GDPR

SHELLIX
CLARIFICATION TEXT ON PROTECTION OF
PERSONAL DATA

MEMBER

This clarification text is valid for the relevant person marked below.

People Who Use Services or Products

 

MEMBER

               X

FACILITY/ WORKPLACE VISITOR

 

STAFF CANDIDATE

 

PURPOSE AND SCOPE OF THE CLARIFICATION TEXT

Your personal data in SHELLIX is processed and protected by Shellix
Smart Solutions A.Ş (hereinafter also referred to as the “Company” or
“Shellix”) as the data controller, within the protection of Global Data
Protection Regulation (hereinafter also referred as “GDPR” or “Law”). Your
personal data is processed in accordance with the reasons, purposes and
methods explained below within the scope of GDPR and relevant legal
legislation.
This clarification text has been prepared for people who send
messages to the Company from the ‘contact us’ tab in the
SHELLIX application.

SUBJECT OF THE CLARIFICATION TEXT

Clarification Text on the Processing of Personal Data at Shellix is prepared to inform you in the most transparent way about your rights pursuant to the article titled “Informing Obligation of the Data Controller” in the GDPR: the identity of the data controller, the method and legal reason for the collection of your personal data, the purpose for which this data will be processed, to whom for what purpose it can be transferred, and in the GDPR. Please visit Shellix’s corporate headquarters to get more detailed information on related topics.

PURPOSE OF PROCESSING YOUR DATA, AND WITH WHOM AND FOR WHAT PURPOSES IT IS SHARED

TRANSFER TO ABROAD

By our company, due to its commercial activities; The legislation that our company is subject to (Technology Development Zones Law, Technology Development Zones Implementation Regulation, Turkish Code of Obligations, Turkish Commercial Code, Law on Consumer Protection, Labor Law, Global Data Protection Regulation, Revenue Administration and other relevant institutions’ regulations) and contracts we are part of; your verbal, written or electronic personal data is collected and

processed. Your personal data will be used for the purposes listed below.

Our company accepts, declares and undertakes that the company will not use your personal data other than the above activities and purposes, and will not share it with third parties other than legal obligations, situations required by official institutions and what is stated in this clarification text.

Our company can share your personal data in the following cases; It can be shared with our company’s business partners (you can learn more about Shellix’s Businesses at www.shellix.com) and its affiliates, with the express consent of the MEMBERS or within the scope of the legislation that we are responsible for.

Personal data regarding the transaction listed in this clarification text are not transferred to Foreign Countries.

     
  

YOUR PROCESSED PERSONAL DATA

PURPOSE OF PROCESSING

METHOD OF DATA COLLECTION

LEGAL REASON

•    ID INFORMATION: Name – Surname

Purpose of Processing: Execution of Company / Product / Services Loyalty Processes, Execution of Customer Relationship Management Processes, Execution of Marketing Analysis Studies,

Data Collection Method: Your information is collected through electronic forms.

Legal Reason for Processing Your Data: GDPR. art. 6/1 (f): Legitimate interest,

•    CONTACT INFORMATION: E-mail address

Purpose of Processing: Execution of Company / Product / Services Loyalty Processes, Execution of Customer Relationship Management Processes, Execution of Marketing Analysis Studies,

Data Collection Method: Your information is collected through electronic forms.

Legal Reason for Processing Your Data: GDPR. art. 6/1 (f): Legitimate interest,

•    CUSTOMER TRANSACTION INFORMATION: Subject of

Message

Purpose of Processing: Execution of Company / Product / Services Loyalty Processes, Execution of Customer Relationship Management Processes, Execution of Marketing Analysis Studies,

Data Collection Method: Your information is collected through electronic forms.

Legal Reason for Processing Your Data: GDPR. art. 6/1 (f): Legitimate interest,

  • VISUAL AND AUDIO RECORD INFORMATION: Profile photo

Purpose of Processing: Company / Product / Services Loyalty Processes

Execution, Execution of Customer Relationship Management Processes, Marketing

Conducting Analysis Studies,

Data Collection Method: Your information via electronic forms

is being collected.

Legal Reason for Processing Your Data: As stated in Article 5 of KVKK

Making the person public (art. 5 paragraph 2),

  •  TRADING SECURITY INFORMATION: Password

Purpose of Processing: Execution of Information Security Processes, Access Authorizations

Execution, access to the application

Data Collection Method: Your information via electronic forms

is being collected.

