Confidentiality Agreement

Protection of personal data is an important issue for Yüce Yazilim Software and Consultancy Company. Yüce Yazilim adopts the principles stipulated by the Law on the Protection of Personal Data No. 6698, processing, deleting, destroying, anonymizing, transferring, informing the person concerned and ensuring the security of the data. In this context, the Privacy and Personal Data Protection Policy is presented to the access of personal data (“Related Person”) whose personal data is processed. As the company, we attach great importance to all personal data related to our company, including those who benefit from all of our products and services is processed and maintained in accordance with the Personal Data Protection Act No. 6698 (KVK Law Firm). Being aware of this obligation, we process your personal data as defined below in the framework of the limits set by the legislation as "Data Responsible" as defined in the Law on KVK. 

 

  1. Scope and Purpose of Privacy and Personal Data Protection Policy This Privacy and Personal Data Protection Policy,
  • Yüce Yazilim Software and Consultancy Company,
  • Methods of collecting personal data and legal reasons,
  • The personal data of the contact groups (Data Owner Categorization),
  • In which categories personal data has been processed (Data Categories) and sample data types for these contact groups,
  • Which business processes are used and for what purposes,
  • Technical and administrative measures taken to ensure the security of personal data,
  • To whom and for what purpose personal data can be transferred,
  • Retention periods for personal data,
  • What are their rights on personal data and how they can use these rights,
  • How people can change their positive or negative preferences for receiving electronic business messages,
  • Disclose personal data sharing with authorities.

 

