016, through legal means such as membership, electronic communication consent, product or service purchases, etc., will continue to be processed and stored in compliance with the provisions set forth in this document.
Transfer of Personal Data Abroad
Personal data collected in Turkey or abroad, as outlined above, may be transferred to service providers and other third parties located in countries that have been deemed to provide adequate protection for personal data under the PDPL and relevant regulations, if necessary and in accordance with the purposes of the contract.
Storage and Protection of Personal Data
Your personal data will be stored confidentially within our databases and systems in accordance with Article 12 of the PDPL. It will not be shared with third parties, except in cases required by legal obligations or as specified in this document. We are required to take technical and physical security measures to prevent unauthorized access or illegal processing of personal data. If we learn that personal data has been obtained through illegal means, we will report it to the Personal Data Protection Authority.
Ensuring Accuracy and Up-to-Date Information
Under Article 4 of the PDPL, our company is required to maintain your personal data accurately and up-to-date. Therefore, it is necessary for customers to provide or update accurate and current information to enable us to fulfill our legal obligations.
Rights of the Data Subject Under the PDPL
Under Article 11 of the PDPL, which came into force on October 7, 2016, the data subject has the following rights:
- To learn whether their personal data is being processed,
- To request information about the processing of their personal data,
- To learn the purpose of processing their personal data and whether it is being used appropriately,
- To learn about the third parties to whom their personal data is transferred, domestically or abroad,
- To request correction of inaccurate or incomplete personal data,
- To request deletion or destruction of their personal data, in accordance with the conditions specified in Article 7 of the PDPL,
- To request that corrections, deletions, or destructions of personal data be communicated to third parties to whom the data has been transferred,
- To object to the outcome of processing based solely on automated systems,
- To request compensation for any damage caused by the unlawful processing of personal data.
Kamataş İnşaat Malzemeleri Sanayi ve Ticaret Limited Şirketi, which is registered with the [..........] Chamber of Commerce under the registry number [..........], and MERSIS number [..........], located at İnönü Mah. 677 Sk. No:2/A Buca/ İzmir, is the Data Controller within the scope of the PDPL. The Data Controller Representative will be announced in the Data Controllers Registry and on the website once the legal infrastructure is established.
For inquiries, requests, or feedback, data subjects can contact us through the following channels:
Email: info@kamatas.com
Phone: +90 541 726 40 55