PERSONAL DATA PROTECTION DISCLOSURE TEXT
DATA CONTROLLER AND REPRESENTATIVE
Pursuant to Law No. 6698 on the Protection of Personal Data (“KVKK”), your personal data may be processed by cerrus.io as the data controller within the scope described below.
DEFINITION OF PERSONAL DATA
Personal data refers to any information relating to an identified or identifiable natural person as defined in Article 3 of the KVKK.
FOR WHICH PURPOSE PERSONAL DATA WILL BE PROCESSED
Your personal data is processed based on one or more of the personal data processing conditions specified in Article 5 of the KVKK, in accordance with the personal data processing principles specified in Article 4 of the KVKK. In all personal data processing activities carried out by the Data Controller, the obligations required by all relevant legislation, especially the KVKK, are also acted in accordance with.
The purposes of processing your personal data are to carry out the necessary work by our business units in order to benefit you from the services offered by the Data Controller within the scope of the personal data processing conditions and purposes specified in Articles 5 and 6 of the KVKK; customizing the services offered to you according to your tastes, usage habits and needs and recommending them to you; ensuring the legal and commercial security of the persons who have a business relationship with the Data Controller and determining and implementing commercial and business strategies.
Your personal data is processed by the Company in relation to the following issues:
- Updating the information transmitted to us and confirming its accuracy,
- Planning and execution of business activities and operational processes,
- Ensuring that company activities are carried out in accordance with company procedures or relevant legislation,
- Ensuring the proper performance of the obligations under the contractual relationship,
- Follow-up of contractual processes or legal claims,
- Conducting and executing customer relations,
- Planning and execution of corporate sustainability, corporate governance, strategic planning and information security processes,
- Sales, marketing and promotion of products and services and market research,
- Finance and accounting,
- Recording camera images at the location of our Company for security reasons and/or within the scope of our obligations arising from the law.
You can find detailed information about the purposes of processing your personal data by the Data Controller in the policies on the protection and processing of personal data shared on the “cerrus.io” website.
TO WHOM AND FOR WHAT PURPOSE THE PROCESSED PERSONAL DATA MAY BE TRANSFERRED
Your personal data collected, for the purposes described in Article 3 of this Clarification Text, provided that the necessary security measures are taken, for the purposes described in Article 3 of this Clarification Text, to official authorities, judicial authorities and regulatory and supervisory institutions, as well as to our subsidiaries and affiliates, business partners, investors, performance assistants and suppliers, shareholders, legally authorized public institutions and private persons within the framework of the personal data protection and processing policies shared by the Data Controller on the “cerrus.io” website and the personal data protection and processing policies specified in Articles 5 and 6 of the KVK Law. and 6 of the KVK Law, within the framework of the personal data processing conditions and purposes specified in Articles 5 and 6 of the KVK Law, limited to the personal data protection and processing policies shared by the Data Controller on the “cerrus.io” website and the purposes specified in this Clarification Text. In addition, your personal data may also be transferred abroad, provided that the necessary security measures are taken and limited to the purposes written in this Clarification Text.
METHOD AND LEGAL REASON FOR COLLECTING PERSONAL DATA
Your personal data are collected verbally, in writing or electronically, including, but not limited to, information sent to our Company’s e-mail address, information communicated directly to the department verbally or in writing, website, electronic mail, mobile communication, mobile applications, application and membership forms, various contracts and verbally, in writing or electronically for legal reasons to achieve the purposes specified in Article 3 of this Clarification Text.
RIGHTS OF PERSONAL DATA OWNERS
Pursuant to Article 11 of the KVK Law, the person whose personal data is processed may apply to cerrus.io and make requests regarding the following issues:
- To learn whether his/her personal data is being processed or not,
- Request information if their personal data has been processed,
- To learn the purpose of processing personal data and whether they are used in accordance with their purpose,
- To learn the third parties to whom personal data are transferred domestically or abroad,
- To request correction of personal data in case of incomplete or incorrect processing and to request notification of the transaction made within this scope to third parties to whom personal data is transferred,
- To request the deletion, destruction or anonymization of personal data in the event that the reasons requiring the processing of personal data disappear and to request notification of the transaction made within this scope to third parties to whom personal data is transferred,
- To object to the occurrence of a result to the detriment of the data subject by analyzing the processed data exclusively through automated systems,
- In the event that personal data is damaged due to unlawful processing of personal data, to demand the compensation of the damage.
Requests arising from the KVK Law will be made through the “Personal Data Owner Application Form”. In accordance with Article 13 of the KVK Law, application requests will be finalized free of charge within 30 (thirty) days at the latest, depending on the nature of the request. If the request is rejected, the reason(s) for rejection shall be justified in writing or electronically.
In order to exercise your rights mentioned above, your request containing the necessary information identifying your identity and your explanations regarding the right you request to exercise among the rights specified in Article 11 of the KVK Law; By filling out the Personal Data Owner Application Form at “cerrus.io”, send a signed copy of the form to 5130 Sokak No: 19 D: 1
Peker Mah. Karabağlar/İzmir by hand, through a notary public or with a secure electronic signature to “hello[at]cerrus.io” address or you can send it by other methods to be stipulated by the Personal Data Protection Board in accordance with Article 13 of the KVK Law.
The applications must include name, surname and signature if the application is in writing, Turkish ID number for citizens of the Republic of Turkey, nationality, passport number/ID number for foreigners, residential or workplace address for notification, e-mail address for notification, telephone or fax number and the subject of the request.
In the application that you have as a personal data owner and that you will make in order to exercise your rights mentioned above and that includes your explanations regarding the right you request to exercise; the matter you request must be clear and understandable, the subject you request must be related to your person or if you are acting on behalf of someone else, you must be specifically authorized in this regard and document your authority, the application must contain identity and address information and documents certifying your identity must be attached to the application.
Cookies may be used in the Application to improve your user experience by identifying your interests and to personalize the services offered to you through the Application. Cookies are small files left on the hard disk of your devices. These files facilitate navigation and make the service much more comfortable to use.
The Data Controller takes all necessary technical and administrative measures to ensure the appropriate level of security in order to prevent unlawful processing of personal data, to prevent unlawful access to personal data, and to ensure the protection of personal data.
It applies technical and organizational security measures in order to protect your managed personal data so that they cannot be manipulated, lost, damaged and used by unauthorized persons. Our security measures are in constant development with technological advances. It takes all necessary technical and administrative measures to ensure the appropriate level of security in order to prevent unlawful processing of personal data, to prevent unlawful access to personal data, and to ensure the protection of personal data.