  1. Personal Data Collection Methods and Legal Causes collects Yüce Yazilim personal data websites, mobile applications of web sites, social media accounts, cookies, call center, notices from administrative and judicial authorities and other communication channels, in audio, electronic or written form and in accordance with the legal requirements of this Privacy / Personal Data Protection Policy. In this context, your personal data may be processed and transferred without explicit consent in the presence of explicit consent in the light of the principles stipulated in Article 4 (2) of the CGPC or in the presence of the conditions stipulated in Articles 5 (2) and 6 (3).
  2. Categorization of Data Subject Person Group Yüce Yazilim categorizes the data subject groups of people whose personal data is processed in the process of personal data processing and related activities. However, in accordance with the personal data processing requirements set forth in Articles 5 and 6 of the Law on KVK and the legal reasons mentioned in this Privacy / Personal Data Protection Policy, personal data of other groups of people (consultant, educator, blogger) can be processed.
    1. Customer / Member, Potential Customer / Member
    2. Online Visitor
    3. Members using the Payment Module
    4. Members of companies using a ticket system and having a commercial relationship.
  3. Technical and Administrative Measures Obtained to Ensure the Security of Data Yüce Yazilim undertakes to take all necessary technical and administrative measures to ensure the confidentiality, integrity, and security of your personal data and to take due care. Yüce Yazilim takes measure to prevent unauthorized access to personal data, misuse, unlawful processing, disclosure, alteration or destruction of personal data. Yüce Yazilim uses generally recognized security technology standards such as firewalls and Secure Socket Layer (SSL) encryption when processing personal data. In addition, when submitting your personal data to the Yüce Yazilim through the website, mobile application, and mobile site, this data is transmitted using SSL. In order to prevent unlawful access to personal data to the Yüce Yazilim, to prevent unlawful processing of such data and to protect personal data:
    • Protects all fields in the website or mobile application from which the personal data is received by SSL,
    • Establish and implement access authorization and control matrices for its employees so that the personal data collected from the website or mobile application cannot be treated unlawfully, 
    • To ensure that personal data is not accessed unlawfully, periodically perform infiltration tests, test the resistance of the system against unauthorized access,
    • It uses the Pseudonymization method for all secondary data processing except for the primary processing. Pseudonymous uses encryption methods on systems where this data is located to ensure that the person makes it impossible to detect, and applies a tighter access authorization and control policy to this data.
    • Personal data processed through third-party cookies are deleted from third-party systems if the membership is terminated. In case, Yüce Yazilim takes necessary information security measures, if personal data is damaged or unauthorized by third parties as a result of attacks on the platforms operated by Yüce Yazilim or the system. Yüce Yazilim will immediately notify you and Personal Data Protection Board and take necessary measures. You can review our Cookie Policy on the retention period of personal data obtained through cookies.
  4. Personal Data Sharing with Official Authorities Yüce Yazilim includes your traffic information such as your personal data and navigation information about your visit or membership to the electronic trading platforms and mobile applications operated by Yüce Yaziim. In order fort he Yüce Yazilim to perform its obligation under the law (such as fighting crime, treating state and public security, but not limited to legal or administrative obligation to provide notification or information of the Yüce Yazilim), the public shall be legally authorized to request such information. It will be able to share with institutions and organizations.
  1. Removal of Personal Data of Destruction and Pseudonymous Terms of All-pervading software, websites, personal data is resolved by mobile application of mobile site, REIT code, Articles 7, 17 and Turkish Criminal Code Article 138 in accordance with applicable laws, to predict the time and / or necessary treatment goals keep them for a while. In the case of expiry of these periods, the wiper shall destroy or anonymize in accordance with the provisions of the Regulation on the Deletion, Destruction or Anonymization of Personal Data. Deletion of personal data by the Yüce Yazilim refers to the process of making personal data inaccessible and unavailable for the concerned users. Yüce Yazilim creates and enforces the user-level access authorization and control matrix for this. It takes necessary measures to perform the deletion in the database. The destruction of personal data by Yuce Yazilim refers to the process of making personal data inaccessible, non-retrievable and re-usable by anyone. Anonymization of personal data by the Yuce Yazilim means that in no way personal data may be associate with an identifiable or identifiable individual, even if it is paired with other data. Yüce Yazilim describes methods and technical and administrative measures in detail to erase, destroy and anonymize the Personal Data Storage and Disposal Policy as per the Regulation on Deletion, Destruction or Anonymization of Personal Data. In this Policy, the period of periodic destruction to be carried out by the Regulation is set as 6 months.
  2. In Changes to Privacy / Personal Data Protection Policy, Yuce Yazilim may make changes to this Privacy / Personal Data Protection Policy at any time. These changes take effects immediately after the revised new Privacy / Personal Data Protection is issued. You will be informed about the changes in this Privacy / Personal Data Protection Policy.
  3. Article 11 fo the CTLR Your Rights as a Contact Person requests for your rights in writing, as well as your personal data owners and your identity documents with your written statement containing your comments about your right to use our company with address Dival Plus Baglar Neighborhood Mimar Sinan Street No. 35 / 278 Floor: 22 Istanbul Turkey personally or by registered mail return receipt if you forward, you demand foreseen under way KVKK evaluated by the Yuce Yazilim withing 30 (thirty) days. Although it is essential not to charge any fees in relation to the claims, the right of Yuce Yazilim to claim fees on the fee tariff set by the Personal Data Protection Board is reserved. KVKK's mad Exceptions, article 28, without prejudice to the provisions, pursuant to Article 11 of the KVKK rights by contacting our company with your personal data,

 

a) to learn whether it is processed

b) to request information regarding your personal data

c) to learn whether your personal data is used for the purpose and purpose of processing

d) to know the third parties in which your personal data is transferred domestically or abroad

e) to request the correction of your personal data if it is incomplete or incorrectly processed

f) to request the deletion or destruction of your personal data within the framework of the provision of Article 7 of the CTLB

g) to notify the third parties to which your personal data is transferred, in accordance with the above-mentioned paragraphs (d) and (e)

h) to appeal against the emergence of a result of your personal data being analyzed exclusively by automated systems

i) you have the right to demand that the loss is damaged if you incur losses due to the unlawful processing of your personal data.