GDPR

USAGE AGREEMENT

If any of the terms stated on this page are unsuitable for you, please do not use https://patikaglobal.com/ website. Using this website and completing the forms with your personal data means you beforehand accept the terms written on this page.

https://patikaglobal.com/ reserves the right to change the below mentioned general and private conditions at any time. When you visithttps://patikaglobal.com/, reviewing this page is important to see any changes in the membership and usage conditions.

 

Our company clarified Personal Data Owners when the personal data is processed according to provision 10 of Protection of Personal Data Law. Accordingly, the company clarifies the Personal Data Owner regarding the data supervisor, the purpose of data processing, to whom and with what purpose can the processed personal data be transferred, the method to collect personal data and for legal reasons. 

Data Supervisor: Patika Global Teknoloji

Address : ENG Aktaş Plaza, İçerenköy Mh. Kayışdağı Cd, Engin Sk. No:4 K:6, 34752

Mersis No: 

Trade Registry No

Phone 0 850 885 05 61

Website: https://patikaglobal.com/

Your personal data is processed to be used, saved, stored, updated, transferred and/or sorted to be used according to the purpose given below in line with the business purpose.  Accordingly, our company takes all the technical and administrative precautions to ensure the suitable safety level to prevent illegal personal data processing and access and to store your personal data.

1. METHOD TO COLLECT PERSONAL DATA

As expressed in the Privacy Policy, your personal data are collected and processed via all kinds of written, verbal, electronic means, image recording, filling out other forms on the website or belonging to our Company, contracts, surveys, interviews, electronic/digital platforms and sites, online channels including social media platforms, e-mail, sales, marketing activities in line with the our Protection, Storing and Destruction of Personal Data Policy, related Law and its provisions obtained from our representatives, employees or various channels.

2. PERSONAL DATA PROCESSING 

We can completely or partially process the personal data you automatically transfer, disclose and save automatically under the legal reasons defined in the law such as “provided that it is directly related to the establishment or performance of the contract, it is necessary to process the personal data of the parties to the contract, it is necessary for the data controller to fulfil its legal obligation” given in provision 5 of the related Law. When we express that we use your personal data in line with a request, order, transaction or agreement (or getting ready for these) or provide the requested services (for example, a demo request), we do that to execute an agreement signed with you. 

When there is open consent according to regulation provisions, we can process your personal data according to previously taken commercial electronic message permissions, to develop advertisement, marketing etc. activities and to promote the existing or new products and/or service and/or properties by our Company in line with the provisions of the Law.

3. GENERAL PROCESSING TERMS

If the Related Individual provides consent regarding a specific subject, based on information and free will, Personal Data may be processed in accordance with the scope and purpose of the declared consent. When the Personal Data is processed with open consent, the Related Individual always reserves the right to revoke the open consent. The revoke declaration will be effective when reached to the Data Supervisor and the processing operation will be stopped after this date. Even in this case, the Personal Data might be limitedly stored if there are any other legal reasons to store the Personal Data.

When there is no open consent, the Personal Data can be processed if one of the terms below occurs according to provision 5 of the related Law:

Clearly designated in the laws: Personal Data might be processed without the open consent of the Data Owner if there are clear provisions in the related laws to process the Personal Data. The data regarding the employee wage on the demand of the Tax Office is considered in this aspect.

When mandatory for the protection of the life or physical integrity of the person or another person, who is unable to express his/her consent due to actual impossibility or whose consent is not legally valid When mandatory for the protection of the life or physical integrity of the person or another person, who is unable to express his/her consent due to actual impossibility or whose consent is not legally valid, Personal Data can be processed with the open consent of the Data Owner. When medical intervention is necessary to unconscious individuals to protect the body integrity of that individual; processing the personal data such as name, surname, ID no, phone number to notify the relatives or perform intervention on the patient by learning the records from authorized health institutions.

When personal data of the agreement parties must be processed if it is directly related to making or executing an agreement: If it is directly related to making or executing an agreement, the Personal Data of the agreement parties can be processed limitedly without the open consent of the Data Owner. Bank and account information to make a payment under the agreement, receiver address information to deliver a product under an agreement are considered in this aspect. 