Legal Reason for Processing Your Data: As stated in Article 5 of GDPR

6698 SK. art. 5/2 (c): Establishment or performance of the Contract,

Legal Reason for Processing Your Data: SK 6698. art. 5/2 (f): Legitimate interest,

  

YOUR RIGHTS UNDER GDPR

Regarding your personal data, GDPR art. 11 and the relevant legislation below

You have the following rights:

a. Learning whether personal data is processed or not,

b. If personal data has been processed, requesting information about it,

c. The purpose of processing personal data and whether they are used in accordance with their purpose

learning not to use

D. Knowing the third parties to whom personal data is transferred at home or abroad,

to. In case of incomplete or incorrect processing of personal data, their

request rectification and the process carried out in this context, where personal data is transferred

requesting notification to third parties,

f. It has been processed in accordance with the provisions of the KVK Law and other relevant laws.

Despite the fact that the reasons requiring its processing disappear, personal

requesting the deletion or destruction of data and the action taken within this scope

requesting the notification of third parties to whom personal data has been transferred,

g. Analysis of processed data exclusively through automated systems

In the event that a result against the person arises by means of

do not object,

h. Damage due to unlawful processing of personal data

to demand compensation for the damage.

I. Deletion / destruction within the framework of the conditions stipulated in Article 7 of the KVKK

do not want to,

You can always exercise your above-mentioned rights with us at our KEP address given below.

or by using the physical mail to our address. These addresses

Submissions made outside of it will not be considered.

MEASURES TAKEN BY US TO PROTECT PERSONAL DATA

As Shellix, we protect your personal data by taking all possible precautions. As the company, the protection of your personal data is an important issue for our corporate identity. In this regard, our company takes the necessary technical and administrative measures to protect your personal data in a secure environment, against unauthorized access or loss, misuse, disclosure, modification or destruction of this information.

Our company undertakes that it will take the necessary measures in case of any data breach or company thinks that it has occurred, and immediately notify you and the Personal Data Protection Board about this situation.

ABOUT

Those who share their personal data with our company know,

CURRENTNESS AND ACCURACY OF PERSONAL DATA

accept, and declare that the correctness and up-to-date preservation of this information is important both in terms of their rights over their personal data in the scope of the GDPR and other relevant legislation, and that they will be entirely responsible for their liabilities caused by providing false information.

DELETION, DESTRUCTION OR ANONYMIZATION OF PERSONAL DATA

Your personal data, limited to the purposes specified in this Clarification Text; will be processed in accordance with the data processing and timeout periods in all relevant laws and other legal regulations to which our company and its headquarters and units are subject to. In case of changes in the laws regarding data processing periods, the new determined periods will be taken as basis.

Your personal data, as a requirement of the purpose limitation principle, fulfilling the purposes described in this Clarification Text, GDPR and in any case, is processed for a limited period of time that requires it to be processed in accordance with the practices of the Company and the practices of its commercial life, and after the expiry of the deadlines, it is deleted, destroyed or anonymized.

IDENTITY OF DATA CONTROLLER

Shellix Smart Solutions A.Ş.

Address: Kötekli St. Denizli Yolu Blv. No:4B/28 Muğla Teknopark

– Menteşe / MUĞLA / TURKEY

Phone: +90 252 358 77 57

APPLICATION TO DATA CONTROLLER

In order to use your above-mentioned rights and to send your complaints and suggestions to us:

•    By sending documents to confirm your identity to the company headquarters,

•    As the relevant person, you can send it to the e-mail address previously mentioned and registered in our system [email protected]

Pursuant to the Communiqué on the Procedures and Principles of Application to the Data Controller, the name, surname, if the application is written, the signature of the Relevant Person in the application, identification number, (passport number if the applicant is a foreigner), residence or workplace address for notification, e-mail address, telephone number and fax number for notification, if any, and information on the subject of the request are compulsory to be included.

The subject requested must be clearly and comprehensibly stated in the application, which includes explanations regarding the right that the Relevant Person will use and request to use from the above-mentioned rights.

Information and documents related to the application must be attached to the application.

Although the subject of the request is required to be related to the person who applies, if there is an acting on behalf of someone else, the applicant must be specifically authorized in this regard and this authority must be documented (special power of attorney). In addition, the application must contain identity and address information, and documents confirming identity must be attached to the application.

Requests made by unauthorized third parties on behalf of someone else will not be considered.

Scroll to Top