Personal Data Processing and Security Policy

Personal Data Processing and Security Policy 

1. PURPOSE OF THE POLICY 

2. SCOPE OF THE POLICY 

3. AUTHORITIES AND RESPONSIBILITIES 

4. DEFINITIONS and ABBREVIATIONS 

5. PERSONAL DATA PROCESSED BY AGRON 

6. OUR METHODS OF COLLECTING PERSONAL DATA 

7. OUR PURPOSE OF PROCESSING PERSONAL DATA 

8. OUR LEGAL REASONS FOR PROCESSING PERSONAL DATA 

9. TRANSFER OF PERSONAL DATA 

10. STORAGE AND DISPOSAL OF PERSONAL DATA 

11. ENSURING THE SECURITY OF YOUR PERSONAL DATA 

12. YOUR RIGHTS REGARDING YOUR PERSONAL DATA AND APPLICATION 

13. REFERENCES AND BASIS 

14. RELATED DOCUMENT 







1. PURPOSE OF THE POLICY 

As Agron Turizm ve Ticaret Anonim Şirketi (“Agron”), we collect and process some of your personal data in accordance with the Personal Data Protection Law No. 

This Personal Data Processing and Protection Policy (“Policy”) has been prepared to determine and show the purposes for which your personal data is processed, to which third parties it is transferred, your rights regarding your personal data and Agron's obligations in terms of processing and protecting personal data. 

2. SCOPE OF THE POLICY 

This Policy covers our activities regarding the processing of the personal data we have obtained from the following persons: 

· Representative, attorney and shareholders of our company and group companies, 

· Employees and officials of our business partners, 

· Employees and officials of our suppliers, 

Our customers and potential customers, 

Our employee candidates, interns, trainee candidates and the people they refer to in their applications, 

· Family members of our employees, 

· Legally authorized persons, 

· Our visitors, 

· Other third parties. 

Explanations on the definitions of these person groups are included in Appendix-1. 

3. AUTHORITIES AND RESPONSIBILITIES 

Agron Employees: Within the scope of all our business activities, they are obliged to comply with this Policy and relevant legislation. 

Our suppliers are obliged to comply with this Policy and relevant legislation in all services they provide to Agron. 

Agron Senior Management: It is responsible for ensuring that all our business activities are carried out in accordance with this Policy. 

4. DEFINITIONS and ABBREVIATIONS 

The abbreviations in this Policy will be used for the following definitions: 



ABBREVIATIONS DEFINITIONS 

Agron Tourism and Trade Joint Stock Company 

Personal Data Any information relating to an identified or identifiable natural person. 

Special Qualified Personal 

Data Data on race, ethnicity, political thought, philosophical belief, religion, sect or other beliefs, dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures, and biometric and genetic data. 

Relevant Person Natural persons whose personal data are processed. 

Your Personal Data 

Processing Personal data is obtained, recorded, stored, preserved, modified, rearranged, disclosed, transferred, taken over, made available, classified, or otherwise fully or partially automated, or by non-automatic means, provided that it is a part of any data recording system. Any operation performed on the data, such as preventing its use. 

Explicit Consent Consent about a specific subject, based on information and expressed with free will. 

Anonymization Making personal data incapable of being associated with an identified or identifiable natural person in any way, even by pairing it with other data. 

KVK Law The Law on Protection of Personal Data No. 6698, dated March 24, 2016, published in the Official Gazette dated 7 April 2016 and numbered 29677. 

Board Personal Data Protection Board. 

Institution Personal Data Protection Authority. 

Policy Agron Turizm ve Ticaret Anonim Şirketi Personal Data Processing and Security Policy. 

Data Controller is the person who determines the purposes and means of processing personal data and manages the place where the data is kept systematically. 

Data Processor is the natural and legal person who processes personal data on behalf of the data controller, based on the authority given by the data controller.

5. PERSONAL DATA PROCESSED BY AGRON 

As a data controller, Agron processes the following personal data, including but not limited to those listed here, within the scope of its current activities: 

PERSONAL DATA GROUP PERSONAL DATA 

Identity Information Name, surname, T.C. Information such as Identity Number, photo, date and place of birth, marital status, driver's license information, passport number, identity card serial number. 

Contact Information Email, phone number, mobile phone, social media account information associated with the person. 

Location Information Information such as residence address, workplace address. 

Personnel Information Payroll information, disciplinary investigation, entry-exit document records, property declaration information, CV information, performance evaluation reports, SGK entry declarations, company title, tax registration and identification number, room registration number, reference information. 

Legal Transaction Information Information in correspondence with judicial authorities, information in the case file (executive information). 

Physical Space 

Security Information Entry-exit information of our customers and visitors to the campuses, records of CCTV in the campuses. 

Transaction Security Information IP address information and access logs. 

Financial Information Balance sheet information, financial performance information, credit and risk information, asset information, salary slips, IBAN information, payment amount, credit and debit card information, amount to be refunded, debt information. 

Professional Experience Information Diploma information, courses attended, in-service training information, certificates, transcript information. 

Marketing Information Shopping history, survey results, information obtained as a result of campaign work. 

Audio and Visual 

Recordings Audio recording, captured footage. 

Philosophical Faith, Religion, 

Sect and Other 

Beliefs Information on religious affiliation and philosophical belief. 

Association Membership Association membership information in the resumes of employee or trainee candidates. 

Foundation Membership Foundation membership information in the resumes of employee or trainee candidates. 

Health Information Blood group information, personal health information, information specified in the health report, disability status information. 

Criminal Conviction and 

Security Measures Criminal record, criminal conviction or security measure information in the criminal record. 

Family Members Information Name, surname, phone number information of the person's family members. 

Incident Detection Information Information contained in the minutes of events that occurred within the company. 

Personality Test Information Information obtained by the Company regarding the selection of supplier employees and the behavior, reactions and approach of employee candidates in the application processes. 

Professional Information Information on license and license numbers of prospective employees or their suppliers for jobs that require special licenses or licenses. 

Customer Transaction Information Invoice, promissory note, check information, membership information, customer request and complaint information, product information received and used. 



6. OUR METHODS OF COLLECTING PERSONAL DATA 

As Agron, we collect your personal data through the following channels: 

· Email, SMS, business cards, 

· Telephone, Fax, 

· CCTV (Closed Circuit Camera Records), 

Cookies and similar tracking technologies, 

· Physical form, 

· Our website, 

· Postal, cargo, courier, 

· Face-to-face meetings, 

· Other physical and electronic media. 

7. OUR PURPOSE OF PROCESSING PERSONAL DATA 

As Agron, we attach great importance to the privacy of your personal data we process and collect and process your personal data in accordance with the general principles and processing conditions specified in the KVK Law. In this context, we process your personal data limited to the following purposes: 

Providing our products and/or services and executing our sales processes, 

· Execution of our product and/or service purchasing processes, 

· Execution of our customer relations processes, 

· Managing our customer return and exchange request processes, 

· Examining and evaluating customer requests and complaints and communicating if necessary, 

Carrying out activities for customer satisfaction, 

· Updating, customizing and developing our products and services in line with your needs and demands, 

Sending e-mails, messages, newsletters and other publications about our new products or services, changes in our existing products or services, and our campaigns and promotions, 

Planning and execution of our communication processes, 

· Managing cookies in order to improve the experience of our visitors on our websites, to identify requests and problems, and to quickly conclude their searches. (For more detailed information, you can refer to our Cookie Policy), 

· Execution of our marketing activities and advertising/campaign/promotion processes, 

Conducting and supervising our business activities and ensuring business continuity, 

In accordance with the agreements made with the supplier, business partner and other third parties