When mandatory for data supervisor to undertake liabilities: When there are any liabilities, Personal Data can be processed without the open consent of the Data Owner to execute these liabilities. Employer submitting the information of its employees or customers to the examination of the relevant public officials during a tax audit, using the bank and account information of the employee to pay the employee a salary, collecting the information of whether an individual is married, has dependents, whether the spouse is working or not, and social insurance information are considered in this aspect.

Data being public by the data owner: The Personal Data made public by the Data Owner can be processed without open consent by following the purposes to make the data public. Disclosing contact information, sharing employee phones and emails on the corporate website are considered in this aspect.

When data processing is mandatory to ensure, use or protect a right: Personal Data can be processed without the open consent of the Data Owner to ensure, use or protect a right of the Data Supervisor. After the end of the contract, documents such as invoices, contracts, bails are kept for these purposes against possible legal proceedings until the end of the statute of limitations, necessary information about an employee who has left the job is kept during the statute of limitations, in case of being a party to the lawsuit, data for claim/defence/proof submission to the file are considered in this aspect.

When data processing is mandatory for the legitimate interests of the data supervisor without damaging the basic rights and freedoms of the data owner: Data Supervisor can process the Personal Data without open consent and damaging Data Owner’s rights when deemed necessary for the legitimate interests of the data supervisor. Provided that it does not harm the basic rights and freedoms of the employees, the processing of the personal data of the employees for the arrangement of their promotions, salary increases or social rights, or in the distribution of duties and roles in the process of restructuring the enterprise are considered in this aspect. Patika Global follows the enforced regulation provisions when processing Personal Data, acts transparent and considers the interests and reasonable expectations of the Data Owner. Accordingly, Patika Global collect and/or process the Personal Data without notifying the Data Owner.

Correct and updated: Patika Global puts all the necessary care and effort to keep the processed Personal Data correct and updated. Accordingly, Patika Global keeps the channels to ensure correct and updated data and corrects the data when the Data Owner applies or identifies any incorrect information.

Processing for certain, open and legitimate purposes: Patika Global openly defines the Personal Data processing purposes as a clarification liability, notifies the Data Owner and processes the Personal Data in line with the related Law and for legitimate purposes.

Being connected to processing purpose and under limitations: Patika Global collects Personal Data only for certain purposes and as needed, pays attention to the fact that the data it collects is suitable for the realization of the purposes, avoids the processing of Personal Data that is not related to the realization of the purpose or is not needed, and uses Personal Data where required for the purpose.

Storage for the period required by the relevant legislation or for the purpose for which they are processed: Patika Global abides by the period stipulated in the legislation regarding the storage of Personal Data; if no period is foreseen, it will keep the data only for the period required for the purpose for which they are processed, and if there is no legally valid reason for the storage of the data, it will destroy the relevant data in accordance with other procedures specified in this contract or to be envisaged by the legislation or the Board decision.

4. PERSONAL DATA PROCESSING PURPOSE  

Recording information necessary to access you, such as password, IP address and browser settings, when using the online service or accessing one of our Websites, for the operation of a website and to comply with security and legal requirements regarding the operation of our site, Obtaining information about the actions you take during your visit in order to personalize your website experience, such as saving your preferences and settings, and to collect statistics that will help us improve and further develop our websites, products and services, 

Ensuring website security, website usage analysis, meeting requests via the contact form on the website, providing customers' membership on the website and sending a welcome e-mail based on these memberships Calling our company's call centre, providing call centre and remote support services, 

When you contact us online or offline in connection with an information request to order a product or service, request support, or participate in a forum or other social computing tool, fulfil your request, provide you with access to products or services, improve your user experience, provide support and being able to contact you,  

Carrying out advertising / campaign / promotion processes, carrying out marketing analysis studies, carrying out activities for customer satisfaction, carrying out the marketing processes of products / services and sending commercial messages in this context,

Offering products and services, Customizing the products and services offered in accordance with the demands, Updating and developing products and services due to customer needs / legal and technical developments, Executing the processes of commitment to the company / product / services, Executing the procurement processes of goods / services, Sales of goods / services and after-sales support services and return processes, Execution of goods / services production and operation processes, execution of marketing processes, Sending e-bulletins and information letters to customers within the scope of marketing, Participating in trainings, seminars or organizations organized by our company, Carrying out customer relationship management processes,

Providing information to authorized persons, institutions and organizations in the context of fulfilling legal obligations and requests of administrative authorities, protecting the rights of the Company and its employees, and defending these rights before authorized institutions and courts.  

