Personal Data Protection Law
DATA SPEAKER: Gezairi Transport Nakliyat ve Ticaret A.Ş.
Dereboyu Caddesi Meydan Sokak No:1 Beybi Giz Plaza Floor:20 Flat 75-76 34398 Maslak/Sarıyer/Istanbul
Gezairi Transport Transport and Trade Inc. As (Data Controller), the following personal data are processed, stored and protected as:
- Your Identity Information: Your name, surname, name of your parents, date of birth, place of birth, gender, nationality, Turkish identity number, identity information, blood group and religion information obtained from your ID photocopy, if any, information about whether you are a signatory or not, your photo.
• Your Contact Information: Your address, phone number, e-mail address, KEP address if any.
• Your Customer Information: Your customer transaction information, your signature, the company information you work for, your tax information, information about your bank account, your professional experience information, your profession, duty and title information, your vehicle information, your information obtained within the scope of legal transactions, your tax number, instructions, requests and information regarding your complaints, your preferences and habits regarding our products and services.
• Your Transaction Security Information: Your MAC address, log records.
• Your Audio-Visual Information: Your photos and camera recordings.
For this reason, we would like to enlighten you as a Data Controller within the scope of the Personal Data Protection Law (Law) No. 6698.
- Personal Data Collection Method and Legal Reason
Your personal data; means “any information relating to an identified or identifiable natural person” collected in physical and electronic media for the purpose and scope specified in this clarification text.
Your personal data is “explicitly stipulated in the law” as stated in Article 5 of the Law, “provided that it is directly related to the establishment or performance of a contract, it is necessary to process the personal data of the parties to the contract”, “personal data processing is mandatory for the data controller to fulfill its legal obligation. It is processed on the basis of legal reasons such as “data processing is mandatory for the establishment, exercise or protection of a right” and “data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.”
In the absence of at least one of the legal reasons stated, your explicit consent will be asked for personal data processing. You can find the cases where your explicit consent is asked in the “Explicit Consent Form”.
- Purposes of Processing Personal Data
Your collected personal data;
• Execution of emergency management processes,
• Execution of information security processes,
• Conducting audit/ethics activities,
• Execution of access authorizations,
• Execution of activities in accordance with the legislation,
• Execution of finance and accounting works,
• Execution of company/product/service commitment processes,
• Ensuring physical space security,
• Execution of assignment processes,
• Follow-up and execution of legal affairs,
• Carrying out internal audit/investigation/intelligence activities,
• Execution of communication activities,
• Execution/supervision of business activities,
• Execution of occupational health/safety activities,
• Receiving and evaluating suggestions for improvement of business processes,
• Carrying out activities to ensure business continuity,
• Execution of logistics activities,
• Execution of goods/service purchasing processes,
• Execution of after-sales support services for goods/services,
• Execution of goods/service sales processes,
• Execution of goods/service production and operation processes,
• Execution of customer relationship management processes,
• Carrying out activities for customer satisfaction,
• Organization and event management,
• Execution of advertisement/campaign/promotion processes,
• Execution of risk management processes,
• Execution of storage and archive activities,
• Conducting social responsibility and civil society activities,
• Execution of contract processes,
• Execution of strategic planning activities,
• Follow-up of requests/complaints,
• Ensuring the security of movable property and resources,
• Execution of marketing processes of products/services,
• Ensuring the security of data controller operations,
• Execution of investment processes,
• Providing information to authorized persons, institutions and organizations,
• Execution of management activities,
• It will be processed for the purposes of creating and tracking visitor records.
However, if you give us your consent for the processing of your personal data, your personal data in question can be customized in line with your needs and wishes, measuring your satisfaction with products and services, developing and diversifying our products and services in line with your wishes and needs, providing the services of the company and its subsidiaries and affiliates. It will also be processed for the purposes of promoting and giving information about its activities, conducting marketing analysis studies, performing personalized campaigns, advertisements and promotions.
- Transfer of Personal Data:
Your personal data collected in accordance with the Law and the above articles; In accordance with the basic principles stipulated by the Law and within the personal data processing conditions and purposes specified in Articles 8 and 9 of the Law, and for the above-mentioned purposes, to our business partners and suppliers with whom we have a service relationship, and to our Data Controller business partners. are transferred to legally authorized public institutions, organizations and individuals.
- Your Rights as Personal Data Owner:
As a data owner, you can send your requests within the scope of Article 11 of the Law, which regulates the rights of the person concerned, to the above-mentioned data controller, in writing and with wet signature, in accordance with the “Communiqué on Application Procedures and Principles to the Data Controller”, electronically signed to email@example.com. tr, via firstname.lastname@example.org using your e-mail address, if any, with which you have contacted us before, or to our Company by other methods included in the Communiqué on Application Procedures and Principles to the Data Controller or Data Controller.
The Data Controller will conclude your request as soon as possible depending on the nature of your request and within 30 (thirty) days at the latest from the date of notification.
If you want to get detailed information about the processing of your personal data, you can take a look at the “Personal Data Protection and Processing Policy” on www.gezairi.com.
Information Systems General Standards and Security Policy
Employee Personal Data Protection and Processing Policy
Personal Data Retention and Disposal Policy
Personal Data Protection and Processing Policy
Crisis Response Procedure
Open Consent Form
Policy on Processing and Protection of Special Quality Personal Data