In our relationships with customers or potential customers, solution partners and suppliers, they provide us with business-related contact information for purposes such as contract management, order management, delivery of products and services, support, invoicing, payment, service or relationship management (name, business contact information, employee position or title, contractors, consultants and authorized users etc.).

To ensure the physical security and control of the locations and ensuring workplace health and safety, we record the people who visit our locations (name, identity and business contact information) and use camera monitoring technology for the safety and security of people and their belongings, as well as legal regulations.

Your Personal Data might be processed to execute our company's human resources policies, Carrying out employee candidate / intern / student selection and placement processes, Carrying out the application processes of employee candidates, Fulfilling the obligations arising from employment contracts and legislation for employees, Carrying out fringe benefits and benefits processes for employees, Employee user account definition, Pool Vehicle tracking, Work computer/phone and e-mail address identification, Company identity and meal card issuance, Planning of human resources processes, Execution of occupational health / safety activities, Execution of performance evaluation processes, Foreign personnel work and residence permit procedures, Talent / career development Your personal data may be processed for the purpose of carrying out its activities. 

In addition to that, we can process your Personal Data for Execution of emergency management processes, Execution of information security processes, Execution of audit / ethical activities, Execution of risk management processes, Execution of training activities, Execution of access authorizations, Execution of strategic planning activities, Execution of activities in accordance with the legislation, Fulfilment of legal and contractual obligations, Finance, Law Monitoring and execution of accounting and physical space security, Execution of assignment processes, Execution / supervision of business activities, Receiving and evaluation of suggestions for the improvement of business processes, Organization and event management, Execution of contract processes, Execution of sponsorship activities, Execution of supply chain management processes, Execution of compensation policy, Investor relations, Management activities, Internal audit/investigation/intelligence activities, Requests/complaints Follow-up of social responsibility and non-governmental activities, Providing information to authorized persons, institutions and organizations. 

5. PERSONAL DATA TRANSFER

Our company might transfer your personal data:

To ensure the fulfilment of the purposes of establishing a business partnership with the business partner, including the companies from which we receive outsourcing services at home and abroad, 

To ensure that the services that our company provides from external suppliers and that are necessary to carry out our company's commercial activities are provided to our company, 

To ensure the execution of commercial activities that require the participation of our company, 

For the purposes of planning and auditing the strategies of our company's commercial activities, 

For our company to carry out its activities within the scope of the services to be provided to the customers we serve, 

For the purposes of designing the strategies and auditing of our company's commercial activities in accordance with the provisions of the legislation regarding our shareholders, 

For the purpose requested by Legally Authorized Public Institutions and Organizations and related public institutions and organizations within their legal authority, 

When requested by the Legally Authorized Private Law Persons within legal scope. 

Domestic Transfer

As expressed by provision 8 of the Law, our company can transfer your Personal Data and Private Data to domestic third parties:

without open consent when any of the exceptions expressed in our Protection of Personal Data Policy (by taking necessary precautions),

with open consent of the Data Owner when the exceptions expressed in our Protection of Personal Data Policy. 

Transfer to Abroad

As expressed by provision 9 of the Law, our company can transfer your Personal Data and Private Data to abroad third parties:

without open consent when any of the exceptions expressed in our Protection of Personal Data Policy (by taking necessary precautions Personal Data.

With sufficient protection, 

In the absence of sufficient protection, without seeking explicit consent, provided that the data controllers in Turkey and in the relevant foreign country undertake an adequate protection in writing and that the permission of the PPD Board is available,

In cases where the above-mentioned conditions cannot be met, it will be able to transfer it to a third party abroad, in accordance with any of the above-mentioned purposes, provided that the explicit consent of the Data Owner is obtained.

In accordance with the regulations of the Personal Data Law regarding the transfer of data in our company,

Third Parties Data Can Be Transferred

Transfer Purposes

Accounting Firm, Serviced Agencies, BES Firm, Life Insurance Firm, Legal Consultants, Health Insurance Firm, Payroll Firm, Financial Advisory Firm, Suppliers 

Within the scope of the products, services, services received, and the commercial, legal and contractual relations established with these persons, Personal Data can be transferred to these companies/persons, limited to the data and purposes that will need to be processed.

Employees

Personal Data belonging to other employees, customers and other persons that the employees need to contact in order to fulfil their duties can be shared with the employees in order to properly fulfil the duties undertaken by our company and employees within this scope and to ensure communication.

Event Sponsors

Personal Data may be transferred to sponsors to be used for the fulfilment of sponsorship activities and obligations and limited to what is necessary to achieve this purpose.

Real Persons or Private Law Legal Entities

Personal Data can be transferred to private legal persons who are legally authorized to request information and/or documents from our company, with their requests and limited to what must be legally transmitted.

Business Partners

Within the framework of the cooperation established and to ensure that the requirements of the cooperation are fulfilled, Personal Data can be transferred on a limited basis.

Shareholders

Personal Data may be shared with shareholders for the purposes of monitoring activities, determining and developing commercial strategies, auditing and informing shareholders.

Customers

Personal Data belonging to the employees can be shared with the customers in order to present the products and services received by the customers within the framework of the relationship between us and the customers.

Authorized Public Institutions and Organizations

Personal Data can be transferred to legally authorized public institutions and organizations, at their request and limited to what is legally required.

 

 

6. PROCESSED PERSONAL DATA CATEGORIES

The Personal Data that can be processed is divided into categories and given in the table below.

Personal Data Category

Definition

Identity Data

Data such as name-surname, mother-father name, mother's maiden name, date of birth, place of birth, marital status, identity card serial number, TR identity number.

Communication Data

Data such as address, e-mail address, contact address, registered e-mail address, telephone number.

Family Member/Relative Data

Data such as identity and communication of spouse, children, parents or relatives of the Data Owner.

Location Data

Data such as current location.

Personnel Data

Data such as payroll information, disciplinary investigation, employment document records, resume information, performance evaluation reports.

Legal Operation Data

Data such as information in correspondence with judicial authorities, information in the case file.

Customer Operation Data

Data such as call centre records, invoice, promissory note, check information, order information, request information.

Physical Space Safety Data

Data such as entry and exit registration information of employees and visitors, camera recordings.

Transaction Security Data

Data such as IP address information, website login and exit information, password and password information.

Risk Management Data

Data processed for commercial, technical and administrative risks.

Financial Data

Data such as balance sheet information, financial performance information, credit and risk information, asset information.

Occupational Experience Data

Data such as diploma information, courses attended, vocational training information, certificates, transcript information.

Occupational Data

Data such as position and title in previous firms.

Marketing Data

Data such as shopping history information, survey, cookie records, information obtained through campaign work.

Visual and Audio Records

Data such as visual and audio records.

Health Data

Data such as health information, disability information, blood group information, personal health information, device and prosthesis information.

Criminal Conviction and Security Measures

Data such as criminal convictions and security measures.

 

7. PERSON CATEGORY WHOSE PERSONAL DATA IS PROCESSED

The real persons whose Personal Data can be processed is given in the table below:

Relevant Person Category

Processable Data Category

Applicant

Identity Data, Communication Data, Legal Operation Data

Employee

Identity Data, Contact Data, Location Data, Personal Data, Legal Transaction Data, Customer Transaction Data, Physical Space Security, Transaction Security, Risk Management, Occupational Experience Data, Audio-Visual Records, Health Data, Criminal Conviction and Security Measures, Family Member/Relative Data

Employee Candidate

Identity Data, Contact Data, Personal Data, Occupational Experience Data, Audio-Visual Records, Health Data, Occupational Data

Event Participant

Identity Data, Communication Data, Occupational Data

Shareholder/Partner

Identity Data, Communication Data, Location Data, Legal Operation Data, Occupational Data

Collaborated Firms

Identity Data, Communication Data, Legal Operation Data, Financial Data

Collaborated Firm Employees

Identity Data, Communication Data, Occupational Data

Collaborated Firm Authorities

Identity Data, Communication Data, Occupational Data

Customer

Identity Data, Communication Data, Location Data, Legal Operation Data, Customer Operation Data, Marketing Data, Occupational Data

Customer Employee

Identity Data, Communication Data, Location Data, Legal Operation Data, Customer Operation Data, Marketing Data, Occupational Data

    Customer Authorities

Identity Data, Communication Data, Location Data, Legal Operation Data, Customer Operation Data, Marketing Data, Occupational Data

Lead 

Identity Data, Communication Data, Location Data, Customer Operation Data, Financial Data, Marketing Data, Occupational Data

Exam Candidate

Personnel Data, Occupational Experience Data

Intern

Identity Data, Contact Data, Family Member/Relative Data, Personnel Data, Physical Space Security, Transaction Security, Risk Management, Occupational Experience Data, Audio-Visual Records, Health Data, Criminal Conviction and Security Measures, Transaction Security Relative Data

Company Authorized Signatory

Identity Data, Communication Data, Physical Space Security

Other Individuals Related to Firm

Identity Data, Communication Data

Supplier

Financial Data

Supplier Employee

Identity Data, Communication Data, Legal Operation Data, Occupational Data, Criminal Conviction and Security Measures.

Supplier Authority

Identity Data, Communication Data, Legal Operation Data, Occupational Data

Representative

Identity Data, Communication Data, Legal Operation Data

Website Visitor

Identity Data, Communication Data

Board of Directors Member

Identity Data, Communication Data, Physical Space Security Data

Visitor

Identity Data, Communication Data, Physical Space Security Data, Transaction Security Data, Visual and Audio Records

 

8. PERSONAL DATA STORAGE 

The Personal Data collected by Patika Global can be stored in closed and/or secured areas such as unit/department lockets, or archives for hardcopies and on software, cloud, central server and company database for electronic data. Additionally, Personal Data can be stored on peripheral systems such as network device, flash-based media, magnetic tape, magnetic disk, mobile phone, optical disk, printer, door access/security system.

 

9. LEGAL, TECHNICAL AND OTHER REASONS TO STORE PERSONAL DATA

Patika Global stores the collected Personal Data throughout the duration necessitated by the data collection purpose. However, when the main purpose to collect the data no longer exists, Patika Global can store the data: 

To fulfil the legal responsibilities that have arisen or may arise, and in accordance with the measures and / or the periods stipulated in the laws,

To be able to carry out legal processes and to make effective and sufficient defences/claims, limited to the statute of limitations stipulated in the laws,

Data determined to be destroyed, at the latest until the next periodic destruction date,

 

10. TECHNICAL AND ADMISTRATIVE PRECAUTIONS TAKEN TO PREVENT ILLEGAL DATA PROCESSING AND ACCESS WHEN SECURELY STORING THE PERSONAL DATA

Network security and application security is ensured.

The security of the personal data stored in the cloud is ensured.

An authorization matrix is created for the employees.

Other-Data processing service providers with data security awareness are preferred.

Access logs are regularly kept.

Data masking is applied when necessary.       

The authorization of the employees with task change or job change are removed.

Up-to-date antivirus systems are used.

Firewalls are used.

The signed agreements include data security provisions.

Necessary precautions are taken at the entrance-exit of the physical environments that has personal data.

The security of the physical environments with personal data against external risks (fire, flood etc.) is ensured.

The security of the spaces with personal data is ensured.

The personal data is decreased as much as possible.

If the private personal data will be sent via electronic mail, this data is sent with a password and KEP or corporate email account.

Attack identification and prevention systems are used.

Encryption is applied.

Personal data transferred to portable memory, CD, DVD media are transferred by encrypting them.

Personal Data Process Authority is assigned to ensure the applicability and functionality of the Policy in the company.

11. LEGAL, TECHNICAL AND OTHER REASONS TO DESTROY PERSONAL DATA

Although it has been processed in accordance with the provisions of the law and other relevant laws, Personal Data will be destroyed by Patika Global, ex officio or upon the request of the Data Owner, in case all reasons requiring its processing and storage are eliminated. Other than that, Patika Global destroys the Personal Data for the following reasons:

In cases where the processing of Personal Data is based on explicit consent, the Data Owner's consent is withdrawn,

If the Data Owner requests the destruction of their Personal Data by using their specified rights, and the application is accepted by Patika Global or the request is approved by the Board as a result of a complaint to the KVKK Board, upon the rejection of this request,

The maximum period for storing the Personal Data in accordance with the purpose of processing has passed and there is no other legal reason requiring the Personal Data to be kept for a longer period of time.

12. TECHNICAL AND ADMISTRATIVE PRECAUTIONS TO DESTROY THE PERSONAL DATA IN LINE WITH RELATED LAWS

Destruction of Personal Data is carried out by applying deletion, destruction or anonymization methods according to the data recording medium and the nature of the data to be destroyed. To minimize the mistakes that might occur during the destruction process, https://patikaglobal.com/ applies the following technical and administrative precautions:

Before the destruction of Personal Data, the appropriate destruction method is determined according to the data recording medium.

Destruction is carried out by/under the supervision of employees who have sufficient knowledge of the destruction method to be applied or through expert persons or organizations under the obligation of confidentiality.

Employees are trained and informed about the periodic and duly destruction of Personal Data in the light of the Law, other legislation provisions regarding Personal Data, Board decisions and developments in these.

Regular controls are carried out within the company, the controls are documented, the issues that need improvement are determined and development activities are carried out accordingly.

Personal Data Process Authority is assigned to ensure the applicability and functionality of the Policy in the company.

13. STORAGE AND DESTRUCTION TIME

https://patikaglobal.com/ stores Personal Data for the period necessary for the purpose for which they are processed in accordance with the principles set forth in the Law. Personal Data may continue to be stored even if the purpose for which it was collected disappears, if it is necessary for https://patikaglobal.com/ to fulfil a legal obligation or if its legitimate interests justify it. After the expiry of these periods, Personal Data is deleted, destroyed or anonymized in the first periodic destruction process.

Periodic destruction period in Patika Global is 12 months. In the event that irreparable or impossible damages arise and there is a clear violation of the law, https://patikaglobal.com/ might shorten this period.

14. RIGHTS OF THE DATA OWNER AND USING THIS RIGHT

Data Owner can

Learn whether your personal data is processed.

Demand information if your personal data is processed.

Learn the purpose to process your personal data and whether such data is used purposefully.

Learn the third parties which can either be national or international that your personal data is transferred.

Ask for correction when your personal data is incorrect or missing and learn whether your data is transferred to third parties. 

Ask to delete or destroy your personal data, inform third parties about the correction, deletion or destruction of your personal data if the reason for data processing is no longer present while the data is processed according to the related law. 

Object to any results that might be detrimental for your when your processed data is exclusively analysed via automated systems.

Demand for compensation for the loss if your experience any losses due to illegal personal data processing Owner.

Pursuant to paragraph 1 of Article 13 of the KVK Law, you may submit your request to our Company to exercise your above-mentioned rights in writing or by other methods determined by the Personal Data Protection Board.

To exercise your above-mentioned rights, you can personally deliver your petition with the necessary information identifying your identity, send it via a notary public or other methods determined by the Personal Data Protection Board, and send it to [email protected] with secure electronic signature.

In cases where information is incomplete or incorrectly shared in the application, the request is not expressed clearly and intelligibly, the documents supporting the request are not transmitted at all or properly, a copy of the power of attorney is not attached in applications made by proxy, we may have difficulties in meeting your requests and there may be delays in the research process. Therefore, we kindly request you to follow these terms to use your rights. Our company shall not be held responsible for any such delays. Our company reserves its rights against erroneous, untrue/illegal, malicious applications.

15. ENFORCEMENT OF THE AGREEMENT

When the member registration is completed, the member is deemed to accept the terms in this Agreement and this Agreement is deemed to be enforced immediately. The agreement will automatically become void without the need for any warning with the termination of the membership or the realization of any of the termination conditions listed in this contract.

16. AUTHORIZED COURTS AND DISPUTE RESOLUTION

İstanbul Anadolu Courts and Execution Offices are the authorized courts for any conflicts arising from the application of this Agreement.

17. NOTIFICATION ADDRESSES

https://patikaglobal.com/ beforehand requests mail addresses from its members. However, the email address declared by the member to https://patikaglobal.com/ is accepted as the electronic mail for legal notifications regarding this agreement.

Unless the parties notify the other party in writing of changes in their current e-mails within 3 (three) days, they agree that requests to old e-mails will be valid and will be deemed to have been made to them.

 

Again, any notification that https://patikaglobal.com/ will make using the registered e-mail address of the member will be deemed to reach the member 1 (one) day after the e-mail is sent by https://patikaglobal.com/. The MEMBER declares, accepts and undertakes that he has read, understood and accepted all of the articles in this participation agreement and that he has approved the accuracy of the information he has given about the member.